[Bridge] Fw: [Bug 218047] New: linux network bridge kernel set group_fwd

All of lore.kernel.org
 help / color / mirror / Atom feed

* [Bridge] Fw: [Bug 218047] New: linux network bridge kernel set group_fwd_mask 65535
@ 2023-10-26 17:21 Stephen Hemminger
  0 siblings, 0 replies; only message in thread
From: Stephen Hemminger @ 2023-10-26 17:21 UTC (permalink / raw)
  To: razor, roopa; +Cc: bridge

The kernel intentionally does not allow forwarding of IEEE pause frames.
These need to be handled dropped in the bridge.
Any mask without bit 1 set should work.

Originally LACP, STP and MACPAUSE frames were always blocked and could not be
changed. The restriction was relaxed for LACP and STP frames.

Begin forwarded message:

Date: Thu, 26 Oct 2023 05:16:24 +0000
From: bugzilla-daemon@kernel.org
To: stephen@networkplumber.org
Subject: [Bug 218047] New: linux network bridge kernel set group_fwd_mask 65535


https://bugzilla.kernel.org/show_bug.cgi?id=218047

            Bug ID: 218047
           Summary: linux network bridge kernel set group_fwd_mask 65535
           Product: Networking
           Version: 2.5
          Hardware: All
                OS: Linux
            Status: NEW
          Severity: normal
          Priority: P3
         Component: Other
          Assignee: stephen@networkplumber.org
          Reporter: ne-vlezay80@yandex.ru
        Regression: No

If trying set the parameter from network bridge? going error:

[root@arch user]# ip link set bridge0  type bridge group_fwd_mask 65535
RTNETLINK answers: Invalid argument

setting this parameter is desirable if the switching is routed to a separate
virtual machine on the hypervisor, and on the host it looks like this:

ip link add dev ns-switch.0 up mtu 16384 master bridge0 type veth peer name
host0 address $SWMAC  netns switch mtu 16384
ip link add dev ns-host1.0 up mtu 16384 master bridge0 type veth peer name
host0 netns host1 mtu 16384
ip link add dev ns-host2.0 up mtu 16384 master bridge0 type veth peer name
host0 netns host2 mtu 16384
ip link add dev ns-host3.0 up mtu 16384 master bridge0 type veth peer name
host0 netns host3 mtu 16384
ip link add dev ns-host4.0 up mtu 16384 master bridge0 type veth peer name
host0 netns host4 mtu 16384

tc qdisc add dev ns-switch.0 handle ffff: ingress
tc qdisc add dev ns-host1.0 handle ffff: ingress
tc qdisc add dev ns-host2.0 handle ffff: ingress
tc qdisc add dev ns-host3.0 handle ffff: ingress
tc qdisc add dev ns-host4.0 handle ffff: ingress

tc qdisc add dev gt-ll0 handle ffff: ingress
tc qdisc add dev gt-ll0 handle 1: root htb default 10

tc qdisc add dev ns-switch.0 handle 1: root htb default 10
tc qdisc add dev ns-host1.0 handle 1: root htb default 10
tc qdisc add dev ns-host2.0 handle 1: root htb default 10
tc qdisc add dev ns-host3.0 handle 1: root htb default 10
tc qdisc add dev ns-host4.0 handle 1: root htb default 10


tc filter add dev ns-host1.0 parent ffff: prio 9 protocol all flower dst_mac
01:00:00:00:00:00/8 action vlan push id 10 action mirred egress redirect dev
gt-ll0
tc filter add dev ns-host2.0 parent ffff: prio 9 protocol all flower dst_mac
01:00:00:00:00:00/8 action vlan push id 11 action mirred egress redirect dev
gt-ll0
tc filter add dev ns-host3.0 parent ffff: prio 9 protocol all flower dst_mac
01:00:00:00:00:00/8 action vlan push id 12 action mirred egress redirect dev
gt-ll0
tc filter add dev ns-host4.0 parent ffff: prio 9 protocol all flower dst_mac
01:00:00:00:00:00/8 action vlan push id 13 action mirred egress redirect dev
gt-ll0

tc filter add dev ns-host1.0 parent ffff: prio 10 protocol all matchall action
vlan push id 10 
tc filter add dev ns-host2.0 parent ffff: prio 10 protocol all matchall action
vlan push id 11
tc filter add dev ns-host3.0 parent ffff: prio 10 protocol all matchall action
vlan push id 12
tc filter add dev ns-host4.0 parent ffff: prio 10 protocol all matchall action
vlan push id 13

tc filter add dev ns-host1.0 parent 1: prio 65535 protocol all matchall action
drop
tc filter add dev ns-host1.0 parent 1: prio 1 protocol 802.1Q flower vlan_id 10
action vlan pop

tc filter add dev ns-host2.0 parent 1: prio 65535 protocol all matchall action
drop
tc filter add dev ns-host2.0 parent 1: prio 1 protocol 802.1Q flower vlan_id 11
action vlan pop

tc filter add dev ns-host3.0 parent 1: prio 65535 protocol all matchall action
drop
tc filter add dev ns-host3.0 parent 1: prio 1 protocol 802.1Q flower vlan_id 12
action vlan pop

tc filter add dev ns-host4.0 parent 1: prio 65535 protocol all matchall action
drop
tc filter add dev ns-host4.0 parent 1: prio 1 protocol 802.1Q flower vlan_id 13
action vlan pop 

the config example from be network lab.

-- 
You may reply to this email to add a comment.

You are receiving this mail because:
You are the assignee for the bug.

^ permalink raw reply	[flat|nested] only message in thread

only message in thread, other threads:[~2023-10-26 17:21 UTC | newest]

Thread overview: (only message) (download: mbox.gz follow: Atom feed
-- links below jump to the message on this page --
2023-10-26 17:21 [Bridge] Fw: [Bug 218047] New: linux network bridge kernel set group_fwd_mask 65535 Stephen Hemminger

This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.