Commit Graph

2080 Commits

Author SHA1 Message Date
Joe LeVeque
bd7b96fea3 [201811][dhcp_relay] Add support for DHCP client(s) on one VLAN and DHCP server(s) on another (#2919)
* Change URL for isc-dhcp source repository

* Modify supervisor conf to generate dhcrelay commands with '-id' and '-iu' options

* Comments; Also clean up jinja2 syntax

* Patch relay to open one socket per interface and send to all servers on all upstream interfaces

* Patch relay agent to properly forward BOOTREQUEST only on appropriate interface if it is a directed broadcast

* Port upstream patches to isc-dhcp-relay to support upstream/downstream interfaces

* Update patch to properly support interfaces with multiple IP addresses assigned

* Pass --enable-use-sockets to configure instead of uncommenting USE_SOCKETS directly
2019-05-18 10:33:26 -07:00
Ying Xie
116246de1b
[201811][utilities] update sub module head (#2897)
Submodule src/sonic-utilities 6130695..a1f961c:
  > update scheme variable name (#531)
  > [teamshow]: Add * to indicate if the state has been synced into database (#395)

Signed-off-by: Ying Xie <ying.xie@microsoft.com>
2019-05-14 15:39:16 -07:00
Sumukha Tumkur Vani
c1836146a3 Fix for LLDP portname issue (#2886)
* Fix for LLDP portname issue
First check for operstate and if its not present then check for ifindex

* Addressing review comments
2019-05-14 18:03:29 +00:00
pavel-shirshov
99de97c5cc [sonic-quagga]: Fix missing fpm messages (#2884) 2019-05-14 18:03:06 +00:00
Ying Xie
21f31e97e1
[201811][swss][utilities] advance sub-module head (#2878)
Submodule src/sonic-swss e26e1d8..8246bd9:
  > [watermarkorch] only perform periodic clear if the polling is on (#781)

Submodule src/sonic-utilities e3bb8b9..6130695:
  > [reboot] log reboot progress and add a sanity check before reboot (#526)
  > Fix TODO to get/set active ports only (#494)

Signed-off-by: Ying Xie <ying.xie@microsoft.com>
2019-05-09 17:34:21 -07:00
paavaanan
b54d7874c6 [devices]: DellEMC S6100/Z9100 sensor.conf update (#2861) 2019-05-09 16:55:37 +00:00
Ying Xie
dc2fb747a5 [ebtables] install ebtables in base image and install filter rules
- Add ebtables package, and install some filter rules:
  1. ebtables -A FORWARD -d BGA -j DROP
  2. ebtables -A FORWARD -p ARP -j DROP

Basically, we let the ARP packets in the VLAN being forwarded by the ASIC,
kernel gets a copy of these ARP packets and the forwarding from Kenerl gets
dropped. So there is always only one copy of ARP/response in the VLAN.

Signed-off-by: Ying Xie <ying.xie@microsoft.com>
2019-05-06 22:13:03 +00:00
Ying Xie
d12782cc48
[201811][swss] advance sub-module head (#2868)
Submodule src/sonic-swss 6e8f991..e26e1d8:
  > [arp] copy arp IO to cpu instead of trap and drop (#812)

Signed-off-by: Ying Xie <ying.xie@microsoft.com>
2019-05-06 15:09:31 -07:00
sridhar-ravindran
4e99b603ea Enable Debugs in BCM Kernel-bde and Knet Modules (#2786)
* Enable Debugs in BCM Kernel-bde and Knet Modules

* Added Explanation for debugs enabled
2019-05-06 17:21:04 +00:00
Andriy Moroz
cf6f22f775 [mellanox]: Update SAI (#2841)
Add support to trap copy action

Signed-off-by: Andriy Moroz <c_andriym@mellanox.com>
2019-05-01 11:57:08 -07:00
Ying Xie
65cd722223
[201811][utilities] advance sub-module head (#2849)
Submodule src/sonic-utilities 584e706..e3bb8b9:
  > [show] Call teamshow using sudo in 'show interfaces portchannel' (#524)

