From 6d767e549dabb199eb555afae2d10c4993d14275 Mon Sep 17 00:00:00 2001 From: abdosi <58047199+abdosi@users.noreply.github.com> Date: Thu, 18 Jan 2024 20:53:26 -0800 Subject: [PATCH 1/7] [chassis] Support advertisement of Loopback0 of all LC's across all e-BGP peers in TSA mode (#16714) (#17837) What I did: In Chassis TSA mode Loopback0 Ip's of each LC's should be advertise through e-BGP peers of each remote LC's How I did: - Route-map policy to Advertise own/self Loopback IP to other internal iBGP peers with a community internal_community as define in constants.yml - Route-map policy to match on above internal_community when route is received from internal iBGP peers and set a internal tag as define in constants.yml and also delete the internal_community so we don't send to any of e-BGP peers - In TSA new route-map match on above internal tag and permit the route (Loopback0 IP's of remote LC's) and set the community to traffic_shift_community. - In TSB delete the above new route-map. How I verify: Manual Verification UT updated. sonic-mgmt PR: sonic-net/sonic-mgmt#10239 Signed-off-by: Abhishek Dosi --- dockers/docker-fpm-frr/TS | 9 +++- .../bgpd/templates/internal/policies.conf.j2 | 48 +++++++++++++++---- .../templates/voq_chassis/policies.conf.j2 | 20 ++++++++ .../frr/bgpd/tsa/bgpd.tsa.isolate.conf.j2 | 5 +- .../frr/bgpd/tsa/bgpd.tsa.unisolate.conf.j2 | 3 +- files/image_config/constants/constants.yml | 2 + .../peer-group.conf/result_all_isolate.conf | 10 +++- .../peer-group.conf/result_all_unisolate.conf | 6 ++- .../peer-group.conf/result_isolate.conf | 10 +++- .../peer-group.conf/result_unisolate.conf | 6 ++- .../internal/policies.conf/param_back.json | 6 +++ .../policies.conf/param_chasiss_packet.json | 16 +++++++ .../internal/policies.conf/param_front.json | 8 +++- .../internal/policies.conf/result_back.conf | 18 +++---- .../policies.conf/result_chasiss_packet.conf | 37 ++++++++++++++ .../internal/policies.conf/result_front.conf | 8 ++-- .../tests/data/sonic-cfggen/tsa/isolate.conf | 5 +- .../tests/data/sonic-cfggen/tsa/isolate.json | 5 +- .../data/sonic-cfggen/tsa/unisolate.conf | 3 +- .../voq_chassis/policies.conf/param_base.json | 6 +++ .../policies.conf/result_base.conf | 21 +++++++- src/sonic-bgpcfgd/tests/test_device_global.py | 3 +- 22 files changed, 214 insertions(+), 41 deletions(-) create mode 100644 src/sonic-bgpcfgd/tests/data/internal/policies.conf/param_chasiss_packet.json create mode 100644 src/sonic-bgpcfgd/tests/data/internal/policies.conf/result_chasiss_packet.conf diff --git a/dockers/docker-fpm-frr/TS b/dockers/docker-fpm-frr/TS index 75472d8c69..888b2c20b8 100755 --- a/dockers/docker-fpm-frr/TS +++ b/dockers/docker-fpm-frr/TS @@ -16,7 +16,9 @@ function check_not_installed() is_internal_route_map $route_map_name && continue echo "$config" | egrep -q "^route-map $route_map_name permit 20$" c=$((c+$?)) - echo "$config" | egrep -q "^route-map $route_map_name deny 30$" + echo "$config" | egrep -q "^route-map $route_map_name permit 30$" + c=$((c+$?)) + echo "$config" | egrep -q "^route-map $route_map_name deny 40$" c=$((c+$?)) done return $c @@ -33,7 +35,10 @@ function check_installed() echo "$config" | egrep -q "^route-map $route_map_name permit 20$" c=$((c+$?)) e=$((e+1)) - echo "$config" | egrep -q "^route-map $route_map_name deny 30$" + echo "$config" | egrep -q "^route-map $route_map_name permit 30$" + c=$((c+$?)) + e=$((e+1)) + echo "$config" | egrep -q "^route-map $route_map_name deny 40$" c=$((c+$?)) e=$((e+1)) done diff --git a/dockers/docker-fpm-frr/frr/bgpd/templates/internal/policies.conf.j2 b/dockers/docker-fpm-frr/frr/bgpd/templates/internal/policies.conf.j2 index 855a686356..5f9c8a83e2 100644 --- a/dockers/docker-fpm-frr/frr/bgpd/templates/internal/policies.conf.j2 +++ b/dockers/docker-fpm-frr/frr/bgpd/templates/internal/policies.conf.j2 @@ -4,26 +4,56 @@ ! {% from "common/functions.conf.j2" import get_ipv4_loopback_address %} ! -route-map FROM_BGP_INTERNAL_PEER_V4 permit 100 +{% if CONFIG_DB__DEVICE_METADATA['localhost']['sub_role'] == 'BackEnd' %} +route-map FROM_BGP_INTERNAL_PEER_V4 permit 1 + set originator-id {{ get_ipv4_loopback_address(CONFIG_DB__LOOPBACK_INTERFACE, "Loopback4096") | ip }} ! -route-map TO_BGP_INTERNAL_PEER_V4 permit 100 +route-map FROM_BGP_INTERNAL_PEER_V6 permit 1 + set ipv6 next-hop prefer-global + on-match next ! +route-map FROM_BGP_INTERNAL_PEER_V6 permit 2 + set originator-id {{ get_ipv4_loopback_address(CONFIG_DB__LOOPBACK_INTERFACE, "Loopback4096") | ip }} +{% elif CONFIG_DB__DEVICE_METADATA['localhost']['switch_type'] == 'chassis-packet' %} +bgp community-list standard DEVICE_INTERNAL_COMMUNITY permit {{ constants.bgp.internal_community }} +! +route-map FROM_BGP_INTERNAL_PEER_V4 permit 1 + match community DEVICE_INTERNAL_COMMUNITY + set comm-list DEVICE_INTERNAL_COMMUNITY delete + set tag {{ constants.bgp.internal_community_match_tag }} ! route-map FROM_BGP_INTERNAL_PEER_V6 permit 1 set ipv6 next-hop prefer-global on-match next ! -route-map FROM_BGP_INTERNAL_PEER_V6 permit 100 +route-map FROM_BGP_INTERNAL_PEER_V6 permit 2 + match community DEVICE_INTERNAL_COMMUNITY + set comm-list DEVICE_INTERNAL_COMMUNITY delete + set tag {{ constants.bgp.internal_community_match_tag }} ! -route-map TO_BGP_INTERNAL_PEER_V6 permit 100 +route-map TO_BGP_INTERNAL_PEER_V4 permit 1 + match ip address prefix-list PL_LoopbackV4 + set community {{ constants.bgp.internal_community }} ! -{% if CONFIG_DB__DEVICE_METADATA['localhost']['sub_role'] == 'BackEnd' %} -route-map FROM_BGP_INTERNAL_PEER_V4 permit 2 - set originator-id {{ get_ipv4_loopback_address(CONFIG_DB__LOOPBACK_INTERFACE, "Loopback4096") | ip }} +route-map TO_BGP_INTERNAL_PEER_V6 permit 2 + match ipv6 address prefix-list PL_LoopbackV6 + set community {{ constants.bgp.internal_community }} +! +{% else %} +route-map FROM_BGP_INTERNAL_PEER_V6 permit 1 + set ipv6 next-hop prefer-global + on-match next ! -route-map FROM_BGP_INTERNAL_PEER_V6 permit 2 - set originator-id {{ get_ipv4_loopback_address(CONFIG_DB__LOOPBACK_INTERFACE, "Loopback4096") | ip }} {% endif %} ! +route-map FROM_BGP_INTERNAL_PEER_V4 permit 100 +! +route-map FROM_BGP_INTERNAL_PEER_V6 permit 100 +! +route-map TO_BGP_INTERNAL_PEER_V4 permit 100 +! +route-map TO_BGP_INTERNAL_PEER_V6 permit 100 +! +! ! end of template: bgpd/templates/internal/policies.conf.j2 ! diff --git a/dockers/docker-fpm-frr/frr/bgpd/templates/voq_chassis/policies.conf.j2 b/dockers/docker-fpm-frr/frr/bgpd/templates/voq_chassis/policies.conf.j2 index c26db7bde2..9ffe00d14a 100644 --- a/dockers/docker-fpm-frr/frr/bgpd/templates/voq_chassis/policies.conf.j2 +++ b/dockers/docker-fpm-frr/frr/bgpd/templates/voq_chassis/policies.conf.j2 @@ -1,8 +1,19 @@ ! ! template: bgpd/templates/voq_chassis/policies.conf.j2 ! +bgp community-list standard DEVICE_INTERNAL_COMMUNITY permit {{ constants.bgp.internal_community }} +! +route-map FROM_VOQ_CHASSIS_V4_PEER permit 1 + match community DEVICE_INTERNAL_COMMUNITY + set comm-list DEVICE_INTERNAL_COMMUNITY delete + set tag {{ constants.bgp.internal_community_match_tag }} +! route-map FROM_VOQ_CHASSIS_V4_PEER permit 100 ! +route-map TO_VOQ_CHASSIS_V4_PEER permit 1 + match ip address prefix-list PL_LoopbackV4 + set community {{ constants.bgp.internal_community }} +! route-map TO_VOQ_CHASSIS_V4_PEER permit 100 ! ! @@ -10,8 +21,17 @@ route-map FROM_VOQ_CHASSIS_V6_PEER permit 1 set ipv6 next-hop prefer-global on-match next ! +route-map FROM_VOQ_CHASSIS_V6_PEER permit 2 + match community DEVICE_INTERNAL_COMMUNITY + set comm-list DEVICE_INTERNAL_COMMUNITY delete + set tag {{ constants.bgp.internal_community_match_tag }} +! route-map FROM_VOQ_CHASSIS_V6_PEER permit 100 ! +route-map TO_VOQ_CHASSIS_V6_PEER