1============ 2Architecture 3============ 4 5This document describes the **Distributed Switch Architecture (DSA)** subsystem 6design principles, limitations, interactions with other subsystems, and how to 7develop drivers for this subsystem as well as a TODO for developers interested 8in joining the effort. 9 10Design principles 11================= 12 13The Distributed Switch Architecture subsystem was primarily designed to 14support Marvell Ethernet switches (MV88E6xxx, a.k.a. Link Street product 15line) using Linux, but has since evolved to support other vendors as well. 16 17The original philosophy behind this design was to be able to use unmodified 18Linux tools such as bridge, iproute2, ifconfig to work transparently whether 19they configured/queried a switch port network device or a regular network 20device. 21 22An Ethernet switch typically comprises multiple front-panel ports and one 23or more CPU or management ports. The DSA subsystem currently relies on the 24presence of a management port connected to an Ethernet controller capable of 25receiving Ethernet frames from the switch. This is a very common setup for all 26kinds of Ethernet switches found in Small Home and Office products: routers, 27gateways, or even top-of-rack switches. This host Ethernet controller will 28be later referred to as "master" and "cpu" in DSA terminology and code. 29 30The D in DSA stands for Distributed, because the subsystem has been designed 31with the ability to configure and manage cascaded switches on top of each other 32using upstream and downstream Ethernet links between switches. These specific 33ports are referred to as "dsa" ports in DSA terminology and code. A collection 34of multiple switches connected to each other is called a "switch tree". 35 36For each front-panel port, DSA creates specialized network devices which are 37used as controlling and data-flowing endpoints for use by the Linux networking 38stack. These specialized network interfaces are referred to as "slave" network 39interfaces in DSA terminology and code. 40 41The ideal case for using DSA is when an Ethernet switch supports a "switch tag" 42which is a hardware feature making the switch insert a specific tag for each 43Ethernet frame it receives to/from specific ports to help the management 44interface figure out: 45 46- what port is this frame coming from 47- what was the reason why this frame got forwarded 48- how to send CPU originated traffic to specific ports 49 50The subsystem does support switches not capable of inserting/stripping tags, but 51the features might be slightly limited in that case (traffic separation relies 52on Port-based VLAN IDs). 53 54Note that DSA does not currently create network interfaces for the "cpu" and 55"dsa" ports because: 56 57- the "cpu" port is the Ethernet switch facing side of the management 58 controller, and as such, would create a duplication of feature, since you 59 would get two interfaces for the same conduit: master netdev, and "cpu" netdev 60 61- the "dsa" port(s) are just conduits between two or more switches, and as such 62 cannot really be used as proper network interfaces either, only the 63 downstream, or the top-most upstream interface makes sense with that model 64 65Switch tagging protocols 66------------------------ 67 68DSA supports many vendor-specific tagging protocols, one software-defined 69tagging protocol, and a tag-less mode as well (``DSA_TAG_PROTO_NONE``). 70 71The exact format of the tag protocol is vendor specific, but in general, they 72all contain something which: 73 74- identifies which port the Ethernet frame came from/should be sent to 75- provides a reason why this frame was forwarded to the management interface 76 77All tagging protocols are in ``net/dsa/tag_*.c`` files and implement the 78methods of the ``struct dsa_device_ops`` structure, which are detailed below. 79 80Tagging protocols generally fall in one of three categories: 81 821. The switch-specific frame header is located before the Ethernet header, 83 shifting to the right (from the perspective of the DSA master's frame 84 parser) the MAC DA, MAC SA, EtherType and the entire L2 payload. 852. The switch-specific frame header is located before the EtherType, keeping 86 the MAC DA and MAC SA in place from the DSA master's perspective, but 87 shifting the 'real' EtherType and L2 payload to the right. 883. The switch-specific frame header is located at the tail of the packet, 89 keeping all frame headers in place and not altering the view of the packet 90 that the DSA master's frame parser has. 91 92A tagging protocol may tag all packets with switch tags of the same length, or 93the tag length might vary (for example packets with PTP timestamps might 94require an extended switch tag, or there might be one tag length on TX and a 95different one on RX). Either way, the tagging protocol driver must populate the 96``struct dsa_device_ops::needed_headroom`` and/or ``struct dsa_device_ops::needed_tailroom`` 97with the length in octets of the longest switch frame header/trailer. The DSA 98framework will automatically adjust the MTU of the master interface to 99accommodate for this extra size in order for DSA user ports to support the 100standard MTU (L2 payload length) of 1500 octets. The ``needed_headroom`` and 101``needed_tailroom`` properties are also used to request from the network stack, 102on a best-effort basis, the allocation of packets with enough extra space such 103that the act of pushing the switch tag on transmission of a packet does not 104cause it to reallocate due to lack of memory. 