- NXP Forums
- Product Forums
- General Purpose MicrocontrollersGeneral Purpose Microcontrollers
- i.MX Forumsi.MX Forums
- QorIQ Processing PlatformsQorIQ Processing Platforms
- Identification and SecurityIdentification and Security
- Power ManagementPower Management
- MCX Microcontrollers
- S32G
- S32K
- S32V
- MPC5xxx
- Other NXP Products
- Wireless Connectivity
- S12 / MagniV Microcontrollers
- Powertrain and Electrification Analog Drivers
- Sensors
- Vybrid Processors
- Digital Signal Controllers
- 8-bit Microcontrollers
- ColdFire/68K Microcontrollers and Processors
- PowerQUICC Processors
- OSBDM and TBDML
-
- Solution Forums
- Software Forums
- MCUXpresso Software and ToolsMCUXpresso Software and Tools
- CodeWarriorCodeWarrior
- MQX Software SolutionsMQX Software Solutions
- Model-Based Design Toolbox (MBDT)Model-Based Design Toolbox (MBDT)
- FreeMASTER
- eIQ Machine Learning Software
- Embedded Software and Tools Clinic
- S32 SDK
- S32 Design Studio
- Vigiles
- GUI Guider
- Zephyr Project
- Voice Technology
- Application Software Packs
- Secure Provisioning SDK (SPSDK)
- Processor Expert Software
-
- Topics
- Mobile Robotics - Drones and RoversMobile Robotics - Drones and Rovers
- NXP Training ContentNXP Training Content
- University ProgramsUniversity Programs
- Rapid IoT
- NXP Designs
- SafeAssure-Community
- OSS Security & Maintenance
- Using Our Community
-
- Cloud Lab Forums
-
- Home
- :
- Product Forums
- :
- Other NXP Products
- :
- Re: Port Forwarding on LS1028ARDB
Port Forwarding on LS1028ARDB
- Subscribe to RSS Feed
- Mark Topic as New
- Mark Topic as Read
- Float this Topic for Current User
- Bookmark
- Subscribe
- Mute
- Printer Friendly Page
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Hello,
We are passing network traffic into our LS1028ARDB via the TSN switch. Our configuration is our traffic generator's port 1 (IP of 192.85.1.3) is connected to our board's swp0 (IP of 192.85.1.10), and then our board's swp1 (192.85.1.20) is connected back to our traffic generator's port 2 (IP of 192.85.1.4). The traffic generator is passing traffic to swp0, and we hope to have these packets forwarded to swp1 where they can be transmitted back to our DUT.
We have attempted the following ip tables commands with no success:
- iptables -A FORWARD -i swp0 -o swp1 -j ACCEPT
- iptables -t nat -A PREROUTING -j REDIRECT --to-destination 192.85.1.4
- iptables -t nat -A POSTROUTING -o swp1 -j SNAT --to 192.85.1.20
We have used tshark and have observed the traffic generator sending PTP and 88B5/Local Experimental Ethertype frames to swp0, but they are not forwarded to swp1. We are also open to writing a script in bash, C, Python, or anything else that can help us successfully route this traffic back to our traffic generator using the TSN switch. Thank you for any guidance.
Solved! Go to Solution.
yipingwang
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
if you don't use bridge mode, TSN switch ports will work in standalone mode, they are like regular NIC, so the tools that can implements forwarding function can be used for them, such as OVS and iptables.
BTW, for iptables, it can realize L3 forwarding, so swp0 and swp1 should work in different subnet segment, so you should set swp1 and traffic generator's port 2 in "192.84.1.*" subnet, so you can try the related commands:
ifconfig swp1 192.84.1.20
echo "1" > /proc/sys/net/ipv4/ip_forward
iptables -A FORWARD -i swp0 -o swp1 -j ACCEPT
iptables -t nat -A PREROUTING -j DNAT --to-destination 192.84.1.4
iptables -t nat -A POSTROUTING -o swp1 -j SNAT --to 192.84.1.20
Thanks
yipingwang
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Which version are your using? LSDK or Real-time-edge?
1.
