[ovs-dev] [PATCH] packets: First-hop router redundancy protocol MAC addresses are not BPDUs.
Ben Pfaff
blp at nicira.com
Wed Jul 25 19:59:33 UTC 2012
Commit c93f9a78c349 (packets: Update the reserved protocols list.) added
a number of first-hop router redundancy protocol MAC addresses to the
list of BPDU MAC addresses. This means that packets destined to those MAC
addresses are dropped when other-config:forward-bpdu is set to false on a
bridge (the default setting).
However, this behavior is incorrect, because these MAC addresses are not
special in the way that, say, STP frames are special. STP is a
switch-to-switch protocol that end hosts have no use for, but end hosts do
speak directly to routers on the MAC addresses assigned by VRRP and the
other protocols in this category. Therefore, dropping packets in this
category means that end hosts can no longer talk to their first-hop router,
if that router is running one of these protocols.
Following this commit, OVS drops the following protocols when
other-config:forward-bpdu is false:
- 01:08:c2:00:00:0x (STP, pause frames, other IEEE reserved protocols).
- 00:e0:2b:00:0x:xx (Extreme Discovery Protocol).
- 01:00:0c:00:00:00 (Cisco Inter Switch Link).
- 01:00:00:c.:c.:c. where each . is either c or d (CDP, VTP, DTP, PAgP,
PVSTP+, STP Uplink Fast, and others).
Bug #12618.
CC: Ben Basler <bbasler at nicira.com>
Signed-off-by: Ben Pfaff <blp at nicira.com>
---
lib/packets.c | 25 ++-----------------------
vswitchd/vswitch.xml | 16 ----------------
2 files changed, 2 insertions(+), 39 deletions(-)
diff --git a/lib/packets.c b/lib/packets.c
index 5729167..37a8593 100644
--- a/lib/packets.c
+++ b/lib/packets.c
@@ -43,9 +43,8 @@ dpid_from_string(const char *s, uint64_t *dpidp)
return *dpidp != 0;
}
-/* Returns true if 'ea' is a reserved multicast address, that a bridge must
- * never forward, false otherwise. Includes some proprietary vendor protocols
- * that shouldn't be forwarded as well.
+/* Returns true if 'ea' is a reserved address, that a bridge must never
+ * forward, false otherwise.
*
* If you change this function's behavior, please update corresponding
* documentation in vswitch.xml at the same time. */
@@ -62,26 +61,6 @@ eth_addr_is_reserved(const uint8_t ea[ETH_ADDR_LEN])
{0x01, 0x08, 0xc2, 0x00, 0x00, 0x00},
{0xff, 0xff, 0xff, 0xff, 0xff, 0xf0}},
- { /* VRRP IPv4. */
- {0x00, 0x00, 0x5e, 0x00, 0x01, 0x00},
- {0xff, 0xff, 0xff, 0xff, 0xff, 0x00}},
-
- { /* VRRP IPv6. */
- {0x00, 0x00, 0x5e, 0x00, 0x02, 0x00},
- {0xff, 0xff, 0xff, 0xff, 0xff, 0x00}},
-
- { /* HSRPv1. */
- {0x00, 0x00, 0x0c, 0x07, 0xac, 0x00},
- {0xff, 0xff, 0xff, 0xff, 0xff, 0x00}},
-
- { /* HSRPv2. */
- {0x00, 0x00, 0x0c, 0x9f, 0xf0, 0x00},
- {0xff, 0xff, 0xff, 0xff, 0xf0, 0x00}},
-
- { /* GLBP. */
- {0x00, 0x07, 0xb4, 0x00, 0x00, 0x00},
- {0xff, 0xff, 0xff, 0x00, 0x00, 0x00}},
-
{ /* Extreme Discovery Protocol. */
{0x00, 0xE0, 0x2B, 0x00, 0x00, 0x00},
{0xff, 0xff, 0xff, 0xff, 0xf0, 0x00}},
diff --git a/vswitchd/vswitch.xml b/vswitchd/vswitch.xml
index e6ea844..ed92de1 100644
--- a/vswitchd/vswitch.xml
+++ b/vswitchd/vswitch.xml
@@ -569,22 +569,6 @@
<dt><code>01:80:c2:00:00:0<var>x</var></code></dt>
<dd>Other reserved protocols.</dd>
- <dt><code>00:00:5e:00:01:<var>x</var><var>x</var></code></dt>
- <dd> VRRP IPv4 virtual router MAC address. </dd>
-
- <dt><code>00:00:5e:00:02:<var>x</var><var>x</var></code></dt>
- <dd> VRRP IPv6 virtual router MAC address. </dd>
-
- <dt><code>00:00:0c:07:ac:<var>x</var><var>x</var></code></dt>
- <dd> HSRP Version 1. </dd>
-
- <dt><code>00:00:0c:9f:f<var>x</var>:<var>x</var><var>x</var></code>
- </dt>
- <dd> HSRP Version 2. </dd>
-
- <dt><code>00:07:b4:<var>x</var><var>x</var>:<var>x</var><var>x</var>:<var>x</var><var>x</var></code></dt>
- <dd> GLBP. </dd>
-
<dt><code>01:00:0c:cc:cc:cc</code></dt>
<dd>
Cisco Discovery Protocol (CDP), VLAN Trunking Protocol (VTP),
--
1.7.2.5
More information about the dev
mailing list