lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Date:	Thu, 26 Dec 2013 14:57:21 +0100 (CET)
From:	Alexandre DERUMIER <aderumier@...so.com>
To:	Toshiaki Makita <makita.toshiaki@....ntt.co.jp>
Cc:	netdev@...r.kernel.org
Subject: Re: bridge vlan_filtering don't work with tap devices (qemu guests)

Hello Again,

One more question :

If I use tcpdump on br0, I don't see any tagged vlan10 packets on the bridge.
with 
# bridge vlan add dev tap0 vid 10 pvid untagged 
# bridge vlan add dev tap1 vid 10 pvid untagged 


What I would like to do, is tagging vlan10, incoming (untagged) packets from tap0 and tap1.

Is it possible ?

With openvswitch, I can do it simply with "ovs-vsctl set port tap0 tag=10"

----- Mail original ----- 

De: "Alexandre DERUMIER" <aderumier@...so.com> 
À: "Toshiaki Makita" <makita.toshiaki@....ntt.co.jp> 
Cc: netdev@...r.kernel.org 
Envoyé: Mardi 24 Décembre 2013 20:28:55 
Objet: Re: bridge vlan_filtering don't work with tap devices (qemu guests) 

>>If you want to send untagged frames, please try to make configuration 
>>like this: 
>># bridge vlan add dev tap0 vid 10 pvid untagged 
>># bridge vlan add dev tap1 vid 10 pvid untagged 
>> 
>>Thanks, 
>>Toshiaki Makita 

Thank you ! It's working now. 
I thinked that "untagged" was for not tagging from the bridge, I understand now. 

Thanks again and merry Xmas ! 


----- Mail original ----- 

De: "Toshiaki Makita" <makita.toshiaki@....ntt.co.jp> 
À: "Alexandre DERUMIER" <aderumier@...so.com> 
Cc: netdev@...r.kernel.org 
Envoyé: Mardi 24 Décembre 2013 13:45:05 
Objet: Re: bridge vlan_filtering don't work with tap devices (qemu guests) 

On Mon, 2013-12-23 at 17:02 +0100, Alexandre DERUMIER wrote: 
> Hello, 
> 
> I'm trying to use vlan_filtering on bridge. 
> 
> setup is : 2 qemu virtual machines (tap0 and tap1), plugged in a bridge br0. 
> virtual machines don't tag packets. 
> 
> 
> qemuvm1 eth0 --tap0----->br0<-------tap1---qemuvm2 eth0. 
> 
> 
> with vlan_filtering disable, both vms can ping together. 
> 
> 
> If I enabled filtering 
> 
> #echo 1 > /sys/class/net/br0/bridge/vlan_filtering 
> 
> Both vms cannot ping together anymore. 
> 
> So, I have tried to put vlan on tap interfaces with 
> 
> #bridge vlan add dev tap0 vid 10 
> #bridge vlan add dev tap1 vid 10 

If you want to send untagged frames, please try to make configuration 
like this: 
# bridge vlan add dev tap0 vid 10 pvid untagged 
# bridge vlan add dev tap1 vid 10 pvid untagged 

Thanks, 
Toshiaki Makita 

> #bridge vlan show 
> port vlan ids 
> br0 None 
> tap0 10 
> tap1 10 
> 
> 
> 
> But, it doesn't work. 
> 
> tcpdump on bridge (tcpdump -i br0 -e -n) or in destination qemu (tcpdump -i eth0 -e -n) , don't see any packet 
> 
> any idea ? 
> 
> Regards, 
> 
> Alexandre Derumier 
> -- 
> To unsubscribe from this list: send the line "unsubscribe netdev" in 
> the body of a message to majordomo@...r.kernel.org 
> More majordomo info at http://vger.kernel.org/majordomo-info.html 
-- 
To unsubscribe from this list: send the line "unsubscribe netdev" in 
the body of a message to majordomo@...r.kernel.org 
More majordomo info at http://vger.kernel.org/majordomo-info.html 
--
To unsubscribe from this list: send the line "unsubscribe netdev" in
the body of a message to majordomo@...r.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