kern/109815: wrong interface identifier at pfil_hooks for vlans
+ if_bridge
Bruce M. Simpson
bms at FreeBSD.org
Sun Mar 4 22:32:57 UTC 2007
Hi,
I haven't seen your patch, can you point me at it off-list? Thanks.
Eygene Ryabinkin wrote:
>
> I traced the current if_bridge.c behaviour to the NetBSD's if_bridge.c
> 1.9. This was the first version in that the firewall hooks were
> introduced. And the assumtion that the MAC identifies the physical
> interfaces was used in this first version.
>
> And a question: can anyone say if my patch will break some known
> good behaviour and if the current behaviour of if_bridge is based
> on some logic I am currently failing to understand.
>
I would greatly appreciate it if you could look at the combined
M_PROMISC and 802.1p patch, which rewrites ether_input() significantly.
It sounds like the issues you are having with vlans and bridges may
potentially be fixed by this patch, or that the fix may be incorporated
more easily with this patch.
In NetBSD, after if_bridge is given a chance to claim an input frame,
the ifp may be changed if the bridge needs to forward locally. M_PROMISC
is used to indicate that a frame was received promiscuously, in case
ether_input() re-enters itself with the same mbuf chain. Certain
consumers of ether_input() need to punch holes in the logic used to
detect if a frame was for us or not because they do funky things with
Ethernet destination addresses, e.g. carp.
Regards,
BMS
More information about the freebsd-net
mailing list