From patchwork Sun Apr 12 23:50:33 2020 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 8bit X-Patchwork-Submitter: Bastien =?ISO-8859-1?Q?Roucari=E8s?= X-Patchwork-Id: 221257 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org X-Spam-Level: X-Spam-Status: No, score=-9.6 required=3.0 tests=DKIM_SIGNED,DKIM_VALID, DKIM_VALID_AU,FREEMAIL_FORGED_FROMDOMAIN,FREEMAIL_FROM, HEADER_FROM_DIFFERENT_DOMAINS, INCLUDES_PATCH, MAILING_LIST_MULTI, SIGNED_OFF_BY, SPF_HELO_NONE, SPF_PASS, USER_AGENT_GIT autolearn=ham autolearn_force=no version=3.4.0 Received: from mail.kernel.org (mail.kernel.org [198.145.29.99]) by smtp.lore.kernel.org (Postfix) with ESMTP id 0A770C2BB86 for ; Sun, 12 Apr 2020 23:51:18 +0000 (UTC) Received: from vger.kernel.org (unknown [209.132.180.67]) by mail.kernel.org (Postfix) with ESMTP id CFAD420708 for ; Sun, 12 Apr 2020 23:51:17 +0000 (UTC) Authentication-Results: mail.kernel.org; dkim=pass (2048-bit key) header.d=gmail.com header.i=@gmail.com header.b="oea72Bcu" DMARC-Filter: OpenDMARC Filter v1.3.2 mail.kernel.org CFAD420708 Authentication-Results: mail.kernel.org; dmarc=fail (p=none dis=none) header.from=gmail.com Authentication-Results: mail.kernel.org; spf=none smtp.mailfrom=netdev-owner@vger.kernel.org Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1726699AbgDLXvI (ORCPT ); Sun, 12 Apr 2020 19:51:08 -0400 Received: from lindbergh.monkeyblade.net ([23.128.96.18]:43006 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1726185AbgDLXvI (ORCPT ); Sun, 12 Apr 2020 19:51:08 -0400 Received: from mail-wm1-x344.google.com (mail-wm1-x344.google.com [IPv6:2a00:1450:4864:20::344]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 9BFACC014A42 for ; Sun, 12 Apr 2020 16:51:08 -0700 (PDT) Received: by mail-wm1-x344.google.com with SMTP id a201so8116226wme.1 for ; Sun, 12 Apr 2020 16:51:08 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025; h=from:to:cc:subject:date:message-id:in-reply-to:references :mime-version:content-transfer-encoding; bh=OrR8mrUnW362lQdb4We2NkPRtio4Wjh0QoUND2FRYh8=; b=oea72BcuwtbP9qvf23s83IczYrxSEKTYkiTfTsa/JVz3pmhX4yse2sjhhsIgxlZu9A 35cs0hErp+nJnXAGlk3flrWu/B02kfTkaC1elD+mzrcRF6XoZGfRIvDVaPjTP19wFiBr 7Jxzs3Yr5rhl0NHXPfNrr3m2Gcnv7B/8supqjgPhqCe3/+KTQs0h5NPmJss6/aHInFJJ XdGvUSsXoHT6OUfxO40pQftZFNJ8mdVw+Tu5dmjbT6PFjt9cPfvy4WEYPmjbJ+Arzk1q q7eCkmjqaYdLXp550PxIJfWE1Bdj9RTmvMqIx9/mwsm4lE8IPqnSsHvbOkpR1r/YCw2c weuw== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:from:to:cc:subject:date:message-id:in-reply-to :references:mime-version:content-transfer-encoding; bh=OrR8mrUnW362lQdb4We2NkPRtio4Wjh0QoUND2FRYh8=; b=nMvvO5Cy+lF0g4I9HjwRukKLI1U+Z743MMGuilDmdwtJA2BKT6I4xumO4FnuNMaptw qnjgUGKdj/lRsfARjDk6sKYjsrgBqz19PXNufjCJFwuKIURv1Osp4s37TvgdBnAdUADD w3/IDY0ULmEoJzn+raZJ5eRdQ88af8uKwrXFqbZ02zKyUlY9oheJQSi9KGhL3hOkQEJg mSpb6sC6d3Oz4DfmP8eXFuUQrwhORgc5YRYZOwxsudUge6X4kDSczVgdvMwq5CcmlOBU +98a+aQNRT8qt3a05TrU47lg7V6NVv0m8lVac9QcLHVe0uB0hnxheymtPtcU+cKnW+ad MN2w== X-Gm-Message-State: AGi0PuaVZbJ6/YEQLZMQeewQSdp55Js+duRdNaReO2Srpr8tdllpx+Si WmWoSL1HDfAiAlXeTvu35kNNGfcs