git: kernel - Add a transparent MAC bridging feature to if_bridge
Matthew Dillon
dillon at crater.dragonflybsd.org
Sat Feb 19 13:10:14 PST 2011
commit be02a6a09a5d3fe2845dd2ac135fe8f23cfb1934
Author: Matthew Dillon <dillon at apollo.backplane.com>
Date: Sat Feb 19 12:57:56 2011 -0800
kernel - Add a transparent MAC bridging feature to if_bridge
* Defaults to non-transparent (historical) operation, which is safer.
Set link0 to use in transparent MAC mode.
* Transparent MAC mode will attempt to retain the MAC source in the
link address header when retransmitting a packet on a different
interface.
Only IP/IPV6 packets will retain the MAC. ARP and other ether types
will get the outgoing interface's MAC address, which is usually
desireable.
* Note that transparent MAC mode is a bit dangerous, which is why it
isn't turned on by default. If a packet with the originating MAC
winds up being sent out the same interface it came in on with the
MAC intact, any switches between the two boxes will suddenly think
the originating machine is somewhere else and will get confused.
The code tries to avoid this situation.
Bridging loops can also cause this sort of behavior even with the spanning
tree protocol. link0 is not recommended if you have loops.
* Coded because I needed this for braindead at&t uverse routers which
do MAC-based security and only allow one IP association for each MAC,
and whos firewalls cannot be completely disabled, and which cannot deal
with IPs on routed networks (it expects everything to be directly connected
on a switched network. sigh).
Summary of changes:
share/man/man4/bridge.4 | 19 +++++++++++++++++++
sys/net/bridge/if_bridge.c | 36 ++++++++++++++++++++++++++++++++++++
sys/net/pf/pf.c | 8 ++++++++
sys/sys/mbuf.h | 13 ++++++++++++-
4 files changed, 75 insertions(+), 1 deletions(-)
http://gitweb.dragonflybsd.org/dragonfly.git/commitdiff/be02a6a09a5d3fe2845dd2ac135fe8f23cfb1934
--
DragonFly BSD source repository
More information about the Commits
mailing list