Summary of Features................................................................................... 22
Port MAC Features .................................................................................................................... 22 Port Trunking Features .............................................................................................................. 24 Distributed Switching Architecture (DSA) Features ................................................................... 24 Quality of Service Features ....................................................................................................... 25 Policy Features .......................................................................................................................... 25 Bridging Features ...................................................................................................................... 26 Unicast Routing Features .......................................................................................................... 27 Traffic Policing Features ............................................................................................................ 28 Bandwidth Management Features............................................................................................. 28 Secure Control Technology (SCT) Features ............................................................................. 29 Traffic Monitoring Features........................................................................................................ 30
Cascade Ports ........................................................................................................................... 44 Single-Target Destination in a Cascaded System ..................................................................... 45
PCI Interface ............................................................................................................................. 58 Serial Management Interfaces (SMI) ........................................................................................ 79 Two Wire Serial Interface (TWSI) ............................................................................................. 90 Device Address Space.............................................................................................................. 93 CPU MII/GMII/RGMII Port......................................................................................................... 94 Interrupts ................................................................................................................................... 98 General Purpose Pins (GPP) .................................................................................................. 100
Section 7. 7.1 7.2 7.3
CPU Traffic Management ........................................................................... 102
CPU Port Number ................................................................................................................... 102 Packets to the CPU................................................................................................................. 102 Packets from the CPU............................................................................................................. 107
Tri-Speed Port Overview .........................................................................................................137 HyperG.Stack Port Overview...................................................................................................138 HX and QX Ports Overview .....................................................................................................142 MAC Operation and Configuration...........................................................................................144 Tri-Speed Ports Auto-Negotiation............................................................................................161 MAC MIB Counters..................................................................................................................164 MAC Error Reporting ...............................................................................................................171
AR VE 4du LL un CO -fn NF zjm ID sx EN e TI * O AL pn , U et ND Te ER chn ND olo A# gie 12 s 10 17 86
9.1 9.2 9.3 9.4 9.5 9.6 9.7
Network Interfaces and Media Access Controllers (MACs) ................... 136
CONFIDENTIAL Document Classification: Restricted Information
MV-S102110-02 Rev. E Page 5
4duun-fnzjmsxe * Opnet Technologies * UNDER NDA# 12101786
Section 9.
M
MARVELL CONFIDENTIAL - UNAUTHORIZED DISTRIBUTION OR USE STRICTLY PROHIBITED
Table of Contents
Unicast Routing Features........................................................................................................ 265 Unicast Routing Overview....................................................................................................... 265 Policy Engine Support of Unicast Routing .............................................................................. 266 Bridge Engine Support for Unicast Routing ............................................................................ 270 Router Engine Processing ...................................................................................................... 271 Routed Packet Header Modification........................................................................................ 275 Layer 3 Control Traffic to the CPU .......................................................................................... 278 One-Armed Router Configuration ........................................................................................... 279
AR VE 4du LL un CO -fn NF zjm ID sx EN e TI * O AL pn , U et ND Te ER chn ND olo A# gie 12 s 10 17 86
12.1 12.2 12.3 12.4 12.5 12.6 12.7 12.8
Section 13. Port Trunking .............................................................................................. 281 13.1 13.2 13.3 13.4
Port Trunk-ID Assignment....................................................................................................... 281 Forwarding to a Single Trunk Destination ............................................................................... 283 Forwarding of Multi-Destination Packets................................................................................. 285 Trunking over Cascade Link ................................................................................................... 291
LED Interface Overview .......................................................................................................... 318 LED Indications ....................................................................................................................... 319 LED Indication Groups ............................................................................................................ 324 Other Indications ..................................................................................................................... 325 LED Stream............................................................................................................................. 326
MV-S102110-02 Rev. E Page 6
CONFIDENTIAL Document Classification: Restricted Information
Appendix A. DSA Tag Formats ....................................................................................... 333
Appendix B. CPU Codes .................................................................................................. 343 Appendix C. Register Set................................................................................................ 374
C.9 C.10 C.11 C.12 C.13 C.14 C.15 C.16 C.17
Registers Overview..................................................................................................................374 Global, TWSI Interface and CPU Port Configuration Registers...............................................376 GPP Configuration Registers...................................................................................................390 PCI SDMA Registers ...............................................................................................................392 Master XSMI Interface Configuration Registers ......................................................................400 Router Header Alteration Configuration Registers ..................................................................404 Tri-Speed Ports MAC, CPU Port MAC, and SGMII Configuration Registers...........................410 HyperG.Stack and HX/QX Ports MAC, Status, and MIB Counters, and XAUI Control Configuration Registers...............................................................................................426 XAUI PHY Configuration Registers .........................................................................................438 HX Port Registers Registers....................................................................................................475 LEDs, Tri-Speed Ports MIB Counters, and Master SMI Configuration Registers....................507 PCI Registers...........................................................................................................................552 Policy Engine and Bridge Engine Configuration Registers......................................................560 Policers and Unicast Routing Engine Configuration Registers................................................679 Pre-Egress Engine Configuration Registers ............................................................................692 Egress, Transmit Queue and VLAN Configuration Registers and Tables ...............................711 Buffers Memory, Ingress MAC Errors Indications, and Egress Header Alteration Configuration Tables and Registers ........................................................................................769 Buffers Management Registers ...............................................................................................777 Summary of Interrupt Registers...............................................................................................790
C.18 C.19
M AR VE 4du LL un CO -fn NF zjm ID sx EN e TI * O AL pn , U et ND Te ER chn ND olo A# gie 12 s 10 17 86
CONFIDENTIAL Document Classification: Restricted Information
MV-S102110-02 Rev. E Page 7
4duun-fnzjmsxe * Opnet Technologies * UNDER NDA# 12101786
Extended DSA Tag in TO_CPU Format ..................................................................................333 Extended DSA Tag in FROM_CPU Format.............................................................................336 Extended DSA Tag in TO_ANALYZER Format.......................................................................339 Extended DSA Tag in FORWARD Format ..............................................................................341
AR VE 4du LL un CO -fn NF zjm ID sx EN e TI * O AL pn , U et ND Te ER chn ND olo A# gie 12 s 10 17 86
A.1 A.2 A.3 A.4
M
MARVELL CONFIDENTIAL - UNAUTHORIZED DISTRIBUTION OR USE STRICTLY PROHIBITED
Table of Contents
MV-S102110-02 Rev. E Page 8
CONFIDENTIAL Document Classification: Restricted Information
M AR VE 4du LL un CO -fn NF zjm ID sx EN e TI * O AL pn , U et ND Te ER chn ND olo A# gie 12 s 10 17 86 CONFIDENTIAL
Document Classification: Restricted Information
MV-S102110-02 Rev. E Page 9
4duun-fnzjmsxe * Opnet Technologies * UNDER NDA# 12101786
Per Port Protocol Table Entry...........................................................................................................209 VLAN Entry Fields ............................................................................................................................217 Spanning Tree Port State Behavior..................................................................................................220 FDB Address Table Entry.................................................................................................................222 Additional Address Update Fields ....................................................................................................227 IEEE Reserved Multicast Addresses................................................................................................245 Cisco Proprietary L2 Protocols.........................................................................................................245 MLD Messages over ICMPv6...........................................................................................................247 Common IPv4/6 Link-Local Multicast Addresses .............................................................................250 Host Counters ..................................................................................................................................261 Matrix Source Destination Counters.................................................................................................262 Ingress Port/VLAN/Device Counters per Counter-Set .....................................................................262 Egress Counters per Counter-Set ....................................................................................................264 Routing PCL Rule Classification Key Fields.....................................................................................268 Policy Action Entry As a Route Entry ...............................................................................................269 Configuration Range of CIR and CBS..............................................................................................299 Number of 256-Byte Buffers For Each Device .................................................................................302 