Kasai Takanori
2008-Mar-04 11:35 UTC
[Xen-devel] [PATCH][RFC] Don''t receive an unrelated packet
Hi All, We are embarrassed about the problem of the network on Xen. The application where the problem occurs receives directly the RAW packet with dev_add_pack(). This application did not work on the PV domain and the PV-on-HVM domain. We investigated this problem. The packet of different MAC address was not expected for this application to be received. Because, physical NIC drops packet of different MAC address on Native Linux. Therefore, this application doesn''t check whether the MAC address of the received packet is the same. There is no problem because the packet of different MAC address is not transmitted from the bridge usually at all. However, when the bridge does the flooding, the packet is transmitted to all ports. Therefore, the packet of different mac address is received by the guest. The packet of different MAC address is dropped by the emulation of qemu-dm on the HVM domain. Therefore, the emulation of qemu-dm works like physical NIC. However, all packets are received for VNIF on the PV domain and PV-on-HVM. This application was received the packet of different MAC address and malfunctioned. Therefore, VNIF always works as promiscuous mode. We think whether VNIF should drop the packet on different MAC address. This patch was corrected to drop the packet with different MAC address with VNIF. Is there a problem though want to be corrected by us like this patch? Or, is it a specification of the network of Xen? Signed-off-by: Takanori Kasai <kasai.takanori@jp.fujitsu.com> Best Regards, -- Takanori Kasai _______________________________________________ Xen-devel mailing list Xen-devel@lists.xensource.com http://lists.xensource.com/xen-devel
Keir Fraser
2008-Mar-04 13:26 UTC
Re: [Xen-devel] [PATCH][RFC] Don''t receive an unrelated packet
It''s bogus that the application does not do this filtering itself. Even disregarding Xen, what if the application were run concurrently with a tcpdump session (or anything that enables promiscuous reception)? -- Keir On 4/3/08 11:35, "Kasai Takanori" <kasai.takanori@jp.fujitsu.com> wrote:> Hi All, > > We are embarrassed about the problem of the network on Xen. > The application where the problem occurs receives directly the RAW packet with > dev_add_pack(). > This application did not work on the PV domain and the PV-on-HVM domain. > > We investigated this problem. > > The packet of different MAC address was not expected for this application to > be > received. > Because, physical NIC drops packet of different MAC address on Native Linux. > Therefore, this application doesn''t check whether the MAC address of the > received packet is the same. > > There is no problem because the packet of different MAC address is not > transmitted from the bridge usually at all. > However, when the bridge does the flooding, the packet is transmitted to all > ports. > Therefore, the packet of different mac address is received by the guest. > > The packet of different MAC address is dropped by the emulation of qemu-dm on > the HVM domain. > Therefore, the emulation of qemu-dm works like physical NIC. > However, all packets are received for VNIF on the PV domain and PV-on-HVM. > This application was received the packet of different MAC address and > malfunctioned. > Therefore, VNIF always works as promiscuous mode. > > We think whether VNIF should drop the packet on different MAC address. > This patch was corrected to drop the packet with different MAC address with > VNIF. > > Is there a problem though want to be corrected by us like this patch? > Or, is it a specification of the network of Xen? > > Signed-off-by: Takanori Kasai <kasai.takanori@jp.fujitsu.com> > > Best Regards, > > -- > Takanori Kasai > _______________________________________________ > Xen-devel mailing list > Xen-devel@lists.xensource.com > http://lists.xensource.com/xen-devel_______________________________________________ Xen-devel mailing list Xen-devel@lists.xensource.com http://lists.xensource.com/xen-devel