Displaying 20 results from an estimated 400 matches similar to: "[Bridge] [PATCH] Fix typo in net/bridge/br_stp_if.c"
2009 Aug 13
4
[Bridge] [PATCH] net/bridge: Add 'hairpin' port forwarding mode
This patch adds a 'hairpin' (also called 'reflective relay') mode
port configuration to the Linux Ethernet bridge kernel module.
A bridge supporting hairpin forwarding mode can send frames back
out through the port the frame was received on.
Hairpin mode is required to support basic VEPA (Virtual
Ethernet Port Aggregator) capabilities.
You can find additional information on VEPA
2009 Aug 13
4
[Bridge] [PATCH] net/bridge: Add 'hairpin' port forwarding mode
This patch adds a 'hairpin' (also called 'reflective relay') mode
port configuration to the Linux Ethernet bridge kernel module.
A bridge supporting hairpin forwarding mode can send frames back
out through the port the frame was received on.
Hairpin mode is required to support basic VEPA (Virtual
Ethernet Port Aggregator) capabilities.
You can find additional information on VEPA
2009 Aug 13
4
[Bridge] [PATCH] net/bridge: Add 'hairpin' port forwarding mode
This patch adds a 'hairpin' (also called 'reflective relay') mode
port configuration to the Linux Ethernet bridge kernel module.
A bridge supporting hairpin forwarding mode can send frames back
out through the port the frame was received on.
Hairpin mode is required to support basic VEPA (Virtual
Ethernet Port Aggregator) capabilities.
You can find additional information on VEPA
2007 Aug 14
3
[Bridge] Re: BUG: when using 'brctl stp'
Bridge locking for /sys/class/net/br0/bridge/stp_enabled
was wrong. Another bug in bridge utilities makes it such that
this interface, meant it wasn't being used. The locking needs to be removed
from set_stp_state(), the lock is already acquired down in
br_stp_start()/br_stp_stop.
Signed-off-by: Stephen Hemminger <shemminger@linux-foundation.org>
--- a/net/bridge/br_sysfs_br.c
2023 Jul 11
3
[Bridge] [PATCH v1 net] bridge: Return an error when enabling STP in netns.
When we create an L2 loop on a bridge in netns, we will see packets storm
even if STP is enabled.
# unshare -n
# ip link add br0 type bridge
# ip link add veth0 type veth peer name veth1
# ip link set veth0 master br0 up
# ip link set veth1 master br0 up
# ip link set br0 type bridge stp_state 1
# ip link set br0 up
# sleep 30
# ip -s link show br0
2: br0:
2023 Jul 12
2
[Bridge] [PATCH v1 net] bridge: Return an error when enabling STP in netns.
On 12/07/2023 17:48, Ido Schimmel wrote:
> On Tue, Jul 11, 2023 at 04:54:15PM -0700, Kuniyuki Iwashima wrote:
>> When we create an L2 loop on a bridge in netns, we will see packets storm
>> even if STP is enabled.
>>
>> # unshare -n
>> # ip link add br0 type bridge
>> # ip link add veth0 type veth peer name veth1
>> # ip link set veth0 master
2023 Jun 19
2
[Bridge] [PATCH net-next v2 2/3] bridge: Add a limit on learned FDB entries
A malicious actor behind one bridge port may spam the kernel with packets
with a random source MAC address, each of which will create an FDB entry,
each of which is a dynamic allocation in the kernel.
There are roughly 2^48 different MAC addresses, further limited by the
rhashtable they are stored in to 2^31. Each entry is of the type struct
net_bridge_fdb_entry, which is currently 128 bytes big.
2007 Apr 18
1
[Bridge] [BRIDGE] Unaligned access on IA64 when comparing ethernet addresses
From: Evgeny Kravtsunov <emkravts@openvz.org>
compare_ether_addr() implicitly requires that the addresses
passed are 2-bytes aligned in memory.
This is not true for br_stp_change_bridge_id() and
br_stp_recalculate_bridge_id() in which one of the addresses
is unsigned char *, and thus may not be 2-bytes aligned.
Signed-off-by: Evgeny Kravtsunov <emkravts@openvz.org>
Signed-off-by:
2023 Jun 19
4
[Bridge] [PATCH net-next v2 0/3, iproute2-next 0/1] bridge: Add a limit on learned FDB entries
Introduce a limit on the amount of learned FDB entries on a bridge,
configured by netlink with a build time default on bridge creation in
the kernel config.
For backwards compatibility the kernel config default is disabling the
limit (0).
Without any limit a malicious actor may OOM a kernel by spamming packets
with changing MAC addresses on their bridge port, so allow the bridge
creator to limit
2023 Jul 12
0
[Bridge] [PATCH v1 net] bridge: Return an error when enabling STP in netns.
On 12/07/2023 02:54, Kuniyuki Iwashima wrote:
> When we create an L2 loop on a bridge in netns, we will see packets storm
> even if STP is enabled.
>
> # unshare -n
> # ip link add br0 type bridge
> # ip link add veth0 type veth peer name veth1
> # ip link set veth0 master br0 up
> # ip link set veth1 master br0 up
> # ip link set br0 type bridge stp_state 1
2023 Jul 12
0
[Bridge] llc needs namespace awareness asap, was Re: Patch fixing STP if bridge in non-default namespace.
