headers
David Miller | 1 Dec 2011 05:02
Favicon

Re: [PATCH] bridge: Cannot communicate with brX when its MAC address is changed

From: Koki Sanagi <sanagi.koki <at> jp.fujitsu.com>
Date: Wed, 30 Nov 2011 17:31:18 +0900

> When the MAC address of a bridge interface is changed, it cannot communicate
> with others. Because Whether or not a packet should be transferred to bridge
> interface depends on whether or not dst of a packet is in fdb and is_local=y.
> If we change MAC address of a bridge interface, it isn't in fdb.
> 
> This patch adds an condition that dst of a packet matches MAC address of
> a bridge interface to the conventional condition.
> 
> Signed-off-by: Koki Sanagi <sanagi.koki <at> jp.fujitsu.com>

This looks like a patch I've seen before, and in any event it makes
more sense to update the FDB when the MAC changes instead of adding a
special bypass rule.

Stephen?

> ---
>  net/bridge/br_input.c |    3 ++-
>  1 files changed, 2 insertions(+), 1 deletions(-)
> 
> diff --git a/net/bridge/br_input.c b/net/bridge/br_input.c
> index 5a31731..4e5c862 100644
> --- a/net/bridge/br_input.c
> +++ b/net/bridge/br_input.c
>  <at>  <at>  -94,7 +94,8  <at>  <at>  int br_handle_frame_finish(struct sk_buff *skb)
>  			skb2 = skb;
>
(Continue reading)

Permalink | Reply | 0 comments |
headers
Stephen Hemminger | 1 Dec 2011 18:21
Favicon

Re: [PATCH] bridge: Cannot communicate with brX when its MAC address is changed

On Wed, 30 Nov 2011 17:31:18 +0900
Koki Sanagi <sanagi.koki <at> jp.fujitsu.com> wrote:

> When the MAC address of a bridge interface is changed, it cannot communicate
> with others. Because Whether or not a packet should be transferred to bridge
> interface depends on whether or not dst of a packet is in fdb and is_local=y.
> If we change MAC address of a bridge interface, it isn't in fdb.
> 
> This patch adds an condition that dst of a packet matches MAC address of
> a bridge interface to the conventional condition.
> 
> Signed-off-by: Koki Sanagi <sanagi.koki <at> jp.fujitsu.com>
> ---
>  net/bridge/br_input.c |    3 ++-
>  1 files changed, 2 insertions(+), 1 deletions(-)
> 
> diff --git a/net/bridge/br_input.c b/net/bridge/br_input.c
> index 5a31731..4e5c862 100644
> --- a/net/bridge/br_input.c
> +++ b/net/bridge/br_input.c
>  <at>  <at>  -94,7 +94,8  <at>  <at>  int br_handle_frame_finish(struct sk_buff *skb)
>  			skb2 = skb;
>  
>  		br->dev->stats.multicast++;
> -	} else if ((dst = __br_fdb_get(br, dest)) && dst->is_local) {
> +	} else if ((dst = __br_fdb_get(br, dest) && dst->is_local) ||
> +		   !compare_ether_addr(p->br->dev->dev_addr, dest)) {
>  		skb2 = skb;
>  		/* Do not forward the packet since it's local. */
>  		skb = NULL;
(Continue reading)

Permalink | Reply | 0 comments |
headers
David Miller | 1 Dec 2011 19:02
Favicon

Re: [PATCH] bridge: Cannot communicate with brX when its MAC address is changed

From: Stephen Hemminger <shemminger <at> vyatta.com>
Date: Thu, 1 Dec 2011 09:21:06 -0800

> Looked into using fdb to handle this, but then there would be fdb entries
> where the destination port entry was either NULL (or a dummy), and that
> would require a bunch of auditing of all usages and could introduce new
> bugs.
> 
> I am testing a patch that does same thing by moving compare_ether up
> to where broadcast is tested.

Stephen please fix this bug correctly.

The bug is that the FDB gets updated with the initial MAC address, but
doesn't get updated when the MAC address changes.

There is no other valid fix than to update the FDB when the MAC changes,
and making whatever is necessary for that to work.

