.de Sc \\s-1\\$1\\s0\\$2 .. .ds cA 2008/055 .ds aR \s-1PSARC\s0 .LP .so ../../amac .Co .ds LF \fI\*(aR/\*(cA\fP .ds RF \fICopyright 2009 Sun Microsystems\fP .if n .ds CF .IP \fBSubject:\fP 15 Solaris Bridging .IP "\fBSubmitted by:\fP" 15 James Carlson .IP \fBFile:\fP 15 \*(aR/\*(cA/opinion.ms .IP \fBDate:\fP 15 February 25th, 2009 .IP "\fBCommittee:\fP" 15 James D. Carlson, Kais Belgaied, Richard Matthews, Sebastien Roy. .IP "\fBProduct Approval Committee:\fP" 15 Solaris PAC .br solaris-pac@sun.com .pn 2 .NH Summary .LP This project provides Ethernet bridging functionality for Solaris. .NH Decision & Precedence Information .LP The project is approved as specified in reference [1]. .LP The project may be delivered in a Minor release of Solaris or OpenSolaris. .NH Interfaces .LP The project exports the following interfaces. .if n .ne 8 .if t .ne 3 .TS H box; c s s l | l | l. Interfaces Exported _ Interface Classification Comments _ .TH dladm *-bridge Committed new subcommands field names Committed dladm show-bridge -o link properties Committed dladm set-linkprop show-link BRIDGE Committed new field kstats Volatile Should be raised later /dev/bridge/ Committed Observability node control ioctls Project Private /usr/lib/bridged Project Private Daemon executable svc:/network/bridge Committed SMF URI config/* Project Private SMF properties bridge module Project Private Kernel bridging module /var/run/bridge_door/ Project Private Doors interface to daemons librstp.so.1 Project Private RSTP implementation mac, dls, dld Consolidation Private Kernel APIs ::dladm show-bridge Volatile mdb dcmd (debugging) .TE .NH Opinion .LP This project was originally filed as a fast-track, but then derailed for regular review due to the depth of the questions raised. At inception, the project team was advised to consult with the Crossbow and IP Filtering teams to resolve the connections between these projects. On completion of those discussions, the ARC members were updated (see reference [2]), and a vote on the final materials was held during ARC business. .NH 2 IP Filter .LP The project team discussed filtering and bridging at length. There are essentially two ways that layer two filtering (L2F) can apply to bridges: it can apply on top of the bridge, so that the links seen by L2F are the same as those seen by IP, or it can apply below the bridge, so that the links seen by L2F are the same as the physical links on the system. .LP The former is expedient, but the latter will require new interfaces, including a "bridge forwarding" hook that is analogous to the existing "IP forwarding" hook. This work is left to a future project to define. .NH 2 Crossbow .LP The bridging project allows Crossbow's flows and virtual interfaces to be used on top of bridges for control of traffic sent and received by local endpoints, but does not make use of Crossbow's classification functionality in the bridge forwarding function. The project teams agree that it would be better if this sort of integration were possible, but the required functionality for bridge forwarding does not currently exist in Crossbow, and retrofitting bridging to use new Crossbow interfaces at some future date would be a seamless operation for users. Thus, the teams agreed that this future work can continue in parallel, and that bridging should be reworked when suitable Crossbow interfaces are designed. .NH 2 Security .LP An ARC member noted several problems and complexities with the originally proposed security mechanism. The design [3] was updated to drive all configuration through the existing SMF/SCF and dladm/dlmgmtd interfaces, so the project now relies exclusively on existing security mechanisms and the issues raised at inception are no longer present. .NH Minority Opinion(s) .LP None .NH Advisory Information .LP None .NH Appendices .NH 2 Appendix A: Technical Changes Required .LP None .NH 2 Appendix B: Technical Changes Advised .LP None .NH 2 Appendix C: Reference Material .LP Unless stated otherwise, path names are relative to the case directory \*(aR/\*(cA. .IP 1. Bridging Architectural Specification .br File: final.materials/bridging-spec.txt .IP 2. ARC Update Summary .br File: final.materials/bridging-arc-changes.txt .IP 3. Bridging Design Document .br File: final.materials/bridging-design.pdf