105 106Even though applications are not expected to parse DSA-specific frame headers, 107the format on the wire of the tagging protocol represents an Application Binary 108Interface exposed by the kernel towards user space, for decoders such as 109``libpcap``. The tagging protocol driver must populate the ``proto`` member of 110``struct dsa_device_ops`` with a value that uniquely describes the 111characteristics of the interaction required between the switch hardware and the 112data path driver: the offset of each bit field within the frame header and any 113stateful processing required to deal with the frames (as may be required for 114PTP timestamping). 115 116From the perspective of the network stack, all switches within the same DSA 117switch tree use the same tagging protocol. In case of a packet transiting a 118fabric with more than one switch, the switch-specific frame header is inserted 119by the first switch in the fabric that the packet was received on. This header 120typically contains information regarding its type (whether it is a control 121frame that must be trapped to the CPU, or a data frame to be forwarded). 122Control frames should be decapsulated only by the software data path, whereas 123data frames might also be autonomously forwarded towards other user ports of 124other switches from the same fabric, and in this case, the outermost switch 125ports must decapsulate the packet. 126 127Note that in certain cases, it might be the case that the tagging format used 128by a leaf switch (not connected directly to the CPU) is not the same as what 129the network stack sees. This can be seen with Marvell switch trees, where the 130CPU port can be configured to use either the DSA or the Ethertype DSA (EDSA) 131format, but the DSA links are configured to use the shorter (without Ethertype) 132DSA frame header, in order to reduce the autonomous packet forwarding overhead. 133It still remains the case that, if the DSA switch tree is configured for the 134EDSA tagging protocol, the operating system sees EDSA-tagged packets from the 135leaf switches that tagged them with the shorter DSA header. This can be done 136because the Marvell switch connected directly to the CPU is configured to 137perform tag translation between DSA and EDSA (which is simply the operation of 138adding or removing the ``ETH_P_EDSA`` EtherType and some padding octets). 139 140It is possible to construct cascaded setups of DSA switches even if their 141tagging protocols are not compatible with one another. In this case, there are 142no DSA links in this fabric, and each switch constitutes a disjoint DSA switch 143tree. The DSA links are viewed as simply a pair of a DSA master (the out-facing 144port of the upstream DSA switch) and a CPU port (the in-facing port of the 145downstream DSA switch). 146 147The tagging protocol of the attached DSA switch tree can be viewed through the 148``dsa/tagging`` sysfs attribute of the DSA master:: 149 150 cat /sys/class/net/eth0/dsa/tagging 151 152If the hardware and driver are capable, the tagging protocol of the DSA switch 153tree can be changed at runtime. This is done by writing the new tagging 154protocol name to the same sysfs device attribute as above (the DSA master and 155all attached switch ports must be down while doing this). 156 157It is desirable that all tagging protocols are testable with the ``dsa_loop`` 158mockup driver, which can be attached to any network interface. The goal is that 159any network interface should be capable of transmitting the same packet in the 160same way, and the tagger should decode the same received packet in the same way 161regardless of the driver used for the switch control path, and the driver used 162for the DSA master. 163 164The transmission of a packet goes through the tagger's ``xmit`` function. 165The passed ``struct sk_buff *skb`` has ``skb->data`` pointing at 166``skb_mac_header(skb)``, i.e. at the destination MAC address, and the passed 167``struct net_device *dev`` represents the virtual DSA user network interface 168whose hardware counterpart the packet must be steered to (i.e. ``swp0``). 169The job of this method is to prepare the skb in a way that the switch will 170understand what egress port the packet is for (and not deliver it towards other 171ports). Typically this is fulfilled by pushing a frame header. Checking for 172insufficient size in the skb headroom or tailroom is unnecessary provided that 173the ``needed_headroom`` and ``needed_tailroom`` properties were filled out 174properly, because DSA ensures there is enough space before calling this method. 175 176The reception of a packet goes through the tagger's ``rcv`` function. The 177passed ``struct sk_buff *skb`` has ``skb->data`` pointing at 178``skb_mac_header(skb) + ETH_ALEN`` octets, i.e. to where the first octet after 179the EtherType would have been, were this frame not tagged. The role of this 180method is to consume the frame header, adjust ``skb->data`` to really point at 181the first octet after the EtherType, and to change ``skb->dev`` to point to the 182virtual DSA user network interface corresponding to the physical front-facing 183switch port that the packet was received on. 184 185Since tagging protocols in category 1 and 2 break software (and most often also 186hardware) packet dissection on the DSA master, features such as RPS (Receive 187Packet Steering) on the DSA master would be broken. The DSA framework deals 188with this by hooking into the flow dissector and shifting the offset at which 189the IP header is to be found in the tagged frame as seen by the DSA master. 190This behavior is automatic based on the ``overhead`` value of the tagging 191protocol. If not all packets are of equal size, the tagger can implement the 192``flow_dissect`` method of the ``struct dsa_device_ops`` and override this 193default behavior by specifying the correct offset incurred by each individual 194RX packet. Tail taggers do not cause issues to the flow dissector. 