user manual of silicom uCPE Modular Universal CPE

Notice: Page may contain affiliate links for which we may earn a small commission through services like Amazon Affiliates or Skimlinks.

omegadraconis

Member
Oct 23, 2017
28
26
13
38
I have an att version and it does have the ubmc, hitting Ctrl x on the console switches from host console to ubmc login. The management port will also pull an IP. Looks like att intended it for their use only however so I'm not sure if it's possible to access it or make use of it. It does not appear to be exposed under /dev/ipmi either so that's a bit disappointing. The other issue is that the switch interface on the card appears to be controlled by BMC so I cannot get the interfaces up under Linux.
 

Freebsd1976

Active Member
Feb 23, 2018
404
73
28
I have an att version and it does have the ubmc, hitting Ctrl x on the console switches from host console to ubmc login. The management port will also pull an IP. Looks like att intended it for their use only however so I'm not sure if it's possible to access it or make use of it. It does not appear to be exposed under /dev/ipmi either so that's a bit disappointing. The other issue is that the switch interface on the card appears to be controlled by BMC so I cannot get the interfaces up under Linux.
GitHub - silicom-ltd/uBMC: uBMC - open source remote management platform for edge devices, appliances. maybe has something useful
 

starheaven

Member
Aug 21, 2018
34
14
8
I have tried inquiring with project above for the shadow_reset string to be used to interrupt uBMC boot to be able to reset the password but nobody got back to me. I have the device in case anyone has questions about it. Indeed it has 64GB eMMC and is able to run Linux. Only 2 NIC ports are enabled though, 1 via configuration in uBMC for the Marvell 88E6190X switch and another 1 via i210 management interface. I have been unable to figure out how to reconfigure the switch without access to uBMC so far.
 

starheaven

Member
Aug 21, 2018
34
14
8
Unfortunately no luck so far breaking into uBMC so it’s just a server with a single workable nic so far.
 

starheaven

Member
Aug 21, 2018
34
14
8
So, when inquired with Silicom support for information and a reference configuration for IA3000 (ATT-v150) platform that could leverage mv88e6XXX on Linux or etherswitch/e6000sw on FreeBSD and they said they didn't know if anyone had tested that and referred me to Marvell for an SDK (which I don't think is available without a business relationship with Nvidia/Marvell). They did share the system architecture diagram.

IA3000-system-architecture.png

My appliance came with AT&T vRouter 5600 1908n VNF operating system. DANOS project appears to be most related to this DANOS Project. It configures onboard switch using userspace dataplane (shared code with GitHub - danos/vyatta-dataplane) as well as a Marvell SDK FAL driver from package:

Code:
# dpkg -s libfal-mvl1
Package: libfal-mvl1
Status: install ok installed
Priority: extra
Section: non-free/net
Installed-Size: 134
Maintainer: Vyatta Package Maintainers <DL-vyatta-help@att.com>
Architecture: amd64
Source: libfal-mvl
Version: 1.33.7
Depends: vyatta-dataplane (>= 3.6.80), vyatta-system (>= 2.17), i2c-tools, fal-port-attr-hw-mirroring, libvyatta-dpdk-swport1 (>= 0.1.18.2), libc6 (>= 2.8), libinih1 (>= 40), libmarvell-umsd-sdk, librte-eal18.11 (>= 17.08), librte-ethdev18.11 (>= 18.05), python3:any (>= 3.3.2-2~)
Description: Marvell forwarding abstraction layer
FAL plugin for marvell.
Vyatta-Git-Id: 51f15da0e27042227892b07d5f3e3d9eb6faed13
Vyatta-Git-Repo: vyatta/libfal-mvl.git
Here is the log of the switch initialization:

