[Bug 256850] poor mac address distribution for if_tap

From: <bugzilla-noreply_at_freebsd.org>
Date: Sat, 26 Jun 2021 19:55:34 +0000
https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=256850

            Bug ID: 256850
           Summary: poor mac address distribution for if_tap
           Product: Base System
           Version: 12.2-RELEASE
          Hardware: Any
                OS: Any
            Status: New
          Severity: Affects Only Me
          Priority: ---
         Component: kern
          Assignee: bugs_at_FreeBSD.org
          Reporter: maxim.shalomikhin_at_kaspersky.com

Created attachment 226064
  --> https://bugs.freebsd.org/bugzilla/attachment.cgi?id=226064&action=edit
Patch for sys/net/if_ethersubr.c

I have a system with about 300 tap interfaces (openvpn tunnels) combined in one
bridge. After upgrading from releng/11.4 to releng/12.2 I noticed a lot of
repeated MAC (ether) addresses on tap interfaces.

How to reproduce:
On FreeBSD 12 or 13, create ~100 tap interfaces, then check MACs for
uniqueness:
ifconfig -a | grep ether | sort | uniq -c | sort -r

Quick FIX (change mac from userspace):
ifconfig ${ov_dev} ether "00:bd:`jot -r -s ':' -w '%02x' 4`"

According to sys/net/ieee_oui.h, MAC address for TAP must be
"58:9c:fc:10:XX:XX" (65536 unique macs), but there are two issues with
ether_gen_addr():
1. Fourth byte sometimes "00" and sometimes "10" (minor issue)
2. Fifth byte in ~50% cases is FF (major issue due to char digest[] is signed)
So it's only ~256 unique macs for tap and this is very annoying.

The small patch (tested on amd64 13.0-RELEASE-p2) attached.

-- 
You are receiving this mail because:
You are the assignee for the bug.
Received on Sat Jun 26 2021 - 19:55:34 UTC

Original text of this message