sonic-buildimage/files/image_config
pavel-shirshov bee6c87f90 [bgpcfgd]: Change prefix-list generation for "Allow prefix" feature (#5639)
**- Why I did it**
I was asked to change "Allow list" prefix-list generation rule.
Previously we generated the rules using following method:
``` 
For each {prefix}/{masklen} we would generate the prefix-rule
permit {prefix}/{masklen} ge {masklen}+1
Example:
Prefix 1.2.3.4/24 would have following prefix-list entry generated
permit 1.2.3.4/24 ge 23
```
But we discovered the old rule doesn't work for all cases we have.

So we introduced the new rule:
```
For ipv4 entry,  
For mask  < 32 , we will add ‘le 32’ to cover all  prefix masks to be sent by T0  
For mask =32 , we will not add any ‘le mask’ 
For ipv6 entry, we will add le 128 to cover all the prefix mask to be sent by T0  
For mask < 128 , we will add ‘le 128’ to cover all prefix masks to be sent by T0 
For mask = 128 , we will not add any ‘le mask’ 
```    

**- How I did it**
I change prefix-list entry generation function. Also I introduced a test for the changed function.

**- How to verify it**
1. Build an image and put it on your dut.

2. Create a file test_schema.conf with the test configuration
```
{
    "BGP_ALLOWED_PREFIXES": {
        "DEPLOYMENT_ID|0|1010:1010": {
            "prefixes_v4": [
                "10.20.0.0/16",
                "10.50.1.0/29"
            ],
            "prefixes_v6": [
                "fc01:10::/64",
                "fc02:20::/64"
            ]
        },
        "DEPLOYMENT_ID|0": {
            "prefixes_v4": [
                "10.20.0.0/16",
                "10.50.1.0/29"
            ],
            "prefixes_v6": [
                "fc01:10::/64",
                "fc02:20::/64"
            ]
        }
    }
}
```

3. Apply the configuration by command 
```
sonic-cfggen -j test_schema.conf --write-to-db
```

4. Check that your bgp configuration has following prefix-list entries:
```
admin@str-s6100-acs-1:~$ show runningconfiguration bgp | grep PL_ALLOW
ip prefix-list PL_ALLOW_LIST_DEPLOYMENT_ID_0_COMMUNITY_1010:1010_V4 seq 10 deny 0.0.0.0/0 le 17
ip prefix-list PL_ALLOW_LIST_DEPLOYMENT_ID_0_COMMUNITY_1010:1010_V4 seq 20 permit 127.0.0.1/32
ip prefix-list PL_ALLOW_LIST_DEPLOYMENT_ID_0_COMMUNITY_1010:1010_V4 seq 30 permit 10.20.0.0/16 le 32
ip prefix-list PL_ALLOW_LIST_DEPLOYMENT_ID_0_COMMUNITY_1010:1010_V4 seq 40 permit 10.50.1.0/29 le 32
ip prefix-list PL_ALLOW_LIST_DEPLOYMENT_ID_0_COMMUNITY_empty_V4 seq 10 deny 0.0.0.0/0 le 17
ip prefix-list PL_ALLOW_LIST_DEPLOYMENT_ID_0_COMMUNITY_empty_V4 seq 20 permit 127.0.0.1/32
ip prefix-list PL_ALLOW_LIST_DEPLOYMENT_ID_0_COMMUNITY_empty_V4 seq 30 permit 10.20.0.0/16 le 32
ip prefix-list PL_ALLOW_LIST_DEPLOYMENT_ID_0_COMMUNITY_empty_V4 seq 40 permit 10.50.1.0/29 le 32
ipv6 prefix-list PL_ALLOW_LIST_DEPLOYMENT_ID_0_COMMUNITY_1010:1010_V6 seq 10 deny ::/0 le 59
ipv6 prefix-list PL_ALLOW_LIST_DEPLOYMENT_ID_0_COMMUNITY_1010:1010_V6 seq 20 deny ::/0 ge 65
ipv6 prefix-list PL_ALLOW_LIST_DEPLOYMENT_ID_0_COMMUNITY_1010:1010_V6 seq 30 permit fc01:10::/64 le 128
ipv6 prefix-list PL_ALLOW_LIST_DEPLOYMENT_ID_0_COMMUNITY_1010:1010_V6 seq 40 permit fc02:20::/64 le 128
ipv6 prefix-list PL_ALLOW_LIST_DEPLOYMENT_ID_0_COMMUNITY_empty_V6 seq 10 deny ::/0 le 59
ipv6 prefix-list PL_ALLOW_LIST_DEPLOYMENT_ID_0_COMMUNITY_empty_V6 seq 20 deny ::/0 ge 65
ipv6 prefix-list PL_ALLOW_LIST_DEPLOYMENT_ID_0_COMMUNITY_empty_V6 seq 30 permit fc01:10::/64 le 128
ipv6 prefix-list PL_ALLOW_LIST_DEPLOYMENT_ID_0_COMMUNITY_empty_V6 seq 40 permit fc02:20::/64 le 128

