Commit Graph

6786 Commits

Author SHA1 Message Date
Samuel Angebault
8ae03c994d [Arista] Update platform library (#10922)
- Implement Pcie plugin for chassis
- Implement set_admin_status for chassis modules
- Fix phy declaration for phy-credo
2022-07-22 22:15:34 +00:00
Neetha John
f92e3e8262 Update 7260 MMU and ECN settings (#11449)
Signed-off-by: Neetha John <nejo@microsoft.com>

Why I did it
Improve throughput and latency for 7260 deployments

How I did it
Update the dynamic threshold to 0 and ECN settings as 2mb/10mb/5%

How to verify it
Updated unit tests to use the modified values for 7260 ecn settings.
2022-07-22 22:14:41 +00:00
zitingguo-ms
e13df585ee [bcm sai]upgrade Broadcom SAI to 7.1.0.0-6 (#11410)
- Default Not to report Single bit ECC correctable events to avoid the need to set SOC porperties.

Signed-off-by: zitingguo <zitingguo@microsoft.com>
2022-07-22 22:14:28 +00:00
Ying Xie
aee974269f [minigraph] allow LibraPeeringLink to be dualtor indication as well (#11492)
Signed-off-by: Ying Xie <ying.xie@microsoft.com>
2022-07-21 15:26:11 +00:00
vdahiya12
3829faf2c9
[caclmgrd][dualtor] add iptables rule for dualtor gRPC to allow packets getting forwarded from loopback IP (#11458)
This PR is a required for changing the L3 IP forwarding Behavior to SoC in active-active toplogy. Basically, for getting a packet to be forwarded to the SoC IP in active-active topology, the requirement is to use the the LoopBack 3 IP inside SONiC device as the SRC IP. This is required because in active-active topology by default if the ToR wants to send packet to the SoC, it would pick the Vlan IP since that's the IP in the subnet, but since there are firewalls inside the SoC , the IP packets with Vlan IP as src IP in the IP header will be dropped. Hence to overcome this limitation, there is an iptable nat rule that is installed inside the kernel, with which all the packets which have SoC IP as destination IP, use Loopnack 3 IP as src in IP header

How I did it
check the config DB if the ToR is a DualToR and has an SoC IP assigned.
put an iptable rule
iptables -t nat -A POSTROUTING --destination -j SNAT --to-source "
Signed-off-by: vaibhav-dahiya vdahiya@microsoft.com
2022-07-20 09:00:28 -07:00
Ying Xie
3e9c1d16c1
[202205][platform-daemon] move submodule head (#11475)
platform-daemon:
* 17f886d 2022-07-18 | [ycabled] remove some redundant logging for active-active cable type (#274) (HEAD -> 202205, github/202205) [vdahiya12]

Signed-off-by: Ying Xie <ying.xie@microsoft.com>
2022-07-18 17:58:32 -07:00
Ying Xie
10cafd5490
[202205][swss][sairedis] advance submodule head (#11463)
swss:
* 7841930 2022-07-15 | [vxlan]Fixing L2MC vlan member caching issue (#2378) (HEAD -> 202205) [Sudharsan Dhamal Gopalarathnam]
* b8cd435 2022-07-14 | [muxorch] Always use direct link for SoC IPs (#2369) [Longxiang Lyu]
* 6158d5c 2022-07-08 | Add BGP profile to Vnet routes (#2337) [Prince Sunny]
* bdb7ffd 2022-07-06 | [teammgr]: Waiting MACsec ready before doLagMemberTask (#2286) [Ze Gan]

sairedis:
* 58359d4 2022-06-30 | [sairedis] Perform log rotate on request (#1058) (HEAD -> 202205, github/202205) [Kamil Cudnik]
* cad0268 2022-07-13 | Enable cisco debug shell by default (#1078) [VenkatCisco]

Signed-off-by: Ying Xie <ying.xie@microsoft.com>
2022-07-18 10:44:20 -07:00
bingwang-ms
f7cc66ad4c Add flag to control the generation of PORT_QOS_MAP|global entry (#11448)
Why I did it
This PR is to add a flag to control whether to generate PORT_QOS_MAP|global entry or not.
It's because for some HWSKU, such as BackEndToRRouter and BackEndLeafRouter, there is no DSCP_TO_TC_MAP defined.
Hence, if the PORT_QOS_MAP|global entry is generated, OA will report some error because the DSCP_TO_TC_MAP map AZURE can not be found.

