=A0 =A0 Are you doing any port mirroring here to capture packets on PC2?. How are you sending packets from PC1 (running linux bridge?)? =0A=0A I am attaching wireshark capture for Dlink and Netgear STP packets. =A0=A0 Can you send out complete packet capture from start of your test to the end to analyze =A0=A0=20 =0A=A0=A0=A0 Thanks =A0=A0=A0 Sasi =0APlease let me know if any one has any idea or comment on=0A this. Thanks, Sujata =A0=0A --- On Thu, 6/14/12, Sasikanth babu <sasikanth.v19 at gmail.com> wrote: =0A From: Sasikanth babu <sasikanth.v19 at gmail.com> Subject: Re: [Bridge] Query on Sapnning tree implementation from standard point of view =0ATo: "Sujata Verma" <sujataverma3 at yahoo.com> Cc: bridge at lists.linux-foundation.org =0ADate: Thursday, June 14, 2012, 6:09 PM On Thu, Jun 14, 2012 at 5:53 PM, Sujata Verma <sujataverma3 at yahoo.com> wrote: =0A=0AHi , I am going through spanning tree protocol and was testing it on Linux. My observation is there is no validation of timers for configuration BPDU.=A0 Lets say Root bridge received another BPDU from new bridge with invalid timer values but less priority, the existing bridge is becoming non-root bridge and is advertising the invalid timer values.=20 =0A=0A As i have gone through 802.1D-1998 standard, i understand that 2004 is current one but i was looking into STP not RSTP, i preferred to read this standard. I find these lines: =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D =0A=0A9.3.3 Validation of received BPDUs A Bridge Protocol Entity shall process a received BPDU as specified in 8.7 if and only if the BPDU contains at least four octets and the Protocol Identifier has the value specified for BPDUs (9.3.2), and =0A=0Aa) The BPDU Type=0A denotes a Configuration BPDU and the BPDU contains at least 35 octets, and the value of the BPDUs Message Age parameter is less than that of its Max Age parameter; or b) The BPDU Type denotes a Topology Change Notification BPDU. =0A=0AIn case a), any octets that are present beyond Octet 35 are ignored, as far as processing according to this standard is concerned. Similarly, in case b), any octets beyond Octet 4 are ignored. =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D =0A=0A Does this implies that any value timer values present within octet 35 is valid value and there is no validation done. Even if range for hello timer, max age and forward delay is defined and is limited. Is it an issue or fine within the standard? =0A=0A =A0 Not all STP implementation do BPDU validations i.e validates all BPDU parameters present within 35 octet. The validation checks for invalid values present in the bpdu,=20 =0A=0A=A0 if the BPDU validation fails it drops the BPDU. The have seen this validations in proprietary software. =A0=20 =0A=0APlease help me understand this issue and thanks for any comments. Regards, Sujata =0A=0A _______________________________________________ =0ABridge mailing list =0ABridge at lists.linux-foundation.org =0Ahttps://lists.linuxfoundation.org/mailman/listinfo/bridge =0A _______________________________________________ =0ABridge mailing list =0ABridge at lists.linux-foundation.org =0Ahttps://lists.linuxfoundation.org/mailman/listinfo/bridge =0A --1521818054-454116840-1340012128=:42375 Content-Type: text/html; charset=iso-8859-1 Content-Transfer-Encoding: quoted-printable <table cellspacing=3D"0" cellpadding=3D"0" border=3D"0" ><tr><td valign=3D"top" style=3D"font: inherit;">Ok. <br><br> I don't think STP std has mentioned this propagation, As far as I know=0A this prorogation is wrong. I think this must be a bug in Netgear =0Aswitch.<br><br>>>> My setup is <br><br> PC1( Windows PC) ----Switch------PC2 ( Windows PC)<br><br>Using Colasoft builder tool, i captured one STP packet modified the bridge priority such that it becomes root bridge , put all invalid values for timers as 255 and sent to the switch. My switch is linux PC, netgear switch and dlink switch for comparison purposes. <br><br>As switch receives the better BID packet it stop advertising it self as bridge and take values of timers from root bridge which is 255 for bridge, hello and forward delay in my case.<br><br>So the switch receives this packet and updates its cost, root information and sends out on another port on which PC2 is connected and where i am seeing it on wireshark with all timer values as received from root bridge. This is all fine, the only problem is, its not validating the timer values which seems a bug to me , as the timer values are defined within the limit in standard.<br><br>If Netgear is doing validation of the hello timer and is putting the maximum allowed value seems fine to me and not a bug. But still, i think forward delay and max age should also be validated before accepting new BPDU as root bridge.<br><br>As in linux/dlink it is not doing any validation and sending bpdu with 255 values, which is not correct as it could lead to delay of convergence time in case of root failure.<br><br>In netgear switch the command display before and after are as follows:<br><br>=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D<br>(FSM726V3) #show spanning-tree<br><br>Bridge Priority................................ 32768<br>Bridge Identifier.............................. 80:00:00:26:F2:AF:93:A5<br>Time Since Topology Change..................... 0 day 0 hr 42 min 14 sec<br>Topology Change Count.......................... 1<br>Topology Change in progress.................... FALSE<br>Designated Root................................ 80:00:00:26:F2:AF:93:A5<br>Root Path Cost................................. 0<br>Root Port Identifier........................... 00:00<br>Bridge Max Age................................. 20<br>Bridge Max Hops................................ 20<br>Bridge Tx Hold Count........................... 6<br>Bridge Forwarding Delay........................ 15<br>Hello Time..................................... 2<br>Bridge Hold Time............................... 6<br>CST Regional Root.............................. 80:00:00:26:F2:AF:93:A5<br>Regional Root Path Cost........................ 0<br>--More-- or (q)uit<br><br><br><br> Associated FIDs Associated VLANs<br> --------------- ----------------<br> 1 1<br> 100 100<br> 200 200<br><br>(FSM726V3) #show spanning-tree summary<br><br>Spanning Tree Adminmode........... Enabled<br>Spanning Tree Version............. IEEE 802.1d<br>BPDU Guard Mode................... Disabled<br>BPDU Filter Mode.................. Disabled<br>Configuration Name................ 00-26-F2-AF-93-A5<br>Configuration Revision Level...... 0<br>Configuration Digest Key.......... 0xac36177f50283cd4b83821d8ab26de62<br>Configuration Format Selector..... 0<br>No MST instances to display.<br><br>=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D<br>After sending the invalid timer packet:<br><br>(FSM726V3) #<br>(FSM726V3) #<br>(FSM726V3) #show spanning-tree summary<br><br>Spanning Tree Adminmode........... Enabled<br>Spanning Tree Version............. IEEE 802.1d<br>BPDU Guard Mode................... Disabled<br>BPDU Filter Mode.................. Disabled<br>Configuration Name................ 00-26-F2-AF-93-A5<br>Configuration Revision Level...... 0<br>Configuration Digest Key.......... 0xac36177f50283cd4b83821d8ab26de62<br>Configuration Format Selector..... 0<br>No MST instances to display.<br><br>(FSM726V3) #show spanning-tree<br><br>Bridge Priority................................ 32768<br>Bridge Identifier.............................. 80:00:00:26:F2:AF:93:A5<br>Time Since Topology Change..................... 0 day 0 hr 0 min 12 sec<br>Topology Change Count.......................... 2<br>Topology Change in progress.................... TRUE<br>Designated Root................................ 10:00:00:20:A1:F0:88:50<br>Root Path Cost................................. 200004<br>Root Port Identifier........................... 80:01<br>Bridge Max Age................................. 255<br>Bridge Max Hops................................ 20<br>Bridge Tx Hold Count........................... 6<br>Bridge Forwarding Delay........................ 255<br><span style=3D"color: rgb(255, 0, 0);">Hello Time..................................... 10</span><br>Bridge Hold Time............................... 6<br>CST Regional Root.............................. 80:00:00:26:F2:AF:93:A5<br>Regional Root Path Cost........................ 0<br>--More-- or (q)uit<br><br><br><br> Associated FIDs Associated VLANs<br> --------------- ----------------<br> 1 1<br> 100 100<br> 200 200<br><br>(FSM726V3) #<br><br><br>=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D<br>As Cisco doesnt accept this type of BPDU it means that it is a bug to be fixed on Linux, as i conclude. <br><br>Please let me know if you think otherwise.