-
Notifications
You must be signed in to change notification settings - Fork 548
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
[DPB-ACL] Handle ACL dependency #1148
Conversation
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Thank you for adding this - being able to update the binding list in-place is going to make a lot of things simpler going forward. :) See comments for review - it's mostly just nit-picky style comments to make the code a little more clear. Good stuff!
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Gave it another pass, let me know if you have any questions. :)
77db91c
to
397d61c
Compare
retest this please |
9a3d6c1
to
b4e66bf
Compare
retest this please |
1 similar comment
retest this please |
@zhenggen-xu @vasant17 sorry for the delay! We're going to do some checking in the lab to make sure this is working OK across platforms. ACLs are one of the more finnicky, ASIC-specific parts of SONiC and we want to avoid any surprises down the road for you/us as a result of enabling this. |
@zhenggen-xu @vasant17 ok I tried this out with a Mellanox Spectrum chip and a Broadcom Tomahawk chip. The Spectrum looks good, but we're seeing these errors on TH when I tried to delete an interface from the binding list:
Can you guys check and see if you're able to repro this? I was able to hit it with just this:
I can send over some more logs if you want as well. Aside from this, everything seems to be working great. (I should specify, I used a master image from Jenkins and installed the swss package from this PR on top of that. Let me know if you're using some other build process and aren't able to reproduce the issue.) |
We have already hit this issue. Raised Broadcom ticket and its fixed. We
have also verified the fix.
Ticket: CS9616135
|
Cool, I'll go ahead and grab that change for the public 3.7 so we can close this out. :) |
Any update on this? Please let me know, if anything missing from my end. |
b4e66bf
to
5088cc4
Compare
I think we're all good from you end. I was fighting some issues with the build system, but it's running OK now so hopefully I can get that fix in today. |
I have fixed the merge conflicts. Appreciate if we can push this ASAP so that I don't have to continue to merge conflicts. |
@yxieca and I are actively working on getting the BRCM SAI updated with the patch that you mentioned. I will merge this PR as soon as that update is done. |
Thank you!
…On Fri, Mar 6, 2020 at 4:55 PM Danny Allen ***@***.***> wrote:
Cool, I'll go ahead and grab that change for the public 3.7 so we can
close this out. :)
Any update on this? Please let me know, if anything missing from my end.
I think we're all good from you end. I was fighting some issues with the
build system, but it's running OK now so hopefully I can get that fix in
today.
I have fixed the merge conflicts. Appreciate if we can push this ASAP so
that I don't have to continue to merge conflicts.
@yxieca <https://github.com/yxieca> and I are actively working on getting
the BRCM SAI updated with the patch that you mentioned. I will merge this
PR as soon as that update is done.
—
You are receiving this because you were mentioned.
Reply to this email directly, view it on GitHub
<#1148>,
or unsubscribe
<https://github.com/notifications/unsubscribe-auth/AIWEL5UTJW6FKN337WDSIWLRGGLORANCNFSM4J2INXRA>
.
|
NOTE: Please review only commit 77db91c. The other commit will be pushed as a different PR #1112.
What I did
Add update capability for ACL tables when stage and type attributes are not modified. That is provide an way to update portlist of ACL tables
Existing code never deleted a ACL group associated with a port once it is created(it is created when port is bound to an ACL table), that is because we never deleted the port. As part of DPB, as we need to delete the port, hence we also need to delete the ACL group associated with port. But note that, a port can be part of multiple ACL tables. We should delete the ACL group once port is unbound with the last ACL table, and we should create the ACL group once the port is bound to the first ACL table.
Introduced an ENUM and dependency bitmap in port class, to keep track of port dependencies. For example, if port is part of ACL table, Port::ACL_DEP bit is set, and if port is part of VLAN as a member, Port::VLAN_DEP bit is set. Bits are also created on removal of port from ACL table or VLAN. We can extend this to other features as well. Hence a port can be removed only when no bit is set. If any one bit is set, port removal logic will keep trying in portsOrch.
Made the logic to bind and unbind a port to ACL Table symmetric.
Write DPB test infra class and test cases. Note the scale test case is SKIPPED for now as we are hitting VS library issue and the orchagent gets stuck. Fix for that is in-review as of this writing, once we pull in that fix, I will enable that test case.
Code-cleanup
Why I did it
To support DPB feature with ACL dependency
How I verified it
Wrote VS pytests. Also ensured that current test cases are NOT broken
Details if related