1============ 2Architecture 3============ 4 5This document describes the **Distributed Switch Architecture (DSA)** subsystem 6design principles, limitations, interactions with other subsystems, and how to 7develop drivers for this subsystem as well as a TODO for developers interested 8in joining the effort. 9 10Design principles 11================= 12 13The Distributed Switch Architecture is a subsystem which was primarily designed 14to support Marvell Ethernet switches (MV88E6xxx, a.k.a Linkstreet product line) 15using Linux, but has since evolved to support other vendors as well. 16 17The original philosophy behind this design was to be able to use unmodified 18Linux tools such as bridge, iproute2, ifconfig to work transparently whether 19they configured/queried a switch port network device or a regular network 20device. 21 22An Ethernet switch is typically comprised of multiple front-panel ports, and one 23or more CPU or management port. The DSA subsystem currently relies on the 24presence of a management port connected to an Ethernet controller capable of 25receiving Ethernet frames from the switch. This is a very common setup for all 26kinds of Ethernet switches found in Small Home and Office products: routers, 27gateways, or even top-of-the rack switches. This host Ethernet controller will 28be later referred to as "master" and "cpu" in DSA terminology and code. 29 30The D in DSA stands for Distributed, because the subsystem has been designed 31with the ability to configure and manage cascaded switches on top of each other 32using upstream and downstream Ethernet links between switches. These specific 33ports are referred to as "dsa" ports in DSA terminology and code. A collection 34of multiple switches connected to each other is called a "switch tree". 35 36For each front-panel port, DSA will create specialized network devices which are 37used as controlling and data-flowing endpoints for use by the Linux networking 38stack. These specialized network interfaces are referred to as "slave" network 39interfaces in DSA terminology and code. 40 41The ideal case for using DSA is when an Ethernet switch supports a "switch tag" 42which is a hardware feature making the switch insert a specific tag for each 43Ethernet frames it received to/from specific ports to help the management 44interface figure out: 45 46- what port is this frame coming from 47- what was the reason why this frame got forwarded 48- how to send CPU originated traffic to specific ports 49 50The subsystem does support switches not capable of inserting/stripping tags, but 51the features might be slightly limited in that case (traffic separation relies 52on Port-based VLAN IDs). 53 54Note that DSA does not currently create network interfaces for the "cpu" and 55"dsa" ports because: 56 57- the "cpu" port is the Ethernet switch facing side of the management 58 controller, and as such, would create a duplication of feature, since you 59 would get two interfaces for the same conduit: master netdev, and "cpu" netdev 60 61- the "dsa" port(s) are just conduits between two or more switches, and as such 62 cannot really be used as proper network interfaces either, only the 63 downstream, or the top-most upstream interface makes sense with that model 64 65Switch tagging protocols 66------------------------ 67 68DSA supports many vendor-specific tagging protocols, one software-defined 69tagging protocol, and a tag-less mode as well (``DSA_TAG_PROTO_NONE``). 70 71The exact format of the tag protocol is vendor specific, but in general, they 72all contain something which: 73 74- identifies which port the Ethernet frame came from/should be sent to 75- provides a reason why this frame was forwarded to the management interface 76 77All tagging protocols are in ``net/dsa/tag_*.c`` files and implement the 78methods of the ``struct dsa_device_ops`` structure, which are detailed below. 79 80Tagging protocols generally fall in one of three categories: 81 821. The switch-specific frame header is located before the Ethernet header, 83 shifting to the right (from the perspective of the DSA master's frame 84 parser) the MAC DA, MAC SA, EtherType and the entire L2 payload. 852. The switch-specific frame header is located before the EtherType, keeping 86 the MAC DA and MAC SA in place from the DSA master's perspective, but 87 shifting the 'real' EtherType and L2 payload to the right. 883. The switch-specific frame header is located at the tail of the packet, 89 keeping all frame headers in place and not altering the view of the packet 90 that the DSA master's frame parser has. 91 92A tagging protocol may tag all packets with switch tags of the same length, or 93the tag length might vary (for example packets with PTP timestamps might 94require an extended switch tag, or there might be one tag length on TX and a 95different one on RX). Either way, the tagging protocol driver must populate the 96``struct dsa_device_ops::overhead`` with the length in octets of the longest 97switch frame header. The DSA framework will automatically adjust the MTU of the 98master interface to accomodate for this extra size in order for DSA user ports 99to support the standard MTU (L2 payload length) of 1500 octets. The ``overhead`` 100is also used to request from the network stack, on a best-effort basis, the 101allocation of packets with a ``needed_headroom`` or ``needed_tailroom`` 102sufficient such that the act of pushing the switch tag on transmission of a 103packet does not cause it to reallocate due to lack of memory. 