lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Message-ID: <20110819022731.GC180151@jupiter.n2.diac24.net>
Date:	Fri, 19 Aug 2011 04:27:31 +0200
From:	David Lamparter <equinox@...c24.net>
To:	Stephen Hemminger <shemminger@...tta.com>
Cc:	Nick Carter <ncarter100@...il.com>,
	Ed Swierk <eswierk@...switch.com>, netdev@...r.kernel.org,
	David Lamparter <equinox@...c24.net>,
	bridge@...ux-foundation.org
Subject: Re: [RFC] bridge: allow passing link-local multicast

On Thu, Aug 18, 2011 at 09:39:41AM -0700, Stephen Hemminger wrote:
> On Thu, 18 Aug 2011 16:52:45 +0100
> Nick Carter <ncarter100@...il.com> wrote:
> 
> > On 18 August 2011 16:10, Stephen Hemminger <shemminger@...tta.com> wrote:
> > > On Thu, 18 Aug 2011 16:06:19 +0100
> > > Nick Carter <ncarter100@...il.com> wrote:
> > >
> > >> Why can't we use the 802.1D specified STP group address to identify ?
> > >> The existing code uses that address.
> > >> I know you said on another thread that there are people using other addresses.
> > >> Who are these people ?
> > >> Are they following any standard ?
> > >> What address / address range are they using ?
> > >
> > > The group address can be reprogrammed, and it is settable on other
> > > routing equipment. People do it to create spanning tree domains.

I just checked my hardware switches. Neither my Cisco devices nor my HP
ProCurves can reprogram the spanning tree address.

Can you provide an example? Even Linux can't do this, can it?

> > But before the new
> > +               if (!is_stp_bpdu(skb) && br_forward_link_local)
> > check, we have already checked
> > 	if (unlikely(is_link_local(dest))) {
> > So the frame must have a link local destination.  If the reprogrammed
> > group address is outside of the link local range then the new code in
> > this patch will never be hit.  If the reprogrammed group address is in
> > the link local range then i'd suggest my previous group_fwd_mask patch
> > is cleaner and more flexible.
> 
> The problem is that the group_fwd_mask is specific to the address
> not the protocol.

Until corrected, I would consider either match a valid option, and I
would say Nick's patch is much cleaner than yours.

Also, you're arguing against yourself, saying that matching the address
is a problem, but the code you're proposing does exactly that - it first
matches the address (is_link_local()), then the protocol. (wtf?)


-David

--
To unsubscribe from this list: send the line "unsubscribe netdev" in
the body of a message to majordomo@...r.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