Message ID | 4D5BADCF.5000804@ka9q.net |
---|---|
State | Rejected, archived |
Delegated to: | David Miller |
Headers | show |
On Wed, Feb 16, 2011 at 11:58 AM, Phil Karn <karn@ka9q.net> wrote: > The range check on vlan_id in register_vlan_device is off by one, and it > prevents the creation of a vlan interface for vlan ID 4095. (OSX allows > this, I checked.) Then OSX should fix their code. 4095 is reserved. //richard > Here's the trivial patch: > > --- linux-2.6.37/net/8021q/vlan.c~ 2011-01-04 16:50:19.000000000 -0800 > +++ linux-2.6.37/net/8021q/vlan.c 2011-02-16 02:43:13.988812958 -0800 > @@ -239,7 +239,7 @@ > char name[IFNAMSIZ]; > int err; > > - if (vlan_id >= VLAN_VID_MASK) > + if (vlan_id > VLAN_VID_MASK) > return -ERANGE; > > err = vlan_check_real_dev(real_dev, vlan_id); > -- > To unsubscribe from this list: send the line "unsubscribe netdev" in > the body of a message to majordomo@vger.kernel.org > More majordomo info at http://vger.kernel.org/majordomo-info.html >
On 16.02.2011 13:51, richard -rw- weinberger wrote: > On Wed, Feb 16, 2011 at 11:58 AM, Phil Karn <karn@ka9q.net> wrote: >> The range check on vlan_id in register_vlan_device is off by one, and it >> prevents the creation of a vlan interface for vlan ID 4095. (OSX allows >> this, I checked.) > > Then OSX should fix their code. 4095 is reserved. I agree. -- To unsubscribe from this list: send the line "unsubscribe netdev" in the body of a message to majordomo@vger.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html
On 2/16/11 4:51 AM, richard -rw- weinberger wrote: > On Wed, Feb 16, 2011 at 11:58 AM, Phil Karn <karn@ka9q.net> wrote: >> The range check on vlan_id in register_vlan_device is off by one, and it >> prevents the creation of a vlan interface for vlan ID 4095. (OSX allows >> this, I checked.) > > Then OSX should fix their code. 4095 is reserved. > If it's reserved, then it's up to the user to reserve it. I actually had reason to use this to fix a misconfigured host that was using vlan 4095. This got in my way. -- To unsubscribe from this list: send the line "unsubscribe netdev" in the body of a message to majordomo@vger.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html
On Wed, Feb 16, 2011 at 4:58 PM, Phil Karn <karn@ka9q.net> wrote: > On 2/16/11 4:51 AM, richard -rw- weinberger wrote: >> On Wed, Feb 16, 2011 at 11:58 AM, Phil Karn <karn@ka9q.net> wrote: >>> The range check on vlan_id in register_vlan_device is off by one, and it >>> prevents the creation of a vlan interface for vlan ID 4095. (OSX allows >>> this, I checked.) >> >> Then OSX should fix their code. 4095 is reserved. >> > > If it's reserved, then it's up to the user to reserve it. No. See: http://standards.ieee.org/getieee802/download/802.1Q-2005.pdf
On 2/16/11 8:10 AM, richard -rw- weinberger wrote: > On Wed, Feb 16, 2011 at 4:58 PM, Phil Karn <karn@ka9q.net> wrote: >> On 2/16/11 4:51 AM, richard -rw- weinberger wrote: >>> On Wed, Feb 16, 2011 at 11:58 AM, Phil Karn <karn@ka9q.net> wrote: >>>> The range check on vlan_id in register_vlan_device is off by one, and it >>>> prevents the creation of a vlan interface for vlan ID 4095. (OSX allows >>>> this, I checked.) >>> >>> Then OSX should fix their code. 4095 is reserved. >>> >> >> If it's reserved, then it's up to the user to reserve it. > > No. > > See: > http://standards.ieee.org/getieee802/download/802.1Q-2005.pdf > Well, then I guess we all know better than the user. That's the Windows Way...no, wait, I thought this is Linux. The fact is that I did encounter a misconfigured switch using vlan 4095, and because of this off-by-one error I was unable to talk to it and fix it. I was hoping I wouldn't have to patch every new kernel I install. -- To unsubscribe from this list: send the line "unsubscribe netdev" in the body of a message to majordomo@vger.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html
On Wed, Feb 16, 2011 at 5:28 PM, Phil Karn <karn@ka9q.net> wrote: > On 2/16/11 8:10 AM, richard -rw- weinberger wrote: >> On Wed, Feb 16, 2011 at 4:58 PM, Phil Karn <karn@ka9q.net> wrote: >>> On 2/16/11 4:51 AM, richard -rw- weinberger wrote: >>>> On Wed, Feb 16, 2011 at 11:58 AM, Phil Karn <karn@ka9q.net> wrote: >>>>> The range check on vlan_id in register_vlan_device is off by one, and it >>>>> prevents the creation of a vlan interface for vlan ID 4095. (OSX allows >>>>> this, I checked.) >>>> >>>> Then OSX should fix their code. 4095 is reserved. >>>> >>> >>> If it's reserved, then it's up to the user to reserve it. >> >> No. >> >> See: >> http://standards.ieee.org/getieee802/download/802.1Q-2005.pdf >> > > Well, then I guess we all know better than the user. That's the Windows > Way...no, wait, I thought this is Linux. > > The fact is that I did encounter a misconfigured switch using vlan 4095, > and because of this off-by-one error I was unable to talk to it and fix it. > > I was hoping I wouldn't have to patch every new kernel I install. > The switch violates the standard. Why should Linux also do so? This would only produce more broken VLANs...