195 196Checksum offload should work with category 1 and 2 taggers when the DSA master 197driver declares NETIF_F_HW_CSUM in vlan_features and looks at csum_start and 198csum_offset. For those cases, DSA will shift the checksum start and offset by 199the tag size. If the DSA master driver still uses the legacy NETIF_F_IP_CSUM 200or NETIF_F_IPV6_CSUM in vlan_features, the offload might only work if the 201offload hardware already expects that specific tag (perhaps due to matching 202vendors). DSA slaves inherit those flags from the master port, and it is up to 203the driver to correctly fall back to software checksum when the IP header is not 204where the hardware expects. If that check is ineffective, the packets might go 205to the network without a proper checksum (the checksum field will have the 206pseudo IP header sum). For category 3, when the offload hardware does not 207already expect the switch tag in use, the checksum must be calculated before any 208tag is inserted (i.e. inside the tagger). Otherwise, the DSA master would 209include the tail tag in the (software or hardware) checksum calculation. Then, 210when the tag gets stripped by the switch during transmission, it will leave an 211incorrect IP checksum in place. 212 213Due to various reasons (most common being category 1 taggers being associated 214with DSA-unaware masters, mangling what the master perceives as MAC DA), the 215tagging protocol may require the DSA master to operate in promiscuous mode, to 216receive all frames regardless of the value of the MAC DA. This can be done by 217setting the ``promisc_on_master`` property of the ``struct dsa_device_ops``. 218Note that this assumes a DSA-unaware master driver, which is the norm. 219 220Master network devices 221---------------------- 222 223Master network devices are regular, unmodified Linux network device drivers for 224the CPU/management Ethernet interface. Such a driver might occasionally need to 225know whether DSA is enabled (e.g.: to enable/disable specific offload features), 226but the DSA subsystem has been proven to work with industry standard drivers: 227``e1000e,`` ``mv643xx_eth`` etc. without having to introduce modifications to these 228drivers. Such network devices are also often referred to as conduit network 229devices since they act as a pipe between the host processor and the hardware 230Ethernet switch. 231 232Networking stack hooks 233---------------------- 234 235When a master netdev is used with DSA, a small hook is placed in the 236networking stack is in order to have the DSA subsystem process the Ethernet 237switch specific tagging protocol. DSA accomplishes this by registering a 238specific (and fake) Ethernet type (later becoming ``skb->protocol``) with the 239networking stack, this is also known as a ``ptype`` or ``packet_type``. A typical 240Ethernet Frame receive sequence looks like this: 241 242Master network device (e.g.: e1000e): 243 2441. Receive interrupt fires: 245 246 - receive function is invoked 247 - basic packet processing is done: getting length, status etc. 248 - packet is prepared to be processed by the Ethernet layer by calling 249 ``eth_type_trans`` 250 2512. net/ethernet/eth.c:: 252 253 eth_type_trans(skb, dev) 254 if (dev->dsa_ptr != NULL) 255 -> skb->protocol = ETH_P_XDSA 256 2573. drivers/net/ethernet/\*:: 258 259 netif_receive_skb(skb) 260 -> iterate over registered packet_type 261 -> invoke handler for ETH_P_XDSA, calls dsa_switch_rcv() 262 2634. net/dsa/dsa.c:: 264 265 -> dsa_switch_rcv() 266 -> invoke switch tag specific protocol handler in 'net/dsa/tag_*.c' 267 2685. net/dsa/tag_*.c: 269 270 - inspect and strip switch tag protocol to determine originating port 271 - locate per-port network device 272 - invoke ``eth_type_trans()`` with the DSA slave network device 273 - invoked ``netif_receive_skb()`` 274 275Past this point, the DSA slave network devices get delivered regular Ethernet 276frames that can be processed by the networking stack. 277 278Slave network devices 279--------------------- 280 281Slave network devices created by DSA are stacked on top of their master network 282device, each of these network interfaces will be responsible for being a 283controlling and data-flowing end-point for each front-panel port of the switch. 284These interfaces are specialized in order to: 285 286- insert/remove the switch tag protocol (if it exists) when sending traffic 287 to/from specific switch ports 288- query the switch for ethtool operations: statistics, link state, 289 Wake-on-LAN, register dumps... 290- manage external/internal PHY: link, auto-negotiation, etc. 291 292These slave network devices have custom net_device_ops and ethtool_ops function 293pointers which allow DSA to introduce a level of layering between the networking 294stack/ethtool and the switch driver implementation. 295 296Upon frame transmission from these slave network devices, DSA will look up which 297switch tagging protocol is currently registered with these network devices and 298invoke a specific transmit routine which takes care of adding the relevant 299switch tag in the Ethernet frames. 