diff options
| author | Jesse Gross <jesse@nicira.com> | 2010-06-02 16:26:46 -0700 |
|---|---|---|
| committer | Jesse Gross <jesse@nicira.com> | 2010-06-03 19:46:44 -0700 |
| commit | 7febb9100b6a63aab46f8850de6de335f8a47345 (patch) | |
| tree | 5de263fd407f303de6975ba61aad7f0642d31260 /lib/mac-learning.h | |
| parent | b33c0ddb28655b5cc0dd851d3e26829a961c0e3d (diff) | |
bridge: Filter some gratuitous ARPs on bond slaves.
Normally we filter out packets received on a bond if we have
learned the source MAC as belonging to another port to avoid packets
sent on one slave and reflected back on another. The exception to
this is gratuitous ARPs because they indicate that the host
has moved to another port. However, this can result in an additional
problem on the switch that the host moved to if the gratuitous ARP is
reflected back on a bond slave. In this case, we incorrectly relearn
the slave as the source of the MAC address. To solve this, we lock the
learning entry for 5 seconds after receiving a gratuitous ARP against
further updates caused by gratuitous ARPs on bond slaves.
Bug #2516
Reported-by: Ian Campbell <ian.campbell@citrix.com>
Diffstat (limited to 'lib/mac-learning.h')
| -rw-r--r-- | lib/mac-learning.h | 20 |
1 files changed, 17 insertions, 3 deletions
diff --git a/lib/mac-learning.h b/lib/mac-learning.h index c4a0e28b..89a4e909 100644 --- a/lib/mac-learning.h +++ b/lib/mac-learning.h @@ -31,11 +31,22 @@ /* Time, in seconds, before expiring a mac_entry due to inactivity. */ #define MAC_ENTRY_IDLE_TIME 60 +/* Time, in seconds, to lock an entry updated by a gratuitous ARP to avoid + * relearning based on a reflection from a bond slave. */ +#define MAC_GRAT_ARP_LOCK_TIME 5 + +enum grat_arp_lock_type { + GRAT_ARP_LOCK_NONE, + GRAT_ARP_LOCK_SET, + GRAT_ARP_LOCK_CHECK +}; + /* A MAC learning table entry. */ struct mac_entry { struct list hash_node; /* Element in a mac_learning 'table' list. */ struct list lru_node; /* Element in 'lrus' or 'free' list. */ time_t expires; /* Expiration time. */ + time_t grat_arp_lock; /* Gratuitous ARP lock expiration time. */ uint8_t mac[ETH_ADDR_LEN]; /* Known MAC address. */ uint16_t vlan; /* VLAN tag. */ int port; /* Port on which MAC was most recently seen. */ @@ -61,12 +72,15 @@ bool mac_learning_set_flood_vlans(struct mac_learning *, unsigned long *bitmap); tag_type mac_learning_learn(struct mac_learning *, const uint8_t src[ETH_ADDR_LEN], uint16_t vlan, - uint16_t src_port); + uint16_t src_port, enum grat_arp_lock_type + lock_type); int mac_learning_lookup(const struct mac_learning *, - const uint8_t dst[ETH_ADDR_LEN], uint16_t vlan); + const uint8_t dst[ETH_ADDR_LEN], uint16_t vlan, + bool *is_grat_arp_locked); int mac_learning_lookup_tag(const struct mac_learning *, const uint8_t dst[ETH_ADDR_LEN], - uint16_t vlan, tag_type *tag); + uint16_t vlan, tag_type *tag, + bool *is_grat_arp_locked); void mac_learning_flush(struct mac_learning *); void mac_learning_run(struct mac_learning *, struct tag_set *); void mac_learning_wait(struct mac_learning *); |