104 105Even though applications are not expected to parse DSA-specific frame headers, 106the format on the wire of the tagging protocol represents an Application Binary 107Interface exposed by the kernel towards user space, for decoders such as 108``libpcap``. The tagging protocol driver must populate the ``proto`` member of 109``struct dsa_device_ops`` with a value that uniquely describes the 110characteristics of the interaction required between the switch hardware and the 111data path driver: the offset of each bit field within the frame header and any 112stateful processing required to deal with the frames (as may be required for 113PTP timestamping). 114 115From the perspective of the network stack, all switches within the same DSA 116switch tree use the same tagging protocol. In case of a packet transiting a 117fabric with more than one switch, the switch-specific frame header is inserted 118by the first switch in the fabric that the packet was received on. This header 119typically contains information regarding its type (whether it is a control 120frame that must be trapped to the CPU, or a data frame to be forwarded). 121Control frames should be decapsulated only by the software data path, whereas 122data frames might also be autonomously forwarded towards other user ports of 123other switches from the same fabric, and in this case, the outermost switch 124ports must decapsulate the packet. 125 126Note that in certain cases, it might be the case that the tagging format used 127by a leaf switch (not connected directly to the CPU) to not be the same as what 128the network stack sees. This can be seen with Marvell switch trees, where the 129CPU port can be configured to use either the DSA or the Ethertype DSA (EDSA) 130format, but the DSA links are configured to use the shorter (without Ethertype) 131DSA frame header, in order to reduce the autonomous packet forwarding overhead. 132It still remains the case that, if the DSA switch tree is configured for the 133EDSA tagging protocol, the operating system sees EDSA-tagged packets from the 134leaf switches that tagged them with the shorter DSA header. This can be done 135because the Marvell switch connected directly to the CPU is configured to 136perform tag translation between DSA and EDSA (which is simply the operation of 137adding or removing the ``ETH_P_EDSA`` EtherType and some padding octets). 138 139It is possible to construct cascaded setups of DSA switches even if their 140tagging protocols are not compatible with one another. In this case, there are 141no DSA links in this fabric, and each switch constitutes a disjoint DSA switch 142tree. The DSA links are viewed as simply a pair of a DSA master (the out-facing 143port of the upstream DSA switch) and a CPU port (the in-facing port of the 144downstream DSA switch). 145 146The tagging protocol of the attached DSA switch tree can be viewed through the 147``dsa/tagging`` sysfs attribute of the DSA master:: 148 149 cat /sys/class/net/eth0/dsa/tagging 150 151If the hardware and driver are capable, the tagging protocol of the DSA switch 152tree can be changed at runtime. This is done by writing the new tagging 153protocol name to the same sysfs device attribute as above (the DSA master and 154all attached switch ports must be down while doing this). 155 156It is desirable that all tagging protocols are testable with the ``dsa_loop`` 157mockup driver, which can be attached to any network interface. The goal is that 158any network interface should be capable of transmitting the same packet in the 159same way, and the tagger should decode the same received packet in the same way 160regardless of the driver used for the switch control path, and the driver used 161for the DSA master. 162 163The transmission of a packet goes through the tagger's ``xmit`` function. 164The passed ``struct sk_buff *skb`` has ``skb->data`` pointing at 165``skb_mac_header(skb)``, i.e. at the destination MAC address, and the passed 166``struct net_device *dev`` represents the virtual DSA user network interface 167whose hardware counterpart the packet must be steered to (i.e. ``swp0``). 168The job of this method is to prepare the skb in a way that the switch will 169understand what egress port the packet is for (and not deliver it towards other 170ports). Typically this is fulfilled by pushing a frame header. Checking for 171insufficient size in the skb headroom or tailroom is unnecessary provided that 172the ``overhead`` and ``tail_tag`` properties were filled out properly, because 173DSA ensures there is enough space before calling this method. 174 175The reception of a packet goes through the tagger's ``rcv`` function. The 176passed ``struct sk_buff *skb`` has ``skb->data`` pointing at 177``skb_mac_header(skb) + ETH_ALEN`` octets, i.e. to where the first octet after 178the EtherType would have been, were this frame not tagged. The role of this 179method is to consume the frame header, adjust ``skb->data`` to really point at 180the first octet after the EtherType, and to change ``skb->dev`` to point to the 181virtual DSA user network interface corresponding to the physical front-facing 182switch port that the packet was received on. 183 184Since tagging protocols in category 1 and 2 break software (and most often also 185hardware) packet dissection on the DSA master, features such as RPS (Receive 186Packet Steering) on the DSA master would be broken. The DSA framework deals 187with this by hooking into the flow dissector and shifting the offset at which 188the IP header is to be found in the tagged frame as seen by the DSA master. 