#### Why I did it
To eliminate the need to write duplicate code in order to import a Python module from a source file.
#### How I did it
Add `general` module to sonic-py-common, which contains a `load_module_from_source()` function which supports both Python 2 and 3.
Call this new function in:
- sonic-ctrmgrd/tests/container_test.py
- sonic-ctrmgrd/tests/ctrmgr_tools_test.py
- sonic-host-services/tests/determine-reboot-cause_test.py
- sonic-host-services/tests/hostcfgd/hostcfgd_test.py
- sonic-host-services/tests/procdockerstatsd_test.py
- sonic-py-common/sonic_py_common/daemon_base.py
872f0a3 [Y-Cable] refactor get_firmware_version to comply with all vendors (#182)
cc162d6 [sonic_y_cable]: Decorate all method for mux simulator (#181)
fa02416 Change import order in Ycable helper and EEPROM read bytearray change in SFP plugin (#177)
0b60982 [thermal_base] Add setter functions for critical thresholds (#180)
10dc16f [y_cable] add support for enable/disable autoswitch feature on Y cable (#176)
c6c81a8 [fan_drawer_base.py] Fix FanDrawer get_status_led interface (#175)
Signed-off-by: vaibhav-dahiya <vdahiya@microsoft.com>
Make sure Everflow always gets classified as Mirror table and not as Control Plane on multi-asic platforms.
Why I did:
In Multi-asic platforms we generate Everflow acl table data from minigraph for both host and namespace.
It is possible in multi-asic minigraph if there are no external port-channel (Only Router Port IP Interface) then Everflow table will have no binded interface in host and will gets classified as Control Plane ACL while in namespace gets classified as Mirror Table.
For ACL Rule generation we read global db as source of truth for acl table information and so for everflow rule generation if tables gets classified as Control plane we can generate rules with invalid action causing orchagent to throw runtime error.
How I did:
If the table is attach to erspan interface in minigraph then it always gets classified as mirror table.
ASIC key used in system health daemon is not present in Dell platforms.
Fixes#6343
Got the thermal sensor list using 2.0 API and retrieved the ASIC keys.
- When generating L2 preset, check for dual ToR setting from CLI option `-a '{"is_dualtor": true}'`
- When dual ToR is specified, add subtype field to DEVICE_METADATA table
- When dual ToR is specified, add MUX_CABLE, TUNNEL, LOOPBACK_INTERFACE, and PEER_SWITCH tables
df46ed418e661a9bccdb2639d8873def356f8ba0 (HEAD -> master, origin/master, origin/HEAD) Fix the LLDP_LOC_CHASSIS not getting populated if no remote neighbors are present (#39)
e487532e11cc0e97cfce573b6b997fdd0beeb660 [CI] Set up CI&PR with Azure Pipelines (#38)
3c9f488490a1dbded20dbf2d8a88a5ab4dbda8df Replace swsssdk's SonicV2Connector with swsscommon's implementation (#35)
Signed-off-by: Abhishek Dosi <abdosi@microsoft.com>
Feb 17 Fix tests failing due to duplicate vxlan tunnel creation (#75)
Mar 11 Update route api to specify limitation (#77)
Apr 01 Add host_ifname field while adding entry in VLAN table (#80)
Unset CONFIG_THERMAL_STATISTICS to prevent kernel crash (#199)
[net] Disable prio and cls cgroups to make working cgroup2 sock matching (#198)
[doc]: Fix typos in README (#206)
[Mellanox] Backport patch to remove critical trip point from thermal zones (#201)
Signed-off-by: Stephen Sun <stephens@nvidia.com>
#### Why I did it
Plexus-utils before 3.0.16 is vulnerable to command injection because it does not correctly process the contents of double quoted strings.
#### How I did it
Upgrade to 3.0.16
c5be3ca4 [psud] Increase unit test coverage; Refactor mock platform (#154)
450b7d78 Bug fix: the fields that are not supported by vendor should be "N/A" in STATE_DB (#168)
Signed-off-by: Stephen Sun <stephens@nvidia.com>
Signed-off-by: Yong Zhao yozhao@microsoft.com
Why I did it
If device reboot was caused by kernel panic, then we need retrieve and store the key information into the symbol file previous-reboot-cause.json. The CLI show reboot-cause will read this file to get the reason of previous reboot.
This PR is related to PR in sonic-utilities repo: Azure/sonic-utilities#1486
How I did it
The string variable previous_reboot_cause will be parsed to check whether it contains the keyword Kernel Panic. If it did, then store the keyword and time information into a dictionary.
How to verify it
I verified this change on a virtual testbed.
admin@vlab-01:/host/reboot-cause$ more previous-reboot-cause.json
{"gen_time": "2021_03_24_23_22_35", "cause": "Kernel Panic", "user": "N/A", "time": "Wed 24 Mar 2021 11:22:03 PM UTC", "comment": "N/A"}
admin@vlab-01:/host/reboot-cause$ show reboot-cause
Kernel Panic [Time: Wed 24 Mar 2021 11:22:03 PM UTC]
* Add manageability to the yang model tests by splitting the tests
and config data for the tests into multiple files.
The "tests" directory contains all the tests and the "tests_config"
directory contains the configs used for the tests.
New tests can be added in new json files.