Signed-off-by: Ying Xie <ying.xie@microsoft.com>
2019-05-01 08:51:56 -07:00
Joe LeVeque
cc90d7f5ee [sudoers] Add /usr/bin/teamshow to READ_ONLY_CMDS (#2846) 2019-05-01 15:51:13 +00:00
Ying Xie
3b02eec933 [db migrator] migrate the DB to latest schema when needed (#2808)
Signed-off-by: Ying Xie <ying.xie@microsoft.com>
2019-04-30 23:43:52 +00:00
Ying Xie
f22666ce58
[201811][utilities] advance sub-module head (#2844)
Submodule src/sonic-utilities 9005508..584e706:
  > [db migrator] Introduce the DB migration infrastructure (#519)

Signed-off-by: Ying Xie <ying.xie@microsoft.com>
2019-04-30 16:41:38 -07:00
paavaanan
af380e9c79 [devices]: DellEMC S6000 xcvrd support (#2560)
* DellEMC S6000, xcvrd support

* sleep 1 second to avoid busy looping

* removal of dead code

* Correct typo error to 1 second

* Introduced 1 second sleep

* Revamped script with blocking call support

* get_transceiver_change_event api definition update

* adding timeout support for get_transceiver_change_event
2019-04-30 19:16:19 +00:00
Qi Luo
dd31c2d84a Remove unused packages in docker images and host (#2807)
* Remove unneeded packages in docker images and host
* Remove libpython3.6 from snmp docker image
2019-04-30 19:12:00 +00:00
Ying Xie
e4a663a606 [teamd] do not process lacpdu before the port ifinfo is set (#2815)
Port libteam patch which fixes the race condition we observed during
warm reboot.

Remove early patches: 0006, 0008, 0009.

Signed-off-by: Ying Xie <ying.xie@microsoft.com>
2019-04-30 19:07:39 +00:00
Stepan Blyshchak
675a89959a [mellanox] Update Mellanox FW version (#2827)
Fixes random failures during ISSU start (warm pre-shutdown)

Signed-off-by: Stepan Blyschak <stepanb@mellanox.com>
2019-04-28 23:13:10 -07:00
Shuotian Cheng
34734e4c55 [minigraph]: Fix bug in copying list in Python (#2831)
'=' cannot be used for copying the list

Signed-off-by: Shu0T1an ChenG <shuche@microsoft.com>
2019-04-26 22:29:03 +00:00
Ying Xie
edc8685e1e [teamd service] start teamd service after swss (#2829)
SWSS clears DB tables, if teamd is not started after swss, there is a
race condition that swss might clear vital teamd information.

Signed-off-by: Ying Xie <ying.xie@microsoft.com>
2019-04-26 22:14:14 +00:00
Ying Xie
042d6145a5 [201811][sairedis][utilities] advance sub module heads (#2830)
Submodule src/sonic-sairedis 74f0f44..d027eae:
  > [SAI header] upgrade SAI header to version v1.3.7 (#445)

Submodule src/sonic-utilities 0f7e75c..9005508:
  > Bring queue storm status to 'pfcwd show stats' (#500)

Signed-off-by: Ying Xie <ying.xie@microsoft.com>
2019-04-26 12:00:14 -07:00
pavel-shirshov
525ee59165 Downport the netlink patch to libteam1.26. Increase netlink buffers (#2822) 2019-04-26 15:27:22 +00:00
Andriy Moroz
5004d2b4fe Increase syncd start timeout (#2776)
* Increase syncd start timeout

Signed-off-by: Andriy Moroz <c_andriym@mellanox.com>

* Replace TimeoutSec to TimeoutStartSec

Signed-off-by: Andriy Moroz <c_andriym@mellanox.com>
2019-04-26 15:27:11 +00:00
Ying Xie
5663c812e1 Revert "[devices]: Watchdog enable/disable in DellEMC S6100 (#2730)" (#2817)
This reverts commit 22d17da09c.
2019-04-26 15:25:50 +00:00
Ying Xie
15a5264b85
[201811][swss][utilities] advance swss/utilities sub modules (#2809)
Submodule src/sonic-swss ae74a27..6e8f991:
  > Create ingress table group during the PFCWD stats list installment (#815)

Submodule src/sonic-utilities 6ba6d27..0f7e75c:
  > If fast-reboot-dump gives an error, don't continue with fast-reboot (#515)

