**- What I did**
#### wheel package Makefiles
- wheel package Makefiles for sonic-yang-mgmt package.
#### libyang Python APIs:
- python APIs based on libyang
- functions to load/merge yang models and Yang data files
- function to validate data trees based on Yang models
- functions to merge yang data files/trees
- add/set/delete node in schema and data trees
- find data/schema nodes from xpath from the Yang data/schema tree in memory
- find dependencies
- dump the data tree in json/xml
#### Extension of libyang Python APIs:
-- Cropping input config based on Yang Model.
-- Translate input config based on Yang Model.
-- rev Translate input config based on Yang Model.
-- Find xpath of port, portleaf and a yang list.
-- Find if node is key of a list while deletion if yes, then delete the parent.
Signed-off-by: Praveen Chaudhary pchaudhary@linkedin.com
Signed-off-by: Ping Mao pmao@linkedin.com
* [device][accton]: Update for AS5835-54T
* [device][accton]: Update for AS5835-54T to delete its config.bcm off-loading to the self-brought up of the Broadcom SAI version, 3.5.2.3 due to SONiC not supported.
* [device][accton]: Add config.bcm for AS5835-54T
* Ran config_checker passed on our config.bcm, however, we off-loaded the needed MV2 SDK config setting to our self-brought up SAI libraries due to the compatibility of config_check among SONiC different branches.
[-] help_cli_enable=1
[-] ifp_inports_support_enable=1
[-] memlist_enable=1
[-] port_flex_enable=1
[-] reglist_enable=1
* [device][accton]: Update config.bcm for AS5835-54T based on the latest config_checker
Co-authored-by: Polly Hsu <pollyhsu2git@gmail.com>
- What I did
1. Rename the config.bcm to th2-as7816-64x25G-48x100G_row1.config.bcm,
due to that it just allow 1st row of TH2 to be breakout
2. Add port_flex_enable to support dynamic port breakout.
3. Remove the loopback port due to it would make syncd terminate.
=> The port_config.ini doesn't include the loopback ports.
When portsorch start, it would compare the ports in SDK and port_config.ini.
Portsorch would remove the loopback ports due to the loopback ports didn't been defined in port_config.ini
But the broadcom SAI doesn't support remove port for th2.
So it would return fail and syncd would terminate.
- How I did it
- How to verify it
Run with the new SONiC image and syncd would not terminate
Signed-off-by: chiourung_huang <chiourung_huang@edge-core.com>
- bug fix : Fixed an issue which the nps ko file was not loaded due to the wrong service file name
- Optimize the code to reduce changes due to the kernel upgrade
- Remove nephos ko file loaded in swss.service.j2 because it has loaded at syncd.service.j2
* Adding new BGP peer groups PEER_V4_INT and PEER_V6_INT. The internal BGP sessions
will be added to this peer group while the external BGP sessions will be added
to the exising PEER_V4 and PEER_V6 peer group.
* Check for "ASIC" keyword in the hostname to identify the internal neighbors.
* The following changes for multi-npu platforms are done
- Set the type in device_metadata for asic configuration to be same as host
- Set the admin-status of internal bgp sessions as up
Signed-off-by: Arvindsrinivasan Lakshmi Narasimhan <arlakshm@microsoft.com>
* Changes to support config-setup service for multi-npu
platforms. For Multi-npu we are not supporting as of
now config initializtion and ZTP. It will support creating
config db from minigraph or using config db from previous
file system
Signed-off-by: Abhishek Dosi <abdosi@microsoft.com>
* Address Review Comments.
* Address Review comments
* Address Review Comments of using pyhton based config load_minigraph/
config save/config reload from shell scripts so that we don't duplicate
code. Also while running from shell we will skip stop/start services
done by those commands.
* Updated to use python command so no code duplication.
For detecting transceiver change events through xcvrd in DellEMC S6000, S6100 and Z9100 platforms.
- In S6000, rename 'get_transceiver_change_event' in chassis.py to 'get_change_event' and return appropriate values.
- In S6100, implement 'get_change_event' through polling method (poll interval = 1 second) in chassis.py (Transceiver insertion/removal does not generate interrupts due to a CPLD bug)
- In Z9100, implement 'get_change_event' through interrupt method using select.epoll().
* [ntp] enable/disable NTP long jump according to reboot type
- Enable NTP long jump after cold reboot.
- Disable NTP long jump after warrm/fast reboot.