189This behavior is automatic based on the ``overhead`` value of the tagging 190protocol. If not all packets are of equal size, the tagger can implement the 191``flow_dissect`` method of the ``struct dsa_device_ops`` and override this 192default behavior by specifying the correct offset incurred by each individual 193RX packet. Tail taggers do not cause issues to the flow dissector. 194 195Due to various reasons (most common being category 1 taggers being associated 196with DSA-unaware masters, mangling what the master perceives as MAC DA), the 197tagging protocol may require the DSA master to operate in promiscuous mode, to 198receive all frames regardless of the value of the MAC DA. This can be done by 199setting the ``promisc_on_master`` property of the ``struct dsa_device_ops``. 200Note that this assumes a DSA-unaware master driver, which is the norm. 201 202Hardware manufacturers are strongly discouraged to do this, but some tagging 203protocols might not provide source port information on RX for all packets, but 204e.g. only for control traffic (link-local PDUs). In this case, by implementing 205the ``filter`` method of ``struct dsa_device_ops``, the tagger might select 206which packets are to be redirected on RX towards the virtual DSA user network 207interfaces, and which are to be left in the DSA master's RX data path. 208 209It might also happen (although silicon vendors are strongly discouraged to 210produce hardware like this) that a tagging protocol splits the switch-specific 211information into a header portion and a tail portion, therefore not falling 212cleanly into any of the above 3 categories. DSA does not support this 213configuration. 214 215Master network devices 216---------------------- 217 218Master network devices are regular, unmodified Linux network device drivers for 219the CPU/management Ethernet interface. Such a driver might occasionally need to 220know whether DSA is enabled (e.g.: to enable/disable specific offload features), 221but the DSA subsystem has been proven to work with industry standard drivers: 222``e1000e,`` ``mv643xx_eth`` etc. without having to introduce modifications to these 223drivers. Such network devices are also often referred to as conduit network 224devices since they act as a pipe between the host processor and the hardware 225Ethernet switch. 226 227Networking stack hooks 228---------------------- 229 230When a master netdev is used with DSA, a small hook is placed in the 231networking stack is in order to have the DSA subsystem process the Ethernet 232switch specific tagging protocol. DSA accomplishes this by registering a 233specific (and fake) Ethernet type (later becoming ``skb->protocol``) with the 234networking stack, this is also known as a ``ptype`` or ``packet_type``. A typical 235Ethernet Frame receive sequence looks like this: 236 237Master network device (e.g.: e1000e): 238 2391. Receive interrupt fires: 240 241 - receive function is invoked 242 - basic packet processing is done: getting length, status etc. 243 - packet is prepared to be processed by the Ethernet layer by calling 244 ``eth_type_trans`` 245 2462. net/ethernet/eth.c:: 247 248 eth_type_trans(skb, dev) 249 if (dev->dsa_ptr != NULL) 250 -> skb->protocol = ETH_P_XDSA 251 2523. drivers/net/ethernet/\*:: 253 254 netif_receive_skb(skb) 255 -> iterate over registered packet_type 256 -> invoke handler for ETH_P_XDSA, calls dsa_switch_rcv() 257 2584. net/dsa/dsa.c:: 259 260 -> dsa_switch_rcv() 261 -> invoke switch tag specific protocol handler in 'net/dsa/tag_*.c' 262 2635. net/dsa/tag_*.c: 264 265 - inspect and strip switch tag protocol to determine originating port 266 - locate per-port network device 267 - invoke ``eth_type_trans()`` with the DSA slave network device 268 - invoked ``netif_receive_skb()`` 269 270Past this point, the DSA slave network devices get delivered regular Ethernet 271frames that can be processed by the networking stack. 272 273Slave network devices 274--------------------- 275 276Slave network devices created by DSA are stacked on top of their master network 277device, each of these network interfaces will be responsible for being a 278controlling and data-flowing end-point for each front-panel port of the switch. 279These interfaces are specialized in order to: 280 281- insert/remove the switch tag protocol (if it exists) when sending traffic 282 to/from specific switch ports 283- query the switch for ethtool operations: statistics, link state, 284 Wake-on-LAN, register dumps... 285- external/internal PHY management: link, auto-negotiation etc. 286 287These slave network devices have custom net_device_ops and ethtool_ops function 288pointers which allow DSA to introduce a level of layering between the networking 289stack/ethtool, and the switch driver implementation. 290 291Upon frame transmission from these slave network devices, DSA will look up which 292switch tagging protocol is currently registered with these network devices, and 293invoke a specific transmit routine which takes care of adding the relevant 294switch tag in the Ethernet frames. 