Le mercredi 16 février 2011 à 08:28 -0800, Phil Karn a écrit : > On 2/16/11 8:10 AM, richard -rw- weinberger wrote: > > On Wed, Feb 16, 2011 at 4:58 PM, Phil Karn <karn@ka9q.net> wrote: > >> On 2/16/11 4:51 AM, richard -rw- weinberger wrote: > >>> On Wed, Feb 16, 2011 at 11:58 AM, Phil Karn <karn@ka9q.net> wrote: > >>>> The range check on vlan_id in register_vlan_device is off by one, and it > >>>> prevents the creation of a vlan interface for vlan ID 4095. (OSX allows > >>>> this, I checked.) > >>> > >>> Then OSX should fix their code. 4095 is reserved. > >>> > >> > >> If it's reserved, then it's up to the user to reserve it. > > > > No. > > > > See: > > http://standards.ieee.org/getieee802/download/802.1Q-2005.pdf > > > > Well, then I guess we all know better than the user. That's the Windows > Way...no, wait, I thought this is Linux. > > The fact is that I did encounter a misconfigured switch using vlan 4095, > and because of this off-by-one error I was unable to talk to it and fix it. > > I was hoping I wouldn't have to patch every new kernel I install. > You can use an OSX gateway ;) If we allow ID 4095, then some users will complain we violate rules. Really you cannot push this patch in official kernel only to ease your life ;) -- To unsubscribe from this list: send the line "unsubscribe netdev" in the body of a message to majordomo@vger.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html
2011/2/16 Eric Dumazet <eric.dumazet@gmail.com>: > Le mercredi 16 février 2011 à 08:28 -0800, Phil Karn a écrit : >> On 2/16/11 8:10 AM, richard -rw- weinberger wrote: >> > On Wed, Feb 16, 2011 at 4:58 PM, Phil Karn <karn@ka9q.net> wrote: >> >> On 2/16/11 4:51 AM, richard -rw- weinberger wrote: >> >>> On Wed, Feb 16, 2011 at 11:58 AM, Phil Karn <karn@ka9q.net> wrote: >> >>>> The range check on vlan_id in register_vlan_device is off by one, and it >> >>>> prevents the creation of a vlan interface for vlan ID 4095. (OSX allows >> >>>> this, I checked.) >> >>> >> >>> Then OSX should fix their code. 4095 is reserved. >> >> If it's reserved, then it's up to the user to reserve it. >> > No. >> > See: >> > http://standards.ieee.org/getieee802/download/802.1Q-2005.pdf >> Well, then I guess we all know better than the user. That's the Windows >> Way...no, wait, I thought this is Linux. >> >> The fact is that I did encounter a misconfigured switch using vlan 4095, >> and because of this off-by-one error I was unable to talk to it and fix it. >> >> I was hoping I wouldn't have to patch every new kernel I install. > You can use an OSX gateway ;) > > If we allow ID 4095, then some users will complain we violate rules. > > Really you cannot push this patch in official kernel only to ease your > life ;) The idea is that you don't have to use ID 4095 and if you don't - nothing's broken by just allowing it. The same goes with ID 0 - it's defined to be 802.1p packet, but people do use it as normal VLAN (especially with hardware that can cope with only small number of VLANs at once). Allowing it but with a big fat warning in logs is even better: "You want your network broken? Sure, can do, but you have been warned." Best Regards, Michał Mirosław -- To unsubscribe from this list: send the line "unsubscribe netdev" in the body of a message to majordomo@vger.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html