SDWRR vs. DWRR ..........................................................................................................................307 Tri-Speed Ports and CPU Port Indication Classes Description........................................................319 HyperG.Stack Port Indication Classes Description ..........................................................................321 XAUI PHY LED Indications ..............................................................................................................322 Group Data Description....................................................................................................................324 LED Interface 0 Ordered by Class ...................................................................................................326 LED Interface 1 Ordered by Class ...................................................................................................328 LED Interface 0 Ordered by Port......................................................................................................329 LED Interface 1 Ordered by Port......................................................................................................331 Extended TO_CPU DSA Tag ...........................................................................................................333 Extended FROM_CPU DSA Tag .....................................................................................................336 Extended TO_ANALYZER DSA Tag................................................................................................339 Extended FORWARD DSA Tag .......................................................................................................341 CPU Codes ......................................................................................................................................343 Standard Register Field Type Codes ...............................................................................................374 Valid Ports for Each Device..............................................................................................................375 Global, TWSI Interface and CPU Port Configuration Register Map Table .......................................376 GPP Configuration Register Map Table ...........................................................................................390 SDMA Register Map Table...............................................................................................................392 Master XSMI Interface Register Map Table .....................................................................................400 Router Header Alteration Configuration Registers Map Table .........................................................404 Tri-Speed Ports MAC, CPU Port MAC and SGMII Configuration Registers Map Table ..................410 HyperG.Stack and HX/QX Ports MAC and XAUI PHYs Configuration Register Map Table ............426 XAUI Register Map Table.................................................................................................................438 Register Map Table for the HX Port Registers Registers.................................................................475 LEDs, Tri-Speed Ports MIB Counters, and Master SMI Register Map Table...................................507 PCI Registers Map Table .................................................................................................................552
AR VE 4du LL un CO -fn NF zjm ID sx EN e TI * O AL pn , U et ND Te ER chn ND olo A# gie 12 s 10 17 86
98DX106, 98DX163, 98DX166, 98DX243, and 98DX246 Top Level Block Diagram ....................... 32 98DX130, 98DX250, 98DX260, 98DX262, 98DX270, and 98DX803 Top Level Block Diagram ...... 33 98DX107, 98DX167, and 98DX247 Top Level Block Diagram ......................................................... 34 98DX133, 98DX253, 98DX263, and 98DX273 Top Level Block Diagram ........................................ 35 98DX169 and 98DX249 Top Level Block Diagram ........................................................................... 36 98DX269 Top Level Block Diagram .................................................................................................. 37 SecureSmart and Layer 2+ Switches Ingress and Egress Processing Engines ............................... 38 Multilayer Stackable and SecureSmart Stackable Switches Ingress and Egress Processing Engines........................................................................................................................... 39 Example of Single-Target Destination Forwarding in a Cascaded System....................................... 45 Example of Multi-Destination Forwarding in a Cascaded System..................................................... 47 DSA Tag in the Ethernet Frame ........................................................................................................ 48 Host Management Interfaces: 98DX130, 98DX133, 98DX250, 98DX253, 98DX260, 98DX263, 98DX270, 98DX273, and 98DX803 ................................................................................. 57 Host Management Interfaces: 98DX106, 98DX107, 98DX163, 98DX166, 98DX167, 98DX169, 98DX243, 98DX246, 98DX247, 98DX249, 98DX262, and 98DX269 ............................. 57 CPU Descriptors and Memory Buffers .............................................................................................. 66 Serial ROM Data Structure................................................................................................................ 91 TWSI Bus Transaction—External Master Write to a Device Register............................................... 92 TWSI Bus Transaction–External Master Read from a Device Register ........................................... 92 Hierarchal Interrupt Scheme ............................................................................................................ 98 QoS Processing Walkthrough ......................................................................................................... 112 Port-Based QoS Marking Operation................................................................................................ 117 MAC-Address-Based QoS Marker Configuration............................................................................ 120 QoS Enforcement Walkthrough....................................................................................................... 123 {TC, DP} Assignment Algorithm for Data traffic............................................................................... 124 {TC, DP} Assignment for Control Packets....................................................................................... 125 {TC, DP} Assignment of Mirrored Packets ...................................................................................... 125 DiffServ Domains Crossing Using a Single DSCP to DSCP Mutation Table .................................. 134 Functional Block Diagram of Tri-Speed Port in 1000BASE-X Mode .............................................. 137 Functional Block Diagram of Tri-Speed Port in SGMII Mode ......................................................... 138 Functional Block Diagram of the HyperG.Stack Port ..................................................................... 139 Functional Block Diagram of the HX/QX ......................................................................................... 142 MAC Loopback Packet Walkthrough............................................................................................... 155 PCS Loopback Packet Walkthrough ............................................................................................... 155 Analog Loopback Packet Walkthrough ........................................................................................... 156 Repeater Loopback Packet Walkthrough........................................................................................ 156 Ingress Pipe Block Diagram for SecureSmart and Layer 2+ Stackable Switches .......................... 173 Ingress Pipe Block Diagram for Multilayer Stackable Switches ...................................................... 174 Organization of the Policy TCAM .................................................................................................... 176
MARVELL CONFIDENTIAL - UNAUTHORIZED DISTRIBUTION OR USE STRICTLY PROHIBITED
List of Figures
AR VE 4du LL un CO -fn NF zjm ID sx EN e TI * O AL pn , U et ND Te ER chn ND olo A# gie 12 s 10 17 86
Preface
This document describes the architecture and features of the Prestera-DX SecureSmart switches, Layer 2+ stackable switches, and Multilayer stackable switches. It also provides full register definitions for these devices. All feature descriptions and specifications in this document refer to all of the following packet processors, unless otherwise specified. 98DX106, 98DX107, 98DX130, 98DX133, 98DX163, 98DX163R, 98DX166, 98DX167,98DX243, 98DX246, 98DX247, 98DX249, 98DX250, 98DX253, 98DX260, 98DX262, 98DX263, 98DX269, 98DX270, 98DX273, and 98DX803 In this document, any or all of these packet processors are referred to as “the device” or “the devices”. Wherever a section is relevant for only some of these devices, this is stated in the following way at the beginning of the section: This section is relevant for the following devices:
R
D SecureSmart: 98DX262 D Layer 2+ Stackable: 98DX130, 98DX260, 98DX270, 98DX803 D Multilayer Stackable: 98DX133, 98DX263, 98DX273 D SecureSmart Stackable: 98DX169, 98DX249, 98DX269
R
M AR VE 4du LL un CO -fn NF zjm ID sx EN e TI * O AL pn , U et ND Te ER chn ND olo A# gie 12 s 10 17 86
Note that if the section is not relevant for only one or two of the devices, this is emphasized as follows: This section is relevant for the following devices:
D SecureSmart: 98DX106, 98DX163, 98DX163R, 98DX243, 98DX262 D SecureSmart Stackable: 98DX169, 98DX249, 98DX269 D Layer 2+ Stackable: 98DX130, 98DX166, 98DX246, 98DX250, 98DX260, 98DX270 D Multilayer Stackable: 98DX107, 98DX133, 98DX167, 98DX247, 98DX253, 98DX263, 98DX273 U
Not relevant for: 98DX803
Document Organization
The sections in this specification are organized according to architectural and functional topics. Section 3. "Functional Overview" on page 31 provides a general description of the functional units in the device, and a packet walk-through description. Subsequent chapters focus on each of the device’s architectural and functional topics. Each chapter includes a description of the particular functional behavior, which is followed by the associated hardware register and table configurations. References to registers and table entries are hyperlinks to the corresponding register definition in the appendix of this document.
Related Documentation
The following documents contain additional information related to the Prestera® family chipset: • RFC and IEEE standards (Table 605, “Referenced Standards,” on page 821) • Prestera-DX Packet Processors Hardware Design Guide, (Document Control # MV-S300644-00) • 98DX130/133/250/253/260/263/270/273 Hardware Specifications (Document Control # MV-S102110-00) • 98DX166/167/246/247 Hardware Specifications (Document Control # MV-S102727-00) • 98DX803 Hardware Specifications (Document Control # MV-S103020-00)
MV-S102110-02 Rev. E Page 14
CONFIDENTIAL Document Classification: Restricted Information
The following conventions are used in this document: Document Conventions
Document Conventions The following name and usage conventions are used in this document: Signal Range
A signal name followed by a range enclosed in brackets represents a range of logically related signals. The first number in the range indicates the most significant bit (MSb) and the last number indicates the least significant bit (LSb). Example: CPU_TXD[7:0]
An n symbol at the end of a signal name indicates that the signal’s active state occurs when voltage is low. Example: INTn
State Names
Register Naming Conventions
M AR VE 4du LL un CO -fn NF zjm ID sx EN e TI * O AL pn , U et ND Te ER chn ND olo A# gie 12 s 10 17 86
Active Low Signals n
State names are indicated in italic font. Example: linkfail
Register field names are indicated as follows: Example: The field in the Global Control register. If the field name is in blue font (), this indicates a hyperlink. Register field bits are enclosed in brackets. Example: Field [1:0]
Register addresses are represented in hexadecimal format Example: 0x0
Reserved: The contents of the register are reserved for internal use only or for future use.
CONFIDENTIAL Document Classification: Restricted Information
MV-S102110-02 Rev. E Page 15
4duun-fnzjmsxe * Opnet Technologies * UNDER NDA# 12101786
98DX163/243 Hardware Specifications (Document Control # MV-S103374-00) 98DX106-BCW Hardware Specifications (Document Control # MV-S103473-00) 98DX106-LKJ Hardware Specifications (Document Control # MV-S103381-00) 98DX107-BCW Hardware Specifications (Document Control # MV-S102993-00) 98DX107-LKJ Hardware Specifications (Document Control # MV-S103560-00) 98DX262 Hardware Specifications (Document Control # MV-S103020-00) 98DX249 and 98DX269 Hardware Specifications (Document Control # MV-S103653-00) 98DX169, 98DX249, and 98DX269 Product Brief (Document Control # MV-S103614-00)
AR VE 4du LL un CO -fn NF zjm ID sx EN e TI * O AL pn , U et ND Te ER chn ND olo A# gie 12 s 10 17 86
• • • • • • • •
M
MARVELL CONFIDENTIAL - UNAUTHORIZED DISTRIBUTION OR USE STRICTLY PROHIBITED
Document Conventions
AR VE 4du LL un CO -fn NF zjm ID sx EN e TI * O AL pn , U et ND Te ER chn ND olo A# gie 12 s 10 17 86
Glossary of Acronyms The acronyms in Table 1 are used in Prestera documentation.