permit 1 + match ipv6 address prefix-list PL_LoopbackV6 + set community {{ constants.bgp.internal_community }} +! route-map TO_VOQ_CHASSIS_V6_PEER permit 100 ! ! end of template: bgpd/templates/voq_chassis/policies.conf.j2 diff --git a/dockers/docker-fpm-frr/frr/bgpd/tsa/bgpd.tsa.isolate.conf.j2 b/dockers/docker-fpm-frr/frr/bgpd/tsa/bgpd.tsa.isolate.conf.j2 index 1256d1cd4f..2321643f8d 100644 --- a/dockers/docker-fpm-frr/frr/bgpd/tsa/bgpd.tsa.isolate.conf.j2 +++ b/dockers/docker-fpm-frr/frr/bgpd/tsa/bgpd.tsa.isolate.conf.j2 @@ -1,5 +1,8 @@ route-map {{ route_map_name }} permit 20 match {{ ip_protocol }} address prefix-list PL_Loopback{{ ip_version }} set community {{ constants.bgp.traffic_shift_community }} -route-map {{ route_map_name }} deny 30 +route-map {{ route_map_name }} permit 30 + match tag {{ constants.bgp.internal_community_match_tag }} + set community {{ constants.bgp.traffic_shift_community }} +route-map {{ route_map_name }} deny 40 ! diff --git a/dockers/docker-fpm-frr/frr/bgpd/tsa/bgpd.tsa.unisolate.conf.j2 b/dockers/docker-fpm-frr/frr/bgpd/tsa/bgpd.tsa.unisolate.conf.j2 index 649f6d8e9d..7ba4c1bd6f 100644 --- a/dockers/docker-fpm-frr/frr/bgpd/tsa/bgpd.tsa.unisolate.conf.j2 +++ b/dockers/docker-fpm-frr/frr/bgpd/tsa/bgpd.tsa.unisolate.conf.j2 @@ -1,3 +1,4 @@ no route-map {{ route_map_name }} permit 20 -no route-map {{ route_map_name }} deny 30 +no route-map {{ route_map_name }} permit 30 +no route-map {{ route_map_name }} deny 40 ! diff --git a/files/image_config/constants/constants.yml b/files/image_config/constants/constants.yml index 94f3d0e970..413d935513 100644 --- a/files/image_config/constants/constants.yml +++ b/files/image_config/constants/constants.yml @@ -4,6 +4,8 @@ constants: "2" : 65433 bgp: traffic_shift_community: 12345:12345 + internal_community: 11111:11111 + internal_community_match_tag: 1002 families: - ipv4 - ipv6 diff --git a/src/sonic-bgpcfgd/tests/data/general/peer-group.conf/result_all_isolate.conf b/src/sonic-bgpcfgd/tests/data/general/peer-group.conf/result_all_isolate.conf index a078dadd6f..bf3abfc046 100644 --- a/src/sonic-bgpcfgd/tests/data/general/peer-group.conf/result_all_isolate.conf +++ b/src/sonic-bgpcfgd/tests/data/general/peer-group.conf/result_all_isolate.conf @@ -23,11 +23,17 @@ route-map TO_BGP_PEER_V4 permit 20 match ip address prefix-list PL_LoopbackV4 set community 12345:12345 -route-map TO_BGP_PEER_V4 deny 30 +route-map TO_BGP_PEER_V4 permit 30 + match tag 1001 + set community 12345:12345 +route-map TO_BGP_PEER_V4 deny 40 ! route-map TO_BGP_PEER_V6 permit 20 match ipv6 address prefix-list PL_LoopbackV6 set community 12345:12345 -route-map TO_BGP_PEER_V6 deny 30 +route-map TO_BGP_PEER_V6 permit 30 + match tag 1001 + set community 12345:12345 +route-map TO_BGP_PEER_V6 deny 40 ! diff --git a/src/sonic-bgpcfgd/tests/data/general/peer-group.conf/result_all_unisolate.conf b/src/sonic-bgpcfgd/tests/data/general/peer-group.conf/result_all_unisolate.conf index 1cd4442f4f..fa56d296e4 100644 --- a/src/sonic-bgpcfgd/tests/data/general/peer-group.conf/result_all_unisolate.conf +++ b/src/sonic-bgpcfgd/tests/data/general/peer-group.conf/result_all_unisolate.conf @@ -21,9 +21,11 @@ no route-map TO_BGP_PEER_V4 permit 20 -no route-map TO_BGP_PEER_V4 deny 30 +no route-map TO_BGP_PEER_V4 permit 30 +no route-map TO_BGP_PEER_V4 deny 40 ! no route-map TO_BGP_PEER_V6 permit 20 -no route-map TO_BGP_PEER_V6 deny 30 +no route-map TO_BGP_PEER_V6 permit 30 +no route-map TO_BGP_PEER_V6 deny 40 ! diff --git a/src/sonic-bgpcfgd/tests/data/general/peer-group.conf/result_isolate.conf b/src/sonic-bgpcfgd/tests/data/general/peer-group.conf/result_isolate.conf index 902b8cfcda..88017bf2f3 100644 --- a/src/sonic-bgpcfgd/tests/data/general/peer-group.conf/result_isolate.conf +++ b/src/sonic-bgpcfgd/tests/data/general/peer-group.conf/result_isolate.conf @@ -2,10 +2,16 @@ route-map TO_BGP_PEER_V4 permit 20 match ip address prefix-list PL_LoopbackV4 set community 12345:12345 -route-map TO_BGP_PEER_V4 deny 30 +route-map TO_BGP_PEER_V4 permit 30 + match tag 1001 + set community 12345:12345 +route-map TO_BGP_PEER_V4 deny 40 ! route-map TO_BGP_PEER_V6 permit 20 match ipv6 address prefix-list PL_LoopbackV6 set community 12345:12345 -route-map TO_BGP_PEER_V6 deny 30 +route-map TO_BGP_PEER_V6 permit 30 + match tag 1001 + set community 12345:12345 +route-map TO_BGP_PEER_V6 deny 40 ! diff --git a/src/sonic-bgpcfgd/tests/data/general/peer-group.conf/result_unisolate.conf b/src/sonic-bgpcfgd/tests/data/general/peer-group.conf/result_unisolate.conf index 8fd9fde7f7..8bfcdee993 100644 --- a/src/sonic-bgpcfgd/tests/data/general/peer-group.conf/result_unisolate.conf +++ b/src/sonic-bgpcfgd/tests/data/general/peer-group.conf/result_unisolate.conf @@ -1,7 +1,9 @@ no route-map TO_BGP_PEER_V4 permit 20 -no route-map TO_BGP_PEER_V4 deny 30 +no route-map TO_BGP_PEER_V4 permit 30 +no route-map TO_BGP_PEER_V4 deny 40 ! no route-map TO_BGP_PEER_V6 permit 20 -no route-map TO_BGP_PEER_V6 deny 30 +no route-map TO_BGP_PEER_V6 permit 30 +no route-map TO_BGP_PEER_V6 deny 40 ! diff --git a/src/sonic-bgpcfgd/tests/data/internal/policies.conf/param_back.json b/src/sonic-bgpcfgd/tests/data/internal/policies.conf/param_back.json index 37e54d785e..d39721ae0c 100644 --- a/src/sonic-bgpcfgd/tests/data/internal/policies.conf/param_back.json +++ b/src/sonic-bgpcfgd/tests/data/internal/policies.conf/param_back.json @@ -6,5 +6,11 @@ }, "CONFIG_DB__LOOPBACK_INTERFACE": { "Loopback4096|10.10.10.10/32": {} + }, + "constants": { + "bgp": { + "internal_community": "12345:556", + "internal_community_match_tag": "101" + } } } diff --git a/src/sonic-bgpcfgd/tests/data/internal/policies.conf/param_chasiss_packet.json b/src/sonic-bgpcfgd/tests/data/internal/policies.conf/param_chasiss_packet.json new file mode 100644 index 0000000000..1e600cc9d7 --- /dev/null +++ b/src/sonic-bgpcfgd/tests/data/internal/policies.conf/param_chasiss_packet.json @@ -0,0 +1,16 @@ +{ + "CONFIG_DB__DEVICE_METADATA": { + "localhost": { + "type": "SpineRouter", + "sub_role": "FrontEnd", + "switch_type": "chassis-packet" + } + }, + "constants": { + "bgp": { + "internal_community": "12345:556", + "internal_community_match_tag": "101" + } + }, + "loopback0_ipv4": "10.10.10.10/32" +} diff --git a/src/sonic-bgpcfgd/tests/data/internal/policies.conf/param_front.json b/src/sonic-bgpcfgd/tests/data/internal/policies.conf/param_front.json index 68c27766d2..f18513d815 100644 --- a/src/sonic-bgpcfgd/tests/data/internal/policies.conf/param_front.json +++ b/src/sonic-bgpcfgd/tests/data/internal/policies.conf/param_front.json @@ -1,7 +1,13 @@ { "CONFIG_DB__DEVICE_METADATA": { "localhost": { - "sub_role": "FrontkEnd" + "sub_role": "FrontEnd" + } + }, + "constants": { + "bgp": { + "internal_community": "12345:556", + "internal_community_match_tag": "101" } }, "loopback0_ipv4": "10.10.10.10/32" diff --git a/src/sonic-bgpcfgd/tests/data/internal/policies.conf/result_back.conf b/src/sonic-bgpcfgd/tests/data/internal/policies.conf/result_back.conf index 81b5aab193..5ee9967d85 100644 --- a/src/sonic-bgpcfgd/tests/data/internal/policies.conf/result_back.conf +++ b/src/sonic-bgpcfgd/tests/data/internal/policies.conf/result_back.conf @@ -1,23 +1,23 @@ ! ! template: bgpd/templates/internal/policies.conf.j2 ! -route-map FROM_BGP_INTERNAL_PEER_V4 permit 100 -! -route-map TO_BGP_INTERNAL_PEER_V4 permit 100 +route-map FROM_BGP_INTERNAL_PEER_V4 permit 1 + set originator-id 10.10.10.10 ! route-map FROM_BGP_INTERNAL_PEER_V6 permit 1 set ipv6 next-hop prefer-global on-match next ! -route-map FROM_BGP_INTERNAL_PEER_V6 permit 100 +route-map FROM_BGP_INTERNAL_PEER_V6 permit 2 + set originator-id 10.10.10.10 ! -route-map TO_BGP_INTERNAL_PEER_V6 permit 100 +route-map FROM_BGP_INTERNAL_PEER_V4 permit 100 ! -route-map FROM_BGP_INTERNAL_PEER_V4 permit 2 - set originator-id 10.10.10.10 +route-map FROM_BGP_INTERNAL_PEER_V6 permit 100 ! -route-map FROM_BGP_INTERNAL_PEER_V6 permit 2 - set originator-id 10.10.10.10 +route-map TO_BGP_INTERNAL_PEER_V4 permit 100 +! +route-map TO_BGP_INTERNAL_PEER_V6 permit 100 ! ! end of template: bgpd/templates/internal/policies.conf.j2 ! diff --git a/src/sonic-bgpcfgd/tests/data/internal/policies.conf/result_chasiss_packet.conf b/src/sonic-bgpcfgd/tests/data/internal/policies.conf/result_chasiss_packet.conf new file mode 100644 index 0000000000..e3a4e2e071 --- /dev/null +++ b/src/sonic-bgpcfgd/tests/data/internal/policies.conf/result_chasiss_packet.conf @@ -0,0 +1,37 @@ +! +! template: bgpd/templates/internal/policies.conf.j2 +! +bgp community-list standard DEVICE_INTERNAL_COMMUNITY permit 12345:556 +! +route-map FROM_BGP_INTERNAL_PEER_V4 permit 1 + match community DEVICE_INTERNAL_COMMUNITY + set comm-list DEVICE_INTERNAL_COMMUNITY delete + set tag 101 +! +route-map FROM_BGP_INTERNAL_PEER_V6 permit 1 + set ipv6 next-hop prefer-global + on-match next +! +route-map FROM_BGP_INTERNAL_PEER_V6 permit 2 + match community DEVICE_INTERNAL_COMMUNITY + set comm-list DEVICE_INTERNAL_COMMUNITY delete + set tag 101 +! +route-map TO_BGP_INTERNAL_PEER_V4 permit 1 + match ip address prefix-list PL_LoopbackV4 + set community 12345:556 +! +route-map TO_BGP_INTERNAL_PEER_V6 permit 2 + match ipv6 address prefix-list PL_LoopbackV6 + set community 12345:556 +! +route-map FROM_BGP_INTERNAL_PEER_V4 permit 100 +! +route-map FROM_BGP_INTERNAL_PEER_V6 permit 100 +! +route-map TO_BGP_INTERNAL_PEER_V4 permit 100 +! +route-map TO_BGP_INTERNAL_PEER_V6 permit 100 +! +! end of template: bgpd/templates/internal/policies.conf.j2 +! diff --git a/src/sonic-bgpcfgd/tests/data/internal/policies.conf/result_front.conf b/src/sonic-bgpcfgd/tests/data/internal/policies.conf/result_front.conf index 880530a279..0c6405321f 100644 --- a/src/sonic-bgpcfgd/tests/data/internal/policies.conf/result_front.conf +++ b/src/sonic-bgpcfgd/tests/data/internal/policies.conf/result_front.conf @@ -1,16 +1,16 @@ ! ! template: bgpd/templates/internal/policies.conf.j2 ! -route-map FROM_BGP_INTERNAL_PEER_V4 permit 100 -! -route-map TO_BGP_INTERNAL_PEER_V4 permit 100 -! route-map FROM_BGP_INTERNAL_PEER_V6 permit 1 set ipv6 next-hop prefer-global on-match next ! +route-map FROM_BGP_INTERNAL_PEER_V4 permit 100 +! route-map FROM_BGP_INTERNAL_PEER_V6 permit 100 ! +route-map TO_BGP_INTERNAL_PEER_V4 permit 100 +! route-map TO_BGP_INTERNAL_PEER_V6 permit 100 ! ! end of template: bgpd/templates/internal/policies.conf.j2 diff --git a/src/sonic-bgpcfgd/tests/data/sonic-cfggen/tsa/isolate.conf b/src/sonic-bgpcfgd/tests/data/sonic-cfggen/tsa/isolate.conf index 2ea4111dfc..e775b6d0ac 100644 --- a/src/sonic-bgpcfgd/tests/data/sonic-cfggen/tsa/isolate.conf +++ b/src/sonic-bgpcfgd/tests/data/sonic-cfggen/tsa/isolate.conf @@ -1,5 +1,8 @@ route-map test_rm_name permit 20 match ip address prefix-list PL_LoopbackV4 set community 12345:555 -route-map test_rm_name deny 30 +route-map test_rm_name permit 30 + match tag 1002 + set community 12345:555 +route-map test_rm_name deny 40 ! diff --git a/src/sonic-bgpcfgd/tests/data/sonic-cfggen/tsa/isolate.json b/src/sonic-bgpcfgd/tests/data/sonic-cfggen/tsa/isolate.json index 807dfe7e1a..68ffe27c46 100644 --- a/src/sonic-bgpcfgd/tests/data/sonic-cfggen/tsa/isolate.json +++ b/src/sonic-bgpcfgd/tests/data/sonic-cfggen/tsa/isolate.json @@ -1,10 +1,11 @@ { "constants": { "bgp": { - "traffic_shift_community": "12345:555" + "traffic_shift_community": "12345:555", + "internal_community_match_tag": "1002" } }, "route_map_name": "test_rm_name", "ip_version": "V4", "ip_protocol": "ip" -} \ No newline at end of file +} diff --git a/src/sonic-bgpcfgd/tests/data/sonic-cfggen/tsa/unisolate.conf