Why I did it
VoQ chassis supervisor will have Fabric asics and the sub_role for fabric asics will be "Fabric".
The fabric asics namespaces are not being returned in get_all_namespaces() and is required in caclmgrd to add right cacl to allow internal docker traffic from fabric asic namespaces.
test_cacl_application fails on VoQ chassis Supervisor with the error:
Failed: Missing expected iptables rules: set(['-A INPUT -s 240.127.1.1/32 -d 240.127.1.1/32 -j ACCEPT', '-A INPUT -s 240.127.1.3/32 -d 240.127.1.1/32 -j ACCEPT', '-A INPUT -s 240.127.1.2/32 -d 240.127.1.1/32 -j ACCEPT'])
How I did it
Update get_all_namespaces to return fabric namespaces list.
How to verify it
Verified on VoQ chassis.
Why I did it
Address issue #10966
sign-off: Jing Zhang zhangjing@microsoft.com
How I did it
Add sonic-peer-switch.yang and unit tests.
How to verify it
Compile Compile target/python-wheels/sonic_yang_mgmt-1.0-py3-none-any.whl and target/python-wheels/sonic_yang_models-1.0-py3-none-any.whl.
Which release branch to backport (provide reason below if selected)
201811
201911
202006
202012
202106
202111
202205
Description for the changelog
Link to config_db schema for YANG module changes
b721ff87b9/src/sonic-yang-models/doc/Configuration.md (peer-switch)
#### Why I did it
This fixed memory leak in ETHERLIKE-MIB. The fix is not part of net-snmp(5.7.3 version). This PR includes the patch to fix memory leak issue.
```
ke->name in stdup-ed at line 297: n->name = strdup(RTA_DATA(tb[IFLA_IFNAME]));
```
#### How I did it
patched the fix.
[net-snmp] upstream fix link -> [snmpd}upstream link](ed4e48b5fa)
#### How to verify it
**Before The fix**
used valgrind to find memory leak.
```
root@lnos-x1-a-csw06:/# grep "definitely lost" valgrind-out.txt
==493== 4 bytes in 1 blocks are definitely lost in loss record 1 of 333
==493== 16 bytes in 1 blocks are definitely lost in loss record 25 of 333
==493== 757 bytes in 71 blocks are definitely lost in loss record 214 of 333
==493== 1,168 (32 direct, 1,136 indirect) bytes in 1 blocks are definitely lost in loss record 293 of 333
==493== 1,168 (32 direct, 1,136 indirect) bytes in 1 blocks are definitely lost in loss record 294 of 333
==493== 1,168 (32 direct, 1,136 indirect) bytes in 1 blocks are definitely lost in loss record 295 of 333
==493== 1,168 (32 direct, 1,136 indirect) bytes in 1 blocks are definitely lost in loss record 296 of 333
==493== definitely lost: 905 bytes in 77 blocks
```
_we can see the memory leak see in stack trace._
-> dot3stats_linux -> get_nlmsg -> strdup
https://github.com/net-snmp/net-snmp/blob/v5.7.3/agent/mibgroup/etherlike-mib/data_access/dot3stats_linux.chttps://github.com/net-snmp/net-snmp/blob/v5.7.3/agent/mibgroup/etherlike-mib/data_access/dot3stats_linux.c#L277
```
n = malloc(sizeof(*n));
memset(n, 0, sizeof(*n));
n->ifindex = ifi->ifi_index;
n->name = strdup(RTA_DATA(tb[IFLA_IFNAME]));
memcpy(&n->stats, RTA_DATA(tb[IFLA_STATS]), sizeof(n->stats));
n->next = kern_db;
kern_db = n;
return 0;
```
we were not freeing space for EtherLike-MIB.AS interface mib queries were getting increased, we see memory increment.
