From 7a3d7e5f5562b49fd618d8c4ee6b71d9ba71fb11 Mon Sep 17 00:00:00 2001 From: Abhishek Dosi Date: Thu, 3 Aug 2023 04:47:39 +0000 Subject: [PATCH 1/8] Fix the Loopback0 IPv6 address of LC's in chassis not reachable from peer device's Signed-off-by: Abhishek Dosi --- dockers/docker-fpm-frr/frr/bgpd/bgpd.main.conf.j2 | 3 +++ .../data/sonic-cfggen/bgpd.main.conf.j2/packet_chassis.conf | 1 + .../tests/data/sonic-cfggen/bgpd.main.conf.j2/voq_chassis.conf | 1 + 3 files changed, 5 insertions(+) diff --git a/dockers/docker-fpm-frr/frr/bgpd/bgpd.main.conf.j2 b/dockers/docker-fpm-frr/frr/bgpd/bgpd.main.conf.j2 index 1e564579e30f..793ab055c215 100644 --- a/dockers/docker-fpm-frr/frr/bgpd/bgpd.main.conf.j2 +++ b/dockers/docker-fpm-frr/frr/bgpd/bgpd.main.conf.j2 @@ -104,6 +104,9 @@ router bgp {{ DEVICE_METADATA['localhost']['bgp_asn'] }} network {{ get_ipv6_loopback_address(LOOPBACK_INTERFACE, "Loopback0") | ip }}/128 {% else %} network {{ get_ipv6_loopback_address(LOOPBACK_INTERFACE, "Loopback0") | ip }}/64 +{% if DEVICE_METADATA['localhost']['switch_type'] == 'voq' or DEVICE_METADATA['localhost']['switch_type'] == 'chassis-packet' %} + network {{ get_ipv6_loopback_address(LOOPBACK_INTERFACE, "Loopback0") | ip }}/128 route-map HIDE_INTERNAL +{% endif %} {% endif %} exit-address-family {% endif %} diff --git a/src/sonic-bgpcfgd/tests/data/sonic-cfggen/bgpd.main.conf.j2/packet_chassis.conf b/src/sonic-bgpcfgd/tests/data/sonic-cfggen/bgpd.main.conf.j2/packet_chassis.conf index 0f7f227e0e2c..6b2e1f257948 100644 --- a/src/sonic-bgpcfgd/tests/data/sonic-cfggen/bgpd.main.conf.j2/packet_chassis.conf +++ b/src/sonic-bgpcfgd/tests/data/sonic-cfggen/bgpd.main.conf.j2/packet_chassis.conf @@ -47,6 +47,7 @@ router bgp 55555 ! address-family ipv6 network fc00::1/64 + network fc00::1/128 route-map HIDE_INTERNAL exit-address-family ! network 10.10.10.1/24 diff --git a/src/sonic-bgpcfgd/tests/data/sonic-cfggen/bgpd.main.conf.j2/voq_chassis.conf b/src/sonic-bgpcfgd/tests/data/sonic-cfggen/bgpd.main.conf.j2/voq_chassis.conf index ef28d67c1c9d..efd45eda1ea9 100644 --- a/src/sonic-bgpcfgd/tests/data/sonic-cfggen/bgpd.main.conf.j2/voq_chassis.conf +++ b/src/sonic-bgpcfgd/tests/data/sonic-cfggen/bgpd.main.conf.j2/voq_chassis.conf @@ -48,6 +48,7 @@ router bgp 55555 ! address-family ipv6 network fc00::1/64 + network fc00::1/128 route-map HIDE_INTERNAL exit-address-family address-family ipv6 network fc00::2/128 route-map HIDE_INTERNAL From 8d9dbb61f477762b56774980ac26d3561b4bca50 Mon Sep 17 00:00:00 2001 From: Abhishek Dosi Date: Thu, 17 Aug 2023 14:54:26 +0000 Subject: [PATCH 2/8] Added change to have flag Signed-off-by: Abhishek Dosi --- files/build_templates/sonic_version.yml.j2 | 5 +++++ 1 file changed, 5 insertions(+) diff --git a/files/build_templates/sonic_version.yml.j2 b/files/build_templates/sonic_version.yml.j2 index 8b829feeed00..510b3d3c6044 100644 --- a/files/build_templates/sonic_version.yml.j2 +++ b/files/build_templates/sonic_version.yml.j2 @@ -30,3 +30,8 @@ built_by: {{ built_by }} asan: 'yes' {% endif -%} sonic_os_version: {{ sonic_os_version }} +{% if SECURE_UPGRADE_MODE == "dev" or SECURE_UPGRADE_MODE == "prod" -%} +secure_boot_image: 'yes' +{% else -%} +secure_boot_image: 'no' +{% endif -%} From 4e8b1014c13bf4ec28df3bb9001372002caca225 Mon Sep 17 00:00:00 2001 From: Abhishek Dosi Date: Thu, 31 Aug 2023 20:53:13 +0000 Subject: [PATCH 3/8] Assign the metric vaule for Ipv6 default route learnt via RA message to higher value so that BGP learnt default route is higher priority. Signed-off-by: Abhishek Dosi --- files/dhcp/90-dhcp6-systcl.conf.j2 | 1 + 1 file changed, 1 insertion(+) diff --git a/files/dhcp/90-dhcp6-systcl.conf.j2 b/files/dhcp/90-dhcp6-systcl.conf.j2 index addb94675258..13ad9bead9c7 100644 --- a/files/dhcp/90-dhcp6-systcl.conf.j2 +++ b/files/dhcp/90-dhcp6-systcl.conf.j2 @@ -5,3 +5,4 @@ net.ipv6.conf.eth0.accept_ra = 0 net.ipv6.conf.eth0.accept_ra_defrtr = 1 net.ipv6.conf.eth0.accept_ra = 1 {% endif %} +net.ipv6.conf.eth0.ra_defrtr_metric=1996489704 From fcbd38d8ec0c2f8f92a8d61c3e8c694b7fa489e2 Mon Sep 17 00:00:00 2001 From: Abhishek Dosi Date: Fri, 8 Sep 2023 15:51:23 +0000 Subject: [PATCH 4/8] Add alternate name for bridge interface on supversior in chassis systrem Signed-off-by: Abhishek Dosi --- files/build_templates/docker_image_ctl.j2 | 3 +++ 1 file changed, 3 insertions(+) diff --git a/files/build_templates/docker_image_ctl.j2 b/files/build_templates/docker_image_ctl.j2 index 546eb24cb629..ca9679ccd9b2 100644 --- a/files/build_templates/docker_image_ctl.j2 +++ b/files/build_templates/docker_image_ctl.j2 @@ -191,6 +191,9 @@ function postStartAction() ip link add name ns-eth1"$NET_NS" type veth peer name eth1@"$NET_NS" ip link set dev eth1@"$NET_NS" master br1 ip link set dev eth1@"$NET_NS" up + # For chassis system where Linux bridge is used on supervisor for midplane communication + # assign alternate name as eth1-midplane for generic design + ip link property add dev br1 altname eth1-midplane else ip link add name ns-eth1"$NET_NS" link eth1-midplane type macvlan mode bridge fi From 311c639bc73e05bfaac792ce62df94ddfc6c9c7c Mon Sep 17 00:00:00 2001 From: Abhishek Dosi Date: Wed, 13 Sep 2023 16:12:34 +0000 Subject: [PATCH 5/8] Revert "Add alternate name for bridge interface on supversior in chassis systrem" This reverts commit fcbd38d8ec0c2f8f92a8d61c3e8c694b7fa489e2. --- files/build_templates/docker_image_ctl.j2 | 3 --- 1 file changed, 3 deletions(-) diff --git a/files/build_templates/docker_image_ctl.j2 b/files/build_templates/docker_image_ctl.j2 index ca9679ccd9b2..546eb24cb629 100644 --- a/files/build_templates/docker_image_ctl.j2 +++ b/files/build_templates/docker_image_ctl.j2 @@ -191,9 +191,6 @@ function postStartAction() ip link add name ns-eth1"$NET_NS" type veth peer name eth1@"$NET_NS" ip link set dev eth1@"$NET_NS" master br1 ip link set dev eth1@"$NET_NS" up - # For chassis system where Linux bridge is used on supervisor for midplane communication - # assign alternate name as eth1-midplane for generic design - ip link property add dev br1 altname eth1-midplane else ip link add name ns-eth1"$NET_NS" link eth1-midplane type macvlan mode bridge fi From 2109e03eb3867ad0d875ec3d663095269cc8c841 Mon Sep 17 00:00:00 2001 From: Abhishek Dosi Date: Wed, 13 Sep 2023 16:14:29 +0000 Subject: [PATCH 6/8] ASIC Count is updated to the running numbers of ASIC's and not max possible Signed-off-by: Abhishek Dosi --- src/sonic-py-common/sonic_py_common/device_info.py | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/src/sonic-py-common/sonic_py_common/device_info.py b/src/sonic-py-common/sonic_py_common/device_info.py