On 2022-07-13 14:39, Ido Schimmel wrote:
What are "Storm Prevention" and "zero-DPV" FDB entries?
For the zero-DPV entries, I can summarize:
Since a CPU can become saturated from constant SA Miss Violations from a denied source, source MAC address are masked by loading a zero-DPV (Destination Port Vector) entry in the ATU. As the address now appears in the database it will not cause more Miss Violations. ANY port trying to send a frame to this unauthorized address is discarded. Any locked port trying to use this unauthorized address has its frames discarded too (as the ports SA bit is not set in the ATU entry).