Jul 14 00:24:40.286767 str2-7050qx-32s-acs-03 ERR swss#orchagent: :- saiObjectTypeQuery: invalid object id oid:0x7fddb43605d0
Jul 14 00:24:40.286767 str2-7050qx-32s-acs-03 ERR swss#orchagent: :- meta_generic_validation_objlist: SAI_SWITCH_ATTR_QOS_DSCP_TO_TC_MAP:SAI_ATTR_VALUE_TYPE_OBJECT_ID object on list [0] oid 0x7fddb43605d0 is not valid, returned null object id
Jul 14 00:24:40.286767 str2-7050qx-32s-acs-03 ERR swss#orchagent: :- applyDscpToTcMapToSwitch: Failed to apply DSCP_TO_TC QoS map to switch rv:-5
Jul 14 00:24:40.286767 str2-7050qx-32s-acs-03 ERR swss#orchagent: :- doTask: Failed to process QOS task, drop it
This PR is to address the issue.

How I did it
Add a flag require_global_dscp_to_tc_map to control whether to generate the PORT_QOS_MAP|global entry. The default value for require_global_dscp_to_tc_map is true. If the device type is storage backend, the value is changed to false. Then the PORT_QOS_MAP|global entry is not generated.

How to verify it
Update the current test_qos_dscp_remapping_render_template to cover storage backend.
2022-07-17 03:20:20 +00:00
Neetha John
aa63d3101d Minigraph parser changes to select mmu profiles based on SonicQosProfile attribute (#11429)
Signed-off-by: Neetha John <nejo@microsoft.com>

Why I did it
There is a need to select different mmu profiles based on deployment type

How I did it
There will be separate subfolders (RDMA-CENTRIC, TCP-CENTRIC, BALANCED) in each hwsku folder which contains deployment specific mmu and qos settings. SonicQosProfile attribute in the minigraph will be used to determine which settings to use. If that attribute is not present, the default settings that exist in the hwsku folder will be used
2022-07-17 03:20:07 +00:00
xumia
3f0c82c831 [Build] Cleanup the version deb preference file after build (#11414)
Why I did it
Cleanup the version deb preference file after build.
The version file is no use after build.

How I did it
Remove the no use version file.
2022-07-17 03:19:54 +00:00
SuvarnaMeenakshi
40b47e96ce [caclmgrd]: Add infrastructure to support adding feature specific acls (#11367)
Why I did it
Add infrastructure to support adding feature specific acls.
If feature specific ACLs has to be added:

if feature_name in self.feature_present and self.feature_present.get('feature_name'):
    add_feature_specific_acls()
How I did it
Add function to get features present in feature table.

How to verify it
unit-test passes.
2022-07-17 03:17:28 +00:00
Stepan Blyshchak
3607686fd1 [teamd] Stop teamd after stopping swss in fast-reboot (#11210)
- Why I did it
To optimize fast-reboot. Teamd can be stopped after bgp is stopped and after swss is stopped because the last LACP packet can be sent still since syncd is still running. Saves 15 sec on shutdown.

- How I did it
Defined in the manifest for teamd to be stopped after swss

- How to verify it
Run it on the switch.

Signed-off-by: Stepan Blyschak <stepanb@nvidia.com>
2022-07-17 03:16:54 +00:00
Lawrence Lee
669687385b [device]: Add SAI checksum verify to TD3 config (#8857)
* [device]: Add SAI checksum verify to TD3 config
* A new config option was added to control the value of IPV4_INCR_CHECKSUM_ORIGINAL_VALUE_VERIFY in the EGR_FLEX_CONFIG control register (this prevents checksums of 0xffff from being propagated to other devices)
2022-07-17 03:11:54 +00:00
Liu Shilong
80ae988be4
[ci] Enable reproducible build in PR checks. (#11411)
* [ci] Enable reproducible build in PR checks.
2022-07-13 16:58:37 +08:00
xumia
d3ae762db5
[Build] Add the missing debian security mirrors in slave images (#11305) (#11314)
Why I did it
Cherry-pick from #11305

