Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

[action] [PR:16634] [minigraph-parser] Update the definition of acl table type BMCDATAV6 #16797

Merged
merged 1 commit into from
Oct 7, 2023

Conversation

mssonicbld
Copy link
Collaborator

Why I did it

In the previous definition of BMCDATAV6, if we add a deny-all-packet rule to ACL table like below, if will even drop the ICMPv6 packets and the switch can no longer learn MAC address via NDP.

"acl-entry": {
 "9990_DROP_ALL": {
 "actions": {
 "config": {
 "forwarding-action": "DROP"
 }
 },
 "config": {
 "sequence-id": 9990
 },
 "l2": {
 "config": {
 "ethertype": 34525
 }
 }
 }
}

To allow the NDP packets be forwarded, we need to add below ACL rules like below.

"acl-entry": {
 "30_ALLOW_NDP": {
 "actions": {
 "config": {
 "forwarding-action": "ACCEPT"
 }
 },
 "config": {
 "sequence-id": 30
 },
 "ip": {
 "config": {
 "protocol": 58
 }
 },
 "icmp": {
 "config": {
 "type": "135",
 "code": "0"
 }
 }
 },
 "31_ALLOW_NDP": {
 "actions": {
 "config": {
 "forwarding-action": "ACCEPT"
 }
 },
 "config": {
 "sequence-id": 31
 },
 "ip": {
 "config": {
 "protocol": 58
 }
 },
 "icmp": {
 "config": {
 "type": "136",
 "code": "0"
 }
 }
 }
}

To support above ACL rule in custom ACL table type BMCDATAV6, we need to add new matching fields to the definition.

Work item tracking
  • Microsoft ADO (number only): 25227731

How I did it

Update the definition of custom ACL table type BMCDATAV6.

How to verify it

Verified by UT and build image.

Which release branch to backport (provide reason below if selected)

  • 201811
  • 201911
  • 202006
  • 202012
  • 202106
  • 202111
  • 202205
  • 202211 (BMCDATAV6 is not included in 202211, backport is not needed)
  • 202305

Tested branch (Please provide the tested image version)

Description for the changelog

Link to config_db schema for YANG module changes

A picture of a cute animal (not mandatory but encouraged)

@mssonicbld
Copy link
Collaborator Author

Original PR: #16634

@mssonicbld mssonicbld merged commit e793e83 into sonic-net:202305 Oct 7, 2023
16 checks passed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Projects
None yet
Development

Successfully merging this pull request may close these issues.

2 participants