Fix zebra leaking memory with fib suppress enabled. Porting the fix from
FRRouting/frr#14983
While running test_stress_route.py, systems with lower memory started to throw low memory logs. On further investigation, a memory leak has been found in zebra which was fixed in the FRR community.
Why I did it
Update SAI version to SAIBuild2305.26.0.16
Update SDK/FW to 4.6.2134/2012.2134
Fixed issues:
Updated SN3700C to enable limit to 100G speed.
Recovering from Low power mode might ends with port down.
Work item tracking
Microsoft ADO (number only):
How I did it
Updating the versions in makefile
How to verify it
Confirm issues fixed and run sonic-mgmt tests
202305 image does not come up on chassis with SAI 7.1.111.1.
SAI 9.2.0.0 on 202305 image is verified to come up on Arista chassis. Initial testing is also done, no new failures compare to 202205 image, SAI 7.1.111.1.
Why I did it
Bring up 202305 image on chassis.
Work item tracking
Microsoft ADO (number only): 18189434
How I did it
How to verify it
Brought up SAI 9.2.0.0 on Arista chassis.
Ran pipeline on acl, bgp, arp, acms, cacl, copp, decap, fib, iface_namingmode.
#### Why I did it
src/sonic-platform-common
```
* 57f63e6 - (HEAD -> 202305, origin/202305) Adding supported vendor PNs for remote CDB FW upgrade (#418) (4 hours ago) [mihirpat1]
```
#### How I did it
#### How to verify it
#### Description for the changelog
#### Why I did it
src/sonic-utilities
```
* 7cf32a9f - (HEAD -> 202305, origin/202305) Reduce generate_dump mem usage for cores (#3052) (16 hours ago) [davidm-arista]
```
#### How I did it
#### How to verify it
#### Description for the changelog
- Why I did it
Improve boot performance mostly needed for fast and warmboot
- How I did it
Use cached variable.
- How to verify it
Boot the system. Simply do "systemd-analyze blame" and look at service start time.
Signed-off-by: Stepan Blyschak <stepanb@nvidia.com>
- Why I did it
Improve boot performance mostly needed for fast and warmboot
- How I did it
Use cached variable.
- How to verify it
Boot the system. Simply do "systemd-analyze blame" and look at service start time.
Signed-off-by: Stepan Blyschak <stepanb@nvidia.com>
A W/A to overcome delay of about 20 sec on login due to MFT bash autocompletion bug.
Should be reverted once a formal solution will be available in future MFT release.
Why I did it
To overcome SN2700 20 sec delay on login
Work item tracking
N/A
How I did it
Removed MFT bash autocompletion part
How to verify it
make configure PLATFORM=mellanox
make target/sonic-mellanox.bin
#### Why I did it
src/sonic-platform-daemons
```
* f23e342 - (HEAD -> 202305, origin/202305) Add dynamic sensor logic for fixed and psu presence/state checking in thermalctld (#401) (18 hours ago) [Gregory Boudreau]
```
#### How I did it
#### How to verify it
#### Description for the changelog
Why I did it
Fixed the issue - Some special IPv6 packets cannot be dropped by dataplane ACL rule
Work item tracking
Microsoft ADO (number only):
No
How I did it
How to verify it
Loaded SAI debian (in syncd docker) and re-run the failed cases.
#### Why I did it
src/sonic-dbsyncd
```
* 68baf40 - (HEAD -> 202305, origin/202305) [lldp-syncd] Fix unexpected exception in snmp-subagent (#64) (18 hours ago) [Zhaohui Sun]
```
#### How I did it
#### How to verify it
#### Description for the changelog
#### Why I did it
src/sonic-utilities
```
* cebac831 - (HEAD -> 202305, origin/202305) [ci] Use correct bullseye docker image according to source branch. (17 hours ago) [Liu Shilong]
```
#### How I did it
#### How to verify it
#### Description for the changelog
Why I did it
FCS/CRC Errors will only be reported as RX_ERR.
Fix to avoid the mac port related errors.
Fix for sharedResSize testcase failure in QoS-SAI
Fix the issue related to voltage in 'show platform psustatus'.
