Workaround for Ethernet PHY software issue

Hi team,

A customer is trying to workaround the Ethernet PHY issue while keeping the availability of enabling/disabling the networking access dynamically. For that, instead of changing the access at PHY level with ip link set eth0 down, they came up with a similar measure but at IP level by changing the route tables and discarding/accepting all packets:

# Enabling networking access
iptables -P INPUT ACCEPT

# Disabling networking access
iptables -P INPUT DROP
iptables -P FORWARD DROP
iptables -P OUTPUT DROP

At the end, what the customer wants is to disable any remote access by all means. I think myself it is a good workaround but I wanted to confirm with you. Do you see any issue with this approach?

Thanks and best regards,

hi @alvaro.tx

What is the advantage disabling remote access by iptables than disabling the PHY? Especially the Power Consumption of the module will be higher.

What is the the customers exact application?

Hi @alvaro.tx

There is an errata of the PHY we are using on that module. I pushed the suggested workaround from the manufacturer this morning to our git repo.
This patch is preventing the PHY from software power-down. You can find the commit in the ‘toradex_4.9-1.0.x-imx-next’ branch.

I got the final test results this morning that shows, that the problem is solved with the mentioned patch. According to the errata, you are totally safe to use ip link set eth0 down and ip link set eth0 up when not sending the PHY to software power-down.