[ovs-dev] [cfm 2/4] cfm: No longer keep track of bad CCMs.

Ben Pfaff blp at nicira.com
Fri May 13 18:46:15 UTC 2011


That's perfect, thank you.

On Fri, May 13, 2011 at 11:42:35AM -0700, Ethan Jackson wrote:
> Thanks for the review.
> 
> I added to the commented re-posted to the previous thread mention of
> unexpected MAID and unexpected MPID.  I also moved it out of the inner
> if statement so it applies to the whole block.
> 
>     /* According to the 802.1ag specification, reception of a CCM with an
>      * incorrect ccm_interval, unexpected MAID, or unexpected MPID should
>      * trigger a fault.  We ignore this requirement for several reasons.
>      *
>      * Faults can cause a controller or Open vSwitch to make potentially
>      * expensive changes to the network topology.  It seems prudent to trigger
>      * them judiciously, especially when CFM is used to check slave status of
>      * bonds. Furthermore, faults can be maliciously triggered by crafting
>      * invalid CCMs. */
> 
> Ethan
> 
> On Fri, May 13, 2011 at 10:16, Ben Pfaff <blp at nicira.com> wrote:
> > On Thu, May 12, 2011 at 02:44:11PM -0700, Ethan Jackson wrote:
> >> According to the 802.1ag specification, reception of a CCM from an
> >> unexpected source should trigger a fault. This patch causes the CFM
> >> module to simply warn instead. ?There are several reasons for this
> >> change outlined below.
> >>
> >> ? - Faults can cause controllers to make potentially expensive
> >> ? ? changes to the network topology.
> >> ? - Faults can be maliciously triggered by crafting invalid CCMs.
> >> ? - With this patch, cfm->fault and rmp->fault are only updated in
> >> ? ? cfm_run() making the code easier to debug and reason about.
> >
> > This seems reasonable to me.
> >
> > It might be a good idea to document these design decisions in the
> > code.
> >



More information about the dev mailing list