Message ID | 20200405134859.57232-6-rouca@debian.org |
---|---|
State | Superseded |
Delegated to: | stephen hemminger |
Headers | show |
Series | [iproute2,1/6] Better documentation of mcast_to_unicast option | expand |
Hello! On 05.04.2020 16:48, Bastien Roucariès wrote: > Root_block is also called root guard, document it. ^ port? > Signed-off-by: Bastien Roucariès <rouca@debian.org> > --- > man/man8/bridge.8 | 5 +++++ > 1 file changed, 5 insertions(+) > > diff --git a/man/man8/bridge.8 b/man/man8/bridge.8 > index 53aebb60..96ea4827 100644 > --- a/man/man8/bridge.8 > +++ b/man/man8/bridge.8 > @@ -372,6 +372,11 @@ enabled on the bridge. By default the flag is off. > Controls whether a given port is allowed to become root port or not. Only used > when STP is enabled on the bridge. By default the flag is off. > > +This feature is also called root port guard. > +If BPDU is received from a leaf (edge) port, it should not > +be elected as root port. This could be used if using STP on a bridge and the downstream bridges are not fully > +trusted; this prevents a hostile guest for rerouting traffic. s/for/from/? [...] MBR, Sergei
diff --git a/man/man8/bridge.8 b/man/man8/bridge.8 index 53aebb60..96ea4827 100644 --- a/man/man8/bridge.8 +++ b/man/man8/bridge.8 @@ -372,6 +372,11 @@ enabled on the bridge. By default the flag is off. Controls whether a given port is allowed to become root port or not. Only used when STP is enabled on the bridge. By default the flag is off. +This feature is also called root port guard. +If BPDU is received from a leaf (edge) port, it should not +be elected as root port. This could be used if using STP on a bridge and the downstream bridges are not fully +trusted; this prevents a hostile guest for rerouting traffic. + .TP .BR "learning on " or " learning off " Controls whether a given port will learn MAC addresses from received traffic or
Root_block is also called root guard, document it. Signed-off-by: Bastien Roucariès <rouca@debian.org> --- man/man8/bridge.8 | 5 +++++ 1 file changed, 5 insertions(+)