lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-ID: <80a5da81-0ed3-14bc-2e62-bd25f05de792@gmail.com>
Date:   Sun, 27 May 2018 13:31:17 -0700
From:   Florian Fainelli <f.fainelli@...il.com>
To:     Gerhard Wiesinger <lists@...singer.com>,
        Andrew Lunn <andrew@...n.ch>, initramfs@...r.kernel.org
Cc:     linux-kernel@...r.kernel.org
Subject: Re: B53 DSA switch problem on Banana Pi-R1 on Fedora 26 -
 systemd-networkd problem

Le 05/27/18 à 12:01, Gerhard Wiesinger a écrit :
> On 24.05.2018 08:22, Gerhard Wiesinger wrote:
>> On 24.05.2018 07:29, Gerhard Wiesinger wrote:
>>> After some analysis with Florian (thnx) we found out that the current
>>> implementation is broken:
>>>
>>> https://patchwork.ozlabs.org/patch/836538/
>>> https://github.com/torvalds/linux/commit/c499696e7901bda18385ac723b7bd27c3a4af624#diff-a2b6f8d89e18de600e873ac3ac43fa1d
>>>
>>>
>>> Florians comment:
>>>
>>> c499696e7901bda18385ac723b7bd27c3a4af624 ("net: dsa: b53: Stop using
>>> dev->cpu_port incorrectly") since it would result in no longer setting
>>> the CPU port as tagged for a specific VLAN. Easiest way for you right
>>> now is to just revert it, but this needs some more thoughts for a proper
>>> upstream change. I will think about it some more.
>>
>> Can confirm 4.14.18-200.fc26.armv7hl works, 4.15.x should be broken.
>>
>> # Kernel 4.14.x ok
>> https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux-stable.git/log/drivers/net/dsa/b53?h=v4.14.43
>>
>> # Kernel 4.15.x should be NOT ok
>> https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux-stable.git/log/drivers/net/dsa/b53?h=v4.15.18
>>
> 
> Kernel 4.14.18-300.fc27.armv7hl works well so far, even with FC28
> update. Florian send me a patch to try for 4.16.x

So does my patch make 4.16 work correctly for you now? If so, can I just
submit it and copy you?

> 
> I got the  commands below to work with manual script commands.
> Afterwards I wrote systemd-networkd config where I've a strage problem
> when IPv6 sends a multicast broadcast from another machine to the bridge
> this will be sent back via the network interface, but with the source
> MAC of the bridge of the other machine. dmesg from the other machine:
> [117768.330444] br0: received packet on lan0 with own address as source
> address (addr:a0:36:9f:ab:cd:ef, vlan:0)
> [117768.334887] br0: received packet on lan0 with own address as source
> address (addr:a0:36:9f:ab:cd:ef, vlan:0)
> [117768.339281] br0: received packet on lan0 with own address as source
> address (addr:a0:36:9f:ab:cd:ef, vlan:0)
> 
> And: If I just enter this command after e.g. a systemd-network restart
> everything is fine forever:
> # Not OK (dmesg message above is triggered on a remote computer, whole
> switching network gets unstable, ssh terminals close, packet loss, etc.)
> systemctl restart systemd-networkd
> # OK again when this command is entered
> bridge vlan add dev wan vid 102 pvid untagged
> 
> brctl show, ip link, bridge vlan, bridge link commands, etc. look all
> the same, also /sys/class/net/br0/bridge, /sys/class/net/br1/bridge
> settings
> 
> Systemd config correct?
> Any ideas?

You should not have eth0.101 and eth0.102 to be enslaved in a bridge at
all, this is what is causing the bridge to be confused. Remember what I
wrote to you before, with the current b53 driver that does not have any
tagging enabled the lanX interfaces and brX interfaces are only used for
control and should not be used for passing any data. The only network
device that will be passing data is eth0, which is why we need to set-up
VLAN interfaces to pop/push the VLAN id accordingly.

I have no idea why manual vs. systemd does not work but you can most
certainly troubleshoot that by comparing the bridge/ip outputs.

