lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Message-ID: <20181231134715.3f5690c6@cakuba.hsd1.ca.comcast.net>
Date:   Mon, 31 Dec 2018 13:47:15 -0800
From:   Jakub Kicinski <jakub.kicinski@...ronome.com>
To:     Bartek Kois <bartek.kois@...il.com>
Cc:     netdev@...r.kernel.org
Subject: Re: Problem with queuing vlan tagged packets after migration from
 3.16.0 to 4.9.0

On Sat, 29 Dec 2018 13:52:23 +0100, Bartek Kois wrote:
> Hi,
> I`ve got problem while queuing with HFSC vlan tagged packets after 
> migrating my tc scripts from Debian 8.2 (3.16.0-4-amd64) to Debian 9.5 
> (4.9.0-6-amd64). tc filters added to eth1 do not classify correctly src 
> and dst ip addresses anymore if they are encapsulated with vlan tag 
> which wasn`t a problem previously. It works fine if I run them without 
> vlan tagging oraz if the root device is a vlan (eg. tc filter add dev 
> eth1.20). Could you please help me find out what has changed in kernel 
> between those two versions and what is walkaround for that problem?

Could this be related to your device driver not stripping VLAN tags by
default any more?  Just a short in the dark..  Try:

$ ethtool -k lo | grep vlan

on working vs broken setup.  What is your HW/device driver?

> Example of my classification filters:
> 
> tc filter add dev eth1 parent 1:0 prio 4 protocol ip u32
> tc filter add dev eth1 parent 1:0 prio 4 handle ${NETWORK_GROUP_HEX}: 
> protocol ip u32 divisor 256
> tc filter add dev eth1 protocol ip parent 1:0 prio 4 u32 ht 800:: match 
> ip dst ${NETWORK_ADDRESS}/24 hashkey mask 0x000000ff at 16 link 
> ${NETWORK_GROUP_HEX}:
> tc filter add dev eth1 parent 1:0 protocol ip prio 4 u32 ht 
> ${NETWORK_GROUP_HEX}:0x${ADDR_Q4_HEX} match ip dst $ADDR classid 
> 1:${MARK_NORMAL}
> 
> 
> Best regards
> Bartek Kois

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