Re: Programming interface MAC filter without enabling PROMISC on an interface from user space.

Mon, 14 Jan 2008 10:39:46 -0800 

Bruce M. Simpson wrote:

Tom Judge wrote:
Thanks for the response. I have a quick grep of the src tree to find an example of this being used and only found the following from wpa_supplicant and I have a few questions: 

    * I am presuming that this will do what I want, am I correct?



Yes, it will attempt to add the given link layer multicast group to the 
ifnet's underlying device driver.



    * If I was only ever to add the address to an interface an never 
delete it would this cause any problems?  I.e. when lldpd ends, or is 
restarted and tries to add the address again?



SIOCADDMULTI is very low level, no resource tracking is performed; I 
changed its semantics to only allow one userland opener so that 
in-kernel refcounting would work, as there is no per-process or 
per-client resource tracking -- so it's a really good idea to clean up 
after it.





    * Alternatively is there a way to query the filter to ask what 
addresses it is currently programmed for?



Nope, there is no userland or kernel API for that unless you hack up the 
driver.






Ok, so if I can safely assume that the process sending/receiving the 
LLDP frames should always be running would it be safe to use a helper 
program to add the mac on system startup so it is always registered on 
particular interfaces for the uptime of the system rather than having 
the daemon add/remove the address on startup shutdown?  If not what 
problems would this create?



Personally I can't see why this approach would be a problem,  but I am 
not a expert.  The address is defined in IEEE Std 802.1D-2004 as to not 
be forwarded by bridges (which I interpret as it being link local in a 
sense as switches/bridges are not allowed to forward the frame), so I 
can't see it being a problem registered on multiple interfaces.



On a side note does anyone know if if_bridge will respect the standard 
and not forward this frame on to other interfaces?


Thanks again

Tom


_______________________________________________
freebsd-net@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-net
To unsubscribe, send any mail to "[EMAIL PROTECTED]"






















					Reply via email to