index 7a4cec81605d..269c47df186b 100644 --- a/src/sonic-py-common/sonic_py_common/device_info.py +++ b/src/sonic-py-common/sonic_py_common/device_info.py @@ -479,7 +479,7 @@ def get_platform_info(config_db=None): if hw_info_dict: return hw_info_dict - from .multi_asic import get_num_asics + from .multi_asic import get_asic_presence_list version_info = get_sonic_version_info() @@ -487,7 +487,7 @@ def get_platform_info(config_db=None): hw_info_dict['hwsku'] = get_hwsku() if version_info: hw_info_dict['asic_type'] = version_info.get('asic_type') - hw_info_dict['asic_count'] = get_num_asics() + hw_info_dict['asic_count'] = len(get_asic_presence_list()) try: # TODO: enforce caller to provide config_db explicitly and remove its default value From 3cf469783df2374c7905f30dd8a146b5d33d0c22 Mon Sep 17 00:00:00 2001 From: Abhishek Dosi Date: Tue, 26 Sep 2023 16:03:37 +0000 Subject: [PATCH 7/8] Enable Seding BGP Community over internal neighbors over iBGP Session Signed-off-by: Abhishek Dosi --- .../frr/bgpd/templates/internal/peer-group.conf.j2 | 2 ++ .../frr/bgpd/templates/voq_chassis/peer-group.conf.j2 | 2 ++ .../tests/data/internal/peer-group.conf/result_back.conf | 2 ++ .../data/internal/peer-group.conf/result_chasiss_packet.conf | 2 ++ .../tests/data/internal/peer-group.conf/result_front.conf | 2 ++ .../tests/data/voq_chassis/peer-group.conf/result_all.conf | 2 ++ .../tests/data/voq_chassis/peer-group.conf/result_base.conf | 2 ++ 7 files changed, 14 insertions(+) diff --git a/dockers/docker-fpm-frr/frr/bgpd/templates/internal/peer-group.conf.j2 b/dockers/docker-fpm-frr/frr/bgpd/templates/internal/peer-group.conf.j2 index e29a4c9e2fb6..b12f8e8c84a3 100644 --- a/dockers/docker-fpm-frr/frr/bgpd/templates/internal/peer-group.conf.j2 +++ b/dockers/docker-fpm-frr/frr/bgpd/templates/internal/peer-group.conf.j2 @@ -14,6 +14,7 @@ neighbor INTERNAL_PEER_V4 allowas-in 1 neighbor INTERNAL_PEER_V4 route-map FROM_BGP_INTERNAL_PEER_V4 in neighbor INTERNAL_PEER_V4 route-map TO_BGP_INTERNAL_PEER_V4 out + neighbor INTERNAL_PEER_V4 send-community exit-address-family {% if CONFIG_DB__DEVICE_METADATA['localhost']['switch_type'] == 'chassis-packet' %} neighbor INTERNAL_PEER_V6 update-source Loopback4096 @@ -26,6 +27,7 @@ neighbor INTERNAL_PEER_V6 allowas-in 1 neighbor INTERNAL_PEER_V6 route-map FROM_BGP_INTERNAL_PEER_V6 in neighbor INTERNAL_PEER_V6 route-map TO_BGP_INTERNAL_PEER_V6 out + neighbor INTERNAL_PEER_V6 send-community exit-address-family ! ! end of template: bgpd/templates/internal/peer-group.conf.j2 diff --git a/dockers/docker-fpm-frr/frr/bgpd/templates/voq_chassis/peer-group.conf.j2 b/dockers/docker-fpm-frr/frr/bgpd/templates/voq_chassis/peer-group.conf.j2 index 44a49587d039..802aa15ca60f 100644 --- a/dockers/docker-fpm-frr/frr/bgpd/templates/voq_chassis/peer-group.conf.j2 +++ b/dockers/docker-fpm-frr/frr/bgpd/templates/voq_chassis/peer-group.conf.j2 @@ -12,6 +12,7 @@ neighbor VOQ_CHASSIS_V4_PEER soft-reconfiguration inbound neighbor VOQ_CHASSIS_V4_PEER route-map FROM_VOQ_CHASSIS_V4_PEER in neighbor VOQ_CHASSIS_V4_PEER route-map TO_VOQ_CHASSIS_V4_PEER out + neighbor VOQ_CHASSIS_V4_PEER send-community exit-address-family address-family ipv6 {% if CONFIG_DB__DEVICE_METADATA['localhost']['type'] == 'ToRRouter' %} @@ -22,6 +23,7 @@ neighbor