300 301These frames are then queued for transmission using the master network device 302``ndo_start_xmit()`` function. Since they contain the appropriate switch tag, the 303Ethernet switch will be able to process these incoming frames from the 304management interface and deliver them to the physical switch port. 305 306Graphical representation 307------------------------ 308 309Summarized, this is basically how DSA looks like from a network device 310perspective:: 311 312 Unaware application 313 opens and binds socket 314 | ^ 315 | | 316 +-----------v--|--------------------+ 317 |+------+ +------+ +------+ +------+| 318 || swp0 | | swp1 | | swp2 | | swp3 || 319 |+------+-+------+-+------+-+------+| 320 | DSA switch driver | 321 +-----------------------------------+ 322 | ^ 323 Tag added by | | Tag consumed by 324 switch driver | | switch driver 325 v | 326 +-----------------------------------+ 327 | Unmodified host interface driver | Software 328 --------+-----------------------------------+------------ 329 | Host interface (eth0) | Hardware 330 +-----------------------------------+ 331 | ^ 332 Tag consumed by | | Tag added by 333 switch hardware | | switch hardware 334 v | 335 +-----------------------------------+ 336 | Switch | 337 |+------+ +------+ +------+ +------+| 338 || swp0 | | swp1 | | swp2 | | swp3 || 339 ++------+-+------+-+------+-+------++ 340 341Slave MDIO bus 342-------------- 343 344In order to be able to read to/from a switch PHY built into it, DSA creates a 345slave MDIO bus which allows a specific switch driver to divert and intercept 346MDIO reads/writes towards specific PHY addresses. In most MDIO-connected 347switches, these functions would utilize direct or indirect PHY addressing mode 348to return standard MII registers from the switch builtin PHYs, allowing the PHY 349library and/or to return link status, link partner pages, auto-negotiation 350results, etc. 351 352For Ethernet switches which have both external and internal MDIO buses, the 353slave MII bus can be utilized to mux/demux MDIO reads and writes towards either 354internal or external MDIO devices this switch might be connected to: internal 355PHYs, external PHYs, or even external switches. 356 357Data structures 358--------------- 359 360DSA data structures are defined in ``include/net/dsa.h`` as well as 361``net/dsa/dsa_priv.h``: 362 363- ``dsa_chip_data``: platform data configuration for a given switch device, 364 this structure describes a switch device's parent device, its address, as 365 well as various properties of its ports: names/labels, and finally a routing 366 table indication (when cascading switches) 367 368- ``dsa_platform_data``: platform device configuration data which can reference 369 a collection of dsa_chip_data structures if multiple switches are cascaded, 370 the master network device this switch tree is attached to needs to be 371 referenced 372 373- ``dsa_switch_tree``: structure assigned to the master network device under 374 ``dsa_ptr``, this structure references a dsa_platform_data structure as well as 375 the tagging protocol supported by the switch tree, and which receive/transmit 376 function hooks should be invoked, information about the directly attached 377 switch is also provided: CPU port. Finally, a collection of dsa_switch are 378 referenced to address individual switches in the tree. 379 380- ``dsa_switch``: structure describing a switch device in the tree, referencing 381 a ``dsa_switch_tree`` as a backpointer, slave network devices, master network 382 device, and a reference to the backing``dsa_switch_ops`` 383 384- ``dsa_switch_ops``: structure referencing function pointers, see below for a 385 full description. 386 387Design limitations 388================== 389 390Lack of CPU/DSA network devices 391------------------------------- 392 393DSA does not currently create slave network devices for the CPU or DSA ports, as 394described before. This might be an issue in the following cases: 395 396- inability to fetch switch CPU port statistics counters using ethtool, which 397 can make it harder to debug MDIO switch connected using xMII interfaces 398 399- inability to configure the CPU port link parameters based on the Ethernet 400 controller capabilities attached to it: http://patchwork.ozlabs.org/patch/509806/ 401 402- inability to configure specific VLAN IDs / trunking VLANs between switches 403 when using a cascaded setup 404 405Common pitfalls using DSA setups 406-------------------------------- 407 408Once a master network device is configured to use DSA (dev->dsa_ptr becomes 409non-NULL), and the switch behind it expects a tagging protocol, this network 410interface can only exclusively be used as a conduit interface. Sending packets 411directly through this interface (e.g.: opening a socket using this interface) 412will not make us go through the switch tagging protocol transmit function, so 413the Ethernet switch on the other end, expecting a tag will typically drop this 414frame. 415 416Interactions with other subsystems 417================================== 418 419DSA currently leverages the following subsystems: 420 421- MDIO/PHY library: ``drivers/net/phy/phy.c``, ``mdio_bus.c`` 422- Switchdev:``net/switchdev/*`` 423- Device Tree for various of_* functions 424- Devlink: ``net/core/devlink.c`` 425 426MDIO/PHY library 427---------------- 428 429Slave network devices exposed by DSA may or may not be interfacing with PHY 430devices (``struct phy_device`` as defined in ``include/linux/phy.h)``, but the DSA 431subsystem deals with all possible combinations: 432 433- internal PHY devices, built into the Ethernet switch hardware 434- external PHY devices, connected via an internal or external MDIO bus 435- internal PHY devices, connected via an internal MDIO bus 436- special, non-autonegotiated or non MDIO-managed PHY devices: SFPs, MoCA; a.k.a 437 fixed PHYs 438 439The PHY configuration is done by the ``dsa_slave_phy_setup()`` function and the 440logic basically looks like this: 441 442- if Device Tree is used, the PHY device is looked up using the standard 443 "phy-handle" property, if found, this PHY device is created and registered 444 using ``of_phy_connect()`` 445 446- if Device Tree is used and the PHY device is "fixed", that is, conforms to 447 the definition of a non-MDIO managed PHY as defined in 448 ``Documentation/devicetree/bindings/net/fixed-link.txt``, the PHY is registered 449 and connected transparently using the special fixed MDIO bus driver 450 451- finally, if the PHY is built into the switch, as is very common with 452 standalone switch packages, the PHY is probed using the slave MII bus created 453 by DSA 454 455 456SWITCHDEV 457--------- 458 459DSA directly utilizes SWITCHDEV when interfacing with the bridge layer, and 460more specifically with its VLAN filtering portion when configuring VLANs on top 461of per-port slave network devices. As of today, the only SWITCHDEV objects 462supported by DSA are the FDB and VLAN objects. 