[yang] support acl MIRROR_ACTION (#10100)

Why I did it
ACL doesn't have mirror related action

How I did it
Add 'MIRROR_INGRESS_ACTION' and 'MIRROR_EGRESS_ACTION' to sonic-acl.yang.j2

How to verify it
Run the YANG model unit tests
This commit is contained in:
jingwenxie 2022-03-06 22:04:18 -08:00 committed by GitHub
parent 2ef9d65525
commit eec49a2e09
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
4 changed files with 108 additions and 0 deletions

View File

@ -282,6 +282,11 @@
"SRC_IPV6": "::/0",
"PRIORITY": "990000",
"DST_IPV6": "::/0"
},
"EVERFLOW_DSCP|RULE_1": {
"MIRROR_INGRESS_ACTION": "erspan",
"DSCP": "10",
"PRIORITY": "9999"
}
},
"DEVICE_METADATA": {
@ -750,7 +755,17 @@
"Ethernet25",
"Ethernet24"
]
},
"EVERFLOW_DSCP": {
"type": "MIRROR_DSCP",
"policy_desc": "EVERFLOW_DSCP",
"ports": [
"Ethernet14",
"Ethernet24"
],
"stage": "ingress"
}
},
"PBH_HASH_FIELD": {
"inner_ip_proto": {

View File

@ -105,5 +105,12 @@
},
"ACL_PACKET_ACTION_VALIDATE_VALUE_ACCEPT": {
"desc": "Configure CTRLPLANE with proper action ACCEPT."
},
"ACL_RULE_WITH_INVALID_MIRROR_INGRESS_ACTION": {
"desc": "Configure ACL_RULE with invalid mirror action.",
"eStrKey" : "LeafRef"
},
"ACL_RULE_WITH_VALID_MIRROR_INGRESS_ACTION": {
"desc": "Configure ACL_RULE with valid mirror action."
}
}

View File

@ -820,5 +820,75 @@
]
}
}
},
"ACL_RULE_WITH_INVALID_MIRROR_INGRESS_ACTION": {
"sonic-acl:sonic-acl": {
"sonic-acl:ACL_RULE": {
"ACL_RULE_LIST": [
{
"ACL_TABLE_NAME": "EVERFLOW_DSCP",
"MIRROR_INGRESS_ACTION": "mirror_session_dscp",
"PRIORITY": 9999,
"RULE_NAME": "Rule_20",
"DSCP": "10"
}
]
},
"sonic-acl:ACL_TABLE": {
"ACL_TABLE_LIST": [
{
"ACL_TABLE_NAME": "EVERFLOW_DSCP",
"policy_desc": "EVERFLOW_DSCP",
"ports": [
""
],
"stage": "ingress",
"type": "MIRROR_DSCP"
}
]
}
}
},
"ACL_RULE_WITH_VALID_MIRROR_INGRESS_ACTION": {
"sonic-acl:sonic-acl": {
"sonic-acl:ACL_RULE": {
"ACL_RULE_LIST": [
{
"ACL_TABLE_NAME": "EVERFLOW_DSCP",
"MIRROR_INGRESS_ACTION": "mirror_session_dscp",
"PRIORITY": 9999,
"RULE_NAME": "Rule_20",
"DSCP": "10"
}
]
},
"sonic-acl:ACL_TABLE": {
"ACL_TABLE_LIST": [
{
"ACL_TABLE_NAME": "EVERFLOW_DSCP",
"policy_desc": "EVERFLOW_DSCP",
"ports": [
""
],
"stage": "ingress",
"type": "MIRROR_DSCP"
}
]
}
},
"sonic-mirror-session:sonic-mirror-session": {
"sonic-mirror-session:MIRROR_SESSION": {
"MIRROR_SESSION_LIST": [
{
"name":"mirror_session_dscp",
"type": "ERSPAN",
"dst_ip": "11.1.1.1",
"src_ip": "10.1.1.1",
"gre_type": "0x1234",
"dscp": "10"
}
]
}
}
}
}

View File

@ -33,6 +33,10 @@ module sonic-acl {
prefix lag;
}
import sonic-mirror-session {
prefix sms;
}
description "ACL YANG Module for SONiC OS";
revision 2019-07-01 {
@ -65,6 +69,18 @@ module sonic-acl {
type stypes:packet_action;
}
leaf MIRROR_INGRESS_ACTION {
type leafref {
path "/sms:sonic-mirror-session/sms:MIRROR_SESSION/sms:MIRROR_SESSION_LIST/sms:name";
}
}
leaf MIRROR_EGRESS_ACTION {
type leafref {
path "/sms:sonic-mirror-session/sms:MIRROR_SESSION/sms:MIRROR_SESSION_LIST/sms:name";
}
}
leaf IP_TYPE {
type stypes:ip_type;
}