Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Supports FRR-VRRP configuration #2949

Merged
merged 15 commits into from
Nov 21, 2024
Merged

Conversation

philo-micas
Copy link
Contributor

@philo-micas philo-micas commented Aug 21, 2023

Signed-off-by: philo <philo@micasnetworks.com>
@philo-micas philo-micas marked this pull request as ready for review May 6, 2024 05:42
Comment on lines +5597 to +5598
if "/" not in ip_addr:
ctx.fail("IP address {} is missing a mask. Such as xx.xx.xx.xx/yy or xx:xx::xx/yy".format(str(ip_addr)))
Copy link

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

This needs to be removed as vrrpsyncd expects a VIP to be without netmask as it eventually concatenate /32 for ipv4 and /128 length for ipv6 IP at the time of creating VRRP_TABLE entry in APLL_DB.

Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

The purpose of bring the mask is to enable the Linux kernel to learn neighbors properly. If we do not bring it, the default value of ipv4 will be set to /32, and ipv6 will be set to /128 . Because of this, arp or nd cannot be learned properly. The chip layer does not care about the arp interaction process and it only needs to upload the corresponding dip data packets to the cpu.

@adyeung
Copy link

adyeung commented Oct 22, 2024

@nmoray pls signoff and approve if you have no further comments

config/main.py Outdated
@vrrp.command("adv_interval")
@click.argument('interface_name', metavar='<interface_name>', required=True)
@click.argument('vrrp_id', metavar='<vrrp_id>', required=True, type=click.IntRange(1, 255))
@click.argument('interval', metavar='<interval>', required=True, type=click.IntRange(10, 40950), default=1000)
Copy link

@nser77 nser77 Oct 26, 2024

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I believe there is an incongruence.

HLD and sonic-net/sonic-buildimage#20383 fix the limit for both VRRP2 and VRRP3 to uint8.

Thought it was some kind of SONiC requirement but not sure now.

Copy link

@nser77 nser77 Oct 26, 2024

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

BTW, neither are valid, I believe the correct should be:

             +--rw (advertise-interval-choice)?
             |  +--:(v2)
             |  |  +--rw advertise-interval-sec?         uint8
             |  +--:(v3)
             |     +--rw advertise-interval-centi-sec?   uint16

There is an on-going work (DRAFT) form the IETF, it might be helpful use it as reference: https://datatracker.ietf.org/doc/draft-acee-rtgwg-vrrp-rfc8347bis/

Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

This is a good suggestion. We plan to first modify it to align with the HLD, and later, we will further discuss with Broadcom to explore how to set it up more appropriately.Thanks.

philo-micas and others added 7 commits October 28, 2024 11:29
Signed-off-by: philo <philo@micasnetworks.com>
Signed-off-by: philo <philo@micasnetworks.com>
Signed-off-by: philo <philo@micasnetworks.com>
Signed-off-by: philo <philo@micasnetworks.com>
Signed-off-by: philo <philo@micasnetworks.com>
config/main.py Outdated
Comment on lines 5619 to 5629
if len(vrrp_keys) >= 128:
ctx.fail("Has already configured 128 IPs")
intf_cfg = 0
for key in vrrp_keys:
if key[1] == str(vrrp_id):
ctx.fail("The vrrp instance {} has already configured!".format(vrrp_id))
if key[0] == interface_name:
intf_cfg += 1
if intf_cfg >= 16:
ctx.fail("{} has already configured 16 vrrp instances!".format(interface_name))
vrrp_entry["vid"] = vrrp_id
Copy link

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Sorry, I believe there is another incongruence.

Are 128 instances per interface and 16 VIPs per instance the scalibility requirements described in the HLD?

If I'm not wrong, they are:

Scalability Requirements
Max number of VRRP instances: 254
Max number of VIPS per instance: 4

Regards,

Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

has updated,thanks.

config/main.py Outdated
Comment on lines 5532 to 5553
def is_vaild_intf_ip_addr(ip_addr) -> bool:
"""Check whether the ip address is valid"""
try:
ip_address = ipaddress.ip_interface(ip_addr)
except ValueError as err:
click.echo("IP address {} is not valid: {}".format(ip_addr, err))
return False

if ip_address.version == 6:
if ip_address.is_unspecified:
click.echo("IPv6 address {} is unspecified".format(str(ip_address)))
return False
elif ip_address.version == 4:
if str(ip_address.ip) == "0.0.0.0":
click.echo("IPv4 address {} is Zero".format(str(ip_address)))
return False

if ip_address.is_multicast:
click.echo("IP address {} is multicast".format(str(ip_address)))
return False

return True
Copy link

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Two obsevations here:

  • I believe the user can configure a loopback IP (127.0.0.0/8): do we want to prevent it?
  • IETF defines other reserved addresses, do we want to make a consideration regarding them?

Regards,

Copy link
Contributor Author

@philo-micas philo-micas Oct 30, 2024

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Loopback address check has been added. Other reserved address checks are not planned for this time; further consideration and verification are needed. Thank you.

Signed-off-by: philo <philo@micasnetworks.com>
@vvbrcm
Copy link

vvbrcm commented Oct 30, 2024

Looks fine, please go ahead with merge.

@adyeung
Copy link

adyeung commented Oct 30, 2024

@qiluo-msft please help merge this

@philo-micas
Copy link
Contributor Author

@qiluo-msft please help merge this, thanks.

@yuezhoujk yuezhoujk self-requested a review November 21, 2024 01:41
@yuezhoujk yuezhoujk merged commit 5e60031 into sonic-net:master Nov 21, 2024
7 checks passed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
None yet
Projects
None yet
Development

Successfully merging this pull request may close these issues.

6 participants