[ovs-dev] [PATCH] packets: First-hop router redundancy protocol MAC addresses are not BPDUs.

Mehak Mahajan mmahajan at nicira.com
Wed Jul 25 20:12:13 UTC 2012


Hey Ben,

The patch looks good to me.

As a side note, I do not see the documentation about OVS not forwarding the
Extreme Discovery Protocol bpdus in vswitch.xml

thanx!
mehak

On Wed, Jul 25, 2012 at 12:59 PM, Ben Pfaff <blp at nicira.com> wrote:

> Commit c93f9a78c349 (packets: Update the reserved protocols list.) added
> a number of first-hop router redundancy protocol MAC addresses to the
> list of BPDU MAC addresses.  This means that packets destined to those MAC
> addresses are dropped when other-config:forward-bpdu is set to false on a
> bridge (the default setting).
>
> However, this behavior is incorrect, because these MAC addresses are not
> special in the way that, say, STP frames are special.  STP is a
> switch-to-switch protocol that end hosts have no use for, but end hosts do
> speak directly to routers on the MAC addresses assigned by VRRP and the
> other protocols in this category.  Therefore, dropping packets in this
> category means that end hosts can no longer talk to their first-hop router,
> if that router is running one of these protocols.
>
> Following this commit, OVS drops the following protocols when
> other-config:forward-bpdu is false:
>
>     - 01:08:c2:00:00:0x (STP, pause frames, other IEEE reserved protocols).
>     - 00:e0:2b:00:0x:xx (Extreme Discovery Protocol).
>     - 01:00:0c:00:00:00 (Cisco Inter Switch Link).
>     - 01:00:00:c.:c.:c. where each . is either c or d (CDP, VTP, DTP, PAgP,
>       PVSTP+, STP Uplink Fast, and others).
>
> Bug #12618.
> CC: Ben Basler <bbasler at nicira.com>
> Signed-off-by: Ben Pfaff <blp at nicira.com>
> ---
>  lib/packets.c        |   25 ++-----------------------
>  vswitchd/vswitch.xml |   16 ----------------
>  2 files changed, 2 insertions(+), 39 deletions(-)
>
> diff --git a/lib/packets.c b/lib/packets.c
> index 5729167..37a8593 100644
> --- a/lib/packets.c
> +++ b/lib/packets.c
> @@ -43,9 +43,8 @@ dpid_from_string(const char *s, uint64_t *dpidp)
>      return *dpidp != 0;
>  }
>
> -/* Returns true if 'ea' is a reserved multicast address, that a bridge
> must
> - * never forward, false otherwise.  Includes some proprietary vendor
> protocols
> - * that shouldn't be forwarded as well.
> +/* Returns true if 'ea' is a reserved address, that a bridge must never
> + * forward, false otherwise.
>   *
>   * If you change this function's behavior, please update corresponding
>   * documentation in vswitch.xml at the same time. */
> @@ -62,26 +61,6 @@ eth_addr_is_reserved(const uint8_t ea[ETH_ADDR_LEN])
>              {0x01, 0x08, 0xc2, 0x00, 0x00, 0x00},
>              {0xff, 0xff, 0xff, 0xff, 0xff, 0xf0}},
>
> -        { /* VRRP IPv4. */
> -            {0x00, 0x00, 0x5e, 0x00, 0x01, 0x00},
> -            {0xff, 0xff, 0xff, 0xff, 0xff, 0x00}},
> -
> -        { /* VRRP IPv6. */
> -            {0x00, 0x00, 0x5e, 0x00, 0x02, 0x00},
> -            {0xff, 0xff, 0xff, 0xff, 0xff, 0x00}},
> -
> -        { /* HSRPv1. */
> -            {0x00, 0x00, 0x0c, 0x07, 0xac, 0x00},
> -            {0xff, 0xff, 0xff, 0xff, 0xff, 0x00}},
> -
> -        { /* HSRPv2. */
> -            {0x00, 0x00, 0x0c, 0x9f, 0xf0, 0x00},
> -            {0xff, 0xff, 0xff, 0xff, 0xf0, 0x00}},
> -
> -        { /* GLBP. */
> -            {0x00, 0x07, 0xb4, 0x00, 0x00, 0x00},
> -            {0xff, 0xff, 0xff, 0x00, 0x00, 0x00}},
> -
>          { /* Extreme Discovery Protocol. */
>              {0x00, 0xE0, 0x2B, 0x00, 0x00, 0x00},
>              {0xff, 0xff, 0xff, 0xff, 0xf0, 0x00}},
> diff --git a/vswitchd/vswitch.xml b/vswitchd/vswitch.xml
> index e6ea844..ed92de1 100644
> --- a/vswitchd/vswitch.xml
> +++ b/vswitchd/vswitch.xml
> @@ -569,22 +569,6 @@
>            <dt><code>01:80:c2:00:00:0<var>x</var></code></dt>
>            <dd>Other reserved protocols.</dd>
>
> -          <dt><code>00:00:5e:00:01:<var>x</var><var>x</var></code></dt>
> -          <dd> VRRP IPv4 virtual router MAC address. </dd>
> -
> -          <dt><code>00:00:5e:00:02:<var>x</var><var>x</var></code></dt>
> -          <dd> VRRP IPv6 virtual router MAC address. </dd>
> -
> -          <dt><code>00:00:0c:07:ac:<var>x</var><var>x</var></code></dt>
> -          <dd> HSRP Version 1. </dd>
> -
> -
>  <dt><code>00:00:0c:9f:f<var>x</var>:<var>x</var><var>x</var></code>
> -          </dt>
> -          <dd> HSRP Version 2. </dd>
> -
> -
>  <dt><code>00:07:b4:<var>x</var><var>x</var>:<var>x</var><var>x</var>:<var>x</var><var>x</var></code></dt>
> -          <dd> GLBP. </dd>
> -
>            <dt><code>01:00:0c:cc:cc:cc</code></dt>
>            <dd>
>              Cisco Discovery Protocol (CDP), VLAN Trunking Protocol (VTP),
> --
> 1.7.2.5
>
> _______________________________________________
> dev mailing list
> dev at openvswitch.org
> http://openvswitch.org/mailman/listinfo/dev
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mail.openvswitch.org/pipermail/ovs-dev/attachments/20120725/59b23397/attachment-0003.html>


More information about the dev mailing list