Support for in-band-mgmt via management VRF (sonic-net#1726)

venkatmahalingam · web-flow · commit 16d579814ade · 2021-06-23T20:23:15.000-07:00
* Support for in-band-mgmt via management VRF.

Signed-off-by: Venkatesan Mahalingam &lt;venkatesan_mahalinga@dell.com&gt;
diff --git a/cfgmgr/intfmgr.cpp b/cfgmgr/intfmgr.cpp
@@ -19,6 +19,7 @@ using namespace swss;
 #define VNET_PREFIX         "Vnet"
 #define MTU_INHERITANCE     "0"
 #define VRF_PREFIX          "Vrf"
+#define VRF_MGMT            "mgmt"
 
 #define LOOPBACK_DEFAULT_MTU_STR "65536"
 
@@ -399,7 +400,8 @@ bool IntfMgr::isIntfStateOk(const string &alias)
             return true;
         }
     }
-    else if (!alias.compare(0, strlen(VRF_PREFIX), VRF_PREFIX))
+    else if ((!alias.compare(0, strlen(VRF_PREFIX), VRF_PREFIX)) ||
+            (alias == VRF_MGMT))
     {
         if (m_stateVrfTable.get(alias, temp))
         {
diff --git a/cfgmgr/vrfmgr.cpp b/cfgmgr/vrfmgr.cpp
@@ -12,6 +12,8 @@
 #define VRF_TABLE_START 1001
 #define VRF_TABLE_END 2000
 #define TABLE_LOCAL_PREF 1001 // after l3mdev-table
+#define MGMT_VRF_TABLE_ID 5000
+#define MGMT_VRF          "mgmt"
 
 using namespace swss;
 
@@ -143,6 +145,13 @@ bool VrfMgr::delLink(const string& vrfName)
         return false;
     }
 
+    if (vrfName == MGMT_VRF)
+    {
+        recycleTable(m_vrfTableMap[vrfName]);
+        m_vrfTableMap.erase(vrfName);
+        return true;
+    }
+
     cmd << IP_CMD << " link del " << shellquote(vrfName);
     EXEC_WITH_ERROR_THROW(cmd.str(), res);
 
@@ -163,6 +172,15 @@ bool VrfMgr::setLink(const string& vrfName)
     {
         return true;
     }
+    
+    if (vrfName == MGMT_VRF)
+    {
+        // Mgmt VRF is initialised as part of hostcfgd, 
+        // just return the reserved table_id for mgmt VRF from here.
+        uint32_t table_id = MGMT_VRF_TABLE_ID;
+        m_vrfTableMap.emplace(vrfName, table_id);
+        return true;
+    }
 
     uint32_t table = getFreeTable();
     if (table == 0)
@@ -207,6 +225,51 @@ void VrfMgr::doTask(Consumer &consumer)
         auto vrfName = kfvKey(t);
 
         string op = kfvOp(t);
+        // Mgmt VRF table event handling for in-band management
+        if (consumer.getTableName() == CFG_MGMT_VRF_CONFIG_TABLE_NAME)
+        {
+            SWSS_LOG_DEBUG("Event for mgmt VRF op %s", op.c_str());
+            if (op == SET_COMMAND) 
+            {
+                bool in_band_mgmt_enabled = false;
+                bool mgmt_vrf_enabled = false;
+                for (auto i : kfvFieldsValues(t))
+                {
+                    if (fvField(i) == "mgmtVrfEnabled")
+                    {
+                        if (fvValue(i) == "true")
+                        {
+                            mgmt_vrf_enabled = true;
+                        }
+                        SWSS_LOG_DEBUG("Event for mgmt VRF table mgmt_vrf_enabled is set val:%s", fvValue(i).c_str());
+                    }
+                    else if (fvField(i) == "in_band_mgmt_enabled")
+                    {
+                        if (fvValue(i) == "true")
+                        {
+                            in_band_mgmt_enabled = true;
+                        }
+                        SWSS_LOG_DEBUG("Event for mgmt VRF table in_band_mgmt_enabled is set val:%s", fvValue(i).c_str());
+                    }
+                }
+                // If mgmt VRF is not enabled or in-band-mgmt is not enabled delete the in-band-mgmt 
+                // related VRF table map information
+                if ((op == SET_COMMAND) && ((mgmt_vrf_enabled == false) || (in_band_mgmt_enabled == false)))
+                {
+                    op = DEL_COMMAND;
+                }
+            }
+            vrfName = MGMT_VRF;
+            if (((op == DEL_COMMAND) && (m_vrfTableMap.find(vrfName) == m_vrfTableMap.end())) ||
+                    ((op == SET_COMMAND) && (m_vrfTableMap.find(vrfName) != m_vrfTableMap.end())))
+            {
+                // If the mgmt VRF is not populated already, return
+                it = consumer.m_toSync.erase(it);
+                continue;
+            }
+            SWSS_LOG_DEBUG("Event for mgmt VRF op %s", op.c_str());
+        }
+        SWSS_LOG_DEBUG("Event for table %s vrf netdev %s id %s", consumer.getTableName().c_str(), vrfName.c_str(), op.c_str());
         if (op == SET_COMMAND)
         {
             if (consumer.getTableName() == CFG_VXLAN_EVPN_NVO_TABLE_NAME)
@@ -226,7 +289,8 @@ void VrfMgr::doTask(Consumer &consumer)
                 m_stateVrfTable.set(vrfName, fvVector);
 