463 464Devlink 465------- 466 467DSA registers one devlink device per physical switch in the fabric. 468For each devlink device, every physical port (i.e. user ports, CPU ports, DSA 469links or unused ports) is exposed as a devlink port. 470 471DSA drivers can make use of the following devlink features: 472 473- Regions: debugging feature which allows user space to dump driver-defined 474 areas of hardware information in a low-level, binary format. Both global 475 regions as well as per-port regions are supported. It is possible to export 476 devlink regions even for pieces of data that are already exposed in some way 477 to the standard iproute2 user space programs (ip-link, bridge), like address 478 tables and VLAN tables. For example, this might be useful if the tables 479 contain additional hardware-specific details which are not visible through 480 the iproute2 abstraction, or it might be useful to inspect these tables on 481 the non-user ports too, which are invisible to iproute2 because no network 482 interface is registered for them. 483- Params: a feature which enables user to configure certain low-level tunable 484 knobs pertaining to the device. Drivers may implement applicable generic 485 devlink params, or may add new device-specific devlink params. 486- Resources: a monitoring feature which enables users to see the degree of 487 utilization of certain hardware tables in the device, such as FDB, VLAN, etc. 488- Shared buffers: a QoS feature for adjusting and partitioning memory and frame 489 reservations per port and per traffic class, in the ingress and egress 490 directions, such that low-priority bulk traffic does not impede the 491 processing of high-priority critical traffic. 492 493For more details, consult ``Documentation/networking/devlink/``. 494 495Device Tree 496----------- 497 498DSA features a standardized binding which is documented in 499``Documentation/devicetree/bindings/net/dsa/dsa.txt``. PHY/MDIO library helper 500functions such as ``of_get_phy_mode()``, ``of_phy_connect()`` are also used to query 501per-port PHY specific details: interface connection, MDIO bus location, etc. 502 503Driver development 504================== 505 506DSA switch drivers need to implement a dsa_switch_ops structure which will 507contain the various members described below. 508 509``register_switch_driver()`` registers this dsa_switch_ops in its internal list 510of drivers to probe for. ``unregister_switch_driver()`` does the exact opposite. 511 512Unless requested differently by setting the priv_size member accordingly, DSA 513does not allocate any driver private context space. 514 515Switch configuration 516-------------------- 517 518- ``tag_protocol``: this is to indicate what kind of tagging protocol is supported, 519 should be a valid value from the ``dsa_tag_protocol`` enum 520 521- ``probe``: probe routine which will be invoked by the DSA platform device upon 522 registration to test for the presence/absence of a switch device. For MDIO 523 devices, it is recommended to issue a read towards internal registers using 524 the switch pseudo-PHY and return whether this is a supported device. For other 525 buses, return a non-NULL string 526 527- ``setup``: setup function for the switch, this function is responsible for setting 528 up the ``dsa_switch_ops`` private structure with all it needs: register maps, 529 interrupts, mutexes, locks, etc. This function is also expected to properly 530 configure the switch to separate all network interfaces from each other, that 531 is, they should be isolated by the switch hardware itself, typically by creating 532 a Port-based VLAN ID for each port and allowing only the CPU port and the 533 specific port to be in the forwarding vector. Ports that are unused by the 534 platform should be disabled. Past this function, the switch is expected to be 535 fully configured and ready to serve any kind of request. It is recommended 536 to issue a software reset of the switch during this setup function in order to 537 avoid relying on what a previous software agent such as a bootloader/firmware 538 may have previously configured. 539 540PHY devices and link management 541------------------------------- 542 543- ``get_phy_flags``: Some switches are interfaced to various kinds of Ethernet PHYs, 544 if the PHY library PHY driver needs to know about information it cannot obtain 545 on its own (e.g.: coming from switch memory mapped registers), this function 546 should return a 32-bit bitmask of "flags" that is private between the switch 547 driver and the Ethernet PHY driver in ``drivers/net/phy/\*``. 