Using the Memtun Interface

IPsec_GW Reference Pipeline User Guide (UG1671)

Document ID
UG1671
Release Date
2024-02-15
Revision
1.1 English

Memtun is another PCIe memory-based interface. It is available for Linux hosts, and does not require the IONIC driver on the host, but is less secure.

To copy the DSC firmware image using the memtun interface:

  1. Boot up the host with the DSC plugged in.
  2. Login to the host.
  3. Confirm the DSC enumerates as a PCIe device, and note the PCIe addresses of its first virtual downstream port and of its management controller:
    # lspci -d 1dd8:
    12:00.0 PCI bridge: Pensando Systems Inc Device 0002
    13:00.0 PCI bridge: Pensando Systems Inc DSC Virtual Downstream Port
    13:01.0 PCI bridge: Pensando Systems Inc DSC Virtual Downstream Port
    13:02.0 PCI bridge: Pensando Systems Inc DSC Virtual Downstream Port
    14:00.0 Ethernet controller: Pensando Systems Inc DSC Ethernet Controller
    15:00.0 Ethernet controller: Pensando Systems Inc DSC Ethernet Controller
    16:00.0 Ethernet controller: Pensando Systems Inc DSC Management Controller

    In this example the PCIe addresses are 13:00.0 and 16:00.0, respectively.

  4. Compile the memtun binary for the host using the code from $sw/platform/src/app/memtun.
  5. Start the memtun binary on the host:
    # ./memtun -s <downstream_port_pcie_address> 169.1.<mgmt_ctlr_pcie_bus_number>.2 &

    where:

    • <downstream_port_pcie_address> is the PCIe address of the virtual downstream port from step 3.

      In this example it is 13:00.0.

    • <mgmt_ctlr_pcie_bus_number> is the first component of the PCIe address for the management controller from step 3, converted from hexadecimal to decimal.

      In this example, the PCIe address is 16:00.0, so the bus address is 0x16 which converts to 22 decimal.

    The command corresponding to the example output shown in step 3 is therefore:

    # ./memtun -s 13:00.0 169.1.22.2 &

    The memtun utility is started by default on DSCs running goldfw or ssdk firmware. When memtun starts on the host it establishes a connection with the DSC and creates a tun device visible in ifconfig on both the host and the DSC.

  6. Confirm the IP address has been set:
    # ifconfig tun0
    tun0      Link encap:UNSPEC  HWaddr 00-00-00-00-00-00-00-00-00-00-00-00-00-00-00-00
                  inet addr:169.1.22.2  P-t-P:169.1.22.3  Mask:255.255.255.255
                  UP POINTOPOINT RUNNING NOARP MULTICAST  MTU:1500  Metric:1
                  RX packets:2 errors:0 dropped:0 overruns:0 frame:0
                  TX packets:2 errors:0 dropped:0 overruns:0 carrier:0
                  collisions:0 txqueuelen:500
                  RX bytes:96 (96.0 B)  TX bytes:96 (96.0 B)
  7. Verify that you can ping the DSC from the host:
    Note: The tun device for the DSC has a default IP address of 169.254.22.3.
    # ping 169.254.22.3 -c 3
    PING 169.254.22.3 (169.254.22.3) 56(84) bytes of data.
    64 bytes from 169.254.22.3: icmp_seq=1 ttl=64 time=0.205 ms
    64 bytes from 169.254.22.3: icmp_seq=2 ttl=64 time=0.091 ms
    64 bytes from 169.254.22.3: icmp_seq=3 ttl=64 time=0.085 ms
    
    --- 169.254.22.3 ping statistics ---
    3 packets transmitted, 3 received, 0% packet loss, time 2037ms
  8. SSH to the DSC from the host as root with a password of pen123 :
    # ssh -lroot 169.254.22.1
    The authenticity of host '169.254.22.1 (169.254.22.1)' can't be established.
    ECDSA key fingerprint is SHA256:AoU0vi8BifouUOfqSg78t08JgaH7vHHBZfK58CnS+EI.
    Are you sure you want to continue connecting (yes/no)? yes
    Warning: Permanently added '169.254.22.1' (ECDSA) to the list of known hosts.
    
    root@169.254.22.1's password:
  9. Confirm the IP address for the tun0 interface on the DSC is 169.254.<pcie_bus_number>.3:
    Note: The tun0 interface is the memtun device on the DSC that is created by default.
    # ifconfig tun0
    tun0      Link encap:UNSPEC  HWaddr 00-00-00-00-00-00-00-00-00-00-00-00-00-00-00-00
                   inet addr:169.1.22.3  P-t-P:169.1.22.2  Mask:255.255.255.255
                   inet6 addr: fe80::b1a3:b97a:c6a3:3b12/64 Scope:Link
                  UP POINTOPOINT RUNNING NOARP MULTICAST  MTU:1500  Metric:1
                  RX packets:2 errors:0 dropped:0 overruns:0 frame:0
                  TX packets:2 errors:0 dropped:0 overruns:0 carrier:0
                  collisions:0 txqueuelen:500
                  RX bytes:96 (96.0 B)  TX bytes:96 (96.0 B)
  10. Use scp to copy the image over the memtun interface from the host (specified by the IP address that you set in step 5) to the /data/ directory on the card:
    $ scp <user>@<host_ip_address>:<SSDK_dir>/src/github.com/pensando/sw/nic/dsc_fw_elba_.tar /data/

    For example:

    $ scp jdoe@169.1.22.2:/home/jdoe/ssdk/src/github.com/pensando/sw/nic/dsc_fw_elba_.tar /data/