Aged Address Access Control List DiffServ “Assured Forwarding” Per-Hop Behavior Address Resolution Protocol Address Update Best Effort Bridge Protocol Data Unit Committed Burst Size Classless Interdomain Routing Committed Information Rate Class of Service Cyclic Redundancy Check DiffServ “Class Selector” Per-Hop Behavior Destination MAC Address IPv4 Header “Don’t fragment” field Destination IP Address Drop Precedence Differentiated Service Distributed Switching Architecture IEEE 802.2 Destination Service Access Point DiffServ Codepoint Equal/Weighted Cost Multipath DiffServ “Expedited Forwarding” Per-Hop Behavior Forwarding Database GARP VLAN Registration Protocol Internet Control Message Protocol Independent VLAN Learning Longest Prefix Match Media Access Control IPv4 header “More Fragments” Flag Multicast Listener Discovery Million packets per second Multiple Spanning Tree Maximum Transmission Unit “New Address” Address Update message Port-based ACL Policy Control Entry Policy Control List Per-Hop Behavior Port VLAN-ID “Query Address” Address Update message Quality of Service “Query Reply” Address Update message Reconciliation Sublayer Source MAC Address
MV-S102110-02 Rev. E Page 16
CONFIDENTIAL Document Classification: Restricted Information
4duun-fnzjmsxe * Opnet Technologies * UNDER NDA# 12101786
Acronyms
AA ACL AF ARP AU BE BPDU CBS CIDR CIR CoS CRC CS DA DF DIP DP DS DSA DSAP DSCP ECMP EF FDB GVRP ICMP IVL LPM MAC MF flag MLD MPPS MST MTU NA PACL PCE PCL PHB PVID QA QoS QR RS SA
M AR VE 4du LL un CO -fn NF zjm ID sx EN e TI * O AL pn , U et ND Te ER chn ND olo A# gie 12 s 10 17 86
Table 1:
M
MARVELL CONFIDENTIAL - UNAUTHORIZED DISTRIBUTION OR USE STRICTLY PROHIBITED
Acronyms (Continued) Shaped Deficit Weighted Round Robin Source IP Address Service-Level-Agreement Strict Priority IEEE 802.Source Service Access Point Single Spanning Tree Spanning Tree Protocol Shared VLAN Learning “Transplanted Address” Address Update message Traffic Class IPv4 header “Type of Service” field IPv4 header “Time to Live” field User Priority VLAN-based ACL VLAN Identification Multicast group index Virtual Local Area Network Variable-Length Subnet Masking Weighted Round Robin 10 Gigabit Attachment Unit Interface
M AR VE 4du LL un CO -fn NF zjm ID sx EN e TI * O AL pn , U et ND Te ER chn ND olo A# gie 12 s 10 17 86
AR VE 4du LL un CO -fn NF zjm ID sx EN e TI * O AL pn , U et ND Te ER chn ND olo A# gie 12 s 10 17 86
SDWRR SIP SLA SP SSAP SST STP SVL TA TC TOS TTL UP VACL VID VIDX VLAN VLSM WRR XAUI
CONFIDENTIAL Document Classification: Restricted Information
MV-S102110-02 Rev. E Page 17
4duun-fnzjmsxe * Opnet Technologies * UNDER NDA# 12101786
Table 1:
M
MARVELL CONFIDENTIAL - UNAUTHORIZED DISTRIBUTION OR USE STRICTLY PROHIBITED
Document Conventions
AR VE 4du LL un CO -fn NF zjm ID sx EN e TI * O AL pn , U et ND Te ER chn ND olo A# gie 12 s 10 17 86
Section 1. Product Overview Product Family Overview
The Marvell® Prestera®-DX family of packet processors deliver the optimal desktop switching solution for Enterprise (desktop and stackable) and Small-to-Medium Size Business (SMB) networks. This functional specification describes three families of Prestera-DX devices: SecureSmart switches Layer 2+ stackable switches Multilayer stackable switches
• • •
1.1.1
Prestera-DX SecureSmart Switches
The Prestera-DX SecureSmart switches are targeted at the SMB market. They integrate Gigabit Ethernet ports with integrated SERDES (serializer-deserializer), as well as HyperG.Stack ports with XAUI transceivers, a Layer 2+ Switching engine, a Layer 2 through Layer 4 Policy engine, MII/GMII/RGMII Ethernet port for management, and on-chip buffer memory. These complete system-on-a-chip (SoC) packet processors provide support for line-rate Layer 2 bridging with 128-byte deep packet inspection Policy Control List and full IEEE 802.1p and DiffServ QoS Support.
M AR VE 4du LL un CO -fn NF zjm ID sx EN e TI * O AL pn , U et ND Te ER chn ND olo A# gie 12 s 10 17 86
The Host CPU management interface of these devices is an MII/GMII/RGMII Ethernet port for packet forwarding and a Slave SMI Interface for address-mapped entities access. These devices do not support IPv4/IPv6 Unicast routing.
The Prestera-DX SecureSmart family of switches consists of the following devices: 98DX106 10 Tri-Speed Ports SecureSmart switch 98DX163/98DX163R 16 Tri-Speed Ports SecureSmart switch 98DX243 24 Tri-Speed Ports SecureSmart switch 98DX262 24 Tri-Speed Ports + 2 HyperG.Stack Ports SecureSmart switch
98DX106, 98DX163, 98DX163R, and 98DX243
Apart from their port configurations, the 98DX106, 98DX163, 98DX163R, and 98DX243 devices are: • Footprint compatible • Features compatible • Software compatible • Footprint compatible with the 98DX160, 98DX240, 98DX162, 98DX242, 98DX166, 98DX246, 98DX107, 98DX167 and 98DX247 devices.
98DX262
Apart from its pin configuration, the 98DX262 is footprint compatible with the 98DX250, 98DX260, 98DX270, 98DX803, 98DX253, 98DX263, and 98DX273 devices.
MV-S102110-02 Rev. E Page 18
CONFIDENTIAL Document Classification: Restricted Information
AR VE 4du LL un CO -fn NF zjm ID sx EN e TI * O AL pn , U et ND Te ER chn ND olo A# gie 12 s 10 17 86
The Prestera-DX SecureSmart Stackable switches are targeted at the SMB market. They integrate Gigabit Ethernet ports with integrated SERDES (serializer-deserializer), as well as HyperG.Stack ports with XAUI transceivers and HX/QX ports with integrated SERDES, a Layer 2+ switching engine, an IPv4/IPv6 Unicast routing engine, a Layer 2 through Layer 4 Policy engine, MII/GMII/RGMII Ethernet port for management, and on-chip buffer memory. These complete system-on-a-chip (SoC) packet processors provide support for line-rate Layer 2 bridging with 128-byte deep packet inspection Policy Control List and full IEEE 802.1p and DiffServ QoS Support.The HX/QX ports provide cost-effective stacking solutions, ideal for the SMB market by utilizing low-cost HDMI or SATA cables. The Host CPU management interface of these devices is an MII/GMII/RGMII Ethernet port for packet forwarding and a Slave SMI Interface for address-mapped entities access. These devices are stackable to up to 32 devices.
98DX169, 98DX249 and 98DX269
M AR VE 4du LL un CO -fn NF zjm ID sx EN e TI * O AL pn , U et ND Te ER chn ND olo A# gie 12 s 10 17 86
The Prestera-DX SecureSmart Stackable family of switches consists of the following devices: 98DX169 16 Tri-Speed Ports + 2 HX/QX ports SecureSmart Stackable switch with IPv4/IPv6 Unicast Routing capabilities. 98DX249 24 Tri-Speed Ports + 2 HX/QX ports SecureSmart Stackable switch 98DX269 24 Tri-Speed Ports + 2 HX/QX ports + 1 HyperG.Stack Ports SecureSmart Stackable switch with IPv4/IPv6 Unicast Routing capabilities. or 24 Tri-Speed Ports + 1 HX/QX Port + 2 HyperG.Stack Ports SecureSmart Stackable switch with IPv4/IPv6 Unicast Routing capabilities.
Apart from their port configurations the 98DX169, 98DX249, and 98DX269 devices are: • Features compatible • Software compatible
Apart from its port configuration, the 98DX269 is footprint compatible with the 98DX250, 98DX260, 98DX262, and 98DX270.
1.1.3
Prestera-DX Layer 2+ Stackable Switches
The Prestera-DX Layer 2+ stackable switches are targeted at the Layer 2+ stackable market. They integrate Gigabit Ethernet ports with integrated SERDES (serializer-deserializer), as well as HyperG.Stack ports with XAUI transceivers, a Layer 2+ switching engine, a Layer 2 through Layer 4 Policy engine, PCI or MII/GMII/RGMII Ethernet port for management, and on-chip buffer memory. These complete system-on-a-chip packet processors provide support for line-rate Layer 2 bridging with 128-byte deep packet inspection Policy Control List and full IEEE 802.1p and DiffServ QoS Support. The Host CPU management interface of these devices is a PCI Interface or an MII/GMII/RGMII Ethernet port for packet forwarding and a Slave SMI Interface for address-mapped entities access. Those devices are stackable to up to 32 devices and they do not support IPv4/IPv6 Unicast Routing.
CONFIDENTIAL Document Classification: Restricted Information
MV-S102110-02 Rev. E Page 19
4duun-fnzjmsxe * Opnet Technologies * UNDER NDA# 12101786
1.1.2
M
MARVELL CONFIDENTIAL - UNAUTHORIZED DISTRIBUTION OR USE STRICTLY PROHIBITED
Product Family Overview
Note
The 98DX166 and 98DX246 do not incorporate a PCI interface for management. Like the SecureSmart switches, their management interface is an MII/GMII/RGMII Ethernet port for packet forwarding and an a Slave SMI Interface for address-mapped entities access.
98DX166 and 98DX246
M AR VE 4du LL un CO -fn NF zjm ID sx EN e TI * O AL pn , U et ND Te ER chn ND olo A# gie 12 s 10 17 86
Apart from their port configurations, the 98DX166 and 98DX246 devices are: • Footprint compatible • Features compatible • Software compatible • Footprint compatible with the 98DX160, 98DX240, 98DX162, 98DX242, 98DX163, 98DX243, 98DX107, 98DX167 and 98DX247 devices
98DX250, 98DX130, 98DX260, 98DX270, and 98DX803
Apart from their port configurations, the 98DX130, 98DX250, 98DX260, 98DX270 and 98DX803 devices are: • Footprint compatible • Features compatible • Software compatible • Footprint compatible with the 98DX262, 98DX253, 98DX263, and 98DX273.
1.1.4
Prestera-DX Multilayer Stackable Switches
The Prestera-DX Multilayer stackable switches are targeted at the stackable edge router market. They integrate Gigabit Ethernet ports with integrated SERDES (serializer-deserializer) as well as HyperG.Stack ports with XAUI transceivers, a Layer 2+ switching engine, an IPv4/IPv6 Unicast Routing Engine, a Layer 2 through Layer 4 Policy engine, PCI or MII/GMII/RGMII Ethernet port for management, and on-chip buffer memory. These complete system-on-a-chip (SoC) packet processors provide support for line-rate Layer 2 bridging with 128-byte deep packet inspection Policy Control List and full IEEE 802.1p and DiffServ QoS Support. The Host CPU management interface of these devices is a PCI Interface or an MII/GMII/RGMII Ethernet port for packet forwarding and an a Slave SMI Interface for address-mapped entities access. These devices are stackable to up to 32 devices and they support IPv4/IPv6 Unicast Routing.