Signed-off-by: Ying Xie <ying.xie@microsoft.com>
2019-04-21 18:22:40 -07:00
pavel-shirshov
08eea92cf0 Update sonic-quagga submodulde. Quagga crash fix (#2802) 2019-04-22 01:18:49 +00:00
padmanarayana
5628de537a [devices]: Make the get_transceiver_change_event's epoll blocking S6100/Z9100 (#2459) 2019-04-22 01:18:03 +00:00
Ying Xie
03dfd3dea3
[201811][utilities] advance sonic-utilities sub module head (#2801)
Submodule src/sonic-utilities 79a0185..6ba6d27:
  > load_minigraph: restart hostcfgd (#511)

Signed-off-by: Ying Xie <ying.xie@microsoft.com>
2019-04-18 15:10:43 -07:00
pavel-shirshov
f082cff528 teamd: lacp: update port state according to partner's sync bit (#2793)
Backport of
54f137c105

According to 6.4.15 of IEEE 802.1AX-2014, Figure 6-22, the state that the
port is selected moves MUX state from DETACHED to ATTACHED.

But ATTACHED state does not mean that the port can send and receive user
frames. COLLECTING_DISTRIBUTION state is the state that the port can send
and receive user frames. To move MUX state from ATTACHED to
COLLECTING_DISTRIBUTION, the partner state should be sync as well as the
port selected.

In function lacp_port_actor_update(), only INFO_STATE_SYNCHRONIZATION
should be set to the actor.state when the port is selected.
INFO_STATE_COLLECTING and INFO_STATE_DISTRIBUTING should be set to false
with ATTACHED mode and set to true when INFO_STATE_SYNCHRONIZATION of
partner.state is set.

In function lacp_port_should_be_{enabled, disabled}(), we also need to
check the INFO_STATE_SYNCHRONIZATION bit of partner.state.

Signed-off-by: Hangbin Liu <liuhangbin@gmail.com>
Signed-off-by: Jiri Pirko <jiri@mellanox.com>
2019-04-18 16:56:20 +00:00
Stepan Blyshchak
08fed3c125 [snmp.service] Make swss.service a requisite (#2790) 2019-04-18 16:55:55 +00:00
paavaanan
034ac41e57 [devices]: Watchdog enable/disable in DellEMC S6100 (#2730) 2019-04-18 16:55:26 +00:00
michealylj1
397b552a76 [Devices] Add new device CIG CS6436-56P (#2587)
* Add new device CIG CS6436-56P

* Delete minigraph.xml

It isn't necessary in the current system, just delete it

* Update qos.json.j2

* Update port_config.ini

Add the speed column. The cmd to show interface status as:

root@switch1:~# show interface status             
  Interface            Lanes    Speed    MTU         Alias    Oper    Admin    Type    Asym PFC
-----------  ---------------  -------  -----  ------------  ------  -------  ------  ----------
  Ethernet0                8      25G   9100   Ethernet1/1      up       up     SFP         N/A
  Ethernet1                9      25G   9100   Ethernet2/1      up       up     SFP         N/A
  Ethernet2               10      25G   9100   Ethernet3/1    down     down     N/A         N/A
  Ethernet3               11      25G   9100   Ethernet4/1    down     down     N/A         N/A
  Ethernet4               12      25G   9100   Ethernet5/1    down     down     N/A         N/A
  Ethernet5               13      25G   9100   Ethernet6/1    down     down     N/A         N/A
  Ethernet6               14      25G   9100   Ethernet7/1    down     down     N/A         N/A
  Ethernet7               15      25G   9100   Ethernet8/1    down     down     N/A         N/A
  Ethernet8               16      25G   9100   Ethernet9/1    down     down     N/A         N/A
  Ethernet9               17      25G   9100  Ethernet10/1    down     down     N/A         N/A
 Ethernet10               18      25G   9100  Ethernet11/1    down     down     N/A         N/A
 Ethernet11               19      25G   9100  Ethernet12/1    down     down     N/A         N/A
 Ethernet12               20      25G   9100  Ethernet13/1    down     down     N/A         N/A
 Ethernet13               21      25G   9100  Ethernet14/1    down     down     N/A         N/A
 Ethernet14               22      25G   9100  Ethernet15/1    down     down     N/A         N/A
 Ethernet15               23      25G   9100  Ethernet16/1    down     down     N/A         N/A
 Ethernet16               32      25G   9100  Ethernet17/1    down     down     N/A         N/A
 Ethernet17               33      25G   9100  Ethernet18/1    down     down     N/A         N/A
 Ethernet18               34      25G   9100  Ethernet19/1    down     down     N/A         N/A
 Ethernet19               35      25G   9100  Ethernet20/1    down     down     N/A         N/A
 Ethernet20               40      25G   9100  Ethernet21/1    down     down     N/A         N/A
 Ethernet21               41      25G   9100  Ethernet22/1    down     down     N/A         N/A
 Ethernet22               42      25G   9100  Ethernet23/1    down     down     N/A         N/A
 Ethernet23               43      25G   9100  Ethernet24/1    down     down     N/A         N/A
 Ethernet24               48      25G   9100  Ethernet25/1    down     down     N/A         N/A
 Ethernet25               49      25G   9100  Ethernet26/1    down     down     N/A         N/A
 Ethernet26               50      25G   9100  Ethernet27/1    down     down     N/A         N/A
 Ethernet27               51      25G   9100  Ethernet28/1    down     down     N/A         N/A
 Ethernet28               56      25G   9100  Ethernet29/1    down     down     N/A         N/A
 Ethernet29               57      25G   9100  Ethernet30/1    down     down     N/A         N/A
 Ethernet30               58      25G   9100  Ethernet31/1    down     down     N/A         N/A
 Ethernet31               59      25G   9100  Ethernet32/1    down     down     N/A         N/A
 Ethernet32               64      25G   9100  Ethernet33/1    down     down     N/A         N/A
 Ethernet33               65      25G   9100  Ethernet34/1    down     down     N/A         N/A
 Ethernet34               66      25G   9100  Ethernet35/1    down     down     N/A         N/A
 Ethernet35               67      25G   9100  Ethernet36/1    down     down     N/A         N/A
 Ethernet36               68      25G   9100  Ethernet37/1    down     down     N/A         N/A
 Ethernet37               69      25G   9100  Ethernet38/1    down     down     N/A         N/A
 Ethernet38               70      25G   9100  Ethernet39/1    down     down     N/A         N/A
 Ethernet39               71      25G   9100  Ethernet40/1    down     down     N/A         N/A
 Ethernet40               72      25G   9100  Ethernet41/1    down     down     N/A         N/A
 Ethernet41               73      25G   9100  Ethernet42/1    down     down     N/A         N/A
 Ethernet42               74      25G   9100  Ethernet43/1    down     down     N/A         N/A
 Ethernet43               75      25G   9100  Ethernet44/1    down     down     N/A         N/A
 Ethernet44               76      25G   9100  Ethernet45/1    down     down     N/A         N/A
 Ethernet45               77      25G   9100  Ethernet46/1    down     down     N/A         N/A
 Ethernet46               78      25G   9100  Ethernet47/1    down     down     N/A         N/A
 Ethernet47               79      25G   9100  Ethernet48/1    down     down     N/A         N/A
 Ethernet48      84,85,86,87     100G   9100  Ethernet49/1      up       up  QSFP28         N/A
 Ethernet49      80,81,82,83     100G   9100  Ethernet50/1      up       up  QSFP28         N/A
 Ethernet50      92,93,94,95     100G   9100  Ethernet51/1    down     down     N/A         N/A
 Ethernet51      88,89,90,91     100G   9100  Ethernet52/1    down     down     N/A         N/A
 Ethernet52  108,109,110,111     100G   9100  Ethernet53/1    down     down     N/A         N/A
 Ethernet53  104,105,106,107     100G   9100  Ethernet54/1    down     down     N/A         N/A
 Ethernet54  116,117,118,119     100G   9100  Ethernet55/1    down     down     N/A         N/A
 Ethernet55  112,113,114,115     100G   9100  Ethernet56/1    down     down     N/A         N/A
root@switch1:~#
2019-04-18 16:54:31 +00:00
Joe LeVeque
d210f86b24
[201811] [radvd] Build radvd from source; Patch so as not to treat out-of-range MTU as an error (#2796) 2019-04-17 16:40:40 -07:00
Ying Xie
543aec6a18
[201811][utilities] advance sonic-utilities submodule (#2792)
Submodule src/sonic-utilities 6aee909..79a0185:
  > [fast/warm reboot] add some sanity check before warm reboot (#510)
  > In sync with our latest change, where we default failthrough to be False. (#507)
  > [generate_dump] system dump improvements (#503)

