I think the bridge loop detection in if_ethersubr.c can be removed. It taxes all bridge output traffic, but I don't think it ever kicks in.
It was added in 2001 by angelos: http://www.openbsd.org/cgi-bin/cvsweb/src/sys/net/if_ethersubr.c.diff?r1=1.48;r2=1.49;f=h I'd say the following ethertypes are safe, they push packets further down the stack so they cannot be bridged again: ieee80211, trunk, vlan tun and gre cannot be part of a bridge. vether discards all output. That leaves gif, but that has its own loop detection. Added by angelos in 2001 as well, so I'm not sure what I'm missing. http://www.openbsd.org/cgi-bin/cvsweb/src/sys/net/if_gif.c.diff?r1=1.18;r2=1.19;f=h FreeBSD and NetBSD don't have it. Can people with exotic bridge setups (two bridges on one machine, gif tunnels, etc) give this a spin? It increases the collission counter (netstat -in) when a loop is broken. Index: if_ethersubr.c =================================================================== RCS file: /cvs/src/sys/net/if_ethersubr.c,v retrieving revision 1.151 diff -u -p -t -u -r1.151 if_ethersubr.c --- if_ethersubr.c 9 Jul 2011 00:47:18 -0000 1.151 +++ if_ethersubr.c 2 Mar 2012 13:47:45 -0000 @@ -399,8 +399,10 @@ ether_output(ifp0, m0, dst, rt0) goto bad; } #endif - if (!bcmp(&ifp->if_bridge, mtag + 1, sizeof(caddr_t))) + if (!bcmp(&ifp->if_bridge, mtag + 1, sizeof(caddr_t))) { + ifp->if_collisions++; break; + } } if (mtag == NULL) { /* Attach a tag so we can detect loops */