Signed-off-by: Joyas Joseph <joyas_joseph@dell.com>
Update the sonic-swss submodule to include failure notification for orchagent. The following is the new commit in the submodule.
fa983d2 Add failure notification for orchagent
this PR updates the following commits in sonic-platform-daemons
260cf2d [xcvrd] change firmware information fields name inside MUX_CABLE_INFO table for Y cable (#165)
cfa600f [thermalctld] Initialize fan led in thermalctld for the first run (#167)
8509f43 [thermalctld] Refactor to allow for greater unit test coverage; Add more unit tests (#157)
70f4e7b [syseepromd] Update warning message to be more informative (#160)
Signed-off-by: vaibhav-dahiya <vdahiya@microsoft.com>
[SFlowMgr] Sflow Crash on 200G ports handled (#1683)
Remove PGs from an administratively down port. (#1677)
Stablize the test case (#1679)
Revert "Revert "[buffermgr] Support maximum port headroom checking (#1607)" (#1675)" (#1682)
Signed-off-by: Stephen Sun <stephens@nvidia.com>
Dynamic Port Breakout fall in case "autoneg" field exist in config_db.
- How I did it
Added "autoneg" field in sonic-port yang model.
- How to verify it
Add "autoneg" field into config_db like this:
"Ethernet8": {
"index": "2",
"lanes": "8,9,10,11",
"fec": "rs",
"pfc_asym": "off",
"mtu": "9100",
"alias": "Ethernet8",
"admin_status": "up",
"autoneg": "on",
"speed": "100000",
},
Changes:
-- YANG models for PORTCHANNEL_MEMBER table.
-- Yang Model Test.
-- Yang Mgmt Test with PORTCHANNEL_MEMBER table in config_db.json
Signed-off-by: Praveen Chaudhary <pchaudhary@linkedin.com>
* [yang-models]: Remove PLY Extensions and change translation code.
With assumption that TABLE_SEPARATOR and ENTRY_SEPARATOR for configDB is always "|",
translation from configDB.json to sonicYang.json can be done based on keys specified
in YANG Lists inside YANG models. So removing extensions is good idea.
Changes:
-- Remove use of regex in Translation code.
-- Remove regex Extensions from YANG models.
-- Improved debugging i.e. log on stdout in case of any Exception from sonic-yang-mgmt,
so that failed tests can be debugged faster. Also this is good to debug Dynamic
port breakout issues.
-- Minor Test changes.
Co-authored-by: lguohan <lguohan@gmail.com>
IPV4ANY is not valid value, fix to IPv4ANY
without this change, test case failed sometimes when the validation on IP_TYPE happens first and then PACKET_ACTION.
* 1ee04fb (HEAD -> master, origin/master, origin/HEAD) Modified the tests to use mock functionality of get_child_port function under portconfig utility (#1464)
* 99d251f Enable PFCWD only on ports where PFC is enabled (#1508)
* eb7945f Warmboot script improvements - timeout exec, disable swss autorestart, remove trap (#1495)
* c7d4947 [show] Fix int status of LAGs, configured as Vlan members (#1478)
Signed-off-by: Maksym Belei <Maksym_Belei@jabil.com>
The default bgp connect retry timer is 120 seconds. A reconnection will happen 120 seconds if the initial connection fails. This PR aims to allow a more frequent retry.
Update sonic-sairedis submodule and also update sonic-swss submodule as there are interdependent changes.
* src/sonic-sairedis 13474d1...bc58b0f (12):
> Add gbsyncdmgrd; deprecate gbsyncd_startup.py (#809)
> Remove gbsyncd_start.sh (#808)
> [gbsyncd] Fix shebang in gbsyncd_startup.py; Make script executable (#807)
> [saiasiccmp] Add saiasiccmp tool to compare 2 asic views (#791)
> [configure] Add -Wno-psabi to remove "passing argument changed in GCC 7.1" (#799)
> Update FlexCounter.cpp, use m_pollInterval in MUTEX lock (#797)
> [vs] Add special warm boot logic to populate default attributes (#796)
> [ci]: add vstest (#795)
> [tests] Add macsec unittest (#782)
> [debian/control] libsairedis-dev depends on libzmq5-dev (#794)
> [ci]: use build template (#793)
> Rename duplicate file name (#773)
* src/sonic-swss 0b0d24c...5adb73e (47):
> Initialize system port type variable (#1681)
> [Dynamic Buffer Calc] Enhance the field checking in table handling (#1680)
> Handle the clear request for 'Q_SHARED_ALL' (#1653)
> [MuxOrch] FDB ageout safety check (#1674)
> Deactivate mirror session only when session status is true in updateLagMember (#1666)
> Revert "[buffermgr] Support maximum port headroom checking (#1607)" (#1675)
> reduce severity of log to info in case of flush on non-existing member (#1669)
> Revert "[Dynamic buffer calc] Bug fix: Remove PGs from an administratively down port. (#1652)" (#1676)
> [Dynamic buffer calc] Bug fix: Remove PGs from an administratively down port. (#1652)
> [acl] Move ACL table constants to acltable.h (#1671)
> [nbrmgrd] added function to parse IP address from APP_DB (#1672)
> [MUX/PFCWD] Use in_ports for acls instead of seperate ACL table (#1670)
> [vog/systemlag] Voq lagid allocator (#1603)
> Add table descriptions for dynamic buffer calculation to the documents (#1664)
> [vstest/subintf] Add vs test case to validate processing sequence of APPL DB keys (#1663)
> Remove vxlanmgrd dependency on orchagent (#1647)
> Keep attribute order in bulk mode (#1659)
> [mux] VS test for neigh, route and fdb (#1656)
> [linksync] Netdev oper status determination using IFF_RUNNING (#1568)
> [portorch] parse on/off value from autoneg (#1658)
> [intfsorch] Create subport with the entry contains necessary attributes (#1650)
