From owner-freebsd-net@FreeBSD.ORG  Wed Oct 19 22:18:34 2011
Return-Path: <owner-freebsd-net@FreeBSD.ORG>
Delivered-To: freebsd-net@freebsd.org
Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34])
	by hub.freebsd.org (Postfix) with ESMTP id 7CB161065670
	for <freebsd-net@freebsd.org>; Wed, 19 Oct 2011 22:18:34 +0000 (UTC)
	(envelope-from juli@clockworksquid.com)
Received: from mail-wy0-f182.google.com (mail-wy0-f182.google.com
	[74.125.82.182])
	by mx1.freebsd.org (Postfix) with ESMTP id 127318FC08
	for <freebsd-net@freebsd.org>; Wed, 19 Oct 2011 22:18:33 +0000 (UTC)
Received: by wyi40 with SMTP id 40so2902569wyi.13
	for <freebsd-net@freebsd.org>; Wed, 19 Oct 2011 15:18:33 -0700 (PDT)
Received: by 10.227.179.76 with SMTP id bp12mr541999wbb.82.1319062713071; Wed,
	19 Oct 2011 15:18:33 -0700 (PDT)
MIME-Version: 1.0
Sender: juli@clockworksquid.com
Received: by 10.227.199.140 with HTTP; Wed, 19 Oct 2011 15:18:13 -0700 (PDT)
In-Reply-To: <CAFMmRNxeiQF=iBDAQT4fQjvmmTA6=ygsEJQfAJW=Go1tSTtQSg@mail.gmail.com>
References: <CAFMmRNz2Gqmk7wmiA83eQZfR9Rkcro9seD5ORYRHxKhZV+aR9Q@mail.gmail.com>
	<4e9e0de3.4364cc0a.38b5.ffffc94f@mx.google.com>
	<CAFMmRNxMPh9SOwXHR8uWqNMR=ns5HfFzb2OiB=wC2Kn+61PKbQ@mail.gmail.com>
	<4e9e6ba6.c972cd0a.3d45.ffffd504@mx.google.com>
	<CAFMmRNxoJafz9kz66sQXVYcsvd-tr8wqkh_-BbfhHD8RqRygKA@mail.gmail.com>
	<CACVs6=_6gHDay96a=pSw6Un_6fh=fuAew=DWYvWokBnyA=Y7Lg@mail.gmail.com>
	<CAFMmRNxeiQF=iBDAQT4fQjvmmTA6=ygsEJQfAJW=Go1tSTtQSg@mail.gmail.com>
From: Juli Mallett <jmallett@FreeBSD.org>
Date: Wed, 19 Oct 2011 15:18:13 -0700
X-Google-Sender-Auth: 11fJXDqusxF2MC4jhxOAnkWFGSE
Message-ID: <CACVs6=8Q6bAGSZ1O87G7x+aHq1hwf+-gFASCbWXpGB++NvN_NQ@mail.gmail.com>
To: Ryan Stone <rysto32@gmail.com>
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: quoted-printable
Cc: freebsd-net <freebsd-net@freebsd.org>, Rozhuk.IM@gmail.com
Subject: Re: ether_demux does not handle frames with embedded vlan tags
X-BeenThere: freebsd-net@freebsd.org
X-Mailman-Version: 2.1.5
Precedence: list
List-Id: Networking and TCP/IP with FreeBSD <freebsd-net.freebsd.org>
List-Unsubscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-net>,
	<mailto:freebsd-net-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/freebsd-net>
List-Post: <mailto:freebsd-net@freebsd.org>
List-Help: <mailto:freebsd-net-request@freebsd.org?subject=help>
List-Subscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-net>,
	<mailto:freebsd-net-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Wed, 19 Oct 2011 22:18:34 -0000

On Wed, Oct 19, 2011 at 14:47, Ryan Stone <rysto32@gmail.com> wrote:
> On Wed, Oct 19, 2011 at 3:30 PM, Juli Mallett <jmallett@freebsd.org> wrot=
e:
>> Why should the requirements for the Netgraph path be any different to
>> the non-Netgraph path? =C2=A0If drivers must ensure that frames that rea=
ch
>> ether_demux have had their VLAN tags stripped, so should Netgraph
>> things that act like drivers. =C2=A0So why don't you move that logic int=
o
>> ether_demux from the ether_input path, or have Netgraph use the
>> ether_input path?
>
> Netgraph can't use the ether_input path because ether_input passes the
> packet to the lower hook. =C2=A0It also passes the packet to things like
> carp or if_bridge if necessary. =C2=A0I'm not sure whether it is intended
> behaviour that the upper hook bypasses carp and if_bridge.
>
> if_bridge also depends on the vlan stripping behaviour, so vlan
> stripping cannot be moved to ether_demux without re-implementing it in
> bridge_input.

This seems like a good argument for a flag like M_SKIPFIREWALL (or
whatever it's called these days) that says that the packet was
injected by an upper layer (in general, not just netgraph), which in
the netgraph case could skip the lower filter.  That would be
considerably more consistent with how other Ethernet devices work,
which would be an improvement over the current short-circuit to
ether_demux.