MV-S102110-02 Rev. E Page 20
CONFIDENTIAL Document Classification: Restricted Information
The 98DX107, 98DX167, and 98DX247 do not incorporate a PCI interface for management. Like the SecureSmart switches, their management interface is an MII/GMII/RGMII Ethernet port for packet forwarding and a Slave SMI Interface for address-mapped entities access.
98DX107, 98DX167, and 98DX247
M AR VE 4du LL un CO -fn NF zjm ID sx EN e TI * O AL pn , U et ND Te ER chn ND olo A# gie 12 s 10 17 86
Apart from their port configurations, the 98DX107, 98DX167 and 98DX247 are: • Footprint compatible • Features compatible • Software compatible • Footprint compatible with the 98DX160, 98DX240, 98DX162, 98DX242,98DX106, 98DX163, 98DX243, 98DX166 and 98DX246 devices
98DX253, 98DX133, 98DX263 and 98DX273
Apart from their port configurations, the 98DX133, 98DX253, 98DX263, and 98DX273 are: • Footprint compatible • Features compatible • Software compatible • Footprint compatible with the 98DX262, 98DX250, 98DX260, and 98DX270.
1.2
Prestera Software Suite
The Prestera Software Suite (PSS) is composed of a set of production-quality comprehensive drivers for managing a Prestera based system. The Prestera Software Suite serves as a foundation for customer-developed applications, such as IEEE 802.1 bridging services, IPv4/IPv6 routing, Policy Control Lists, Traffic Conditioning, and Quality of Service. Based on a modular architecture and comprehensive APIs, the Prestera Software Suite enables software developers to integrate high-level applications with minimal effort, without register-level knowledge of the Prestera chipset registers and tables. The software is written in ANSI-C and is OS and CPU independent for easy porting. See the Prestera Software Suite User Guide for additional information.
MARVELL CONFIDENTIAL - UNAUTHORIZED DISTRIBUTION OR USE STRICTLY PROHIBITED
Prestera Software Suite
AR VE 4du LL un CO -fn NF zjm ID sx EN e TI * O AL pn , U et ND Te ER chn ND olo A# gie 12 s 10 17 86
Section 2. Summary of Features
Detailed feature definition and configuration descriptions can be found in the associated sections of this document.
2.1
Port MAC Features
The device incorporates 10/12/16/24 independent 10/100/1000 Mbps Ethernet MACs with integrated 1.25 Gbps SERDES. In addition, the following devices incorporate independent HyperG.Stack MACs with integrated XAUI transceivers: 1 HyperG.Stack port:
98DX130, 98DX133
2 HyperG.Stack ports:
98DX260, 98DX262, 98DX263
3 HyperG.Stack ports:
98DX270, 98DX273, 98DX803
2 HX/QX ports:
98DX249, 98DX169
The MAC port features include: • 10/100/1000 Mbps Ethernet MAC:
–
•
M AR VE 4du LL un CO -fn NF zjm ID sx EN e TI * O AL pn , U et ND Te ER chn ND olo A# gie 12 s 10 17 86
2 HX/QX ports and 1 HyperG.Stack port or 1 HX/QX port and 2 HyperG.Stack ports: 98DX269
Integrated SGMII interface on all 10/24/16 tri-speed ports. SGMII is a serialized version of the IEEE 802.3 GMII interface, which supports a triple-speed MAC (1000/100/10 Mbps) using only four I/Os per port.
–
IEEE 802.3x Flow Control support on full-duplex links and back-pressure Flow Control on half-duplex links.
–
Two IEEE 802.3 Clause 22 compliant master SMI interfaces for external PHY management and AutoNegotiation.
–
Supports manual or automatic setting for link, speed, duplex, and IEEE 802.3x Flow Control.
–
Support of Automatic Media Select when connected to a 88E1112 Alaska® PHY, without CPU intervention.
– – – – –
Support for Virtual Cable Tester® (VCT) technology, using the Alaska transceiver. Support for 1000 BASE-X for fiber and backplane applications. Support for pre-emphasis on serial driver.
Support for Ethernet-like and RMON EtherStats counters. Support for Jumbo frames of up to 10 KB.
HyperG.Stack MAC
–
The HyperG.Stack port integrates a XAUI transceiver using 16 I/0s, incorporating four synchronized lanes that deliver bi-directional point-to-point data transmission of 3.125 Gbps or 3.75 Gbps per lane.
– –
IEEE 802.3ae XAUI-compliant Quad 3.125 Gbps/lane. Supports pre-emphasis on serial driver.
MV-S102110-02 Rev. E Page 22
CONFIDENTIAL Document Classification: Restricted Information
Three IPG modes—LAN mode, Fixed mode, and WAN mode. IEEE 802.3x Flow Control support.
Packet Level Flow Control support via digital pins.
IEEE 802.3 Clause 45 compliant master XSMI interface for configuration of the HyperG.Stack MACs and configuration of external XFP or XENPAK PHYs. Per-port IEEE 802.3 Clause 45 compliant Slave XSMI interface for port configuration. Two preamble modes—Standard and Enhanced.
Support for Ethernet-like and RMON EtherStats counters. Supports Jumbo frames of up to 10 KB.
HX/QX MAC
–
– – – – – – – – –
The HX/QX port integrates two (HX) or one (QX) SERDES lanes using four (HX) or two (QX) I/0s. It incorporates two synchronized lanes, delivering bi-directional point-to-point data transmission of 3.125 Gbps per lane. QX port uses a single 3.125 Gbps SERDES lane for 2.5 Gbps throughput. HX port uses a two 3.125 Gbps SERDES lanes for 5 Gbps throughput. Supports pre-emphasis on serial driver.
Exceeds IEEE 802.3ae jitter requirements in 10 Gbps applications. On-chip 50 ohms serial receiver termination. IEEE 802.3x Flow Control support.
M AR VE 4du LL un CO -fn NF zjm ID sx EN e TI * O AL pn , U et ND Te ER chn ND olo A# gie 12 s 10 17 86
•
On-chip 50 Ohms Serial receiver termination.
Packet Level Flow Control support via digital pins.
Support for Ethernet-like and RMON EtherStats counters. Supports Jumbo frames of up to 10 KB.
The port MAC features and configuration are described in detail in Section 9. "Network Interfaces and Media Access Controllers (MACs)" on page 136.
CONFIDENTIAL Document Classification: Restricted Information
MV-S102110-02 Rev. E Page 23
4duun-fnzjmsxe * Opnet Technologies * UNDER NDA# 12101786
– – – –
Exceeds IEEE 802.3ae jitter requirements in 10 Gbps applications.
AR VE 4du LL un CO -fn NF zjm ID sx EN e TI * O AL pn , U et ND Te ER chn ND olo A# gie 12 s 10 17 86
– – – – – –
M
MARVELL CONFIDENTIAL - UNAUTHORIZED DISTRIBUTION OR USE STRICTLY PROHIBITED
Port MAC Features
2.2
Port Trunking Features
AR VE 4du LL un CO -fn NF zjm ID sx EN e TI * O AL pn , U et ND Te ER chn ND olo A# gie 12 s 10 17 86
Port trunking (also known as link aggregation) allows multiple physical ports to function as a single high-bandwidth logical port between the device and other switching devices or end-stations. The device’s port trunking support is compliant with the IEEE 802.3ad Link Aggregation standard.
The following port trunk features are supported by the device: • Support for 127 trunk groups. (The SecureSmart devices support the following: 98DX163, 98DX243, and 98DX262 support 32 trunk groups and the 98DX106 supports 8 trunk groups.) • Each trunk group can be configured with up to eight port members. The Marvell Distributed Switching Architecture (DSA) enables the trunk group members to reside on any device in the system. • Unicast and Multicast packets are load-balanced among the trunk group port members using either:
– –
A hash function based on the packet’s L2, L3, and/or L4 header fields The ingress port number or Trunk-ID
Port trunking features and configuration are described in detail in Section 13. "Port Trunking" on page 281.
2.3
Distributed Switching Architecture (DSA) Features
M AR VE 4du LL un CO -fn NF zjm ID sx EN e TI * O AL pn , U et ND Te ER chn ND olo A# gie 12 s 10 17 86
The device supports DSA, which allows multiple devices to be cascaded through any of its Ethernet MAC port interfaces with other devices in these three families, or with any Marvell device that supports DSA tag cascading (e.g., the 98DX240). The cascade port can be a single MAC port or a trunk group consisting of several MAC ports on the device. Up to 32 devices can be cascaded to create a single cascaded system. Any cascade topology (e.g., chain, ring, or mesh) is supported.
A cascaded system of devices in these three families supports the same features as a non-cascaded single device in these three families. This includes: • Trunk groups with port members on multiple devices in the system. • Mirroring to analyzer port on any device in the system. • Traffic to the CPU can be sent through any device in the system. • CPU can inject traffic to be transmitted through a port on any device in the system. • A source-ID based egress filtering mechanism may be used to prevent loops in the forwarding topology.
Cascaded system features and configuration are described in detail in Section 4. "Distributed Switching Architecture" on page 44.
MV-S102110-02 Rev. E Page 24
CONFIDENTIAL Document Classification: Restricted Information
Eight traffic class assignments for segregation on egress queues. (SecureSmart and SecureSmart Stackable devices have four traffic classes for network ports and eight queues for the CPU port.) 2 drop precedence level assignments for tail-dropping on congested egress queues.
On egress, optional QoS marking of packet user priority and/or DSCP. QoS initial marking mechanisms: Port-based, Protocol-based, Policy-based, or FDB based. Layer-2 and/or Layer-3 QoS Trusted Port modes:
– –
Maps the packet User Priority or DSCP to a QoS profile.
•
Optional DSCP Mutating for crossing of DiffServ domains. Policing: Out-of-profile packets may be QoS remarked or dropped.
•
Setting Packet header 802.1p Use Priority and/or DSCP QoS fields.
2.5
Policy Features
M AR VE 4du LL un CO -fn NF zjm ID sx EN e TI * O AL pn , U et ND Te ER chn ND olo A# gie 12 s 10 17 86
The Quality of Service features and configuration are described in detail in Section 8. "Quality of Service (QoS)" on page 110.
The device incorporates an on-chip line-rate ingress Policy engine. The Policy engine is suited for supporting port or VLAN access control lists (ACLs/VACLs), policy based QoS, VLANs, mirroring or trapping to the CPU, or switching. The Policy engine features include the following:
• •
• • • • • •
Inspection of the first 128 bytes of the packet. Up to 1024 policy rules where each rule key is 24 bytes, or 512 policy rules where each rule key is 48 bytes, or a combination of 24-byte and 48-byte rules. (SecureSmart and SecureSmart Stackable devices: Up to 256 policy rules, where each rule key is 24 bytes, or 128 policy rules, where each rule key is 48 bytes, or a combination of 24-byte and 48-byte rules.) Each rule key has per-bit masking capability. The key consists of well-known fixed Layer-2/3/4 fields, as well as user-defined fields. Rules are associated with a policy-ID. Packets are assigned a policy-ID based on the source port/trunk number, or the packet’s VID. Supports two policy searches per packet, each with a separate policy-ID assignment. Rule match counters—a rule action can be bound to one of 32 global rule-match counters. The policy actions include the following features:
– – – – – –
Accept/Deny Trap/Mirror to CPU Mirror to analyzer port Assign QoS attributes
VLAN assignment or VLAN translation Redirect to a target destination
CONFIDENTIAL Document Classification: Restricted Information
MV-S102110-02 Rev. E Page 25
4duun-fnzjmsxe * Opnet Technologies * UNDER NDA# 12101786
–
AR VE 4du LL un CO -fn NF zjm ID sx EN e TI * O AL pn , U et ND Te ER chn ND olo A# gie 12 s 10 17 86
The device provides extensive Layer-2 and Layer-3 Quality of Service (QoS) capabilities, allowing it to support IEEE 802.1p and IETF Diffserv requirements. These device QoS features include: • 72 global QoS Profiles. • A QoS Profile determines the packet’s traffic class, drop precedence, user priority, and DSCP:
M
MARVELL CONFIDENTIAL - UNAUTHORIZED DISTRIBUTION OR USE STRICTLY PROHIBITED
Quality of Service Features
Bind to one of 256 Policers (SecureSmart and SecureSmart Stackable devices support four Policers per port.)
AR VE 4du LL un CO -fn NF zjm ID sx EN e TI * O AL pn , U et ND Te ER chn ND olo A# gie 12 s 10 17 86
–
The Policy features and configuration are described in detail in Section 10. "Ingress Policy Engine" on page 172.
Bridging Features
The device supports wire-speed 802.1D/Q bridging features, together with many additional bridging feature enhancements. The device’s bridging features include: • 16K entry Forwarding Database (FDB): (SecureSmart devices, SecureSmart Stackable devices and 98DX107: 8K entry FDB)
– – – – – – •
• • • • • •
New Source Addresses can be dropped, trapped, or forwarded. This is an important security hook for IEEE 802.1X Port Based Access Control, and to the proprietary extension MAC-based access control. Independent and Shared VLAN Learning.
CPU triggered delete of entries by VLAN and/or port/trunk.
MAC based filtering, trapping, mirroring to CPU, or mirroring to analyzer port. Address transplanting from an old device, port, or trunk to a new device, port, or trunk. This is an important hook for efficient implementation of IEEE 802.1w Rapid Reconfiguration. Address Update messages to/from the CPU for FDB management. IPv4/6 Multicast bridging based on the packet (Source-IP, Group-IP, VLAN-ID)
VLANs:
– – – – •
Automatic and CPU-controlled learning and aging modes.
M AR VE 4du LL un CO -fn NF zjm ID sx EN e TI * O AL pn , U et ND Te ER chn ND olo A# gie 12 s 10 17 86
– –
4K entry VLAN table. (SecureSmart and SecureSmart Stackable devices have 256 active VLANs.) Port, Protocol, and Policy-based VLAN assignment mechanisms. Nested VLAN support for Provider Bridging. VLAN ingress and egress filtering.
4K entry Multicast Group table. (SecureSmart and SecureSmart Stackable devices have 256 Multicast Group tables) Support for single spanning tree and multiple spanning tree with up to 256 spanning tree groups. (SecureSmart and SecureSmart Stackable devices do not support Multiple Spanning Tree.) Private VLAN Edge for secure forwarding to an uplink port. Trapping/Mirroring of well-known control protocols. Trapping/Mirroring/Dropping of Unknown or Unregistered packets. Rate limiting of Known, Unknown Unicast, Multicast, and Broadcast packets. Counters:
– – –
RMON 1 Host Group and Matrix Group counters. Port/VLAN/Device ingress counters.
Port/VLAN/drop precedence/traffic class egress counters.
The Bridge features and configuration are described in detail in Section 11. "Bridge Engine" on page 203.
MV-S102110-02 Rev. E Page 26
CONFIDENTIAL Document Classification: Restricted Information
AR VE 4du LL un CO -fn NF zjm ID sx EN e TI * O AL pn , U et ND Te ER chn ND olo A# gie 12 s 10 17 86
This section is relevant for the following devices:
D Multilayer Stackable: 98DX107, 98DX133, 98DX167 98DX247, 98DX253, 98DX263, 98DX273 D SecureSmart Stackable: 98DX169, 98DX249, 98DX269 Not relevant for the SecureSmart or Layer 2+ Stackable devices.
The device supports the following Unicast routing features: • Per-port and per-VLAN enabling of IPv4 and IPv6 Unicast routing. • Policy-based IPv4/v6 routing lookup. • Up to 1K prefix/host entries and 1K ARP MAC addresses. SecureSmart Stackable devices support up to 32 static IPv4 prefix/host entries and 256 ARP MAC addresses. • Next-hop forwarding to any {device, port}, trunk, or VLAN group in the system. • Per route entry QoS assignment. • Per route entry mirroring-to-CPU or mirroring to Ingress Analyzer port. • Router exception checking:
– – –
Options Routed packet modifications:
– – – •
MAC SA assignment based on port or VLAN IPv4 TTL and IPv6 Hop Limit decrement.
IPv4 Checksum update. Support for Layer 3 control traffic:
– – –
•
TTL/Hop Limit Exceeded
RIPv1
M AR VE 4du LL un CO -fn NF zjm ID sx EN e TI * O AL pn , U et ND Te ER chn ND olo A# gie 12 s 10 17 86
•
IPv4/v6 Header Error
IPv4/v6 control protocols running over link-layer Multicast, e.g. RIPv2, OSPv2
UDP Relay. Egress mirroring of routed packet to an Analyzer port.
The Unicast Routing features and configuration are described in detail in Section 12. "IPv4 and IPv6 Unicast Routing" on page 265.
CONFIDENTIAL Document Classification: Restricted Information
MV-S102110-02 Rev. E Page 27
4duun-fnzjmsxe * Opnet Technologies * UNDER NDA# 12101786
U
M
MARVELL CONFIDENTIAL - UNAUTHORIZED DISTRIBUTION OR USE STRICTLY PROHIBITED
Unicast Routing Features
2.8
Traffic Policing Features
AR VE 4du LL un CO -fn NF zjm ID sx EN e TI * O AL pn , U et ND Te ER chn ND olo A# gie 12 s 10 17 86
The device supports 256 on-chip wire-speed ingress traffic policers. (SecureSmart and SecureSmart Stackable devices support four per-port on-chip wire-speed ingress traffic policers.)
Each Policer supports the following features: • Single meter, configurable with a maximum rate and burst-size:
–
– • • •
Rates range from a minimum rate of 1Kbps to a maximum rate 100 Gbps, with six levels of granularity ranging from a minimum granularity of 1 Kbps for rates under 1 Mbps, to a maximum granularity of 100 Mbps for rates up to 100 Gbps.
Large burst-size supports temporal bursts without impacting TCP's sliding window algorithm. Color aware and unaware operational modes. Out-of-profile packets are either remarked with QoS or dropped: QoS Remarking is based either on explicit QoS assignment or mapped according to the incoming DSCP. Conformance counters:
– –
16 global conformance counter sets. Counts in-profile and out-of-profile packets. Each policer may be bound to a conformance counter set.
The Policing features and configuration are described in detail in Section 14. "Ingress Traffic Policing Engine" on page 292.
Bandwidth Management Features
M AR VE 4du LL un CO -fn NF zjm ID sx EN e TI * O AL pn , U et ND Te ER chn ND olo A# gie 12 s 10 17 86
2.9
The device provides the bandwidth management features required for QoS (lossy) systems, and flow-control (lossless) systems. These device QoS features include:
• • •
Ingress bandwidth management using flow-control with XOFF/XON buffer limits. Eight egress traffic class queues per port (including the CPU port). (SecureSmart and SecureSmart Stackable devices have four traffic classes for the network ports and eight traffic classes for the CPU.) Egress tail-dropping, for congestion avoidance:
– – •
Two levels of drop precedence for color-aware tail-dropping.
Egress queue scheduling algorithms:
– – – •
Based on the queued buffers limit and queued packets limit.
Shaped Weighted Round Robin (SDWRR), for minimum bandwidth assignment.
Strict Priority (SP) provides low-latency scheduling, for high-priority low-latency traffic. Hybrid scheduling of both SP and SDWRR queues.
Egress per-port and per-queue shaping, for limiting the maximum bandwidth:
–
Byte-based shaping rates ranging from 64 Kbps to 12 Gbps, with a granularity of under 64 Kbps.
The bandwidth management features and configuration are described in detail in the Section 15. "Bandwidth Management" on page 302.