```
kern_db = ke->next;
free(ke);
```
https://github.com/net-snmp/net-snmp/blob/v5.7.3/agent/mibgroup/etherlike-mib/data_access/dot3stats_linux.c#L467
```
==55== 757 bytes in 71 blocks are definitely lost in loss record 186 of 299
==55== at 0x483577F: malloc (in /usr/lib/x86_64-linux-gnu/valgrind/vgpreload_memcheck-amd64-linux.so)
==55== by 0x4EB6E49: strdup (strdup.c:42)
==55== by 0x493F278: get_nlmsg (dot3stats_linux.c:299)
==55== by 0x493F529: rtnl_dump_filter_l.constprop.3 (dot3stats_linux.c:370)
==55== by 0x493FD7A: rtnl_dump_filter (dot3stats_linux.c:401)
==55== by 0x493FD7A: _dot3Stats_netlink_get_errorcntrs (dot3stats_linux.c:424)
==55== by 0x494009F: interface_dot3stats_get_errorcounters (dot3stats_linux.c:530)
==55== by 0x48F6FDA: dot3StatsTable_container_load (dot3StatsTable_data_access.c:330)
==55== by 0x485E76B: _cache_load (cache_handler.c:700)
==55== by 0x485FA37: netsnmp_cache_helper_handler (cache_handler.c:638)
==55== by 0x48720BC: netsnmp_call_handler (agent_handler.c:526)
==55== by 0x48720BC: netsnmp_call_next_handler (agent_handler.c:640)
==55== by 0x4865F75: table_helper_handler (table.c:717)
==55== by 0x4871B66: netsnmp_call_handler (agent_handler.c:526)
==55== by 0x4871B66: netsnmp_call_handlers (agent_handler.c:611)
757 bytes in 71 blocks are definitely lost in loss record 214 of 333
==493== at 0x483577F: malloc (in /usr/lib/x86_64-linux-gnu/valgrind/vgpreload_memcheck-amd64-linux.so)
==493== by 0x4EB6E49: strdup (strdup.c:42)
==493== by 0x493F278: ??? (in /usr/lib/x86_64-linux-gnu/libnetsnmpmibs.so.30.0.3)
==493== by 0x493F529: ??? (in /usr/lib/x86_64-linux-gnu/libnetsnmpmibs.so.30.0.3)
==493== by 0x493FD7A: _dot3Stats_netlink_get_errorcntrs (in /usr/lib/x86_64-linux-gnu/libnetsnmpmibs.so.30.0.3)
==493== by 0x494009F: interface_dot3stats_get_errorcounters (in /usr/lib/x86_64-linux-gnu/libnetsnmpmibs.so.30.0.3)
==493== by 0x48F6FDA: dot3StatsTable_container_load (in /usr/lib/x86_64-linux-gnu/libnetsnmpmibs.so.30.0.3)
==493== by 0x485E76B: _cache_load (cache_handler.c:700)
==493== by 0x485FA37: netsnmp_cache_helper_handler (cache_handler.c:638)
==493== by 0x48720BC: netsnmp_call_handler (agent_handler.c:526)
==493== by 0x48720BC: netsnmp_call_next_handler (agent_handler.c:640)
==493== by 0x4865F75: table_helper_handler (table.c:717)
==493== by 0x4871B66: netsnmp_call_handler (agent_handler.c:526)
==493== by 0x4871B66: netsnmp_call_handlers (agent_handler.c:611)
```
```
**After The fix**
no memory leak in valgrind stack trace related to etherlike MIB.
```
- Why I did it
Profiled the execution for the following cmd intfutil -c status
- How I did it
Cached the following information:
1. get_sonic_version_info()
2. get_platform_info()
None of the API exposed to the user libraries (for eg: sonic-utilities) has been modified
These methods involve reading text files or from redis. Thus, caching helped to improve the execution time
- How to verify it
Added UT's.
Verified on the device
Signed-off-by: Vivek Reddy Karri <vkarri@nvidia.com>
Why I did it
Currently the CLI commands show interface status show interface counters and show interface description displays Ethernet-IB and Ethernet-Rec ports in the output. These are internal ports should only be displayed when the option -d all is used for the above mentioned CLI commands
How I did it
Add the port roles Inb and Rec when classifing a port as internal port.