From the log, I see that swp0 and swp1 have been configured IP address, so I think TSN switch is working under standalone mode,
if customer want to use forwarding function of switch, we don't suggest customer to use standalone mode, we suggest to choose bridge mode,
because LS1028 TSN switch can forward frames in bridge mode automatically, don't need iptables to configure switch.
2.
for real-time-edge-v2.3, you can refer to "4.1.4.2 TSN configuration on Felix switch",
we can configure swp0, swp1, swp2 and swp3 as shown below:
ip link set eno2 up
ip link add name switch type bridge vlan_filtering 1
ip link set switch up
ip link set swp0 master switch && ip link set swp0 up
ip link set swp1 master switch && ip link set swp1 up
ip link set swp2 master switch && ip link set swp2 up
ip link set swp3 master switch && ip link set swp3 up
Thanks
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Hi @yipingwang
Thank you for your reply, apologies for the late response I was out of the country for some time. We are using the LSDK.
Would the commands listed here be the correct commands to execute to use bridge mode? And is there a good way to verify that traffic coming in on swp0 is being successfully forward to swp1? I assume this would take the form of viewing the same number of packets destined for swp0 appearing as coming out of swp1 and back to the packet generating device. But would there perhaps be a way to verify this using the board alone? We've used tshark to view incoming traffic on both swp0 and swp1, but not sure of a way to view what's being sent out on swp1. Appreciate your help!
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Hi @yipingwang,
Sorry actually I'd like to modify my inquiry slightly. We are interested in port forwarding on our board without the use of a bridge. Perhaps with IP tables or a script which will forward the traffic between the swp ports. As a brief reminder we have a traffic generator transmitting packets to our board's swp0, and then our board's swp1 is connected back to the traffic generator where we're hoping the forwarded traffic to arrive back to. Do you have any insight or suggestions for how we can achieve this? Thank you.
yipingwang
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
- The commands listed here are the correct commands to execute to use bridge mode, for some details, you can also refer to reference manual.
- If want to verify forwarding function of TSN switch, you can connect one PC to swp0 and another PC to swp1, then use tcpdump/wireshark on PC1 or PC2 to capture the packets.
Thanks
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Hi @yipingwang ,
Sorry for any confusion, we are hoping to achieve port forwarding without using bridge mode. We wish to avoid any anonymity as to where traffic is going between the board and the processor which may occur with bridge mode. So we have been looking into two possible alternatives but are open to other avenues.
1. Iptables should allow us to create forwarding rules to pass traffic from one ethernet interface to another.
2. Possibly a script which can perform the forwarding for us.
Do you think Iptables or a script could possibly accomplish traffic forwarding from swp0 to swp1 on our board without the use of a bridge? Thank you.
yipingwang
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
if you don't use bridge mode, TSN switch ports will work in standalone mode, they are like regular NIC, so the tools that can implements forwarding function can be used for them, such as OVS and iptables.
BTW, for iptables, it can realize L3 forwarding, so swp0 and swp1 should work in different subnet segment, so you should set swp1 and traffic generator's port 2 in "192.84.1.*" subnet, so you can try the related commands:
ifconfig swp1 192.84.1.20
echo "1" > /proc/sys/net/ipv4/ip_forward
iptables -A FORWARD -i swp0 -o swp1 -j ACCEPT
iptables -t nat -A PREROUTING -j DNAT --to-destination 192.84.1.4
iptables -t nat -A POSTROUTING -o swp1 -j SNAT --to 192.84.1.20
Thanks
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Hi @yipingwang,
Thank you for your reply. These iptables commands worked! I'm now able to transmit traffic to swp0 and have the traffic forwarded from swp0 -> swp1 -> to my end destination. I'll go ahead and accept your response as the solution, thank you for helping me finally get this working!
Quick follow up question if you don't mind, do you think it's possible to use iptables or other means to directly send traffic from traffic generator port 1 to traffic generator port 2 without needing to first send to swp0? For example, if I wanted my traffic to go from traffic generator port 1 -> swp0 -> swp1 -> traffic generator port 2, is it possible to configure the forwarding so that I can say ping traffic generator port 2 directly from port 1 or send a streamblock directly from traffic generator port 1 to port 3? We're curious if we can directly contact the end station using the switch ports as intermediate nodes, without needing to talk to them directly. Really appreciate your help in this matter.
