Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Update backend_acl.py to specify ACL table name #17553

Merged
merged 1 commit into from
Jan 3, 2024

Conversation

bingwang-ms
Copy link
Contributor

@bingwang-ms bingwang-ms commented Dec 19, 2023

Why I did it

Fix #17552 .

PR #14229 added a service for loading backend ACL rules. There is an issue in below code in backend_acl.py.

if os.path.isfile(BACKEND_ACL_FILE):
run_command(['acl-loader', 'update', 'incremental', BACKEND_ACL_FILE])

Because table_name is not specified when calling acl-loader, the ACL rules loaded previously will be cleared.

Work item tracking
  • Microsoft ADO 26167588:

How I did it

Specify the ACL table name DATAACL when calling acl-loader.

How to verify it

The change is verified by running on a physical testbed. The previously loaded ACL rules are not cleared after this change.

admin@str2-7050qx-32s-acs-02:/usr/share/sonic/templates$ show acl rule
Table     Rule          Priority    Action    Match
--------  ------------  ----------  --------  ------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------
SNMP_ACL  RULE_1        9999        ACCEPT    SRC_IP: 10.20.0.0/16
DATAACL   RULE_1        9999        FORWARD   ETHER_TYPE: 2048
                                              IN_PORTS: Ethernet12,Ethernet16,Ethernet20,Ethernet24,Ethernet28,Ethernet32,Ethernet36,Ethernet4,Ethernet40,Ethernet44,Ethernet48,Ethernet52,Ethernet56,Ethernet60,Ethernet64,Ethernet68,Ethernet72,Ethernet76,Ethernet8
                                              VLAN_ID: 1000
SNMP_ACL  RULE_2        9998        ACCEPT    SRC_IP: 10.154.232.0/21
SNMP_ACL  RULE_3        9997        ACCEPT    SRC_IP: 25.65.16.0/20
SNMP_ACL  RULE_4        9996        ACCEPT    SRC_IP: 25.66.128.0/17
SNMP_ACL  RULE_5        9995        ACCEPT    SRC_IP: 100.126.0.0/16
SNMP_ACL  RULE_6        9994        ACCEPT    SRC_IP: 100.127.64.0/18
......

Which release branch to backport (provide reason below if selected)

  • 201811
  • 201911
  • 202006
  • 202012
  • 202106
  • 202111
  • 202205
  • 202211
  • 202305

Tested branch (Please provide the tested image version)

  • 20201231.118

Description for the changelog

Update backend_acl.py to specify ACL table name.

Link to config_db schema for YANG module changes

No schema change.

A picture of a cute animal (not mandatory but encouraged)

@yxieca yxieca merged commit 977e73d into sonic-net:master Jan 3, 2024
22 checks passed
mssonicbld pushed a commit to mssonicbld/sonic-buildimage that referenced this pull request Jan 3, 2024
mssonicbld pushed a commit to mssonicbld/sonic-buildimage that referenced this pull request Jan 3, 2024
@mssonicbld
Copy link
Collaborator

Cherry-pick PR to 202205: #17667

@mssonicbld
Copy link
Collaborator

Cherry-pick PR to 202211: #17666

@mssonicbld
Copy link
Collaborator

Cherry-pick PR to 202311: #17668

@mssonicbld
Copy link
Collaborator

Cherry-pick PR to 202305: #17673

nonodark added a commit to nonodark/sonic-buildimage that referenced this pull request Jan 29, 2024
Signed-off-by: nonodark <ef67891@yahoo.com.tw>

Squashed commit of the following:

commit 335ebaa
Author: mssonicbld <79238446+mssonicbld@users.noreply.github.com>
Date:   Wed Jan 24 16:35:00 2024 +0800

    [submodule] Update submodule sonic-platform-daemons to the latest HEAD automatically (sonic-net#17891)
    src/sonic-platform-daemons
    ```
    * 824c20a - (HEAD -> 202305, origin/202305) Support 800G ifname in xcvrd (sonic-net#420) (20 hours ago) [Anoop Kamath]
    ```

commit 78e211c
Author: mssonicbld <79238446+mssonicbld@users.noreply.github.com>
Date:   Sun Jan 21 16:32:35 2024 +0800

    [submodule] Update submodule sonic-utilities to the latest HEAD automatically (sonic-net#17868)
    src/sonic-utilities
    ```
    * 83a548de - (HEAD -> 202305, origin/202305) Disable Key Validation feature during sonic-installation for Cisco Platforms (sonic-net#3115) (22 hours ago) [selvipal]
    ```

commit 5d30151
Author: mssonicbld <79238446+mssonicbld@users.noreply.github.com>
Date:   Sat Jan 20 16:32:45 2024 +0800

    [submodule] Update submodule sonic-snmpagent to the latest HEAD automatically (sonic-net#17863)
    src/sonic-snmpagent
    ```
    * 6f59d29 - (HEAD -> 202305, origin/202305) Fix SNMP dropping some of the queue counter when create_only_config_db_buffers is set to true (sonic-net#303) (sonic-net#309) (33 minutes ago) [mssonicbld]
    ```

commit 208c170
Author: mssonicbld <79238446+mssonicbld@users.noreply.github.com>
Date:   Sat Jan 20 04:32:37 2024 +0800

    [submodule] Update submodule sonic-snmpagent to the latest HEAD automatically (sonic-net#17859)
    src/sonic-snmpagent
    ```
    * 2efaf2e - (HEAD -> 202305, origin/202305) Revert "[action] [PR:303] Fix SNMP dropping some of the queue counter when create_only_config_db_buffers is set to true (sonic-net#303)" (sonic-net#308) (4 minutes ago) [StormLiangMS]
    ```

commit 306175b
Author: Saikrishna Arcot <sarcot@microsoft.com>
Date:   Fri Jan 19 03:16:04 2024 -0800

    dhcrelay: Don't look up the ifindex for the fallback interface (sonic-net#17797) (sonic-net#17840)

    Currently, whenever isc-dhcp-relay forwards a packet upstream,
    internally, it will try to send it on a "fallback" interface. My
    understanding is that this isn't meant to be a real interface, but
    instead is basically saying to use Linux's regular routing stack to
    route the packet appropriately (rather than having isc-dhcp-relay
    specify specifically which interface to use).

    The problem is that on systems with a weak CPU, a large number of
    interfaces, and many upstream servers specified, this can introduce a
    noticeable delay in packets getting sent. The delay comes from trying to
    get the ifindex of the fallback interface. In one test case, it got to
    the point that only 2 packets could be processed per second. Because of
    this, dhcrelay will easily get backlogged and likely get to a point
    where packets get dropped in the kernel.

    Fix this by adding a check saying if we're using the fallback interface,
    then don't try to get the ifindex of this interface. We're never going
    to have an interface named this in SONiC.

