sonic-net · jasper-hou-micas · Oct 23, 2025 · Oct 23, 2025 · Oct 24, 2025 · Oct 27, 2025
@@ -163,3 +163,6 @@
 [submodule "src/supervisor"]
 	path = src/supervisor
 	url = https://github.com/Supervisor/supervisor
+[submodule "src/sonic-l2mcd"]
+	path = src/sonic-l2mcd
+	url = https://github.com/sonic-net/sonic-l2mcd
@@ -0,0 +1,45 @@
+{% from "dockers/dockerfile-macros.j2" import install_debian_packages, copy_files %}
+
+ARG BASE=docker-config-engine-bookworm-{{DOCKER_USERNAME}}:{{DOCKER_USERTAG}}
+
+FROM $BASE AS base
+
+ARG docker_container_name
+ARG image_version
+
+ENV DEBIAN_FRONTEND=noninteractive
+ENV IMAGE_VERSION=$image_version
+
+RUN [ -f /etc/rsyslog.conf ] && sed -ri "s/%syslogtag%/$docker_container_name#%syslogtag%/;" /etc/rsyslog.conf
+
+RUN apt-get update && apt-get install -f -y \
+    libdbus-1-3 \
+    libdaemon0 \
+    libjansson4 \
+    libpython3.11 \
+    libjemalloc2 \
+    libevent-dev
+
+{% if docker_l2mcd_debs.strip() -%}
+
+{{ copy_files("debs/", docker_l2mcd_debs.split(' '), "/debs/") }}
+
+{{ install_debian_packages(docker_l2mcd_debs.split(' ')) }}
+{%- endif %}
+
+RUN apt-get clean -y && \
+    apt-get autoclean -y && \
+    apt-get autoremove -y && \
+    rm -rf /debs
+
+COPY ["start.sh", "/usr/bin/"]
+COPY ["supervisord.conf", "/etc/supervisor/conf.d/"]
+COPY ["critical_processes", "/etc/supervisor/"]
+RUN chmod +x /usr/bin/start.sh
+
+FROM $BASE
+
+RUN --mount=type=bind,from=base,target=/changes-to-image rsync -axAX --no-D --exclude=/sys --exclude=/proc --exclude=/dev --exclude=resolv.conf /changes-to-image/ /
+
+
+ENTRYPOINT ["/usr/local/bin/supervisord"]
@@ -0,0 +1,2 @@
+program:l2mcd
+program:l2mcmgrd
@@ -0,0 +1,5 @@
+#!/usr/bin/env bash
+
+rm -f /var/run/rsyslogd.pid
+rm -f /var/run/l2mcd/*
+rm -f /var/run/l2mcmgrd/*
@@ -0,0 +1,66 @@
+[supervisord]
+logfile_maxbytes=1MB
+logfile_backups=2
+nodaemon=true
+
+[eventlistener:dependent-startup]
+command=python3 -m supervisord_dependent_startup
+autostart=true
+autorestart=unexpected
+startretries=0
+exitcodes=0,3
+events=PROCESS_STATE
+buffer_size=1024
+
+[eventlistener:supervisor-proc-exit-listener]
+command=/usr/local/bin/supervisor-proc-exit-listener --container-name l2mcd
+events=PROCESS_STATE_EXITED,PROCESS_STATE_RUNNING
+autostart=true
+autorestart=unexpected
+buffer_size=1024
+
+[program:rsyslogd]
+command=/usr/sbin/rsyslogd -n -iNONE
+priority=2
+autostart=false
+autorestart=false
+stdout_logfile=NONE
+stdout_syslog=true
+stderr_logfile=NONE
+stderr_syslog=true
+dependent_startup=true
+
+[program:start.sh]
+command=/usr/bin/start.sh
+priority=1
+autostart=true
+autorestart=false
+stdout_logfile=NONE
+stdout_syslog=true
+stderr_logfile=NONE
+stderr_syslog=true
+dependent_startup=true
+
+[program:l2mcd]
+command=/usr/bin/l2mcd -n 1
+priority=3
+autostart=false
+autorestart=false
+stdout_logfile=NONE
+stdout_syslog=true
+stderr_logfile=NONE
+stderr_syslog=true
+dependent_startup=true
+dependent_startup_wait_for=rsyslogd:running
+
+[program:l2mcmgrd]
+command=/usr/bin/l2mcmgrd
+priority=3
+autostart=false
+autorestart=false
+stdout_logfile=NONE
+stdout_syslog=true
+stderr_logfile=NONE
+stderr_syslog=true
+dependent_startup=true
+dependent_startup_wait_for=rsyslogd:running
@@ -1,5 +1,5 @@
 {
-    "certs": {% if "certs" in GNMI.keys() %}{{ GNMI["certs"] }}{% else %}""{% endif %},
-    "gnmi" : {% if "gnmi" in GNMI.keys() %}{{ GNMI["gnmi"] }}{% else %}""{% endif %},
-    "x509" : {% if "x509" in DEVICE_METADATA.keys() %}{{ DEVICE_METADATA["x509"] }}{% else %}""{% endif %}
+    "certs": {% if GNMI is defined and "certs" in GNMI.keys() %}{{ GNMI["certs"] }}{% else %}""{% endif %},
+    "gnmi" : {% if GNMI is defined and "gnmi" in GNMI.keys() %}{{ GNMI["gnmi"] }}{% else %}""{% endif %},
+    "x509" : {% if DEVICE_METADATA is defined and "x509" in DEVICE_METADATA.keys() %}{{ DEVICE_METADATA["x509"] }}{% else %}""{% endif %}
 }
@@ -21,6 +21,12 @@
 {% endfor %}
         }
     },
+    "MGMT_PORT": {
+        "eth0": {
+            "alias": "eth0",
+            "admin_status": "up"
+        }
+    },
     "FLEX_COUNTER_TABLE": {
         "ACL": {
             "FLEX_COUNTER_STATUS": "enable",
@@ -74,6 +80,7 @@
 {%- if include_dhcp_server == "y" %}{% do features.append(("dhcp_server", "disabled", false, "enabled")) %}{% endif %}
 {%- if sonic_asic_platform == "vs" %}{% do features.append(("gbsyncd", "enabled", false, "enabled")) %}{% endif %}
 {%- if include_iccpd == "y" %}{% do features.append(("iccpd", "disabled", false, "enabled")) %}{% endif %}
+{%- if include_l2mcd == "y" %}{% do features.append(("l2mcd", "disabled", false, "enabled")) %}{% endif %}
 {%- if include_mgmt_framework == "y" %}{% do features.append(("mgmt-framework", "enabled", true, "enabled")) %}{% endif %}
 {%- if include_mux == "y" %}{% do features.append(("mux", "{% if 'subtype' in DEVICE_METADATA['localhost'] and DEVICE_METADATA['localhost']['subtype'] == 'DualToR' %}enabled{% else %}always_disabled{% endif %}", false, "enabled")) %}{% endif %}
 {%- if include_nat == "y" %}{% do features.append(("nat", "disabled", false, "enabled")) %}{% endif %}