How to verify it
Verify the CLI output of the command show interface status doesnt display the Ethenet-IB and Ethernet-Rec port when -d all option in not present
Before
Signed-off-by: Arvindsrinivasan Lakshmi Narasimhan <arlakshm@microsoft.com>
Why I did it
On a supervisor card in a chassis, syncd/teamd/swss/lldp etc dockers are created for each Switch Fabric card. However, not all chassis would have all the switch fabric cards present. In this case, only dockers for Switch Fabrics present would be created.
The monit 'container_checker' fails in this scenario as it is expecting dockers for all Switch Fabrics (based on NUM_ASIC defined in asic.conf file).
* [snmpd]: Update to 5.9+dfsg-4+deb11u1 to match Debian version
This brings in some security fixes.
Signed-off-by: Saikrishna Arcot <sarcot@microsoft.com>
* Update snmpd makefile
Signed-off-by: Saikrishna Arcot <sarcot@microsoft.com>
* Remove binNMU for snmpd
Signed-off-by: Saikrishna Arcot <sarcot@microsoft.com>
Signed-off-by: Saikrishna Arcot <sarcot@microsoft.com>
* [Bgpcfgd] Enhance add_peer/add_peer_ipv6 unit tests
Why I did it
The current input to add_peer/add_peer_ipv6 is admin status change, update the UT to supply new peer information.
Current UT does not check for case when check_neig_meta is true, update UT to check for this case
How I did it
By changing the input to add_peer/add_peer_ipv6
By modifying load_constants/constructor to take constants path as an input, and add two UT that uses a version of constants.yml that sets check_neig_meta to true.
How to verify it
UT failing before the change, and passing after the change.
Signed-off-by: maipbui <maibui@microsoft.com>
<!--
Please make sure you've read and understood our contributing guidelines:
https://github.com/Azure/SONiC/blob/gh-pages/CONTRIBUTING.md
** Make sure all your commits include a signature generated with `git commit -s` **
If this is a bug fix, make sure your description includes "fixes #xxxx", or
"closes #xxxx" or "resolves #xxxx"
Please provide the following information:
-->
#### Why I did it
Replace unsafe functions to safe functions
#### How I did it
Replace `strtok()` by `strtok_r()`
#### How to verify it
#### Which release branch to backport (provide reason below if selected)
<!--
- Note we only backport fixes to a release branch, *not* features!
- Please also provide a reason for the backporting below.
- e.g.
- [x] 202006
-->
- [ ] 201811
- [ ] 201911
- [ ] 202006
- [ ] 202012
- [ ] 202106
- [ ] 202111
- [ ] 202205
#### Description for the changelog
<!--
Write a short (one line) summary that describes the changes in this
pull request for inclusion in the changelog:
-->
#### Link to config_db schema for YANG module changes
<!--
Provide a link to config_db schema for the table for which YANG model
is defined
Link should point to correct section on https://github.com/Azure/sonic-buildimage/blob/master/src/sonic-yang-models/doc/Configuration.md
-->
#### A picture of a cute animal (not mandatory but encouraged)
Fix#10549Fix#10550
#### Why I did it
Create sonic yang model for SNMP
Tables:SNMP, SNMP_COMMUNITY
#### How I did it
Defined yang models based for SNMP based on snmp.yml
#### How to verify it
Added test cases to verify
Why I did it
This PR is to update Yang model for pfc_enable and pfcwd_sw_enable fields to support more than 2 queues, like 2,3,4,6.
Before this change, the regex "[0-7](,[0-7])?" accepts only no more than 2 queues.
How I did it
Update the regex pattern for pfc_enable and pfcwd_sw_enable, from "[0-7](,[0-7])?" to "[0-7](,[0-7])*
How to verify it
The change is verified by UT. The test input is updated to cover the change.
collected 3 items
tests/test_sonic_yang_models.py .. [ 66%]
tests/yang_model_tests/test_yang_model.py .
* Update BRCM KNET module to support new psample definitions from sflow dropmon feature
* Update BRCM KNET module to support new psample definitions from sflow dropmon feature
* Advance saibcm-modules-dnx
Signed-off-by: Arvindsrinivasan Lakshmi Narasimhan arlakshm@microsoft.com
Why I did it
Generate the port configuration required 400G ZR port from minigraph.
How I did it
Add parse logic to get tx_power and laser_freq from LinkMetadata section of the minigraph.
Add UT for packet-chassis and voq chassis
How to verify it
UT
Signed-off-by: Arvindsrinivasan Lakshmi Narasimhan <arlakshm@microsoft.com>
Why I did it
Update sonic-swss-common submodule to include events API that will be used to stream structured events
Contains only:
ecc13b2 2022-08-10 | APIs to support streaming structured events (https://github.com/sonic-net/sonic-buildimage/pull/667) [Zain Budhwani]
How I did it
Pull from latest commit in sonic-swss-common
How to verify it
Look at pointer for sonic-swss-common
Why I did it
2 things are missing in current allow-prefix list implementation.
In some usecase, need to tell the BGP neighbor and have different allow-prefix list for different neighbors, which is not supported.
for the prefix list, can't support flexible le and ge.
How I did it
To enhance the bgp allow-prefix list feature to have:
To include the neighbor type info for the allow-prefix list.
To support flexible le and ge length for allow-prefix list.
How to verify it
4 new unit test cases are added in this PR to cover changes.
* Advance sonic-utilities pointer
7919077f Add FEC correctable and uncorrectable port stats (#2027)
ecb91367 Add CLI to configure YANG config validation (#2147)
e9ab5235 Add override testcase to verify removal (#2288)
c6794b55 Fix version in db_migrator for `PORT_QOS_MAP|global` (#2289)
92b889b7 [intfutil] Check whether the FEC mode is supported on the platform before configuring it to CONFIG_DB (#2223)
dab0d065 Transfer organization from Azure to sonic-net (#2284)
6de18a1d [watermarkstat] Fix CLI script for unconfigured PG counters (#2239)
ac2f5530 Improve the way to check port type of RJ45 port (#2249)
142185c9 Fix the issue that sonic_platform is not installed on vs image (#2300)
ca14133f [crm] add checking for CRM interval range (#2293)
Signed-off-by: Stephen Sun <stephens@nvidia.com>
* Advance swss
dc8bc1c4 [portsorch] Expose supported FEC modes to STABE_DB and check whether FEC mode is supported before setting it (#2333)
6565b502 Revert "[portsorch] Expose supported FEC modes to STABE_DB and check whether FEC mode is supported before setting it (#2333)" (#2396)
dc88d55d Revert hwinfo count change (#2383)
75fc9659 [DualToR] Handle race condition between tunnel_decap and mux orchestrator (#2397)
525a57fa Fix for remote system interface not getting created (#2364)
3161eaae portsorch: initial support for link-training (#2359)
dc477fb0 [swss/cfgmgr] teammgr configure lacp rate (#2121)
2489ad57 Improve pytest speend by grouping 20 tests together. (#2390)
168bd3b3 [EVPN]Modified tunnel creation logic when creating tunnel in VRF-VNI map creation flow (#2404)
1e1438e4 [portsorch] Expose supported FEC modes to STABE_DB and check whether FEC mode is supported before setting it (#2400)
9f2e27b4 [QoS] Fix issue: the WRED profile can not be set if current min > new max or current max < new min (#2379)
d36c17d6 [asan][aclorch] fix a memory leak in the SaiAttrWrapper::swap() (#2382)
Signed-off-by: Stephen Sun <stephens@nvidia.com>
* More sonic-utilities PRs
be1866fd Fix GCU bug when backend service modifying config (#2295)
bcf36eb3 Fix issues for sonic_installer upgrade-docker and sonic_installer rollback-docker (#2278)
Signed-off-by: Stephen Sun <stephens@nvidia.com>
Signed-off-by: Stephen Sun <stephens@nvidia.com>
Update sonic-platform-daemons submodule pointer to include the following:
Xcvrd changes to support 400G ZR configuration (#270)
[ycabled] add secure channel support for grpc dualtor active-active connectivity (#275)
Signed-off-by: dprital <drorp@nvidia.com>
Update sonic-swss-common submodule pointer to include the following:
Add docker-mux related table names (#627)
Transfer organization from Azure to sonic-net (#656)
Signed-off-by: dprital <drorp@nvidia.com>
Update sonic-platform-common submodule pointer to include the following:
[eeprom] Add UT for eeprom_tlvinfo.py (#292)
Fix Cmis memmap field offset (#290)
Fix AttributeError for "sfputil show error-status -hw" (#291)
Why I did it
Fix CVE-2017-1000487 alert in thrift 0.14.1.