X-Google-Smtp-Source: APiQypI9Qq5GO09Aq9Rc7IFBUShFyOy4BMU50ijU03Lk6avFrOf5vldITWPlOfZeNNk+s/rlXUn8LA== X-Received: by 2002:a7b:cb51:: with SMTP id v17mr15732971wmj.164.1586735466755; Sun, 12 Apr 2020 16:51:06 -0700 (PDT) Received: from localhost ([2a01:e35:2f01:a61:fc49:14b:88c:2a9c]) by smtp.gmail.com with ESMTPSA id j11sm12775829wrt.14.2020.04.12.16.51.05 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Sun, 12 Apr 2020 16:51:05 -0700 (PDT) From: roucaries.bastien@gmail.com X-Google-Original-From: rouca@debian.org To: netdev@vger.kernel.org Cc: sergei.shtylyov@cogentembedded.com, Stephen Hemminger , =?utf-8?q?Bastien_Roucari=C3=A8s?= Subject: [PATCH 1/6] Better documentation of mcast_to_unicast option Date: Mon, 13 Apr 2020 01:50:33 +0200 Message-Id: <20200412235038.377692-2-rouca@debian.org> X-Mailer: git-send-email 2.25.1 In-Reply-To: <20200412235038.377692-1-rouca@debian.org> References: <20200405134859.57232-1-rouca@debian.org> <20200412235038.377692-1-rouca@debian.org> MIME-Version: 1.0 Sender: netdev-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: netdev@vger.kernel.org From: Bastien Roucariès This option is useful for Wifi bridge but need some tweak. Document it from kernel patches documentation Signed-off-by: Bastien Roucariès --- man/man8/bridge.8 | 26 ++++++++++++++++++++++++++ 1 file changed, 26 insertions(+) diff --git a/man/man8/bridge.8 b/man/man8/bridge.8 index b9bd6bc5..ff6f6f37 100644 --- a/man/man8/bridge.8 +++ b/man/man8/bridge.8 @@ -383,6 +383,32 @@ there is no MDB entry. By default this flag is on. Controls whether a given port will replicate packets using unicast instead of multicast. By default this flag is off. +This is done by copying the packet per host and +changing the multicast destination MAC to a unicast one accordingly. + +.BR mcast_to_unicast +works on top of the multicast snooping feature of +the bridge. Which means unicast copies are only delivered to hosts which +are interested in it and signalized this via IGMP/MLD reports +previously. + +This feature is intended for interface types which have a more reliable +and/or efficient way to deliver unicast packets than broadcast ones +(e.g. WiFi). + +However, it should only be enabled on interfaces where no IGMPv2/MLDv1 +report suppression takes place. IGMP/MLD report suppression issue is usually +overcome by the network daemon (supplicant) enabling AP isolation and +by that separating all STAs. + +Delivery of STA-to-STA IP mulitcast is made possible again by +enabling and utilizing the bridge hairpin mode, which considers the +incoming port as a potential outgoing port, too (see +.B hairpin +option). +Hairpin mode is performed after multicast snooping, therefore leading to +only deliver reports to STAs running a multicast router. + .TP .BR "neigh_suppress on " or " neigh_suppress off " Controls whether neigh discovery (arp and nd) proxy and suppression is From patchwork Sun Apr 12 23:50:34 2020 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 8bit X-Patchwork-Submitter: Bastien =?ISO-8859-1?Q?Roucari=E8s?