VOQ_CHASSIS_V6_PEER soft-reconfiguration inbound neighbor VOQ_CHASSIS_V6_PEER route-map FROM_VOQ_CHASSIS_V6_PEER in neighbor VOQ_CHASSIS_V6_PEER route-map TO_VOQ_CHASSIS_V6_PEER out + neighbor VOQ_CHASSIS_V6_PEER send-community exit-address-family ! ! end of template: bgpd/templates/voq_chassis/peer-group.conf.j2 diff --git a/src/sonic-bgpcfgd/tests/data/internal/peer-group.conf/result_back.conf b/src/sonic-bgpcfgd/tests/data/internal/peer-group.conf/result_back.conf index 28a543841fef..c6acef329eff 100644 --- a/src/sonic-bgpcfgd/tests/data/internal/peer-group.conf/result_back.conf +++ b/src/sonic-bgpcfgd/tests/data/internal/peer-group.conf/result_back.conf @@ -9,6 +9,7 @@ neighbor INTERNAL_PEER_V4 allowas-in 1 neighbor INTERNAL_PEER_V4 route-map FROM_BGP_INTERNAL_PEER_V4 in neighbor INTERNAL_PEER_V4 route-map TO_BGP_INTERNAL_PEER_V4 out + neighbor INTERNAL_PEER_V4 send-community exit-address-family address-family ipv6 neighbor INTERNAL_PEER_V6 route-reflector-client @@ -16,6 +17,7 @@ neighbor INTERNAL_PEER_V6 allowas-in 1 neighbor INTERNAL_PEER_V6 route-map FROM_BGP_INTERNAL_PEER_V6 in neighbor INTERNAL_PEER_V6 route-map TO_BGP_INTERNAL_PEER_V6 out + neighbor INTERNAL_PEER_V6 send-community exit-address-family ! ! end of template: bgpd/templates/internal/peer-group.conf.j2 diff --git a/src/sonic-bgpcfgd/tests/data/internal/peer-group.conf/result_chasiss_packet.conf b/src/sonic-bgpcfgd/tests/data/internal/peer-group.conf/result_chasiss_packet.conf index 1f4e219e2770..e4fb05eeb766 100644 --- a/src/sonic-bgpcfgd/tests/data/internal/peer-group.conf/result_chasiss_packet.conf +++ b/src/sonic-bgpcfgd/tests/data/internal/peer-group.conf/result_chasiss_packet.conf @@ -9,6 +9,7 @@ neighbor INTERNAL_PEER_V4 allowas-in 1 neighbor INTERNAL_PEER_V4 route-map FROM_BGP_INTERNAL_PEER_V4 in neighbor INTERNAL_PEER_V4 route-map TO_BGP_INTERNAL_PEER_V4 out + neighbor INTERNAL_PEER_V4 send-community exit-address-family neighbor INTERNAL_PEER_V6 update-source Loopback4096 address-family ipv6 @@ -16,6 +17,7 @@ neighbor INTERNAL_PEER_V6 allowas-in 1 neighbor INTERNAL_PEER_V6 route-map FROM_BGP_INTERNAL_PEER_V6 in neighbor INTERNAL_PEER_V6 route-map TO_BGP_INTERNAL_PEER_V6 out + neighbor INTERNAL_PEER_V6 send-community exit-address-family ! ! end of template: bgpd/templates/internal/peer-group.conf.j2 diff --git a/src/sonic-bgpcfgd/tests/data/internal/peer-group.conf/result_front.conf b/src/sonic-bgpcfgd/tests/data/internal/peer-group.conf/result_front.conf index 5b061fa52b44..7b6ee2667de9 100644 --- a/src/sonic-bgpcfgd/tests/data/internal/peer-group.conf/result_front.conf +++ b/src/sonic-bgpcfgd/tests/data/internal/peer-group.conf/result_front.conf @@ -8,12 +8,14 @@ neighbor INTERNAL_PEER_V4 allowas-in 1 neighbor INTERNAL_PEER_V4 route-map FROM_BGP_INTERNAL_PEER_V4 in neighbor INTERNAL_PEER_V4 route-map TO_BGP_INTERNAL_PEER_V4 out + neighbor INTERNAL_PEER_V4 send-community exit-address-family address-family ipv6 neighbor INTERNAL_PEER_V6 soft-reconfiguration inbound neighbor INTERNAL_PEER_V6 allowas-in 1 neighbor INTERNAL_PEER_V6 route-map FROM_BGP_INTERNAL_PEER_V6 in neighbor INTERNAL_PEER_V6 route-map TO_BGP_INTERNAL_PEER_V6 out + neighbor INTERNAL_PEER_V6 send-community exit-address-family ! ! end of template: bgpd/templates/internal/peer-group.conf.j2 diff --git