    Signed-off-by: Saikrishna Arcot <sarcot@microsoft.com>

commit fc7a1ac
Author: mssonicbld <79238446+mssonicbld@users.noreply.github.com>
Date:   Fri Jan 19 18:36:00 2024 +0800

    [submodule] Update submodule sonic-snmpagent to the latest HEAD automatically (sonic-net#17853)
    src/sonic-snmpagent
    ```
    * b0a4bcc - (HEAD -> 202305, origin/202305) Set the execute bit on sysDescr_pass.py (sonic-net#306) (22 hours ago) [Andre Kostur]
    ```

commit 30b1f05
Author: mssonicbld <79238446+mssonicbld@users.noreply.github.com>
Date:   Fri Jan 19 16:34:55 2024 +0800

    [submodule] Update submodule linkmgrd to the latest HEAD automatically (sonic-net#17851)
    src/linkmgrd
    ```
    * f5e9b54 - (HEAD -> 202305, origin/202305) [CodeQL] fix unmet build dependency (sonic-net#222) (10 hours ago) [Jing Zhang]
    * 2282cc5 - [active-standby] Probe the link in suspend timeout (sonic-net#235) (22 hours ago) [Longxiang Lyu]
    ```

commit 66ce739
Author: mssonicbld <79238446+mssonicbld@users.noreply.github.com>
Date:   Fri Jan 19 16:34:46 2024 +0800

    [submodule] Update submodule sonic-utilities to the latest HEAD automatically (sonic-net#17855)
    src/sonic-utilities
    ```
    * 93c42272 - (HEAD -> 202305, origin/202305) [chassis]: Support show ip bgp summary to display without error when no external neighbors are configured on chassis LC (sonic-net#3099) (22 hours ago) [Arvindsrinivasan Lakshmi Narasimhan]
    ```

commit 076b6c3
Author: zitingguo-ms <zitingguo@microsoft.com>
Date:   Fri Jan 19 14:56:01 2024 +0800

    upgrade xgs SAI to 8.4.39.2 (sonic-net#17842)

    Why I did it
    Upgrade the xgs SAI version to 8.4.39.2 to include the following fix:

    8.4.36.0: [submodule upgrade] [SAI_BRANCH rel_ocp_sai_8_4] SID: SDK-381039 Cosq control dynamic type changes
    8.4.37.0: SID: MMU cosq control configuration with Dynamic Type Check
    8.4.38.0: [sbumodule upgrade] [CSP 0001232212][SAI_BRANCH rel_ocp_sai_8_4]back-porting SONIC-82415 to SAI 8.4
    8.4.39.0: [CSP CS00012320979] Port SONIC-81867 sai spec compliance for get SAI_SWITCH_ATTR_SWITCH_HARDWARE_INFO
    8.4.39.1: changes for phy-re-init of 40G ports for TH platforms CS00012327470
    8.4.39.2: fix capability for Hostif queue by change SET operation of SAI_HOSTIF_ATTR_QUEUE to be true
    Work item tracking
    Microsoft ADO (number only): 26491005
    How I did it
    Upgrade xgs SAI version in sai.mk file.

    How to verify it
    Run basic SONiC test using SAI release pipeline, all cases passed.
    https://dev.azure.com/mssonic/internal/_build/results?buildId=457869&view=results

commit 6d767e5
Author: abdosi <58047199+abdosi@users.noreply.github.com>
Date:   Thu Jan 18 20:53:26 2024 -0800

    [chassis] Support advertisement of Loopback0 of all LC's across all e-BGP peers in TSA mode (sonic-net#16714) (sonic-net#17837)

    What I did:
    In Chassis TSA mode Loopback0 Ip's of each LC's should be advertise through e-BGP peers of each remote LC's

    How I did:

    - Route-map policy to Advertise own/self Loopback IP to other internal iBGP peers with a community internal_community as define in constants.yml
    - Route-map policy to match on above internal_community when route is received from internal iBGP peers and set a internal tag as define in constants.yml and also delete the internal_community so we don't send to any of e-BGP peers
    - In TSA new route-map match on above internal tag and permit the route (Loopback0 IP's of remote LC's) and set the community to traffic_shift_community.
    - In TSB delete the above new route-map.

    How I verify:

    Manual Verification

    UT updated.
    sonic-mgmt PR: sonic-net/sonic-mgmt#10239

    Signed-off-by: Abhishek Dosi <abdosi@microsoft.com>

commit 898f126
Author: Baorong Liu <baorliu@cisco.com>
Date:   Thu Jan 18 04:08:29 2024 -0800

    [staticroutebfd]double commit PR-16450, change bfd to singlehop (sonic-net#17549)

    Why I did it
    double commit PR-16450 because of cherry pick conflict for PR#202305

    Work item tracking
    Microsoft ADO (number only):
    How I did it
    How to verify it

commit d81780b
Author: ganglv <88995770+ganglyu@users.noreply.github.com>
Date:   Thu Jan 18 20:07:40 2024 +0800

    Fix host service for 202305 branch (sonic-net#17781)

    Why I did it
    When we disable telemetry.service, sonic-hostservice will not start. And root cause is sonic-hostservice is only wanted by telemetry.service.

    Work item tracking
    Microsoft ADO (number only):
    How I did it
    Add dependency for gnmi.service.

    How to verify it
    Disable telemetry.service and build new image, and then check sonic-hostservice with new image.

commit b99c46e
Author: Liu Shilong <shilongliu@microsoft.com>
Date:   Thu Jan 18 20:05:04 2024 +0800

    [build] Add gpg keys for sonic-slave-bullseye in arm64 cross build on amd64. (sonic-net#17182) (sonic-net#17828)

    Fix sonic-net#16204

    Microsoft ADO (number only): 25746782

    How I did it
    multiarch/debian-debootstrap:arm64-bullseye is too old.
    It needs to add some gpg keys before 'apt-get update'

commit f460347
Author: mssonicbld <79238446+mssonicbld@users.noreply.github.com>
Date:   Thu Jan 18 16:34:00 2024 +0800

    [submodule] Update submodule sonic-swss to the latest HEAD automatically (sonic-net#17821)
    src/sonic-swss
    ```
    * ac94f0b7 - (HEAD -> 202305, origin/202305) [202305][routeorch] Fixing bug with multiple routes pointing to nhg (sonic-net#3002) (2 hours ago) [Nikola Dancejic]
    ```

commit ed71c12
Author: abdosi <58047199+abdosi@users.noreply.github.com>
Date:   Fri Jul 7 11:10:35 2023 -0700

    Enable BFD for Static Route for chassis-packet. (sonic-net#15383)

    *What I did:
    Enable BFD for Static Route for chassis-packet. This will trigger the use of the feature as defined in here: sonic-net#13789

    Signed-off-by: Abhishek Dosi <abdosi@microsoft.com>

commit aa01630
Author: abdosi <58047199+abdosi@users.noreply.github.com>
Date:   Tue Aug 29 13:41:01 2023 -0700

    [build]: Added flag in sonic_version.yml to see if image is secured or non-secured (sonic-net#16191)

    What I did:

    Added flag in sonic_version.yml to see if compiled image is secured or non-secured. This is done using build/compile time environmental variable SECURE_UPGRADE_MODE as define in HLD: https://github.com/sonic-net/SONiC/blob/master/doc/secure_boot/hld_secure_boot.md

    This flag does not provide the runtime status of whether the image has booted securely or not. It's possible that compile time signed image (secured image) can boot on non secure platform.

    Why I did:
    Flag can be used for manual check or by the test case.

    ADO: 24319390

    How I verify:
    Manual Verification

    ---
    build_version: 'master-16191.346262-cdc5e72a3'
    debian_version: '11.7'
    kernel_version: '5.10.0-18-2-amd64'
    asic_type: broadcom
    asic_subtype: 'broadcom'
    commit_id: 'cdc5e72a3'
    branch: 'master-16191'
    release: 'none'
    build_date: Fri Aug 25 03:15:45 UTC 2023
    build_number: 346262
    built_by: AzDevOps@vmss-soni001UR5
    libswsscommon: 1.0.0
    sonic_utilities: 1.2
    sonic_os_version: 11
    secure_boot_image: 'no'

    Signed-off-by: Abhishek Dosi <abdosi@microsoft.com>

commit 9f81d9d
Author: snider-nokia <76123698+snider-nokia@users.noreply.github.com>
Date:   Mon Jan 8 14:38:46 2024 -0500

    [Nokia][sonic-platform] Update Nokia sonic-platform submodule and device data (sonic-net#17378)

    These changes, in conjunction with NDK version >= 22.9.17 address the thermal logging issues discussed at Nokia-ION/ndk#27. While the changes contained at this PR do not require coupling to NDK version >= 22.9.17, thermal logging enhancements will not be available without updated NDK >= 22.9.17. Thus, coupling with NDK >=22.9.17 is preferred and recommended.

