| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Mon, 26 Aug 2019 09:59:33 +0200 (CEST)
From: Jan Engelhardt <jengelh@...i.de>
To: Florian Westphal <fw@...len.de>
cc: Rundong Ge <rdong.ge@...il.com>, davem@...emloft.net,
kuznet@....inr.ac.ru, yoshfuji@...ux-ipv6.org,
netdev@...r.kernel.org, pablo@...filter.org, kadlec@...filter.org,
roopa@...ulusnetworks.com, netfilter-devel@...r.kernel.org,
coreteam@...filter.org, bridge@...ts.linux-foundation.org,
nikolay@...ulusnetworks.com, linux-kernel@...r.kernel.org
Subject: Re: [PATCH] bridge:fragmented packets dropped by bridge
On Tuesday 2019-07-30 14:35, Florian Westphal wrote:
>Rundong Ge <rdong.ge@...il.com> wrote:
>> Given following setup:
>> -modprobe br_netfilter
>> -echo '1' > /proc/sys/net/bridge/bridge-nf-call-iptables
>> -brctl addbr br0
>> -brctl addif br0 enp2s0
>> -brctl addif br0 enp3s0
>> -brctl addif br0 enp6s0
>> -ifconfig enp2s0 mtu 1300
>> -ifconfig enp3s0 mtu 1500
>> -ifconfig enp6s0 mtu 1500
>> -ifconfig br0 up
>>
>> multi-port
>> mtu1500 - mtu1500|bridge|1500 - mtu1500
>> A | B
>> mtu1300
>
>How can a bridge forward a frame from A/B to mtu1300?
There might be a misunderstanding here judging from the shortness of this
thread.
I understood it such that the bridge ports (eth0,eth1) have MTU 1500, yet br0
(in essence the third bridge port if you so wish) itself has MTU 1300.
Therefore, frame forwarding from eth0 to eth1 should succeed, since the
1300-byte MTU is only relevant if the bridge decides the packet needs to be
locally delivered.
Powered by blists - more mailing lists