See https://nvd.nist.gov/vuln/detail/CVE-2017-1000487
How I did it
Change the version of org.codehaus.plexus:plexus-utils from 3.0.14 to 3.0.16.
24f505148 [eloop.c]: Increase timeout of signal termination (#62)
2b2c1ad72 [driver_macsec_sonic.c]: Fixbug: a wrong db_wait in delete sa (#61)
Signed-off-by: Ze Gan <ganze718@gmail.com>
#### Why I did it
Update bgpmon.py from py-swsssdk to swsscommon
#### How I did it
Change bgpmon.py to use swsscommon.
#### How to verify it
Pass all E2E test case
#### Which release branch to backport (provide reason below if selected)
<!--
- Note we only backport fixes to a release branch, *not* features!
- Please also provide a reason for the backporting below.
- e.g.
- [x] 202006
-->
- [ ] 201811
- [ ] 201911
- [ ] 202006
- [ ] 202012
- [ ] 202106
- [ ] 202111
- [ ] 202205
#### Description for the changelog
Update bgpmon.py from py-swsssdk to swsscommon
#### Link to config_db schema for YANG module changes
<!--
Provide a link to config_db schema for the table for which YANG model
is defined
Link should point to correct section on https://github.com/Azure/sonic-buildimage/blob/master/src/sonic-yang-models/doc/Configuration.md
-->
#### A picture of a cute animal (not mandatory but encouraged)
Co-authored-by: liuh-80 <azureuser@liuh-dev-vm-02.5fg3zjdzj2xezlx1yazx5oxkzd.hx.internal.cloudapp.net>
#### Why I did it
Submodule update for sonic-swss-common with following change:
```
2247dbe 2022-08-01 | Fix memory leak issue in ConfigDBConnector. (#655) [Hua Liu]
4af97d6 2022-07-27 | Add new table schemas for DASH (#654) [prabhataravind]
d72e5ea 2022-07-23 | Fix epoll and socket resource leak issue. (#651) [Hua Liu]
dda857b 2022-07-21 | Microsoft mandatory file (#620) [microsoft-github-policy-service[bot]]
4132d14 2022-07-21 | Fix PING database command not backward compatible with python version issue. (#650) [Hua Liu]
```
#### How I did it
#### How to verify it
#### Which release branch to backport (provide reason below if selected)
<!--
- Note we only backport fixes to a release branch, *not* features!
- Please also provide a reason for the backporting below.
- e.g.
- [x] 202006
-->
- [ ] 201811
- [ ] 201911
- [ ] 202006
- [ ] 202012
- [ ] 202106
#### Description for the changelog
Submodule update for sonic-swss-common with following change:
```
2247dbe 2022-08-01 | Fix memory leak issue in ConfigDBConnector. (#655) [Hua Liu]
4af97d6 2022-07-27 | Add new table schemas for DASH (#654) [prabhataravind]
d72e5ea 2022-07-23 | Fix epoll and socket resource leak issue. (#651) [Hua Liu]
dda857b 2022-07-21 | Microsoft mandatory file (#620) [microsoft-github-policy-service[bot]]
4132d14 2022-07-21 | Fix PING database command not backward compatible with python version issue. (#650) [Hua Liu]
```
#### A picture of a cute animal (not mandatory but encouraged)
Co-authored-by: liuh-80 <azureuser@liuh-dev-vm-02.5fg3zjdzj2xezlx1yazx5oxkzd.hx.internal.cloudapp.net>
#### Why I did it
To support Yang models for SRV6 CM
#### How I did it
Added yang models for SRV6 MY_SID_ENTRY and Nexthop
#### How to verify it
Added SRV6 CRM yang tests.
