git.baikalelectronics.ru Git - kernel.git/commit

author	Nikolay Aleksandrov <nikolay@cumulusnetworks.com>
	Thu, 24 May 2018 08:56:48 +0000 (11:56 +0300)
committer	David S. Miller <davem@davemloft.net>
	Fri, 25 May 2018 18:37:20 +0000 (14:37 -0400)
commit	0e0b41a484a0bc6e341cb25585b1ae862727b8b7
tree	5ce86d0f2f19e3974f7d258d70ea496e517e2d6d	tree \| snapshot
parent	7634804406c272b1a5482140d3e45d5dd1af9e61	commit \| diff

net: bridge: add support for port isolation

This patch adds support for a new port flag - BR_ISOLATED. If it is set
then isolated ports cannot communicate between each other, but they can
still communicate with non-isolated ports. The same can be achieved via
ACLs but they can't scale with large number of ports and also the
complexity of the rules grows. This feature can be used to achieve
isolated vlan functionality (similar to pvlan) as well, though currently
it will be port-wide (for all vlans on the port). The new test in
should_deliver uses data that is already cache hot and the new boolean
is used to avoid an additional source port test in should_deliver.

Signed-off-by: Nikolay Aleksandrov <nikolay@cumulusnetworks.com>
Reviewed-by: Toshiaki Makita <makita.toshiaki@lab.ntt.co.jp>
Signed-off-by: David S. Miller <davem@davemloft.net>

include/linux/if_bridge.h		diff \| blob \| history
include/uapi/linux/if_link.h		diff \| blob \| history
net/bridge/br_forward.c		diff \| blob \| history
net/bridge/br_input.c		diff \| blob \| history
net/bridge/br_netlink.c		diff \| blob \| history
net/bridge/br_private.h		diff \| blob \| history
net/bridge/br_sysfs_if.c		diff \| blob \| history