[Dual-ToR] add default value for ACL rule for mellanox platform (Standby ToR)#13547
Merged
liat-grozovik merged 1 commit intosonic-net:masterfrom Feb 22, 2023
Merged
Conversation
Signed-off-by: Andriy Yurkiv <[email protected]>
ayurkiv-nvda
changed the title
ayurkiv-nvda
changed the title
bingwang-ms
reviewed
Jan 30, 2023
| } | ||
| }, | ||
| "SYSTEM_DEFAULTS" : { | ||
| {%- if include_mux == "y" %} |
Contributor
There was a problem hiding this comment.
Is it better to generate the SYSTEM_DEFAULTS table only when sonic_asic_platform == "mellanox", and include_mux == "y"? In this way, there will be no change for other platforms.
Contributor
Author
There was a problem hiding this comment.
Thank you for your remark.
I thought about it previously. But I decided that it may look confusing that SYSTEM_DEFAULT table (that is generic table) is under "mellanox" and "mux" condition.
What do you think about it?
Contributor
There was a problem hiding this comment.
Make sense. Please also consider when we are upgrading from previous version, the mux_tunnel_egress_acl is absent. Our code should be handle that exception.
Collaborator
|
@bingwang-ms can you please review and approve? |
bingwang-ms
approved these changes
Feb 22, 2023
liat-grozovik
approved these changes
Feb 22, 2023
Collaborator
|
@ayurkiv-nvda please clarify to which branch the fix should be taken? |
Contributor
Author
It should be merged to 202205 also |
ayurkiv-nvda
added
Request for 202205 Branch
Request for 202211 Branch
and removed
Request for 202205 Branch
labels
mssonicbld
pushed a commit
to mssonicbld/sonic-buildimage
that referenced
this pull request
Mar 7, 2023
…c-net#13547) - Why I did it Need to add the possibility to choose between dropping packets (using ACL) on ingress or egress in Dual ToR scenario - How I did it Add new attribute "mux_tunnel_ingress_acl" to SYSTEM_DEFAULTS table - How to verify it check that new attribute exists in redis: admin@sonic:~$ redis-cli -n 4 127.0.0.1:6379[4]> HGETALL SYSTEM_DEFAULTS|mux_tunnel_ingress_acl 1."state" 2."false" Signed-off-by: Andriy Yurkiv <[email protected]>
Collaborator
|
Cherry-pick PR to 202211: #14139 |
mssonicbld
pushed a commit
that referenced
this pull request
Mar 10, 2023
- Why I did it Need to add the possibility to choose between dropping packets (using ACL) on ingress or egress in Dual ToR scenario - How I did it Add new attribute "mux_tunnel_ingress_acl" to SYSTEM_DEFAULTS table - How to verify it check that new attribute exists in redis: admin@sonic:~$ redis-cli -n 4 127.0.0.1:6379[4]> HGETALL SYSTEM_DEFAULTS|mux_tunnel_ingress_acl 1."state" 2."false" Signed-off-by: Andriy Yurkiv <[email protected]>
mssonicbld
added
Included in 202211 Branch
and removed
Approved for 202211 Branch
Created PR to 202211 Branch
labels
StormLiangMS
pushed a commit
to StormLiangMS/sonic-buildimage
that referenced
this pull request
Mar 28, 2023
Related work items: sonic-net#276, sonic-net#305, sonic-net#332, sonic-net#338, sonic-net#339, sonic-net#1188, sonic-net#1192, sonic-net#1197, sonic-net#1206, sonic-net#1685, sonic-net#1690, sonic-net#1696, sonic-net#1699, sonic-net#1709, sonic-net#1727, sonic-net#1737, sonic-net#1741, sonic-net#1742, sonic-net#2511, sonic-net#2512, sonic-net#2532, sonic-net#2559, sonic-net#2626, sonic-net#2638, sonic-net#2645, sonic-net#2649, sonic-net#2660, sonic-net#2669, sonic-net#2670, sonic-net#2678, sonic-net#10084, sonic-net#11442, sonic-net#11873, sonic-net#12047, sonic-net#12110, sonic-net#12207, sonic-net#12529, sonic-net#12678, sonic-net#13235, sonic-net#13287, sonic-net#13372, sonic-net#13395, sonic-net#13456, sonic-net#13497, sonic-net#13522, sonic-net#13545, sonic-net#13547, sonic-net#13552, sonic-net#13569, sonic-net#13572, sonic-net#13578, sonic-net#13591, sonic-net#13611, sonic-net#13647, sonic-net#13649, sonic-net#13660, sonic-net#13710, sonic-net#13716, sonic-net#13724, sonic-net#13726, sonic-net#13732, sonic-net#13735, sonic-net#13739, sonic-net#13757, sonic-net#13786, sonic-net#13792, sonic-net#13800, sonic-net#13801, sonic-net#13802, sonic-net#13805, sonic-net#13806, sonic-net#13812, sonic-net#13814, sonic-net#13822, sonic-net#13831, sonic-net#13834, sonic-net#13847, sonic-net#13870, sonic-net#13882, sonic-net#13884, sonic-net#13885, sonic-net#13894, sonic-net#13895, sonic-net#13926, sonic-net#13932, sonic-net#13935, sonic-net#13942, sonic-net#13951, sonic-net#13953, sonic-net#13964
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
5 participants
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Why I did it
Need to add the possibility to choose between dropping packets (using ACL) on ingress or egress in Dual ToR scenario
How I did it
Add new attribute "mux_tunnel_ingress_acl" to SYSTEM_DEFAULTS table
How to verify it
check that new attribute exists in redis:
admin@sonic:~$ redis-cli -n 4
127.0.0.1:6379[4]> HGETALL SYSTEM_DEFAULTS|mux_tunnel_ingress_acl
1."state"
2."false"
Which release branch to backport (provide reason below if selected)
Description for the changelog
Ensure to add label/tag for the feature raised. example - PR#2174 under sonic-utilities repo. where, Generic Config and Update feature has been labelled as GCU.
Link to config_db schema for YANG module changes
A picture of a cute animal (not mandatory but encouraged)