295 296These frames are then queued for transmission using the master network device 297``ndo_start_xmit()`` function, since they contain the appropriate switch tag, the 298Ethernet switch will be able to process these incoming frames from the 299management interface and delivers these frames to the physical switch port. 300 301Graphical representation 302------------------------ 303 304Summarized, this is basically how DSA looks like from a network device 305perspective:: 306 307 Unaware application 308 opens and binds socket 309 | ^ 310 | | 311 +-----------v--|--------------------+ 312 |+------+ +------+ +------+ +------+| 313 || swp0 | | swp1 | | swp2 | | swp3 || 314 |+------+-+------+-+------+-+------+| 315 | DSA switch driver | 316 +-----------------------------------+ 317 | ^ 318 Tag added by | | Tag consumed by 319 switch driver | | switch driver 320 v | 321 +-----------------------------------+ 322 | Unmodified host interface driver | Software 323 --------+-----------------------------------+------------ 324 | Host interface (eth0) | Hardware 325 +-----------------------------------+ 326 | ^ 327 Tag consumed by | | Tag added by 328 switch hardware | | switch hardware 329 v | 330 +-----------------------------------+ 331 | Switch | 332 |+------+ +------+ +------+ +------+| 333 || swp0 | | swp1 | | swp2 | | swp3 || 334 ++------+-+------+-+------+-+------++ 335 336Slave MDIO bus 337-------------- 338 339In order to be able to read to/from a switch PHY built into it, DSA creates a 340slave MDIO bus which allows a specific switch driver to divert and intercept 341MDIO reads/writes towards specific PHY addresses. In most MDIO-connected 342switches, these functions would utilize direct or indirect PHY addressing mode 343to return standard MII registers from the switch builtin PHYs, allowing the PHY 344library and/or to return link status, link partner pages, auto-negotiation 345results etc.. 346 347For Ethernet switches which have both external and internal MDIO busses, the 348slave MII bus can be utilized to mux/demux MDIO reads and writes towards either 349internal or external MDIO devices this switch might be connected to: internal 350PHYs, external PHYs, or even external switches. 351 352Data structures 353--------------- 354 355DSA data structures are defined in ``include/net/dsa.h`` as well as 356``net/dsa/dsa_priv.h``: 357 358- ``dsa_chip_data``: platform data configuration for a given switch device, 359 this structure describes a switch device's parent device, its address, as 360 well as various properties of its ports: names/labels, and finally a routing 361 table indication (when cascading switches) 362 363- ``dsa_platform_data``: platform device configuration data which can reference 364 a collection of dsa_chip_data structure if multiples switches are cascaded, 365 the master network device this switch tree is attached to needs to be 366 referenced 367 368- ``dsa_switch_tree``: structure assigned to the master network device under 369 ``dsa_ptr``, this structure references a dsa_platform_data structure as well as 370 the tagging protocol supported by the switch tree, and which receive/transmit 371 function hooks should be invoked, information about the directly attached 372 switch is also provided: CPU port. Finally, a collection of dsa_switch are 373 referenced to address individual switches in the tree. 374 375- ``dsa_switch``: structure describing a switch device in the tree, referencing 376 a ``dsa_switch_tree`` as a backpointer, slave network devices, master network 377 device, and a reference to the backing``dsa_switch_ops`` 378 379- ``dsa_switch_ops``: structure referencing function pointers, see below for a 380 full description. 381 382Design limitations 383================== 384 385Lack of CPU/DSA network devices 386------------------------------- 387 388DSA does not currently create slave network devices for the CPU or DSA ports, as 389described before. This might be an issue in the following cases: 390 391- inability to fetch switch CPU port statistics counters using ethtool, which 392 can make it harder to debug MDIO switch connected using xMII interfaces 393 394- inability to configure the CPU port link parameters based on the Ethernet 395 controller capabilities attached to it: http://patchwork.ozlabs.org/patch/509806/ 396 397- inability to configure specific VLAN IDs / trunking VLANs between switches 398 when using a cascaded setup 399 400Common pitfalls using DSA setups 401-------------------------------- 402 403Once a master network device is configured to use DSA (dev->dsa_ptr becomes 404non-NULL), and the switch behind it expects a tagging protocol, this network 405interface can only exclusively be used as a conduit interface. Sending packets 406directly through this interface (e.g.: opening a socket using this interface) 407will not make us go through the switch tagging protocol transmit function, so 408the Ethernet switch on the other end, expecting a tag will typically drop this 409frame. 410 411Interactions with other subsystems 412================================== 413 414DSA currently leverages the following subsystems: 415 416- MDIO/PHY library: ``drivers/net/phy/phy.c``, ``mdio_bus.c`` 417- Switchdev:``net/switchdev/*`` 418- Device Tree for various of_* functions 419- Devlink: ``net/core/devlink.c`` 420 421MDIO/PHY library 422---------------- 423 424Slave network devices exposed by DSA may or may not be interfacing with PHY 425devices (``struct phy_device`` as defined in ``include/linux/phy.h)``, but the DSA 426subsystem deals with all possible combinations: 427 428- internal PHY devices, built into the Ethernet switch hardware 429- external PHY devices, connected via an internal or external MDIO bus 430- internal PHY devices, connected via an internal MDIO bus 431- special, non-autonegotiated or non MDIO-managed PHY devices: SFPs, MoCA; a.k.a 432 fixed PHYs 433 434The PHY configuration is done by the ``dsa_slave_phy_setup()`` function and the 435logic