    Why I did it
    To address thermal logging deficiencies.

    Work item tracking
    Microsoft ADO (number only): 26365734
    How I did it
    The following changes are included:

    Threshold configuration values are provided in the associated device data .json files. There is also a change included to better handle the condition where an SFP module read fails.

    Modify the module.py reboot to support reboot linecard from Supervisor

     - Modify reboot to call _reboot_imm for single IMM card reboot
     - Add log to the ndk_cmd to log the operation of "reboot-linecard" and "shutdown/satrtup the sfm"
    Add new nokia_cmd set command and modify show ndk-status output

     - Add a new function reboot_imm() to nokia_common.py to support reboot a single IMM slot from CPM
     - Added new command: nokia_cmd set reboot-linecard <slot> [forece] for CPM
     - Append a new column "RebootStatus" at the end of output of "nokia_cmd show ndk-status"
     - Provide ability for IMM to disable all transceiver module TX at reboot time
     - Remove defunct xcvr-resync service

commit 2f8630c
Author: Marty Y. Lok <76118573+mlok-nokia@users.noreply.github.com>
Date:   Mon Jan 8 14:39:30 2024 -0500

    [Nokia-IXR7250E] Modify the platform_reboot on the IXR7250E for PMON API reboot and Disable all SFPs (sonic-net#17483)

    Why I did it
    When Supervisor card is rebooted by using PMON API, it takes about 90 seconds to trigger the shutdown in down path. At this time linecards have been up. This delays linecards database initialization which is trying to PING/PONG the database-chassis. To address this issue, we modified the NDK to use the system call with "sudo reboot" when the request is from PMON API on Supervisor case. The NDK version is 22.9.20 and greater. This new NDK requires this modifcaiton of platform_reboot to work with.

    Work item tracking
    Microsoft ADO (number only): 26365734
    How I did it
    Modify the platform_reboot In Supervisor not to reboot all IMMs since it has been done in the function reboot() in module.py. Also handle the reboot-cause.txt for on the Supervisor when the reboot is request from PMON API.
    Modify the Nokia platform specific platform_reboot in linecard to disable all SPFs.
    This PR works with NDK version 22.9.20 and above

    Signed-off-by: mlok <marty.lok@nokia.com>

commit 6926171
Author: Liu Shilong <shilongliu@microsoft.com>
Date:   Mon Jan 15 14:59:21 2024 +0800

    [build] Fix a bash script some times called by sh issue. (sonic-net#17761)

    Why I did it
    Fix a bug that sometimes the script runs in sh not bash.

    Work item tracking
    Microsoft ADO (number only): 26297955
    How I did it

commit a262306
Author: vdahiya12 <67608553+vdahiya12@users.noreply.github.com>
Date:   Tue Jan 16 11:34:19 2024 -0800

    [Arista] Update config.bcm of 7060_cx32s for handling 40g optics with unreliable los settings (sonic-net#17768)

    For 40G optics there is SAI handling of T0 facing ports to be set with SR4 type and unreliable los set for a fixed set of ports. For this property to be invoked the requirement is set
    phy_unlos_msft=1 in config.bcm.
    This change is to meet the requirement and once this property is set, the los/interface type settings is applied by SAI on the required ports.

    Why I did it
    For Arista-7060CX-32S-Q32 T1, 40G ports RX_ERR minimalization during connected device reboot
    can be achieved by turning on Unreliable LOS and SR4 media_type for all ports which are connected to T0.

    The property phy_unlos_msft=1 is to exclusively enable this property.

    Microsoft ADO: 25941176

    How I did it
    Changes in SAI and turning on property

    How to verify it
    Ran the changes on a testbed and verified configurations are as intended.

    with property

    admin@sonic2:~$ bcmcmd "phy diag xe8 dsc config" | grep -C 2 "LOS"
    Brdfe_on                    = 0
    Media Type                  = 2
    Unreliable LOS              = 1
    Scrambling Disable          = 0
    Lane Config from PCS        = 0

    without property

    admin@sonic:~$ bcmcmd "phy diag xe8 dsc config" | grep -C 2 "LOS"
    Brdfe_on                    = 0
    Media Type                  = 0
    Unreliable LOS              = 0
    Scrambling Disable          = 0
    Lane Config from PCS        = 0

    Signed-off-by: vaibhav-dahiya <vdahiya@microsoft.com>

commit 245f337
Author: Feng-msft <fenpan@microsoft.com>
Date:   Fri Jan 12 10:51:48 2024 +0800

    Fix dialout build flag issue. (sonic-net#17715)
    Fix ENABLE_DIALOUT flag issue.
    - Microsoft ADO **(number only)**: 21326000
    Update Makefile.work and add debug string.
    ![image](https://github.com/sonic-net/sonic-buildimage/assets/97083744/960d75d1-618c-4734-acb5-7a32a28c262b)

commit b53a890
Author: Liping Xu <108326363+lipxu@users.noreply.github.com>
Date:   Fri Jan 12 15:26:06 2024 +0800

    disable restapi for leafRouter in slim image (sonic-net#17713)

    Why I did it
    For some devices with small memory, after upgrading to the latest image, the available memory is not enough.

    Work item tracking
    Microsoft ADO (number only):
    26324242
    How I did it
    Disable restapi feature for LeafRouter which with slim image.

    How to verify it
    verified on 7050qx T1 (slim image), restapi disabled
    verified on 7050qx T0 (slim image), restapi enabled
    verified on 7260 T1 (normal image), restapi enabled

commit 8561fa6
Author: mssonicbld <79238446+mssonicbld@users.noreply.github.com>
Date:   Fri Jan 12 16:34:35 2024 +0800

    [submodule] Update submodule sonic-utilities to the latest HEAD automatically (sonic-net#17757)
    src/sonic-utilities
    ```
    * 651a80b1 - (HEAD -> 202305, origin/202305) Modify teamd retry count script to base BGP status on default BGP status (sonic-net#3069) (22 hours ago) [Saikrishna Arcot]
    ```

commit 9f66a7d
Author: Lawrence Lee <lawlee@microsoft.com>
Date:   Wed Jan 10 14:40:15 2024 -0800

    add timeout to ping6 command (sonic-net#17729)

    Signed-off-by: Lawrence Lee <lawlee@microsoft.com>

commit 13aa19a
Author: Nazarii Hnydyn <nazariig@nvidia.com>
Date:   Wed Jan 10 15:15:55 2024 +0200

    [swss/syncd]: Remove dependency on interfaces-config.service (sonic-net#17649)

    Signed-off-by: Nazarii Hnydyn nazariig@nvidia.com

    This improvement does not bring any warm-reboot degradation, since the database availability (tcp/ip access over the loopback interface) was fixed by these PRs:

    Re-add 127.0.0.1/8 when bringing down the interfaces sonic-net#15080
    Fix potentially not having any loopback address on lo interface sonic-net#16490
    Why I did it
    Removed dependency on interfaces-config.service to speed up the boot, because interfaces-config.service takes a lot of time on init
    Work item tracking
    N/A
    How I did it
    Changed service files for swss/syncd
    How to verify it
    Boot and check swss/syncd start time comparing to interfaces-config

commit f4c15b8
Author: mssonicbld <79238446+mssonicbld@users.noreply.github.com>
Date:   Wed Jan 10 16:34:10 2024 +0800

    [submodule] Update submodule linkmgrd to the latest HEAD automatically (sonic-net#17731)
    src/linkmgrd
    ```
    * 2f5971f - (HEAD -> 202305, origin/202305) [warmboot] use config_db connector to update mux mode config instead of CLI (sonic-net#223) (4 hours ago) [Jing Zhang]
    ```

commit a3b5ea9
Author: Nazarii Hnydyn <nazariig@nvidia.com>
Date:   Wed Jan 10 02:56:20 2024 +0200

    [sonic-cfggen]: Optimize template rendering and database access. (sonic-net#17650)

    Signed-off-by: Nazarii Hnydyn nazariig@nvidia.com

    Why I did it
    Improved switch init time
    Work item tracking
    N/A
    How I did it
    Replaced: sonic-cfggen -> sonic-db-cli
    Aggregated template list for sonic-cfggen
    How to verify it
    Run warm-reboot

commit 44bc291
Author: mssonicbld <79238446+mssonicbld@users.noreply.github.com>
Date:   Wed Jan 10 04:32:40 2024 +0800

    [submodule] Update submodule linkmgrd to the latest HEAD automatically (sonic-net#17721)
    src/linkmgrd
    ```
    * 2089ab6 - (HEAD -> 202305, origin/202305) Exclude DbInterface in PR coverage check (sonic-net#224) (3 hours ago) [Jing Zhang]
    ```

commit 1337597
Author: mssonicbld <79238446+mssonicbld@users.noreply.github.com>
Date:   Wed Jan 10 02:32:19 2024 +0800

    [submodule] Update submodule sonic-snmpagent to the latest HEAD automatically (sonic-net#17722)
    src/sonic-snmpagent
    ```
    * e5fd192 - (HEAD -> 202305, origin/202305) Fix SNMP dropping some of the queue counter when create_only_config_db_buffers is set to true (sonic-net#303) (9 hours ago) [DavidZagury]
    ```

commit bb23f7b
Author: mssonicbld <79238446+mssonicbld@users.noreply.github.com>
Date:   Sat Jan 6 16:42:00 2024 +0800

    [submodule] Update submodule sonic-gnmi to the latest HEAD automatically (sonic-net#17696)

commit 7ccef97
Author: mssonicbld <79238446+mssonicbld@users.noreply.github.com>
Date:   Sat Jan 6 03:37:17 2024 +0800

    [YANG] Enable Yang model for BGP_BBR config entry (sonic-net#17622) (sonic-net#17692)

commit 8defdfe
Author: mssonicbld <79238446+mssonicbld@users.noreply.github.com>
Date:   Sat Jan 6 01:15:01 2024 +0800

    [submodule] Update submodule sonic-sairedis to the latest HEAD automatically (sonic-net#17691)

commit b549962
Author: mssonicbld <79238446+mssonicbld@users.noreply.github.com>
Date:   Sat Jan 6 01:00:55 2024 +0800

    [submodule] Update submodule sonic-gnmi to the latest HEAD automatically (sonic-net#17690)

commit 02dc49a
Author: mssonicbld <79238446+mssonicbld@users.noreply.github.com>
Date:   Fri Jan 5 15:14:43 2024 +0800

    [submodule] Update submodule linkmgrd to the latest HEAD automatically (sonic-net#17687)

commit 0d31ee8
Author: mssonicbld <79238446+mssonicbld@users.noreply.github.com>
Date:   Fri Jan 5 02:39:03 2024 +0800

    Update TELEMETRY_CLIENT YANG model (sonic-net#16861) (sonic-net#17679)

commit df22ca9
Author: mssonicbld <79238446+mssonicbld@users.noreply.github.com>
Date:   Fri Jan 5 01:04:39 2024 +0800

    [Arista] Remove aggregate port config files for multi-asic devices (sonic-net#16923) (sonic-net#17678)

commit ca2695f
Author: mssonicbld <79238446+mssonicbld@users.noreply.github.com>
Date:   Fri Jan 5 00:44:19 2024 +0800

    password-hardening: Add support to disable expiration date like in Linux (PAM) (sonic-net#17426) (sonic-net#17674)

commit 388457a
Author: mssonicbld <79238446+mssonicbld@users.noreply.github.com>
Date:   Fri Jan 5 00:35:07 2024 +0800

    [arp_update]: Flush neighbors with incorrect MAC info (sonic-net#17238) (sonic-net#17677)

commit 38c5e68
Author: mssonicbld <79238446+mssonicbld@users.noreply.github.com>
Date:   Fri Jan 5 00:32:38 2024 +0800

    Fix can't access IPV6 address via management interface because 'default' route table does not add to route lookup issue. (sonic-net#17281) (sonic-net#17676)

commit 76d8ff0
Author: mssonicbld <79238446+mssonicbld@users.noreply.github.com>
Date:   Thu Jan 4 23:10:28 2024 +0800

    Update backend_acl.py to specify ACL table name (sonic-net#17553) (sonic-net#17673)

commit b72a740
Author: mssonicbld <79238446+mssonicbld@users.noreply.github.com>
Date:   Thu Jan 4 22:37:26 2024 +0800

    [docker_image_ctl.j2]: swss docker initialization improvements (sonic-net#17628) (sonic-net#17672)

commit 609b3a7
Author: mssonicbld <79238446+mssonicbld@users.noreply.github.com>
Date:   Thu Jan 4 22:29:00 2024 +0800

    [image_config]: Update DHCP rate-limit for mgmt TOR devices (sonic-net#17630) (sonic-net#17671)

commit 8362c09
Author: mssonicbld <79238446+mssonicbld@users.noreply.github.com>
Date:   Tue Jan 2 15:13:53 2024 +0800

    [submodule] Update submodule sonic-swss to the latest HEAD automatically (sonic-net#17642)

commit 3cb6343
Author: Stepan Blyshchak <38952541+stepanblyschak@users.noreply.github.com>
Date:   Tue Jan 2 02:59:17 2024 +0200

    [202305] Revert bgp suppress fib pending (sonic-net#17578)

    DEPENDS ON: sonic-net/sonic-swss#2997 sonic-net/sonic-utilities#3093

    What I did

    Revert the feature.

    Why I did it

    Revert bgp suppress FIB functionality due to found FRR memory consumption issues and bugs.

    How I verified it

    Basic sanity check on t1-lag, regression in progress.

commit 64ed3d5
Author: mssonicbld <79238446+mssonicbld@users.noreply.github.com>
Date:   Mon Jan 1 10:31:33 2024 +0800

    Fix system-health hardware_checker to consume fan tolerance details (sonic-net#16689) (sonic-net#17640)

commit 98ad3b0
Author: mssonicbld <79238446+mssonicbld@users.noreply.github.com>
Date:   Sun Dec 31 17:01:53 2023 +0800

    [submodule] Update submodule sonic-utilities to the latest HEAD automatically (sonic-net#17643)

commit 1398daa
Author: mssonicbld <79238446+mssonicbld@users.noreply.github.com>
Date:   Sun Dec 31 15:20:25 2023 +0800

    [submodule] Update submodule sonic-platform-daemons to the latest HEAD automatically (sonic-net#17641)

commit fb83d4d
Author: mssonicbld <79238446+mssonicbld@users.noreply.github.com>
Date:   Fri Dec 29 01:07:45 2023 +0800

    [Mellanox] wait until hw-management watchdog files ready (sonic-net#17618) (sonic-net#17633)

commit a8ad19d
Author: Junchao-Mellanox <57339448+Junchao-Mellanox@users.noreply.github.com>
Date:   Thu Dec 28 20:53:49 2023 +0800

    [202305] Optimize syslog rate limit feature for fast and warm boot (sonic-net#17478)

    Backport PR sonic-net#17458 due to conflict.