@@ -0,0 +1,21 @@
+[Unit]
+Description=L2MCD container
+Requires=swss{% if multi_instance == 'true' %}@%i{% endif %}.service
+After=swss{% if multi_instance == 'true' %}@%i{% endif %}.service
+After=syncd{% if multi_instance == 'true' %}@%i{% endif %}.service
+Requires=config-setup.service
+After=config-setup.service
+BindsTo=sonic.target
+After=sonic.target
+Before=ntp-config.service
+BindsTo=sonic.target
+After=sonic.target
+
+[Service]
+User={{ sonicadmin_user }}
+ExecStartPre=/usr/bin/{{docker_container_name}}.sh start{% if multi_instance == 'true' %} %i{% endif %}
+ExecStart=/usr/bin/{{docker_container_name}}.sh wait{% if multi_instance == 'true' %} %i{% endif %}
+ExecStop=/usr/bin/{{docker_container_name}}.sh stop{% if multi_instance == 'true' %} %i{% endif %}
+
+[Install]
+WantedBy=sonic.target
@@ -85,7 +85,18 @@
 		    "trap_action": "trap",
 		    "trap_priority": "1"
 
-	    }
+	    },
+        "l2mcd_group": {
+            "cir":"600",
+            "cbs":"600",
+            "meter_type":"packets",
+            "mode":"sr_tcm",
+            "red_action":"drop",
+            "trap_action":"trap",
+            "trap_priority":"3",
+            "queue": "3",
+            "yellow_action":"drop"
+		}
     },
     "COPP_TRAP": {
 	    "bgp": {
@@ -136,6 +147,10 @@
 		    "trap_ids": "neighbor_miss",
 		    "trap_group": "queue1_group3",
 		    "always_enabled": "true"
+	    },
+		"l2mcd": {
+            "trap_ids": "igmp_v1_report,igmp_query,igmp_leave,igmp_v2_report,igmp_v3_report,mld_v1_v2,mld_v1_report,mld_v1_done,mld_v2_report",
+            "trap_group": "l2mcd_group"
 	    }
     }
 }
@@ -29,6 +29,7 @@
 /var/log/auth.log
 /var/log/cron.log
 /var/log/teamd.log
+/var/log/l2mcd.log
 /var/log/telemetry.log
 /var/log/stpd.log
 /var/log/gnmi.log