basically looks like this: 436 437- if Device Tree is used, the PHY device is looked up using the standard 438 "phy-handle" property, if found, this PHY device is created and registered 439 using ``of_phy_connect()`` 440 441- if Device Tree is used, and the PHY device is "fixed", that is, conforms to 442 the definition of a non-MDIO managed PHY as defined in 443 ``Documentation/devicetree/bindings/net/fixed-link.txt``, the PHY is registered 444 and connected transparently using the special fixed MDIO bus driver 445 446- finally, if the PHY is built into the switch, as is very common with 447 standalone switch packages, the PHY is probed using the slave MII bus created 448 by DSA 449 450 451SWITCHDEV 452--------- 453 454DSA directly utilizes SWITCHDEV when interfacing with the bridge layer, and 455more specifically with its VLAN filtering portion when configuring VLANs on top 456of per-port slave network devices. As of today, the only SWITCHDEV objects 457supported by DSA are the FDB and VLAN objects. 458 459Devlink 460------- 461 462DSA registers one devlink device per physical switch in the fabric. 463For each devlink device, every physical port (i.e. user ports, CPU ports, DSA 464links or unused ports) is exposed as a devlink port. 465 466DSA drivers can make use of the following devlink features: 467 468- Regions: debugging feature which allows user space to dump driver-defined 469 areas of hardware information in a low-level, binary format. Both global 470 regions as well as per-port regions are supported. It is possible to export 471 devlink regions even for pieces of data that are already exposed in some way 472 to the standard iproute2 user space programs (ip-link, bridge), like address 473 tables and VLAN tables. For example, this might be useful if the tables 474 contain additional hardware-specific details which are not visible through 475 the iproute2 abstraction, or it might be useful to inspect these tables on 476 the non-user ports too, which are invisible to iproute2 because no network 477 interface is registered for them. 478- Params: a feature which enables user to configure certain low-level tunable 479 knobs pertaining to the device. Drivers may implement applicable generic 480 devlink params, or may add new device-specific devlink params. 481- Resources: a monitoring feature which enables users to see the degree of 482 utilization of certain hardware tables in the device, such as FDB, VLAN, etc. 483- Shared buffers: a QoS feature for adjusting and partitioning memory and frame 484 reservations per port and per traffic class, in the ingress and egress 485 directions, such that low-priority bulk traffic does not impede the 486 processing of high-priority critical traffic. 487 488For more details, consult ``Documentation/networking/devlink/``. 489 490Device Tree 491----------- 492 493DSA features a standardized binding which is documented in 494``Documentation/devicetree/bindings/net/dsa/dsa.txt``. PHY/MDIO library helper 495functions such as ``of_get_phy_mode()``, ``of_phy_connect()`` are also used to query 496per-port PHY specific details: interface connection, MDIO bus location etc.. 497 498Driver development 499================== 500 501DSA switch drivers need to implement a dsa_switch_ops structure which will 502contain the various members described below. 503 504``register_switch_driver()`` registers this dsa_switch_ops in its internal list 505of drivers to probe for. ``unregister_switch_driver()`` does the exact opposite. 506 507Unless requested differently by setting the priv_size member accordingly, DSA 508does not allocate any driver private context space. 509 510Switch configuration 511-------------------- 512 513- ``tag_protocol``: this is to indicate what kind of tagging protocol is supported, 514 should be a valid value from the ``dsa_tag_protocol`` enum 515 516- ``probe``: probe routine which will be invoked by the DSA platform device upon 517 registration to test for the presence/absence of a switch device. For MDIO 518 devices, it is recommended to issue a read towards internal registers using 519 the switch pseudo-PHY and return whether this is a supported device. For other 520 buses, return a non-NULL string 521 522- ``setup``: setup function for the switch, this function is responsible for setting 523 up the ``dsa_switch_ops`` private structure with all it needs: register maps, 524 interrupts, mutexes, locks etc.. This function is also expected to properly 525 configure the switch to separate all network interfaces from each other, that 526 is, they should be isolated by the switch hardware itself, typically by creating 527 a Port-based VLAN ID for each port and allowing only the CPU port and the 528 specific port to be in the forwarding vector. Ports that are unused by the 529 platform should be disabled. Past this function, the switch is expected to be 530 fully configured and ready to serve any kind of request. It is recommended 531 to issue a software reset of the switch during this setup function in order to 532 avoid relying on what a previous software agent such as a bootloader/firmware 533 may have previously configured. 534 535PHY devices and link management 536------------------------------- 537 538- ``get_phy_flags``: Some switches are interfaced to various kinds of Ethernet PHYs, 539 if the PHY library PHY driver needs to know about information it cannot obtain 540 on its own (e.g.: coming from switch memory mapped registers), this function 541 should return a 32-bits bitmask of "flags", that is private between the switch 542 driver and the Ethernet PHY driver in ``drivers/net/phy/\*``. 