    Why I did it
    Optimize syslog rate limit feature for fast and warm boot

    Work item tracking
    Microsoft ADO (number only):
    How I did it
    Optimize redis start time
    Don't render rsyslog.conf in container startup script
    Disable containercfgd by default. There is a new CLI to enable it (in another PR)
    How to verify it
    Manual test
    Regression test
nonodark added a commit to nonodark/sonic-buildimage that referenced this pull request Jan 29, 2024
Squashed commit of the following:

commit 335ebaa
Author: mssonicbld <79238446+mssonicbld@users.noreply.github.com>
Date:   Wed Jan 24 16:35:00 2024 +0800

    [submodule] Update submodule sonic-platform-daemons to the latest HEAD automatically (sonic-net#17891)

    #### Why I did it
    src/sonic-platform-daemons
    ```
    * 824c20a - (HEAD -> 202305, origin/202305) Support 800G ifname in xcvrd (sonic-net#420) (20 hours ago) [Anoop Kamath]
    ```
    #### How I did it
    #### How to verify it
    #### Description for the changelog

commit 78e211c
Author: mssonicbld <79238446+mssonicbld@users.noreply.github.com>
Date:   Sun Jan 21 16:32:35 2024 +0800

    [submodule] Update submodule sonic-utilities to the latest HEAD automatically (sonic-net#17868)

    #### Why I did it
    src/sonic-utilities
    ```
    * 83a548de - (HEAD -> 202305, origin/202305) Disable Key Validation feature during sonic-installation for Cisco Platforms (sonic-net#3115) (22 hours ago) [selvipal]
    ```
    #### How I did it
    #### How to verify it
    #### Description for the changelog

commit 5d30151
Author: mssonicbld <79238446+mssonicbld@users.noreply.github.com>
Date:   Sat Jan 20 16:32:45 2024 +0800

    [submodule] Update submodule sonic-snmpagent to the latest HEAD automatically (sonic-net#17863)

    #### Why I did it
    src/sonic-snmpagent
    ```
    * 6f59d29 - (HEAD -> 202305, origin/202305) Fix SNMP dropping some of the queue counter when create_only_config_db_buffers is set to true (sonic-net#303) (sonic-net#309) (33 minutes ago) [mssonicbld]
    ```
    #### How I did it
    #### How to verify it
    #### Description for the changelog

commit 208c170
Author: mssonicbld <79238446+mssonicbld@users.noreply.github.com>
Date:   Sat Jan 20 04:32:37 2024 +0800

    [submodule] Update submodule sonic-snmpagent to the latest HEAD automatically (sonic-net#17859)

    #### Why I did it
    src/sonic-snmpagent
    ```
    * 2efaf2e - (HEAD -> 202305, origin/202305) Revert "[action] [PR:303] Fix SNMP dropping some of the queue counter when create_only_config_db_buffers is set to true (sonic-net#303)" (sonic-net#308) (4 minutes ago) [StormLiangMS]
    ```
    #### How I did it
    #### How to verify it
    #### Description for the changelog

commit 306175b
Author: Saikrishna Arcot <sarcot@microsoft.com>
Date:   Fri Jan 19 03:16:04 2024 -0800

    dhcrelay: Don't look up the ifindex for the fallback interface (sonic-net#17797) (sonic-net#17840)

    Currently, whenever isc-dhcp-relay forwards a packet upstream,
    internally, it will try to send it on a "fallback" interface. My
    understanding is that this isn't meant to be a real interface, but
    instead is basically saying to use Linux's regular routing stack to
    route the packet appropriately (rather than having isc-dhcp-relay
    specify specifically which interface to use).

    The problem is that on systems with a weak CPU, a large number of
    interfaces, and many upstream servers specified, this can introduce a
    noticeable delay in packets getting sent. The delay comes from trying to
    get the ifindex of the fallback interface. In one test case, it got to
    the point that only 2 packets could be processed per second. Because of
    this, dhcrelay will easily get backlogged and likely get to a point
    where packets get dropped in the kernel.

    Fix this by adding a check saying if we're using the fallback interface,
    then don't try to get the ifindex of this interface. We're never going
    to have an interface named this in SONiC.

    Signed-off-by: Saikrishna Arcot <sarcot@microsoft.com>

commit fc7a1ac
Author: mssonicbld <79238446+mssonicbld@users.noreply.github.com>
Date:   Fri Jan 19 18:36:00 2024 +0800

    [submodule] Update submodule sonic-snmpagent to the latest HEAD automatically (sonic-net#17853)

    #### Why I did it
    src/sonic-snmpagent
    ```
    * b0a4bcc - (HEAD -> 202305, origin/202305) Set the execute bit on sysDescr_pass.py (sonic-net#306) (22 hours ago) [Andre Kostur]
    ```
    #### How I did it
    #### How to verify it
    #### Description for the changelog

commit 30b1f05
Author: mssonicbld <79238446+mssonicbld@users.noreply.github.com>
Date:   Fri Jan 19 16:34:55 2024 +0800

    [submodule] Update submodule linkmgrd to the latest HEAD automatically (sonic-net#17851)

    #### Why I did it
    src/linkmgrd
    ```
    * f5e9b54 - (HEAD -> 202305, origin/202305) [CodeQL] fix unmet build dependency (sonic-net#222) (10 hours ago) [Jing Zhang]
    * 2282cc5 - [active-standby] Probe the link in suspend timeout (sonic-net#235) (22 hours ago) [Longxiang Lyu]
    ```
    #### How I did it
    #### How to verify it
    #### Description for the changelog

commit 66ce739
Author: mssonicbld <79238446+mssonicbld@users.noreply.github.com>
Date:   Fri Jan 19 16:34:46 2024 +0800

    [submodule] Update submodule sonic-utilities to the latest HEAD automatically (sonic-net#17855)

    #### Why I did it
    src/sonic-utilities
    ```
    * 93c42272 - (HEAD -> 202305, origin/202305) [chassis]: Support show ip bgp summary to display without error when no external neighbors are configured on chassis LC (sonic-net#3099) (22 hours ago) [Arvindsrinivasan Lakshmi Narasimhan]
    ```
    #### How I did it
    #### How to verify it
    #### Description for the changelog

commit 076b6c3
Author: zitingguo-ms <zitingguo@microsoft.com>
Date:   Fri Jan 19 14:56:01 2024 +0800

    upgrade xgs SAI to 8.4.39.2 (sonic-net#17842)

    Why I did it
    Upgrade the xgs SAI version to 8.4.39.2 to include the following fix:

    8.4.36.0: [submodule upgrade] [SAI_BRANCH rel_ocp_sai_8_4] SID: SDK-381039 Cosq control dynamic type changes
    8.4.37.0: SID: MMU cosq control configuration with Dynamic Type Check
    8.4.38.0: [sbumodule upgrade] [CSP 0001232212][SAI_BRANCH rel_ocp_sai_8_4]back-porting SONIC-82415 to SAI 8.4
    8.4.39.0: [CSP CS00012320979] Port SONIC-81867 sai spec compliance for get SAI_SWITCH_ATTR_SWITCH_HARDWARE_INFO
    8.4.39.1: changes for phy-re-init of 40G ports for TH platforms CS00012327470
    8.4.39.2: fix capability for Hostif queue by change SET operation of SAI_HOSTIF_ATTR_QUEUE to be true
    Work item tracking
    Microsoft ADO (number only): 26491005
    How I did it
    Upgrade xgs SAI version in sai.mk file.