Support WRED drop for lossy queues.
Fixed an issue where lossy traffic was getting dropped.
Enhancement of SAI logging for errors and interrupts
Work item tracking
Microsoft ADO (number only):
How I did it
Update Cisco platform to 202305.1.0.3
How to verify it
#### Why I did it
src/sonic-swss
```
* 04fab921 - (HEAD -> 202305, origin/202305) [coppmgrd] Fix Copp processing logic by using Producer del instead of del from Table (14 hours ago) [Vivek]
```
#### How I did it
#### How to verify it
#### Description for the changelog
Why I did it
Update SAI to SAIBuild2305.26.0.9 for Mellanox platforms.
Fixed issues:
When working with SAI_DEFAULT_SWITCHING_MODE_STORE_FORWARD key/value enabled, trying to add a LAG member to a LAG which is created after warm boot initial configuration phase ended, will fail.
Creating BFD session for non default VRF fails (SAI_BFD_SESSION_ATTR_VIRTUAL_ROUTER != SAI_SWITCH_ATTR_DEFAULT_VIRTUAL_ROUTER_ID).
Work item tracking
Microsoft ADO (number only):
How I did it
Updated SAI version in "mlnx-sai.mk" Makefile.
How to verify it
Run "sonic-mgmt" regression testing.
#### Why I did it
src/sonic-linux-kernel
```
* 35f39af - (HEAD -> 202305, origin/202305) [202305] [kconfig] Set default SATA Link Power Management policy (#365) (9 hours ago) [Volodymyr Samotiy]
```
#### How I did it
#### How to verify it
#### Description for the changelog
#### Why I did it
src/sonic-platform-common
```
* a07a03b - (HEAD -> 202305, origin/202305) Fix issue: QSFP module with id 0x0d can be parsed using 8636 (#412) (79 minutes ago) [Stephen Sun]
```
#### How I did it
#### How to verify it
#### Description for the changelog
Why I did it
Release Notes for Cisco 8111-32EH-O and 8102-64H
Fix for "Failed to get port by bridge port ID" error (MIGSMSFT-354)
Added CLI to enable trap events (MIGSMSFT-166)
Support to add critical message upon replace device SAI notification
Added support for input voltage/current/power info for PSUs
Added support for sff_mgr for deterministic bringup of SFF compliant modules
IOFPGA fix to support optics port in low power mode on 8101-32FH-O
Enable CMIS Manager for 8111-32EH-O
Added dump option to “show plat npu mac-state” CLI to dump MAC state info
Added media-based NPU serdes attributes for Credo 800G AEC Y-cables from media_settings.json
Auto FPD support for power CPLD on 8101 and 8111 platforms
Caveats:
Validation on 8101-32FH-O still pending. Will update release notes once completed.
Below 8800 platform specific fixes included but 8800 support not claimed in this code drop
Interop fix for BFD and Fair VOQ
Fix to update voq cgm profile during port speed change event
Create ECN profiles based on port speeds dynamically
Work item tracking
Microsoft ADO (number only):
How I did it
How to verify it
### Why I did it
The json.hpp header file from that package is used in the sonic-swss-common build. An old version of that header file (from 2016) has been checked into the sonic-swss-common repo. However, since then, there have been changes to that header file, and starting with GCC 12 in Bookworm, generates some errors about variables being possibly uninitialized before use.
##### Work item tracking
- Microsoft ADO **(number only)**: 25027439
#### How I did it
To fix this, install the nlohmann-json3-dev package, and allow using the header file from the Debian package instead of a static checked-in version. The version in Debian Bullseye is much newer than this version.
#### How to verify it
With this change alone, sonic-swss-common will still be using the json.hpp file in its own codebase. The change to actually use the system header file instead of the local header file will happen in a separate PR in the necessary repoes.
Co-authored-by: Saikrishna Arcot <sarcot@microsoft.com>
Why I did it
Need to share docker image for telemetry and gnmi, and only use telemetry container for 202305 branch
Work item tracking
Microsoft ADO (number only):
How I did it
Add a new docker image, base-gnmi, build sonic-gnmi and sonic-telemetry on this docker image.