543 544- ``phy_read``: Function invoked by the DSA slave MDIO bus when attempting to read 545 the switch port MDIO registers. If unavailable, return 0xffff for each read. 546 For builtin switch Ethernet PHYs, this function should allow reading the link 547 status, auto-negotiation results, link partner pages etc.. 548 549- ``phy_write``: Function invoked by the DSA slave MDIO bus when attempting to write 550 to the switch port MDIO registers. If unavailable return a negative error 551 code. 552 553- ``adjust_link``: Function invoked by the PHY library when a slave network device 554 is attached to a PHY device. This function is responsible for appropriately 555 configuring the switch port link parameters: speed, duplex, pause based on 556 what the ``phy_device`` is providing. 557 558- ``fixed_link_update``: Function invoked by the PHY library, and specifically by 559 the fixed PHY driver asking the switch driver for link parameters that could 560 not be auto-negotiated, or obtained by reading the PHY registers through MDIO. 561 This is particularly useful for specific kinds of hardware such as QSGMII, 562 MoCA or other kinds of non-MDIO managed PHYs where out of band link 563 information is obtained 564 565Ethtool operations 566------------------ 567 568- ``get_strings``: ethtool function used to query the driver's strings, will 569 typically return statistics strings, private flags strings etc. 570 571- ``get_ethtool_stats``: ethtool function used to query per-port statistics and 572 return their values. DSA overlays slave network devices general statistics: 573 RX/TX counters from the network device, with switch driver specific statistics 574 per port 575 576- ``get_sset_count``: ethtool function used to query the number of statistics items 577 578- ``get_wol``: ethtool function used to obtain Wake-on-LAN settings per-port, this 579 function may, for certain implementations also query the master network device 580 Wake-on-LAN settings if this interface needs to participate in Wake-on-LAN 581 582- ``set_wol``: ethtool function used to configure Wake-on-LAN settings per-port, 583 direct counterpart to set_wol with similar restrictions 584 585- ``set_eee``: ethtool function which is used to configure a switch port EEE (Green 586 Ethernet) settings, can optionally invoke the PHY library to enable EEE at the 587 PHY level if relevant. This function should enable EEE at the switch port MAC 588 controller and data-processing logic 589 590- ``get_eee``: ethtool function which is used to query a switch port EEE settings, 591 this function should return the EEE state of the switch port MAC controller 592 and data-processing logic as well as query the PHY for its currently configured 593 EEE settings 594 595- ``get_eeprom_len``: ethtool function returning for a given switch the EEPROM 596 length/size in bytes 597 598- ``get_eeprom``: ethtool function returning for a given switch the EEPROM contents 599 600- ``set_eeprom``: ethtool function writing specified data to a given switch EEPROM 601 602- ``get_regs_len``: ethtool function returning the register length for a given 603 switch 604 605- ``get_regs``: ethtool function returning the Ethernet switch internal register 606 contents. This function might require user-land code in ethtool to 607 pretty-print register values and registers 608 609Power management 610---------------- 611 612- ``suspend``: function invoked by the DSA platform device when the system goes to 613 suspend, should quiesce all Ethernet switch activities, but keep ports 614 participating in Wake-on-LAN active as well as additional wake-up logic if 615 supported 616 617- ``resume``: function invoked by the DSA platform device when the system resumes, 618 should resume all Ethernet switch activities and re-configure the switch to be 619 in a fully active state 620 621- ``port_enable``: function invoked by the DSA slave network device ndo_open 622 function when a port is administratively brought up, this function should be 623 fully enabling a given switch port. DSA takes care of marking the port with 624 ``BR_STATE_BLOCKING`` if the port is a bridge member, or ``BR_STATE_FORWARDING`` if it 625 was not, and propagating these changes down to the hardware 626 627- ``port_disable``: function invoked by the DSA slave network device ndo_close 628 function when a port is administratively brought down, this function should be 629 fully disabling a given switch port. DSA takes care of marking the port with 630 ``BR_STATE_DISABLED`` and propagating changes to the hardware if this port is 631 disabled while being a bridge member 632 633Bridge layer 634------------ 635 636- ``port_bridge_join``: bridge layer function invoked when a given switch port is 637 added to a bridge, this function should be doing the necessary at the switch 638 level to permit the joining port from being added to the relevant logical 639 domain for it to ingress/egress traffic with other members of the bridge. 