    How to verify it
    Run basic SONiC test using SAI release pipeline, all cases passed.
    https://dev.azure.com/mssonic/internal/_build/results?buildId=457869&view=results

commit 6d767e5
Author: abdosi <58047199+abdosi@users.noreply.github.com>
Date:   Thu Jan 18 20:53:26 2024 -0800

    [chassis] Support advertisement of Loopback0 of all LC's across all e-BGP peers in TSA mode (sonic-net#16714) (sonic-net#17837)

    What I did:
    In Chassis TSA mode Loopback0 Ip's of each LC's should be advertise through e-BGP peers of each remote LC's

    How I did:

    - Route-map policy to Advertise own/self Loopback IP to other internal iBGP peers with a community internal_community as define in constants.yml
    - Route-map policy to match on above internal_community when route is received from internal iBGP peers and set a internal tag as define in constants.yml and also delete the internal_community so we don't send to any of e-BGP peers
    - In TSA new route-map match on above internal tag and permit the route (Loopback0 IP's of remote LC's) and set the community to traffic_shift_community.
    - In TSB delete the above new route-map.

    How I verify:

    Manual Verification

    UT updated.
    sonic-mgmt PR: sonic-net/sonic-mgmt#10239

    Signed-off-by: Abhishek Dosi <abdosi@microsoft.com>

commit 898f126
Author: Baorong Liu <baorliu@cisco.com>
Date:   Thu Jan 18 04:08:29 2024 -0800

    [staticroutebfd]double commit PR-16450, change bfd to singlehop (sonic-net#17549)

    Why I did it
    double commit PR-16450 because of cherry pick conflict for PR#202305

    Work item tracking
    Microsoft ADO (number only):
    How I did it
    How to verify it

commit d81780b
Author: ganglv <88995770+ganglyu@users.noreply.github.com>
Date:   Thu Jan 18 20:07:40 2024 +0800

    Fix host service for 202305 branch (sonic-net#17781)

    Why I did it
    When we disable telemetry.service, sonic-hostservice will not start. And root cause is sonic-hostservice is only wanted by telemetry.service.

    Work item tracking
    Microsoft ADO (number only):
    How I did it
    Add dependency for gnmi.service.

    How to verify it
    Disable telemetry.service and build new image, and then check sonic-hostservice with new image.

commit b99c46e
Author: Liu Shilong <shilongliu@microsoft.com>
Date:   Thu Jan 18 20:05:04 2024 +0800

    [build] Add gpg keys for sonic-slave-bullseye in arm64 cross build on amd64. (sonic-net#17182) (sonic-net#17828)

    Fix sonic-net#16204

    Microsoft ADO (number only): 25746782

    How I did it
    multiarch/debian-debootstrap:arm64-bullseye is too old.
    It needs to add some gpg keys before 'apt-get update'

commit f460347
Author: mssonicbld <79238446+mssonicbld@users.noreply.github.com>
Date:   Thu Jan 18 16:34:00 2024 +0800

    [submodule] Update submodule sonic-swss to the latest HEAD automatically (sonic-net#17821)

    #### Why I did it
    src/sonic-swss
    ```
    * ac94f0b7 - (HEAD -> 202305, origin/202305) [202305][routeorch] Fixing bug with multiple routes pointing to nhg (sonic-net#3002) (2 hours ago) [Nikola Dancejic]
    ```
    #### How I did it
    #### How to verify it
    #### Description for the changelog

commit ed71c12
Author: abdosi <58047199+abdosi@users.noreply.github.com>
Date:   Fri Jul 7 11:10:35 2023 -0700

    Enable BFD for Static Route for chassis-packet. (sonic-net#15383)

    *What I did:
    Enable BFD for Static Route for chassis-packet. This will trigger the use of the feature as defined in here: sonic-net#13789

    Signed-off-by: Abhishek Dosi <abdosi@microsoft.com>

commit aa01630
Author: abdosi <58047199+abdosi@users.noreply.github.com>
Date:   Tue Aug 29 13:41:01 2023 -0700

    [build]: Added flag in sonic_version.yml to see if image is secured or non-secured (sonic-net#16191)

    What I did:

    Added flag in sonic_version.yml to see if compiled image is secured or non-secured. This is done using build/compile time environmental variable SECURE_UPGRADE_MODE as define in HLD: https://github.com/sonic-net/SONiC/blob/master/doc/secure_boot/hld_secure_boot.md

    This flag does not provide the runtime status of whether the image has booted securely or not. It's possible that compile time signed image (secured image) can boot on non secure platform.

    Why I did:
    Flag can be used for manual check or by the test case.

    ADO: 24319390

    How I verify:
    Manual Verification

    ---
    build_version: 'master-16191.346262-cdc5e72a3'
    debian_version: '11.7'
    kernel_version: '5.10.0-18-2-amd64'
    asic_type: broadcom
    asic_subtype: 'broadcom'
    commit_id: 'cdc5e72a3'
    branch: 'master-16191'
    release: 'none'
    build_date: Fri Aug 25 03:15:45 UTC 2023
    build_number: 346262
    built_by: AzDevOps@vmss-soni001UR5
    libswsscommon: 1.0.0
    sonic_utilities: 1.2
    sonic_os_version: 11
    secure_boot_image: 'no'

    Signed-off-by: Abhishek Dosi <abdosi@microsoft.com>

commit 9f81d9d
Author: snider-nokia <76123698+snider-nokia@users.noreply.github.com>
Date:   Mon Jan 8 14:38:46 2024 -0500

    [Nokia][sonic-platform] Update Nokia sonic-platform submodule and device data (sonic-net#17378)

    These changes, in conjunction with NDK version >= 22.9.17 address the thermal logging issues discussed at Nokia-ION/ndk#27. While the changes contained at this PR do not require coupling to NDK version >= 22.9.17, thermal logging enhancements will not be available without updated NDK >= 22.9.17. Thus, coupling with NDK >=22.9.17 is preferred and recommended.

    Why I did it
    To address thermal logging deficiencies.

    Work item tracking
    Microsoft ADO (number only): 26365734
    How I did it
    The following changes are included:

    Threshold configuration values are provided in the associated device data .json files. There is also a change included to better handle the condition where an SFP module read fails.

