I need some help from Microchip, please read below. On Thursday, 19 November 2020, 19:51:15 CET, Tristram.Ha@xxxxxxxxxxxxx wrote: > There is one more requirement that is a little difficult to do. The calculated peer delay > needs to be programmed in hardware register, but the regular PTP stack has no way to > send that command. I think the driver has to do its own calculation by snooping on the > Pdelay_Req/Pdelay_Resp/Pdelay_Resp_Follow_Up messages. In an (offline) discussion with Vladimir we discovered, that the KSZ switch behaves different as ptp4l expects: The KSZ switch forwards PTP (e.g. SYNC) messages in hardware (with updating the correction field). For this, the peer delays need be configured for each port. ptp4l in turn expects to do the forwarding in software (for the P2P_TC clock configuration). For this, no hardware configuration of the peer delay is necessary. But due to limitations of currently available hardware, this TC forwarding is currently only supported for 2 step clocks, as a one-step clock would probably fully replace the originTimestamp field (similar as a BC, but not as a TC). Vladimir suggested to configure an ACL in the KSZ switch to block forwarding of PTP messages between the user ports and to run ptp4l as BC. My idea is to simply block forwarding of UDP messages with destination ports 319+320 and L2 messages with the PTP Ether-Type. I installed the following ACL (for UDP) in the Port ACL Access registers 0-F: |_0__1__2__3__4__5__6__7__8__9__A__B__C__D__E__F | 00 39 01 40 01 3F 42 22 00 00 00 60 00 00 00 01 ACL index: 0 Match: - MD=11 (L4) - ENB=10 (UDP ports) - S/D=0 (dst) - EQ=1 (equal) - MAX_PORT=320 - MIN_PORT=319 - PC=01 (min or max) - PRO=17 (UDP, don't care?) - FME=0 (disabled) Action: - PM=0 (disabled) - P=0 (don't care) - RPE=0 (disabled) - RP=0 (don't care) - MM=11 (replace) - PORT_FWD_MAP: all ports to 0 Processing entry: - Ruleset=0x0001 - FRN=0 Unfortunately, with this configuration PTP messages are still forwarded from port 1 to port 2. Although I was successful in blocking other communication (e.g. by MAC address), the matching rules above seem not to work. Is there an error in the ACL, or is forwarding of PTP traffic independent of configured ACLs? regards Christian