Code:
Jul 29 19:46:10 vyatta dataplane[2585]: DATAPLANE: Dataplane version 3.7.86.61 - Copyright (c) 2021, AT&T Intellectual Property. All rights reserved.
Jul 29 19:46:10 vyatta dataplane[2585]: FAL: Initializing plugin: /usr/lib/libfal-mvl.so.1
Jul 29 19:46:10 vyatta dataplane[2585]: FAL_MVL: fal_plugin_init_log:1259
Jul 29 19:46:10 vyatta dataplane[2585]: FAL_MVL: Parsing platform config file /run/dataplane/platform.conf
Jul 29 19:46:10 vyatta dataplane[2585]: FAL_MVL: Bkplane pci(0:5:0.0)->mvl port 10
Jul 29 19:46:10 vyatta dataplane[2585]: FAL_MVL: Bkplane pci(0:5:0.1)->mvl port 9
Jul 29 19:46:10 vyatta dataplane[2585]: FAL_MVL: MDIO pci(0:5:0.0)->mvl
Jul 29 19:46:10 vyatta dataplane[2585]: FAL_MVL: Set (10/1)as backplane
Jul 29 19:46:10 vyatta dataplane[2585]: FAL_MVL: Set (9/2)as backplane
Jul 29 19:46:10 vyatta dataplane[2585]: FAL_MVL: mvl_sem_create Semaphore id 1 created
Jul 29 19:46:10 vyatta dataplane[2585]: FAL_MVL: mvl_sem_create Semaphore id 2 created
Jul 29 19:46:10 vyatta dataplane[2585]: FAL_MVL: mvl_sem_create Semaphore id 3 created
Jul 29 19:46:10 vyatta dataplane[2585]: FAL_MVL: mvl_sem_create Semaphore id 4 created
Jul 29 19:46:10 vyatta dataplane[2585]: FAL_MVL: mvl_sem_create Semaphore id 5 created
Jul 29 19:46:10 vyatta dataplane[2585]: FAL_MVL: mvl_sem_create Semaphore id 6 created
Jul 29 19:46:10 vyatta dataplane[2585]: FAL_MVL: mvl_sem_create Semaphore id 7 created
Jul 29 19:46:10 vyatta dataplane[2585]: FAL_MVL: mvl_sem_create Semaphore id 8 created
Jul 29 19:46:10 vyatta dataplane[2585]: FAL_MVL: mvl_sem_create Semaphore id 9 created
Jul 29 19:46:10 vyatta dataplane[2585]: FAL_MVL: mvl_sem_create Semaphore id 10 created
Jul 29 19:46:10 vyatta dataplane[2585]: FAL_MVL: mvl_sem_create Semaphore id 11 created
Jul 29 19:46:10 vyatta dataplane[2585]: FAL_MVL: Global 1 Control2 updated for swid 0, 7c0 -> 7c0
Jul 29 19:46:10 vyatta dataplane[2585]: FAL_MVL: Marvell SDK Loaded
Jul 29 19:46:10 vyatta dataplane[2585]: FAL_MVL: 2 backplane ports are setup
Jul 29 19:46:10 vyatta dataplane[2585]: FAL_MVL: mvl_setup_bkplane_ports
Jul 29 19:46:10 vyatta dataplane[2585]: FAL_MVL: Forced link down for bkplane port 9
Jul 29 19:46:10 vyatta dataplane[2585]: FAL_MVL: Backplane tuning is 0x1724 for port 9
Jul 29 19:46:10 vyatta dataplane[2585]: FAL_MVL: Backplane speed is 2.5G for port 9
Jul 29 19:46:10 vyatta dataplane[2585]: FAL_MVL: Forced link down for bkplane port 10
Jul 29 19:46:10 vyatta dataplane[2585]: FAL_MVL: Backplane tuning is 0x1724 for port 10
Jul 29 19:46:10 vyatta dataplane[2585]: FAL_MVL: Backplane speed is 2.5G for port 10
Jul 29 19:46:10 vyatta dataplane[2585]: FAL_MVL: Onie eeprom init
Jul 29 19:46:11 vyatta dataplane[2585]: FAL_MVL: get_bkplane_dpdk_portid Bkplane port 9 set to auto negotiate
Jul 29 19:46:11 vyatta dataplane[2585]: FAL_MVL: setup_mgmt_bkplane Set bkplane 9 as CPU port and recv TO_CPU traffic
Jul 29 19:46:11 vyatta dataplane[2585]: SW_PORT: Initializing switch port for net_sw_portsw0p7
Jul 29 19:46:11 vyatta dataplane[2585]: SW_PORT: Initializing sw_port_vdev for net_sw_portsw0p7
Jul 29 19:46:11 vyatta dataplane[2585]: SW_PORT: Initializing switch port net_sw_portsw0p7
Jul 29 19:46:11 vyatta dataplane[2585]: FAL_MVL: Swport created mvl_port:8, dpdk_port:3, bkplane:2
Jul 29 19:46:11 vyatta dataplane[2585]: FAL_MVL: Port 8 disabled and .1Q secure mode set
Jul 29 19:46:11 vyatta dataplane[2585]: FAL_MVL: get_bkplane_dpdk_portid Bkplane port 9 set to auto negotiate
Jul 29 19:46:11 vyatta dataplane[2585]: SW_PORT: Initializing switch port for net_sw_portsw0p8
Jul 29 19:46:11 vyatta dataplane[2585]: SW_PORT: Initializing sw_port_vdev for net_sw_portsw0p8
Jul 29 19:46:11 vyatta dataplane[2585]: SW_PORT: Initializing switch port net_sw_portsw0p8
Jul 29 19:46:11 vyatta dataplane[2585]: FAL_MVL: Swport created mvl_port:7, dpdk_port:4, bkplane:2
Jul 29 19:46:11 vyatta dataplane[2585]: FAL_MVL: Port 7 disabled and .1Q secure mode set
Jul 29 19:46:11 vyatta dataplane[2585]: FAL_MVL: get_bkplane_dpdk_portid Bkplane port 9 set to auto negotiate
Jul 29 19:46:11 vyatta dataplane[2585]: SW_PORT: Initializing switch port for net_sw_portsw0p5
Jul 29 19:46:11 vyatta dataplane[2585]: SW_PORT: Initializing sw_port_vdev for net_sw_portsw0p5
Jul 29 19:46:11 vyatta dataplane[2585]: SW_PORT: Initializing switch port net_sw_portsw0p5
Jul 29 19:46:11 vyatta dataplane[2585]: FAL_MVL: Swport created mvl_port:6, dpdk_port:5, bkplane:2
Jul 29 19:46:11 vyatta dataplane[2585]: FAL_MVL: Port 6 disabled and .1Q secure mode set
Jul 29 19:46:11 vyatta dataplane[2585]: FAL_MVL: get_bkplane_dpdk_portid Bkplane port 9 set to auto negotiate
As well as platform config:

Code:
# cat /run/dataplane/platform.conf
[Dataplane]
backplane_port1=0:5:0.0
backplane_port2=0:5:0.1
fal_plugin = /usr/lib/libfal-mvl.so.1
[Marvell1]
onie_bus = /dev/i2c-1
onie_location=54
onie_size=400
backplane_port1=0:5:0.0,10
backplane_port2=0:5:0.1,9
mdio_pci=0:5:0.0
sw_dev_addr=0,16
sw_dev_num=1
sw_port=0,0,0,b,bmc0
sw_port=1,0,4,p,p4
sw_port=2,0,3,p,p3
sw_port=3,0,1,s,p1
sw_port=4,0,2,s,p2
sw_port=5,0,6,p,p6
sw_port=6,0,5,p,p5
sw_port=7,0,8,p,p8
sw_port=8,0,7,p,p7
poe_mask=0xc0
[hardware-features]
security.vpn.ipsec=1
[hardware-interface-features]
firewall.in.switch_vif=1
firewall.local.switch_vif=1
firewall.out.switch_vif=1
hardware-switching=1
[all-interface-features]
poe=p7,p8
[portmonitor]
hw_rx_sess_count=1
hw_tx_sess_count=1
hw_sess_count=2
hw_rx_src_count=8
hw_tx_src_count=8
Here's hoping there may be some Linux kernel developer reading this that could help make it work with upstream linux/drivers/net/dsa/mv88e6xxx at master · torvalds/linux driver.

