[libteam] Add fallback support for single-member-port LAG #1118
Conversation
* Allow the port to be selected if the LAG is configured with fallback and port is in defaulted state due to missing LACP PDUs from remote end * Only enable port if LAG is admin up and the member port is link up
|
build failure |
|
@liatgrozovik , to review and approve |
|
Hi @lguohan, I have fixed this issue. how to restart the build? Thanks, |
| + * Only enable port if the it is admin_up and link_up. | ||
| */ | ||
| - if (linkup && (!duplex == !speed)) | ||
| + if (linkup && (!duplex == !speed) && admin_state) |
There was a problem hiding this comment.
Why is it required to check admin state? If link is up, then we definitely know that admin state is also up.
There was a problem hiding this comment.
Thanks Marian @marian-pritsak for the code review.
Yes, I removed the lacp fallback timer, which is the transition time from defaulted state to fallback state. Since we reached an agreement to not modify existing LACP receive state machine, I removed the fallback state and the fallback timer is no longer needed. Also I have updated the design document
We need to check the admin state because if we create a Lag PortChannel01 with member ports Ethernet1. The PortChannel will be by default admin Shut, but the member port will be in admin UP state. If we don't check the admin status of the LAG, the member will be moved into defaulted state since it's link up, and then be moved to fallback state if lacp fallback is enabled.
Please let me know if you still have questions.
Thanks,
Haiyang
There was a problem hiding this comment.
@marian-pritsak
Hi Marian,
"If link is up, then we definitely know that admin state is also up."
This is not always true in libteam, here the admin state is actually the admin state of the LAG . So it's possible that the PortChannel is admin down, but the member port is admin up and link up. In this case, the member port will be moved into defaulted state (or fallback state if enabled), which is not desired as the PortChannel is admin shutdown.
Please let me know if you still have concerns regarding this admin check. If so, we can setup a skype call to discuss further.
FYI. Some log I captured after shutting down the PortChannel11, the admin_state is "0" (down), but the member port Ethernet11 is still link up
admin@ASW3.ET2:~$ teamshow
Flags: A - active, I - inactive, Up - up, Dw - Down, N/A - not available, S - selected, D - deselected
No. Team Dev Protocol Ports
----- ------------- ----------- -------------
11 PortChannel11 LACP(A)(Up) Ethernet11(S)
admin@ASW3.ET2:~$ sudo ifconfig PortChannel11 down
admin@ASW3.ET2:~$ teamshow
Flags: A - active, I - inactive, Up - up, Dw - Down, N/A - not available, S - selected, D - deselected
No. Team Dev Protocol Ports
----- ------------- ----------- -------------
11 PortChannel11 LACP(A)(Dw) Ethernet11(D)
admin@ASW3.ET2:~$ sudo grep admin_state /var/log/teamd.log | grep PortChannel11
Nov 27 16:08:49.718118 ASW3.et2 DEBUG teamd_PortChannel11[63]: Ethernet11 **admin_state "0" link_up.**
admin@ASW3.ET2:~$
admin@ASW3.ET2:~$ teamdctl PortChannel11 state
setup:
runner: lacp
ports:
Ethernet11
link watches:
link summary: up
instance[link_watch_0]:
name: ethtool
link: up
down count: 0
runner:
aggregator ID: 0
selected: no
state: disabled
runner:
active: yes
fast rate: no
admin@ASW3.ET2:~$ ip link show Ethernet11
22: Ethernet11: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast master PortChannel11 state UP mode DEFAULT group default qlen 1000
link/ether 00:05:64:2f:2b:d5 brd ff:ff:ff:ff:ff:ff
admin@ASW3.ET2:~$ ip link show PortChannel11
5: PortChannel11: <BROADCAST,MULTICAST> mtu 1500 qdisc noqueue state DOWN mode DEFAULT group default
link/ether 00:05:64:2f:2b:d5 brd ff:ff:ff:ff:ff:ff
admin@ASW3.ET2:~$ bcmcmd "ps xe11"
ps xe11
ena/ speed/ link auto STP lrn inter max cut loop
port link Lns duplex scan neg? state pause discrd ops face frame thru? back
xe11( 12) up 1 25G FD SW No Forward TX RX None FA KR 1522 No
drivshell>
admin@ASW3.ET2:~$
Thanks,
Haiyang
There was a problem hiding this comment.
@hzheng5 , this is actually separate issue. whether or not member port admin status depends on the lag admin status is a separate issue. i tested on arista switch, when the lag is down, the member port is errdisabled. is this issue related to lacp fallback mechanism? can you explain?
|
retest this please |
|
The commit message has duplicate information (at the beginning and after the 'What I did' Not sure i see in this PR how the configuration is set and where it is added. General comments:
|
|
Really appreciate your input and suggestions. Have removed the duplicate part in commit messages. Also add the single member port limitation in the message. Regarding your two comments:
Thanks, |
|
@hzheng5 i dont think i saw your comment about "Not sure i see in this PR how the configuration is set and where it is added." can you please elaborate how does it suppose to work? |
|
@liatgrozovik Sorry I missed this one. By default, the fallback feature is disabled. To configure LACP fallback on a LAG, there are two options.
