From nobody@FreeBSD.org  Thu Jan 17 11:49:46 2008
Return-Path: <nobody@FreeBSD.org>
Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34])
	by hub.freebsd.org (Postfix) with ESMTP id DFB2516A41B
	for <freebsd-gnats-submit@FreeBSD.org>; Thu, 17 Jan 2008 11:49:46 +0000 (UTC)
	(envelope-from nobody@FreeBSD.org)
Received: from www.freebsd.org (www.freebsd.org [IPv6:2001:4f8:fff6::21])
	by mx1.freebsd.org (Postfix) with ESMTP id D623113C467
	for <freebsd-gnats-submit@FreeBSD.org>; Thu, 17 Jan 2008 11:49:46 +0000 (UTC)
	(envelope-from nobody@FreeBSD.org)
Received: from www.freebsd.org (localhost [127.0.0.1])
	by www.freebsd.org (8.14.2/8.14.2) with ESMTP id m0HBmP6e018123
	for <freebsd-gnats-submit@FreeBSD.org>; Thu, 17 Jan 2008 11:48:25 GMT
	(envelope-from nobody@www.freebsd.org)
Received: (from nobody@localhost)
	by www.freebsd.org (8.14.2/8.14.1/Submit) id m0HBmPo7018122;
	Thu, 17 Jan 2008 11:48:25 GMT
	(envelope-from nobody)
Message-Id: <200801171148.m0HBmPo7018122@www.freebsd.org>
Date: Thu, 17 Jan 2008 11:48:25 GMT
From: Tom Judge <tom@tomjudge.com>
To: freebsd-gnats-submit@FreeBSD.org
Subject: if_bridge forwarding ethernet multicast frames
X-Send-Pr-Version: www-3.1
X-GNATS-Notify:

>Number:         119744
>Category:       kern
>Synopsis:       if_bridge forwarding ethernet multicast frames
>Confidential:   no
>Severity:       non-critical
>Priority:       medium
>Responsible:    thompsa
>State:          closed
>Quarter:        
>Keywords:       
>Date-Required:  
>Class:          sw-bug
>Submitter-Id:   current-users
>Arrival-Date:   Thu Jan 17 11:50:00 UTC 2008
>Closed-Date:    Fri Jun 06 21:59:54 UTC 2008
>Last-Modified:  Fri Jun 06 21:59:54 UTC 2008
>Originator:     Tom Judge
>Release:        HEAD
>Organization:
Mintel
>Environment:
N/A

>Description:
It would seem that if_bridge does not conform to IEEE 802.1D-2004, which states:

<quote>
7.12.6 Reserved addresses
Frames containing any of the group MAC Addresses specified in Table 7-10 in their destination address field shall not be relayed by the Bridge. They are configured in the Permanent Database. Management shall not provide the capability to modify or remove these entries from the Permanent or the Filtering Databases. These group MAC Addresses are reserved for assignment to standard protocols, according to the criteria for such assignments (Clause 5.5 of ISO/IEC TR 11802-2).
</quote>


<table 7-10>
                     Assignment                            Value
Bridge Group Address                              01-80-C2-00-00-00
IEEE Std 802.3x Full Duplex PAUSE operation       01-80-C2-00-00-01
IEEE Std 802.3ad Slow_Protocols_Multicast address 01-80-C2-00-00-02
IEEE P802.1X PAE address                          01-80-C2-00-00-03
Reserved for future standardization               01-80-C2-00-00-04
Reserved for future standardization               01-80-C2-00-00-05
Reserved for future standardization               01-80-C2-00-00-06
Reserved for future standardization               01-80-C2-00-00-07
Reserved for future standardization               01-80-C2-00-00-08
Reserved for future standardization               01-80-C2-00-00-09
Reserved for future standardization               01-80-C2-00-00-0A
Reserved for future standardization               01-80-C2-00-00-0B
Reserved for future standardization               01-80-C2-00-00-0C
Reserved for future standardization               01-80-C2-00-00-0D
Reserved for future standardization               01-80-C2-00-00-0E
Reserved for future standardization               01-80-C2-00-00-0F
</table 7-10> 

After an email to Andrew Thompson and net@ it was said that this was possibly a bug.  After taking a look into this issue it would seem the following takes place:

1) In net/if.c it would seem that the M_MCAST flag is set when the first octet of the destination address is 0x01 (Ethernet multicast bit?).

2) In net/if_bridge.c bridge_input the bridge interface checks for the BSTP address (01-80-C2-00-00-00) and passes packets to this address to bstp_input in net/bridgestp.c which returns null causing bridge_input to return and not forward the packet.

3) All other packets are forwarded to all interfaces in the bridge.


>How-To-Repeat:

>Fix:
It would seem that changing the check in bridge_input lines 2158 to 2166 to check the following:


if (eh->ether_dhost & 0xFFFFFFFFFFF0 == 0x0180C2000000) {
    if (memcmp(eh->ether_dhost, bstp_etheraddr,
                ETHER_ADDR_LEN) == 0) {
        m = bstp_input(&bif->bif_stp, ifp, m);
    }
    // bstp_input frees the packet after processing however we 
    // should never forward packets from this ethernet address 
    // range so free the packet and return
    if (m != NULL) {
        m_freem(m);
    }
    BRIDGE_UNLOCK(sc);
    return (NULL);
}


>Release-Note:
>Audit-Trail:
Responsible-Changed-From-To: freebsd-bugs->thompsa 
Responsible-Changed-By: remko 
Responsible-Changed-When: Thu Jan 17 13:40:49 UTC 2008 
Responsible-Changed-Why:  
Over to maintainer. 

http://www.freebsd.org/cgi/query-pr.cgi?pr=119744 

From: dfilter@FreeBSD.ORG (dfilter service)
To: bug-followup@FreeBSD.org
Cc:  
Subject: Re: kern/119744: commit references a PR
Date: Fri, 18 Jan 2008 00:19:15 +0000 (UTC)

 thompsa     2008-01-18 00:19:10 UTC
 
   FreeBSD src repository
 
   Modified files:
     sys/net              if_bridge.c 
   Log:
   IEEE 802.1D-2004 states, frames containing any of the group MAC Addresses
   specified in Table 7-10 in their destination address field shall not be relayed
   by the Bridge. Add a check in bridge_forward() to adhere to this.
   
   PR:             kern/119744
   
   Revision  Changes    Path
   1.111     +14 -1     src/sys/net/if_bridge.c
 _______________________________________________
 cvs-all@freebsd.org mailing list
 http://lists.freebsd.org/mailman/listinfo/cvs-all
 To unsubscribe, send any mail to "cvs-all-unsubscribe@freebsd.org"
 
State-Changed-From-To: open->patched 
State-Changed-By: thompsa 
State-Changed-When: Sat Jan 19 20:15:54 UTC 2008 
State-Changed-Why:  
Fixed in HEAD, awaiting mfc. Thanks for thr PR. 

http://www.freebsd.org/cgi/query-pr.cgi?pr=119744 

From: Gavin Atkinson <gavin@FreeBSD.org>
To: bug-followup@FreeBSD.org
Cc:  
Subject: Re: kern/119744: if_bridge forwarding ethernet multicast frames
Date: Fri, 06 Jun 2008 18:52:10 +0100

 This has been merged to RELENG_7 but not yet RELENG_6
State-Changed-From-To: patched->closed 
State-Changed-By: thompsa 
State-Changed-When: Fri Jun 6 21:59:30 UTC 2008 
State-Changed-Why:  
Merged to RELENG_6 now, thanks for the reminder. 

http://www.freebsd.org/cgi/query-pr.cgi?pr=119744 
>Unformatted:
