Skip to content

Commit

Permalink
Merge branch 'master' into save-on-set-HLD
Browse files Browse the repository at this point in the history
  • Loading branch information
@lihuay
lihuay committed Mar 29, 2023
2 parents 403ee85 + c89a1a6 commit 7c3992f
Show file tree
Hide file tree
Showing 12 changed files with 1,027 additions and 285 deletions.
70 changes: 70 additions & 0 deletions MoM.html
View file
Original file line number Diff line number Diff line change
Expand Up @@ -104,6 +104,76 @@ <h2>SONiC community meeting minutes </h2>
<th style=" text-align: center; ">Links To Meeting Agenda</th>
<th style=" text-align: center; ">Links To Minutes Of The meeting</th>
</tr>
<tr>
<td style="">&nbsp;&nbsp;Feb 28 2022 &nbsp;&nbsp;</td>
<td style="text-align: left; "><a href="https://lists.sonicfoundation.dev/g/sonic-dev/message/183">Sflow HLD enhancements & ECN and WRED statistics support for SONiC </a></td>
<td style=""><a href="https://lists.sonicfoundation.dev/g/sonic-dev/message/183">MoM</a></td>
</tr>
<tr>
<td style="">&nbsp;&nbsp;Feb 21 2022 &nbsp;&nbsp;</td>
<td style="text-align: left; "><a href="https://github.com/sonic-net/SONiC/blob/b94b023dd55006f650b8f020365cf3cea28945c6/doc/acl/Extend-L3V6ACLs.md">Support Ipv4 ACL rules in Ipv6 ACL tables in optimized platforms</a></td>
<td style=""><a href="https://lists.sonicfoundation.dev/g/sonic-dev/message/181">MoM</a></td>
</tr>
<tr>
<td style="">&nbsp;&nbsp;Feb 14 2022 &nbsp;&nbsp;</td>
<td style="text-align: left; "><a href="https://github.com/sonic-net/SONiC/pull/1252">SRv6 VPN HLD</a></td>
<td style=""><a href="https://groups.google.com/g/sonicproject/c/1pA1yuWpmUU/m/YHNx1lZHAwAJ">MoM</a></td>
</tr>
<tr>
<td style="">&nbsp;&nbsp;Feb 07 2022 &nbsp;&nbsp;</td>
<td style="text-align: left; "><a href="https://github.com/sonic-net/SONiC/pull/912/files">SwitchPort mode CLI and VLAN CLI management</a></td>
<td style=""><a href="https://groups.google.com/g/sonicproject/c/lTRwEUjPzes/m/0QVlb8B6AAAJ">MoM</a></td>
</tr>
<tr>
<td style="">&nbsp;&nbsp;Jan 31 2022 &nbsp;&nbsp;</td>
<td style="text-align: left; "><a href="https://github.com/sonic-net/SONiC/pull/1243">Resource Monitoring for Generic SAI Extensions</a></td>
<td style=""><a href="https://groups.google.com/g/sonicproject/c/2_iCiiUspLA/m/vTjhavoRAwAJ">MoM</a></td>
</tr>
<tr>
<td style="">&nbsp;&nbsp;Jan 24 2022 &nbsp;&nbsp;</td>
<td style="text-align: left; "><a href="https://github.com/sonic-net/SONiC/pull/1231">Reset Factory HLD</a></td>
<td style=""><a href="https://groups.google.com/g/sonicproject/c/2_iCiiUspLA/m/dTWaclNmEAAJ">MoM</a></td>
</tr>
<tr>
<td style="">&nbsp;&nbsp;Jan 17 2022 &nbsp;&nbsp;</td>
<td style="text-align: left; "><a href="https://github.com/sonic-net/SONiC/blob/54dd6e6c2b1db14460dbee44f635a5a5daebcf59/doc/Clock%20commands/clock_managment_hld.md">Clock management HLD</a></td>
<td style=""><a href="https://groups.google.com/g/sonicproject/c/2_iCiiUspLA/m/ty3kXiXlAgAJ">MoM</a></td>
</tr>
<tr>
<td style="">&nbsp;&nbsp;Jan 10 2022 &nbsp;&nbsp;</td>
<td style="text-align: left; "><a href="https://github.com/sonic-net/SONiC/pull/1203">Config Reload Enhancement HLD</a></td>
<td style=""><a href="https://lists.sonicfoundation.dev/g/sonic-dev/message/116">MoM</a></td>
</tr>
<tr>
<td style="">&nbsp;&nbsp;Jan 02 2022 &nbsp;&nbsp;</td>
<td style="text-align: left; "><a href="https://groups.google.com/g/sonicproject/c/svzeJA13qLQ/m/JqVyp_YRAwAJ">No Meeting</a></td>
<td style="text-align: left; "><a ></a></td>
</tr>
<tr>
<td style="">&nbsp;&nbsp;Dec 27 2022 &nbsp;&nbsp;</td>
<td style="text-align: left; "><a href="https://groups.google.com/g/sonicproject/c/svzeJA13qLQ/m/JqVyp_YRAwAJ">No Meeting</a></td>
<td style="text-align: left; "><a ></a></td>
</tr>
<tr>
<td style="">&nbsp;&nbsp;Dec 20 2022 &nbsp;&nbsp;</td>
<td style="text-align: left; "><a href="https://groups.google.com/g/sonicproject/c/svzeJA13qLQ/m/JqVyp_YRAwAJ">No Meeting</a></td>
<td style="text-align: left; "><a ></a></td>
</tr>
<tr>
<td style="">&nbsp;&nbsp;Dec 13 2022 &nbsp;&nbsp;</td>
<td style="text-align: left; "><a href="https://github.com/sonic-net/SONiC/pull/1048">User Management HLD</a></td>
<td style=""><a href="https://lists.sonicfoundation.dev/g/sonic-dev/message/81">MoM</a></td>
</tr>
<tr>
<td style="">&nbsp;&nbsp;Dec 06 2022 &nbsp;&nbsp;</td>
<td style="text-align: left; "><a href="https://github.com/sonic-net/SONiC/blob/1235e84d925308eaf80b926fc802c832e7fb688b/doc/hash/hash-design.md">Generic Hash HLD</a></td>
<td style=""><a href="https://groups.google.com/g/sonicproject/c/2JQWvOXFsMg/m/AdXGEc0pAwAJ">MoM</a></td>
</tr>
<tr>
<td style="">&nbsp;&nbsp;Nov 29 2022 &nbsp;&nbsp;</td>
<td style="text-align: left; "><a >No Meeting</a></td>
<td style="text-align: left; "><a ></a></td>
</tr>
<tr>
<td style="">&nbsp;&nbsp;Nov 22 2022 &nbsp;&nbsp;</td>
<td style="text-align: left; "><a href="https://github.com/sonic-net/SONiC/blob/bb09d8b6d3ae491b3bf81a8bd178e4093fe3c551/doc/BGP/BGP-supress-fib-pending.md">FIB Suppression Announcements of routes not installed Hardware</a></td>
Expand Down
13 changes: 8 additions & 5 deletions doc/acl/ACL-enhancements-on-show-command.md
View file
Original file line number Diff line number Diff line change
Expand Up @@ -7,11 +7,12 @@
| Rev | Date | Author | Change Description |
|:---:|:-----------:|:------------------:|-----------------------------------|
| 0.1 | 2/6/2023 | Bing Wang | Initial version |
| 0.2 | 3/23/2023 | Bing Wang | Address review comments |

### Scope

The scope of this document covers enhancements on show acl commands, including `show acl table` and `show acl rule`.
Only dataplane ACL is covered in this design. The enhancement of control plane ACL will be covered in another document,
Only dataplane ACL is covered in this design. The enhancement of control plane ACL will be covered in another document.

### Definitions/Abbreviations

Expand All @@ -37,6 +38,8 @@ This design is to improve the show acl commands to add the status of ACL table o

In current implementation, `orchagent` checks return value from SAI, and writes a log to syslog.
In the proposed design, we introduce a new table to `STATE_DB`, and `orchagent` will write the return status to the `STATE_DB` table. The user can check the status of ACL table or ACL rule creation with CLI `show acl table` or `show acl rule`. The `show` command reads the status from `STATE_DB`, and reads configuration from `CONFIG_DB`, and finally combine the status and configuration in the output.

The proposed change doesn't cover the internally added ACL table or ACL rule, such as the ACL table/rule added by PFC handler or Mux handler in dualtor setup. That is because the table/rule is not added by `CONFIG_DB` entries. Hence the show command can't find the corresponding configuration in `CONFIG_DB`.
<p align=center>
<img src="img/acl-work-flow-with-state-db.png" alt="Figure 2. ACL work flow with STATE_DB">
</p>
Expand Down Expand Up @@ -64,7 +67,7 @@ ACL rule status
```
$ redis-cli -n 6 hgetall "ACL_RULE|DATAACL|RULE_1"
1) "status"
2) "Active"
2) "Inactive"
```
#### Orchagent
Add logic in `aclorch` to support writing return status into `STATE_DB`. When ACL table or ACL rule is being deleted, the corresponding entry in `STATE_DB` is also cleared.
Expand All @@ -87,9 +90,9 @@ DATAACL L3 Ethernet0 DATAACL ingress Active
show acl rule
Table Rule Priority Action Match Status
------- ------------ ---------- -------- ------------------- --------
DATAACL RULE_1 9999 DROP DST_IP: 9.5.9.3/32 Active
DATAACL RULE_1 9999 DROP DST_IP: 9.5.9.3/32 Inactive
ETHER_TYPE: 2048
DATAACL RULE_2 9998 FORWARD DST_IP: 10.2.1.2/32 Active
DATAACL RULE_2 9998 FORWARD DST_IP: 10.2.1.2/32 Inactive
ETHER_TYPE: 2048
IP_PROTOCOL: 6
L4_DST_PORT: 22
Expand All @@ -100,7 +103,7 @@ The existing test script for ACL in sonic-mgmt is parsing syslog to find a keywo
### Warmboot and Fastboot Design Impact

No impact to Warmboot or Fastboot
The new table in `STATE_DB` doesn't persist during warmboot or fastboot. So there is no impact to warmboot or fastboot.

### Restrictions/Limitations
N/A
Expand Down
Loading

0 comments on commit 7c3992f

Please sign in to comment.