Added support for EVPN L3 VXLAN as described in the PR Azure/SONiC#437 #1267
Conversation
cfgmgr/vrfmgr.h
Outdated
| void doTask(Consumer &consumer); | ||
|
|
||
| std::map<std::string, uint32_t> m_vrfTableMap; | ||
| std::set<uint32_t> m_freeTables; | ||
| VRFNameVNIMapTable vrf_vni_map_table_; |
There was a problem hiding this comment.
Please follow the same naming convention as in the rest of the class
cfgmgr/vrfmgr.h
Outdated
| class VrfMgr : public Orch | ||
| { | ||
| public: | ||
| VrfMgr(DBConnector *cfgDb, DBConnector *appDb, DBConnector *stateDb, const std::vector<std::string> &tableNames); | ||
| using Orch::doTask; | ||
| std::string m_evpnVxlanTunnel; | ||
|
|
||
| uint32_t getVRFmappedVNI(const std::string& vrf_name) const |
There was a problem hiding this comment.
Please have {} for if/else and move this to .cpp file
cfgmgr/vrfmgr.cpp
Outdated
| } | ||
| } | ||
|
|
||
| if(m_evpnVxlanTunnel.empty()) { |
There was a problem hiding this comment.
Please open { in new line. Also for the rest of the if in this PR
|
|
||
| old_vni = getVRFmappedVNI(vrf_name); | ||
| SWSS_LOG_NOTICE("VRF VNI map update vrf %s, vni %d, old_vni %d", vrf_name.c_str(), vni, old_vni); | ||
| if (vni != old_vni) |
There was a problem hiding this comment.
So what triggers this value change? VRF_TABLE is part of config_db right? so is this some user config that they change the vni value?
There was a problem hiding this comment.
Yes. VRF VNI Map is stored in CONFIG DB VRF_TABLE, This takes care of scenario if VRF VNI mapping is changed.
cfgmgr/vrfmgr.cpp
Outdated
| SWSS_LOG_ENTER(); | ||
| string key; | ||
|
|
||
| if(m_evpnVxlanTunnel.empty()) { |
orchagent/routeorch.cpp
Outdated
| @@ -1021,7 +1147,7 @@ bool RouteOrch::addRoute(sai_object_id_t vrf_id, const IpPrefix &ipPrefix, const | |||
|
|
|||
| /* Increase the ref_count for the next hop (group) entry */ | |||
| increaseNextHopRefCount(nextHops); | |||
| SWSS_LOG_INFO("Create route %s with next hop(s) %s", | |||
| SWSS_LOG_NOTICE("Create route %s with next hop(s) %s", | |||
There was a problem hiding this comment.
Please change this to INFO
orchagent/routeorch.cpp
Outdated
| } | ||
| SWSS_LOG_INFO("Set route %s with next hop(s) %s", | ||
| SWSS_LOG_NOTICE("Set route %s with next hop(s) %s", |
There was a problem hiding this comment.
Please change this to INFO
orchagent/routeorch.cpp
Outdated
| EvpnNvoOrch* evpn_orch = gDirectory.get<EvpnNvoOrch*>(); | ||
| VxlanTunnelOrch* tunnel_orch = gDirectory.get<VxlanTunnelOrch*>(); | ||
| bool status = false; | ||
| int ip_refcnt = -2; |
There was a problem hiding this comment.
Why is this initialized to -2? Can we have it as 0?
There was a problem hiding this comment.
Ok. Will do. Used it for debug purpose.
orchagent/routeorch.cpp
Outdated
| bool status = false; | ||
| int ip_refcnt = -2; | ||
|
|
||
| SWSS_LOG_NOTICE("Routeorch Add Remote VTEP %s, VNI %d, VR_ID %lx", |
There was a problem hiding this comment.
You could remove this log as it is same as one below
orchagent/routeorch.cpp
Outdated
|
|
||
| SWSS_LOG_NOTICE("Routeorch Add Remote VTEP %s, VNI %d, VR_ID %lx", | ||
| nextHop.ip_address.to_string().c_str(), nextHop.vni, vrf_id); | ||
| status = tunnel_orch->addTunnelUser(nextHop.ip_address.to_string(), nextHop.vni, 0, TNL_SRC_IP, vrf_id); |
There was a problem hiding this comment.
Where is TNL_SRC_IP defined?
There was a problem hiding this comment.
It is defined in PR 1264.
https://github.com/Azure/sonic-swss/pull/1264/files : orchagent/vxlanorch.h
| m_appVnetTableProducer.set(vrfName, kfvFieldsValues(t)); | ||
| if (!setLink(vrfName)) | ||
| { | ||
| SWSS_LOG_ERROR("Failed to create vrf netdev %s", vrfName.c_str()); |
There was a problem hiding this comment.
How would we recover from Vrf creation failures?
There was a problem hiding this comment.
This is existing vrfmgr code in base/master branch. Not changed due to EVPN changes. Need to address this separately.
cfgmgr/vrfmgr.cpp
Outdated
| m_evpnVxlanTunnel = ""; | ||
| } | ||
|
|
||
| SWSS_LOG_NOTICE("Removed evpn nvo tunnel %s", m_evpnVxlanTunnel.c_str()); |
There was a problem hiding this comment.
If m_evpnVxlanTunnel is empty, this log wouldnt print anything.
If m_evpnVxlanTunnel is not empty
m_evpnVxlanTunnel will be empty after m_evpnVxlanTunnel = "";
Finally this log wouldnt print anything for m_evpnVxlanTunnel ?
|
|
||
| } | ||
|
|
||
| if ((vni == 0) && add) |
There was a problem hiding this comment.
What will be this case, where VNI is 0 and is still an 'add' condition?
There was a problem hiding this comment.
This is to take care of the scenario when VRF is configured but VRF to VNI Mapping is not configured.
| } | ||
|
|
||
| SWSS_LOG_NOTICE("VRF VNI map update vrf %s, s_vni %s, add %d", vrf_name.c_str(), s_vni.c_str(), add); | ||
| doVrfVxlanTableUpdate(vrf_name, s_vni, add); |
There was a problem hiding this comment.
There could be VNIs which are only mapped to VLANs but not VRFs. How do we make sure that, we are using unique VNIs here?
There was a problem hiding this comment.
VNI can be both L2 + L3. For the case where Vlan associated with VNI is tenant Vlan as well.
So L3 VNI need not be unique.
There was a problem hiding this comment.
Didnt quite understand this. An L2 VNI between 2 leafs for a given Tenant, could also be a L3 VNI for different Tenant?
My understanding is that, either L2 or L3 VNI, they have to be unique in a given system.
There was a problem hiding this comment.
VLAN-X +VNI-X -- L2 VXLAN
VLAN-Y + VNI-Y + VRF-Y -- L3 VXLAN (for TYPE-5)
Where do we verify if VNI-X and VNI-Y are not overlapping?
There was a problem hiding this comment.
Currently it is taken care in CLI Validation.
There was a problem hiding this comment.
@tapashdas If the configuration is done directly in config_db, we would need to check the validity of the global VLAN/VRF-->VNI mapping. It will be better to maintain or validate global vlan/vrf<-->VNI mapping in the cfgmgr.
There was a problem hiding this comment.
@tapashdas In vxlanmgr.cpp, if the vni is already mapped to a vlan, mapper entry is rejected. But here the mapping entry is updated. Can we reject the config similar to vxlanmgr?
|
Type-5 routes are applicable only for non-default VRF Tenants right? Could you please let me know, where do we block this for default VRF? |
|
For remote Type-5 Prefixes, the routes need to be programmed with ONLINK attribute right? Are those changes, part of this pull request? or please point me to that PR, if that is different. |
|
Are local Static Route Prefixes supported? |
No. Static route over tunnel is currently not supported. This is EVPN L3 VXLAN PR so out of scope of this PR. |
Yes Type-5 routes are applicable only for non-default VRF. FRR will update APP DB route table only for non-default VRF. |
ONLINK is programmed only in the Kernel not in the hardware. Hardware is programed with VLAN, VNI, RMAC with the prefix. |
I understand that it is programmed in Kernel. What I was asking is, to point me to the PR where it is done. |
If it is not currently supported, I agree to that. I dont agree if we say it is not a EVPN feature. |
|
retest vs please |
1 similar comment
|
retest vs please |
| } | ||
|
|
||
| SWSS_LOG_NOTICE("VRF VNI map update vrf %s, s_vni %s, add %d", vrf_name.c_str(), s_vni.c_str(), add); | ||
| doVrfVxlanTableUpdate(vrf_name, s_vni, add); |
There was a problem hiding this comment.
@tapashdas If the configuration is done directly in config_db, we would need to check the validity of the global VLAN/VRF-->VNI mapping. It will be better to maintain or validate global vlan/vrf<-->VNI mapping in the cfgmgr.
| } | ||
|
|
||
| SWSS_LOG_NOTICE("VRF VNI map update vrf %s, s_vni %s, add %d", vrf_name.c_str(), s_vni.c_str(), add); | ||
| doVrfVxlanTableUpdate(vrf_name, s_vni, add); |
There was a problem hiding this comment.
@tapashdas In vxlanmgr.cpp, if the vni is already mapped to a vlan, mapper entry is rejected. But here the mapping entry is updated. Can we reject the config similar to vxlanmgr?
| SWSS_LOG_NOTICE("Failed to create remote vtep %s", nexthop.to_string(overlay_nh).c_str()); | ||
| return false; | ||
| } | ||
| next_hop_id = m_neighOrch->addTunnelNextHop(nexthop); |
There was a problem hiding this comment.
NULL object-id for tunnel-nhop failure is not checked.
We could change this API to return status instead of returning the object-id and check the status for success/failure
orchagent/routeorch.cpp
Outdated
| status = deleteRemoteVtep(vrf_id, tunnel_nh); | ||
| if (status == false) | ||
| { | ||
| SWSS_LOG_NOTICE("Failed to delete remote vtep %s ecmp", tunnel_nh.to_string(true).c_str()); |
There was a problem hiding this comment.
error log and return false? Please check the error status in the caller methods as well
|
Will take care of the comments in cfgmgr/vrfmgr.cpp. Currently all validation checks are at CLI level. |
orchagent/nexthopkey.h
Outdated
| @@ -45,19 +49,44 @@ struct NextHopKey | |||
| throw std::invalid_argument(err); | |||
| } | |||
| } | |||
| NextHopKey(const std::string &str, bool overlay_nh) | |||
| { | |||
orchagent/nexthopkey.h
Outdated
| const std::string to_string() const | ||
| { | ||
| return ip_address.to_string() + NH_DELIMITER + alias; | ||
| } | ||
|
|
||
| const std::string to_string(bool overlay_nh) const | ||
| { |
| @@ -133,9 +156,99 @@ bool VRFOrch::delOperation(const Request& request) | |||
|
|
|||
| vrf_table_.erase(vrf_name); | |||
| vrf_id_table_.erase(router_id); | |||
| error = delVrfVNIMap(vrf_name, 0); | |||
| if (error == false) | |||
orchagent/vrforch.cpp
Outdated
| old_vni = getVRFmappedVNI(vrf_name); | ||
| SWSS_LOG_INFO("VRF '%s' vni %d old_vni %d", vrf_name.c_str(), vni, old_vni); | ||
|
|
||
| if (old_vni != vni) { |
orchagent/vxlanorch.cpp
Outdated
| @@ -2132,7 +2134,7 @@ bool EvpnNvoOrch::addOperation(const Request& request) | |||
| source_vtep_ptr = tunnel_orch->getVxlanTunnel(vtep_name); | |||
|
|
|||
| SWSS_LOG_INFO("evpnnvo: %s vtep : %s \n",nvo_name.c_str(), vtep_name.c_str()); | |||
|
|
|||
There was a problem hiding this comment.
I think tab space is added here
orchagent/vrforch.cpp
Outdated
| @@ -84,6 +95,12 @@ bool VRFOrch::addOperation(const Request& request) | |||
| vrf_table_[vrf_name].vrf_id = router_id; | |||
| vrf_table_[vrf_name].ref_count = 0; | |||
| vrf_id_table_[router_id] = vrf_name; | |||
| if (vni != 0) { | |||
orchagent/routeorch.cpp
Outdated
|
|
||
| if (m_syncdRoutes.find(vrf_id) == m_syncdRoutes.end()) | ||
| { | ||
| m_syncdRoutes.emplace(vrf_id, RouteTable()); | ||
| m_vrfOrch->increaseVrfRefCount(vrf_id); | ||
| } | ||
|
|
||
| if(nextHops.is_overlay_nexthop()) |
orchagent/routeorch.cpp
Outdated
| auto it_route = m_syncdRoutes.at(vrf_id).find(ipPrefix); | ||
|
|
||
| /* The route is pointing to a next hop */ | ||
| if (nextHops.getSize() == 1) | ||
| { | ||
| NextHopKey nexthop(nextHops.to_string()); | ||
| NextHopKey nexthop; | ||
| if (overlay_nh) { |
| @@ -1212,13 +1320,55 @@ bool RouteOrch::addRoute(RouteBulkContext& ctx, const NextHopGroupKey &nextHops) | |||
| /* Try to create a new next hop group */ | |||
| if (!addNextHopGroup(nextHops)) | |||
| { | |||
| /* NextHopGroup is in "Ip1|alias1,Ip2|alias2,..." format*/ | |||
| std::vector<std::string> nhops = tokenize(nextHops.to_string(), ','); | |||
There was a problem hiding this comment.
Please explain this flow.
…nic-net#1267) Add subcommand to show midplane status for modular chassis and related unit tests
Support a new ACL table type called L3V4V6. This table supports both v4 and v6 Match types. Add unit tests for this new ACL table type. HLD: sonic-net/SONiC#1267 Signed-off-by: Ravi(Marvell) rck@innovium.com
Support a new ACL table type called L3V4V6. This table supports both v4 and v6 Match types. Add unit tests for this new ACL table type. HLD: sonic-net/SONiC#1267 Signed-off-by: Ravi(Marvell) rck@innovium.com
…onic-net#2735) * Combine v4 and v6 L3 ACL rules on optimized platforms sonic-net#1267
Added support for EVPN L3 VXLAN as described in the PR sonic-net/SONiC#437
What I did
VRFMgr Changes to update VRF VNI Map information and notify VRFOrch.
Neighbor Orch changes to Add and Remove Tunnel Nexthops.
Nexthop Key changes to accommodate VNI and Router MAC.
Route Orch changes to Add and Remove Overlay routes, Create and Delete Overlay Nexthops.
Port Orch changes to bring Up / Down Router Interface (IRB Vlan interface) on VRF - VNI Bind / Unbind.
Signed-off-by: Tapash Das tapash.das@broadcom.com
Why I did it
How I verified it
Details if related