Date: Mon, 12 Mar 2007 15:11:17 +0300 From: Eygene Ryabinkin <rea-fbsd@codelabs.ru> To: "Bruce M. Simpson" <bms@FreeBSD.org> Cc: rik@FreeBSD.org, freebsd-net@freebsd.org, glebius@FreeBSD.org, andre@FreeBSD.org, thompsa@FreeBSD.org Subject: Re: kern/109815: wrong interface identifier at pfil_hooks for vlans + if_bridge Message-ID: <20070312121117.GQ58523@codelabs.ru> In-Reply-To: <45F51F2B.5020906@FreeBSD.org> References: <E1HNbWw-000LoF-Bo@pobox.codelabs.ru> <45E9F1E8.2000802@inse.ru> <20070304160613.GN80319@codelabs.ru> <45EB4915.1090703@FreeBSD.org> <20070305145647.GT80319@codelabs.ru> <45EC3EFD.3000301@FreeBSD.org> <20070306073945.GR57456@codelabs.ru> <45ED900A.7050208@FreeBSD.org> <20070312092406.GJ58523@codelabs.ru> <45F51F2B.5020906@FreeBSD.org>
next in thread | previous in thread | raw e-mail | index | archive | help
Bruce, Mon, Mar 12, 2007 at 09:36:43AM +0000, Bruce M. Simpson wrote: > > >Speaking about vlan problems: the original problem is to do something > >with VLAN interfaces only because they are sharing the MAC of their > >physical parent. The problem itself is not VLAN-specific -- if there > >will be two physical interfaces with the same MACs and they will be > >bridged, the problem will still be here. > > > I see this also. > > What would be good is if there was a way to record additional > MAC addresses for each ifnet, in addition to the if_lladdr member. > This would cut down the cruft in ether_input(), if_bridge(4) > and possibly also carp(4). Am I understand you correctly that you want to see many MAC addresses on the physical interface that is 'hosting' VLAN interfaces and each VLAN if will have its own MAC? >For network cards with more than one perfect hash filter entry in the hardware, > programming these into the card would *perhaps* be more efficient when trying > to achieve line rate with gigabit and beyond. Sure, but for the commodity hardware it will be the overhead to go into the promiscious mode and to filter the packets by multiple MACs. Or you see any other way to do it on the software. > >This would most likely require an ABI change. The VLAN handling problem doesn't > go away; we will still need to check if a bridge member is a VLAN interface > because we can't uniquely key off the MAC as you point out. We're not checking if the interface member is a VLAN interface. We just do the generic checks for the incoming interface. rik@ will send the patch today, at least he just promised me ;)) The only problem that will stay here after our patch is that the pfil will see the 'logical' interface, not the physical one. And if the logical destination interface will have non-unique MAC, then we will again fail to get the right one. But this problem is only pfil-specific: the stack will get the packet in any way, but pfil will get the wrong interface (see rik's long mail in this thread). I did the patch that enables the pfil to see the physical incoming interface for the bridge (it adds one more pfil pass for the packet). I will raise the topic when our patch will be committed (or will not be committed ;((). -- Eygene
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20070312121117.GQ58523>