> [ci]: Purge swss before install (#1654)
> Update StateDB with error if state change failed, Update APP_DB in all state chg req (#1662)
> Added changes to handle dependency check in FdbSyncd and FpmSyncd for warm-boot (#1556)
> [synchronous mode] Add failure notification for SAI failures in synchronous mode (#1596)
> [acl] Enable VLAN ID qualifier for ACL rules (#1648)
> Updated PFCWD to use single ACL table for PFCWD and MUX (#1620)
> [orchagent] Increase SAI REDIS response timeout to support FW upgrade during init (Mellanox only). (#1637)
> [vstest/nhg]: use dvs_route fixture to make test_nhg more robust
> [vstest]: add dvs_route fixture
> [vstest/subintf] Update vs tests to validate physical port host interface vlan tag attribute (#1634)
> Remove useless header in macsecorch (#1628)
> Add SAI_INGRESS_PRIORITY_GROUP_STAT_DROPPED_PACKETS counter, create new FlexCounter group (#1600)
> fixed unsupported resource issue (#1641)
> [test_virtual_chassis]: use wait_for to make test more robust (#1640)
> spell check fixes (#1630)
> [bufferorch] Handle NOT IMPLEMENTED status returned during set attr operation (#1639)
> [ci]: run vstest
> [test_virtual_chassis]: use wait_for function to improve test robustness
> [Mux] Neighbor handling based on FDB entry (#1631)
> [ci]: use build template (#1633)
> Log level change from ERR to INFO for fetch systemports issue (#1632)
> Migrate serdes programming to port serdes object (#1611)
> [tests] Remove legacy saiattributelist.h dependency (#1608)
> [buffermgr] Support maximum port headroom checking (#1607)
> Support shared headroom pool on top of dynamic buffer calculation (#1581)
> Fix the compiling errors in gcc9 (#1621)
c20bf60 Qi Luo Mon Mar 15 14:28:31 2021 -0700 Implement rfc4363 FdbUpdater for lag inside vlan (#203)
292024a abdosi Mon Mar 15 12:15:21 2021 -0700 Updated lldpRemManAddrTable to use all the management ip address associated with interface. (#201)
9b83459 liushilongbuaa Fri Mar 12 14:35:23 2021 +0800 [CI] Setup dummy azure pipeline (#198)
Signed-off-by: Abhishek Dosi <abdosi@microsoft.com>
* 553936b (HEAD, origin/master, origin/HEAD, master) route_check: Fix hanging & logging level (#1520)
* ed45412 [show][config] add support for setting and displaying switching modes on Y cable (#1501)
* bf46638 Handling error scenario of adding port to Vlan which is part of LAG (#1516)
* ae39883 Fix bug: show vlan config for vlan with no members (#1503)
* 3a482ac [test] Update unit test coverage for command 'show mac' (#1504)
* 4a0c010 [config] Disable/enable container monitoring when stopping/starting services (#1499)
Why I did it
It was observed that on a multi-asic DUT bootup, the BGP internal sessions between ASIC's was taking more time to get ESTABLISHED than external BGP sessions. The internal sessions was coming up almost exactly 120 secs later.
In multi-asic platform the bgp dockers ( which is per ASIC ) on switch start are bring brought up around the same time and they try to make the bgp sessions with neighbors (in peer ASIC's) which may be not be completely up. This results in BGP connect fail and the retry happens after 120sec which is the default Connect Retry Timer
How I did it
Add the command to set the bgp neighboring session retry timer to 10sec for internal bgp neighbors.
As discussed in the yang subgroup community meeting, this change is bring consistent naming-conventions for all different type of interfaces in sonic-yang-model. Particularly the key-attribute name. Since the relevant interface container does have a context about that interface, having a simple & clear key-attribute name will be sufficient. For e.g. PORT/PORT_LIST/port_name has been renamed as PORT/PORT_LIST/name. Similar changes are done for portchannel, VLAN & loopback interfaces as well.
Features may be enabled/disabled for the same topology based on run-time
configuration. This PR adds the ability to enable/disable feature based
on config db data.
signed-off-by: Tamer Ahmed <tamer.ahmed@microsoft.com>
Parse the value `AutoNegotiation` element from the `LinkMetadata` section of minigraph file. If the element is present, an `autoneg` key will be added to the port in the `PORT` table of Config DB with a value of either `off` or `on`
If an `autoneg` value is present in port_config.ini, the value from the minigraph will take precedence, overriding that value.
Also remove `AutoNegotiation` and `EnableAutoNegotiation` elements from the `DeviceInfo` section, as we will use this data in the `LinkMetadata` section to determine whether to enable auto-negotiation for a port.
* src/sonic-platform-daemons 068bccc...e5165b7 (7):
> [xcvrd] Fix crash: If 'dom_capability' not in port_info_dict, insert 'N/A' (#162)
> fix the muxcable state change notification received from other modules, omit the check inside hw_state table (#159)
> [xcvrd] Fix crash on platforms which support media settings with Python 3 (#158)
> [xcvrd] Save the dom_capability of transceiver into db (#72)
> [xcvrd] Fix xcvrd crash on other port prefixes (#123)
> [xcvrd] Make functions used for media setting python3 compatible (#153)
> [psud] Refactor unit tests; increase unit test coverage (#146)
Update FRR to 7.5.1. The following is a list of new commits.
