Re: do not forward 802.1D reserved addresses in bridge(4)
On Thu, Oct 28, 2010 at 06:56:24PM +0200, Paul de Weerd wrote:
| Currently, our bridge(4) code forwards ethernet frames with
| destination MAC address 01:80:C2:00:00:0X, except for X=0 (STP BPDUs).
| This is not allowed according to 802.1D-2004, section 7.12.6: these
| addresses are reserved (and currently used by eg. LLDP). In turn,
| this causes issues for ports such as net/ladvd.
|
| This will filter out those reserved addresses and not forward them.
| Please test and report success or failure directly to me.
Updated diff after changes by mpf@ (small offset change, otherwise
identical diff). Any comments / oks ?
Thanks,
Paul 'WEiRD' de Weerd
Index: if_bridge.c
===
RCS file: /cvs/src/sys/net/if_bridge.c,v
retrieving revision 1.187
diff -u -r1.187 if_bridge.c
--- if_bridge.c 31 Oct 2010 15:14:30 - 1.187
+++ if_bridge.c 1 Nov 2010 22:07:32 -
@@ -1415,10 +1415,23 @@
bridge_span(sc, eh, m);
if (m-m_flags (M_BCAST | M_MCAST)) {
- /* Tap off 802.1D packets, they do not get forwarded */
- if (bcmp(eh-ether_dhost, bstp_etheraddr, ETHER_ADDR_LEN) == 0)
{
- bstp_input(sc-sc_stp, ifl-bif_stp, eh, m);
- return (NULL);
+ /*
+* Reserved destination MAC addresses (01:80:C2:00:00:0x)
+* should not be forwarded to bridge members according to
+* section 7.12.6 of the 802.1D-2004 specification. The
+* STP destination address (as stored in bstp_etheraddr)
+* is the first of these.
+*/
+ if (bcmp(eh-ether_dhost, bstp_etheraddr, ETHER_ADDR_LEN - 1)
+ == 0) {
+ if (eh-ether_dhost[ETHER_ADDR_LEN - 1] == 0) {
+ /* STP traffic */
+ bstp_input(sc-sc_stp, ifl-bif_stp, eh, m);
+ return (NULL);
+ } else if (eh-ether_dhost[ETHER_ADDR_LEN - 1] = 0xf) {
+ m_freem(m);
+ return (NULL);
+ }
}
/*
--
[++-]+++.+++[---].+++[+
+++-].++[-]+.--.[-]
http://www.weirdnet.nl/
do not forward 802.1D reserved addresses in bridge(4)
Currently, our bridge(4) code forwards ethernet frames with
destination MAC address 01:80:C2:00:00:0X, except for X=0 (STP BPDUs).
This is not allowed according to 802.1D-2004, section 7.12.6: these
addresses are reserved (and currently used by eg. LLDP). In turn,
this causes issues for ports such as net/ladvd.
This will filter out those reserved addresses and not forward them.
Please test and report success or failure directly to me.
Thanks,
Paul 'WEiRD' de Weerd
Index: if_bridge.c
===
RCS file: /cvs/src/sys/net/if_bridge.c,v
retrieving revision 1.185
diff -u -r1.185 if_bridge.c
--- if_bridge.c 28 Oct 2010 13:49:54 - 1.185
+++ if_bridge.c 28 Oct 2010 16:12:36 -
@@ -1421,10 +1421,23 @@
bridge_span(sc, eh, m);
if (m-m_flags (M_BCAST | M_MCAST)) {
- /* Tap off 802.1D packets, they do not get forwarded */
- if (bcmp(eh-ether_dhost, bstp_etheraddr, ETHER_ADDR_LEN) == 0)
{
- bstp_input(sc-sc_stp, ifl-bif_stp, eh, m);
- return (NULL);
+ /*
+* Reserved destination MAC addresses (01:80:C2:00:00:0x)
+* should not be forwarded to bridge members according to
+* section 7.12.6 of the 802.1D-2004 specification. The
+* STP destination address (as stored in bstp_etheraddr)
+* is the first of these.
+*/
+ if (bcmp(eh-ether_dhost, bstp_etheraddr, ETHER_ADDR_LEN - 1)
+ == 0) {
+ if (eh-ether_dhost[ETHER_ADDR_LEN - 1] == 0) {
+ /* STP traffic */
+ bstp_input(sc-sc_stp, ifl-bif_stp, eh, m);
+ return (NULL);
+ } else if (eh-ether_dhost[ETHER_ADDR_LEN - 1] = 0xf) {
+ m_freem(m);
+ return (NULL);
+ }
}
/*
--
[++-]+++.+++[---].+++[+
+++-].++[-]+.--.[-]
http://www.undeadly.org
