Richard Weinberger
2018-Oct-01 18:54 UTC
[Bridge] [PATCH 1/1] bridge: remove BR_GROUPFWD_RESTRICTED for arbitrary forwarding of reserved addresses
Am Montag, 1. Oktober 2018, 20:48:21 CEST schrieb Ido Schimmel:> > This is my plan b, having a u32 classifier that transports STP directly > > to the other interface. > > But IMHO this all is a bit hacky and a "forward anything" bridge mode > > sounds more natural to me. > > But "forwarding STP and PAUSE if the number of slaves is restricted to > 2" is a hack. The Linux bridge (like other networking equipment) needs > to conform to standards and to the best of my knowledge what you're > requesting is explicitly forbidden by IEEE standards. > > Also, if what you need is "forward anything", then Florian's suggestion > should work for you.Agreed, both variants are hacks. Depending on the point of view one might seem less hacky than the other. :-) As I said, netfilter is also part of the game. Unless I miss something, netfilter won't see any packets if tc-mirred is used. So the only option is having a bridge and transport STP via tc-mirred or patching the bridge code (what we do right now). Thanks, //richard
Ido Schimmel
2018-Oct-01 19:04 UTC
[Bridge] [PATCH 1/1] bridge: remove BR_GROUPFWD_RESTRICTED for arbitrary forwarding of reserved addresses
On Mon, Oct 01, 2018 at 08:54:08PM +0200, Richard Weinberger wrote:> So the only option is having a bridge and transport STP via tc-mirred > or patching the bridge code (what we do right now).And I vote for the first option. I understand it involves more typing, but I see no reason to push more complexity into the kernel - and break standards - when you can relatively easily accomplish the same thing in other ways. Adding Nik and Roopa who now maintain the bridge code and should eventually decide about this.