S4248FBL-ON: incoming traffic does not show up on front panel ports

[disaster123]

I tried the following configurations but in both cases the switch isn't pingable / reachable / does not show any incoming traffic.

# opx-switch-shell "vlan show"
vlan 1  ports none (0x000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000), untagged none (0x000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000) 
SAI.0> 
# ip a l dev e101-015-0
25: e101-015-0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc mq state UP group default qlen 1000
link/ether d8:9e:f3:d9:a7:ef brd ff:ff:ff:ff:ff:ff
inet 10.16.16.20/24 scope global e101-015-0
valid_lft forever preferred_lft forever
inet6 fe80::da9e:f3ff:fed9:a7ef/64 scope link 
valid_lft forever preferred_lft forever
server:
3: eth1: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc mq state UP group default qlen 1000
link/ether da:80:37:52:94:32 brd ff:ff:ff:ff:ff:ff
inet 10.16.16.9/24 scope global eth1
valid_lft forever preferred_lft forever
links are up as you can see in state output of ip
Outgoing traffic works fine on e101-015-0 i can see everything at the server side. Incoming traffic on switch side is not viewable at kernel

and this one as well:

62: br101: <BROADCAST,MULTICAST,PROMISC,UP,LOWER_UP> mtu 1500 qdisc noqueue state UP group default qlen 1000
link/ether d8:9e:f3:d9:a8:a9 brd ff:ff:ff:ff:ff:ff
inet 10.16.16.20/24 scope global br101
valid_lft forever preferred_lft forever
inet6 fe80::da9e:f3ff:fed9:a8a9/64 scope link 
valid_lft forever preferred_lft forever
63: e101-015-0.101@e101-015-0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc noqueue master br101 state UP group default qlen 1000
link/ether d8:9e:f3:d9:a7:ef brd ff:ff:ff:ff:ff:ff
inet6 fe80::da9e:f3ff:fed9:a7ef/64 scope link 
valid_lft forever preferred_lft forever
# brctl show
bridge name bridge id   STP enabled interfaces
br101   8000.d89ef3d9a8a9   no  e101-015-0
e101-015-0.101
so bridge br101 contains tagged and untagged e101-015-0

hshell -c "vlan show"
0:bcm_petra_vlan_translate_egress_action_get: Out-AC doesn't exist.
vlan 1  ports none (0x000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000), untagged none (0x000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000) 
vlan 101    ports xe15 (0x000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000008000), untagged xe15 (0x000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000008000) 

But in both cases incoming traffic does no show up in tcpdump. Outgoing traffic works fine and also reaches the external server connected to that port.

[disaster123]

Some more infos:

# hshell -c "L2 show"

mac=da:80:37:52:94:32 vlan=101 GPORT=0x800080f encap_id=0xffffffff

correctly shows the remote MAC of the server. So the switch has also correctly learned the mac.

I'm not sure what this means but PortStat shows may be something interesting.

# hshell -c "PortStat"

                 ena/    speed/ link auto    STP                  lrn  inter   max  loop
           port  link    duplex scan neg?   state   pause  discrd ops   face frame  back

      xe15( 15)  up     10G  FD   SW  No   Forward         Untag   FA    SFI  1528     

So xe15 is up but discrd is set to Untag - but this port should NOT drop untagged packets.

[jeff-yin]

This should be resolved in the latest OPX 3.1.0 code (use apt-get update && apt-get dist-upgrade followed by reload to obtain and apply the latest fixes). It should also be fixed in the upcoming OPX 3.2.0 (currently only release candidates available).