The build below was broken, it was caused by one of the required debian mirror missing.
https://dev.azure.com/mssonic/build/_build/results?buildId=116719&view=logs&j=88ce9a53-729c-5fa9-7b6e-3d98f2488e3f&t=88f376cf-c35d-5783-0a48-9ad83a873284

 libpci-dev : Depends: libudev-dev (>= 196) but it is not going to be installed
 libsystemd-dev : Depends: libsystemd0 (= 232-25+deb9u14) but 232-25+deb9u13 is to be installed
How I did it
Add the missing mirrors for buster and stretch.
2022-07-13 11:08:11 +08:00
mssonicbld
63a3631d98
[ci/build]: Upgrade SONiC package versions (#11425)
Upgrade SONiC Versions
2022-07-13 07:08:33 +08:00
Ying Xie
cd991bb8e1 [Buffer] Separate buffer profile for Arista-7060CX-32S-Q24C8
Signed-off-by: Ying Xie <ying.xie@microsoft.com>
2022-07-12 15:05:19 -07:00
Ying Xie
43b2f15286 [7060] fix default port map
Signed-off-by: Ying Xie <ying.xie@microsoft.com>
2022-07-12 15:05:19 -07:00
zzhiyuan
a0265de430 [Arista] [201811] Add Arista-7260CX3-D96C16 HWSKU (#10034)
Why I did it
This was an ask by Microsoft to provide:
7260 config.bcm file for hardware sku Arista-7260CX3-D92C16 (Named Arista-7260CX3-D96C16).

There are 16 100G uplinks:
Ethernet13-20/1
Ethernet45-52/1

All other ports are breakout to 2 50G ports.

How I did it
Copied existing Arista-7260CX3-D108C8 HWSKU and altered the bcm.config and port_config.ini files.

How to verify it
The new 100G ports do come up with a 201811 image using this HWSKU.

Co-authored-by: Zhi Yuan (Carl) Zhao <zyzhao@arista.com>
2022-07-12 15:05:19 -07:00
Kevin Wang
7566032403 [Buffer] Separate buffer profile for Arista-7260CX3-Q64
Signed-off-by: Kevin Wang <shengkaiwang@microsoft.com>
2022-07-12 15:05:19 -07:00
Kevin Wang
a62af01e9e [Buffer] Separate buffer profile for Arista-7260CX3-D108C8
Signed-off-by: Kevin Wang <shengkaiwang@microsoft.com>
2022-07-12 15:05:19 -07:00
Kevin Wang
8b9f1fb65d [Buffer] Separate buffer profile for Arista-7260CX3-C64
50G data is not accurate, needs further update.

Signed-off-by: Kevin Wang <shengkaiwang@microsoft.com>
2022-07-12 15:05:19 -07:00
Kevin Wang
b929929f0c [Buffer] Separate buffer profile for Arista-7060CX-32S-C32
Signed-off-by: Kevin Wang <shengkaiwang@microsoft.com>
2022-07-12 15:05:19 -07:00
Kevin Wang
a0c38a9c81 [Buffer] Separate buffer profile for Arista-7060CX-32S-D48C8
Signed-off-by: Kevin Wang <shengkaiwang@microsoft.com>
2022-07-12 15:05:19 -07:00
Kevin Wang
634b4ee1f2 [Buffer] Separate buffer profile for Arista-7060CX-32S-Q32
Signed-off-by: Kevin Wang <shengkaiwang@microsoft.com>
2022-07-12 15:05:19 -07:00
Kevin Wang
b245ee7860 [Buffer] Separate buffer profile for Celestica-DX010-D48C8
Signed-off-by: Kevin Wang <shengkaiwang@microsoft.com>
2022-07-12 15:05:19 -07:00
Kevin Wang
0c94b72c2a [Buffer] Separate buffer profile for Force10-S6100
Signed-off-by: Kevin Wang <shengkaiwang@microsoft.com>
2022-07-12 15:05:19 -07:00
Ying Xie
9494b724e3 [buffer] create infrastructure to enable buffer/QoS profiles
Signed-off-by: Ying Xie <ying.xie@microsoft.com>
2022-07-12 15:05:19 -07:00
xumia
4000453af3
Upgrade openssh to 8.4p1-5+deb11u1 (#11408)
Why I did it
Cherry-pick: #11405
Fix the openssh build issue, upgrade from 8.4p1-5 to 8.4p1-5+deb11u1.