(CC'ing bridge maintainers.)
Kuniyuki Iwashima <kuniyu at amazon.com> writes:
> From: Harry Coin <hcoin at quietfountain.com>
> Date: Tue, 11 Jul 2023 16:40:03 -0500
>> On 7/11/23 15:44, Andrew Lunn wrote:
>> >>>>>> The current llc_rcv.c around line 166 in net/llc/llc_input.c has
>> >>>>>>
>>
2007 Apr 18
0
[Bridge] [PATCH] Fix deadlock in br_stp_disable_bridge
Looks like somebody forgot to use the _bh spin_lock variant. We ran into a
deadlock where br->hello_timer expired while br_stp_disable_br() walked
br->port_list. Anush can provide you with a test program.
Patch against 2.6.16-rc3 inlined.
diff -rup linux-2.6.16-rc3/net/bridge/br_stp_if.c
linux-2.6.16-rc3-brfix/net/bridge/br_stp_if.c
--- linux-2.6.16-rc3/net/bridge/br_stp_if.c
2007 Apr 18
0
[Bridge] [PATCH] Fix deadlock in br_stp_disable_bridge (2nd try)
Looks like somebody forgot to use the _bh spin_lock variant. We ran into a
deadlock where br->hello_timer expired while br_stp_disable_br() walked
br->port_list. Anush can provide you with a test program.
Patch against 2.6.16-rc3 inlined.
Signed-off-by: Adrian Drzewiecki
diff -rup linux-2.6.16-rc3/net/bridge/br_stp_if.c
linux-2.6.16-rc3-brfix/net/bridge/br_stp_if.c
---
2007 Apr 18
0
[Bridge] [PATCH] (4/11) bridge - ioctl cleanup and consolidation
Merge the ioctl stub calls that just end up calling the sub-function
to do the actual ioctl. Move br_get_XXX_ifindices into the ioctl file
as well where they can be static.
diff -Nru a/net/bridge/br_device.c b/net/bridge/br_device.c
--- a/net/bridge/br_device.c 2004-05-20 10:51:05 -07:00
+++ b/net/bridge/br_device.c 2004-05-20 10:51:05 -07:00
@@ -19,21 +19,6 @@
#include <asm/uaccess.h>
2013 Aug 26
0
[PATCH] bridge: separate querier and query timer into IGMP/IPv4 and MLD/IPv6 ones
Currently we would still potentially suffer multicast packet loss if there
is just either an IGMP or an MLD querier: For the former case, we would
possibly drop IPv6 multicast packets, for the latter IPv4 ones. This is
because we are currently assuming that if either an IGMP or MLD querier
is present that the other one is present, too.
This patch makes the behaviour and fix added in
"bridge:
2013 Feb 13
14
[Bridge] [PATCH v10 net-next 00/12] VLAN filtering/VLAN aware bridge
Changes since v9:
* series re-ordering so make functionality more distinct. Basic vlan
filtering is patches 1-4. Support for PVID/untagged vlans is patches
5 and 6. VLAN support for FDB/MDB is patches 7-11. Patch 12 is
still additional egress policy.
* Slight simplification to code that extracts the VID from skb. Since we
now depend on the vlan module, at the time of input skb_tci is
2013 Jan 09
16
[Bridge] [PATCH net-next V5 00/14] Add basic VLAN support to bridges
This series of patches provides an ability to add VLANs to the bridge
ports. This is similar to what can be found in most switches. The bridge
port may have any number of VLANs added to it including vlan 0 priority tagged
traffic. When vlans are added to the port, only traffic tagged with particular
vlan will forwarded over this port. Additionally, vlan ids are added to FDB
entries and become
2007 Apr 18
4
[Bridge] MTU Question
I have a bridge that has gigabit interfaces. The machine in question has the
fun job of being a Bridge, Firewall and SMB server. Both of the Gigabit
interfaces are connected to workstations directly via Xover cable (well
MDI-X to be exact). My question is, if I enable jumbo frames on the gigabit
interfaces will that make any difference in overall transfer rate of the
bridge? I was thinking it
2013 Apr 30
6
[Bridge] [PATCHv4 net-next 0/2] Add two new flags to bridge.
The following series adds 2 new flags to bridge. One flag allows
the user to control whether mac learning is performed on the interface
or not. By default mac learning is on.
The other flag allows the user to control whether unicast traffic
is flooded (send without an fdb) to a given unicast port. Default is
on.
Changes since v4:
- Implemented Stephen's suggestions.
Changes since v2:
-
2023 Jun 19
1
[Bridge] [PATCH net-next v2 1/3] bridge: Set BR_FDB_ADDED_BY_USER early in fdb_add_entry
This allows the called fdb_create to detect that the entry was added by
the user early in the process. This is in preparation to adding limits
in fdb_create that should not apply to user created fdb entries.
Signed-off-by: Johannes Nixdorf <jnixdorf-oss at avm.de>
---
Changes since v1:
- Added this change to ensure user added entries are not limited.
net/bridge/br_fdb.c | 6 +++---
1