Unfortunately I have tried loading both latest Linux kernel with the mv88e6xxx and it wasn't getting detected. mdio tools also didn't allow me to read the bus:

Code:
# mdio
fixed-0
ixgbe-mdio-0000:05:00.0

# mdio ixgbe*
ERROR: Unable to read status (-110)

# mdio ixgbe* mvls
 
Last edited:

omegadraconis

Member
Oct 23, 2017
28
26
13
38

starheaven

Member
Aug 21, 2018
34
14
8
Can you share how you got /dev/mdio to work? I've been digging through commits on the dpdk mailing list trying to figure out patches to get this working on FreeBSD 14 or 15, but have had no luck so far. This seems to be the blocker in both Linux and FreeBSD.
MDIO access does not seem to be an issue on Linux (ERROR: Unable to read status (-110) with Marvell 88e6190x on x86 · Issue #35 · wkz/mdio-tools) but on FreeBSD it needs a patch to ixgbe driver similar to Support for Intel X553 NIC and Marvell 88E6190 switch at the end of the function freebsd-src/sys/dev/ixgbe/if_ix.c at main · freebsd/freebsd-src that pfSense Plus ships with.
 

omegadraconis

Member
Oct 23, 2017
28
26
13
38
MDIO access does not seem to be an issue on Linux (ERROR: Unable to read status (-110) with Marvell 88e6190x on x86 · Issue #35 · wkz/mdio-tools) but on FreeBSD it needs a patch to ixgbe driver similar to Support for Intel X553 NIC and Marvell 88E6190 switch at the end of the function freebsd-src/sys/dev/ixgbe/if_ix.c at main · freebsd/freebsd-src that pfSense Plus ships with.
I was afraid Pfsense-plus would be your answer. I was interested to know if it would work on this box, but I didn't want to spend the $130 to find out. Their XG-7100 uses a x553 chip and mv88e6190 chip, the firebox m270 is also supported according to pfSense on Watchguard M270. I suspect based on nothing but a guess that silicom is their OEM for serveral of their hardware devices.

On both linux and freebsd mdio support is missing from the os and intel x553 drivers. Without native support we cannot hook the linux or freebsd switch driver. The mdio-tool is talking using the mdio-netlink driver, but that driver does not provide a /dev/mdio device so the etherswitch/switchconfig tools cannot make use of it. Using mdio-tool under linux we could probably enable all the ports on the switch. I think in the best case, as is, if all of the hosts tagged their traffic we could then add vlans on the cpu ports and achive some use as a firewall. However any host plugged into the switch could see any of the tagged vlan traffic as every port would be a trunk so it would not be secure.

The closest solution I've found is this patch set: [dpdk-dev] [PATCH v3 2/2] net/ixgbe : backplane port MDIO support. It may require another patch set: [dpdk-dev] [PATCH v4 15/29] ixgbe/base: add new phy definitions. It looks like this was merged in partially merged in (ixgbe_read_phy_reg_mdi_22) https://reviews.freebsd.org/differential/changeset/?ref=221836. These look to be what is needed to get mdio support into ixgbe driver, but I'm no kernel dev.Thus for my copy-paste-compile method has not resulted in /dev/mdio being supported.
 

starheaven

Member
Aug 21, 2018
34
14
8
I was afraid Pfsense-plus would be your answer. I was interested to know if it would work on this box, but I didn't want to spend the $130 to find out. Their XG-7100 uses a x553 chip and mv88e6190 chip, the firebox m270 is also supported according to pfSense on Watchguard M270. I suspect based on nothing but a guess that silicom is their OEM for serveral of their hardware devices.

On both linux and freebsd mdio support is missing from the os and intel x553 drivers. Without native support we cannot hook the linux or freebsd switch driver. The mdio-tool is talking using the mdio-netlink driver, but that driver does not provide a /dev/mdio device so the etherswitch/switchconfig tools cannot make use of it. Using mdio-tool under linux we could probably enable all the ports on the switch. I think in the best case, as is, if all of the hosts tagged their traffic we could then add vlans on the cpu ports and achive some use as a firewall. However any host plugged into the switch could see any of the tagged vlan traffic as every port would be a trunk so it would not be secure.