```
df7ab485b FRRouting Release 7.5.1
f4ed841b8 Merge pull request #8187 from opensourcerouting/rpmfixes-75
86d5a20e3 Merge pull request #8193 from mjstapp/fix_signals_7_5
b339cc149 lib: avoid signal-handling race with event loop poll call
0f7b432c3 lib: add debug output for signal mask
c0290c86d lib: add sigevent_check api
7a5348665 doc: Fix CentOS 7 Documentation
2a8e69f48 Merge pull request #8064 from donaldsharp/foo
cf4d1a744 redhat: Fix changelog incorrect date format
b78dcb209 Merge pull request #8181 from idryzhov/7.5-zebra-blackhole
2032e7e72 zebra: don't use kernel nexthops for blackhole routes
e52003567 bgpd: When deleting a neighbor from a peer-group the PGNAME is optional
aa86a6a6f Merge pull request #8161 from mjstapp/fix_sa_7_5_backports
13a8efb4b Merge pull request #8156 from idryzhov/7.5-backports-2021-02-26
58911c6ed lib: Free memory leak in error path in clippy
556dfd211 lib: use right type for wconv() return val
bd9caa8f1 lib: fix some misc SA warnings
683b3fe3f lib: register dependency between control plane protocol and vrf nb nodes
b45248fb6 lib: add definitions for vrf xpaths
7b9f10d04 lib: add ability to register dependencies between northbound nodes
9c240815c bgpd: Bgp peer group issue
d1b43634b bgpd: upon bgp deletion, do not systematically ask to remove main bgp
f5d1dc55e bgpd: Fix crash when we don't have a nexthop
c2e463478 frr-reload: rpki context exiting uses exit and not end
f11db1698 bgpd: Blackhole nexthops are not reachable
c628e94ff staticd: fix vrf enabling
49b079ef1 staticd: fix nexthop creation and installation
0077038e9 staticd: fix nexthop validation
be3dfbbc7 zebra: use AF_INET for protocol family
```
Closes issue #6982.
The issue was root caused as we were using the unix_socket for reading from DB as a default mechanism (#5250). The redis unix socket is created as follows.
admin@str--acs-1:~$ ls -lrt /var/run/redis/redis.sock
srwxrw---- 1 root redis 0 Mar 6 01:57 /var/run/redis/redis.sock
So it used to work fine for the user "root" or if user is part of redis group ( admin was made part of redis group by default )
Check if the user is with sudo permissions then use the redis unix socket, else fallback to tcp socket.
this PR updates the following commits in sonic-utilities
13ce4b6 [show][config] fix show mux status health field; add support for hwmode functionality to toggle mux, check mux direction for Y cable (#1467)
f78e7ce [acl-loader] Improve input validation for acl_loader (#1479)
748dbbf [show] Fix 'show mac' output, when FDB entry with Vlan 1 is present (#1368)
64604db [acl] Expand VLAN into VLAN members when creating an ACL table (#1475)
10de91d [config reload]: On dual ToR systems, cache ARP and FDB tables (#1465)
10a359a [Mellanox] Change mellanox buffer migrator for new SKU Mellanox-SN2700-D40C8S8 (#1470)
38c8e00 [acl-loader] Add support for matching on ICMP and VLAN info (#1469)
e555ea9 [SKU creator] fix wrong speed in case breakout of 2x50 (#1380)
4a78c01 [config] Enable/disable container monitoring when starting/stopping the services. (#1471)
dd3c2c3 [warm-reboot] Check if warm restart flag is set when issuing a warm-reboot (#1460)
e32b5ac Add soft-reboot reboot type (#1453)
8b3bc18 [reload] Improve reload by using sonic.target. (#1199)
99673bc [reboot] Add platform-specific reboot cause update hook (#1454)
2f6e36e [CLI][techsupport] Add NOOP option for commands that did not have that option (#1445)
1fa4b94 [psushow] Add more output columns; Add option to output in JSON format (#1416)
79ccd03 [show] cli support for show muxcable cableinfo (#1448)
Signed-off-by: vaibhav-dahiya <vdahiya@microsoft.com>
Why I did it
We skip install of CNI plugin, as we don't need. But this leaves node in "not ready" state, upon joining master.
To fix, we copy this dummy .conf file in /etc/cni/net.d
How I did it
Keep this file in /usr/share/sonic/templates and copy to /etc/cni/net.d upon joining k8s master.
How to verify it
Upon configuring master-IP and enable join, watch node join and move to ready state.
You may verify using kubectl get nodes command
Changes:
— Remove unnecessary file libyang-python-tests/sample_config_db.json
— Keep only config in format of sonic_yang.json in yang_model_tests/yangTest.json.
— Keep config in format of config_db.json in file tests/files/sample_config_db.json
— Add a test case to validate yang models.
**- Why I did it**
As per discussion in sonic Yang workgroup, arranging files better so that Yang model can be in force for new config, also adding a test case to validate young models upto some extent.
**- How I did it**
Changes:
— Remove unnecessary file libyang-python-tests/sample_config_db.json
— Keep only config in format of sonic_yang.json in yang_model_tests/yangTest.json.
