Displaying 20 results from an estimated 700 matches similar to: "[Bridge] [PATCH v10 net-next 00/12] VLAN filtering/VLAN aware bridge"
2013 Jan 09
16
[Bridge] [PATCH net-next V5 00/14] Add basic VLAN support to bridges
This series of patches provides an ability to add VLANs to the bridge
ports. This is similar to what can be found in most switches. The bridge
port may have any number of VLANs added to it including vlan 0 priority tagged
traffic. When vlans are added to the port, only traffic tagged with particular
vlan will forwarded over this port. Additionally, vlan ids are added to FDB
entries and become
2007 Apr 18
5
[Bridge] RFC: [PATCH] bridge vlan integration
Hi,
The attached patches enables the bridge to filter and forward packets
according to their IEEE 802.1q headers. The goals behind this change
include :
- Enable running STP on 802.1q tagged networks. STP packets
must be untagged. It isn't obvious how else to enable STP
with the current bridge and vlan code.
- Add native support for an untagged vlan. Currently an untagged
vlan can
2013 Aug 26
0
[PATCH] bridge: separate querier and query timer into IGMP/IPv4 and MLD/IPv6 ones
Currently we would still potentially suffer multicast packet loss if there
is just either an IGMP or an MLD querier: For the former case, we would
possibly drop IPv6 multicast packets, for the latter IPv4 ones. This is
because we are currently assuming that if either an IGMP or MLD querier
is present that the other one is present, too.
This patch makes the behaviour and fix added in
"bridge:
2023 Jun 19
4
[Bridge] [PATCH net-next v2 0/3, iproute2-next 0/1] bridge: Add a limit on learned FDB entries
Introduce a limit on the amount of learned FDB entries on a bridge,
configured by netlink with a build time default on bridge creation in
the kernel config.
For backwards compatibility the kernel config default is disabling the
limit (0).
Without any limit a malicious actor may OOM a kernel by spamming packets
with changing MAC addresses on their bridge port, so allow the bridge
creator to limit
2013 Apr 30
6
[Bridge] [PATCHv4 net-next 0/2] Add two new flags to bridge.
The following series adds 2 new flags to bridge. One flag allows
the user to control whether mac learning is performed on the interface
or not. By default mac learning is on.
The other flag allows the user to control whether unicast traffic
is flooded (send without an fdb) to a given unicast port. Default is
on.
Changes since v4:
- Implemented Stephen's suggestions.
Changes since v2:
-
2023 Jun 19
2
[Bridge] [PATCH net-next v2 2/3] bridge: Add a limit on learned FDB entries
A malicious actor behind one bridge port may spam the kernel with packets
with a random source MAC address, each of which will create an FDB entry,
each of which is a dynamic allocation in the kernel.
There are roughly 2^48 different MAC addresses, further limited by the
rhashtable they are stored in to 2^31. Each entry is of the type struct
net_bridge_fdb_entry, which is currently 128 bytes big.
2012 Nov 27
3
[Bridge] [RFC PATCH 1/2] bridge: export port_no and port_id via IFA_INFO_DATA
Based on net-next.
This patch exports port->port_no port->port_id in the end of IFA_INFO_DATA.
Cc: Herbert Xu <herbert at gondor.apana.org.au>
Cc: Stephen Hemminger <shemminger at vyatta.com>
Cc: "David S. Miller" <davem at davemloft.net>
Cc: Thomas Graf <tgraf at suug.ch>
Cc: Jesper Dangaard Brouer <brouer at redhat.com>
Signed-off-by: Cong Wang
2023 May 15
5
[Bridge] [PATCH net-next 1/2] bridge: Add a limit on FDB entries
A malicious actor behind one bridge port may spam the kernel with packets
with a random source MAC address, each of which will create an FDB entry,
each of which is a dynamic allocation in the kernel.
There are roughly 2^48 different MAC addresses, further limited by the
rhashtable they are stored in to 2^31. Each entry is of the type struct
net_bridge_fdb_entry, which is currently 128 bytes big.
2023 Jun 20
1
[Bridge] [PATCH net-next v2 2/3] bridge: Add a limit on learned FDB entries
On Tue, Jun 20, 2023 at 09:55:31AM +0300, Nikolay Aleksandrov wrote:
> On 6/19/23 10:14, Johannes Nixdorf wrote:
> > +/* Set a FDB flag that implies the entry was not learned, and account
> > + * for changes in the learned status.
> > + */
> > +static void __fdb_set_flag_not_learned(struct net_bridge *br,
> > + struct net_bridge_fdb_entry *fdb,
> >
2023 Jun 22
1
[Bridge] [PATCH net-next v2 2/3] bridge: Add a limit on learned FDB entries
On 20/06/2023 16:35, Johannes Nixdorf wrote:
> On Tue, Jun 20, 2023 at 09:55:31AM +0300, Nikolay Aleksandrov wrote:
>> On 6/19/23 10:14, Johannes Nixdorf wrote:
>>> +/* Set a FDB flag that implies the entry was not learned, and account
>>> + * for changes in the learned status.
