[ovs-dev] [cfm 1/4] cfm: No longer trigger fault upon unexpected ccm_interval.

Ben Pfaff blp at nicira.com
Fri May 13 18:37:25 UTC 2011


That's good, thank you.

On Fri, May 13, 2011 at 11:31:42AM -0700, Ethan Jackson wrote:
> Thanks for the review.  I changed the comment in the code to the following.
> 
>                 /* According to the 802.1ag specification, reception of a CCM
>                  * with an incorrect ccm_interval should trigger a fault.  We
>                  * ignore this requirement for several reasons.
>                  *
>                  * Faults can cause a controller or Open vSwitch to make
>                  * potentially expensive changes to the network topology.  It
>                  * seems prudent to trigger them judiciously, especially when
>                  * CFM is used to check slave status of bonds. Furthermore,
>                  * faults can be maliciously triggered by crafting invalid
>                  * CCMs. */
> 
> On Fri, May 13, 2011 at 10:05, Ben Pfaff <blp at nicira.com> wrote:
> > On Thu, May 12, 2011 at 02:44:10PM -0700, Ethan Jackson wrote:
> >> According to the 802.1ag specification, when a CCM is received
> >> which advertises a misconfigured transmission interval, a fault
> >> should be triggered. ?This patch goes against the spec by simply
> >> warning when this happens. ?This is done for several reasons.
> >>
> >> ? - Faults can cause controllers to make potentially expensive
> >> ? ? changes in the network topology.
> >> ? - Faults can be maliciously triggered by crafting invalid CCMs.
> >> ? - Reducing the number of places in the code where rmp->fault and
> >> ? ? cfm->fault are changed makes the code easier to debug and
> >> ? ? reason about.
> >
> > I think that the change is OK but the comment in the code itself
> > should list at least the first two reasons above, not just the third,
> > which isn't nearly as good as rationale.
> >
> > Thanks,
> >
> > Ben.
> >



More information about the dev mailing list