forked from sonic-net/sonic-buildimage
-
Notifications
You must be signed in to change notification settings - Fork 0
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
[chassis] Added support of isolating given LC in Chassis with TSA mode (
sonic-net#16732) What I did: Added support when TSA is done on Line Card make sure it's completely isolated from all e-BGP peer devices from this LC or remote LC Why I did: Currently when TSA is executed on LC routes are withdrawn from it's connected e-BGP peers only. e-BGP peers on remote LC can/will (via i-BGP) still have route pointing/attracting traffic towards this isolated LC. How I did: When TSA is applied on LC all the routes that are advertised via i-BGP are set with community tag of no-export so that when remote LC received these routes it does not send over to it's connected e-BGP peers. Also once we receive the route with no-export over iBGP match on it and and set the local preference of that route to lower value (80) so that we remove that route from the forwarding database. Below scenario explains why we do this: - LC1 advertise R1 to LC3 - LC2 advertise R1 to LC3 - On LC3 we have multi-path/ECMP over both LC1 and LC2 - On LC3 R1 received from LC1 is consider best route over R1 over received from LC2 and is send to LC3 e-BGP peers - Now we do TSA on LC2 - LC3 will receive R1 from LC2 with community no-export and from LC1 same as earlier (no change) - LC3 will still get traffic for R1 since it is still advertised to e-BGP peers (since R1 from LC1 is best route) - LC3 will forward to both LC1 and LC2 (ecmp) and this causes issue as LC2 is in TSA mode and should not receive traffic To fix above scenario we change the preference to lower value of R1 received from LC2 so that it is removed from Multi-path/ECMP group. How I verfiy: UT has been added to make sure Template generation is correct Manual Verification of the functionality sonic-mgmt test case will be updated accordingly. Please note this PR is on top of this :sonic-net#16714 which needs to be merged first. Signed-off-by: Abhishek Dosi <abdosi@microsoft.com>
- Loading branch information
Showing
13 changed files
with
171 additions
and
14 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -1,8 +1,15 @@ | ||
{%- if internal_route_map == '1' -%} | ||
route-map {{ route_map_name }} permit 20 | ||
set community no-export additive | ||
{# #} | ||
{%- else -%} | ||
route-map {{ route_map_name }} permit 20 | ||
match {{ ip_protocol }} address prefix-list PL_Loopback{{ ip_version }} | ||
set community {{ constants.bgp.traffic_shift_community }} | ||
route-map {{ route_map_name }} permit 30 | ||
match tag {{ constants.bgp.internal_community_match_tag }} | ||
set community {{ constants.bgp.traffic_shift_community }} | ||
route-map {{ route_map_name }} deny 40 | ||
{# #} | ||
{%- endif -%} | ||
! |
6 changes: 6 additions & 0 deletions
6
dockers/docker-fpm-frr/frr/bgpd/tsa/bgpd.tsa.unisolate.conf.j2
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -1,4 +1,10 @@ | ||
{%- if internal_route_map == '1' -%} | ||
no route-map {{ route_map_name }} permit 20 | ||
{# #} | ||
{%- else -%} | ||
no route-map {{ route_map_name }} permit 20 | ||
no route-map {{ route_map_name }} permit 30 | ||
no route-map {{ route_map_name }} deny 40 | ||
{# #} | ||
{%- endif -%} | ||
! |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
35 changes: 35 additions & 0 deletions
35
src/sonic-bgpcfgd/tests/data/internal/peer-group.conf/result_chassis_packet_isolate.conf
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,35 @@ | ||
! | ||
! template: bgpd/templates/internal/peer-group.conf.j2 | ||
! | ||
neighbor INTERNAL_PEER_V4 peer-group | ||
neighbor INTERNAL_PEER_V6 peer-group | ||
neighbor INTERNAL_PEER_V4 update-source Loopback4096 | ||
address-family ipv4 | ||
neighbor INTERNAL_PEER_V4 soft-reconfiguration inbound | ||
neighbor INTERNAL_PEER_V4 allowas-in 1 | ||
neighbor INTERNAL_PEER_V4 route-map FROM_BGP_INTERNAL_PEER_V4 in | ||
neighbor INTERNAL_PEER_V4 route-map TO_BGP_INTERNAL_PEER_V4 out | ||
neighbor INTERNAL_PEER_V4 send-community | ||
neighbor INTERNAL_PEER_V4 ttl-security hops 1 | ||
exit-address-family | ||
neighbor INTERNAL_PEER_V6 update-source Loopback4096 | ||
address-family ipv6 | ||
neighbor INTERNAL_PEER_V6 soft-reconfiguration inbound | ||
neighbor INTERNAL_PEER_V6 allowas-in 1 | ||
neighbor INTERNAL_PEER_V6 route-map FROM_BGP_INTERNAL_PEER_V6 in | ||
neighbor INTERNAL_PEER_V6 route-map TO_BGP_INTERNAL_PEER_V6 out | ||
neighbor INTERNAL_PEER_V6 send-community | ||
neighbor INTERNAL_PEER_V6 ttl-security hops 1 | ||
exit-address-family | ||
! | ||
! end of template: bgpd/templates/internal/peer-group.conf.j2 | ||
! | ||
|
||
|
||
route-map TO_BGP_INTERNAL_PEER_V4 permit 20 | ||
set community no-export additive | ||
! | ||
route-map TO_BGP_INTERNAL_PEER_V6 permit 20 | ||
set community no-export additive | ||
! | ||
|
33 changes: 33 additions & 0 deletions
33
src/sonic-bgpcfgd/tests/data/internal/peer-group.conf/result_chassis_packet_unisolate.conf
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,33 @@ | ||
! | ||
! template: bgpd/templates/internal/peer-group.conf.j2 | ||
! | ||
neighbor INTERNAL_PEER_V4 peer-group | ||
neighbor INTERNAL_PEER_V6 peer-group | ||
neighbor INTERNAL_PEER_V4 update-source Loopback4096 | ||
address-family ipv4 | ||
neighbor INTERNAL_PEER_V4 soft-reconfiguration inbound | ||
neighbor INTERNAL_PEER_V4 allowas-in 1 | ||
neighbor INTERNAL_PEER_V4 route-map FROM_BGP_INTERNAL_PEER_V4 in | ||
neighbor INTERNAL_PEER_V4 route-map TO_BGP_INTERNAL_PEER_V4 out | ||
neighbor INTERNAL_PEER_V4 send-community | ||
neighbor INTERNAL_PEER_V4 ttl-security hops 1 | ||
exit-address-family | ||
neighbor INTERNAL_PEER_V6 update-source Loopback4096 | ||
address-family ipv6 | ||
neighbor INTERNAL_PEER_V6 soft-reconfiguration inbound | ||
neighbor INTERNAL_PEER_V6 allowas-in 1 | ||
neighbor INTERNAL_PEER_V6 route-map FROM_BGP_INTERNAL_PEER_V6 in | ||
neighbor INTERNAL_PEER_V6 route-map TO_BGP_INTERNAL_PEER_V6 out | ||
neighbor INTERNAL_PEER_V6 send-community | ||
neighbor INTERNAL_PEER_V6 ttl-security hops 1 | ||
exit-address-family | ||
! | ||
! end of template: bgpd/templates/internal/peer-group.conf.j2 | ||
! | ||
|
||
|
||
no route-map TO_BGP_INTERNAL_PEER_V4 permit 20 | ||
! | ||
no route-map TO_BGP_INTERNAL_PEER_V6 permit 20 | ||
! | ||
|
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters