lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [day] [month] [year] [list]
Message-ID: <8bba8376-95f8-42d0-a6c2-6ea88f684113@lunn.ch>
Date:   Mon, 27 Mar 2023 15:55:42 +0200
From:   Andrew Lunn <andrew@...n.ch>
To:     Fabio Estevam <festevam@...il.com>
Cc:     olteanv@...il.com, davem@...emloft.net, kuba@...nel.org,
        netdev@...r.kernel.org, steffen@...osonix.de,
        Fabio Estevam <festevam@...x.de>
Subject: Re: [RFC] net: dsa: mv88e6xxx disable IGMP snooping on cpu port

On Mon, Mar 27, 2023 at 10:48:32AM -0300, Fabio Estevam wrote:
> From: Steffen Bätz <steffen@...osonix.de>
> 
> Don't enable IGMP snooping on CPU ports because the IGMP JOIN
> packet would never forward to the next bridge, but loop back to
> the actual cpu port.
> 
> The mv88e6320 manual describes the MV88E6XXX_PORT_CTL0_IGMP_MLD_SNOOP
> bit as follows:
> 
> "IGMP and MLD Snooping. When this bit is set to a one and this port
> receives an IPv4 IGMP frame or an IPv6MLD frame, the frame is switched
> to the CPU port overriding the destination ports determined by the DA
> mapping.
> When this bit is cleared to a zero IGMP/MLD frames are not treated
> specially.
> IGMP/MLD Snooping is intended to be used on Normal Network or Provider
> ports only (see Frame Mode bits
> below) and only if Cut Through (88E6632 only) is disabled on the port
> (Port offset 0x1F) as the IPv6 Snoop point may be after byte 64."
> 
> If this bit is set (it was set at ALL ports), the mv88e6320 will snoop
> for any IGMP messages, and route them to the configured CPU port. This
> will hinder any outgoing IGMP messages from the CPU from leaving the
> switch, since they are immediately looped back to the CPU itself.

Hi Fabio, Steffen

It seems like you need the same change for DSA ports as well?

I did test IGMP snooping many years ago and it seemed to work. Has
there been any recent change in this code? Or is any of this behaviour
specific to the 6320? I probably tested using 6352, or 6390.

	 Andrew

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