[ovs-dev] [cfm 2/4] cfm: No longer keep track of bad CCMs.
blp at nicira.com
Fri May 13 18:46:15 UTC 2011
That's perfect, thank you.
On Fri, May 13, 2011 at 11:42:35AM -0700, Ethan Jackson wrote:
> Thanks for the review.
> I added to the commented re-posted to the previous thread mention of
> unexpected MAID and unexpected MPID. I also moved it out of the inner
> if statement so it applies to the whole block.
> /* According to the 802.1ag specification, reception of a CCM with an
> * incorrect ccm_interval, unexpected MAID, or unexpected MPID should
> * trigger a fault. We ignore this requirement for several reasons.
> * Faults can cause a controller or Open vSwitch to make potentially
> * expensive changes to the network topology. It seems prudent to trigger
> * them judiciously, especially when CFM is used to check slave status of
> * bonds. Furthermore, faults can be maliciously triggered by crafting
> * invalid CCMs. */
> On Fri, May 13, 2011 at 10:16, Ben Pfaff <blp at nicira.com> wrote:
> > On Thu, May 12, 2011 at 02:44:11PM -0700, Ethan Jackson wrote:
> >> According to the 802.1ag specification, reception of a CCM from an
> >> unexpected source should trigger a fault. This patch causes the CFM
> >> module to simply warn instead. ?There are several reasons for this
> >> change outlined below.
> >> ? - Faults can cause controllers to make potentially expensive
> >> ? ? changes to the network topology.
> >> ? - Faults can be maliciously triggered by crafting invalid CCMs.
> >> ? - With this patch, cfm->fault and rmp->fault are only updated in
> >> ? ? cfm_run() making the code easier to debug and reason about.
> > This seems reasonable to me.
> > It might be a good idea to document these design decisions in the
> > code.
More information about the dev