Enable telemetry container.
How to verify it
Run end to end test for telemetry and gnmi.
Change DHCP rate limit in SONiC copp configuration to 100 PPS as this is
necessary to ensure that DHCP flood does not cause LACP/BGP flaps in all
scenarios
This is an extension to the change in image_config: copp: Enable rate limiting
for bgp, lacp, dhcp, lldp, macsec and udld #14859 and sonic-mgmt change in
[tests/copp]: Update copp mgmt tests to support new rate-limits sonic-mgmt#8199
Why I did it
300 PPS is not sufficient to prevent LACP/BGP flaps in all cases. 100 PPS seems to
provide better resiliency against DHCP traffic flood to CPU.
Microsoft ADO 25776614:
Send DHCP broadcast packets to DUT and verify that they are trapped to CPU at 100 PPS.
Signed-off-by: Prabhat Aravind <paravind@microsoft.com>
* [chassis/multi-asic] Make sure iBGP session established as directly connected (#16777)
What I did:
Make Sure for internal iBGP we are one-hop away (directly connected) by using Generic TTL security mechanism.
Why I did:
Without this change it's possible on packet chassis i-BGP can be established even if there no direct connection. Below is the example
- Let's say we have 3 LC's LC1/LC2/LC3 each having i-BGP session session with each other over Loopback4096
- Each LC's have static route towards other LC's Loopback4096 to establish i-BGP session
- LC1 learn default route 0.0.0.0/0 from it's e-BGP peers and send it over to LC2 and LC3 over i-BGP
- Now for some reason on LC2 static route towards LC3 is removed/not-present/some-issue we expect i-BGP session should go down between LC2 and LC3
- However i-BGP between LC2 and LC3 does not go down because of feature ip nht-resolve-via-default where LC2 will use default route to reach Loopback4096 of LC3. As it's using default route BGP packets from LC2 towards LC3 will first route to LC1 and then go to LC3 from there.
Above scenario can result in packet mis-forwarding on data plane
How I fixed it:-
To make sure BGP packets between i-BGP peers are not going with extra routing hop enable using GTSM feature
neighbor PEER ttl-security hops NUMBER
This command enforces Generalized TTL Security Mechanism (GTSM), as specified in RFC 5082. With this command, only neighbors that are the specified number of hops away will be allowed to become neighbors. This command is mutually exclusive with ebgp-multihop.
We set hop count as 1 which makes FRR to reject BGP connection if we receive BGP packets if it's TTL < 255. Also setting this attribute make sure i-BGP frames are originated with IP TTL of 255.
How I verify:
Manual Verification of above scenario. See blow BGP packets receive with IP TTL 254 (additional routing hop) we are seeing FIN TCP flags as BGP is rejecting the connection
Signed-off-by: Abhishek Dosi <abdosi@microsoft.com>
* Update peer-group.conf.j2
* Update result_all.conf
* Update result_base.conf
---------
Signed-off-by: Abhishek Dosi <abdosi@microsoft.com>
#### Why I did it
src/sonic-utilities
```
* 2b6b6580 - (HEAD -> 202305, origin/202305) Added support to display only nonzero queue counter. (#2978) (#3046) (15 hours ago) [abdosi]
```
#### How I did it
#### How to verify it
#### Description for the changelog
#### Why I did it
src/sonic-host-services
```
* 689395a - (HEAD -> 202305, origin/202305) Updated the iptable rule to use parent/base name of midplane interface of chassis. (#75) (2 days ago) [abdosi]
* 45212a8 - [DualToR][caclmgrd] Fix IPtables rules for multiple vlan interfaces for DualToR config (#82) (2 days ago) [vdahiya12]
```
#### How I did it
#### How to verify it
#### Description for the changelog
#### Why I did it
src/sonic-linux-kernel
```
* 6ff3cc2 - (HEAD -> 202305, origin/202305) arm64: Kconfig inclusions to fix PCI hang and MTD detection (#362) (2 days ago) [Pavan Naregundi]
```
#### How I did it
#### How to verify it
#### Description for the changelog