MV-S102110-02 Rev. E Page 28
CONFIDENTIAL Document Classification: Restricted Information
In managed systems, it is critical that the CPU receive only traffic that requires software processing. Unwanted traffic unnecessarily burdens the CPU and delays handling of other traffic that requires processing. Furthermore, traffic that is sent to the CPU must be properly prioritized into separate queues. This allows the CPU to process high-priority traffic with minimum delay, even when overloaded with low-priority traffic. The device provides Secure Control Technology for both selecting traffic to be sent to the CPU, as well as prioritizing and managing the bandwidth of traffic sent to the CPU.
•
8 Traffic Class CPU queues: Same queueing, scheduling algorithms, and shaping as non-CPU-port queues, see Section 7. "CPU Traffic Management" on page 102. For each packet type trapped or mirrored to the CPU, the user can configure the following packet attributes:
– – – – – •
Traffic Class
Drop Precedence
CPU destination device
Packet truncation to 128 bytes Statistical dropping
Explicit mechanisms to trap or mirror well-known Multicast and Broadcast control packets to the CPU:
– – – – – – – – –
ARP Request
IPv4 IGMPv1/2/3 IPv6 MLDv1/2
IPv6 Neighbor Discovery IP Broadcast
Spanning tree BPDU
M AR VE 4du LL un CO -fn NF zjm ID sx EN e TI * O AL pn , U et ND Te ER chn ND olo A# gie 12 s 10 17 86
•
Other IEEE reserved Multicast packets (e.g. GVRP, LACP, PAE, etc.) Cisco Layer-2 Multicast control packets Unicast MAC-to-me packets
The STC features and configuration are described in detail in Section 7. "CPU Traffic Management" on page 102.
CONFIDENTIAL Document Classification: Restricted Information
MV-S102110-02 Rev. E Page 29
4duun-fnzjmsxe * Opnet Technologies * UNDER NDA# 12101786
AR VE 4du LL un CO -fn NF zjm ID sx EN e TI * O AL pn , U et ND Te ER chn ND olo A# gie 12 s 10 17 86
The device’s physical management interface may be the PCI interface for both packet Rx/Tx and register access, or MII/GMII/RGMII for packet Rx/Tx and SMI interface for register access.
M
MARVELL CONFIDENTIAL - UNAUTHORIZED DISTRIBUTION OR USE STRICTLY PROHIBITED
Secure Control Technology (SCT) Features
2.11
Traffic Monitoring Features
–
Ingress and/or egress port packet sampling compliant with RFC 3176: Sflow - A Method for Monitoring Traffic in Switched and Routed Networks.
– –
Packets may be truncated to 128 bytes and sent to any CPU in the system. Sampling to the CPU is independent of ingress/egress packet mirroring to analyzer port.
Mirroring to Analyzer Port:
– – – – –
Independent ingress and egress analyzer port configuration.
Ingress mirroring enable per port, policy rule action, VLAN, and/or FDB. Egress mirroring enabled per port.
Unlimited number of ingress and egress mirrored ports.
Supports ingress and/or egress statistical mirroring to the destination analyzer port.
MV-S102110-02 Rev. E Page 30
M AR VE 4du LL un CO -fn NF zjm ID sx EN e TI * O AL pn , U et ND Te ER chn ND olo A# gie 12 s 10 17 86
The traffic monitoring features and configuration are described in detail in Section 16. "Traffic Monitoring" on page 312.
CONFIDENTIAL Document Classification: Restricted Information
The devices are members of the Marvell® Prestera®-DX family of networking switches. This single-chip packet processor integrates 10/12/16/24, ports of Gigabit Ethernet with integrated SERDES, and one, two, or three HyperG.Stack ports, each with integrated quad SERDES interface XAUI transceivers, Layer 2+ switching engine, IPv4/IPv6 Unicast routing engine, powerful Layer 2 through Layer 4 Policy engine, PCI or MII/GMII/RGMII Ethernet port for management, and on-chip 6 Mbit buffer memory. This complete system-on-a-chip (SoC) packet processor provides support for line rate Layer 2 bridging, IPv4 and IPv6 Unicast routing, deep packet inspection Policy engine, and Layer 2/3 QoS.
M AR VE 4du LL un CO -fn NF zjm ID sx EN e TI * O AL pn , U et ND Te ER chn ND olo A# gie 12 s 10 17 86
The device integrates the following functions: • Store and forward switching architecture with on-chip packet buffering. • Layer 2 through Layer 4 packet Policy engine. • Ethernet Bridge engine. • IPv4/IPv6 Unicast routing engine • Ingress policers. • Support for packet header manipulation, including VLAN insertion/removal/replacement, IEEE 802.1p User Priority field remarking and DSCP field remarking • Marvell Distributed Switching Architecture, based on the DSA tag for the CPU packet interface and cascade ports between devices. • On-chip transmit queues, including congestion handling and scheduling. • Egress rate shapers. • Support for host processor interface—PCI, Ethernet + SMI, or MII/GMII/RGMII Ethernet. In addition, Marvell provides a comprehensive set of software tools and software drivers supporting the Prestera chipset and the Alaska® transceivers. The Prestera Software Suite (PSS) provides the user with high-level APIs and OS/CPU independence.
CONFIDENTIAL Document Classification: Restricted Information
MV-S102110-02 Rev. E Page 37
4duun-fnzjmsxe * Opnet Technologies * UNDER NDA# 12101786
3.6
M
MARVELL CONFIDENTIAL - UNAUTHORIZED DISTRIBUTION OR USE STRICTLY PROHIBITED
98DX269 Block Diagram
3.7
High-Level Packet Walkthrough
AR VE 4du LL un CO -fn NF zjm ID sx EN e TI * O AL pn , U et ND Te ER chn ND olo A# gie 12 s 10 17 86
This section provides a functional walkthrough of the device.
Note
The only difference between the Layer 2+ devices and the Multilayer devices is that the Multilayer devices incorporate an IPv4/IPv6 Unicast Routing Engine.
SecureSmart and Layer 2+ Switches Ingress and Egress Processing Engines Egress Pipeline
Ingress Pipeline
Egress Filtering
Pre-Egress Engine
Multi-Target Replication
Policing Engine
Descriptor Enqueueing
Bridge Engine
Rate Shaping
Transmit Scheduler
Headers Alteration
Ports MAC Tx
MV-S102110-02 Rev. E Page 38
M AR VE 4du LL un CO -fn NF zjm ID sx EN e TI * O AL pn , U et ND Te ER chn ND olo A# gie 12 s 10 17 86
Figure 7:
Policy Engine
Header Decode Engine
Ports MAC Rx
CONFIDENTIAL Document Classification: Restricted Information
4duun-fnzjmsxe * Opnet Technologies * UNDER NDA# 12101786
The device’s processing engines are pipelined. The device maintains two pipelines—an ingress pipeline and an egress pipeline, which process all the traffic received on the device and transmitted from it. Figure 7 and Figure 8 illustrate the ingress and egress pipelines and the engines in each pipeline stage.
M
MARVELL CONFIDENTIAL - UNAUTHORIZED DISTRIBUTION OR USE STRICTLY PROHIBITED
M AR VE 4du LL un CO -fn NF zjm ID sx EN e TI * O AL pn , U et ND Te ER chn ND olo A# gie 12 s 10 17 86
Headers Alteration
Bridge Engine
Ports MAC Rx
Packets received on a device’s port are first processed by the ingress pipeline, which consists of the following processing units: • Port MAC Rx • Header Decode engine • Policy engine • Bridge engine • IPv4/IPv6 Unicast Routing Engine (98DX107/167/247/253/263/273/169/249/269 devices only) • Policing engine • Pre-egress engine
3.7.1.1
Ingress Processing on a Cascade Port
Although all packets received by the device always pass through the ingress pipeline, all ingress engines are not necessarily enabled. Specifically, the Policy and Bridge engines can be independently enabled or disabled on a per port basis. In a cascaded/stackable system based on devices in these families, the device in the stack through which the packet is received performs the policy and bridge decisions. If the packet is forwarded through a cascade port, the
CONFIDENTIAL Document Classification: Restricted Information
MV-S102110-02 Rev. E Page 39
4duun-fnzjmsxe * Opnet Technologies * UNDER NDA# 12101786
Multilayer Stackable and SecureSmart Stackable Switches Ingress and Egress Processing Engines
AR VE 4du LL un CO -fn NF zjm ID sx EN e TI * O AL pn , U et ND Te ER chn ND olo A# gie 12 s 10 17 86
Figure 8:
M
MARVELL CONFIDENTIAL - UNAUTHORIZED DISTRIBUTION OR USE STRICTLY PROHIBITED
High-Level Packet Walkthrough
Ports MAC Rx
Each port MAC Rx operates independently. The port MAC is responsible for IEEE 802.3 MAC functionality, packet reception, allocation of buffers in the device’s packet memory and DMA of the packet data into the buffers memory. Packets that contain errors such as FCS Errors, Length Errors, etc. are discarded. Error-free packets continue to be processed by the ingress pipeline.
3.7.1.3
Header Decode Engine
If the packet is not filtered by the port MAC, the packet’s header of up to 128 bytes is decoded by the Header Decode engine. This engine decodes the packet header and extracts the packet fields (e.g., MAC SA, MAC DA, EtherType, SIP, DIP) that are required by the subsequent pipe engines.
3.7.1.4
Policy Engine
If the packet is not filtered by the port MAC, and the ingress port configuration setting enables Policy engine processing, the packet is processed by the Policy engine.
M AR VE 4du LL un CO -fn NF zjm ID sx EN e TI * O AL pn , U et ND Te ER chn ND olo A# gie 12 s 10 17 86
The Policy engine allows Policy Control Lists to be applied to packets based on flexible criteria, including the packet Layer 2, Layer 3, and Layer 4 field content.