@@ -35,6 +35,12 @@ if $programname contains "teamd_" then {
     stop
 }
 
+
+if $programname contains "l2mc" then {
+    /var/log/l2mcd.log
+    stop
+}
+
 ## gnmi rules
 if $msg startswith " gnmi-native" then {
     /var/log/gnmi.log

@@ -125,6 +125,9 @@ INCLUDE_SYSTEM_TELEMETRY = n
 # INCLUDE_ICCPD - build docker-iccpd for mclag support
 INCLUDE_ICCPD = n
 
+# INCLUDE_L2MCD - build docker-l2mcd for IGMP Snooping
+INCLUDE_L2MCD = y
+
 # INCLUDE_SFLOW - build docker-sflow for sFlow support
 INCLUDE_SFLOW = y
 
@@ -158,7 +161,7 @@ ENABLE_AUTO_TECH_SUPPORT = y
 
 # ENABLE_TRANSLIB_WRITE - Enable translib write/config operations via the gNMI interface.
 # Uncomment to enable:
-# ENABLE_TRANSLIB_WRITE = y
+ENABLE_TRANSLIB_WRITE = y
 
 # ENABLE_NATIVE_WRITE - Enable native write/config operations via the gNMI interface.
 ENABLE_NATIVE_WRITE = y

@@ -0,0 +1,11 @@
+
+DPATH       := $($(DOCKER_L2MCD)_PATH)
+DEP_FILES   := $(SONIC_COMMON_FILES_LIST) rules/docker-l2mcd.mk rules/docker-l2mcd.dep
+DEP_FILES   += $(SONIC_COMMON_BASE_FILES_LIST)
+DEP_FILES   += $(shell git ls-files $(DPATH))
+
+$(DOCKER_L2MCD)_CACHE_MODE  := GIT_COMMIT_SHA
+$(DOCKER_L2MCD)_DEP_FLAGS   := $(SONIC_COMMON_FLAGS_LIST)
+$(DOCKER_L2MCD)_DEP_FILES   := $(DEP_FILES)
+
+$(eval $(call add_dbg_docker,$(DOCKER_L2MCD),$(DOCKER_L2MCD_DBG)))
@@ -0,0 +1,30 @@
+# Docker image for L2MCD
+DOCKER_L2MCD_STEM = docker-l2mcd
+DOCKER_L2MCD = $(DOCKER_L2MCD_STEM).gz
+DOCKER_L2MCD_DBG = $(DOCKER_L2MCD_STEM)-$(DBG_IMAGE_MARK).gz
+
+$(DOCKER_L2MCD)_PATH = $(DOCKERS_PATH)/docker-l2mcd
+
+$(DOCKER_L2MCD)_DEPENDS += $(LIBEVENT) $(L2MCD) $(SWSS) $(LIBSWSSCOMMON)
+$(DOCKER_L2MCD)_DBG_DEPENDS = $($(DOCKER_CONFIG_ENGINE_BOOKWORM)_DBG_DEPENDS)
+$(DOCKER_L2MCD)_DBG_DEPENDS += $(SWSS_DBG) $(LIBSWSSCOMMON_DBG)
+$(DOCKER_L2MCD)_DBG_IMAGE_PACKAGES = $($(DOCKER_CONFIG_ENGINE_BOOKWORM)_DBG_IMAGE_PACKAGES)
+
+$(DOCKER_L2MCD)_LOAD_DOCKERS += $(DOCKER_CONFIG_ENGINE_BOOKWORM)
+
+ifeq ($(INCLUDE_L2MCD), y)
+SONIC_DOCKER_IMAGES += $(DOCKER_L2MCD)
+SONIC_INSTALL_DOCKER_IMAGES += $(DOCKER_L2MCD)
+SONIC_DOCKER_DBG_IMAGES += $(DOCKER_L2MCD_DBG)
+SONIC_INSTALL_DOCKER_DBG_IMAGES += $(DOCKER_L2MCD_DBG)
+endif
+
+$(DOCKER_L2MCD)_VERSION = 1.0.0
+$(DOCKER_L2MCD)_PACKAGE_NAME = l2mcd
+$(DOCKER_L2MCD)_CONTAINER_NAME = l2mcd
+$(DOCKER_L2MCD)_RUN_OPT += -t --cap-add=NET_ADMIN --cap-add=SYS_ADMIN
+$(DOCKER_L2MCD)_RUN_OPT += -v /etc/sonic:/etc/sonic:ro
+$(DOCKER_L2MCD)_RUN_OPT += -v /host/warmboot:/var/warmboot
+
+SONIC_BOOKWORM_DOCKERS += $(DOCKER_L2MCD)
+SONIC_BOOKWORM_DBG_DOCKERS += $(DOCKER_L2MCD_DBG)
@@ -0,0 +1,14 @@
+
+SPATH       := $($(L2MCD)_SRC_PATH)
+DEP_FILES   := $(SONIC_COMMON_FILES_LIST) rules/l2mcd.mk rules/l2mcd.dep
+DEP_FILES   += $(SONIC_COMMON_BASE_FILES_LIST)
+DEP_FILES   += $(shell git ls-files $(SPATH))
+
+SMDEP_SPATH   := $(SPATH)/sonic-l2mcd
+SMDEP_FILES := $(addprefix $(SMDEP_SPATH)/,$(shell cd $(SMDEP_SPATH) && git ls-files))
