Re: [PATCH next v4 5/6] bonding: Allow userspace to set actors' macaddr in an AD-system.

All of lore.kernel.org
 help / color / mirror / Atom feed

From: Nikolay Aleksandrov <nikolay@redhat.com>
To: Mahesh Bandewar <maheshb@google.com>,
	Jay Vosburgh <j.vosburgh@gmail.com>,
	Andy Gospodarek <andy@greyhouse.net>,
	Veaceslav Falico <vfalico@gmail.com>,
	David Miller <davem@davemloft.net>
Cc: Maciej Zenczykowski <maze@google.com>,
	netdev <netdev@vger.kernel.org>,
	Eric Dumazet <edumazet@google.com>
Subject: Re: [PATCH next v4 5/6] bonding: Allow userspace to set actors' macaddr in an AD-system.
Date: Wed, 18 Feb 2015 13:52:07 +0100	[thread overview]
Message-ID: <54E48AF7.3000403@redhat.com> (raw)
In-Reply-To: <1424243876-27174-1-git-send-email-maheshb@google.com>

On 02/18/2015 08:17 AM, Mahesh Bandewar wrote:
> In an AD system, the communication between actor and partner is the
> business between these two entities. In the current setup anyone on the
> same L2 can "guess" the LACPDU contents and then possibly send the
> spoofed LACPDUs and trick the partner causing connectivity issues for
> the AD system. This patch allows to use a random mac-address obscuring
> it's identity making it harder for someone in the L2 is do the same thing.
> 
> This patch allows user-space to choose the mac-address for the AD-system.
> This mac-address can not be NULL or a Multicast. If the mac-address is set
> from user-space; kernel will honor it and will not overwrite it. In the
> absence (value from user space); the logic will default to using the
> masters' mac as the mac-address for the AD-system.
> 
> It can be set using example code below -
> 
>    # modprobe bonding mode=4
>    # sys_mac_addr=$(printf '%02x:%02x:%02x:%02x:%02x:%02x' \
>                     $(( (RANDOM & 0xFE) | 0x02 )) \
>                     $(( RANDOM & 0xFF )) \
>                     $(( RANDOM & 0xFF )) \
>                     $(( RANDOM & 0xFF )) \
>                     $(( RANDOM & 0xFF )) \
>                     $(( RANDOM & 0xFF )))
>    # echo $sys_mac_addr > /sys/class/net/bond0/bonding/ad_actor_system
>    # echo +eth1 > /sys/class/net/bond0/bonding/slaves
>    ...
>    # ip link set bond0 up
> 
> Signed-off-by: Mahesh Bandewar <maheshb@google.com>
> ---
> v1:
>   Initial version
> v2:
>   Renamed ad_actor_system_mac_address to ad_actor_system
> v3:
>   Fixed commit message.
> v4:
>   Rebase
> 
>  Documentation/networking/bonding.txt | 12 ++++++++++++
>  drivers/net/bonding/bond_3ad.c       |  7 ++++++-
>  drivers/net/bonding/bond_main.c      |  1 +
>  drivers/net/bonding/bond_options.c   | 29 +++++++++++++++++++++++++++++
>  drivers/net/bonding/bond_procfs.c    |  6 ++++++
>  drivers/net/bonding/bond_sysfs.c     | 15 +++++++++++++++
>  include/net/bond_options.h           |  1 +
>  include/net/bonding.h                |  1 +
>  8 files changed, 71 insertions(+), 1 deletion(-)
> 
> diff --git a/Documentation/networking/bonding.txt b/Documentation/networking/bonding.txt
> index f19d888651b8..f0d93c58cdb0 100644
> --- a/Documentation/networking/bonding.txt
> +++ b/Documentation/networking/bonding.txt
> @@ -187,6 +187,18 @@ ad_actor_sys_prio
>  	This paramter has effect only in 802.3ad mode and is available through
>  	SysFs interface.
>  
> +ad_actor_system
> +
> +	In an AD system, this specifies the mac-address for the actor in
> +	protocol packet exchanges (LACPDUs). The value cannot be NULL or
> +	multicast. It is preferred to have the local-admin bit set for this
> +	mac but driver does not enforce it. If the value is not given then
> +	system defaults to using the masters' mac address as actors' system
> +	address.
> +
> +	This paramter has effect only in 802.3ad mode and is available through
s/paramter/parameter/

> +	SysFs interface.
> +

     prev parent reply	other threads:[~2015-02-18 12:52 UTC|newest]

Thread overview: 2+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2015-02-18  7:17 [PATCH next v4 5/6] bonding: Allow userspace to set actors' macaddr in an AD-system Mahesh Bandewar
2015-02-18 12:52 ` Nikolay Aleksandrov [this message]

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=54E48AF7.3000403@redhat.com \
    --to=nikolay@redhat.com \
    --cc=andy@greyhouse.net \
    --cc=davem@davemloft.net \
    --cc=edumazet@google.com \
    --cc=j.vosburgh@gmail.com \
    --cc=maheshb@google.com \
    --cc=maze@google.com \
    --cc=netdev@vger.kernel.org \
    --cc=vfalico@gmail.com \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link

Be sure your reply has a Subject: header at the top and a blank line before the message body.

This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.