Displaying 6 results from an estimated 6 matches for "8eca8a5c80c6".
2023 Jun 19
1
[Bridge] [PATCH net-next v2 3/3] net: bridge: Add a configurable default FDB learning limit
...BRIDGE
+ help
+ Sets a default limit on the number of learned FDB entries on
+ new bridges. This limit can be overwritten via netlink on a
+ per bridge basis.
+
+ The default of 0 disables the limit.
+
+ If unsure, say 0.
diff --git a/net/bridge/br_device.c b/net/bridge/br_device.c
index 8eca8a5c80c6..93f081ce8195 100644
--- a/net/bridge/br_device.c
+++ b/net/bridge/br_device.c
@@ -530,6 +530,8 @@ void br_dev_setup(struct net_device *dev)
br->bridge_ageing_time = br->ageing_time = BR_DEFAULT_AGEING_TIME;
dev->max_mtu = ETH_MAX_MTU;
+ br->fdb_max_learned_entries = CONFIG_BRIDGE...
2023 May 15
5
[Bridge] [PATCH net-next 1/2] bridge: Add a limit on FDB entries
...-- a/include/uapi/linux/if_link.h
+++ b/include/uapi/linux/if_link.h
@@ -510,6 +510,7 @@ enum {
IFLA_BR_VLAN_STATS_PER_PORT,
IFLA_BR_MULTI_BOOLOPT,
IFLA_BR_MCAST_QUERIER_STATE,
+ IFLA_BR_FDB_MAX_ENTRIES,
__IFLA_BR_MAX,
};
diff --git a/net/bridge/br_device.c b/net/bridge/br_device.c
index 8eca8a5c80c6..d455a28df7c9 100644
--- a/net/bridge/br_device.c
+++ b/net/bridge/br_device.c
@@ -528,6 +528,8 @@ void br_dev_setup(struct net_device *dev)
br->bridge_hello_time = br->hello_time = 2 * HZ;
br->bridge_forward_delay = br->forward_delay = 15 * HZ;
br->bridge_ageing_time = br->...
2023 May 15
3
[Bridge] [PATCH net-next 1/2] bridge: Add a limit on FDB entries
...pi/linux/if_link.h
> @@ -510,6 +510,7 @@ enum {
> IFLA_BR_VLAN_STATS_PER_PORT,
> IFLA_BR_MULTI_BOOLOPT,
> IFLA_BR_MCAST_QUERIER_STATE,
> + IFLA_BR_FDB_MAX_ENTRIES,
> __IFLA_BR_MAX,
> };
>
> diff --git a/net/bridge/br_device.c b/net/bridge/br_device.c
> index 8eca8a5c80c6..d455a28df7c9 100644
> --- a/net/bridge/br_device.c
> +++ b/net/bridge/br_device.c
> @@ -528,6 +528,8 @@ void br_dev_setup(struct net_device *dev)
> br->bridge_hello_time = br->hello_time = 2 * HZ;
> br->bridge_forward_delay = br->forward_delay = 15 * HZ;
> br-&g...
2023 Jun 19
4
[Bridge] [PATCH net-next v2 0/3, iproute2-next 0/1] bridge: Add a limit on learned FDB entries
Introduce a limit on the amount of learned FDB entries on a bridge,
configured by netlink with a build time default on bridge creation in
the kernel config.
For backwards compatibility the kernel config default is disabling the
limit (0).
Without any limit a malicious actor may OOM a kernel by spamming packets
with changing MAC addresses on their bridge port, so allow the bridge
creator to limit
2023 May 09
5
[Bridge] [RFC PATCH net-next 0/5] Add layer 2 miss indication and filtering
tl;dr
=====
This patchset adds a single bit to the skb to indicate that a packet
encountered a layer 2 miss in the bridge and extends flower to match on
this metadata. This is required for non-DF (Designated Forwarder)
filtering in EVPN multi-homing which prevents decapsulated BUM packets
from being forwarded multiple times to the same multi-homed host.
Background
==========
In a typical EVPN
2023 May 18
5
[Bridge] [PATCH net-next 0/5] Add layer 2 miss indication and filtering
tl;dr
=====
This patchset adds a single bit to the skb to indicate that a packet
encountered a layer 2 miss in the bridge and extends flower to match on
this metadata. This is required for non-DF (Designated Forwarder)
filtering in EVPN multi-homing which prevents decapsulated BUM packets
from being forwarded multiple times to the same multi-homed host.
Background
==========
In a typical EVPN