https://dev.azure.com/mssonic/build/_build/results?buildId=120209&view=logs&j=88ce9a53-729c-5fa9-7b6e-3d98f2488e3f&t=8d99be27-49d0-54d0-99b1-cfc0d47f0318

+ sudo dpkg --root=./fsroot-broadcom -i target/debs/bullseye/openssh-server_8.4p1-5_amd64.deb
dpkg: warning: downgrading openssh-server from 1:8.4p1-5+deb11u1 to 1:8.4p1-5
(Reading database ... 44818 files and directories currently installed.)
Preparing to unpack .../openssh-server_8.4p1-5_amd64.deb ...
Unpacking openssh-server (1:8.4p1-5) over (1:8.4p1-5+deb11u1) ...
dpkg: dependency problems prevent configuration of openssh-server:
 openssh-server depends on openssh-client (= 1:8.4p1-5); however:
  Version of openssh-client on system is 1:8.4p1-5+deb11u1.

dpkg: error processing package openssh-server (--install):
 dependency problems - leaving unconfigured
Errors were encountered while processing:
 openssh-server
+ clean_sys

How I did it
Upgrade openssh from 8.4p1-5 to 8.4p1-5+deb11u1.
2022-07-11 22:30:00 +08:00
xumia
2b086eb429
[Bug]: fix the version file name issue (#11072) (#11415)
Why I did it
Cherry pick PR: #11072
[Bug]: fix the version file name issue

Why I did it
[Bug]: fix the version file name issue
Fix the build failure: https://dev.azure.com/mssonic/build/_build/results?buildId=107211&view=results

+ scripts/build_debian_base_system.sh amd64 bullseye ./fsroot-centec
sed: can't read /tmp/tmp.glTzJefV24/version-deb: No such file or directory
Not found host-base-image packages, please check the version files in files/build/versions/host-base-image

How I did it
Change the version-deb, to versions-deb
And add an improvement for host base image build, if the version path not exist, skipped the version control for base image.

How to verify it
https://dev.azure.com/mssonic/build/_build/results?buildId=107587&view=results
2022-07-11 19:22:46 +08:00
Ying Xie
f98814db30
[202205][utilities][platform-daemon] advance submodule head (#11384)
utilities:
* 9f496a0 2022-07-06 | Update load minigraph to load backend acl (#2236) (HEAD -> 202205, github/202205) [Neetha John]
* ea938e3 2022-07-07 | Add support for IP interface loopback action (#2192) [Lior Avramov]
* a0b04de 2022-07-07 | [show] add new CLI to show tunnel route objects (#2255) [Jing Zhang]

platform-daemon:
* e03d6a9 2022-07-06 | [ycabled][grpc] Fix some time interval,options for grpc keep alive to work (#271) (HEAD -> 202205, github/202205) [vdahiya12]

Signed-off-by: Ying Xie <ying.xie@microsoft.com>
2022-07-09 07:57:03 -07:00
mssonicbld
0fb00ff90c
[ci/build]: Upgrade SONiC package versions (#11396) 2022-07-08 14:27:03 +00:00
Liu Shilong
be4501493e
[ci] Fix test stage dependency issue. (#11386) (#11390)
Why I did it
When any of the test job failed in the test stage, the rerun will not work, the test stage will be skipped automaticall, so we do not have chance to rerun the test stage again, and the checks of the test will be always in failed status, block the PR to merge forever.

It should be caused by the condition in the Test stage, we should specify the status of the BuildVS stage.

How I did it
Fix stage dependency logic.
2022-07-08 14:27:29 +08:00
xumia
9c6b9c9563 [Build] Fix the missing debian package for reproducible build issue (#11333)
Why I did it
Fix the missing debian package for reproducible build issue.

