lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [day] [month] [year] [list] 
Message-ID: <87r1kfmr2r.fsf@kurt>
Date:   Tue, 16 Mar 2021 09:38:04 +0100
From:   Kurt Kanzenbach <kurt@...utronix.de>
To:     Vladimir Oltean <olteanv@...il.com>,
        Kurt Kanzenbach <kurt@...-computers.de>
Cc:     Andrew Lunn <andrew@...n.ch>,
        Vivien Didelot <vivien.didelot@...il.com>,
        Florian Fainelli <f.fainelli@...il.com>,
        "David S. Miller" <davem@...emloft.net>,
        Jakub Kicinski <kuba@...nel.org>, netdev@...r.kernel.org
Subject: Re: [PATCH net-next] net: dsa: hellcreek: Offload bridge port flags

On Mon Mar 15 2021, Vladimir Oltean wrote:
> On Mon, Mar 15, 2021 at 09:33:44PM +0100, Kurt Kanzenbach wrote:
>> On Mon Mar 15 2021, Vladimir Oltean wrote:
>> > On Sun, Mar 14, 2021 at 01:52:08PM +0100, Kurt Kanzenbach wrote:
>> >> +	if (enable)
>> >> +		val &= ~HR_PTCFG_UUC_FLT;
>> >> +	else
>> >> +		val |= HR_PTCFG_UUC_FLT;
>> >
>> > What does 'unknown unicast filtering' mean/do, exactly?
>> > The semantics of BR_FLOOD are on egress: all unicast packets with an
>> > unknown destination that are received on ports from this bridging domain
>> > can be flooded towards port X if that port has flooding enabled.
>> > When I hear "filtering", I imagine an ingress setting, am I wrong?
>> 
>> It means that frames without matching fdb entries towards this port are
>> discarded.
>
> The phrasing is still not crystal clear, sorry.
> You have a switch with 2 user ports, lan0 and lan1, and one CPU port.
> lan0 and lan1 are under br0. lan0 has 'unknown unicast filtering'
> disabled, lan1 has it enabled, and the CPU port has it disabled.
> You receive a packet from lan0 towards an unknown unicast destination.
> Is the packet discarded or is it sent to the CPU port?

It's sent to the CPU port. Anyway, I'll double check it.

Thanks,
Kurt

Download attachment "signature.asc" of type "application/pgp-signature" (833 bytes)

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