Displaying 4 results from an estimated 4 matches for "vlan_protocol".
2023 Jun 19
1
[Bridge] [PATCH iproute2-next 1/1] iplink: bridge: Add support for bridge FDB learning limits
...)
" [ group_fwd_mask MASK ]\n"
" [ group_address ADDRESS ]\n"
" [ no_linklocal_learn NO_LINKLOCAL_LEARN ]\n"
+ " [ fdb_max_learned_entries FDB_MAX_LEARNED_ENTRIES ]\n"
" [ vlan_filtering VLAN_FILTERING ]\n"
" [ vlan_protocol VLAN_PROTOCOL ]\n"
" [ vlan_default_pvid VLAN_DEFAULT_PVID ]\n"
@@ -168,6 +169,14 @@ static int bridge_parse_opt(struct link_util *lu, int argc, char **argv,
bm.optval |= no_ll_learn_bit;
else
bm.optval &= ~no_ll_learn_bit;
+ } else if (matches(*argv, "f...
2023 Sep 05
1
[Bridge] [PATCH iproute2-next v3] iplink: bridge: Add support for bridge FDB learning limits
...)
" [ group_fwd_mask MASK ]\n"
" [ group_address ADDRESS ]\n"
" [ no_linklocal_learn NO_LINKLOCAL_LEARN ]\n"
+ " [ fdb_max_learned_entries FDB_MAX_LEARNED_ENTRIES ]\n"
" [ vlan_filtering VLAN_FILTERING ]\n"
" [ vlan_protocol VLAN_PROTOCOL ]\n"
" [ vlan_default_pvid VLAN_DEFAULT_PVID ]\n"
@@ -168,6 +169,14 @@ static int bridge_parse_opt(struct link_util *lu, int argc, char **argv,
bm.optval |= no_ll_learn_bit;
else
bm.optval &= ~no_ll_learn_bit;
+ } else if (strcmp(*argv, "fd...
2023 Oct 18
3
[Bridge] [PATCH iproute2-next v5] iplink: bridge: Add support for bridge FDB learning limits
..._explain(FILE *f)
" [ group_fwd_mask MASK ]\n"
" [ group_address ADDRESS ]\n"
" [ no_linklocal_learn NO_LINKLOCAL_LEARN ]\n"
+ " [ fdb_max_learned FDB_MAX_LEARNED ]\n"
" [ vlan_filtering VLAN_FILTERING ]\n"
" [ vlan_protocol VLAN_PROTOCOL ]\n"
" [ vlan_default_pvid VLAN_DEFAULT_PVID ]\n"
@@ -168,6 +169,14 @@ static int bridge_parse_opt(struct link_util *lu, int argc, char **argv,
bm.optval |= no_ll_learn_bit;
else
bm.optval &= ~no_ll_learn_bit;
+ } else if (strcmp(*argv, "fd...
2023 Jun 19
4
[Bridge] [PATCH net-next v2 0/3, iproute2-next 0/1] bridge: Add a limit on learned FDB entries
Introduce a limit on the amount of learned FDB entries on a bridge,
configured by netlink with a build time default on bridge creation in
the kernel config.
For backwards compatibility the kernel config default is disabling the
limit (0).
Without any limit a malicious actor may OOM a kernel by spamming packets
with changing MAC addresses on their bridge port, so allow the bridge
creator to limit