ether_demux does not handle frames with embedded vlan tags
rozhuk.im at gmail.com
rozhuk.im at gmail.com
Tue Oct 18 23:38:14 UTC 2011
> ether_demux currently assumes that all vlan-tagged packets that it
> sees have had the vlan stripped out and the M_VLAN tag is set, so it
> never checks the ether type for a vlan. However ng_ether_rcv_upper
> currently does not guarantee that this is the case(and there may be
> other code paths where this is also true). Does anybody have any
> strong feelings as to where the fix should go? Making ether_demux
> handle it is guaranteed to catch all cases but it does add a bit more
> overhead to check for a vlan tag at each stage.
In what cases vlan-tagged packet can be received by ng_ether_rcv_upper ?
Another side of vlan and netgraph implementation problem is in: PR 152141
http://lists.freebsd.org/pipermail/freebsd-net/2011-February/027964.html
Tagget packet -> ether_input --> (M_VLANTAG set) --> ng_ether.lower -->
ng_bridge --> ng_ether.lower --> ether_output_frame --> ifp->if_transmit
Untagged packet may be transmitted.
ng_ether.lower and ether_output_frame does not check: is M_VLANTAG handled
by iface driver
IMHO ether_output_frame should do this check.
/*
* If underlying interface can not do VLAN tag insertion itself
* then attach a packet tag that holds it.
*/
if ((m->m_flags & M_VLANTAG) &&
(ifp->if_capenable & IFCAP_VLAN_HWTAGGING) == 0) {
m = ether_vlanencap(m, m->m_pkthdr.ether_vtag);
if (m == NULL) {
ifp->if_oerrors++;
return (ENOBUFS);
}
m->m_flags &= ~M_VLANTAG;
}
(from if_bridge.c)
--
Rozhuk Ivan
More information about the freebsd-net
mailing list