>>> + */
>>> +static void __fdb_set_flag_not_learned(struct net_bridge *br,
2023 Jun 19
1
[Bridge] [PATCH net-next v2 1/3] bridge: Set BR_FDB_ADDED_BY_USER early in fdb_add_entry
This allows the called fdb_create to detect that the entry was added by
the user early in the process. This is in preparation to adding limits
in fdb_create that should not apply to user created fdb entries.
Signed-off-by: Johannes Nixdorf <jnixdorf-oss at avm.de>
---
Changes since v1:
- Added this change to ensure user added entries are not limited.
net/bridge/br_fdb.c | 6 +++---
1
2009 Aug 13
4
[Bridge] [PATCH] net/bridge: Add 'hairpin' port forwarding mode
This patch adds a 'hairpin' (also called 'reflective relay') mode
port configuration to the Linux Ethernet bridge kernel module.
A bridge supporting hairpin forwarding mode can send frames back
out through the port the frame was received on.
Hairpin mode is required to support basic VEPA (Virtual
Ethernet Port Aggregator) capabilities.
You can find additional information on VEPA
2009 Aug 13
4
[Bridge] [PATCH] net/bridge: Add 'hairpin' port forwarding mode
This patch adds a 'hairpin' (also called 'reflective relay') mode
port configuration to the Linux Ethernet bridge kernel module.
A bridge supporting hairpin forwarding mode can send frames back
out through the port the frame was received on.
Hairpin mode is required to support basic VEPA (Virtual
Ethernet Port Aggregator) capabilities.
You can find additional information on VEPA
2009 Aug 13
4
[Bridge] [PATCH] net/bridge: Add 'hairpin' port forwarding mode
This patch adds a 'hairpin' (also called 'reflective relay') mode
port configuration to the Linux Ethernet bridge kernel module.
A bridge supporting hairpin forwarding mode can send frames back
out through the port the frame was received on.
Hairpin mode is required to support basic VEPA (Virtual
Ethernet Port Aggregator) capabilities.
You can find additional information on VEPA
2007 Apr 18
4
[Bridge] MTU Question
I have a bridge that has gigabit interfaces. The machine in question has the
fun job of being a Bridge, Firewall and SMB server. Both of the Gigabit
interfaces are connected to workstations directly via Xover cable (well
MDI-X to be exact). My question is, if I enable jumbo frames on the gigabit
interfaces will that make any difference in overall transfer rate of the
bridge? I was thinking it
2023 May 19
2
[Bridge] [PATCH net-next 1/5] skbuff: bridge: Add layer 2 miss indication
On Thu, May 18, 2023 at 07:08:47PM +0300, Nikolay Aleksandrov wrote:
> On 18/05/2023 14:33, Ido Schimmel wrote:
> > diff --git a/net/bridge/br_input.c b/net/bridge/br_input.c
> > index fc17b9fd93e6..d8ab5890cbe6 100644
> > --- a/net/bridge/br_input.c
> > +++ b/net/bridge/br_input.c
> > @@ -334,6 +334,7 @@ static rx_handler_result_t br_handle_frame(struct sk_buff
2013 Sep 04
6
[Bridge] bride: IPv6 multicast snooping enhancements
Hi,
Here are two, small feature changes I would like to submit to increase
the usefulness of the multicast snooping of the bridge code.
The first patch is an unaltered one I had submitted before, but since it
got no feedback I'm resubmitting it here for net-next. With the recently
added patch to disable snooping if there is no querier (b00589af + 248ba8ec05
+ 8d50af4fb), it should be a safe
2007 Apr 18
4
[Bridge] [Patch] [2.6.7] Bridge - Fix BPDU message_age
Fixes message_age field update in config BPDUs. Also checks whether the BPDU
message age has exceeded bridge max age before transmitting config BPDUs.
Signed-off-by: Kishore A K <KishoreAK@myw.ltindia.com>
Index: linux-2.6.7/net/bridge/br_stp.c
=============================================================
--- linux-2.6.7/net/bridge/br_stp.c.orig 2004-06-17 20:17:27.000000000 +0530
+++
2008 Jul 07
3
[Bridge] [RFC PATCH 0/2] Allow full bridge configuration via sysfs
Right now, you can configure most bridge device parameters via sysfs.
However, you cannot either:
- add or remove bridge interfaces
- add or remove physical interfaces from a bridge
The attached patch set rectifies this. With this patch set, brctl
(theoretically) becomes completely optional, much like ifenslave is
now for bonding. (In fact, the idea for this patch, and the syntax
used herein, is
2007 Apr 18
1
[Bridge] [BRIDGE] Unaligned access on IA64 when comparing ethernet addresses
From: Evgeny Kravtsunov <emkravts@openvz.org>
compare_ether_addr() implicitly requires that the addresses
passed are 2-bytes aligned in memory.
This is not true for br_stp_change_bridge_id() and
br_stp_recalculate_bridge_id() in which one of the addresses
is unsigned char *, and thus may not be 2-bytes aligned.
Signed-off-by: Evgeny Kravtsunov <emkravts@openvz.org>
Signed-off-by: