SONiC Port mirroring HLD #580
Conversation
rupesh-k
force-pushed
the
port_mirroring_hld
branch
from
c66f25d
to
e8c86d1
Compare
doc/SONiC_Port_Mirroring_HLD.md
Outdated
|
|
||
| 2. Dynamic session management | ||
| - Allow multiple source to single destination. | ||
| - Each session supports mirroring from single port to single destination port. |
There was a problem hiding this comment.
do we allow one mirror session from multiple source port to single dest port?
There was a problem hiding this comment.
Yes. we do allow multiple source to single destination with multiple sessions. This is currently planned as multiple sessions, we can also do it in single session with list of source interfaces. Please suggest.
There was a problem hiding this comment.
Yes. we allow one mirror session from multiple source port to single destination port.
|
|
||
|
|
||
| ## 1.3 Scalability Requirements | ||
| - Up to max ASIC capable mirror sessions to be supported. |
There was a problem hiding this comment.
how do we know how many mirror session can be supported in the asic?
There was a problem hiding this comment.
The SAI Attribute SAI_SWITCH_ATTR_MAX_MIRROR_SESSION can be used to support the max mirror sessinons. This is for both ERSPAN and SPAN and we don't have any mechanism in orchagent to retrieve this now.
There was a problem hiding this comment.
Do we have a number based on TD3 and TH series?
Also how many sessions can be active at the same time. Is there any limitation
There was a problem hiding this comment.
For TD3 and TH series, max 4 sessions can be active at same time. single session can be shared across multiple source ports.
|
|
||
| ## 1.3 Scalability Requirements | ||
| - Up to max ASIC capable mirror sessions to be supported. | ||
| - Once max mirror sessions are created and user attempts to create new session, error will be logged in syslog. |
There was a problem hiding this comment.
it is not discussed in the design document how this is implemented. can you add a section to discuss how you are going to implement this?
There was a problem hiding this comment.
When the user exceeds max mirror sessions then SAI returns SAI_STATUS_INSUFFICIENT_RESOURCES, This is similar behaviour as what is currently present in ERSPAN also. The error is logged to syslog from SyncD. OrchAgent treats the error as fatal, similar to the existing ERPSAN code.
doc/SONiC_Port_Mirroring_HLD.md
Outdated
|
|
||
| ;Configure SPAN/ERSPAN mirror session. | ||
| ;storm control type - broadcast / unknown-unicast / unknown-multicast | ||
| key = PORT_MIRROR_TABLE:mirror_session_name ; mirror_session_name is |
There was a problem hiding this comment.
PORT_MIRROR_TABLE -> PORT_MIRROR
There was a problem hiding this comment.
Done. Updated the doc.
| ; unique session | ||
| ; identifier | ||
| ;field = value | ||
| destination_port = PORT_TABLE:ifname ; ifname must be unique across PORT TABLE. |
There was a problem hiding this comment.
No. Destination port cant be LAG. We are not supporting this now.
There was a problem hiding this comment.
Can you update the Source-ip and destination-ip fields to the table
There was a problem hiding this comment.
ERSPAN is already supported in community and we captured only new additions which are done as part of this PR.
doc/SONiC_Port_Mirroring_HLD.md
Outdated
| ; identifier | ||
| ;field = value | ||
| destination_port = PORT_TABLE:ifname ; ifname must be unique across PORT TABLE. | ||
| source_port = PORT_TABLE:ifname ; ifname must be unique across PORT,INTF,LAG TABLES |
There was a problem hiding this comment.
what do you mean by INTF? INTF is layer 3 concept.
There was a problem hiding this comment.
Doc is already updated. this is only port for destination port, port/LAG for src port.
|
|
||
| mirror_session_name = 1*255VCHAR | ||
|
|
||
| ### 3.2.2 APP_DB |
There was a problem hiding this comment.
what is plan to support this feature in virtual switch, like sflow.
There was a problem hiding this comment.
We dont have plan for this now. If u mean to handle specific flow to mirror, then ACL mirroring can be used. Can u please clarify on sflow part here.
doc/SONiC_Port_Mirroring_HLD.md
Outdated
|
|
||
| ## 3.5 CLI | ||
| ### 3.5.1 Data Models | ||
| Custom Yang model will be introduced for this feature. |
There was a problem hiding this comment.
can you add description for the yang model?
There was a problem hiding this comment.
Sure. I will add and update the doc
There was a problem hiding this comment.
Updated doc with both SONiC yang and openconfig extension model also
doc/SONiC_Port_Mirroring_HLD.md
Outdated
| SPAN Sessions | ||
| --------------------------------------------------------------------------------------------------------- | ||
| Name Status DST Port SRC Port Direction | ||
| sess1 active Ethernet4 Ethernet0 rx |
There was a problem hiding this comment.
what is the definition of active status? what is the criteria. can you make it clear in the document?
There was a problem hiding this comment.
Port mirror session will be active in below cases.
- When destination port only session is created, then once the session is created from SAI. the session becomes active. These sessions can be used in ACL mirroring.
- When mirroring is enabled on the source ports, then the session will become active.
doc/SONiC_Port_Mirroring_HLD.md
Outdated
|
|
||
| ## 9.1 CLI Test Cases | ||
|
|
||
| 1. Configure ERSPAN mirror session and verify all parameters are updated properly in CONFIG_DB |
There was a problem hiding this comment.
please describe where the tests are going to be contributed to? which repo?
There was a problem hiding this comment.
Some of the tests will be contributed to swss and others will be contributed to spytest. I will update in the doc.
doc/SONiC_Port_Mirroring_HLD.md
Outdated
| config mirror_session add erspan <session-name> <src_ip> <dst_ip> <gre> <dscp> [ttl] [queue] [src_port] [rx/tx/both] | ||
|
|
||
| #Configure Port mirror span mirror session. | ||
| config mirror_session add span <session-name> <destination_ifName> <source_ifName> <rx/tx/both> |
There was a problem hiding this comment.
is policer going to supported in span session?
There was a problem hiding this comment.
Yes. Policer is supported.
|
Thanks Guohan for review comments. Thanks |
|
Hi @lguohan , Can u please review the HLD and I have raised initial code PR along with pytest UT Can u please help review . Thanks |
|
@lguohan, @xinliu-seattle - can we merge this now please? |
|
|
||
|
|
||
| ## 1.3 Scalability Requirements | ||
| - Up to max ASIC capable mirror sessions to be supported. |
There was a problem hiding this comment.
Do we have a number based on TD3 and TH series?
Also how many sessions can be active at the same time. Is there any limitation
| ; unique session | ||
| ; identifier | ||
| ;field = value | ||
| destination_port = PORT_TABLE:ifname ; ifname must be unique across PORT TABLE. |
There was a problem hiding this comment.
Can you update the Source-ip and destination-ip fields to the table
|
|
||
| # Modify existing ERSPAN configuration to accept source port and direction | ||
| config mirror_session add erspan <session-name> <src_ip> <dst_ip> <gre> <dscp> [ttl] [queue] [src_port] [rx/tx/both] --policer <policer> | ||
|
|
There was a problem hiding this comment.
Why do we have dscp here? Is it for any prioritization of ERSPAN traffic mirrored across the devices?
There was a problem hiding this comment.
Yes ERSPAN tunnel header will have this dscp, This is already supported in current community code and this PR doesnt modify any behaviour of this field.
| |Name | Scaling value | | ||
| |--------------------------|--------------------| | ||
| | Max mirror sessions | silicon specific | | ||
|
|
There was a problem hiding this comment.
For TD3, TH series max 4 sessions can be supported.
SONiC Port Mirroring HLD