On Wednesday 16 February 2011 12:41:34 Michał Mirosław wrote: > 2011/2/16 Eric Dumazet <eric.dumazet@gmail.com>: > > Le mercredi 16 février 2011 à 08:28 -0800, Phil Karn a écrit : > >> On 2/16/11 8:10 AM, richard -rw- weinberger wrote: > >> > On Wed, Feb 16, 2011 at 4:58 PM, Phil Karn <karn@ka9q.net> wrote: > >> >> On 2/16/11 4:51 AM, richard -rw- weinberger wrote: > >> >>> On Wed, Feb 16, 2011 at 11:58 AM, Phil Karn <karn@ka9q.net> wrote: > >> >>>> The range check on vlan_id in register_vlan_device is off by one, and it > >> >>>> prevents the creation of a vlan interface for vlan ID 4095. (OSX allows > >> >>>> this, I checked.) > >> >>> > >> >>> Then OSX should fix their code. 4095 is reserved. > >> >> If it's reserved, then it's up to the user to reserve it. > >> > No. > >> > See: > >> > http://standards.ieee.org/getieee802/download/802.1Q-2005.pdf > >> Well, then I guess we all know better than the user. That's the Windows > >> Way...no, wait, I thought this is Linux. > >> > >> The fact is that I did encounter a misconfigured switch using vlan 4095, > >> and because of this off-by-one error I was unable to talk to it and fix it. > >> > >> I was hoping I wouldn't have to patch every new kernel I install. > > You can use an OSX gateway ;) > > > > If we allow ID 4095, then some users will complain we violate rules. > > > > Really you cannot push this patch in official kernel only to ease your > > life ;) > > The idea is that you don't have to use ID 4095 and if you don't - > nothing's broken by just allowing it. The same goes with ID 0 - it's > defined to be 802.1p packet, but people do use it as normal VLAN > (especially with hardware that can cope with only small number of > VLANs at once). > > Allowing it but with a big fat warning in logs is even better: "You > want your network broken? Sure, can do, but you have been warned." > On the other end of the spectrum, vconfig warns for vlan 1: bcook@bcook-box:~$ sudo vconfig add eth0 1 Added VLAN with VID == 1 to IF -:eth0:- WARNING: VLAN 1 does not work with many switches, consider another number if you have problems. bcook@bcook-box:~$ sudo vconfig add eth0 4095 ERROR: trying to add VLAN #4095 to IF -:eth0:- error: Numerical result out of range -- To unsubscribe from this list: send the line "unsubscribe netdev" in the body of a message to majordomo@vger.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html
On 2/21/11 11:26 AM, Brent Cook wrote: >> Allowing it but with a big fat warning in logs is even better: "You >> want your network broken? Sure, can do, but you have been warned." *By all means* have vconfig issue a warning for 4095 just as it already does for vlan 1. As I explained the only reason I wanted to do this was to talk to a piece of equipment that had been misconfigured to use vlan 4095 so I could fix it. At the time I was using a newly built Linux system running off a live CD, and only it had a physical network connection to the device I was trying to fix. I'm reminded of the classic example of an airliner that is so "smart" and "idiot proof" that it always disallows a throttle setting that might shorten the life of the engines. The designers hadn't considered the possibility that such a setting might be necessary to avoid a crash that, too, shortens engine life. The obvious answer is to allow it but make sure he knows what he's doing. So it takes noticeably more force to push the handles past the safe limits, but it can be done if you really want to. So if an airliner allows a command that might cause costly engine damage, I think Linux can allow a command that violates a usage convention written in a spec. With a warning, of course. -- To unsubscribe from this list: send the line "unsubscribe netdev" in the body of a message to majordomo@vger.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html
--- linux-2.6.37/net/8021q/vlan.c~ 2011-01-04 16:50:19.000000000 -0800 +++ linux-2.6.37/net/8021q/vlan.c 2011-02-16 02:43:13.988812958 -0800 @@ -239,7 +239,7 @@ char name[IFNAMSIZ]; int err; - if (vlan_id >= VLAN_VID_MASK) + if (vlan_id > VLAN_VID_MASK) return -ERANGE; err = vlan_check_real_dev(real_dev, vlan_id);