b/src/sonic-bgpcfgd/tests/data/sonic-cfggen/tsa/unisolate.conf index 2adeac6e0e..31553e3a98 100644 --- a/src/sonic-bgpcfgd/tests/data/sonic-cfggen/tsa/unisolate.conf +++ b/src/sonic-bgpcfgd/tests/data/sonic-cfggen/tsa/unisolate.conf @@ -1,3 +1,4 @@ no route-map test_rm permit 20 -no route-map test_rm deny 30 +no route-map test_rm permit 30 +no route-map test_rm deny 40 ! diff --git a/src/sonic-bgpcfgd/tests/data/voq_chassis/policies.conf/param_base.json b/src/sonic-bgpcfgd/tests/data/voq_chassis/policies.conf/param_base.json index 7ef21c181d..483cc938c5 100644 --- a/src/sonic-bgpcfgd/tests/data/voq_chassis/policies.conf/param_base.json +++ b/src/sonic-bgpcfgd/tests/data/voq_chassis/policies.conf/param_base.json @@ -1,5 +1,11 @@ { "CONFIG_DB__DEVICE_METADATA": { "localhost": {} + }, + "constants": { + "bgp": { + "internal_community": "12345:556", + "internal_community_match_tag": "101" + } } } diff --git a/src/sonic-bgpcfgd/tests/data/voq_chassis/policies.conf/result_base.conf b/src/sonic-bgpcfgd/tests/data/voq_chassis/policies.conf/result_base.conf index c26db7bde2..4dc2f9cec9 100644 --- a/src/sonic-bgpcfgd/tests/data/voq_chassis/policies.conf/result_base.conf +++ b/src/sonic-bgpcfgd/tests/data/voq_chassis/policies.conf/result_base.conf @@ -1,17 +1,36 @@ ! ! template: bgpd/templates/voq_chassis/policies.conf.j2 ! +bgp community-list standard DEVICE_INTERNAL_COMMUNITY permit 12345:556 +! +route-map FROM_VOQ_CHASSIS_V4_PEER permit 1 + match community DEVICE_INTERNAL_COMMUNITY + set comm-list DEVICE_INTERNAL_COMMUNITY delete + set tag 101 +! route-map FROM_VOQ_CHASSIS_V4_PEER permit 100 ! -route-map TO_VOQ_CHASSIS_V4_PEER permit 100 +route-map TO_VOQ_CHASSIS_V4_PEER permit 1 + match ip address prefix-list PL_LoopbackV4 + set community 12345:556 ! +route-map TO_VOQ_CHASSIS_V4_PEER permit 100 ! route-map FROM_VOQ_CHASSIS_V6_PEER permit 1 set ipv6 next-hop prefer-global on-match next ! +route-map FROM_VOQ_CHASSIS_V6_PEER permit 2 + match community DEVICE_INTERNAL_COMMUNITY + set comm-list DEVICE_INTERNAL_COMMUNITY delete + set tag 101 +! route-map FROM_VOQ_CHASSIS_V6_PEER permit 100 ! +route-map TO_VOQ_CHASSIS_V6_PEER permit 1 + match ipv6 address prefix-list PL_LoopbackV6 + set community 12345:556 +! route-map TO_VOQ_CHASSIS_V6_PEER permit 100 ! ! end of template: bgpd/templates/voq_chassis/policies.conf.j2 diff --git a/src/sonic-bgpcfgd/tests/test_device_global.py b/src/sonic-bgpcfgd/tests/test_device_global.py index 2a912c3d05..049bcbeec0 100644 --- a/src/sonic-bgpcfgd/tests/test_device_global.py +++ b/src/sonic-bgpcfgd/tests/test_device_global.py @@ -13,7 +13,8 @@ BASE_PATH = os.path.abspath('../sonic-bgpcfgd/tests/data/general/peer-group.conf/') global_constants = { "bgp": { - "traffic_shift_community" :"12345:12345" + "traffic_shift_community" :"12345:12345", + "internal_community_match_tag" : "1001" } } From 076b6c3d2526f77fb40f9062b0f43289b6149416 Mon Sep 17 00:00:00 2001 From: zitingguo-ms Date: Fri, 19 Jan 2024 14:56:01 +0800 Subject: [PATCH 2/7] upgrade xgs SAI to 8.4.39.2 (#17842) Why I did it Upgrade the xgs SAI version to 8.4.39.2 to include the following fix: 8.4.36.0: [submodule upgrade] [SAI_BRANCH rel_ocp_sai_8_4] SID: SDK-381039 Cosq control dynamic type changes 8.4.37.0: SID: MMU cosq control configuration with Dynamic Type Check 8.4.38.0: [sbumodule upgrade] [CSP 0001232212][SAI_BRANCH rel_ocp_sai_8_4]back-porting SONIC-82415 to SAI 8.4 8.4.39.0: [CSP CS00012320979] Port SONIC-81867 sai spec compliance for get SAI_SWITCH_ATTR_SWITCH_HARDWARE_INFO 8.4.39.1: changes for phy-re-init of 40G ports for TH platforms CS00012327470 8.4.39.2: fix capability for Hostif queue by change SET operation of SAI_HOSTIF_ATTR_QUEUE to be true Work item tracking Microsoft ADO (number only): 26491005 How I did it Upgrade xgs SAI version in sai.mk file. How to verify