> 
> Thank you.
> 
> Ciao,
> Gerhard
> 
> brctl show
> bridge name     bridge id               STP enabled     interfaces
> br0             8000.665da2abcdef       no              eth0.101
>                                                         lan1
>                                                         lan2
>                                                         lan3
>                                                         lan4
> br1             8000.9a4557abcdef      no              eth0.102
>                                                         wan
> 
> 
> bridge vlan show
> port    vlan ids
> lan2     101 PVID Egress Untagged
> 
> lan3     101 PVID Egress Untagged
> 
> lan4     101 PVID Egress Untagged
> 
> wan      102 PVID Egress Untagged
> 
> lan1     101 PVID Egress Untagged
> 
> br1     None
> br0     None
> eth0.102        None
> eth0.101        None
> 
> ================================================================================================================================================================
> 
> 
> OK: manual scripts
> 
> ================================================================================================================================================================
> 
> 
> ip link add link eth0 name eth0.101 type vlan id 101
> ip link set eth0.101 up
> ip link add link eth0 name eth0.102 type vlan id 102
> ip link set eth0.102 up
> ip link add br0 type bridge
> ip link set dev br0 type bridge stp_state 0
> ip link set lan1 master br0
> bridge vlan add dev lan1 vid 101 pvid untagged
> ip link set lan1 up
> ip link set lan2 master br0
> bridge vlan add dev lan2 vid 101 pvid untagged
> ip link set lan2 up
> ip link set lan3 master br0
> bridge vlan add dev lan3 vid 101 pvid untagged
> ip link set lan3 up
> ip link set lan4 master br0
> bridge vlan add dev lan4 vid 101 pvid untagged
> ip link set lan4 up
> ip link set eth0.101 master br0
> ip link set eth0.101 up
> ip link set br0 up
> ip link add br1 type bridge
> ip link set dev br1 type bridge stp_state 0
> ip link set wan master br1
> bridge vlan add dev wan vid 102 pvid untagged
> ip link set wan up
> ip link set eth0.102 master br1
> ip link set eth0.102 up
> ip link set br1 up
> ip addr flush dev br0
> ip addr add 192.168.0.250/24 dev br0
> ip route del default via 192.168.0.1 dev br0
> ip route add default via 192.168.0.1 dev br0
> ip addr flush dev br1
> ip addr add 192.168.1.1/24 dev br1
> 
> 
> ================================================================================================================================================================
> 
> 
> NOK: after a multicast packet is received
> 
> ================================================================================================================================================================
> 
> 
> ================================================================================
> 
> = /etc/systemd/network/40-autogen-eth0.101.netdev
> ================================================================================
> 
> [NetDev]
> Name=eth0.101
> Kind=vlan
> 
> [VLAN]
> Id=101
> ================================================================================
> 
> = /etc/systemd/network/40-autogen-eth0.102.netdev
> ================================================================================
> 
> [NetDev]
> Name=eth0.102
> Kind=vlan
> 
> [VLAN]
> Id=102
> ================================================================================
> 
> = /etc/systemd/network/40-autogen-eth0.network
> ================================================================================
> 
> [Match]
> Name=eth0
> 
> [Network]
> VLAN=eth0.101
> VLAN=eth0.102
> ================================================================================
> 
> = /etc/systemd/network/50-autogen-br0.netdev
> ================================================================================
> 
> [NetDev]
> Name=br0
> Kind=bridge
> 
> [Bridge]
> DefaultPVID=none
> VLANFiltering=false
> STP=false
> ================================================================================
> 
> = /etc/systemd/network/50-autogen-br1.netdev
> ================================================================================
> 
> [NetDev]
> Name=br1
> Kind=bridge
> 
> [Bridge]
> DefaultPVID=none
> VLANFiltering=false
> STP=false
> ================================================================================
> 
> = /etc/systemd/network/60-autogen-br0-eth0.101.network
> ================================================================================
> 
> [Match]
> Name=eth0.101
> 
> [Network]
> Bridge=br0
> ================================================================================
> 
> = /etc/systemd/network/60-autogen-br0-lan1.network
> ================================================================================
> 
> [Match]
> Name=lan1
> 
> [Network]
> Bridge=br0
> 
> [BridgeVLAN]
> VLAN=101
> EgressUntagged=101
> PVID=101
> ================================================================================
> 
> = /etc/systemd/network/60-autogen-br0-lan2.network
> ================================================================================
> 
> [Match]
> Name=lan2
> 
> [Network]
> Bridge=br0
> 
> [BridgeVLAN]
> VLAN=101
> EgressUntagged=101
> PVID=101
> ================================================================================
> 
> = /etc/systemd/network/60-autogen-br0-lan3.network
> ================================================================================
> 
> [Match]
> Name=lan3
> 
> [Network]
> Bridge=br0
> 
> [BridgeVLAN]
> VLAN=101
> EgressUntagged=101
> PVID=101
> ================================================================================
> 
> = /etc/systemd/network/60-autogen-br0-lan4.network
> ================================================================================
> 
> [Match]
> Name=lan4
> 
> [Network]
> Bridge=br0
> 
> [BridgeVLAN]
> VLAN=101
> EgressUntagged=101
> PVID=101
> ================================================================================
> 
> = /etc/systemd/network/60-autogen-br1-eth0.102.network
> ================================================================================
> 
> [Match]
> Name=eth0.102
> 
> [Network]
> Bridge=br1
> ================================================================================
> 
> = /etc/systemd/network/60-autogen-br1-wan.network
> ================================================================================
> 
> [Match]
> Name=wan
> 
> [Network]
> Bridge=br1
> 
> [BridgeVLAN]
> VLAN=102
> EgressUntagged=102
> PVID=102
> ================================================================================
> 
> = /etc/systemd/network/61-autogen-br0.network
> ================================================================================
> 
> [Match]
> Name=br0
> 
> [Network]
> Address=192.168.0.250/24
> Gateway=192.168.0.1
> DNS=192.168.0.1
> Domains=intern
> ================================================================================
> 
> = /etc/systemd/network/61-autogen-br1.network
> ================================================================================
> 
> [Match]
> Name=br1
> 
> [Network]
> Address=192.168.1.1/24
> 


-- 
Florian

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