lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Date:   Thu, 9 Nov 2017 12:35:32 -0800
From:   Florian Fainelli <f.fainelli@...il.com>
To:     Andrew Lunn <andrew@...n.ch>
Cc:     Vivien Didelot <vivien.didelot@...oirfairelinux.com>,
        David Miller <davem@...emloft.net>,
        netdev <netdev@...r.kernel.org>, idosch@...lanox.com,
        jiri@...lanox.com
Subject: Re: [PATCH v3 net-next 0/5] IGMP snooping for local traffic

+Ido, Jiri,

On 11/09/2017 12:21 PM, Andrew Lunn wrote:
> On Thu, Nov 09, 2017 at 11:38:26AM -0800, Florian Fainelli wrote:
>> On 11/09/2017 11:30 AM, Andrew Lunn wrote:
>>>> This means that switchdev drivers won't ever have to treat a HOST_MDB
>>>> notification any differently than a PORT_MDB notification
>>>
>>> No, they need to treat it very differently. 
>>
>> Allow me to rephrase, switchdev drivers will ignore HOST_MDB
>> notifications because that does not resolve to something they can do
>> something about.
> 
> Hi Florian
> 
> Yes, they can. In fact, if they want to support IGMP snooping on the
> bridge interface, they have to. How else do they know to forward
> traffic to the host?

On a switchdev fabric, you need to have at least one user-facing port be
a member of the bridge, and when the switchdev driver configures that,
it should just make the IGMP packets trap to the management interface
such that they can be delivered from the port member to the bridge
network device (br0). In that case, I don't really see why you would
need to send a HOST_MDB message to a switchdev fabric, since that should
be part of enslaving the port to the bridge in the first place and
appropriately configure the management interface to get IGMP snooping,
BDPU etc.

> 
>> Fine, then add a boolean to the PORT_MDB notification that says ingress
>> or egress and voila, or am I missing something?
> 
> But since the semantics are so different, why not just have a
> different messages?
> 
> 	  Andrew
> 


-- 
Florian

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