lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Date:	Tue, 17 Mar 2015 08:00:46 +0100
From:	Jiri Pirko <jiri@...nulli.us>
To:	John Fastabend <john.fastabend@...il.com>
Cc:	"Arad, Ronen" <ronen.arad@...el.com>,
	Netdev <netdev@...r.kernel.org>,
	Roopa Prabhu <roopa@...ulusnetworks.com>,
	Scott Feldman <sfeldma@...il.com>,
	"David S. Miller" <davem@...emloft.net>
Subject: Re: [PATCH net-next] rocker: check for BRIDGE_FLAGS_SELF in bridge
 setlink handler

Mon, Mar 16, 2015 at 11:01:30PM CET, john.fastabend@...il.com wrote:
>[...]
>
>>
>>>If this position is accepted, it would be best to enforce it, possibly in
>>>rtnl_bridge_setlink().
>>>My recollection is that others asked to preserve use-cases where SELF flag
>>>is used for targeting port devices directly without using a bridge device.
>>
>>I know it is possible, and it is incorrect and hacky. But it is part of
>>user api :/ I think we should not abuse this more in the future and
>>rather make the api correct and use that.
>>
>
>Working my way through my backlog of email sorry for the days delay.
>
>Jiri, are you suggesting it is incorrect to configure the hardware L2
>independent of bridge device? There is absolutely use cases for this.
>
>The case being we want the hardware to do L2 learning via fdb and then
>when flows get 'trapped' into software we want to handle them
>differently. Possibly send them onto a specific application for logging.

Yes, but that can be done in transparent way, exposing hw ports, having
them in bridge/ovs/whatever. Same as we do with rocker.

>
>I'm at a loss around what use "really" running the bridge in software
>is. There shouldn't be packets traversing the software path and if they
>are being sent onto software I really can't think of any use case I
>would want to run them through the software bridge. More likely I want
>to run OVS or some equivalent controller-based software to forward them
>"specially" to the correct software/controller/port.
>
>My current use case is L2/L3 on the hardware, OVS and applications in
>software. I don't think this is broken or hacky. This means no bridge
>in software but programming the L2 bridge in hardware.
>
>.John
>
>
>-- 
>John Fastabend         Intel Corporation
--
To unsubscribe from this list: send the line "unsubscribe netdev" in
the body of a message to majordomo@...r.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