it Run basic SONiC test using SAI release pipeline, all cases passed. https://dev.azure.com/mssonic/internal/_build/results?buildId=457869&view=results --- platform/broadcom/sai.mk | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/platform/broadcom/sai.mk b/platform/broadcom/sai.mk index f5fc791e38..341cfc8662 100644 --- a/platform/broadcom/sai.mk +++ b/platform/broadcom/sai.mk @@ -1,4 +1,4 @@ -LIBSAIBCM_XGS_VERSION = 8.4.35.0 +LIBSAIBCM_XGS_VERSION = 8.4.39.2 LIBSAIBCM_DNX_VERSION = 9.2.12.1 LIBSAIBCM_XGS_BRANCH_NAME = SAI_8.4.0_GA LIBSAIBCM_DNX_BRANCH_NAME = SAI_9.2.0.3 From 66ce739340fbb4612509a19e3297f7774f4242ae Mon Sep 17 00:00:00 2001 From: mssonicbld <79238446+mssonicbld@users.noreply.github.com> Date: Fri, 19 Jan 2024 16:34:46 +0800 Subject: [PATCH 3/7] [submodule] Update submodule sonic-utilities to the latest HEAD automatically (#17855) #### Why I did it src/sonic-utilities ``` * 93c42272 - (HEAD -> 202305, origin/202305) [chassis]: Support show ip bgp summary to display without error when no external neighbors are configured on chassis LC (#3099) (22 hours ago) [Arvindsrinivasan Lakshmi Narasimhan] ``` #### How I did it #### How to verify it #### Description for the changelog --- src/sonic-utilities | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/src/sonic-utilities b/src/sonic-utilities index 651a80b149..93c4227232 160000 --- a/src/sonic-utilities +++ b/src/sonic-utilities @@ -1 +1 @@ -Subproject commit 651a80b14989082bbc35f4f44831ecf0e3e9ff60 +Subproject commit 93c422723259665d5cebdbe65b5340071569b2bd From 30b1f05f0c66eb7d1d7961e8065881dc48048d84 Mon Sep 17 00:00:00 2001 From: mssonicbld <79238446+mssonicbld@users.noreply.github.com> Date: Fri, 19 Jan 2024 16:34:55 +0800 Subject: [PATCH 4/7] [submodule] Update submodule linkmgrd to the latest HEAD automatically (#17851) #### Why I did it src/linkmgrd ``` * f5e9b54 - (HEAD -> 202305, origin/202305) [CodeQL] fix unmet build dependency (#222) (10 hours ago) [Jing Zhang] * 2282cc5 - [active-standby] Probe the link in suspend timeout (#235) (22 hours ago) [Longxiang Lyu] ``` #### How I did it #### How to verify it #### Description for the changelog --- src/linkmgrd | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/src/linkmgrd b/src/linkmgrd index 2f5971feb3..f5e9b54b14 160000 --- a/src/linkmgrd +++ b/src/linkmgrd @@ -1 +1 @@ -Subproject commit 2f5971feb3b4acb1e76c7a3fec00e4a358bfc8cc +Subproject commit f5e9b54b147e9cf24de1ed03f59170a5c20bf556 From fc7a1ac02fa94c54ecd0465180e430b93d853de4 Mon Sep 17 00:00:00 2001 From: mssonicbld <79238446+mssonicbld@users.noreply.github.com> Date: Fri, 19 Jan 2024 18:36:00 +0800 Subject: [PATCH 5/7] [submodule] Update submodule sonic-snmpagent to the latest HEAD automatically (#17853) #### Why I did it src/sonic-snmpagent ``` * b0a4bcc - (HEAD -> 202305, origin/202305) Set the execute bit on sysDescr_pass.py (#306) (22 hours ago) [Andre Kostur] ``` #### How I did it #### How to verify it #### Description for the changelog --- src/sonic-snmpagent | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/src/sonic-snmpagent b/src/sonic-snmpagent index e5fd19294d..b0a4bcc750 160000 --- a/src/sonic-snmpagent +++ b/src/sonic-snmpagent @@ -1 +1 @@ -Subproject commit e5fd19294dce62ce256e3a27d786a49c00e18824 +Subproject commit b0a4bcc750abed449f08cfe0b8759e4f58f22816 From 306175be2c9455f199be1fb58d456f7549fccbe7 Mon Sep 17 00:00:00 2001 From: Saikrishna Arcot Date: Fri, 19 Jan 2024 03:16:04 -0800 Subject: [PATCH 6/7] dhcrelay: Don't look up the ifindex for the fallback interface (#17797) (#17840) Currently, whenever isc-dhcp-relay forwards a packet upstream, internally, it will try to send it on a "fallback" interface. My understanding is that this isn't meant to be a real interface, but instead is basically saying to use Linux's regular routing stack to route the packet appropriately (rather than having isc-dhcp-relay specify specifically which interface to use). The problem is that on systems with a weak CPU, a large number of interfaces, and many upstream servers specified, this can introduce a noticeable delay in packets getting sent. The delay comes from trying to get the ifindex of the fallback interface. In one test case, it got to the point that only 2 packets could be processed per second. Because of this, dhcrelay will easily get backlogged and likely get to a point where packets get dropped in the kernel. Fix this by adding a check saying if we're using the fallback interface, then don't try to get the ifindex of this interface. We're never going to have an interface named this in SONiC. Signed-off-by: Saikrishna Arcot --- ...n-t-look-up-the-ifindex-for-fallback.patch | 34 +++++++++++++++++++ src/isc-dhcp/patch/series | 1 + 2 files changed, 35 insertions(+) create mode 100644 src/isc-dhcp/patch/0016-Don-t-look-up-the-ifindex-for-fallback.patch diff --git a/src/isc-dhcp/patch/0016-Don-t-look-up-the-ifindex-for-fallback.patch b/src/isc-dhcp/patch/0016-Don-t-look-up-the-ifindex-for-fallback.patch new file mode 100644 index 0000000000..55fde475ff --- /dev/null +++ b/src/isc-dhcp/patch/0016-Don-t-look-up-the-ifindex-for-fallback.patch @@ -0,0 +1,34 @@ +From 079ff1bb570dae96c4ca513e210c9856e9cc75b0 Mon Sep 17 00:00:00 2001 +From: Saikrishna Arcot +Date: Wed, 10 Jan 2024 23:30:17 -0800 +Subject: [PATCH] Don't look up the ifindex for fallback + +If sending a packet on the "fallback" interface, then don't try to get the +ifindex for that interface. There will never be an actual interface named +"fallback" in SONiC (at least, not one that we will want to use). + +This might save 0.009-0.012 seconds per upstream server, and when there +are as many as 48 upstream servers, it can save about 0.4-0.5 seconds of +time. This then allows dhcrelay to process more packets. + +Signed-off-by: Saikrishna Arcot + +diff --git a/common/socket.c b/common/socket.c +index da9f501..e707a7f 100644 +--- a/common/socket.c ++++ b/common/socket.c +@@ -767,7 +767,10 @@ ssize_t send_packet (interface, packet, raw, len, from, to, hto) + memcpy(&dst, to, sizeof(dst)); + m.msg_name = &dst; + m.msg_namelen = sizeof(dst); +- ifindex = if_nametoindex(interface->name); ++ if (strcmp(interface->name, "fallback") != 0) ++ ifindex = if_nametoindex(interface->name); ++ else ++ ifindex = 0; + + /* + * Set the data buffer we're sending. (Using this wacky +-- +2.34.1 + diff --git a/src/isc-dhcp/patch/series b/src/isc-dhcp/patch/series index b9efee0192..b11c21f79c 100644 --- a/src/isc-dhcp/patch/series +++ b/src/isc-dhcp/patch/series @@ -12,3 +12,4 @@ 0011-dhcp-relay-Prevent-Buffer-Overrun.patch 0012-add-option-si-to-support-using-src-intf-ip-in-relay.patch 0013-Fix-dhcrelay-agent-option-buffer-pointer-logic.patch +0016-Don-t-look-up-the-ifindex-for-fallback.patch From 208c1705f5d2218994d8e5b37c6872f6e591ff73 Mon Sep 17 00:00:00 2001 From: mssonicbld <79238446+mssonicbld@users.noreply.github.com> Date: Sat, 20 Jan 2024 04:32:37 +0800 Subject: [PATCH 7/7] [submodule] Update submodule sonic-snmpagent to the latest HEAD automatically (#17859) #### Why I did it src/sonic-snmpagent ``` * 2efaf2e - (HEAD -> 202305, origin/202305) Revert "[action] [PR:303] Fix SNMP dropping some of the queue counter when create_only_config_db_buffers is set to true (#303)" (#308) (4 minutes ago) [StormLiangMS] ``` #### How I did it #### How to verify it #### Description for the changelog --- src/sonic-snmpagent | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/src/sonic-snmpagent b/src/sonic-snmpagent index b0a4bcc750..2efaf2e952 160000 --- a/src/sonic-snmpagent +++ b/src/sonic-snmpagent @@ -1 +1 @@ -Subproject commit b0a4bcc750abed449f08cfe0b8759e4f58f22816 +Subproject commit 2efaf2e9529c11155e80e637213066b82223cc70