— Keep config in format of config_db.json in file tests/files/sample_config_db.json
— Add a test case to validate yang models.
**- How to verify it**
Build PKGs----Building-----
Includes the following commits:
1673d25 [y_cable] refactor upgrade firmware API's; Fix vendor and part number API's read size for read_eeprom (#174)
ed93a15 [sonic_platform_base] Proper use of class and instance attributes (#173)
691de92 [sonic_y_cable] add stub function for upgrade firmware of Y cable and split the get_part_number and get_vendor API's (#171)
Signed-off-by: vaibhav-dahiya <vdahiya@microsoft.com>
* [Submodule] Update sonic-swss till the commit:
0b0d24c - 2021-02-04 : [Mux] Route handling based on mux status, kernel tunnel support (#1615) [Prince Sunny]
To adjust config db generated via minigraph per matchmode changes in fine grained ecmp. The changes are done so that nexthop IP based filtering can occur to determine routes as requiring Fine Grained ECMP, in the past the only mode was to use the IP prefix of the route for filtering, with this matchmode change we will use nexthop IP based filtering
Azure/SONiC#727
How I did it
Change will modify config db entry created for FG_NHG to include 'match_mode': 'nexthop-based' so that nexthop IP based filtering can occur to determine routes as requiring Fine Grained ECMP. Changes also remove FG_NHG_PREFIX entry since its not needed under matchmode nexthop-based.
#### Why I did it
It is possible to have DHCP relay configuration with no servers/
helpers which result in DHCP container to crash. This PR fixes this
issue by not starting DHCP relay for vlans with no DHCP helpers.
resolves: #6931closes: #6931
#### How I did it
Do not add program group for dhcp relay with not dhcp helpers
#### How to verify it
Unit test
30d09be fix the muxcable state change notification received from other modules, omit the check inside hw_state table (#159)
32ec23c [xcvrd] Fix crash on platforms which support media settings with Python 3 (#158)
47bcf90 [xcvrd] Save the dom_capability of transceiver into db (#72)
b9381a5 [xcvrd] Fix xcvrd crash on other port prefixes (#123)
c3c1a59 [xcvrd] Make functions used for media setting python3 compatible (#153)
e179ffc [psud] Refactor unit tests; increase unit test coverage (#146)
Signed-off-by: vaibhav-dahiya <vdahiya@microsoft.com>
Update the sonic-swss-common submodule. The following are the commits in the submodule.
f01fede [debian/control] libswsscommon-dev depends on libbost-dev (#458)
607a8ce Convert return value of get_all function in SonicV2Connector to dict (#462)
Fix a strange bug introduced by https://github.com/Azure/sonic-buildimage/pull/6832 which would only occur in environments with both Python 2 and Python 3 installed (e.g., the PMon container). Error messages such as the following would be seen:
```
ERR pmon#ledd[29]: Failed to load ledutil: module 'importlib' has no attribute 'machinery'
```
This is very odd, and it seems like the Python 2 version of importlib, which is basically just a stub, is taking precedence over the Python 3 version. I found that this occurs when calling `import importlib`. However, calling `import importlib.machinery` and `import importlib.util` causes the proper package to be referenced, and the `machinery` and `util` modules are loaded successfully. This is how it is specified in examples in the official documentation, however there is nothing mentioned regarding that it *should* be done this way or that `import importlib` is unreliable.
Also, since sonic-py-common is still used in environments with Python 2 installed we should maintain support for both Python 2 and 3 until we completely deprecate Python 2, so I have added this back in.
There is a bug in how pyangbind translates yang models into python bindings. The model always sets integer values to 0 by default, so there is no way to check if a user has provided a value that is equal to 0. This is problematic for ICMP and VLAN (among others) because 0 is a valid input value.
This change converts ICMP and VLAN fields to union types so that acl-loader will treat them as null values unless a user explicitly adds an integer value.
Signed-off-by: Danny Allen <daall@microsoft.com>
1. Made the command next-hop-self force only applicable on back-end asic bgp. This is done so that BGPL iBGP session running on backend can send e-BGP learn nexthop. Back end asic FRR is able to recursively resolve the eBGP nexthop in its routing table since it knows about all the connected routes advertise from front end asic.
2. Made all front-end asic bgp use global loopback ip (Loopback0) as router id and back end asic bgp use Loopbacl4096 as ruter-id and originator id for Route-Reflector. This is done so that routes learnt by external peer do not see Loopback4096 as router id in show ip bgp <route-prerfix> output.
3. To handle above change need to pass Loopback4096 from BGP manager for jinja2 template generation. This was missing and this change/fix is needed for this also https://github.com/Azure/sonic-buildimage/blob/master/dockers/docker-fpm-frr/frr/bgpd/templates/dynamic/instance.conf.j2#L27
4. Enhancement to add mult_asic specific bgpd template generation unit test cases.
#### Why I did it
Some platforms have difficult to attach egress ACL to vlan.
#### How I did it
For egress ACL attaching to vlan, break them into vlan members.
#### How to verify it
Unit test
Tested in DUT
To fix [DPB| wrong aliases for interfaces](https://github.com/Azure/sonic-buildimage/issues/6024) issue, implimented flexible alias support [design doc](https://github.com/Azure/SONiC/pull/749)
> [[dpb|config] Fix the validation logic of breakout mode](https://github.com/Azure/sonic-utilities/pull/1440) depends on this
#### How I did it
1. Removed `"alias_at_lanes"` from port-configuration file(i.e. platfrom.json)
2. Added dictionary to "breakout_modes" values. This defines the breakout modes available on the platform for this parent port, and it maps to the alias list. The alias list presents the alias names for individual ports in order under this breakout mode.