548 549- ``phy_read``: Function invoked by the DSA slave MDIO bus when attempting to read 550 the switch port MDIO registers. If unavailable, return 0xffff for each read. 551 For builtin switch Ethernet PHYs, this function should allow reading the link 552 status, auto-negotiation results, link partner pages, etc. 553 554- ``phy_write``: Function invoked by the DSA slave MDIO bus when attempting to write 555 to the switch port MDIO registers. If unavailable return a negative error 556 code. 557 558- ``adjust_link``: Function invoked by the PHY library when a slave network device 559 is attached to a PHY device. This function is responsible for appropriately 560 configuring the switch port link parameters: speed, duplex, pause based on 561 what the ``phy_device`` is providing. 562 563- ``fixed_link_update``: Function invoked by the PHY library, and specifically by 564 the fixed PHY driver asking the switch driver for link parameters that could 565 not be auto-negotiated, or obtained by reading the PHY registers through MDIO. 566 This is particularly useful for specific kinds of hardware such as QSGMII, 567 MoCA or other kinds of non-MDIO managed PHYs where out of band link 568 information is obtained 569 570Ethtool operations 571------------------ 572 573- ``get_strings``: ethtool function used to query the driver's strings, will 574 typically return statistics strings, private flags strings, etc. 575 576- ``get_ethtool_stats``: ethtool function used to query per-port statistics and 577 return their values. DSA overlays slave network devices general statistics: 578 RX/TX counters from the network device, with switch driver specific statistics 579 per port 580 581- ``get_sset_count``: ethtool function used to query the number of statistics items 582 583- ``get_wol``: ethtool function used to obtain Wake-on-LAN settings per-port, this 584 function may for certain implementations also query the master network device 585 Wake-on-LAN settings if this interface needs to participate in Wake-on-LAN 586 587- ``set_wol``: ethtool function used to configure Wake-on-LAN settings per-port, 588 direct counterpart to set_wol with similar restrictions 589 590- ``set_eee``: ethtool function which is used to configure a switch port EEE (Green 591 Ethernet) settings, can optionally invoke the PHY library to enable EEE at the 592 PHY level if relevant. This function should enable EEE at the switch port MAC 593 controller and data-processing logic 594 595- ``get_eee``: ethtool function which is used to query a switch port EEE settings, 596 this function should return the EEE state of the switch port MAC controller 597 and data-processing logic as well as query the PHY for its currently configured 598 EEE settings 599 600- ``get_eeprom_len``: ethtool function returning for a given switch the EEPROM 601 length/size in bytes 602 603- ``get_eeprom``: ethtool function returning for a given switch the EEPROM contents 604 605- ``set_eeprom``: ethtool function writing specified data to a given switch EEPROM 606 607- ``get_regs_len``: ethtool function returning the register length for a given 608 switch 609 610- ``get_regs``: ethtool function returning the Ethernet switch internal register 611 contents. This function might require user-land code in ethtool to 612 pretty-print register values and registers 613 614Power management 615---------------- 616 617- ``suspend``: function invoked by the DSA platform device when the system goes to 618 suspend, should quiesce all Ethernet switch activities, but keep ports 619 participating in Wake-on-LAN active as well as additional wake-up logic if 620 supported 621 622- ``resume``: function invoked by the DSA platform device when the system resumes, 623 should resume all Ethernet switch activities and re-configure the switch to be 624 in a fully active state 625 626- ``port_enable``: function invoked by the DSA slave network device ndo_open 627 function when a port is administratively brought up, this function should 628 fully enable a given switch port. DSA takes care of marking the port with 629 ``BR_STATE_BLOCKING`` if the port is a bridge member, or ``BR_STATE_FORWARDING`` if it 630 was not, and propagating these changes down to the hardware 631 632- ``port_disable``: function invoked by the DSA slave network device ndo_close 633 function when a port is administratively brought down, this function should 634 fully disable a given switch port. DSA takes care of marking the port with 635 ``BR_STATE_DISABLED`` and propagating changes to the hardware if this port is 636 disabled while being a bridge member 637 638Bridge layer 639------------ 640 641- ``port_bridge_join``: bridge layer function invoked when a given switch port is 642 added to a bridge, this function should do what's necessary at the switch 643 level to permit the joining port to be added to the relevant logical 644 domain for it to ingress/egress traffic with other members of the bridge. 645 646- ``port_bridge_leave``: bridge layer function invoked when a given switch port is 647 removed from a bridge, this function should do what's necessary at the 648 switch level to deny the leaving port from ingress/egress traffic from the 649 remaining bridge members. When the port leaves the bridge, it should be aged 650 out at the switch hardware for the switch to (re) learn MAC addresses behind 651 this port. 652 653- ``port_stp_state_set``: bridge layer function invoked when a given switch port STP 654 state is computed by the bridge layer and should be propagated to switch 655 hardware to forward/block/learn traffic. The switch driver is responsible for 656 computing a STP state change based on current and asked parameters and perform 657 the relevant ageing based on the intersection results 658 659- ``port_bridge_flags``: bridge layer function invoked when a port must 660 configure its settings for e.g. flooding of unknown traffic or source address 661 learning. The switch driver is responsible for initial setup of the 662 standalone ports with address learning disabled and egress flooding of all 663 types of traffic, then the DSA core notifies of