640 641- ``port_bridge_leave``: bridge layer function invoked when a given switch port is 642 removed from a bridge, this function should be doing the necessary at the 643 switch level to deny the leaving port from ingress/egress traffic from the 644 remaining bridge members. When the port leaves the bridge, it should be aged 645 out at the switch hardware for the switch to (re) learn MAC addresses behind 646 this port. 647 648- ``port_stp_state_set``: bridge layer function invoked when a given switch port STP 649 state is computed by the bridge layer and should be propagated to switch 650 hardware to forward/block/learn traffic. The switch driver is responsible for 651 computing a STP state change based on current and asked parameters and perform 652 the relevant ageing based on the intersection results 653 654- ``port_bridge_flags``: bridge layer function invoked when a port must 655 configure its settings for e.g. flooding of unknown traffic or source address 656 learning. The switch driver is responsible for initial setup of the 657 standalone ports with address learning disabled and egress flooding of all 658 types of traffic, then the DSA core notifies of any change to the bridge port 659 flags when the port joins and leaves a bridge. DSA does not currently manage 660 the bridge port flags for the CPU port. The assumption is that address 661 learning should be statically enabled (if supported by the hardware) on the 662 CPU port, and flooding towards the CPU port should also be enabled, due to a 663 lack of an explicit address filtering mechanism in the DSA core. 664 665Bridge VLAN filtering 666--------------------- 667 668- ``port_vlan_filtering``: bridge layer function invoked when the bridge gets 669 configured for turning on or off VLAN filtering. If nothing specific needs to 670 be done at the hardware level, this callback does not need to be implemented. 671 When VLAN filtering is turned on, the hardware must be programmed with 672 rejecting 802.1Q frames which have VLAN IDs outside of the programmed allowed 673 VLAN ID map/rules. If there is no PVID programmed into the switch port, 674 untagged frames must be rejected as well. When turned off the switch must 675 accept any 802.1Q frames irrespective of their VLAN ID, and untagged frames are 676 allowed. 677 678- ``port_vlan_add``: bridge layer function invoked when a VLAN is configured 679 (tagged or untagged) for the given switch port. If the operation is not 680 supported by the hardware, this function should return ``-EOPNOTSUPP`` to 681 inform the bridge code to fallback to a software implementation. 682 683- ``port_vlan_del``: bridge layer function invoked when a VLAN is removed from the 684 given switch port 685 686- ``port_vlan_dump``: bridge layer function invoked with a switchdev callback 687 function that the driver has to call for each VLAN the given port is a member 688 of. A switchdev object is used to carry the VID and bridge flags. 689 690- ``port_fdb_add``: bridge layer function invoked when the bridge wants to install a 691 Forwarding Database entry, the switch hardware should be programmed with the 692 specified address in the specified VLAN Id in the forwarding database 693 associated with this VLAN ID. If the operation is not supported, this 694 function should return ``-EOPNOTSUPP`` to inform the bridge code to fallback to 695 a software implementation. 696 697.. note:: VLAN ID 0 corresponds to the port private database, which, in the context 698 of DSA, would be its port-based VLAN, used by the associated bridge device. 699 700- ``port_fdb_del``: bridge layer function invoked when the bridge wants to remove a 701 Forwarding Database entry, the switch hardware should be programmed to delete 702 the specified MAC address from the specified VLAN ID if it was mapped into 703 this port forwarding database 704 705- ``port_fdb_dump``: bridge layer function invoked with a switchdev callback 706 function that the driver has to call for each MAC address known to be behind 707 the given port. A switchdev object is used to carry the VID and FDB info. 708 709- ``port_mdb_add``: bridge layer function invoked when the bridge wants to install 710 a multicast database entry. If the operation is not supported, this function 711 should return ``-EOPNOTSUPP`` to inform the bridge code to fallback to a 712 software implementation. The switch hardware should be programmed with the 713 specified address in the specified VLAN ID in the forwarding database 714 associated with this VLAN ID. 715 716.. note:: VLAN ID 0 corresponds to the port private database, which, in the context 717 of DSA, would be its port-based VLAN, used by the associated bridge device. 718 719- ``port_mdb_del``: bridge layer function invoked when the bridge wants to remove a 720 multicast database entry, the switch hardware should be programmed to delete 721 the specified MAC address from the specified VLAN ID if it was mapped into 722 this port forwarding database. 723 724- ``port_mdb_dump``: bridge layer function invoked with a switchdev callback 725 function that the driver has to call for each MAC address known to be behind 726 the given port. A switchdev object is used to carry the VID and MDB info. 727 728Link aggregation 729---------------- 730 731Link aggregation is implemented in the Linux networking stack by the bonding 732and team drivers, which are modeled as virtual, stackable network interfaces. 