```
{
"interfaces": {
"Ethernet0": {
"index": "1,1,1,1",
"lanes": "0,1,2,3",
"breakout_modes": {
"1x100G[40G]": ["Eth1"],
"2x50G": ["Eth1/1", "Eth1/2"],
"4x25G[10G]": ["Eth1/1", "Eth1/2", "Eth1/3", "Eth1/4"],
"2x25G(2)+1x50G(2)": ["Eth1/1", "Eth1/2", "Eth1/3"],
"1x50G(2)+2x25G(2)": ["Eth1/1", "Eth1/2", "Eth1/3"]
}
}
}
```
#### How to verify it
`config interface breakout`
Signed-off-by: Sangita Maity <samaity@linkedin.com>
Enable BBR config allowas-in 1 for internal peers
Why I did:
To advertise BBR routes learnt via e-BGP peer in one asic/namespace to another iBGP asic/namespace via Route Reflector.
What I did:-
For multi-asic platforms added iptable v4 rule to communicate on docker bridge ip
For multi-asic platforms extend iptable v4 rule for iptable v6 also
For multi-asic program made all internal rules applicable for all protocols (not filter based on tcp/udp). This is done to be consistent same as local host rule
For multi-asic platforms made nat rule (to forward traffic from namespace to host) generic for all protocols and also use Source IP if present for matching
- Why I did it
Group all SONiC services together and able to manage them together. Will be used in config reload command as much simpler and generic way to restart services.
- How I did it
Add services to sonic.target
- How to verify it
Together with Azure/sonic-utilities#1199
config reload -y
Signed-off-by: Stepan Blyshchak <stepanb@nvidia.com>
Migrate from using the `imp` module to using the `importlib` module. As of Python 3, the `imp` module has been deprecated in favor of the `importlib` module.
183162f Fix issue: expect redis pubsub data to be str type instead of bytes type (#196)
#### Why I did it
Update submodule pointer for snmpagent to include PR https://github.com/Azure/sonic-snmpagent/pull/196
#### How I did it
Update submodule pointer for snmpagent
#### How to verify it
Run build
It is possible that one interface attaches multiple vlans. The VlanInterface should be in tagged mode.
Signed-off-by: Qi Luo <qiluo-msft@users.noreply.github.com>
Change in this update:
b75aab7 [swss-common] Add LINKMGR CFG and MUX LINKMGR state table names (#421)
4a77d1c [ci]: add vstest (#459)
07258a6 [ci]: use build template (#457)
ddcae3e runRedisScript api to process integer returned by script run in the redis (#447)
33d89c7 [systemlag] Schema defs for system lag (#448)
af01f37 spell check fixes (#456)
7afd43d Update to make getNamespaces() API at par with the get_ns_list() swssdk-py API. (#455)
signed-off-by: Tamer Ahmed <tamer.ahmed@microsoft.com>
This PR includes the following commit in sonic-platform-daemons
068bccc [xcvrd] Store mux_cable telemetry data in State DB (#148)
93cac0a [ci]: download from sonic-buildimage.vs artifact (#152)
d651e9b [GitHub] Add pull request template (#151)
bd7830b [pcied] Remove unnecessary message and move the configuration path (#144)
9080fda [ci] Call pip2/3 using sudo (#150)
de60784 [ci] Test and build packages using Azure Pipelines (#149)
8bf0fd1 [ledd] Refactor to allow for more thorough unit testing; Increase unit test coverage (#147)
26bdc9e Set up CI with Azure Pipelines
1fcaa57 [pcied] Add PCIe AER stats collection (#100)
Signed-off-by: vaibhav-dahiya <vdahiya@microsoft.com>
Update FRR 7.5 head. The following is a list of new commits.
