[ovs-dev] [VLAN/SNAP 1/3] datapath: Fix handling of 802.1Q and SNAP headers.
Ben Pfaff
blp at nicira.com
Wed Aug 4 22:47:23 UTC 2010
On Wed, Aug 04, 2010 at 02:06:49PM -0700, Jesse Gross wrote:
> On Wed, Jul 28, 2010 at 2:01 PM, Ben Pfaff <blp at nicira.com> wrote:
>
> > The kernel and user datapaths have code that assumes that 802.1Q headers
> > are used only inside Ethernet II frames, not inside SNAP-encapsulated
> > frames. But the kernel and user flow_extract() implementations would
> > interpret 802.1Q headers inside SNAP headers as being valid VLANs. This
> > would cause packet corruption if any VLAN-related actions were to be taken,
> > so change the two flow_extract() implementations only to accept 802.1Q as
> > an Ethernet II frame type, not as a SNAP-encoded frame type.
> >
> > 802.1Q-2005 says that this is correct anyhow:
> >
> > Where the ISS instance used to transmit and receive tagged frames is
> > provided by a media access control method that can support Ethernet
> > Type encoding directly (e.g., is an IEEE 802.3 or IEEE 802.11 MAC) or
> > is media access method independent (e.g., 6.6), the TPID is Ethernet
> > Type encoded, i.e., is two octets in length and comprises solely the
> > assigned Ethernet Type value.
> >
> > Where the ISS instance is provided by a media access method that
> > cannot directly support Ethernet Type encoding (e.g., is an IEEE
> > 802.5 or FDDI MAC), the TPID is encoded according to the rule for
> > a Subnetwork Access Protocol (Clause 10 of IEEE Std 802) that
> > encapsulates Ethernet frames over LLC, and comprises the SNAP
> > header (AA-AA-03) followed by the SNAP PID (00-00-00) followed by
> > the two octets of the assigned Ethernet Type value.
> >
> > All of the media that OVS handles supports Ethernet Type fields, so to me
> > that means that we don't have to handle 802.1Q-inside-SNAP.
>
> I'm fairly certain that it is possible for us to receive non-Ethernet II
> 802.3 packets from legacy devices. This is really the only purpose of SNAP
> (I suppose that you could define your own protocol that doesn't have an
> EtherType and put it inside of SNAP but that seems like even more of an edge
> case), so if we are going to support SNAP in general then that implicitly
> means that we expect to potentially get non-Ethernet II frames. Linux may
> not really handle SNAP packets but it does at least check for them on
> Ethernet devices (in eth_type_trans()), which means that it thinks in might
> get them.
We have a function to compose SNAP non-Ethernet frames:
compose_benign_packet(). But I would certainly consider that an edge
case.
> > On the other hand, we *do* have to handle SNAP-inside-802.1Q, because this
> > is actually allowed by the standards. So this commit also adds that
> > support.
> >
>
> This seems like a really weird case to me as it implies that you have a
> device that supports an EtherType (because you are using it for the VLAN
> TPID) but the packet isn't using it inside the VLAN. The only use case that
> I can think of is if you have a legacy device connected to an access port of
> a modern switch and the switch is putting the SNAP encoded packets onto a
> VLAN. Is this the use case that you were imagining?
I think that there's some confusion here. I compiled a list of packet
framing formats that we are interested in, along with how they are
interpreted currently and how they would be interpreted after my commit
is applied, with an analysis of the changes. Here it is. Does this
clear the air? (I'll add this to the change log if we commit this.)
Common cases
------------
Ethernet
+------------+
1. |dst|src|TYPE|
+------------+
Ethernet LLC SNAP
+------------+ +--------+ +-----------+
2. |dst|src| len| |aa|aa|03| |000000|TYPE|
+------------+ +--------+ +-----------+
Ethernet 802.1Q
+------------+ +---------+
3. |dst|src|8100| |VLAN|TYPE|
+------------+ +---------+
Ethernet 802.1Q LLC SNAP
+------------+ +---------+ +--------+ +-----------+
4. |dst|src|8100| |VLAN| LEN| |aa|aa|03| |000000|TYPE|
+------------+ +---------+ +--------+ +-----------+
Unusual cases
-------------
Ethernet LLC SNAP 802.1Q
+------------+ +--------+ +-----------+ +---------+
5. |dst|src| len| |aa|aa|03| |000000|8100| |VLAN|TYPE|
+------------+ +--------+ +-----------+ +---------+
Ethernet LLC
+------------+ +--------+
6. |dst|src| len| |xx|xx|xx|
+------------+ +--------+
Ethernet LLC SNAP
+------------+ +--------+ +-----------+
7. |dst|src| len| |aa|aa|03| |xxxxxx|xxxx|
+------------+ +--------+ +-----------+
Ethernet 802.1Q LLC
+------------+ +---------+ +--------+
8. |dst|src|8100| |VLAN| LEN| |xx|xx|xx|
+------------+ +---------+ +--------+
Ethernet 802.1Q LLC SNAP
+------------+ +---------+ +--------+ +-----------+
9. |dst|src|8100| |VLAN| LEN| |aa|aa|03| |xxxxxx|xxxx|
+------------+ +---------+ +--------+ +-----------+
Behavior
--------
--------------- ---------------
Current Proposed
dl_type dl_vlan dl_type dl_vlan Notes
------- ------- ------- ------- -------------------------------------
1. TYPE ffff TYPE ffff no change
2. TYPE ffff TYPE ffff no change
3. TYPE VLAN TYPE VLAN no change
4. LEN VLAN TYPE VLAN proposal fixes behavior
5. TYPE VLAN 8100 ffff 802.1Q says this is invalid framing
6. 05ff ffff 05ff ffff no change
7. 05ff ffff 05ff ffff no change
8. LEN VLAN 05ff VLAN proposal fixes behavior
9. LEN VLAN 05ff VLAN proposal fixes behavior
More information about the dev
mailing list