I'm not applying a patch that adds a MAC address comparison here, because
you might was well not add the FDB entry in the first place if you're
going to add a hack like that.
Permalink | Reply | 0 comments |
headers
Stephen Hemminger | 1 Dec 2011 19:44
Favicon

Re: [PATCH] bridge: master device stuck in no-carrier state forever when in user-stp mode

On Fri, 25 Nov 2011 12:16:37 +0200
Vitalii Demianets <vitas <at> nppfactor.kiev.ua> wrote:

> When in user-stp mode, bridge master do not follow state of its slaves, so 
> after the following sequence of events it can stuck forever in no-carrier 
> state:
> 1) turn stp off
> 2) put all slaves down - master device will follow their state and also go in 
> no-carrier state
> 3) turn stp on with bridge-stp script returning 0 (go to the user-stp mode)
> Now bridge master won't follow slaves' state and will never reach running 
> state.
> 
> This patch solves the problem by making user-stp and kernel-stp behavior 
> similar regarding master following slaves' states.
> 
> Signed-off-by: Vitalii Demianets <vitas <at> nppfactor.kiev.ua>

This method works fine. David please apply to -net.

Acked-by: Stephen Hemminger <shemminger <at> vyatta.com>
Permalink | Reply | 1 comment |
headers
David Miller | 1 Dec 2011 20:05
Favicon

Re: [PATCH] bridge: master device stuck in no-carrier state forever when in user-stp mode

From: Stephen Hemminger <shemminger <at> vyatta.com>
Date: Thu, 1 Dec 2011 10:44:09 -0800

> On Fri, 25 Nov 2011 12:16:37 +0200
> Vitalii Demianets <vitas <at> nppfactor.kiev.ua> wrote:
> 
>> When in user-stp mode, bridge master do not follow state of its slaves, so 
>> after the following sequence of events it can stuck forever in no-carrier 
>> state:
>> 1) turn stp off
>> 2) put all slaves down - master device will follow their state and also go in 
>> no-carrier state
>> 3) turn stp on with bridge-stp script returning 0 (go to the user-stp mode)
>> Now bridge master won't follow slaves' state and will never reach running 
>> state.
>> 
>> This patch solves the problem by making user-stp and kernel-stp behavior 
>> similar regarding master following slaves' states.
>> 
>> Signed-off-by: Vitalii Demianets <vitas <at> nppfactor.kiev.ua>
> 
> This method works fine. David please apply to -net.
> 
> Acked-by: Stephen Hemminger <shemminger <at> vyatta.com>

Done.
Permalink | Reply | 0 comments |
headers
Vitalii Demianets | 13 Dec 2011 10:36
Picon
Gravatar

[PATCH] bridge: push blocking slaves to forwarding when turning stp off

If there is a slave in blocking state when stp is turned off, that slave will 
remain in blocking state for indefinitely long time until interface state 
changed. We should push all blocking slaves into forwarding state after 
turning stp off.

Signed-off-by: Vitalii Demianets <vitas <at> nppfactor.kiev.ua>

---
 net/bridge/br_stp.c    |    5 ++++-
 net/bridge/br_stp_if.c |   10 +++++-----
 2 files changed, 9 insertions(+), 6 deletions(-)

diff --git a/net/bridge/br_stp.c b/net/bridge/br_stp.c
index dd147d7..aed7e21 100644
--- a/net/bridge/br_stp.c
+++ b/net/bridge/br_stp.c
 <at>  <at>  -415,7 +415,10  <at>  <at>  void br_port_state_selection(struct net_bridge *br)
 			} else {
 				p->config_pending = 0;
 				p->topology_change_ack = 0;
-				br_make_blocking(p);
+				if(br->stp_enabled == BR_NO_STP)
+					br_make_forwarding(p);
+				else
+					br_make_blocking(p);
 			}
 		}

diff --git a/net/bridge/br_stp_if.c b/net/bridge/br_stp_if.c
index 19308e3..38d8dd7 100644
(Continue reading)

Permalink | Reply | 6 comments |
headers
Stephen Hemminger | 14 Dec 2011 01:16
Favicon

Re: [PATCH] bridge: push blocking slaves to forwarding when turning stp off

On Tue, 13 Dec 2011 11:36:25 +0200
Vitalii Demianets <vitas <at> nppfactor.kiev.ua> wrote:

> If there is a slave in blocking state when stp is turned off, that slave will 
> remain in blocking state for indefinitely long time until interface state 
> changed. We should push all blocking slaves into forwarding state after 
> turning stp off.
> 
> Signed-off-by: Vitalii Demianets <vitas <at> nppfactor.kiev.ua>

Maybe. But if the port was in the blocking state then STP must have
decided there was a loop in the network if that port was used.
Therefore blindly putting the port into forwarding state could cause
disastrous network flood.

The user can force the port back out of blocking state (via sysfs).
Permalink | Reply | 5 comments |
headers
Vitalii Demianets | 14 Dec 2011 10:32
Picon
Gravatar

Re: [PATCH] bridge: push blocking slaves to forwarding when turning stp off

On Wednesday 14 December 2011 02:16:13 Stephen Hemminger wrote:
> On Tue, 13 Dec 2011 11:36:25 +0200
>
> Vitalii Demianets <vitas <at> nppfactor.kiev.ua> wrote:
> > If there is a slave in blocking state when stp is turned off, that slave
> > will remain in blocking state for indefinitely long time until interface
> > state changed. We should push all blocking slaves into forwarding state
> > after turning stp off.
> >
> > Signed-off-by: Vitalii Demianets <vitas <at> nppfactor.kiev.ua>
>
> Maybe. But if the port was in the blocking state then STP must have
> decided there was a loop in the network if that port was used.
> Therefore blindly putting the port into forwarding state could cause
> disastrous network flood.
>
>
> The user can force the port back out of blocking state (via sysfs).
>

1) That blocking state in the absence of STP is not stable. It will eventually 
flip to forwarding sooner or later on the first call of 
br_port_state_selection(). For example, when user changes MAC address on 
another slave. Or even worse - when any other slave of the bridge changes its 
carrier state. Don't think user wants such unpredictable state changes.

2) There is also another drawback of not pushing ports into forwarding state 
after turning off USER_STP mode. Possible scenario is:
  a) bridge in USER_STP mode, all ports are in non-forwarding state (blocking, 
learning)
(Continue reading)

Permalink | Reply | 4 comments |
headers
Vitalii Demianets | 20 Dec 2011 11:59
Picon
Gravatar

Re: [PATCH] bridge: push blocking slaves to forwarding when turning stp off

Hello, Stephen!
I can not understand your silence.
There are issues fixed by the patch in question. For example, if the interface 
is left in blocking state after stp was turned off, that state is not 
stable - it can flip to forwarding state in unpredictable times, e.g. when 
_any other_ slave of the bridge goes up or down. Do you think user wants 
exactly that unpredictable state change?
Also, the code in question in function br_stp_stop(), namely 
br_port_state_selection(br) call, does exactly nothing except wasting cpu 
cycles. Isn't it worth fixing?

--

-- 
Vitalii Demianets
Permalink | Reply | 3 comments |
headers
Stephen Hemminger | 20 Dec 2011 19:11
Favicon

Re: [PATCH] bridge: push blocking slaves to forwarding when turning stp off

On Tue, 20 Dec 2011 12:59:11 +0200
Vitalii Demianets <vitas <at> nppfactor.kiev.ua> wrote:

> Hello, Stephen!
> I can not understand your silence.
> There are issues fixed by the patch in question. For example, if the interface 
> is left in blocking state after stp was turned off, that state is not 
> stable - it can flip to forwarding state in unpredictable times, e.g. when 
> _any other_ slave of the bridge goes up or down. Do you think user wants 
> exactly that unpredictable state change?
> Also, the code in question in function br_stp_stop(), namely 
> br_port_state_selection(br) call, does exactly nothing except wasting cpu 
> cycles. Isn't it worth fixing?
> 

I had to go do real work last week.
Let me test and look at it more detail.
There is no urgency, the problem has existed for many years.
Permalink | Reply | 0 comments |

Gmane