Nikolay Aleksandrov
2017-Sep-29 21:01 UTC
[Bridge] [PATCH net-next] net: bridge: add per-port group_fwd_mask with less restrictions
On 29/09/17 18:14, Stephen Hemminger wrote:> On Wed, 27 Sep 2017 16:12:44 +0300 > Nikolay Aleksandrov <nikolay at cumulusnetworks.com> wrote: > >> We need to be able to transparently forward most link-local frames via >> tunnels (e.g. vxlan, qinq). Currently the bridge's group_fwd_mask has a >> mask which restricts the forwarding of STP and LACP, but we need to be able >> to forward these over tunnels and control that forwarding on a per-port >> basis thus add a new per-port group_fwd_mask option which only disallows >> mac pause frames to be forwarded (they're always dropped anyway). >> The patch does not change the current default situation - all of the others >> are still restricted unless configured for forwarding. >> We have successfully tested this patch with LACP and STP forwarding over >> VxLAN and qinq tunnels. >> >> Signed-off-by: Nikolay Aleksandrov <nikolay at cumulusnetworks.com> > > LACP is fine, but STP must not be forwarded if STP in user or kernel > mode is enabled. > > Please update this patch or revert it. >The default has not changed, STP is still _not_ forwarded. It can be only if explicitly requested by the user and that means the port might be participating in STP but not the bridge's STP, that is explicitly forward all STP frames from that port. I don't think we have to change anything.
Stephen Hemminger
2017-Sep-29 21:51 UTC
[Bridge] [PATCH net-next] net: bridge: add per-port group_fwd_mask with less restrictions
On Sat, 30 Sep 2017 00:01:24 +0300 Nikolay Aleksandrov <nikolay at cumulusnetworks.com> wrote:> On 29/09/17 18:14, Stephen Hemminger wrote: > > On Wed, 27 Sep 2017 16:12:44 +0300 > > Nikolay Aleksandrov <nikolay at cumulusnetworks.com> wrote: > > > >> We need to be able to transparently forward most link-local frames via > >> tunnels (e.g. vxlan, qinq). Currently the bridge's group_fwd_mask has a > >> mask which restricts the forwarding of STP and LACP, but we need to be able > >> to forward these over tunnels and control that forwarding on a per-port > >> basis thus add a new per-port group_fwd_mask option which only disallows > >> mac pause frames to be forwarded (they're always dropped anyway). > >> The patch does not change the current default situation - all of the others > >> are still restricted unless configured for forwarding. > >> We have successfully tested this patch with LACP and STP forwarding over > >> VxLAN and qinq tunnels. > >> > >> Signed-off-by: Nikolay Aleksandrov <nikolay at cumulusnetworks.com> > > > > LACP is fine, but STP must not be forwarded if STP in user or kernel > > mode is enabled. > > > > Please update this patch or revert it. > > > > The default has not changed, STP is still _not_ forwarded. It can be only if explicitly > requested by the user and that means the port might be participating in STP but not > the bridge's STP, that is explicitly forward all STP frames from that port. > I don't think we have to change anything. >You need to fail if user does something stupid. And DNR.