Tool/software: Linux
I have a question regarding switch MAC table configuration.
I'd like to implement a sticky-MAC functionality, so that at startup switch ports are in learning and forwarding state, but when something is connected to a port, that MAC address would be the only one passed through that port. Usually it is done so port learning is disabled and that MAC is added as a static entry in the MAC table.
I have tried lots of configs, but did not manage to make it work. I can put the switch into MAC Authorization Mode, but that applies to both ports at the same time.
Here is what I want to achieve:
1. Switch in default config, with learning and both ports enabled (nothing plugged to Eth ports).
2. When I plug a device with MAC1 to Port1 (have script to detect that), I'd like to put that MAC1 into switch MAC table and won't allow any other MAC to go through that port.
3. Same for Port2 independently.
For example:
1.here is an empty table, ALE in default config:
> switch-config -d
cpsw hw version 1.12 (0)
0 : type: ucast, addr = 98:5d:ad:53:40:30, ucast_type = persistant, port_num = 0x0
1 : type: mcast, addr = ff:ff:ff:ff:ff:ff, mcast_state = f, no super, port_mask = 0x7
2 : type: vlan , vid = 0, untag_force = 0x7, reg_mcast = 0x7, unreg_mcast = 0x6, member_list = 0x7
2. I connect device with MAC a0:ce:c8:1d:aa:d5 to Port1 and it is automatically added into the table:
> switch-config -d
cpsw hw version 1.12 (0)
0 : type: ucast, addr = 98:5d:ad:53:40:30, ucast_type = persistant, port_num = 0x0
1 : type: mcast, addr = ff:ff:ff:ff:ff:ff, mcast_state = f, no super, port_mask = 0x7
2 : type: vlan , vid = 0, untag_force = 0x7, reg_mcast = 0x7, unreg_mcast = 0x6, member_list = 0x7
12 : type: ucast, vid = 0, addr = a0:ce:c8:1d:aa:d5, ucast_type = touched , port_num = 0x1
3. I add this MAC as a static entry for Port1 (to be persistent entry):
> switch-config -a a0:ce:c8:1d:aa:d5 -n 1
Unicast address added successfully
> switch-config -d
cpsw hw version 1.12 (0)
0 : type: ucast, addr = 98:5d:ad:53:40:30, ucast_type = persistant, port_num = 0x0
1 : type: mcast, addr = ff:ff:ff:ff:ff:ff, mcast_state = f, no super, port_mask = 0x7
2 : type: vlan , vid = 0, untag_force = 0x7, reg_mcast = 0x7, unreg_mcast = 0x6, member_list = 0x7
12 : type: ucast, vid = 0, addr = a0:ce:c8:1d:aa:d5, ucast_type = persistant, port_num = 0x1
QUESTION: how can I in this state prevent any other MAC to go through Port1?
I have tried disabling learning with:
echo "nolearn.1=1" >/sys/devices/platform/ocp/4a100000.ethernet/ale_control
but this just prevents adding new MAC entries into the table.
Is there a solution for this use case? It is important to be able to drive Port1 and Port2 independently.