                 SWSS_LOG_NOTICE("Created vrf netdev %s", vrfName.c_str());
-                if (consumer.getTableName() == CFG_VRF_TABLE_NAME)
+                if ((consumer.getTableName() == CFG_VRF_TABLE_NAME) ||
+                    (consumer.getTableName() == CFG_MGMT_VRF_CONFIG_TABLE_NAME))
                 {
                     status  = doVrfVxlanTableCreateTask (t);
                     if (status == false)
@@ -256,7 +320,8 @@ void VrfMgr::doTask(Consumer &consumer)
             {
                 doVrfEvpnNvoDelTask (t);
             }
-            else if (consumer.getTableName() == CFG_VRF_TABLE_NAME)
+            else if ((consumer.getTableName() == CFG_VRF_TABLE_NAME) ||
+                     (consumer.getTableName() == CFG_MGMT_VRF_CONFIG_TABLE_NAME))
             {
                 vector<FieldValueTuple> temp;
 
diff --git a/cfgmgr/vrfmgrd.cpp b/cfgmgr/vrfmgrd.cpp
@@ -46,6 +46,7 @@ int main(int argc, char **argv)
             CFG_VRF_TABLE_NAME,
             CFG_VNET_TABLE_NAME,
             CFG_VXLAN_EVPN_NVO_TABLE_NAME,
+            CFG_MGMT_VRF_CONFIG_TABLE_NAME
         };
 
         DBConnector cfgDb("CONFIG_DB", 0);
diff --git a/fpmsyncd/routesync.cpp b/fpmsyncd/routesync.cpp
@@ -19,6 +19,7 @@ using namespace swss;
 #define VXLAN_IF_NAME_PREFIX    "Brvxlan"
 #define VNET_PREFIX             "Vnet"
 #define VRF_PREFIX              "Vrf"
+#define MGMT_VRF_PREFIX         "mgmt"
 
 #ifndef ETH_ALEN
 #define ETH_ALEN 6
@@ -625,7 +626,17 @@ void RouteSync::onRouteMsg(int nlmsg_type, struct nl_object *obj, char *vrf)
          */
         if (memcmp(vrf, VRF_PREFIX, strlen(VRF_PREFIX)))
         {
-            SWSS_LOG_ERROR("Invalid VRF name %s (ifindex %u)", vrf, rtnl_route_get_table(route_obj));
+            if(memcmp(vrf, MGMT_VRF_PREFIX, strlen(MGMT_VRF_PREFIX)))
+            {
+                SWSS_LOG_ERROR("Invalid VRF name %s (ifindex %u)", vrf, rtnl_route_get_table(route_obj));
+            }
+            else
+            {
+                dip = rtnl_route_get_dst(route_obj);
+                nl_addr2str(dip, destipprefix, MAX_ADDR_SIZE);
+                SWSS_LOG_INFO("Skip routes for Mgmt VRF name %s (ifindex %u) prefix: %s", vrf,
+                        rtnl_route_get_table(route_obj), destipprefix);
+            }
             return;
         }
         memcpy(destipprefix, vrf, strlen(vrf));
diff --git a/orchagent/intfsorch.cpp b/orchagent/intfsorch.cpp
@@ -42,6 +42,7 @@ const int intfsorch_pri = 35;
 #define RIF_FLEX_STAT_COUNTER_POLL_MSECS "1000"
 #define UPDATE_MAPS_SEC 1
 
+#define MGMT_VRF            "mgmt"
 
 static const vector<sai_router_interface_stat_t> rifStatIds =
 {
@@ -159,6 +160,23 @@ string IntfsOrch::getRouterIntfsAlias(const IpAddress &ip, const string &vrf_nam
     return string();
 }
 
+bool IntfsOrch::isInbandIntfInMgmtVrf(const string& alias)
+{
+    if (m_syncdIntfses.find(alias) == m_syncdIntfses.end())
+    {
+        return false;
+    }
+
+    string vrf_name = "";
+    vrf_name = m_vrfOrch->getVRFname(m_syncdIntfses[alias].vrf_id);
+    if ((!vrf_name.empty()) && (vrf_name == MGMT_VRF))
+    {
+        return true;
+    }
+
+    return false;
+}
+
 void IntfsOrch::increaseRouterIntfsRefCount(const string &alias)
 {
     SWSS_LOG_ENTER();
diff --git a/orchagent/intfsorch.h b/orchagent/intfsorch.h
@@ -36,6 +36,7 @@ class IntfsOrch : public Orch
 
     sai_object_id_t getRouterIntfsId(const string&);
     bool isPrefixSubnet(const IpPrefix&, const string&);
+    bool isInbandIntfInMgmtVrf(const string& alias);
     string getRouterIntfsAlias(const IpAddress &ip, const string &vrf_name = "");
     string getRifRateFlexCounterTableKey(string key);
     void increaseRouterIntfsRefCount(const string&);
diff --git a/orchagent/neighorch.cpp b/orchagent/neighorch.cpp
@@ -551,7 +551,8 @@ void NeighOrch::doTask(Consumer &consumer)
 
         string alias = key.substr(0, found);
 