The Policy engine may be used to implement user applications such as Access Control Lists (ACLs), Quality of Service (QoS), and Policy-based VLANs. The Policy engine may perform two lookups per packet.
On the 98DX107/167/247/253/263/273/169/249/269 devices, the Policy engine second lookup may be used to perform IPv4/IPv6 Unicast Longest Prefix match on the packet’s DIP. If a mach is found, the policy action entry is used as a next hop entry for the IPv4/IPv6 Unicast Routing engine.
3.7.1.5
Bridge Engine
If the packet is not filtered by the previous engines, and the ingress port configuration is enabled for Bridge engine processing, the packet is sent to the Bridge engine. The Bridge engine is responsible for the following functions: 1. IEEE 802.1Q/D Bridging. This includes functions such as VLAN assignment, Spanning Tree support, MAC learning, Address table entries aging, filtering, and forwarding. 2. IPv4 IGMP snooping and IPV6 MLD snooping. 3. Control packet trapping and mirroring to the CPU. This includes identifying IEEE reserved Multicast, IPv4/v6 link layer Multicast, IGMP and MLD, ARP, RIPv1, and IPv4 Broadcast packets. 4. Ingress port rate limiting of Broadcast, Multicast, and Unknown Unicast packets. 5. Filtering/trapping/mirroring of unknown and/or unregistered packets. 6. Private VLAN Edge (PVE), if enabled, overrides the bridge forwarding decision and sends the packet to a pre-configured destination.
MV-S102110-02 Rev. E Page 40
CONFIDENTIAL Document Classification: Restricted Information
4duun-fnzjmsxe * Opnet Technologies * UNDER NDA# 12101786
3.7.1.2
AR VE 4du LL un CO -fn NF zjm ID sx EN e TI * O AL pn , U et ND Te ER chn ND olo A# gie 12 s 10 17 86
forwarding decision and packet descriptor information are attached to the packet using the DSA tag. The Policy and Bridge engines are configured to be disabled on the device’s cascade ports, since the packet was already processed by these engines on the ingress device. In addition, any ingress trapping or mirroring of a packet to the CPU is also performed only on the ingress pipeline on the ingress device. This ensures that a packet is not sent to the CPU multiple times.
M
MARVELL CONFIDENTIAL - UNAUTHORIZED DISTRIBUTION OR USE STRICTLY PROHIBITED
This section is relevant for the following devices:
AR VE 4du LL un CO -fn NF zjm ID sx EN e TI * O AL pn , U et ND Te ER chn ND olo A# gie 12 s 10 17 86
D Multilayer Stackable: 98DX107, 98DX133, 98DX167, 98DX247, 98DX253, 98DX263, 98DX273 D SecureSmart Stackable: 98DX169, 98DX249, 98DX269 U
Not relevant for the SecureSmart and Layer 2+ devices.
If the packet is IPv4 or IPv6 Unicast, and it has not been filtered by the previous engines, and the Policy engine has performed Longest Prefix Match on its DIP, and the packet has been triggered for routing by the Bridge engine, and its VLAN is enabled for routing, the IPv4/IPv6 Unicast routing engine is triggered and the packet is routed. The IPv4/IPv6 Routing engine is responsible for the following functions: • Router exception checking: • IPv4/v6 Header Error • TTL/Hop Limit Exceeded • Options • Next-hop forwarding to any {device, port}, trunk, or VLAN group in the system • Per route entry QoS assignment • Per route entry mirroring-to-CPU or mirroring to ingress analyzer port
3.7.1.7
Policing Engine
3.7.1.8
Pre-Egress Engine
M AR VE 4du LL un CO -fn NF zjm ID sx EN e TI * O AL pn , U et ND Te ER chn ND olo A# gie 12 s 10 17 86
The Policing engine is invoked when a policy rule binds the matching packet flow to a policer instance. The Policing engine can meter the flow and maintain flow statistics. Non-conforming packets can be dropped, or have their QoS re-marked.
At the end of the ingress pipeline, the Pre-egress engine examines the decisions made by the ingress pipeline and prepares/duplicates the packet descriptor for the egress pipeline processing.
3.7.1.8.1 Ingress Pipeline Packet Commands
The ingress pipeline packet descriptor command may be any ONE of the following: • Drop the packet. • Trap the packet to the CPU. • Forward the packet to a target destination(s). • Forward the packet to a target destination(s) AND mirror the packet to the CPU.
In addition to one of the possible packet commands listed above, the ingress pipeline may set the packet descriptor with either or both of the following commands: • Mirror to the ingress analyzer port. • Ingress sample to the CPU.
3.7.1.8.2 Packet Descriptor Processing
If the packet descriptor command is “Drop the packet” and it is neither ingress-mirrored nor sampled to the CPU, the packet is dropped and its buffer(s) is/are released. The descriptor of this dropped packet is not forwarded to the egress pipeline. If the packet is mirrored to the CPU and/or sampled to the CPU and/or mirrored to the ingress analyzer port, the packet descriptor is replicated by the pre-egress engine for each target.
CONFIDENTIAL Document Classification: Restricted Information
MV-S102110-02 Rev. E Page 41
4duun-fnzjmsxe * Opnet Technologies * UNDER NDA# 12101786
R
IPv4/v6 Unicast Routing Engine
M
MARVELL CONFIDENTIAL - UNAUTHORIZED DISTRIBUTION OR USE STRICTLY PROHIBITED
High-Level Packet Walkthrough
AR VE 4du LL un CO -fn NF zjm ID sx EN e TI * O AL pn , U et ND Te ER chn ND olo A# gie 12 s 10 17 86
If, for any reason, the packet is to be sent to the CPU, the packet descriptor is set with a specific CPU code and its associated attributes, and then forwarded to the specified CPU in the system. The global CPU Code table defines the CPU code attributes that define the CPU device through which the packet is to be forwarded, its traffic class, drop precedence, the statistical sampling ratio, and an option to truncate the packet to 128 bytes.
3.7.2
Egress Pipeline
The ingress pipeline Pre-egress unit passes to the egress pipeline packet descriptors with either a Unicast or Multicast destination target. The egress pipeline is comprised of the following functional units: • Egress Filtering • Multi-Target Replication • Descriptor Queueing • Rate Shaping • Transmit Scheduler
3.7.2.1
Egress Filtering
M AR VE 4du LL un CO -fn NF zjm ID sx EN e TI * O AL pn , U et ND Te ER chn ND olo A# gie 12 s 10 17 86
The following is performed prior to enqueueing a packet on a given egress port queue: 1. VLAN egress filtering 2. Spanning Tree egress filtering 3. Source port/trunk group egress filtering for multi-target packets 4. Egress port unregistered Multicast and Unknown Unicast filtering 5. Source ID multi-target filtering
Each of the egress filtering unit mechanisms can be independently enabled or disabled.
3.7.2.2
Multi-Target Replication
A multi-target destination is indicated via a multi-target group index, also known as VIDX.
If the packet is multi-target (i.e. Broadcast, Multicast, or Unknown Unicast), the packet descriptor is replicated for each egress port member of the VIDX group.
3.7.2.3
Descriptor Queueing
Non-filtered packet descriptors are enqueued on the egress traffic class queue.
For Head of the Line blocking prevention, the Queueing is based on a tail-drop algorithm, according to the number of packets or buffers in the queue. If the egress port is configured for egress mirroring to analyzer port, every packet descriptor enqueued on the egress port queue has its descriptor duplicated and forwarded back to the ingress pipeline Pre-egress unit. It is then forwarded to the configured egress analyzer port.
If the egress port is configured for statistical sampling of packets to the CPU, for every packet selected for sampling, the descriptor is duplicated and forwarded back to the ingress pipeline Pre-egress unit for forwarding to the configured CPU.
MV-S102110-02 Rev. E Page 42
CONFIDENTIAL Document Classification: Restricted Information
4duun-fnzjmsxe * Opnet Technologies * UNDER NDA# 12101786
If the packet has a Unicast destination set to a trunk group, the destination is converted to one of the trunk group port members (on any device), based on the trunk hash function.
M
MARVELL CONFIDENTIAL - UNAUTHORIZED DISTRIBUTION OR USE STRICTLY PROHIBITED
AR VE 4du LL un CO -fn NF zjm ID sx EN e TI * O AL pn , U et ND Te ER chn ND olo A# gie 12 s 10 17 86
Each egress port traffic class queue can be configured with a token bucket for shaping traffic transmitted from the queue.
3.7.2.5
Transmit Scheduler
Packet descriptors are de-queued from the egress port traffic class queue according to the configured scheduling algorithm: • Deficit Weighted Round Robin • Shaped Weighted Round Robin • Strict Priority
3.7.2.6
Header Alteration
When the packet is read from the buffers memory for transmission, its header is altered according to its descriptor content and according to the type of port from which it is being sent. The packet’s header may be modified by one of more of the following actions: • In the 98DX107, 98DX133, 98DX167, 98DX247, 98DX253, 98DX263, 98DX273, 98DX169, 98DX249 and 98DX269 devices, if a packet is routed, its header is changed as follows: MAC DA is modified to reflect the next hop MAC.
M AR VE 4du LL un CO -fn NF zjm ID sx EN e TI * O AL pn , U et ND Te ER chn ND olo A# gie 12 s 10 17 86
– – – – –
MAC SA is modified to reflect the router’s MAC.
VLAN is modified to reflect the next hop subnet.
IPv4 header TTL field is decremented (optional).
IPv6 hop limit is decremented (optional). • VLAN Tag add/removed/modified • IEEE 802.1 user priority remarked • IPv4/IPv6 DSCP remarked • If IPv4 header is modified, by either TTL decrement for routed packets or DSCP remarking, its checksum is recalculated. If the packet is sent via a Cascading port or to the CPU, a DSA tag is attached.
3.7.2.7
Ports MAC Tx
After the packet has been read from the buffers memory and its header has been altered, it is transmitted via the port’s MAC, which performs the MAC IEEE 802.3 MAC functionality. If the packet header has been altered, it generates a new CRC and appends it to the packet. If necessary, it pads the packet to a MinFrameSize of 64 bytes.