a/src/sonic-bgpcfgd/tests/data/voq_chassis/peer-group.conf/result_all.conf b/src/sonic-bgpcfgd/tests/data/voq_chassis/peer-group.conf/result_all.conf index cf5020ee49f8..350ff0eeeb41 100644 --- a/src/sonic-bgpcfgd/tests/data/voq_chassis/peer-group.conf/result_all.conf +++ b/src/sonic-bgpcfgd/tests/data/voq_chassis/peer-group.conf/result_all.conf @@ -10,6 +10,7 @@ neighbor VOQ_CHASSIS_V4_PEER soft-reconfiguration inbound neighbor VOQ_CHASSIS_V4_PEER route-map FROM_VOQ_CHASSIS_V4_PEER in neighbor VOQ_CHASSIS_V4_PEER route-map TO_VOQ_CHASSIS_V4_PEER out + neighbor VOQ_CHASSIS_V4_PEER send-community exit-address-family address-family ipv6 neighbor VOQ_CHASSIS_V6_PEER allowas-in 1 @@ -18,6 +19,7 @@ neighbor VOQ_CHASSIS_V6_PEER soft-reconfiguration inbound neighbor VOQ_CHASSIS_V6_PEER route-map FROM_VOQ_CHASSIS_V6_PEER in neighbor VOQ_CHASSIS_V6_PEER route-map TO_VOQ_CHASSIS_V6_PEER out + neighbor VOQ_CHASSIS_V6_PEER send-community exit-address-family ! ! end of template: bgpd/templates/voq_chassis/peer-group.conf.j2 diff --git a/src/sonic-bgpcfgd/tests/data/voq_chassis/peer-group.conf/result_base.conf b/src/sonic-bgpcfgd/tests/data/voq_chassis/peer-group.conf/result_base.conf index 61813254acc2..9818358a771f 100644 --- a/src/sonic-bgpcfgd/tests/data/voq_chassis/peer-group.conf/result_base.conf +++ b/src/sonic-bgpcfgd/tests/data/voq_chassis/peer-group.conf/result_base.conf @@ -9,6 +9,7 @@ neighbor VOQ_CHASSIS_V4_PEER soft-reconfiguration inbound neighbor VOQ_CHASSIS_V4_PEER route-map FROM_VOQ_CHASSIS_V4_PEER in neighbor VOQ_CHASSIS_V4_PEER route-map TO_VOQ_CHASSIS_V4_PEER out + neighbor VOQ_CHASSIS_V4_PEER send-community exit-address-family address-family ipv6 neighbor VOQ_CHASSIS_V6_PEER activate @@ -16,6 +17,7 @@ neighbor VOQ_CHASSIS_V6_PEER soft-reconfiguration inbound neighbor VOQ_CHASSIS_V6_PEER route-map FROM_VOQ_CHASSIS_V6_PEER in neighbor VOQ_CHASSIS_V6_PEER route-map TO_VOQ_CHASSIS_V6_PEER out + neighbor VOQ_CHASSIS_V6_PEER send-community exit-address-family ! ! end of template: bgpd/templates/voq_chassis/peer-group.conf.j2 From 5d4fb5dc79540099fa27184ca2c5cade39eb958f Mon Sep 17 00:00:00 2001 From: Abhishek Dosi Date: Tue, 26 Sep 2023 16:06:23 +0000 Subject: [PATCH 8/8] Revert "ASIC Count is updated to the running numbers of ASIC's and not max" This reverts commit 2109e03eb3867ad0d875ec3d663095269cc8c841. --- src/sonic-py-common/sonic_py_common/device_info.py | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/src/sonic-py-common/sonic_py_common/device_info.py b/src/sonic-py-common/sonic_py_common/device_info.py index 269c47df186b..7a4cec81605d 100644 --- a/src/sonic-py-common/sonic_py_common/device_info.py +++ b/src/sonic-py-common/sonic_py_common/device_info.py @@ -479,7 +479,7 @@ def get_platform_info(config_db=None): if hw_info_dict: return hw_info_dict - from .multi_asic import get_asic_presence_list + from .multi_asic import get_num_asics version_info = get_sonic_version_info() @@ -487,7 +487,7 @@ def get_platform_info(config_db=None): hw_info_dict['hwsku'] = get_hwsku() if version_info: hw_info_dict['asic_type'] = version_info.get('asic_type') - hw_info_dict['asic_count'] = len(get_asic_presence_list()) + hw_info_dict['asic_count'] = get_num_asics() try: # TODO: enforce caller to provide config_db explicitly and remove its default value