733DSA is capable of offloading a link aggregation group (LAG) to hardware that 734supports the feature, and supports bridging between physical ports and LAGs, 735as well as between LAGs. A bonding/team interface which holds multiple physical 736ports constitutes a logical port, although DSA has no explicit concept of a 737logical port at the moment. Due to this, events where a LAG joins/leaves a 738bridge are treated as if all individual physical ports that are members of that 739LAG join/leave the bridge. Switchdev port attributes (VLAN filtering, STP 740state, etc) and objects (VLANs, MDB entries) offloaded to a LAG as bridge port 741are treated similarly: DSA offloads the same switchdev object / port attribute 742on all members of the LAG. Static bridge FDB entries on a LAG are not yet 743supported, since the DSA driver API does not have the concept of a logical port 744ID. 745 746- ``port_lag_join``: function invoked when a given switch port is added to a 747 LAG. The driver may return ``-EOPNOTSUPP``, and in this case, DSA will fall 748 back to a software implementation where all traffic from this port is sent to 749 the CPU. 750- ``port_lag_leave``: function invoked when a given switch port leaves a LAG 751 and returns to operation as a standalone port. 752- ``port_lag_change``: function invoked when the link state of any member of 753 the LAG changes, and the hashing function needs rebalancing to only make use 754 of the subset of physical LAG member ports that are up. 755 756Drivers that benefit from having an ID associated with each offloaded LAG 757can optionally populate ``ds->num_lag_ids`` from the ``dsa_switch_ops::setup`` 758method. The LAG ID associated with a bonding/team interface can then be 759retrieved by a DSA switch driver using the ``dsa_lag_id`` function. 760 761IEC 62439-2 (MRP) 762----------------- 763 764The Media Redundancy Protocol is a topology management protocol optimized for 765fast fault recovery time for ring networks, which has some components 766implemented as a function of the bridge driver. MRP uses management PDUs 767(Test, Topology, LinkDown/Up, Option) sent at a multicast destination MAC 768address range of 01:15:4e:00:00:0x and with an EtherType of 0x88e3. 769Depending on the node's role in the ring (MRM: Media Redundancy Manager, 770MRC: Media Redundancy Client, MRA: Media Redundancy Automanager), certain MRP 771PDUs might need to be terminated locally and others might need to be forwarded. 772An MRM might also benefit from offloading to hardware the creation and 773transmission of certain MRP PDUs (Test). 774 775Normally an MRP instance can be created on top of any network interface, 776however in the case of a device with an offloaded data path such as DSA, it is 777necessary for the hardware, even if it is not MRP-aware, to be able to extract 778the MRP PDUs from the fabric before the driver can proceed with the software 779implementation. DSA today has no driver which is MRP-aware, therefore it only 780listens for the bare minimum switchdev objects required for the software assist 781to work properly. The operations are detailed below. 782 783- ``port_mrp_add`` and ``port_mrp_del``: notifies driver when an MRP instance 784 with a certain ring ID, priority, primary port and secondary port is 785 created/deleted. 786- ``port_mrp_add_ring_role`` and ``port_mrp_del_ring_role``: function invoked 787 when an MRP instance changes ring roles between MRM or MRC. This affects 788 which MRP PDUs should be trapped to software and which should be autonomously 789 forwarded. 790 791IEC 62439-3 (HSR/PRP) 792--------------------- 793 794The Parallel Redundancy Protocol (PRP) is a network redundancy protocol which 795works by duplicating and sequence numbering packets through two independent L2 796networks (which are unaware of the PRP tail tags carried in the packets), and 797eliminating the duplicates at the receiver. The High-availability Seamless 798Redundancy (HSR) protocol is similar in concept, except all nodes that carry 799the redundant traffic are aware of the fact that it is HSR-tagged (because HSR 800uses a header with an EtherType of 0x892f) and are physically connected in a 801ring topology. Both HSR and PRP use supervision frames for monitoring the 802health of the network and for discovery of other nodes. 803 804In Linux, both HSR and PRP are implemented in the hsr driver, which 805instantiates a virtual, stackable network interface with two member ports. 806The driver only implements the basic roles of DANH (Doubly Attached Node 807implementing HSR) and DANP (Doubly Attached Node implementing PRP); the roles 808of RedBox and QuadBox are not implemented (therefore, bridging a hsr network 809interface with a physical switch port does not produce the expected result). 810 811A driver which is able of offloading certain functions of a DANP or DANH should 812declare the corresponding netdev features as indicated by the documentation at 813``Documentation/networking/netdev-features.rst``. Additionally, the following 814methods must be implemented: 815 816- ``port_hsr_join``: function invoked when a given switch port is added to a 817 DANP/DANH. The driver may return ``-EOPNOTSUPP`` and in this case, DSA will 818 fall back to a software implementation where all traffic from this port is 819 sent to the CPU. 820- ``port_hsr_leave``: function invoked when a given switch port leaves a 821 DANP/DANH and returns to normal operation as a standalone port. 822 823TODO 824==== 825 826Making SWITCHDEV and DSA converge towards an unified codebase 827------------------------------------------------------------- 828 829SWITCHDEV properly takes care of abstracting the networking stack with offload 830capable hardware, but does not enforce a strict switch device driver model. On 831the other DSA enforces a fairly strict device driver model, and deals with most 832of the switch specific. At some point we should envision a merger between these 833two subsystems and get the best of both worlds. 834 835Other hanging fruits 836-------------------- 837 838- allowing more than one CPU/management interface: 839 http://comments.gmane.org/gmane.linux.network/365657 840