Programming interface MAC filter without enabling PROMISC on
an interface from user space.
Tom Judge
tom at tomjudge.com
Tue Jan 15 01:59:25 PST 2008
Bruce M. Simpson wrote:
> Tom Judge wrote:
<SNIP>
>> Personally I can't see why this approach would be a problem, but I am
>> not a expert. The address is defined in IEEE Std 802.1D-2004 as to
>> not be forwarded by bridges (which I interpret as it being link local
>> in a sense as switches/bridges are not allowed to forward the frame),
>> so I can't see it being a problem registered on multiple interfaces.
>
> SIOCADDMULTI memberships are specific to the interface you request them
> on. I can't speak for the bridging code -- I don't think it does any
> special handling of multicast frames, however I'm not sure if it's smart
> enough not to forward this group. Like IN_LOCALGROUP() it might need its
> own 'don't forward this' clause.
>
Just for the record it seems that if_bridge replaces the destination MAC
of a Ethernet multicast packet with its own MAC therefore making sure
that the packets are not forwarded. Andrew can you confirm this
assumption? (Based on sys/net/if_bridge.c lines 2011-2018 on RELENG_6_2)
Tom
More information about the freebsd-net
mailing list