-        if (alias == "eth0" || alias == "lo" || alias == "docker0")
+        if (alias == "eth0" || alias == "lo" || alias == "docker0"
+            || ((op == SET_COMMAND) && m_intfsOrch->isInbandIntfInMgmtVrf(alias)))
         {
             it = consumer.m_toSync.erase(it);
             continue;
diff --git a/orchagent/vrforch.cpp b/orchagent/vrforch.cpp
@@ -68,6 +68,11 @@ bool VRFOrch::addOperation(const Request& request)
             vni = static_cast<uint32_t>(request.getAttrUint(name));
             continue;
         }
+        else if ((name == "mgmtVrfEnabled") || (name == "in_band_mgmt_enabled"))
+        {
+            SWSS_LOG_INFO("MGMT VRF field: %s ignored", name.c_str());
+            continue;
+        }
         else
         {
             SWSS_LOG_ERROR("Logic error: Unknown attribute: %s", name.c_str());
diff --git a/orchagent/vrforch.h b/orchagent/vrforch.h
@@ -32,7 +32,9 @@ const request_description_t request_description = {
         { "ip_opt_action", REQ_T_PACKET_ACTION },
         { "l3_mc_action",  REQ_T_PACKET_ACTION },
         { "fallback",      REQ_T_BOOL },
-        { "vni",           REQ_T_UINT }
+        { "vni",           REQ_T_UINT },
+        { "mgmtVrfEnabled",       REQ_T_BOOL },
+        { "in_band_mgmt_enabled", REQ_T_BOOL }
     },
     { } // no mandatory attributes
 };
diff --git a/tests/test_inband_intf_mgmt_vrf.py b/tests/test_inband_intf_mgmt_vrf.py

Original file line number	Diff line number	Diff line change
`@@ -19,6 +19,7 @@ using namespace swss;`
`19`	`19`	`#define VNET_PREFIX "Vnet"`
`20`	`20`	`#define MTU_INHERITANCE "0"`
`21`	`21`	`#define VRF_PREFIX "Vrf"`
	`22`	`+#define VRF_MGMT "mgmt"`
`22`	`23`
`23`	`24`	`#define LOOPBACK_DEFAULT_MTU_STR "65536"`
`24`	`25`
`@@ -399,7 +400,8 @@ bool IntfMgr::isIntfStateOk(const string &alias)`
`399`	`400`	`return true;`
`400`	`401`	`}`
`401`	`402`	`}`
`402`		`- else if (!alias.compare(0, strlen(VRF_PREFIX), VRF_PREFIX))`
	`403`	`+ else if ((!alias.compare(0, strlen(VRF_PREFIX), VRF_PREFIX)) \|\|`
	`404`	`+ (alias == VRF_MGMT))`
`403`	`405`	`{`
`404`	`406`	`if (m_stateVrfTable.get(alias, temp))`
`405`	`407`	`{`
Original file line number	Diff line number	Diff line change
`@@ -551,7 +551,8 @@ void NeighOrch::doTask(Consumer &consumer)`
`551`	`551`
`552`	`552`	`string alias = key.substr(0, found);`
`553`	`553`
`554`		`- if (alias == "eth0" \|\| alias == "lo" \|\| alias == "docker0")`
	`554`	`+ if (alias == "eth0" \|\| alias == "lo" \|\| alias == "docker0"`
	`555`	`+ \|\| ((op == SET_COMMAND) && m_intfsOrch->isInbandIntfInMgmtVrf(alias)))`
`555`	`556`	`{`
`556`	`557`	`it = consumer.m_toSync.erase(it);`
`557`	`558`	`continue;`
Original file line number	Diff line number	Diff line change
`@@ -68,6 +68,11 @@ bool VRFOrch::addOperation(const Request& request)`
`68`	`68`	`vni = static_cast<uint32_t>(request.getAttrUint(name));`
`69`	`69`	`continue;`
`70`	`70`	`}`
	`71`	`+ else if ((name == "mgmtVrfEnabled") \|\| (name == "in_band_mgmt_enabled"))`
	`72`	`+ {`
	`73`	`+ SWSS_LOG_INFO("MGMT VRF field: %s ignored", name.c_str());`
	`74`	`+ continue;`
	`75`	`+ }`
`71`	`76`	`else`
`72`	`77`	`{`
`73`	`78`	`SWSS_LOG_ERROR("Logic error: Unknown attribute: %s", name.c_str());`