256850 – poor mac address distribution for if_tap

Bug 256850 - poor mac address distribution for if_tap

Summary: poor mac address distribution for if_tap

Status:	New

Alias:	None

Product:	Base System
Classification:	Unclassified
Component:	kern (show other bugs)
Version:	12.2-RELEASE
Hardware:	Any Any

Importance:	--- Affects Only Me
Assignee:	Kyle Evans

URL:
Keywords:

Depends on:
Blocks:

Reported:	2021-06-26 19:55 UTC by Maxim Shalomikhin
Modified:	2021-06-27 04:57 UTC (History)
CC List:	2 users (show)

See Also:

Attachments
Patch for sys/net/if_ethersubr.c (459 bytes, text/plain) 2021-06-26 19:55 UTC, Maxim Shalomikhin	no flags	Details
View All Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.

Description Maxim Shalomikhin 2021-06-26 19:55:34 UTC

Created attachment 226064 [details]
Patch for sys/net/if_ethersubr.c

I have a system with about 300 tap interfaces (openvpn tunnels) combined in one bridge. After upgrading from releng/11.4 to releng/12.2 I noticed a lot of repeated MAC (ether) addresses on tap interfaces.

How to reproduce:
On FreeBSD 12 or 13, create ~100 tap interfaces, then check MACs for uniqueness:
ifconfig -a | grep ether | sort | uniq -c | sort -r

Quick FIX (change mac from userspace):
ifconfig ${ov_dev} ether "00:bd:`jot -r -s ':' -w '%02x' 4`"

According to sys/net/ieee_oui.h, MAC address for TAP must be "58:9c:fc:10:XX:XX" (65536 unique macs), but there are two issues with ether_gen_addr():
1. Fourth byte sometimes "00" and sometimes "10" (minor issue)
2. Fifth byte in ~50% cases is FF (major issue due to char digest[] is signed)
So it's only ~256 unique macs for tap and this is very annoying.

The small patch (tested on amd64 13.0-RELEASE-p2) attached.