= X-Patchwork-Id: 221256 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org X-Spam-Level: X-Spam-Status: No, score=-9.6 required=3.0 tests=DKIM_SIGNED,DKIM_VALID, DKIM_VALID_AU,FREEMAIL_FORGED_FROMDOMAIN,FREEMAIL_FROM, HEADER_FROM_DIFFERENT_DOMAINS, INCLUDES_PATCH, MAILING_LIST_MULTI, SIGNED_OFF_BY, SPF_HELO_NONE, SPF_PASS, USER_AGENT_GIT autolearn=ham autolearn_force=no version=3.4.0 Received: from mail.kernel.org (mail.kernel.org [198.145.29.99]) by smtp.lore.kernel.org (Postfix) with ESMTP id 3B432C2BBFD for ; Sun, 12 Apr 2020 23:51:18 +0000 (UTC) Received: from vger.kernel.org (unknown [209.132.180.67]) by mail.kernel.org (Postfix) with ESMTP id 0B39220673 for ; Sun, 12 Apr 2020 23:51:18 +0000 (UTC) Authentication-Results: mail.kernel.org; dkim=pass (2048-bit key) header.d=gmail.com header.i=@gmail.com header.b="ZTlH25IJ" DMARC-Filter: OpenDMARC Filter v1.3.2 mail.kernel.org 0B39220673 Authentication-Results: mail.kernel.org; dmarc=fail (p=none dis=none) header.from=gmail.com Authentication-Results: mail.kernel.org; spf=none smtp.mailfrom=netdev-owner@vger.kernel.org Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1726706AbgDLXvM (ORCPT ); Sun, 12 Apr 2020 19:51:12 -0400 Received: from lindbergh.monkeyblade.net ([23.128.96.18]:43014 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1726185AbgDLXvM (ORCPT ); Sun, 12 Apr 2020 19:51:12 -0400 Received: from mail-wr1-x444.google.com (mail-wr1-x444.google.com [IPv6:2a00:1450:4864:20::444]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 0B766C0A3BE0 for ; Sun, 12 Apr 2020 16:51:11 -0700 (PDT) Received: by mail-wr1-x444.google.com with SMTP id a25so8661953wrd.0 for ; Sun, 12 Apr 2020 16:51:10 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025; h=from:to:cc:subject:date:message-id:in-reply-to:references :mime-version:content-transfer-encoding; bh=slVnfUhRk4UtJ3dM4QB6wg5FXPdqctew9ZDiOmN+D2Q=; b=ZTlH25IJZASekdyEvXOqY4lWrzw5ogbtm/g7jrk99rzJOEhDB1+Nf7vmXm93EMjcjB +N5PRp8hW/ezLl2dxsuGHI77mJD3pq9q99uSPQjf5fDjYKKTvMhgDpIANRRhUmPyzJKX Z3Nmzxy2sSr4PF/eDf3Nf2uuphsSQH5wArpoMkIr7NT0YpMEXGweoJyES8vdwo+sHzrQ kssGExAYp8TeFzC44Z4HPpYSQrdm8yaUKd6G+oubbgEVqxhLt7xRjD/sF5rBCDaFn8bq EqNTblcZQSIMVC03cILxZHCyHGvD/r5F+DYPbTMQu5R96vhgDo+7NY2rus+j++Mo+z+n VH/w== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:from:to:cc:subject:date:message-id:in-reply-to :references:mime-version:content-transfer-encoding; bh=slVnfUhRk4UtJ3dM4QB6wg5FXPdqctew9ZDiOmN+D2Q=; b=T35LVZ68CUg4ECmO6i+kKwC0T5Exx83Mn02FVH3aQC2nLU/0Z8l6VlSwbcSUtHBhhr S2e9uYAsFnfximY4xdc8Ir6oyKZkYagGcoAqPPX9M8yVVypauP3RLfDMgTmWVvWAC86w v1DF4dN6TZdwO3xYMFPM2qjk49K209EuV4h493Xll5dRuJwoui05kG1c23jQcFJpso5/ rV5r15NJgU5AsFhgAVfzFeCHMDe1nx6LbRpwkDumOAz4+NKbSjQx9AUc3w8dy5a+YoPP i0AkMIxlPwK1moE9V/ftM3qiEjOGLtzlK/e9ILurIRv4SCR4wfHscLhAKaO6Q5C8jjvl zaGQ== X-Gm-Message-State: AGi0PuaNK6caokhx4dwOGB+J8CnnxKerHU3Apuzj/IP3aGE7WpYXZS8o J9KjU51GkBk90Cg5Vu0NPtt77PMI X-Google-Smtp-Source: APiQypLFDbBco9G65NFIGa7YkEb5KhgXOvBM5rP7pM+0FPPXcQaDvypHvGTGvBSBoegfGbOvAxxjWg== X-Received: by 2002:adf:97d9:: with SMTP id t25mr5330987wrb.157.1586735469017; Sun, 