    Modify the module.py reboot to support reboot linecard from Supervisor

     - Modify reboot to call _reboot_imm for single IMM card reboot
     - Add log to the ndk_cmd to log the operation of "reboot-linecard" and "shutdown/satrtup the sfm"
    Add new nokia_cmd set command and modify show ndk-status output

     - Add a new function reboot_imm() to nokia_common.py to support reboot a single IMM slot from CPM
     - Added new command: nokia_cmd set reboot-linecard <slot> [forece] for CPM
     - Append a new column "RebootStatus" at the end of output of "nokia_cmd show ndk-status"
     - Provide ability for IMM to disable all transceiver module TX at reboot time
     - Remove defunct xcvr-resync service

commit 2f8630c
Author: Marty Y. Lok <76118573+mlok-nokia@users.noreply.github.com>
Date:   Mon Jan 8 14:39:30 2024 -0500

    [Nokia-IXR7250E] Modify the platform_reboot on the IXR7250E for PMON API reboot and Disable all SFPs (sonic-net#17483)

    Why I did it
    When Supervisor card is rebooted by using PMON API, it takes about 90 seconds to trigger the shutdown in down path. At this time linecards have been up. This delays linecards database initialization which is trying to PING/PONG the database-chassis. To address this issue, we modified the NDK to use the system call with "sudo reboot" when the request is from PMON API on Supervisor case. The NDK version is 22.9.20 and greater. This new NDK requires this modifcaiton of platform_reboot to work with.

    Work item tracking
    Microsoft ADO (number only): 26365734
    How I did it
    Modify the platform_reboot In Supervisor not to reboot all IMMs since it has been done in the function reboot() in module.py. Also handle the reboot-cause.txt for on the Supervisor when the reboot is request from PMON API.
    Modify the Nokia platform specific platform_reboot in linecard to disable all SPFs.
    This PR works with NDK version 22.9.20 and above

    Signed-off-by: mlok <marty.lok@nokia.com>

commit 6926171
Author: Liu Shilong <shilongliu@microsoft.com>
Date:   Mon Jan 15 14:59:21 2024 +0800

    [build] Fix a bash script some times called by sh issue. (sonic-net#17761)

    Why I did it
    Fix a bug that sometimes the script runs in sh not bash.

    Work item tracking
    Microsoft ADO (number only): 26297955
    How I did it

commit a262306
Author: vdahiya12 <67608553+vdahiya12@users.noreply.github.com>
Date:   Tue Jan 16 11:34:19 2024 -0800

    [Arista] Update config.bcm of 7060_cx32s for handling 40g optics with unreliable los settings (sonic-net#17768)

    For 40G optics there is SAI handling of T0 facing ports to be set with SR4 type and unreliable los set for a fixed set of ports. For this property to be invoked the requirement is set
    phy_unlos_msft=1 in config.bcm.
    This change is to meet the requirement and once this property is set, the los/interface type settings is applied by SAI on the required ports.

    Why I did it
    For Arista-7060CX-32S-Q32 T1, 40G ports RX_ERR minimalization during connected device reboot
    can be achieved by turning on Unreliable LOS and SR4 media_type for all ports which are connected to T0.

    The property phy_unlos_msft=1 is to exclusively enable this property.

    Microsoft ADO: 25941176

    How I did it
    Changes in SAI and turning on property

    How to verify it
    Ran the changes on a testbed and verified configurations are as intended.

    with property

    admin@sonic2:~$ bcmcmd "phy diag xe8 dsc config" | grep -C 2 "LOS"
    Brdfe_on                    = 0
    Media Type                  = 2
    Unreliable LOS              = 1
    Scrambling Disable          = 0
    Lane Config from PCS        = 0

    without property

    admin@sonic:~$ bcmcmd "phy diag xe8 dsc config" | grep -C 2 "LOS"
    Brdfe_on                    = 0
    Media Type                  = 0
    Unreliable LOS              = 0
    Scrambling Disable          = 0
    Lane Config from PCS        = 0

    Signed-off-by: vaibhav-dahiya <vdahiya@microsoft.com>

commit 245f337
Author: Feng-msft <fenpan@microsoft.com>
Date:   Fri Jan 12 10:51:48 2024 +0800

    Fix dialout build flag issue. (sonic-net#17715)

    ### Why I did it
    Fix ENABLE_DIALOUT flag issue.

    ##### Work item tracking
    - Microsoft ADO **(number only)**: 21326000

    #### How I did it
    Update Makefile.work and add debug string.

    #### How to verify it
    ![image](https://github.com/sonic-net/sonic-buildimage/assets/97083744/960d75d1-618c-4734-acb5-7a32a28c262b)

commit b53a890
Author: Liping Xu <108326363+lipxu@users.noreply.github.com>
Date:   Fri Jan 12 15:26:06 2024 +0800

    disable restapi for leafRouter in slim image (sonic-net#17713)

    Why I did it
    For some devices with small memory, after upgrading to the latest image, the available memory is not enough.

    Work item tracking
    Microsoft ADO (number only):
    26324242
    How I did it
    Disable restapi feature for LeafRouter which with slim image.

    How to verify it
    verified on 7050qx T1 (slim image), restapi disabled
    verified on 7050qx T0 (slim image), restapi enabled
    verified on 7260 T1 (normal image), restapi enabled

commit 8561fa6
Author: mssonicbld <79238446+mssonicbld@users.noreply.github.com>
Date:   Fri Jan 12 16:34:35 2024 +0800

    [submodule] Update submodule sonic-utilities to the latest HEAD automatically (sonic-net#17757)

    #### Why I did it
    src/sonic-utilities
    ```
    * 651a80b1 - (HEAD -> 202305, origin/202305) Modify teamd retry count script to base BGP status on default BGP status (sonic-net#3069) (22 hours ago) [Saikrishna Arcot]
    ```
    #### How I did it
    #### How to verify it
    #### Description for the changelog

commit 9f66a7d
Author: Lawrence Lee <lawlee@microsoft.com>
Date:   Wed Jan 10 14:40:15 2024 -0800

    add timeout to ping6 command (sonic-net#17729)

    Signed-off-by: Lawrence Lee <lawlee@microsoft.com>

commit 13aa19a
Author: Nazarii Hnydyn <nazariig@nvidia.com>
Date:   Wed Jan 10 15:15:55 2024 +0200

    [swss/syncd]: Remove dependency on interfaces-config.service (sonic-net#17649)

    Signed-off-by: Nazarii Hnydyn nazariig@nvidia.com

    This improvement does not bring any warm-reboot degradation, since the database availability (tcp/ip access over the loopback interface) was fixed by these PRs:

    Re-add 127.0.0.1/8 when bringing down the interfaces sonic-net#15080
    Fix potentially not having any loopback address on lo interface sonic-net#16490
    Why I did it
    Removed dependency on interfaces-config.service to speed up the boot, because interfaces-config.service takes a lot of time on init
    Work item tracking
    N/A
    How I did it
    Changed service files for swss/syncd
    How to verify it
    Boot and check swss/syncd start time comparing to interfaces-config

commit f4c15b8
Author: mssonicbld <79238446+mssonicbld@users.noreply.github.com>
Date:   Wed Jan 10 16:34:10 2024 +0800

    [submodule] Update submodule linkmgrd to the latest HEAD automatically (sonic-net#17731)

    #### Why I did it
    src/linkmgrd
    ```
    * 2f5971f - (HEAD -> 202305, origin/202305) [warmboot] use config_db connector to update mux mode config instead of CLI (sonic-net#223) (4 hours ago) [Jing Zhang]
    ```
    #### How I did it
    #### How to verify it
    #### Description for the changelog

commit a3b5ea9
Author: Nazarii Hnydyn <nazariig@nvidia.com>
Date:   Wed Jan 10 02:56:20 2024 +0200

    [sonic-cfggen]: Optimize template rendering and database access. (sonic-net#17650)

    Signed-off-by: Nazarii Hnydyn nazariig@nvidia.com

    Why I did it
    Improved switch init time
    Work item tracking
    N/A
    How I did it
    Replaced: sonic-cfggen -> sonic-db-cli
    Aggregated template list for sonic-cfggen
    How to verify it
    Run warm-reboot

commit 44bc291
Author: mssonicbld <79238446+mssonicbld@users.noreply.github.com>
Date:   Wed Jan 10 04:32:40 2024 +0800