The gnupg2 should be added into the version file.
https://dev.azure.com/mssonic/build/_build/results?buildId=118139&view=logs&j=88ce9a53-729c-5fa9-7b6e-3d98f2488e3f&t=8d99be27-49d0-54d0-99b1-cfc0d47f0318

The following packages have unmet dependencies:
 gnupg2 : Depends: gnupg (>= 2.2.27-2+deb11u2) but 2.2.27-2+deb11u1 is to be installed
E: Unable to correct problems, you have held broken packages.

The issue was caused by the gnupg2 removed, and not detected.
sonic-buildimage/build_debian.sh

Line 250 in 4fb6cf0

 sudo LANG=C chroot $FILESYSTEM_ROOT apt-get -y remove software-properties-common gnupg2 python3-gi 
How I did it
Export the debian packages when any debian package being removed.
2022-07-07 21:20:30 +00:00
pavannaregundi
fea173d54e [Marvell-armhf] Fix kernel hang due to kernel upgrade to 5.10.103 (#11298)
Give more room for the kernel image in memory

Change-Id: I015856d173d50d94e30d8c555590efb70eb712ae
Signed-off-by: Pavan Naregundi <pnaregundi@marvell.com>
2022-07-07 21:20:20 +00:00
Neetha John
37c2370165 Minigraph parser changes for storage backend acl (#11221)
Signed-off-by: Neetha John nejo@microsoft.com

Why I did it
For storage backend, certain rules will be applied to the DATAACL table to allow only vlan tagged packets and drop untagged packets.

How I did it
Create DATAACL table if the device is a storage backend device
To avoid ACL resource issues, remove EVERFLOW related tables if the device is a storage backend device

How to verify it
Added the following unit tests
- verify that EVERFLOW acl tables is removed and DATAACL table is added for storage backend tor
- verify that no DATAACL tables are created and EVERFLOW tables exist for storage backend leaf
2022-07-07 21:20:07 +00:00
Neetha John
73abb5c58a Add backend acl template (#11220)
Why I did it
Storage backend has all vlan members tagged. If untagged packets are received on those links, they are accounted as RX_DROPS which can lead to false alarms in monitoring tools. Using this acl to hide these drops.

How I did it
Created a acl template which will be loaded during minigraph load for backend. This template will allow tagged vlan packets and dropped untagged

How to verify it
Unit tests

Signed-off-by: Neetha John <nejo@microsoft.com>
2022-07-07 21:19:57 +00:00
Vadym Hlushko
12ed51d85f [sflow + dropmon] added the ENABLE_SFLOW_DROPMON build flag. Added patches for sflow repo. (#10370)
* [sflow + dropmon] added INCLUDE_SFLOW_DROPMON flag, added patches for hsflowd
*Added a capability of monitoring dropped packets for the sFlow daemon in order to improve network - monitoring, diagnostic, and troubleshooting. The drop monitor service allows the sFlow daemon to export another type of sample - dropped packets as Discard samples alongside Counter samples and Packet Flow samples.

Signed-off-by: Vadym Hlushko <vadymh@nvidia.com>
2022-07-07 21:19:34 +00:00
Nazarii Hnydyn
a4da090e5a
[Mellanox] Update SAI to 1.21.2.0 (#11360)
- Why I did it
Advance to new SAI version for bugs fixes as well as new features/enhacements:

New:
1. ARM64 support
2. FG ECMP performance optimization
3. Support setting empty list for port ingress/egress buffer profile list
4. Add service port for SN5600
5. Add CR8/SR8/LR8/KR8 interface type
6. Disable mlxtrace during debug dump

Fixes:
1. Fix SAI_ACL_ENTRY_ATTR_FIELD_TC
2. Fix Packets loop back if no member in portchannel
3. Fix optimize descriptors apply time (and fast boot time)
4. Add flush fdb entries for vxlan tunnel bridge port
5. Don't disable used tunnel underlay interfaces

- How I did it
Advanced SAI submodule

- How to verify it
make configure PLATFORM=mellanox
make target/sonic-mellanox.bin