12 Apr 2020 16:51:09 -0700 (PDT) Received: from localhost ([2a01:e35:2f01:a61:fc49:14b:88c:2a9c]) by smtp.gmail.com with ESMTPSA id k133sm13130272wma.0.2020.04.12.16.51.07 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Sun, 12 Apr 2020 16:51:07 -0700 (PDT) From: roucaries.bastien@gmail.com X-Google-Original-From: rouca@debian.org To: netdev@vger.kernel.org Cc: sergei.shtylyov@cogentembedded.com, Stephen Hemminger , =?utf-8?q?Bastien_Roucari=C3=A8s?= Subject: [PATCH 2/6] Improve hairpin mode description Date: Mon, 13 Apr 2020 01:50:34 +0200 Message-Id: <20200412235038.377692-3-rouca@debian.org> X-Mailer: git-send-email 2.25.1 In-Reply-To: <20200412235038.377692-1-rouca@debian.org> References: <20200405134859.57232-1-rouca@debian.org> <20200412235038.377692-1-rouca@debian.org> MIME-Version: 1.0 Sender: netdev-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: netdev@vger.kernel.org From: Bastien Roucariès Mention VEPA and reflective relay. Signed-off-by: Bastien Roucariès --- man/man8/bridge.8 | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) diff --git a/man/man8/bridge.8 b/man/man8/bridge.8 index ff6f6f37..584324b5 100644 --- a/man/man8/bridge.8 +++ b/man/man8/bridge.8 @@ -332,7 +332,9 @@ cause the port to stop processing STP BPDUs. .TP .BR "hairpin on " or " hairpin off " Controls whether traffic may be send back out of the port on which it was -received. By default, this flag is turned off and the bridge will not forward +received. This option is also called reflective relay mode, and is used to support +basic VEPA (Virtual Ethernet Port Aggregator) capabilities. +By default, this flag is turned off and the bridge will not forward traffic back out of the receiving port. .TP From patchwork Sun Apr 5 13:48:55 2020 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Bastien =?ISO-8859-1?Q?Roucari=E8s?= X-Patchwork-Id: 221425 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org X-Spam-Level: X-Spam-Status: No, score=-6.6 required=3.0 tests=DKIM_SIGNED,DKIM_VALID, DKIM_VALID_AU,FREEMAIL_FORGED_FROMDOMAIN,FREEMAIL_FROM, HEADER_FROM_DIFFERENT_DOMAINS, INCLUDES_PATCH, MAILING_LIST_MULTI, SPF_HELO_NONE, SPF_PASS, USER_AGENT_GIT autolearn=ham autolearn_force=no version=3.4.0 Received: from mail.kernel.org (mail.kernel.org [198.145.29.99]) by smtp.lore.kernel.org (Postfix) with ESMTP id CCEEDC2BA17 for ; Sun, 5 Apr 2020 13:50:06 +0000 (UTC) Received: from vger.kernel.org (vger.kernel.org [209.132.180.67]) by mail.kernel.org (Postfix) with ESMTP id A2D2220672 for ; Sun, 5 Apr 2020 13:50:06 +0000 (UTC) Authentication-Results: mail.kernel.org; dkim=pass (2048-bit key) header.d=gmail.com header.i=@gmail.com header.b="qolrEZU4" Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1726924AbgDENuF (ORCPT ); Sun, 5 Apr 2020 09:50:05 -0400 Received: from mail-wr1-f66.google.com ([209.85.221.66]:41094 "EHLO mail-wr1-f66.google.