Skip site navigation (1)Skip section navigation (2) 
Date:      Mon, 5 Feb 2007 15:43:32 +0300
From:      Gleb Smirnoff <glebius@FreeBSD.org>
To:        Bruce M Simpson <bms@FreeBSD.org>
Cc:        cvs-src@FreeBSD.org, src-committers@FreeBSD.org, cvs-all@FreeBSD.org
Subject:   Re: cvs commit: src/sys/net if_tap.c
Message-ID:  <20070205124332.GG1621@FreeBSD.org>
In-Reply-To: <200702030257.l132vkfT089439@repoman.freebsd.org>
References:  <200702030257.l132vkfT089439@repoman.freebsd.org>
next in thread | previous in thread | raw e-mail | index | archive | help 
On Sat, Feb 03, 2007 at 02:57:46AM +0000, Bruce M Simpson wrote:
B> bms         2007-02-03 02:57:46 UTC
B> 
B>   FreeBSD src repository
B> 
B>   Modified files:
B>     sys/net              if_tap.c 
B>   Log:
B>   Drop unicast Ethernet frames not destined for the configured address
B>   of a tap(4) instance, if IFF_PROMISC is not set.
B>   
B>   In tap(4), we should emulate the effect IFF_PROMISC would have on
B>   hardware, otherwise we risk introducing layer 2 loops if tap(4) is
B>   used with bridges. This means not even bpf(4) gets to see them.
B>   
B>   This patch has been tested in a variety of situations. Multicast and
B>   broadcast frames are correctly allowed through. I have observed this
B>   behaviour causing problems with multiple QEMU instances hosted on
B>   the same FreeBSD machine.
B>   
B>   The checks in in ether_demux() [if_ethersubr.c, rev 1.222, line 638]
B>   are insufficient to prevent this bug from occurring, as ifp->if_vlantrunk
B>   will always be NULL for the non-vlan case.

btw, we have a strange situation with handling off non-broadcast
frames not destined to us in general.

In a case, when we have generic Ethernet in promisc, and received foreign
packets (on a hub, or a buggy switch), they are forwarded to ether_demux()
and to upper layers respectively. Isn't this incorrect?

Moreover, in case of promisc + net.inet.ip.forwarding=1 our box will resend
all the received foreign packets :(

What do you think about checking that (ether_dhost == ours || BCAST || MCAST)
before sending packet to ether_demux?

-- 
Totus tuus, Glebius.
GLEBIUS-RIPN GLEB-RIPE

Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20070205124332.GG1621>