Signed-off-by: Ying Xie <ying.xie@microsoft.com>
* fix typo
* further refactoring
* use sonic-db-cli instead
lldpmgrd listens for changes to the PORT table in the CONFIG_DB and APP_DB in order to handle alias/description config change. It checks if port is up or down by looking into the oper-status for in APP_DB PORT TABLE. If it cannot find it in the App DB, it will log error.
During initializing, it is possible that there is a port change in CONFIG_DB and but the not ready in APP_DB.
The change here is to only log error in is_port_up() after port init done.
Fix is_mgmt_vrf_enabled when MGMT_VRF_CONFIG is not present the config (#885)
Changes to support acl-loader command for multi-npu platforms. (#908)
Stop/Start restapi server upon config reload (#911)
[fanshow] Add column drawer name and led status to output of show
platform(#991)
[MultiDB] use sonic-db-cli instead of redis-cli in new added codes
(#907)
[show] Add `ntpstat` output to `show ntp` (#861)
[config] Log invocation of config commands to syslog (#259)
Remove dependency on click-default-group package (#903)
[config] Add 'interface transceiver' subgroup with 'lpmode' and 'rese…'
(#904)
[show] Add 'errors' and 'rates' subcommands to 'show interfaces
count…(#900)
[config] Support load_minigraph command for multi NPU platform (#896)
[Vnet] Fix NameError for 'swsssdk' and align output (#902)
* Moved utility functions for multi-npu platforms from
sonic-utilities config/main.py to here so that they can be used
any module
* Fix the issue with test run during compilation with acl-uploader
PR#908 of sonic-utilities.
* Fix get_num_npu as it was retuning string and not int
* Address Review Comments
* Address Review Comments
This patchset implement the following:
- Setting the FAN frequency
- Corrections to the EM policy with respect to platform
defined temperature / fan values
- Updates to the platform monitorng script logging
- Fixes to platform initialization script
Signed-off-by: Ciju Rajan K <crajank@juniper.net>
Since the introduction of VRF, interface-related tables in ConfigDB will have multiple entries, one of which only contains the interface name and no IP prefix. Thus, when iterating over the keys in the tables, we need to ignore the entries which do not contain IP prefixes.
and then we load image and reboot even if there was existing
config_db.json we will look for DHCP Service. we should disbale
update_graph in such cases. This behaviour is silimar to what we have in
201811 image.
* [sonic-buildimage] updated minigraph for ACL Table data and ACL Interface
binding update for multu-npu platform based on subrole as "Frontend" or
"Backend". For backend npu no ACL table is associated. For frontend npu
only front-panel interface are associated.
Updated with test case and fix typo in sample-mingraph for npu
Address Review comments
Signed-off-by: Abhishek Dosi <abdosi@microsoft.com>
* Fixed the logic as per preview comment. Interface Filter logic
only applies to Everflow/Mirror tables.
* Address Review Comments.
Modified caclmgrd behavior to enhance control plane security as follows:
Upon starting or receiving notification of ACL table/rule changes in Config DB:
1. Add iptables/ip6tables commands to allow all incoming packets from established TCP sessions or new TCP sessions which are related to established TCP sessions
2. Add iptables/ip6tables commands to allow bidirectional ICMPv4 ping and traceroute
3. Add iptables/ip6tables commands to allow bidirectional ICMPv6 ping and traceroute
4. Add iptables/ip6tables commands to allow all incoming Neighbor Discovery Protocol (NDP) NS/NA/RS/RA messages
5. Add iptables/ip6tables commands to allow all incoming IPv4 DHCP packets
6. Add iptables/ip6tables commands to allow all incoming IPv6 DHCP packets
7. Add iptables/ip6tables commands to allow all incoming BGP traffic
8. Add iptables/ip6tables commands for all ACL rules for recognized services (currently SSH, SNMP, NTP)
9. For all services which we did not find configured ACL rules, add iptables/ip6tables commands to allow all incoming packets for those services (allows the device to accept SSH connections before the device is configured)
10. Add iptables rules to drop all packets destined for loopback interface IP addresses
11. Add iptables rules to drop all packets destined for management interface IP addresses
12. Add iptables rules to drop all packets destined for point-to-point interface IP addresses
13. Add iptables rules to drop all packets destined for our VLAN interface gateway IP addresses
14. Add iptables/ip6tables commands to allow all incoming packets with TTL of 0 or 1 (This allows the device to respond to tools like tcptraceroute)
15. If we found control plane ACLs in the configuration and applied them, we lastly add iptables/ip6tables commands to drop all other incoming packets