[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

kern/119744: if_bridge forwarding ethernet multicast frames



>Number:         119744
>Category:       kern
>Synopsis:       if_bridge forwarding ethernet multicast frames
>Confidential:   no
>Severity:       non-critical
>Priority:       medium
>Responsible:    freebsd-bugs
>State:          open
>Quarter:        
>Keywords:       
>Date-Required:
>Class:          sw-bug
>Submitter-Id:   current-users
>Arrival-Date:   Thu Jan 17 11:50:00 UTC 2008
>Closed-Date:
>Last-Modified:
>Originator:     Tom Judge
>Release:        HEAD
>Organization:
Mintel
>Environment:
N/A

>Description:
It would seem that if_bridge does not conform to IEEE 802.1D-2004, which states:

<quote>
7.12.6 Reserved addresses
Frames containing any of the group MAC Addresses specified in Table 7-10 in their destination address field shall not be relayed by the Bridge. They are configured in the Permanent Database. Management shall not provide the capability to modify or remove these entries from the Permanent or the Filtering Databases. These group MAC Addresses are reserved for assignment to standard protocols, according to the criteria for such assignments (Clause 5.5 of ISO/IEC TR 11802-2).
</quote>


<table 7-10>
                     Assignment                            Value
Bridge Group Address                              01-80-C2-00-00-00
IEEE Std 802.3x Full Duplex PAUSE operation       01-80-C2-00-00-01
IEEE Std 802.3ad Slow_Protocols_Multicast address 01-80-C2-00-00-02
IEEE P802.1X PAE address                          01-80-C2-00-00-03
Reserved for future standardization               01-80-C2-00-00-04
Reserved for future standardization               01-80-C2-00-00-05
Reserved for future standardization               01-80-C2-00-00-06
Reserved for future standardization               01-80-C2-00-00-07
Reserved for future standardization               01-80-C2-00-00-08
Reserved for future standardization               01-80-C2-00-00-09
Reserved for future standardization               01-80-C2-00-00-0A
Reserved for future standardization               01-80-C2-00-00-0B
Reserved for future standardization               01-80-C2-00-00-0C
Reserved for future standardization               01-80-C2-00-00-0D
Reserved for future standardization               01-80-C2-00-00-0E
Reserved for future standardization               01-80-C2-00-00-0F
</table 7-10> 

After an email to Andrew Thompson and net@ it was said that this was possibly a bug.  After taking a look into this issue it would seem the following takes place:

1) In net/if.c it would seem that the M_MCAST flag is set when the first octet of the destination address is 0x01 (Ethernet multicast bit?).

2) In net/if_bridge.c bridge_input the bridge interface checks for the BSTP address (01-80-C2-00-00-00) and passes packets to this address to bstp_input in net/bridgestp.c which returns null causing bridge_input to return and not forward the packet.

3) All other packets are forwarded to all interfaces in the bridge.


>How-To-Repeat:

>Fix:
It would seem that changing the check in bridge_input lines 2158 to 2166 to check the following:


if (eh->ether_dhost & 0xFFFFFFFFFFF0 == 0x0180C2000000) {
    if (memcmp(eh->ether_dhost, bstp_etheraddr,
                ETHER_ADDR_LEN) == 0) {
        m = bstp_input(&bif->bif_stp, ifp, m);
    }
    // bstp_input frees the packet after processing however we 
    // should never forward packets from this ethernet address 
    // range so free the packet and return
    if (m != NULL) {
        m_freem(m);
    }
    BRIDGE_UNLOCK(sc);
    return (NULL);
}


>Release-Note:
>Audit-Trail:
>Unformatted:
_______________________________________________
freebsd-bugs_(_at_)_freebsd_(_dot_)_org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-bugs
To unsubscribe, send any mail to "freebsd-bugs-unsubscribe_(_at_)_freebsd_(_dot_)_org"