Signed-off-by: Nazarii Hnydyn <nazariig@nvidia.com>
2022-07-07 09:15:41 +03:00
Sudharsan Dhamal Gopalarathnam
119789719d
[202205][Mellanox]Check dmi file permission before access (#11346)
* [Mellanox]Check dmi file permission before access (#11309)

Signed-off-by: Sudharsan Dhamal Gopalarathnam sudharsand@nvidia.com

Why I did it
During the system boot up when 'show platform status' or 'show version' command is executed before STATE_DB CHASSIS_INFO table is populated, the show will try to fallback to use the platform API. The DMI file in mellanox platforms require root permission for access. So if the show commands are executed as admin or any other user, the following error log will appear in the syslog

Jun 28 17:21:25.612123 sonic ERR show: Fail to decode DMI /sys/firmware/dmi/entries/2-0/raw due to PermissionError(13, 'Permission denied')

How I did it
Check the file permission before accessing it.

How to verify it
Added UT to verify. Manually verified if the error log is not thrown.
2022-07-06 16:13:07 -07:00
Ying Xie
2d9714de47
[202205][platform-common] advance submodule head (#11345)
platform-common:
* 4fe38c7 2022-06-09 | [multiasic][sfputil]Fix the sftpuitlhelper on mutilasic platform issue (#286) (HEAD -> 202205, github/202205) [Marty Y. Lok]

Signed-off-by: Ying Xie <ying.xie@microsoft.com>
2022-07-06 06:55:41 -07:00
Ying Xie
4abead049a
[202205][utilities] advance submodule head (#11340)
utilities;
* 7dae152 2022-07-05 | show linkmgrd status in `show mux status` (#2254) (HEAD -> 202205) [Jing Zhang]
* 6ebba53 2022-07-01 | [config/load_mgmt_config] Support load IPv6 mgmt IP (#2206) (HEAD -> 202205, github/202205) [Jing Kan]

Signed-off-by: Ying Xie <ying.xie@microsoft.com>
2022-07-06 06:55:25 -07:00
Stepan Blyshchak
530a0ca908
[202205][sonic-sairedis] don't try to build python-pysairedis (python2) on bullseye (#11308)
This PR is a backport of #10950 and a fix for it #11227

- Why I did it
To not build python2 pysairedis on bullseye

- How I did it
Cherry-picked above PRs from master

- How to verify it
Build

Signed-off-by: Stepan Blyschak <stepanb@nvidia.com>
2022-07-06 12:47:45 +03:00
mssonicbld
1d4cba69a4
[ci/build]: Upgrade SONiC package versions (#11334)
Upgrade SONiC Versions
2022-07-06 10:59:08 +08:00
Alexander Allen
f99d272669 [Mellanox] Add arch folder to SDK binary location (#11278)
- Why I did it
This is for the eventual support of multiple architectures for the mellanox platform.

- How I did it
Change the location of the binaries in Switch-SDK-drivers so that the path specifies the target architecture in addition to the target distribution that the debians are built for.

This is the most straightforward way to separate binaries built against different architectures and selectively target them for installation in the mellanox SONiC image.

- How to verify it
Build SONiC for mellanox and verify it compiles successfully.
2022-07-06 01:52:33 +00:00
Ying Xie
296b21ec40 Revert "[Mellanox]Check dmi file permission before access (#11309)"
This reverts commit 187f351b23.
2022-07-06 00:06:45 +00:00
Longxiang Lyu
7d06c7f621 [minigraph][dualtor] Support parsing soc_ip out of dpg (#11207)
Why I did it
To further support parse out soc_ipv4 and soc_ipv6 out of Dpg:

<DeviceDataPlaneInfo>
  <IPSecTunnels />
  <LoopbackIPInterfaces xmlns:a="http://schemas.datacontract.org/2004/07/Microsoft.Search.Autopilot.Evolution">
    <a:LoopbackIPInterface>
      <ElementType>LoopbackInterface</ElementType>
      <Name>HostIP</Name>
      <AttachTo>Loopback0</AttachTo>
      <a:Prefix xmlns:b="Microsoft.Search.Autopilot.NetMux">
        <b:IPPrefix>10.10.10.2/32</b:IPPrefix>
      </a:Prefix>
      <a:PrefixStr>10.10.10.2/32</a:PrefixStr>
    </a:LoopbackIPInterface>
    <a:LoopbackIPInterface>
      <ElementType>LoopbackInterface</ElementType>
      <Name>HostIP1</Name>
      <AttachTo>Loopback0</AttachTo>
      <a:Prefix xmlns:b="Microsoft.Search.Autopilot.NetMux">
        <b:IPPrefix>fe80::0002/128</b:IPPrefix>
      </a:Prefix>
      <a:PrefixStr>fe80::0002/128</a:PrefixStr>
    </a:LoopbackIPInterface>
    <a:LoopbackIPInterface>
      <ElementType>LoopbackInterface</ElementType>
      <Name>SoCHostIP0</Name>
      <AttachTo>server2SOC</AttachTo>
      <a:Prefix xmlns:b="Microsoft.Search.Autopilot.NetMux">
        <b:IPPrefix>10.10.10.3/32</b:IPPrefix>
      </a:Prefix>
      <a:PrefixStr>10.10.10.3/32</a:PrefixStr>
    </a:LoopbackIPInterface>
    <a:LoopbackIPInterface>
      <ElementType>LoopbackInterface</ElementType>
      <Name>SoCHostIP1</Name>
      <AttachTo>server2SOC</AttachTo>
      <a:Prefix xmlns:b="Microsoft.Search.Autopilot.NetMux">
        <b:IPPrefix>fe80::0003/128</b:IPPrefix>
      </a:Prefix>
      <a:PrefixStr>fe80::0003/128</a:PrefixStr>
    </a:LoopbackIPInterface>
  </LoopbackIPInterfaces>
</DeviceDataPlaneInfo>
Signed-off-by: Longxiang Lyu lolv@microsoft.com

How I did it
For servers loopback definitions in Dpg, if they contain LoopbackIPInterface with tags AttachTo, which has value of format like <server_name>SOC, the address will be regarded as a SoC IP, and sonic-cfggen now will treat the port connected to the server as active-active if the redundancy_type is either Libra or Mixed.

How to verify it
Pass the unittest.

Signed-off-by: Longxiang Lyu <lolv@microsoft.com>
2022-07-05 22:51:11 +00:00
Sudharsan Dhamal Gopalarathnam
187f351b23 [Mellanox]Check dmi file permission before access (#11309)
Signed-off-by: Sudharsan Dhamal Gopalarathnam sudharsand@nvidia.com

Why I did it
During the system boot up when 'show platform status' or 'show version' command is executed before STATE_DB CHASSIS_INFO table is populated, the show will try to fallback to use the platform API. The DMI file in mellanox platforms require root permission for access. So if the show commands are executed as admin or any other user, the following error log will appear in the syslog

Jun 28 17:21:25.612123 sonic ERR show: Fail to decode DMI /sys/firmware/dmi/entries/2-0/raw due to PermissionError(13, 'Permission denied')

How I did it
Check the file permission before accessing it.

How to verify it
Added UT to verify. Manually verified if the error log is not thrown.
2022-07-05 16:12:31 +00:00
judyjoseph
4657d8138e Revert "Update include_macsec flag if type is SpineRouter (#11141)" (#11306)
This reverts commit c9f36957db.
2022-07-05 16:12:17 +00:00
xumia
a96a07ec5d [Build] Add the missing debian security mirrors in slave images (#11305)
Why I did it
The build below was broken, it was caused by one of the required debian mirror missing.
https://dev.azure.com/mssonic/build/_build/results?buildId=116719&view=logs&j=88ce9a53-729c-5fa9-7b6e-3d98f2488e3f&t=88f376cf-c35d-5783-0a48-9ad83a873284

 libpci-dev : Depends: libudev-dev (>= 196) but it is not going to be installed
 libsystemd-dev : Depends: libsystemd0 (= 232-25+deb9u14) but 232-25+deb9u13 is to be installed
How I did it
Add the missing mirrors for buster and stretch.
2022-07-05 16:12:12 +00:00