```
e2f17ae47ad047e66923c2ff1e84c9ba10d4ad38 Merge pull request #8096 from idryzhov/7.5-backports-2021-02-16
380341362ced8e317c18b7395acb012de1f23acd ospf6d: Don't send hellos on loopback interface
7fa78b659f8e720466e0df62689327ea4b9ff867 bgpd: send correct BMP down message when nht fails
385faf6c079a41def1e6eb882cbfd50047559644 [filter]: change return code for errors
d9a0e9a2934f2f75c64496fe4c724a18aa581fcb bfdd: fix session lookup
08afa0a75311a4e8cb2a18116384b603f7f2d751 ospf6d : fix issue in ecmp inter area route
2299afa1a9128d87d5169742b993c0ada575eb83 ospfd: Prevent duplicate packet read in certain vrf situations
ff42a28af659ee61c0efb877b10738a5812f4bc2 vrf: use wrappers to change VRF_CONFIGURED flag
2bdc59ca21da2d67b77ec70a2fadffbca60690cd vrf: mark vrf as configured when entering vrf node
b9611f65a71adc0b8fa14a5a4d1a8f44e04dcd85 ospf6d: Fix LSA formatting out-of-bounds access
610ebf56913fa56167b0a2a127b07afe020a1efe bfdd: Prevent use after free ( again )
35b0cd5d753dda9aa70ea1c06db61a8d4b8671e3 *: Fix usage of bfd_adj_event
95b8915d0f4de3eae5438632ecd0827061ef48e8 ospf6d: Fix LSA formatting inconsistent retvals
49d73d8be84dbd23d767697474019165e511786c pimd: SGRpt prune received during prune didn't override holdtime
1d0d19afa9bb7cd4bc476d00c887876bc04eee95 eigrpd: Correctly set the mtu for eigrp packets sent
bbb08db69f8eb554d23b4920c1c1e3982d8d2a91 zebra: Prevent sending of unininted data
0813d650a8120458ab7d9317061f3864dbc6f2f7 ospf6d: prevent use after free
2f2e981d967b36b240fca82fea8a961d927ef43c lib: Prevent unininted usage of data
6171becdb391ea5b88916a3a28b04b555e1fc518 bfdd: Prevent storage of ifp pointer that has been deleted
9ebb41cf4bb51e0872796530bf8c7a4d819053db bfdd: Prevent unininited data transmittal
72e16db6fea3629111537f9eb10c86f2d275adcb eigrpd: Prevent uninitialized value from being used
72b61a5bb09d59c3cc0d1d401d51de96949dff52 zebra: disallow resolution to duplicate nexthops
1083bae40b00c0ed2c9f3521ae1ab9675a87202e bgpd: Initialize bgp_notify.raw_data before passing to bgp_notify_receive()
31df7314310416f10c133dcfe9c4586edadf3fbb doc: ebgp-requires-policy requires manuall session clearing
ecc8ec678d2d8a1c3d1d50a22732f9fc4bad689c watchfrr: fix SA warning
9d9365d161979a031de817c1fbcab6508dfee013 watchfrr: fix crash on missing optional argument
907e600d63c1c5b6bda40b0a08344a72533b1787 pimd: Prevent use after free
b47374f0e95d99c93bfe2d14afe55219a9fda455 doc: Update bgp doc for more rfc-8212 talk
4fbeef60cc8dc5362ff84fc91d1a4e343e4e32c7 docker: centos 7, 8 yang bump and repo fixes
808e6d731f330df4a91fdfd6df6a3c8dce1651a6 docker: prefer alpine:latest for building
91b3c471f1c48818370a0f218add917f0d46aa47 Merge pull request #8092 from donaldsharp/7.5_track
60be43c0bf63c16ca42008fa802d0a2050f3fce2 Merge pull request #8090 from ton31337/fix/static_network_vrf_7.5
1f6785aa60cc57a5c8d5de98c9c09a344a0c9262 ospf6d: Track wait_timer and disable when needed
c89e326be91312bed066eb2447ea8944e25a225e bgpd: Check for peer->su_remote if not NULL when handling IPv6 nexthop
15e070f6448870c98c030b6b5013ad8750d8918b Merge pull request #8047 from pguibert6WIND/nhrp_shortcut_routes_75
912994efec94082ae7d8c5e014c410964bea19f4 Merge pull request #8034 from qlyoung/fix-gnu-readline-bracketed-paste-7.5.1
9f50536993f1eb900fbfbe98d21b8c072bbd9c15 nhrpd: replace nhrp route nexthop with onlink route when prefix=nh
8c185008246db31c34574d7b79358001ac411f84 nhrpd: shortcut routes installed with nexthop.
c46c87d19758040bc3f3902ab8e4a0f1bb908721 vtysh: disable bracketed paste in readline
20b35e4c3386de798f3b0cb9f2a7e6b04d995485 Merge pull request #8018 from ton31337/fix/drop_aggregate_as_attribute_if_malformed_7.5
fa25d7327fd64613cc7530aba2edfcde038da074 bgpd: Unset only aggregator flag when AGGREGATOR_AS is 0
3ee9a3726fe1a526d946c1978487a4509fe98f29 bgpd: Drop aggregator_as attribute if malformed in case of BGP_AS_ZERO
be88595c6a2011f0e882bfa663baa61c86ede14e Merge pull request #8005 from opensourcerouting/snap-libyang1-fix-75
fd840ad37f2e836b210c6e60fc6325a4c3e495ce snapcraft: Update rtrlib to 0.7.0
3d00552fa9aedb96acd7ea773bc14fd2b77e7e0f snapcraft: Fix passthrough path for Libyang 1.x
```
This PR updates the following commits
c6b642b [ci]: download from sonic-buildimage.vs artifact (#168)
e76ecc6 [sonic_y_cable] add support for retrieving firmware info for Y cable, internal and nic temperature and voltage (#162)
f9cf8c9 [GitHub] Add pull request template (#167)
c31636e [ci] Call pip2/3 using sudo (#166)
5521f67 [ci] Test and build packages using Azure Pipelines (#164)
faca35c [ci]: Set up CI with Azure Pipelines
Signed-off-by: vaibhav-dahiya <vdahiya@microsoft.com>
Commits include:
* src/sonic-utilities c7e46c9...42cab68 (3):
> [consutil] Look for udevprefix.conf file under platform dir, not plugins (#1431)
> [ci]: download from sonic-buildimage.vs artifact (#1428)
> [storyteller] sort output by time and improve lag support (#1430)
sonic-utilities 28d358f...f5b8a1e (22):
> Fix deprecation warnings (#1423)
> Fix: initialize SonicDBConfig differently for single or multi_asic (continued) (#1417)
