Subject: carp on vlan: drop M_PROMISC before calling carp ?
To: None <tech-net@netbsd.org>
From: Manuel Bouyer <bouyer@antioche.eu.org>
List: tech-net
Date: 01/26/2007 01:11:38
--LZvS9be/3tNcYl/X
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
Hi,
trying to run carp interfaces on top of vlan interfaces I ran into
an issue: the packets for the carp interface are just dropped, they
never make it to the upper layer. I traked it down to the vlan interface
forwarding the packet to carp with M_PROMISC set, which is still here
when carp calls ether_input() again. This is a problem that also existed
for bridges; I applied the same fix: drop M_PROMISC before calling carp.
This works, and I also checked that when the carp interface is in BACKUP
state the packet is dropped. Does the attached patch make sense ?
--
Manuel Bouyer <bouyer@antioche.eu.org>
NetBSD: 26 ans d'experience feront toujours la difference
--
--LZvS9be/3tNcYl/X
Content-Type: text/plain; charset=us-ascii
Content-Disposition: attachment; filename=diff
Index: if_ethersubr.c
===================================================================
RCS file: /cvsroot/src/sys/net/if_ethersubr.c,v
retrieving revision 1.139.2.1
diff -u -r1.139.2.1 if_ethersubr.c
--- if_ethersubr.c 8 Jan 2007 22:19:57 -0000 1.139.2.1
+++ if_ethersubr.c 26 Jan 2007 00:04:55 -0000
@@ -715,10 +707,15 @@
{
#if NCARP > 0
- if (ifp->if_carp && ifp->if_type != IFT_CARP &&
- (carp_input(m, (u_int8_t *)&eh->ether_shost,
- (u_int8_t *)&eh->ether_dhost, eh->ether_type) == 0)) {
- return;
+ if (ifp->if_carp && ifp->if_type != IFT_CARP) {
+ /*
+ * clear M_PROMISC, in case the packets comes from a
+ * vlan
+ */
+ m->m_flags &= ~M_PROMISC;
+ if (carp_input(m, (u_int8_t *)&eh->ether_shost,
+ (u_int8_t *)&eh->ether_dhost, eh->ether_type) == 0)
+ return;
}
#endif /* NCARP > 0 */
if ((m->m_flags & (M_BCAST|M_MCAST)) == 0 &&
--LZvS9be/3tNcYl/X--