<br><br>Regards,<br>Sujata<br><br><br><br><br>--- On <b>Fri, 6/15/12, Sasikanth babu <i><sasikanth.v19 at gmail.com></i></b> wrote:<br><blockquote style=3D"border-left: 2px solid rgb(16, 16, 255); margin-left: 5px; padding-left: 5px;"><br>From: Sasikanth babu <sasikanth.v19 at gmail.com><br>Subject: Re: [Bridge] Query on Sapnning tree implementation from standard point of view<br>To: "Sujata Verma" <sujataverma3 at yahoo.com><br>Cc: bridge at lists.linux-foundation.org<br>Date: Friday, June 15, 2012, 7:25 PM<br><br><div id=3D"yiv115092420"><div dir=3D"ltr"><br><div class=3D"yiv115092420gmail_quote">On Fri, Jun 15, 2012 at 5:55 PM, Sujata Verma <span dir=3D"ltr"><<a rel=3D"nofollow" ymailto=3D"mailto:sujataverma3 at yahoo.com" target=3D"_blank" href=3D"/mc/compose?to=3Dsujataverma3 at yahoo.com">sujataverma3 at yahoo.com</a>></span> wrote:<br><blockquote class=3D"yiv115092420gmail_quote" style=3D"margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex;">=0A<table border=3D"0" cellpadding=3D"0" cellspacing=3D"0"><tbody><tr><td style=3D"font:inherit;" valign=3D"top">Thanks. I was doing the same experiment on few switches, i could get hold of and this is the result:<br><br>Cisco Switch catalyst 2950 : Completely ignoring the packet, so validations are proper.<br>=0A<br>Netgear FSM726V3 : Hello timer is validated and is propagated as 10 instead of 255 ( which i sent) other max age and forward delay still it accepts as 255. <br><br></td></tr></tbody></table></blockquote><div> I don't think STP std has mentioned this propagation, As far as I know this prorogation is wrong. I think this must be a bug in Netgear switch.<br>=0A<br></div><blockquote class=3D"yiv115092420gmail_quote" style=3D"margin:0pt 0pt 0pt 0.8ex;border-left:1px solid rgb(204,204,204);padding-left:1ex;"><table border=3D"0" cellpadding=3D"0" cellspacing=3D"0"><tbody><tr><td style=3D"font:inherit;" valign=3D"top">=0ADLINK-DES-3026 : No validation done and accepts all as 255 ( max age, forward delay and hello timer)<br><br>In both Netgear and Dlink the message age is changed to 16, which i am not sure why it has happened ? <br><br>my setup is simple<br>=0A<br> PC1------Switch------PC2<br><br>From PC1 i am sending invalid timer values and observing on PC2.<br></td></tr></tbody></table></blockquote><div><br> Are you doing any port mirroring here to capture packets on PC2?. How are you sending packets from PC1 (running linux bridge?)?<br>=0A</div><blockquote class=3D"yiv115092420gmail_quote" style=3D"margin:0pt 0pt 0pt 0.8ex;border-left:1px solid rgb(204,204,204);padding-left:1ex;"><table border=3D"0" cellpadding=3D"0" cellspacing=3D"0"><tbody><tr><td style=3D"font:inherit;" valign=3D"top">=0A<br>I am attaching wireshark capture for Dlink and Netgear STP packets.<br><br></td></tr></tbody></table></blockquote><div> Can you send out complete packet capture from start of your test to the end to analyze<br> <br>=0A Thanks<br> Sasi<br><br></div><blockquote class=3D"yiv115092420gmail_quote" style=3D"margin:0pt 0pt 0pt 0.8ex;border-left:1px solid rgb(204,204,204);padding-left:1ex;"><table border=3D"0" cellpadding=3D"0" cellspacing=3D"0"><tbody><tr><td style=3D"font:inherit;" valign=3D"top">=0APlease let me know if any one has any idea or comment on=0A this.<br><br>Thanks,<br>Sujata<br></td></tr></tbody></table></blockquote><div> </div><blockquote class=3D"yiv115092420gmail_quote" style=3D"margin:0pt 0pt 0pt 0.8ex;border-left:1px solid rgb(204,204,204);padding-left:1ex;"><table border=3D"0" cellpadding=3D"0" cellspacing=3D"0">=0A<tbody><tr><td style=3D"font:inherit;" valign=3D"top"><br><br><br><br><br>--- On <b>Thu, 6/14/12, Sasikanth babu <i><<a rel=3D"nofollow" ymailto=3D"mailto:sasikanth.v19 at gmail.com" target=3D"_blank" href=3D"/mc/compose?to=3Dsasikanth.v19 at gmail.com">sasikanth.v19 at gmail.com</a>></i></b> wrote:<br>=0A<blockquote style=3D"border-left:2px solid rgb(16,16,255);margin-left:5px;padding-left:5px;"><br>From: Sasikanth babu <<a rel=3D"nofollow" ymailto=3D"mailto:sasikanth.v19 at gmail.com" target=3D"_blank" href=3D"/mc/compose?to=3Dsasikanth.v19 at gmail.com">sasikanth.v19 at gmail.com</a>><br>Subject: Re: [Bridge] Query on Sapnning tree implementation from standard point of view<br>=0ATo: "Sujata Verma" <<a rel=3D"nofollow" ymailto=3D"mailto:sujataverma3 at yahoo.com" target=3D"_blank" href=3D"/mc/compose?to=3Dsujataverma3 at yahoo.com">sujataverma3 at yahoo.com</a>><br>Cc: <a rel=3D"nofollow" ymailto=3D"mailto:bridge at lists.linux-foundation.org" target=3D"_blank" href=3D"/mc/compose?to=3Dbridge at lists.linux-foundation.org">bridge at lists.linux-foundation.org</a><br>=0ADate: Thursday, June 14, 2012, 6:09 PM<div><div class=3D"yiv115092420h5"><br><br><div><div dir=3D"ltr"><br><div>On Thu, Jun 14, 2012 at 5:53 PM, Sujata Verma <span dir=3D"ltr"><<a rel=3D"nofollow" target=3D"_blank" href=3D"http://mc/compose?to=3Dsujataverma3 at yahoo.com">sujataverma3 at yahoo.com</a>></span> wrote:<br>=0A<blockquote style=3D"margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex;">=0A<table border=3D"0" cellpadding=3D"0" cellspacing=3D"0"><tbody><tr><td style=3D"font:inherit;" valign=3D"top">Hi ,<br><br>I am going through spanning tree protocol and was testing it on Linux. My observation is there is no validation of timers for configuration BPDU. Lets say Root bridge received another BPDU from new bridge with invalid timer values but less priority, the existing bridge is becoming non-root bridge and is advertising the invalid timer values. <br>=0A=0A<br>As i have gone through 802.1D-1998 standard, i understand that 2004 is current one but i was looking into STP not RSTP, i preferred to read this standard. I find these lines:<br><br>=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D<br>=0A=0A9.3.3 Validation of received BPDUs<br><br>A Bridge Protocol Entity shall process a received BPDU as specified in 8.7 if and only if the BPDU contains at least four octets and the Protocol Identifier has the value specified for BPDUs (9.3.2), and<br>=0A=0Aa) The BPDU Type=0A denotes a Configuration BPDU and the BPDU contains at least 35 octets, and the<br>value of the BPDUs Message Age parameter is less than that of its Max Age parameter; or<br><br>b) The BPDU Type denotes a Topology Change Notification BPDU.<br>=0A=0AIn case a), any octets that are present beyond Octet 35 are ignored, as far as processing according to this<br>standard is concerned. Similarly, in case b), any octets beyond Octet 4 are ignored.<br><br>=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D<br>=0A=0A<br>Does this implies that any value timer values present within octet 35 is valid value and there is no validation done. Even if range for hello timer, max age and forward delay is defined and is limited. Is it an issue or fine within the standard?<br>=0A=0A<br></td></tr></tbody></table></blockquote><div> Not all STP implementation do BPDU validations i.e validates all BPDU parameters present within 35 octet. The validation checks for invalid values present in the bpdu, <br>=0A=0A if the BPDU validation fails it drops the BPDU. The have seen this validations in proprietary software.<br> <br></div><blockquote style=3D"margin:0pt 0pt 0pt 0.8ex;border-left:1px solid rgb(204,204,204);padding-left:1ex;">=0A=0A<table border=3D"0" cellpadding=3D"0" cellspacing=3D"0"><tbody><tr><td style=3D"font:inherit;" valign=3D"top">Please help me understand this issue and thanks for any comments.<br><br>Regards,<br>Sujata<br><br></td></tr></tbody></table>=0A=0A<br>_______________________________________________<br>=0ABridge mailing list<br>=0A<a rel=3D"nofollow" target=3D"_blank" href=3D"http://mc/compose?to=3DBridge at lists.linux-foundation.org">Bridge at lists.linux-foundation.org</a><br>=0A<a rel=3D"nofollow" target=3D"_blank" href=3D"https://lists.linuxfoundation.org/mailman/listinfo/bridge">https://lists.linuxfoundation.org/mailman/listinfo/bridge</a><br></blockquote></div><br></div>=0A</div></div></div></blockquote></td></tr></tbody></table><br>_______________________________________________<br>=0ABridge mailing list<br>=0A<a rel=3D"nofollow" ymailto=3D"mailto:Bridge at lists.linux-foundation.org" target=3D"_blank" href=3D"/mc/compose?to=3DBridge at lists.linux-foundation.org">Bridge at lists.linux-foundation.org</a><br>=0A<a rel=3D"nofollow" target=3D"_blank" href=3D"https://lists.linuxfoundation.org/mailman/listinfo/bridge">https://lists.linuxfoundation.org/mailman/listinfo/bridge</a><br></blockquote></div><br></div>=0A</div></blockquote></td></tr></table> --1521818054-454116840-1340012128=:42375--