Signed-off-by: Ying Xie <ying.xie@microsoft.com>
2019-04-16 11:51:04 -07:00
Qi Luo
5578e3d1bd [mgmt] Install passlib in sonic-mgmt docker to support ansible no_log option (#2782) 2019-04-16 15:38:01 +00:00
Samuel Angebault
227bc32594 Install python3.6 smbus module in snmp (#2772) 2019-04-16 15:36:57 +00:00
pavel-shirshov
fde3a4f035 [sonic-cfggen]: Output differences for bgp configurations (#2768) 2019-04-16 15:36:21 +00:00
pavel-shirshov
144fe975e5 [docker-fpm-quagga]: Add support for PeerAsn and UpdateAddress (#2766) 2019-04-16 15:35:51 +00:00
Ying Xie
19813c2924 [bgp quagga] increase BGP graceful restart timeout to 240 seconds (#2754)
There are some platforms with less powerful CPU/hard-drive could take
longer to get ready for BGP. For these platforms, 240 seconds would be
a safer threshold.

Signed-off-by: Ying Xie <ying.xie@microsoft.com>
2019-04-16 15:35:09 +00:00
pavel-shirshov
f62d2b0df2 [vstest]: Test for quagga livelock fix (#2751)
* Test for quagga livelock fix

* Create /usr/local/etc for the test

* Add more debug info

* Install specific version of exabgp

* Update sonic-quagga
2019-04-16 15:34:38 +00:00
Mykola F
bed716edfe [Mellanox] Update SAI (#2778)
New SAI version is not going to flood our log with unnecessary log messages.

Signed-off-by: Mykola Faryma <mykolaf@mellanox.com>
2019-04-14 10:59:26 -07:00
Ying Xie
97e996f87e [bcm SAI] upgrade Broadcom SAI to version 3.3.5.4-1 (#2764)
- Broadcom SAI GA drop 20190402

Signed-off-by: Ying Xie <ying.xie@microsoft.com>
2019-04-10 19:12:29 -07:00
Ying Xie
9ae11035d7
[20181][sub-modules] advance sairedis, swss, swss-common and utilities (#2759)
Submodule src/sonic-sairedis 483c89e..97dd2a8:
  > Fix compilation issues in stretch docker with gcc-6.3 (#426)
  >  Make object list deterministic when iterating (#438)
  > Ignore ACL_COUNTER bytes and packets during comparison logic (#443)

Submodule src/sonic-swss d22b2de..ae74a27:
  > Survive pfc watchdog storm action across warm-reboot (#794)

Submodule src/sonic-swss-common 36fd5e9..24c0ff7:
  > Update PFC_WD table name in CONFIG_DB (#266)

Submodule src/sonic-utilities bae21e7..6aee909:
  > [neighbor advertiser] convert int to string before concatenating (#505)
  > [config]: Change the order of interface commands (#504)
  > Change PFC watchdog CONFIG_DB table name from PFC_WD_TABLE to PFC_WD (#475)

Signed-off-by: Ying Xie <ying.xie@microsoft.com>
2019-04-09 14:20:35 -07:00
Renuka Manavalan
6c1a0ce58c [hostcfgd] -- Fix the default for failthrough as false.
This implies that by default, if TACACS is configured properly and it reported auth_err, then don't try fail through to traditional unix authentication through /etc/passwd.

If this failthrough is intended, make it explicit through "sudo config aaa authentication failthrough enable"

Removed an unused variable "aaa.fallback"

Tested manually. Note the presence of 'auth_err=die' in all cases except when failthrough is explicitly enabled.