    [submodule] Update submodule linkmgrd to the latest HEAD automatically (sonic-net#17721)

    #### Why I did it
    src/linkmgrd
    ```
    * 2089ab6 - (HEAD -> 202305, origin/202305) Exclude DbInterface in PR coverage check (sonic-net#224) (3 hours ago) [Jing Zhang]
    ```
    #### How I did it
    #### How to verify it
    #### Description for the changelog

commit 1337597
Author: mssonicbld <79238446+mssonicbld@users.noreply.github.com>
Date:   Wed Jan 10 02:32:19 2024 +0800

    [submodule] Update submodule sonic-snmpagent to the latest HEAD automatically (sonic-net#17722)

    #### Why I did it
    src/sonic-snmpagent
    ```
    * e5fd192 - (HEAD -> 202305, origin/202305) Fix SNMP dropping some of the queue counter when create_only_config_db_buffers is set to true (sonic-net#303) (9 hours ago) [DavidZagury]
    ```
    #### How I did it
    #### How to verify it
    #### Description for the changelog

commit bb23f7b
Author: mssonicbld <79238446+mssonicbld@users.noreply.github.com>
Date:   Sat Jan 6 16:42:00 2024 +0800

    [submodule] Update submodule sonic-gnmi to the latest HEAD automatically (sonic-net#17696)

commit 7ccef97
Author: mssonicbld <79238446+mssonicbld@users.noreply.github.com>
Date:   Sat Jan 6 03:37:17 2024 +0800

    [YANG] Enable Yang model for BGP_BBR config entry (sonic-net#17622) (sonic-net#17692)

commit 8defdfe
Author: mssonicbld <79238446+mssonicbld@users.noreply.github.com>
Date:   Sat Jan 6 01:15:01 2024 +0800

    [submodule] Update submodule sonic-sairedis to the latest HEAD automatically (sonic-net#17691)

commit b549962
Author: mssonicbld <79238446+mssonicbld@users.noreply.github.com>
Date:   Sat Jan 6 01:00:55 2024 +0800

    [submodule] Update submodule sonic-gnmi to the latest HEAD automatically (sonic-net#17690)

commit 02dc49a
Author: mssonicbld <79238446+mssonicbld@users.noreply.github.com>
Date:   Fri Jan 5 15:14:43 2024 +0800

    [submodule] Update submodule linkmgrd to the latest HEAD automatically (sonic-net#17687)

commit 0d31ee8
Author: mssonicbld <79238446+mssonicbld@users.noreply.github.com>
Date:   Fri Jan 5 02:39:03 2024 +0800

    Update TELEMETRY_CLIENT YANG model (sonic-net#16861) (sonic-net#17679)

commit df22ca9
Author: mssonicbld <79238446+mssonicbld@users.noreply.github.com>
Date:   Fri Jan 5 01:04:39 2024 +0800

    [Arista] Remove aggregate port config files for multi-asic devices (sonic-net#16923) (sonic-net#17678)

commit ca2695f
Author: mssonicbld <79238446+mssonicbld@users.noreply.github.com>
Date:   Fri Jan 5 00:44:19 2024 +0800

    password-hardening: Add support to disable expiration date like in Linux (PAM) (sonic-net#17426) (sonic-net#17674)

commit 388457a
Author: mssonicbld <79238446+mssonicbld@users.noreply.github.com>
Date:   Fri Jan 5 00:35:07 2024 +0800

    [arp_update]: Flush neighbors with incorrect MAC info (sonic-net#17238) (sonic-net#17677)

commit 38c5e68
Author: mssonicbld <79238446+mssonicbld@users.noreply.github.com>
Date:   Fri Jan 5 00:32:38 2024 +0800

    Fix can't access IPV6 address via management interface because 'default' route table does not add to route lookup issue. (sonic-net#17281) (sonic-net#17676)

commit 76d8ff0
Author: mssonicbld <79238446+mssonicbld@users.noreply.github.com>
Date:   Thu Jan 4 23:10:28 2024 +0800

    Update backend_acl.py to specify ACL table name (sonic-net#17553) (sonic-net#17673)

commit b72a740
Author: mssonicbld <79238446+mssonicbld@users.noreply.github.com>
Date:   Thu Jan 4 22:37:26 2024 +0800

    [docker_image_ctl.j2]: swss docker initialization improvements (sonic-net#17628) (sonic-net#17672)

commit 609b3a7
Author: mssonicbld <79238446+mssonicbld@users.noreply.github.com>
Date:   Thu Jan 4 22:29:00 2024 +0800

    [image_config]: Update DHCP rate-limit for mgmt TOR devices (sonic-net#17630) (sonic-net#17671)

commit 8362c09
Author: mssonicbld <79238446+mssonicbld@users.noreply.github.com>
Date:   Tue Jan 2 15:13:53 2024 +0800

    [submodule] Update submodule sonic-swss to the latest HEAD automatically (sonic-net#17642)

commit 3cb6343
Author: Stepan Blyshchak <38952541+stepanblyschak@users.noreply.github.com>
Date:   Tue Jan 2 02:59:17 2024 +0200

    [202305] Revert bgp suppress fib pending (sonic-net#17578)

    DEPENDS ON: sonic-net/sonic-swss#2997 sonic-net/sonic-utilities#3093

    What I did

    Revert the feature.

    Why I did it

    Revert bgp suppress FIB functionality due to found FRR memory consumption issues and bugs.

    How I verified it

    Basic sanity check on t1-lag, regression in progress.

commit 64ed3d5
Author: mssonicbld <79238446+mssonicbld@users.noreply.github.com>
Date:   Mon Jan 1 10:31:33 2024 +0800

    Fix system-health hardware_checker to consume fan tolerance details (sonic-net#16689) (sonic-net#17640)

commit 98ad3b0
Author: mssonicbld <79238446+mssonicbld@users.noreply.github.com>
Date:   Sun Dec 31 17:01:53 2023 +0800

    [submodule] Update submodule sonic-utilities to the latest HEAD automatically (sonic-net#17643)

commit 1398daa
Author: mssonicbld <79238446+mssonicbld@users.noreply.github.com>
Date:   Sun Dec 31 15:20:25 2023 +0800

    [submodule] Update submodule sonic-platform-daemons to the latest HEAD automatically (sonic-net#17641)

commit fb83d4d
Author: mssonicbld <79238446+mssonicbld@users.noreply.github.com>
Date:   Fri Dec 29 01:07:45 2023 +0800

    [Mellanox] wait until hw-management watchdog files ready (sonic-net#17618) (sonic-net#17633)

commit a8ad19d
Author: Junchao-Mellanox <57339448+Junchao-Mellanox@users.noreply.github.com>
Date:   Thu Dec 28 20:53:49 2023 +0800

    [202305] Optimize syslog rate limit feature for fast and warm boot (sonic-net#17478)

    Backport PR sonic-net#17458 due to conflict.

    Why I did it
    Optimize syslog rate limit feature for fast and warm boot

    Work item tracking
    Microsoft ADO (number only):
    How I did it
    Optimize redis start time
    Don't render rsyslog.conf in container startup script
    Disable containercfgd by default. There is a new CLI to enable it (in another PR)
    How to verify it
    Manual test
    Regression test
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Projects
None yet
Development

Successfully merging this pull request may close these issues.

[backend] Loading backend ACL removes the ACL rules loaded previously
4 participants