+$(L2MCD)_SMDEP_FILES := $(SMDEP_FILES)
+$(L2MCD)_SMDEP_PATHS := $(SMDEP_SPATH)
+
+$(L2MCD)_CACHE_MODE  := GIT_CONTENT_SHA
+$(L2MCD)_DEP_FLAGS   := $(SONIC_COMMON_FLAGS_LIST)
+$(L2MCD)_DEP_FILES   := $(DEP_FILES)
@@ -0,0 +1,18 @@
+# L2MCD package
+#
+L2MCD_VERSION = 1.0.0
+export L2MCD_VERSION
+
+L2MCD = l2mcd_$(L2MCD_VERSION)_$(CONFIGURED_ARCH).deb
+$(L2MCD)_SRC_PATH = $(SRC_PATH)/sonic-l2mcd
+$(L2MCD)_DEPENDS += $(LIBSWSSCOMMON_DEV)
+$(L2MCD)_RDEPENDS += $(LIBSWSSCOMMON)
+$(L2MCD)_DEPENDS += $(LIBEVENT)
+SONIC_DPKG_DEBS += $(L2MCD)
+
+# L2MCD_DBG = l2mcd-dbg_1.0.0_$(CONFIGURED_ARCH).deb
+# $(L2MCD_DBG)_DEPENDS += $(L2MCD)
+# $(L2MCD_DBG)_RDEPENDS += $(L2MCD)
+$(eval $(call add_derived_package,$(L2MCD)))
+
+export L2MCD
@@ -450,6 +450,7 @@ $(info "BLDENV"                          : "$(BLDENV)")
 $(info "VS_PREPARE_MEM"                  : "$(VS_PREPARE_MEM)")
 $(info "INCLUDE_MGMT_FRAMEWORK"          : "$(INCLUDE_MGMT_FRAMEWORK)")
 $(info "INCLUDE_ICCPD"                   : "$(INCLUDE_ICCPD)")
+$(info "INCLUDE_L2MCD"                   : "$(INCLUDE_L2MCD)")
 $(info "INCLUDE_STP"                     : "$(INCLUDE_STP)")
 $(info "INCLUDE_SYSTEM_TELEMETRY"        : "$(INCLUDE_SYSTEM_TELEMETRY)")
 $(info "INCLUDE_SYSTEM_GNMI"             : "$(INCLUDE_SYSTEM_GNMI)")
@@ -1483,6 +1484,7 @@ $(addprefix $(TARGET_PATH)/, $(SONIC_INSTALLERS)) : $(TARGET_PATH)/% : \
 	export include_dhcp_server="$(INCLUDE_DHCP_SERVER)"
 	export include_mgmt_framework="$(INCLUDE_MGMT_FRAMEWORK)"
 	export include_iccpd="$(INCLUDE_ICCPD)"
+	export include_l2mcd="$(INCLUDE_L2MCD)"
 	export include_dash_ha="$(INCLUDE_DASH_HA)"
 	export include_stp="$(INCLUDE_STP)"
 	export pddf_support="$(PDDF_SUPPORT)"

@@ -183,6 +183,8 @@ def print_yang_files_validation_report(yang_files_list):
     'sonic-smart-switch.yang',
     'sonic-snmp.yang',
     'sonic-spanning-tree.yang',
+    'sonic-igmp-snooping.yang',
+    'sonic-mld-snooping.yang',
     'sonic-srv6.yang',
     'sonic-ssh-server.yang',
     'sonic-static-route.yang',

@@ -3158,6 +3158,28 @@
                 ]
             }
         },
+        "L2MC": {
+            "Vlan100": {
+                "enabled": "true",
+                "fast-leave": "false",
+                "last-member-query-interval": "1000",
+                "querier": "false",
+                "query-interval": "125",
+                "query-max-response-time": "10",
+                "version": "2"
+            }
+        },
+        "MLD_L2MC": {
+            "Vlan100": {
+                "enabled": "true",
+                "fast-leave": "false",
+                "last-member-query-interval": "1000",
+                "querier": "false",
+                "query-interval": "125",
+                "query-max-response-time": "10",
+                "version": "2"
+            }
+        },
         "STORMOND_CONFIG": {
             "INTERVALS": {
                 "daemon_polling_interval" : "3600",