``` 

Co-authored-by: Pavel Shirshov <pavel.contrib@gmail.com>
2020-10-30 08:56:52 -07:00
..
apt [build]: SONiC buildimage ARM arch support (#2980) 2019-07-25 22:06:41 -07:00
bash [baseimage]: Increase TMOUT for serial port connections to 15 minutes (#3032) 2019-06-19 00:16:01 -07:00
caclmgrd [caclmgrd] Prevent unnecessary iptables updates (#5312) 2020-10-21 12:15:04 -07:00
config-setup [platform] Add Support For Environment Variable File (#5010) 2020-09-28 21:14:39 +00:00
constants [bgpcfgd]: Change prefix-list generation for "Allow prefix" feature (#5639) 2020-10-30 08:56:52 -07:00
corefile_uploader corefile uploader: Updates per review comments offline (#3915) 2019-12-31 14:42:01 -08:00
cron.d [core_cleanup] Fix issue where core_cleanup job runs too frequently (#3659) 2019-10-23 15:55:47 -07:00
ebtables [ebtables]add the filter rule for ARP packets with vlan tag: (#3945) 2020-05-09 18:36:36 -07:00
environment [image]: Update login message (#706) 2017-06-14 15:18:02 -07:00
fstrim [baseimage]: Add fstrim service and fstrim timer by default (#2804) 2019-04-21 14:21:16 -07:00
hostcfgd [hostcfgd] Enable/disable the container service only when the feature state was changed. (#5689) 2020-10-23 15:45:04 -07:00
hostname [hostname-config] improve hostname-config process (#3676) 2019-10-29 08:30:27 -07:00
interfaces Fixing Bad Cherry-pick 2020-03-04 10:46:45 -08:00
kubernetes [baseimage]: Install Kubernetes packages if enabled in image (#4374) (#4432) 2020-04-16 21:54:45 -07:00
logrotate [logrotate] Enhance robustness (#2942) 2019-05-25 18:00:18 -07:00
misc Fix to remove the import of APIClient (#5724) 2020-10-27 08:32:37 -07:00
monit Fix 'NoSuchProcess' exception in process_checker (#5716) 2020-10-30 08:56:10 -07:00
ntp [ntp] disable ntp long jump (#4748) 2020-06-16 08:15:00 -07:00
platform [rc.local] separate configuration migration and grub installation logic (#5528) 2020-10-04 19:41:50 +00:00
procdockerstatsd Fix exception when attempting to write a datetime to db (#5467) 2020-09-28 16:18:24 +00:00
process-reboot-cause [process-reboot-cause] Use Logger class from sonic-py-common package (#5384) 2020-09-19 13:59:59 -07:00
rsyslog syslog changes Multi ASIC platforms (#4738) 2020-07-05 15:19:22 -07:00
snmp mvrf_avoid_snmp_yml_config: made changes to pass SNMP config from con… (#4057) 2020-02-03 15:38:38 -08:00
sudoers [201911][sudoers] Add sonic_installer list to read-only commands (#4997) 2020-07-17 20:13:42 -07:00
sysctl [sonic-buildimage] Changes to make network specific sysctl common for both host and docker namespace (#4838) 2020-07-05 15:32:30 -07:00
syslog [baseimage]: /host unmount timeout issue during reboot. (#5032) 2020-08-09 10:38:33 -07:00
systemd [services] Restart SwSS service upon unexpected critical process exit (#2845) 2019-05-01 08:02:38 -07:00
topology [platform] Add Support For Environment Variable File (#5010) 2020-09-28 21:14:39 +00:00
updategraph [platform] Add Support For Environment Variable File (#5010) 2020-09-28 21:14:39 +00:00
warmboot-finalizer [MultiDB] use sonic-db-cli PING and fix wrong multiDB API in NAT (#4541) 2020-05-09 18:16:48 -07:00
watchdog-control Add disabling HW watchdog during boot for fast-reboot and warm-reboot (#4927) 2020-08-09 11:25:31 -07:00