> [multi-asic] show ip interface changes for multi asic (#1396)
> [show mux]: Sort output by intf name (#1418)
> [ci] Test and build package using Azure Pipelines (#1406)
> [GitHub] Tweak PR and issue templates (#1419)
> Import 'mock' module from 'unittest' library (#1415)
> Revert "Add FW dump with new SAI implementation (#1338)" (#1407)
> [config reload]: Restart macsec container (#1410)
> [pcieutil] Remove the warning message and change the config file location (#1362)
> Fix: initialize SonicDBConfig differently for single or multi_asic (#1409)
> Support shared headroom pool on top of dynamic buffer calculation (#1348)
> Fix unsupported fs.squashfs extraction in sonic-installer (#1366)
> [show] Use proper variable to avoid exception in natshow script (#1383)
> Set up CI with Azure Pipelines
> [config reload]: Restart mux container (#1401)
> Advertise ipv6 link local address (#1402)
> [storyteller] Enhance the storyteller utility (#1400)
> [show] Fix int status when portchannel is in the system (#1376)
> [config][show] cli support for retrieving ber, eye-info and configuring prbs, loopback on Y-cable (#1386)
> Skip route check for tun0 interfaces (#1399)
> do not parse stderr to get correct routing stack (#1398)
> [storyteller] allow storyteller to work on downloaded logs (#1388)
> [vrf]: Fix freezing during interface binding (#1325)
> Use SonicV2Connector/ConfigDBConnector/SonicDBConfig from swsscommon instread of swsssdk (#1392)
Signed-off-by: Lawrence Lee <lawlee@microsoft.com>
Submodule commits included:
* src/sonic-platform-common 6ad0004...bd4dc03 (1):
> [sonic_sfp/qsfp_dd.py] Update DOM capability method name to align with other drivers (#163)
Also align all calling function names to match.
- Why I did it
To move ‘sonic-host-service’ which is currently built as a separate package to ‘sonic-host-services' package.
- How I did it
- Moved 'sonic-host-server' to 'src/sonic-host-services' and included it as part of the python3 wheel.
- Other files were moved to 'src/sonic-host-services-data' and included as part of the deb package.
- Changed build option ‘INCLUDE_HOST_SERVICE’ to ‘ENABLE_HOST_SERVICE_ON_START’ for enabling sonic-hostservice at boot-up by default.
check the uid before modify local user account.
when run sudo, the process the invoke nss_tacplus library
does not have priviledge to modify the user profile, and
will generate below error messages:
user_rw@sonic:~$ sudo bash
usermod: Permission denied.
usermod: cannot lock /etc/passwd; try again later.
usermod: Permission denied.
usermod: cannot lock /etc/passwd; try again later.
Signed-off-by: Guohan Lu <lguohan@gmail.com>
Changed Error log to Notice log during FDB flush notification after VLAN delete (#1618) 288fb40d8ff4ec825645c2fbab1e79f50881a9f2
- How to verify it
Create a VLAN and add member port to it. Then inject traffic on the member port for that VLAN. Ensure that FDB entry is learnt for that VLAN member port. Then remove the member port and remove VLAN. Check if you get a NOTICE log that "failed to locate VLAN" appears in syslogs.
Co-authored-by: Madhan Babu <madhan@l-csi-0241l.mtl.labs.mlnx>
* 28d358f 2021-02-01 | [show] Run fwutil with sudo (#1364) (HEAD) [Volodymyr Boiko]
* a50b7a2 2021-01-29 | [ecnconfig] Allow ecn unit test to run without sudo (#1390) [Neetha John]
* 8a1109e 2021-01-29 | [sonic-installer] Add information to syslog (#1369) [Dmytro]
* c7c01e4 2021-01-27 | [show] fix "show interfaces breakout" command (#1198) [Dmytro Shevchuk]
* 7a8024a 2021-01-27 | Prevent user from adding more then a single untagged VLAN to an interface (#1382) [Eran Dahan]
* 41e62c6 2021-01-26 | [pcieutil] Add 'pcie-aer' sub-command to display AER stats (#1169) [Arun Saravanan Balachandran]
* 47f412b 2021-01-25 | Improve robustness of consutil plugin loading (#1353) [Samuel Angebault]
* 64aa1b8 2021-01-26 | [show] Fix warnings, related to gearbox, while show commands execution (#1343) [maksymbelei95]
* ff226d0 2021-01-25 | Prevent configuring IP interface on a port which is a member of VLAN (#1374) [Eran Dahan]
* f1522b9 2021-01-21 | [config_mgmt.py]: Set leaf-list to empty list while port breakout. (#1268) [Praveen Chaudhary]
* 99c05d5 2021-01-21 | add vlan_intf_object only if there are ipv4 or ipv6 mappings (#1377) [Sumukha Tumkur Vani]
* b082684 2021-01-21 | [ecn] Add tests for ecnconfig command (#1372) [Neetha John]
* 23e0920 2021-01-21 | [sfpshow] Enhance QSFP-DD DOM information (#1207) [shlomibitton]
* f4edba1 2021-01-20 | [ecnconfig] handle backend port names when extracting port I/F ID from the port name (#1361) [Mahesh Maddikayala]
Signed-off-by: Guohan Lu <lguohan@gmail.com>
When we add allow-list key with action above route-map gets updated . For eg if we add deny action above template will become to no-export community. Now if we delete the key Issue is we still keep the no-export and do not move back to drop community.
This PR fixes this issue by rolling back default route-map community value back to constants.yml default action.