any change to the bridge port 664 flags when the port joins and leaves a bridge. DSA does not currently manage 665 the bridge port flags for the CPU port. The assumption is that address 666 learning should be statically enabled (if supported by the hardware) on the 667 CPU port, and flooding towards the CPU port should also be enabled, due to a 668 lack of an explicit address filtering mechanism in the DSA core. 669 670- ``port_bridge_tx_fwd_offload``: bridge layer function invoked after 671 ``port_bridge_join`` when a driver sets ``ds->num_fwd_offloading_bridges`` to 672 a non-zero value. Returning success in this function activates the TX 673 forwarding offload bridge feature for this port, which enables the tagging 674 protocol driver to inject data plane packets towards the bridging domain that 675 the port is a part of. Data plane packets are subject to FDB lookup, hardware 676 learning on the CPU port, and do not override the port STP state. 677 Additionally, replication of data plane packets (multicast, flooding) is 678 handled in hardware and the bridge driver will transmit a single skb for each 679 packet that needs replication. The method is provided as a configuration 680 point for drivers that need to configure the hardware for enabling this 681 feature. 682 683- ``port_bridge_tx_fwd_unoffload``: bridge layer function invoked when a driver 684 leaves a bridge port which had the TX forwarding offload feature enabled. 685 686Bridge VLAN filtering 687--------------------- 688 689- ``port_vlan_filtering``: bridge layer function invoked when the bridge gets 690 configured for turning on or off VLAN filtering. If nothing specific needs to 691 be done at the hardware level, this callback does not need to be implemented. 692 When VLAN filtering is turned on, the hardware must be programmed with 693 rejecting 802.1Q frames which have VLAN IDs outside of the programmed allowed 694 VLAN ID map/rules. If there is no PVID programmed into the switch port, 695 untagged frames must be rejected as well. When turned off the switch must 696 accept any 802.1Q frames irrespective of their VLAN ID, and untagged frames are 697 allowed. 698 699- ``port_vlan_add``: bridge layer function invoked when a VLAN is configured 700 (tagged or untagged) for the given switch port. If the operation is not 701 supported by the hardware, this function should return ``-EOPNOTSUPP`` to 702 inform the bridge code to fallback to a software implementation. 703 704- ``port_vlan_del``: bridge layer function invoked when a VLAN is removed from the 705 given switch port 706 707- ``port_vlan_dump``: bridge layer function invoked with a switchdev callback 708 function that the driver has to call for each VLAN the given port is a member 709 of. A switchdev object is used to carry the VID and bridge flags. 710 711- ``port_fdb_add``: bridge layer function invoked when the bridge wants to install a 712 Forwarding Database entry, the switch hardware should be programmed with the 713 specified address in the specified VLAN Id in the forwarding database 714 associated with this VLAN ID. If the operation is not supported, this 715 function should return ``-EOPNOTSUPP`` to inform the bridge code to fallback to 716 a software implementation. 717 718.. note:: VLAN ID 0 corresponds to the port private database, which, in the context 719 of DSA, would be its port-based VLAN, used by the associated bridge device. 720 721- ``port_fdb_del``: bridge layer function invoked when the bridge wants to remove a 722 Forwarding Database entry, the switch hardware should be programmed to delete 723 the specified MAC address from the specified VLAN ID if it was mapped into 724 this port forwarding database 725 726- ``port_fdb_dump``: bridge layer function invoked with a switchdev callback 727 function that the driver has to call for each MAC address known to be behind 728 the given port. A switchdev object is used to carry the VID and FDB info. 729 730- ``port_mdb_add``: bridge layer function invoked when the bridge wants to install 731 a multicast database entry. If the operation is not supported, this function 732 should return ``-EOPNOTSUPP`` to inform the bridge code to fallback to a 733 software implementation. The switch hardware should be programmed with the 734 specified address in the specified VLAN ID in the forwarding database 735 associated with this VLAN ID. 736 737.. note:: VLAN ID 0 corresponds to the port private database, which, in the context 738 of DSA, would be its port-based VLAN, used by the associated bridge device. 739 740- ``port_mdb_del``: bridge layer function invoked when the bridge wants to remove a 741 multicast database entry, the switch hardware should be programmed to delete 742 the specified MAC address from the specified VLAN ID if it was mapped into 743 this port forwarding database. 744 745- ``port_mdb_dump``: bridge layer function invoked with a switchdev callback 746 function that the driver has to call for each MAC address known to be behind 747 the given port. A switchdev object is used to carry the VID and MDB info. 748 749Link aggregation 750---------------- 751 752Link aggregation is implemented in the Linux networking stack by the bonding 753and team drivers, which are modeled as virtual, stackable network interfaces. 