The closest solution I've found is this patch set: [dpdk-dev] [PATCH v3 2/2] net/ixgbe : backplane port MDIO support. It may require another patch set: [dpdk-dev] [PATCH v4 15/29] ixgbe/base: add new phy definitions. It looks like this was merged in partially merged in (ixgbe_read_phy_reg_mdi_22) https://reviews.freebsd.org/differential/changeset/?ref=221836. These look to be what is needed to get mdio support into ixgbe driver, but I'm no kernel dev.Thus for my copy-paste-compile method has not resulted in /dev/mdio being supported.
MDIO does work on pfSense+ but freebsd driver for the switch e6000sw does not support 88e6190x yet (281211 – MV88E6190X switch variant not supported by e6000sw). Uninitialized (default EEPROM config) ATT-V150 on freebsd/pfsense the switch seems to have ports 0, 5 and 9 enabled and on default vlan.

switch config:
sw_port=0,0,0,b,bmc0
sw_port=1,0,4,p,p4
sw_port=2,0,3,p,p3
sw_port=3,0,1,s,p1
sw_port=4,0,2,s,p2
sw_port=5,0,6,p,p6
sw_port=6,0,5,p,p5
sw_port=7,0,8,p,p8
sw_port=8,0,7,p,p7
backplane_port1=0:5:0.0,10
backplane_port2=0:5:0.1,9

So that allows me on pfSense to have BMC, ix1 and 1 external 1GigE port usable as LAN in pfSense and use igb0 as WAN 1GigE for a router/firewall setup. You would want to disable BMC access on the dedicated "management" interface though probably and only keep it connected to the switch.

For Linux, you're correct most likely, I wanted to venture into building a device tree for it initially as you can see from mdio-tools issue but I think we might have an issue with ixgbe/mdio passthrough and it's a bit too much work.
 

SebastianMWS

New Member
May 7, 2011
28
7
3
Greetings all,

been following this thread with great interest, on and off, ever since it's inception. Even though the sheer complexities, pertaining Marvell MV88E6190X and FreeBSD driver support, are way beyond my knowledge, those Stas Alekseev's efforts do look promising to me.

I just thought to chip in with a modest contribution, albeit it's not related to MV88E6190X/FreeBSD scheme of things. Here's the link to "Silicom uBMC User Guide", referenced to bare metal Silicom vE-CPE/XS (a.k.a. - Modular Universal CPE), in case anyone following this thread finds it useful ...

Silicom uBMC User Guide

Kind regards,
Sebastian
 
Last edited:

compuwizz

Member
Feb 25, 2017
47
47
18
41
I've been playing with the ATT-v150 off and on for a few years now. I use Danos Vyatta Edition (DVE), the commercial version that Cienna owns now, so these are fascinating to me. The version of DANOS on these by default is the commercial version and not the opensource version. When I tried the opensource version, it wouldn't activate the switch properly.

AT&T deployed these ATT-v150s as managed routers to enterprise clients that have dedicated 1G fiber circuits.The v250, v350 and v450 versions for 10G clients.

A year or so ago, someone was taking vyos and adding the switch packages to it to be able to activate the switch and control the switch. I think the switch control is also included in OpenWRT but I haven't tried the x86 iso on it yet.

I just got a ATT-v250 and its running DVE 2009. I have an ATT-v450 coming as well. These have the Broadcom Hurricane2 BCM56160 switch in them.

The opensource DANOS has support for devices with the Broadcom Qumran-AX BCM88470 chipset such as UFiSpace S9500-30xs and the Broadcom Qumran-MX BCM88375 + BCM52311 TCAM in the Edgecore AS5916-54XKS.

The commercial DVE adds the Marvell chipset in the v150 and the Hurricane2 Broadcom chipset.