On Thu, Jan 17, 2013 at 12:40:32AM +0100, Marco Pfatschbacher wrote: > On Wed, Jan 16, 2013 at 10:56:25PM +0000, Stuart Henderson wrote: > > Daemons which send LLDP advertisements (e.g. ladvd and lldpd) need to > > send frames on trunk member ports in order that the individual port can > > be identified to the switch; currently there is a blanket restriction > > on sending via these ports, the following diff changes this to permit > > AF_UNSPEC and pseudo_AF_HDRCMPLT as suggested by Sten Spans (ladvd > > author). > > > > Comments? OK? > > Hmm, that feels a bit too unrestrictive. > I remember a cisco that was utterly confused when it received > STP on its trunkports. > I wonder if there's sth in the standard about extra traffic > on the trunkports. > > OTOH, if reyk@ only added the check as an extra safety net, > I'm fine with this. >
We could also check for the PACKET_TAG_DLT on the mbuf so we limit sending on the trunk ports to bpf only. IMO bpf is one of those tools that give you enough rope to do cool shit but also to hang yourself so that should be OK. > reyk? > > > > Index: if_ethersubr.c > > =================================================================== > > RCS file: /cvs/src/sys/net/if_ethersubr.c,v > > retrieving revision 1.152 > > diff -u -p -r1.152 if_ethersubr.c > > --- if_ethersubr.c 5 Oct 2012 17:17:04 -0000 1.152 > > +++ if_ethersubr.c 16 Jan 2013 22:51:19 -0000 > > @@ -227,7 +227,8 @@ ether_output(ifp0, m0, dst, rt0) > > #endif > > > > #if NTRUNK > 0 > > - if (ifp->if_type == IFT_IEEE8023ADLAG) > > + if (ifp->if_type == IFT_IEEE8023ADLAG && dst->sa_family != AF_UNSPEC > > + && dst->sa_family != pseudo_AF_HDRCMPLT) > > senderr(EBUSY); > > #endif > -- :wq Claudio