CONFIDENTIAL Document Classification: Restricted Information
MV-S102110-02 Rev. E Page 43
4duun-fnzjmsxe * Opnet Technologies * UNDER NDA# 12101786
In addition, the aggregate traffic of all the traffic class queues for a given egress port can be configured with a token bucket shaper.
M
MARVELL CONFIDENTIAL - UNAUTHORIZED DISTRIBUTION OR USE STRICTLY PROHIBITED
High-Level Packet Walkthrough
This section describes the Marvell® Distributed Switching Architecture (DSA). The DSA architecture allows multiple devices to be cascaded through any of its Ethernet MAC port interfaces with other devices, or with any Marvell device that supports DSA tag cascading. Up to 32 devices can be cascaded to create a single cascaded system. A cascaded system of devices in these three families supports the same features as a non-cascaded single device in these three families. This includes: • Trunk groups with port members on multiple devices in the system. • Mirroring to analyzer port on any device in the system. • Traffic to the CPU can be sent through any device in the system. • CPU can inject traffic to be transmitted out through a port on any device in the system.
4.1
Cascade Ports
A device’s port used for interconnecting Marvell devices is configured as a cascade port. All traffic sent and received on cascade ports is always DSA-tagged (Section 4.6 "DSA Tag"). Consequently, the cascade ports should only connect to other cascade ports.
M AR VE 4du LL un CO -fn NF zjm ID sx EN e TI * O AL pn , U et ND Te ER chn ND olo A# gie 12 s 10 17 86
Multiple cascade ports can be configured as a trunk group, to support large bandwidth inter-device connections (Section 13.4 "Trunking over Cascade Link" on page 291). Cascade ports should be members of all active VLANs. However, due to the fact that the DSA tag replaces the packet's VLAN Tag (see Section 4.6 "DSA Tag") the VLAN tagged state for cascade ports is not relevant.
To allow the CPU to transmit a packet to any port in the system, and to learn about received packets (e.g., CPU Code, source device/Port), the CPU port must be configured as a cascade port (Section 7.1 "CPU Port Number" on page 102), however it cannot be a member of any VLAN.
Configuration • To configure a port as a cascade port, set the field in the Cascading and Header • •
Insertion Configuration Register (Table 528 p. 770). To configure a CPU port as a cascade port, set the bit in the Cascading and Header Insertion Configuration Register (Table 528 p. 770). To configure the cascade port as a member of all active VLANs, set the corresponding port as a member in the VLAN Entry (0<=n<4096) (Table 520 p. 754).
MV-S102110-02 Rev. E Page 44
CONFIDENTIAL Document Classification: Restricted Information
A packet with a single-target destination from the CPU or a cascade or network port is associated with a destination device number and port number. The destination port may be the CPU port or any of the other local ports on the destination device (among other parameters). If the destination device is not the local device number, then the packet must be sent through a cascade port that leads to the destination device (either directly or through intermediate devices). To facilitate this, each device supports a Device Map table that maps a destination device number to a cascade port or cascade group. A single-target destination packet whose destination device is not the local device is sent out the cascade port or trunk group specified in the Device Map table entry for the given destination device. In the example in Figure 9, four devices are connected in a ring topology. The cascade ports on each devices are labeled P0 and P1. In this example, a network port on device 0 receives a known Unicast packet and is assigned a forwarding target destination port on device 2. The Device Map table on device 0 indicates that the packet must be egressed on P1 to reach device 2. The packet is then received on device 1, where its Device Map table indicates that the packet must be egressed on P1 to reach device 2. The packet is then received on device 2 and egressed on the target destination port.
Example of Single-Target Destination Forwarding in a Cascaded System
Known Unicast packet
FORWARD DSA Tag
P0 Dev 0 P1
P0
FORWARD DSA Tag
Dev 1
Dev
Port
Dev
0
N/A
0
1
P1
1
2
P1
2
3
P0
3
Device Map Table on device 0
M AR VE 4du LL un CO -fn NF zjm ID sx EN e TI * O AL pn , U et ND Te ER chn ND olo A# gie 12 s 10 17 86
Figure 9:
P1
P0
Dev 2 P1
P0
Dev 3 P1 P1
Port
Dev
Port
Dev
Port
P0
0
P1
0
P1
N/A
1
P0
1
P1
P1
2
N/A
2
P0
P1
3
P1
3
N/A
Device Map Table on device 1
Device Map Table on device 2
Device Map Table on device 3
Configuration To configure the local device number, set the field in the Global Control Register (Table 84 • •
p. 377) accordingly. For each device number in a cascaded system (excluding the local device number), set the corresponding Device Map Table Entry (0<=n<32) (Table 471 p. 728) accordingly.
CONFIDENTIAL Document Classification: Restricted Information
MV-S102110-02 Rev. E Page 45
4duun-fnzjmsxe * Opnet Technologies * UNDER NDA# 12101786
AR VE 4du LL un CO -fn NF zjm ID sx EN e TI * O AL pn , U et ND Te ER chn ND olo A# gie 12 s 10 17 86
Every device in a cascaded system must be assigned a unique 5-bit device number.
M
MARVELL CONFIDENTIAL - UNAUTHORIZED DISTRIBUTION OR USE STRICTLY PROHIBITED
Single-Target Destination in a Cascaded System
4.3
Multi-Target Destination in a Cascaded System
AR VE 4du LL un CO -fn NF zjm ID sx EN e TI * O AL pn , U et ND Te ER chn ND olo A# gie 12 s 10 17 86
A multi-destination packet (i.e. unknown Unicast, Multicast, or Broadcast) is forwarded by the bridge egress processing according to the packet VLAN and its VIDX Multicast group assignment (Section 11.5 "Bridge Multicast (VIDX) Table" on page 240).
However, if the topology of the cascaded system is not a Spanning Tree, i.e., a loop exists in the topology (e.g., as in a ring topology), then multiple copies of the multi-target destination packets may be received by devices. The device supports a unique feature that allows Multicast destination packets to be flooded in the cascaded topology according to a source device rooted Spanning Tree. The packet is assigned a unique source device identifier by the ingress device, and this “source ID” value is propagated with the packet as part of the DSA tag. The egress pipeline of each device performs egress filtering of packets based on their source-ID. A port bitmap per source-ID defines whether a packet originating from a given source device should be filtered or forwarded on the corresponding port. Once the cascade topology is learned, for each device in the system a Spanning Tree, rooted at the device and reaching all the other devices in the system, is calculated by the system management software. The cascade port(s), on the leaf devices of the Spanning Tree are configured to be filtered for this source-ID Spanning Tree (Section 11.14 "Bridge Source-ID Egress Filtering" on page 257).
M AR VE 4du LL un CO -fn NF zjm ID sx EN e TI * O AL pn , U et ND Te ER chn ND olo A# gie 12 s 10 17 86
In the example in Figure 10, four devices are connected in a ring topology. The Source-ID table on each device keeps the packet from looping around the ring. The Source-ID table forwards the packet along a Spanning Tree path, reaching each device once only. For clarity, in Figure 10 the Source-ID table shows the port bitmap only for the cascade ports P0 and P1 on each device, however the network ports on each device are all set to ‘1’ (i.e., forward). In the example, a Multicast packet is received on one of the network ports on device 0 and is assigned source-ID 0. The packet is assigned a VLAN and VIDX Multicast group index, and is flooded to the local member ports on the device. Note that the VLAN/VIDX must always include the cascade ports. The flooding of this packet through the ring is depicted by the RED arrows. Specifically, the Source-ID table on device 0 enables the packet to be forwarded on its cascade ports 0 and 1 to reach devices 3 and 1 respectively. Device 3 allows the packet to be flooded to device 2, but the Source-ID table on device 1 does not permit the packet to be forwarded device 2, and the Source-ID table on device 2 does not permit the packet to be forwarded to device 1. So we can see that multitarget packets received by device 0 are forwarded along a Spanning Tree path where device 0 is the root, and each device in the stack is reached. To continue the example, a Multicast packet is received on a network port on device 1. Here we see that the packet is flooded along a different Spanning Tree path (the blue arrows) to each of the devices in the stack.
MV-S102110-02 Rev. E Page 46
CONFIDENTIAL Document Classification: Restricted Information
4duun-fnzjmsxe * Opnet Technologies * UNDER NDA# 12101786
The cascade port(s) on the device must be fixed members of all VLAN and Multicast groups, to ensure that the packet is propagated to all devices in the system.
M
MARVELL CONFIDENTIAL - UNAUTHORIZED DISTRIBUTION OR USE STRICTLY PROHIBITED
AR VE 4du LL un CO -fn NF zjm ID sx EN e TI * O AL pn , U et ND Te ER chn ND olo A# gie 12 s 10 17 86
Figure 10: Example of Multi-Destination Forwarding in a Cascaded System
P Dev P 0 0 1
Dev 0 Src-ID Table
Multicast Packet received on a network port on Device 1
P Dev P 1 1 0
Dev 1 Src-ID Table
Dev P 2 1
P 0
Dev 2 Src-ID Table
Dev P 3 1
P 0
Dev 3 Src-ID Table
SrcID P0/P1
SrcID P0/P1
SrcID P0/P1
SrcID P0/P1
0
1/1
0
0/0
0
0/0
0
1/0
1
1/0
1
1/1
1
0/0
1
0/0
4.4
Loop Detection
M AR VE 4du LL un CO -fn NF zjm ID sx EN e TI * O AL pn , U et ND Te ER chn ND olo A# gie 12 s 10 17 86
Source ID Egress Filter table on each device
In the event of a topology change or misconfiguration of the Device Map or Source-ID Egress Filtering, a packet may be looped back to its original source device. To prevent such packets from continuing to loop between devices in the cascaded system, a global configuration can be enabled to discard DSA tagged packets received where the packet’s DSA tag