754DSA is capable of offloading a link aggregation group (LAG) to hardware that 755supports the feature, and supports bridging between physical ports and LAGs, 756as well as between LAGs. A bonding/team interface which holds multiple physical 757ports constitutes a logical port, although DSA has no explicit concept of a 758logical port at the moment. Due to this, events where a LAG joins/leaves a 759bridge are treated as if all individual physical ports that are members of that 760LAG join/leave the bridge. Switchdev port attributes (VLAN filtering, STP 761state, etc) and objects (VLANs, MDB entries) offloaded to a LAG as bridge port 762are treated similarly: DSA offloads the same switchdev object / port attribute 763on all members of the LAG. Static bridge FDB entries on a LAG are not yet 764supported, since the DSA driver API does not have the concept of a logical port 765ID. 766 767- ``port_lag_join``: function invoked when a given switch port is added to a 768 LAG. The driver may return ``-EOPNOTSUPP``, and in this case, DSA will fall 769 back to a software implementation where all traffic from this port is sent to 770 the CPU. 771- ``port_lag_leave``: function invoked when a given switch port leaves a LAG 772 and returns to operation as a standalone port. 773- ``port_lag_change``: function invoked when the link state of any member of 774 the LAG changes, and the hashing function needs rebalancing to only make use 775 of the subset of physical LAG member ports that are up. 776 777Drivers that benefit from having an ID associated with each offloaded LAG 778can optionally populate ``ds->num_lag_ids`` from the ``dsa_switch_ops::setup`` 779method. The LAG ID associated with a bonding/team interface can then be 780retrieved by a DSA switch driver using the ``dsa_lag_id`` function. 781 782IEC 62439-2 (MRP) 783----------------- 784 785The Media Redundancy Protocol is a topology management protocol optimized for 786fast fault recovery time for ring networks, which has some components 787implemented as a function of the bridge driver. MRP uses management PDUs 788(Test, Topology, LinkDown/Up, Option) sent at a multicast destination MAC 789address range of 01:15:4e:00:00:0x and with an EtherType of 0x88e3. 790Depending on the node's role in the ring (MRM: Media Redundancy Manager, 791MRC: Media Redundancy Client, MRA: Media Redundancy Automanager), certain MRP 792PDUs might need to be terminated locally and others might need to be forwarded. 793An MRM might also benefit from offloading to hardware the creation and 794transmission of certain MRP PDUs (Test). 795 796Normally an MRP instance can be created on top of any network interface, 797however in the case of a device with an offloaded data path such as DSA, it is 798necessary for the hardware, even if it is not MRP-aware, to be able to extract 799the MRP PDUs from the fabric before the driver can proceed with the software 800implementation. DSA today has no driver which is MRP-aware, therefore it only 801listens for the bare minimum switchdev objects required for the software assist 802to work properly. The operations are detailed below. 803 804- ``port_mrp_add`` and ``port_mrp_del``: notifies driver when an MRP instance 805 with a certain ring ID, priority, primary port and secondary port is 806 created/deleted. 807- ``port_mrp_add_ring_role`` and ``port_mrp_del_ring_role``: function invoked 808 when an MRP instance changes ring roles between MRM or MRC. This affects 809 which MRP PDUs should be trapped to software and which should be autonomously 810 forwarded. 811 812IEC 62439-3 (HSR/PRP) 813--------------------- 814 815The Parallel Redundancy Protocol (PRP) is a network redundancy protocol which 816works by duplicating and sequence numbering packets through two independent L2 817networks (which are unaware of the PRP tail tags carried in the packets), and 818eliminating the duplicates at the receiver. The High-availability Seamless 819Redundancy (HSR) protocol is similar in concept, except all nodes that carry 820the redundant traffic are aware of the fact that it is HSR-tagged (because HSR 821uses a header with an EtherType of 0x892f) and are physically connected in a 822ring topology. Both HSR and PRP use supervision frames for monitoring the 823health of the network and for discovery of other nodes. 824 825In Linux, both HSR and PRP are implemented in the hsr driver, which 826instantiates a virtual, stackable network interface with two member ports. 827The driver only implements the basic roles of DANH (Doubly Attached Node 828implementing HSR) and DANP (Doubly Attached Node implementing PRP); the roles 829of RedBox and QuadBox are not implemented (therefore, bridging a hsr network 830interface with a physical switch port does not produce the expected result). 831 832A driver which is able of offloading certain functions of a DANP or DANH should 833declare the corresponding netdev features as indicated by the documentation at 834``Documentation/networking/netdev-features.rst``. Additionally, the following 835methods must be implemented: 836 837- ``port_hsr_join``: function invoked when a given switch port is added to a 838 DANP/DANH. The driver may return ``-EOPNOTSUPP`` and in this case, DSA will 839 fall back to a software implementation where all traffic from this port is 840 sent to the CPU. 841- ``port_hsr_leave``: function invoked when a given switch port leaves a 842 DANP/DANH and returns to normal operation as a standalone port. 843 844TODO 845==== 846 847Making SWITCHDEV and DSA converge towards an unified codebase 848------------------------------------------------------------- 849 850SWITCHDEV properly takes care of abstracting the networking stack with offload 851capable hardware, but does not enforce a strict switch device driver model. On 852the other DSA enforces a fairly strict device driver model, and deals with most 853of the switch specific. At some point we should envision a merger between these 854two subsystems and get the best of both worlds. 855 856Other hanging fruits 857-------------------- 858 859- allowing more than one CPU/management interface: 860 http://comments.gmane.org/gmane.linux.network/365657 861