>From: "Lennert Buytenhek" <[EMAIL PROTECTED]> >Subject: Re: [Bridge] Remove a MAC addr from all bridges? > On Wed, May 08, 2002 at 11:02:22AM +0200, Johannes Karlsson wrote: > > > I will be using the bridge on Bluetooth accesspoints running > > the BNEP protocoll. Because a user could move and change > > accesspoint a lot of times I would like to remove the users > > mac from all bridges in the LAN when they change accesspoint > > so the bridges don't continue to send the data on wrong ports. > > Is it possible to do this? > > No, there is no current possibility to remove a MAC address from > a port other than to wait for a timeout.
Yes it is possible, it is called Topological Change. When a bridge detect that one interface change state, it tell the root bridge of the bridged network about a topo change. Then the root bridge advertise the whole network about the change. When in Topo Change situtation the aging timeout move from a typical 300 sec to the forwarding delay (a typical 15s). > But even if there were.. if you remove a MAC address from a port, > it will cause all future packets to that MAC address to be sent > to _all_ ports (because the bridge doesn't know where to send > them). Is that what you want? Well, that's the only way to rediscover the new location of the MAC. If you use bi-directionnal protocol, this is not a lot of traffic. > A way to 'blackhole' a MAC address would be to connect a fake > ethernet interface to every bridge, say an ethertap interface, > and send a packet from that interface with the address you > want to blackhole as the source address. All future packets > to that MAC address will then be sent to that fake device, > effectively being blackholed. You would need some kind of > signalling protocol for this, though. Blackholing is more likely NOT a good solution. That MAC will loose connectivity wherever it is. I guess you want the device to recover connectivity from another access point. So I suggest the following (assuming linux bridging strictly follow the standard and you have a way to detect that a BNEP device being out of reach). Create a ethertap interface, that you control by your own deamon. When the deamon detect a device being out of range, you have to disable/enable the ethertap interface to trigger the topological change. Another option would be to generate (on demand) your own topological change frame. Notice that once you have that software, you have a pretty good DoS tool for switched network. Do not use that at work on a live network until you know it is not sending on the wrong ethernet port. Another option, if brtcl permit to trigger the topo change, then you have it. What do you (specialist of linux bridging code) of this? David GLAUDE _______________________________________________ Bridge mailing list [EMAIL PROTECTED] http://www.math.leidenuniv.nl/mailman/listinfo/bridge