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1726628AbgDENuF (ORCPT ); Sun, 5 Apr 2020 09:50:05 -0400 Received: by mail-wr1-f66.google.com with SMTP id h9so14176285wrc.8 for ; Sun, 05 Apr 2020 06:50:02 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025; h=from:to:cc:subject:date:message-id:in-reply-to:references:reply-to :mime-version:content-transfer-encoding; bh=ry4zHGtI1LEhv5RTuXljYcf0btJzowLcpN4kd/wOMi0=; b=qolrEZU4h9jqi3SEuzv++Jx011/eHrhxgZaPmlU8eOOjKG2DiH3AMA+fN5T3JykTxw 1ioZj9ae+fZj78iCRaNdSrSnqwjqrWdH9jaEIy8yGNTRtQWOayxpSdOKj3RKlxOKfDLs Nxxy3T1Mmfrjyd+dQEW5/fFHiCf6mFHhr+PLqsVHzJs5oD6CDvs//HkeWx9tDJPiZZxp Mpn7jhUWJsPIEj1CFE/K6qy9vIxk3Gp9VYRN2TD26ex4LtihtO53PhMxSuIVHNUs21gC TD50PCx7NQUd+0x+uK035Jth6QONgJPGdVP39F3tHUNYKS0Pt2bQl6j98Jcv+T5p96YP pV8w== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:from:to:cc:subject:date:message-id:in-reply-to :references:reply-to:mime-version:content-transfer-encoding; bh=ry4zHGtI1LEhv5RTuXljYcf0btJzowLcpN4kd/wOMi0=; b=OGhVes9SAQXyTPaQBuCI5z+tC4N02Fsg2t5C9FzTCiEiY4MKPc4ZkXJXFNTFe0Rawc oHaMHp3fDBG9dOtc6JvGNMfpOJmEGefjAALQWGhZFqTHXxz3UEFnKiPSBb+ekDSRcJ3Z ABFR7Tfq5TqS5cEQ8fHrLFFkdPXq5T4mdw+rysNXsrsdBRjq8QX65kgxLZAo+EFS6RXM +6rGd/6dld+uRh5CtKkQ5f50V2H0ZoVYGgilktONxgnmwkwsEvK0yGcia8XDp1MfsaMv UngY3g9hxz8H6Mb/HsVJ5HUl4XTRvMFp2+s3OinHuaT6L/z+tfti5cjGdfjuvwkwRlCd 1J9A== X-Gm-Message-State: AGi0Pua+2z6lspwlODUPYkJnipYn4XnHqaMu2KVjX5Kv9hpiA7jVx9PU p9YUHluHz3CWxDLbN9YScix2i5VW X-Google-Smtp-Source: APiQypJnZOwute9toRBWCWfZ8tfd4U3lQMZi23RXctIdcNISDq8u/j8iM9j5CSgCk6VZYWYRMX1taQ== X-Received: by 2002:adf:edd0:: with SMTP id v16mr18526739wro.113.1586094601520; Sun, 05 Apr 2020 06:50:01 -0700 (PDT) Received: from localhost ([2a01:e35:2f01:a61:fc49:14b:88c:2a9c]) by smtp.gmail.com with ESMTPSA id y20sm11091609wmi.31.2020.04.05.06.49.59 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Sun, 05 Apr 2020 06:50:00 -0700 (PDT) From: "=?UTF-8?q?Bastien=20Roucari=C3=A8s?=" X-Google-Original-From: =?utf-8?q?Bastien_Roucari=C3=A8s?= To: netdev@vger.kernel.org Cc: =?utf-8?q?Bastien_Roucari=C3=A8s?= Subject: [PATCH iproute2 3/6] Document BPDU filter option Date: Sun, 5 Apr 2020 15:48:55 +0200 Message-Id: <20200405134859.57232-4-rouca@debian.org> X-Mailer: git-send-email 2.25.1 In-Reply-To: <20200405134859.57232-1-rouca@debian.org> References: <20200405134859.57232-1-rouca@debian.org> Reply-To: rouca@debian.org MIME-Version: 1.0 Sender: netdev-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: netdev@vger.kernel.org Disabled state is also BPDU filter --- man/man8/bridge.8 | 25 +++++++++++++++++++------ 1 file changed, 19 insertions(+), 6 deletions(-) diff --git a/man/man8/bridge.8 b/man/man8/bridge.8 index 4dc8a63c..c8e15416 100644 --- a/man/man8/bridge.8 +++ b/man/man8/bridge.8 @@ -293,32 +293,45 @@ droot port selectio algorithms. .TP .BI state " STATE " -the operation state of the port. This is primarily used by user space STP/RSTP +the operation state of the port. Except state 0 (disabled), +this is primarily used by user space STP/RSTP implementation. One may enter a lowercased port state name, or one of the numbers below. Negative inputs are ignored, and unrecognized names return an error. .B 0 -- port is DISABLED. Make this port completely