#### Which release branch to backport (provide reason below if selected)
202111
#### Why I did it
Submodule update for sonic-dbsyncd with following change:
```
0d67faf 2022-07-28 | Replace pyswsssdk with sonic-py-common (#45) [Hua Liu]
265c833 2022-01-11 | Updated the Azure pipeline for Code Coverage (#44) [abdosi]
6548116 2021-04-04 | [ci]: add proper azp [Guohan Lu]
43b9dab 2021-04-04 | [pytest]: add pytest.ini [Guohan Lu]
```
#### How I did it
#### How to verify it
#### Which release branch to backport (provide reason below if selected)
<!--
- Note we only backport fixes to a release branch, *not* features!
- Please also provide a reason for the backporting below.
- e.g.
- [x] 202006
-->
- [ ] 201811
- [ ] 201911
- [ ] 202006
- [ ] 202012
- [ ] 202106
#### Description for the changelog
Submodule update for sonic-dbsyncd with following change:
```
0d67faf 2022-07-28 | Replace pyswsssdk with sonic-py-common (#45) [Hua Liu]
265c833 2022-01-11 | Updated the Azure pipeline for Code Coverage (#44) [abdosi]
6548116 2021-04-04 | [ci]: add proper azp [Guohan Lu]
43b9dab 2021-04-04 | [pytest]: add pytest.ini [Guohan Lu]
```
#### A picture of a cute animal (not mandatory but encouraged)
Co-authored-by: liuh-80 <azureuser@liuh-dev-vm-02.5fg3zjdzj2xezlx1yazx5oxkzd.hx.internal.cloudapp.net>
Why I did it
The bgpcfgd doesn't support deletion of 'zebra set src', if an interface is deleted, the bgpcfgd will drop a warning message. In current implementation, we only care about the loopback0 interface but not others.
To improve the log print to have the key info, which will give the name of the deleted interface. We can ignore it if it is not the loopback0 interface. The application layer should be aware of that update and deletion is not supported, delete or update with a new address of loopback0 could cause issue, this log can give enough info to root cause the issue.
How I did it
How to verify it
Upgrade submodule sairedis to take the fix for saithrift build
Upgrade SAI to latest for building in bullseye (#1093)
involve other changes in sairedis:
[sairedis] Fix reopen recoding file (#1087)
Update PN with XPN support (#1081)
[syncd] Remove error message when tryTranslateVidToRid fails (#1048)
Signed-off-by: richardyu-ms <richard.yu@microsoft.com>
feeac84 [counters] Keep counters cache in a single directory (#2232)
cd7909e Updated the CLI file for Radius and Linux kernel commands (#2276)
cd6898b Update db_migrator to support `PORT_QOS_MAP|global` (#2205)
8f4fc62 Revert "Revert "[scripts/fast-reboot] Shutdown remaining containers through systemd (#2133)" (#2161)" (#2184)
27667cf Fix test for pfcwd_sw_enable in db_migrator_test (#2253)
e1866e3 [MultiAsic] sudo reboot command doesn't gracefully stop Asic syncd# on multiasic platform (#2258)
9e3ba82 Change db_migrator major version on master branch from version 2 to 3 (#2272)
65346ce Microsoft mandatory file (#2177)
308e25f portconfig option to configure Tx power and laser frequency of ZR transceiver module (#2197)
e49b1e8 [vnet_route_check] Align DB data parse logic with format used by swsscommon API (#2268)
Signed-off-by: Stepan Blyschak <stepanb@nvidia.com>
Why I did it
This PR is to backport PR #11056 and PR #11045 into master branch.
This PR is to enable tunnel_qos_remap on T1 and T0 in DualToR deployment.
On T1, we check the property DownstreamRedundancyTypes. On T0, we check the property RedundancyType.
tunnel_qos_remap is set to enabled if gemini is in DownstreamRedundancyTypes (on T1) or RedundancyType (on T0).
How I did it
The change is implemented in minigraph.py.
How to verify it
Verified by test_minigraph_case.py and 'test_j2files.py`.