admin@str-s6000-acs-13:~$ sudo config aaa authentication failthrough default; date
Wed Apr  3 23:05:18 UTC 2019
admin@str-s6000-acs-13:~$ ls -lrt /etc/pam.d/common-auth-sonic ; grep 123 /etc/pam.d/common-auth-sonic
-rw-r--r-- 1 root root 1316 Apr  3 23:05 /etc/pam.d/common-auth-sonic
auth    [success=done new_authtok_reqd=done default=ignore auth_err=die]        pam_tacplus.so server=100.127.20.22:49 secret=testing123 login=login timeout=5 try_first_pass
auth    [success=done new_authtok_reqd=done default=ignore auth_err=die]        pam_tacplus.so server=100.127.20.21:49 secret=testing123 login=login timeout=5 try_first_pass

admin@str-s6000-acs-13:~$ sudo config aaa authentication failthrough enable; date ; h4 "AAA|authentication"
Wed Apr  3 23:06:37 UTC 2019
admin@str-s6000-acs-13:~$ ls -lrt /etc/pam.d/common-auth-sonic ; grep 123 /etc/pam.d/common-auth-sonic
-rw-r--r-- 1 root root 1294 Apr  3 23:06 /etc/pam.d/common-auth-sonic
auth    [success=done new_authtok_reqd=done default=ignore]     pam_tacplus.so server=100.127.20.22:49 secret=testing123 login=login timeout=5 try_first_pass
auth    [success=done new_authtok_reqd=done default=ignore]     pam_tacplus.so server=100.127.20.21:49 secret=testing123 login=login timeout=5 try_first_pass

admin@str-s6000-acs-13:~$ sudo config aaa authentication failthrough disable; date ; h4 "AAA|authentication"
Wed Apr  3 23:07:09 UTC 2019
admin@str-s6000-acs-13:~$ ls -lrt /etc/pam.d/common-auth-sonic ; grep 123 /etc/pam.d/common-auth-sonic
-rw-r--r-- 1 root root 1321 Apr  3 23:07 /etc/pam.d/common-auth-sonic
auth    [success=done new_authtok_reqd=done default=ignore auth_err=die]        pam_tacplus.so server=100.127.20.22:49 secret=testing123 login=login timeout=5 try_first_pass
auth    [success=done new_authtok_reqd=done default=ignore auth_err=die]        pam_tacplus.so server=100.127.20.21:49 secret=testing123 login=login timeout=5 try_first_pass
2019-04-08 23:41:51 +00:00
Ying Xie
5c663ca7bb
[201811][utilities] advance submodule head (#2748)
Submodule src/sonic-utilities d1070b2..bae21e7:
  > Update neighbor advertiser (#498)

Signed-off-by: Ying Xie <ying.xie@microsoft.com>
2019-04-04 08:34:44 -07:00
Ying Xie
4eaa4dabff Revert "[teamd service] teamd service should start after syncd (#2724)" (#2733)
This reverts commit 0d1efb131c.
2019-04-04 15:22:44 +00:00
paavaanan
27f1aa7e09 removing dhcp- turn- off option from initrd (#2555)
* removing dhcp changes from initrd

* removing mgmt-intf-dhcp file
2019-04-04 15:22:14 +00:00
Ying Xie
1a4bac7e27
[201811][platform-common] add platform-common 201811 branch (#2743)
- Cherry-picked one change:

Submodule src/sonic-platform-common d4bf78c..42119e1:
  > remove gang port parsing (#24)

Signed-off-by: Ying Xie <ying.xie@microsoft.com>
2019-04-04 08:12:54 -07:00
Ying Xie
502ddb0978
[201811][sairedis][swss] advance sub module head of sairedis and swss (#2728)
Submodule src/sonic-sairedis 8182916..483c89e:
  > Notify OA about exception and process only restart query events (#437)

Submodule src/sonic-swss 91171b6..d22b2de:
  > Allow ACL entry creation without ACL counter (#818)

Signed-off-by: Ying Xie <ying.xie@microsoft.com>
2019-04-01 16:58:39 -07:00
Ying Xie
bc98f9fe64 [teamd] prevent re-entrance of port priv change handler (#2723)
When adding a lag member dynamically after system boots up, teamd
port priv change handler could re-entrant itself and causing adding
operation to fail.

While handling PORT_CHANGE event, teamd_per_port.c port priv change
handler was called, it will then call runner_lacp to add port to lag,
the later causes IFINFO_CHANGE to be notified and calls the priv change
handler again, this re-entrance would cause runner_lacp port_added to
be called again and messes up with the previous adding sequence. Then
fails the lag member adding operation.

Prevent per port priv change handler re-entrance solves the problem.

Signed-off-by: Ying Xie <ying.xie@microsoft.com>
2019-04-01 23:52:31 +00:00