-
Notifications
You must be signed in to change notification settings - Fork 1.3k
In-band management via mgmt VRF #638
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Merged
prsunny
merged 10 commits into
sonic-net:master
from
venkatmahalingam:in-band-mgmt_mgmt-vrf
Mar 30, 2021
Merged
Changes from 8 commits
Commits
Show all changes
10 commits
Select commit
Hold shift + click to select a range
48e9012
FRR BGP NBI support
venkatmahalingam dec4b47
Addressed the review comments.
venkatmahalingam a3c59e1
Added the new fields in config-DB.
venkatmahalingam a53ac61
Merge remote-tracking branch 'upstream/master' into in-band-mgmt_mgmt…
venkatmahalingam adccd7a
In-band management via management VRF support.
venkatmahalingam 8bf046f
Added flow diagram files
venkatmahalingam 4862d79
Fixed the image link.
venkatmahalingam 3a51724
Flow diagram link
venkatmahalingam 144321a
Removed table_id as per comment.
venkatmahalingam 7781c09
Updated VRF_OBJECT table flow.
venkatmahalingam File filter
Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
There are no files selected for viewing
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,57 @@ | ||
|
|
||
| # Introduction | ||
|
|
||
| The scope of this document is to provide the requirements and a high-level design proposal for in-band management via mgmt VRF. | ||
|
|
||
| # Requirements | ||
|
|
||
| The following are the high level requirements for the in-band management via mgmt VRF. | ||
|
|
||
| 1. Bind/Unbind L3 interface (e.g Phy/Port-channel/VLAN..etc) into mgmt VRF | ||
| 2. Create/Delete mgmt VRF in HW to trap in-band management traffic to CPU | ||
| 3. Add/Delete IP configured on the L3 interface into HW for ip2Me action even if the L3 interface is part of mgmt VRF. | ||
|
|
||
| # Design Proposal | ||
|
|
||
| The design is intended to have a generic approach for in-band management via mgmt VRF feature. A user can set an attribute "in_band_mgmt_enabled" to the config_db for MGMT_VRF_CONFIG table entry. The default value if not specified would be "false" | ||
|
|
||
| The schema change for in-band management is as below: | ||
|
|
||
| ``` | ||
| MGMT_VRF_CONFIG|vrf_global | ||
| "mgmtVrfEnabled" : "true" | ||
| "in_band_mgmt_enabled": "true" | ||
|
|
||
| ``` | ||
| ``` | ||
| ; Defines management VRF table schema | ||
|
|
||
| key = MGMT_VRF_CONFIG|vrf_global ; Same as existing | ||
| ; field | ||
| mgmtVrfEnabled = "true"/"false" ; Same as existing | ||
| in_band_mgmt_enabled = "true" / "false" ; Default "false" (Optional attribute), this field is active only when mgmtVrfEnabled is set to true. | ||
|
|
||
| ``` | ||
| ``` | ||
| key = VLAN_INTERFACE|{{intf_name}} ; Any L3 interface table entry e.g INTERFACE, PORTCHANNEL_INTERFACE..etc. | ||
| ; field | ||
| "vrf_name" = "mgmt" ; Existing field but accepts mgmt VRF name | ||
|
|
||
| ``` | ||
| # Flows | ||
|
|
||
| The following diagrams capture the kernel and SAI configuration flows. | ||
|
|
||
| ## Mgmt VRF configuration flow | ||
|
|
||
|  | ||
|
|
||
| ## L3 inteface to mgmt VRF bind flow | ||
|
|
||
|  | ||
venkatmahalingam marked this conversation as resolved.
Show resolved
Hide resolved
|
||
|
|
||
| # Additional Notes | ||
| 1. The user has to decide whether eth0 and L3 interface (e.g mgmt VLAN) can co-exist in the mgmt VRF, if yes, the corresponding configurations have to be taken care. | ||
| 2. The user has to take care of configuring ACL to provide higher priority to mgmt traffic trapped from mgmt VRF, to avoid any potential drop in the NPU because of the data traffic. | ||
| 3. User has to decide whether to use same data port for data & mgmt traffic or only for mgmt traffic based on the use-case. | ||
| 4. The user has to make sure STP configurations are done such a way no impact to mgmt traffic via mgmt VLAN. | ||
Loading
Sorry, something went wrong. Reload?
Sorry, we cannot display this file.
Sorry, this file is invalid so it cannot be displayed.
Loading
Sorry, something went wrong. Reload?
Sorry, we cannot display this file.
Sorry, this file is invalid so it cannot be displayed.
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
Uh oh!
There was an error while loading. Please reload this page.