Re: [PATCH v2 2/2] bridge driver: don't masquerade local subnet broadcast/multicast packets

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



On 09/23/2013 08:01 PM, Laszlo Ersek wrote:
> On 09/23/13 16:46, Laine Stump wrote:
>
>> 2) Along with 255.255.255.255/32, I think this patch can/should also add
>> a "networkDirectedLocalBroadcast" (which will obviously need to be a
>> local variable and recomputed each time). This can be computed by ORing
>> the ip address of the network with ~netmask, then appending a 32 prefix.
>> So for example, the directed broadcast for 192.168.122.1/24 would be
>> 192.168.122.255/32.
> I have just finished implementing and testing this. And now I realize
> that such a rule is not necessary at all :)

Yes, I'm embarrassed to say you are correct. Mixed up memories combined
with reading through the BZ too quickly led me to the false recollection
that even traffic that remained on the local subnet was being port-mapped.

So you can just eliminate that part of the patch.


>
> Because, 192.168.122.255/32 actually *falls into* 192.168.122.0/24.
> Hence, the masquerading rules, which are restricted to
>
>   !192.168.122.0/24
>
> destination addresses, *ignore* 192.168.122.255/32 anyway.
>
> 255.255.255.255/32 is tricky because it never falls into the bridge's
> subnet numerically (consequently, it always matches the exclusive
> constraint), and yet it must not be masqueraded.
>
> I'm posting the v3 series anyway. It shouldn't be hard to trim it down
> for v4...
>
> Thanks,
> Laszlo
> .
>

--
libvir-list mailing list
libvir-list@xxxxxxxxxx
https://www.redhat.com/mailman/listinfo/libvir-list




[Index of Archives]     [Virt Tools]     [Libvirt Users]     [Lib OS Info]     [Fedora Users]     [Fedora Desktop]     [Fedora SELinux]     [Big List of Linux Books]     [Yosemite News]     [KDE Users]     [Fedora Tools]