search

dentproject / dentOS

dentOS SwitchDev based NOS
Other
206 stars 59 forks source link

802.1x dataplane support #116

Closed jmpolom closed 1 year ago

jmpolom commented 3 years ago

Need to test and mockup Prestera tc filter rule to determine if it can trap EAP to the CPU. This may be supported per Prestera wiki.

taraschornyiplv commented 1 year ago

prestera switchdev driver do support bridge locked port attribute

from prestera wiki

Bridge port locked – a port that is not a subject to flooding unknown (UC, MC) traffic, nor to an automatic learning when locked. Locked port forwards only mac-authorized traffic (SA MAC address is persistent in the FDB - user should add a static FDB entry, which is treated as mac-auth entry). In case if there's no mac-authorized entries in the FDB, port's only capable of trapping the PAE (802.1x) packets.