inactive. +- port is in +.B DISABLED +state. Make this port completely inactive. This is also called +BPDU filter and could be used to disable STP on an untrusted port, like +a leaf virtual devices. .sp .B 1 -- STP LISTENING state. Only valid if STP is enabled on the bridge. In this +- STP +.B LISTENING +state. Only valid if STP is enabled on the bridge. In this state the port listens for STP BPDUs and drops all other traffic frames. .sp .B 2 -- STP LEARNING state. Only valid if STP is enabled on the bridge. In this +- STP +.B LEARNING +state. Only valid if STP is enabled on the bridge. In this state the port will accept traffic only for the purpose of updating MAC address tables. .sp .B 3 -- STP FORWARDING state. Port is fully active. +- STP +.B FORWARDING +state. Port is fully active. .sp .B 4 -- STP BLOCKING state. Only valid if STP is enabled on the bridge. This state +- STP +.B BLOCKING +state. Only valid if STP is enabled on the bridge. This state is used during the STP election process. In this state, port will only process STP BPDUs. .sp From patchwork Sun Apr 12 23:50:37 2020 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 8bit X-Patchwork-Submitter: Bastien =?ISO-8859-1?Q?Roucari=E8s?= X-Patchwork-Id: 221255 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org X-Spam-Level: X-Spam-Status: No, score=-9.6 required=3.0 tests=DKIM_SIGNED,DKIM_VALID, DKIM_VALID_AU,FREEMAIL_FORGED_FROMDOMAIN,FREEMAIL_FROM, HEADER_FROM_DIFFERENT_DOMAINS, INCLUDES_PATCH, MAILING_LIST_MULTI, SIGNED_OFF_BY, SPF_HELO_NONE, SPF_PASS, USER_AGENT_GIT autolearn=ham autolearn_force=no version=3.4.0 Received: from mail.kernel.org (mail.kernel.org [198.145.29.99]) by smtp.lore.kernel.org (Postfix) with ESMTP id 13FF0C2BB85 for ; Sun, 12 Apr 2020 23:52:48 +0000 (UTC) Received: from vger.kernel.org (unknown [209.132.180.67]) by mail.kernel.org (Postfix) with ESMTP id D025B20673 for ; Sun, 12 Apr 2020 23:52:47 +0000 (UTC) Authentication-Results: mail.kernel.org; dkim=pass (2048-bit key) header.d=gmail.com header.i=@gmail.com header.b="LWTrf8pv" DMARC-Filter: OpenDMARC Filter v1.3.2 mail.kernel.org D025B20673 Authentication-Results: mail.kernel.org; dmarc=fail (p=none dis=none) header.from=gmail.com Authentication-Results: mail.kernel.org; spf=none smtp.mailfrom=netdev-owner@vger.kernel.org Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1726736AbgDLXvR (ORCPT ); Sun, 12 Apr 2020 19:51:17 -0400 Received: from lindbergh.monkeyblade.net ([23.128.96.18]:43036 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1726185AbgDLXvR (ORCPT ); Sun, 12 Apr 2020 19:51:17 -0400 Received: from mail-wm1-x342.google.com (mail-wm1-x342.google.com [IPv6:2a00:1450:4864:20::342]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 67124C0A3BE0 for ; Sun, 12 Apr 2020 16:51:17 -0700 (PDT) Received: by mail-wm1-x342.google.com with SMTP id y24so8479098wma.4 for ; Sun, 12 Apr 2020 16:51:17 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025; h=from:to:cc:subject:date:message-id:in-reply-to:references :mime-version:content-transfer-encoding; bh=yeuAm93V6IpEC7hxCyYl+KMTNm6d7S6GxycZRvnFds8=; b=LWTrf8pvvN3hx5zvIy7WoVh0gYEFLT4wSOE+7kUGjogd/1AuOufzhKbHGeJ8r2Uh0W bZJHg7BIQQfrhuV7OyHlwSCcd8t7DWTVlEiLX77oU3Oz6hB0t3h81g4uKwrw0ppra4sS ABlsFeGptiQrb5a90v2e++YoWkG9FvJMbyWU9LDNnJpvLKK4SLfieZREoLKhtCqGGPVe REh+kmQ5Y0f0AwkfhJCUeEZVSpkrtDdXSiJTCIKCtbET3OoxufuBSq1lQxkz09r8BtZQ pWK5v21LqR9835POJNAzb0K7FVuho/H0iyjETz3HEgxX9ouyr2CGFwoXf962Cd330IWh isrQ== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:from:to:cc:subject:date:message-id:in-reply-to :references:mime-version:content-transfer-encoding; bh=yeuAm93V6IpEC7hxCyYl+KMTNm6d7S6GxycZRvnFds8=; b=oPoQW8wJfE/jYVvJwtvafXIOmLAU7FSm14KfFaLkcc8ntSK7KiYLdUe48nREcs1HnN 3C0nGimWESwBFzipMoWH99OZFMnN3pG5aJ4NGPRcgOVsvUYKIlLiZqc1ea6O2gBikUHk bvMPnmqvajNOIhhQVYTKcaHlp4Xl7/myO8HL13GOiUuO6rFWCgpznKJOIBhOVwPK4IrF Fg9skE7IMIeuIEbz+Oq2mcFCnMM9OULESu1ES0BVpgYlxMZgNJnjBeXfQF1SpVyOqyk/ 6+f7gPbn8+UrE1O9xyAuv3QtUnZSQtLcXrDonyLdPmW9hJCOy+CHWX/QeJZC2Ff+R6RL kD7g== X-Gm-Message-State: AGi0PubCuLwSLPKv94R49SdIO4B8qOGQbvsswKK/zHcOiV2ZPMi15jdt j6ajvW0yYv/kkGCR4oqCwN1DDosp X-Google-Smtp-Source: APiQypKYArWXzY7GWj7cL2QTXMX9oTs/ofWKVf9dKqysCXIVKpoA4KhbqcJ8o60fK8KyIN7CsRCiMg== X-Received: by 2002:a1c:7f91:: with SMTP id a139mr15405018wmd.164.1586735475580; Sun, 12 Apr 2020 16:51:15 -0700 (PDT) Received: from localhost ([2a01:e35:2f01:a61:fc49:14b:88c:2a9c]) by smtp.gmail.com with ESMTPSA id w11sm12100578wmi.32.2020.04.12.16.51.14 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Sun, 12 Apr 2020 16:51:14 -0700 (PDT) From: roucaries.bastien@gmail.com X-Google-Original-From: rouca@debian.org To: netdev@vger.kernel.org Cc: sergei.shtylyov@cogentembedded.com, Stephen Hemminger , =?utf-8?q?Bastien_Roucari=C3=A8s?= Subject: [PATCH 5/6] Document root_block option Date: Mon, 13 Apr 2020 01:50:37 +0200 Message-Id: <20200412235038.377692-6-rouca@debian.org> X-Mailer: git-send-email 2.25.1 In-Reply-To: <20200412235038.377692-1-rouca@debian.org> References: <20200405134859.57232-1-rouca@debian.org> <20200412235038.377692-1-rouca@debian.org> MIME-Version: 1.0 Sender: netdev-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: netdev@vger.kernel.org From: Bastien Roucariès Root_block is also called root port guard, document it. Signed-off-by: Bastien Roucariès --- man/man8/bridge.8 | 5 +++++ 1 file changed, 5 insertions(+) diff --git a/man/man8/bridge.8 b/man/man8/bridge.8 index 9bfd942f..ff6a5cc9 100644 --- a/man/man8/bridge.8 +++ b/man/man8/bridge.8 @@ -372,6 +372,11 @@ enabled on the bridge. By default the flag is off. Controls whether a given port is allowed to become root port or not. Only used when STP is enabled on the bridge. By default the flag is off. +This feature is also called root port guard. +If BPDU is received from a leaf (edge) port, it should not +be elected as root port. This could be used if using STP on a bridge and the downstream bridges are not fully +trusted; this prevents a hostile guest from rerouting traffic. + .TP .BR "learning on " or " learning off " Controls whether a given port will learn MAC addresses from received traffic or