Hi !
Please let me describe the following situation. I have a network with 2 access points.
AP1: Buffalo WZR-HP-AG300H with swconfig
AP2: Zyxel NBG6817 with DSA/Xiaomi AX3600 with NSS switch
A smartphone associates with access point AP 1.
|----|AP 1|--Smartphone
|
|----|AP 2|--
The smartphone sends a DHCP request, this results in the following fdbs:
The switch in AP 1 has the following fdb:
CPU-Port: Smartphone MAC
The switch in AP 2 has the following fdb:
Port1 : Smartphone MAC
2. The device moves to the location of AP 2, it roams.
|----|AP 1|
|
|----|AP 2|--Smartphone
The switch in AP 1 has the following fdb (has not received an update):
CPU-Port: Smartphone MAC (is OK in that moment, will update later)
The switch in AP 2 has the following fdb:
Port1 : Smartphone MAC (is wrong)
Should be:
CPU-Port: Smartphone MAC
Let me explain step by step:
*The smartphone associates with AP 2
*The smartphone send a DHCP broadcast
*The internal linux bridge updates its fdb, the smartphone mac now points to the wireless interface.
*The switch sees the smartphone MAC on the CPU port, but it does not update the fdb!
*The incoming DHCP reply is discarded by the switch. The smartphone is therefore unreachable.
*The fdb aging timer clears the smartphone MAC in the fdb. (180s)
*The incoming DHCP reply is forward by the switch to the CPU port. The smartphone is reachable.
On the ax3600 I can flush the switch fdb with 'ssdk_sh fdb entry flush 1'. This helps immediately.
On ipq806x with zyxel_nbg6817, I do not know a way to flush the DSA fdb. bridge fdb del ... does not work.
Of course, this is only a quick fix. A correct fix would be to allow the DSA and NSS switch to learn correctly from the CPU port.
I think there is already a solution for marvell:
https://git.openwrt.org/?p=openwrt/openwrt.git;a=commitdiff;h=920eaab1d8179035d0ae1047e75cf9a50da6a6eb
But this is a completely different driver.
This should be kept in mind for further DSA migration steps.
Kind regards.