PortChannel10.conf :
Thanks, |
* Remove min_link config if fallback is configured * Add support for fallback config in minigraph
| if pcintf.find(str(QName(ns, "Fallback"))) != None: | ||
| pcs[pcintfname] = {'members': pcmbr_list, 'fallback': pcintf.find(str(QName(ns, "Fallback"))).text} | ||
| else: | ||
| pcs[pcintfname] = {'members': pcmbr_list} |
There was a problem hiding this comment.
I understand that "fallback" feature is currently not supporting multi-member portchannels, but what would be the behavior if a user (deliberately/accidentally) enables "fallback" for more than one member? Shouldn't we write some logic in minigraph/config_db parsers to prevent those scenarios? If the current "fallback" logic were to allow more than one port to come up, I'm concerned about the implications that may have as we would be keeping two L2 "doors" wide-opened to the same server (traffic-loops, broadcast-storms, etc).
There was a problem hiding this comment.
Thanks @rodnymolina for the code review.
Ideally, we should have cfgmgr to check such misconfig and reject if fallback is configured on multiple member port. However, the infra is not ready yet. If we add logic in minigraph/config_db parsers to reject such case, there will be discrepancy between the config_db and the config we applied on the LAG unless the parser is able to update the config DB.
The fallback is disabled by default on all LAGs, and we will make it clear in the release note. Anyone using such feature should avoid such misconfig.
Please let me know if you think such check logic is needed. I can add it to the teamd.j2 template to disable the member port is more than 1. However the user may still manually add more member port after the LAG is created using teamd cli.
There is no way to complete block fallback on a multiple member LAG>
Thanks,
Haiyang
There was a problem hiding this comment.
I understand all that. In fact, you can indeed prevent users from enabling fallback on multiple members (that's what vendors do), but that requires extra logic on teamd to always determine a single "winner" port (based on mac, or port name, etc). But I'm not suggesting to do all that. What i'm saying is that given the potential consequences a bogus configuration may bring, i would suggest you to enforce some prevention logic somewhere (perhaps teamd.j2 is the right location while we wait for a proper configMgr). Personally, i don't know how a server may behave in early bootup-stages. For example, it could see both NICs as UP, and it may be tempted to send traffic through both of them. Now, what if it uses the same source IP? This may trigger mac-move/learning events across your entire broadcast-domain. In essence, this is not a problem i would like to troubleshoot in my network. I will leave the final decision to you, so i'll approve this review now.
There was a problem hiding this comment.
Thanks @rodnymolina
As you suggested, I added some logic to teamd.j2 to only enable fallback if it is a single-member-port LAG.
+{% if PORTCHANNEL[pc]['fallback'] and ((PORTCHANNEL[pc]['members'] | length) == 1) %}
+{# Set fallback only if it has single member port #}
Thanks,
Haiyang
Signed-off-by: Haiyang Zheng <haiyang.z@alibaba-inc.com>
Will submit another pull request to fix this issue. Signed-off-by: Haiyang Zheng <haiyang.z@alibaba-inc.com>
|
will merge once build finishes |
|
Thanks a lot, Guohan
Will submit another pull request for "Only enable port if LAG is admin up and the member port is link up"
Thanks,Haiyang------------------------------------------------------------------From:lguohan <notifications@github.com>Time:2017 Dec 16 (Sat) 13:15To:Azure/sonic-buildimage <sonic-buildimage@noreply.github.com>Cc:Haiyang <haiyang.z@alibaba-inc.com>; Mention <mention@noreply.github.com>Subject:Re: [Azure/sonic-buildimage] [libteam] Add fallback support for single-member-port LAG (#1118)
will merge once build finishes—
You are receiving this because you were mentioned.
Reply to this email directly, view it on GitHub, or mute the thread.
|
swss: * f354798 2019-11-09 | [tests] fix build agains real SAI (sonic-net#1123) (HEAD, origin/master, origin/HEAD) [Stepan Blyshchak] * 56d66a1 2019-11-07 | Sub port interface implementation (sonic-net#969) [Wenda Ni] * c57fc34 2019-11-07 | [bufferorch] Fixed buffer and buffer profile attributes types accoring to changes in SAI 1.5 (sonic-net#1120) [Vitaliy Senchyshyn] * 85ff17d 2019-11-07 | [VRF]: submit vrf feature (sonic-net#943) [Tyler Li] * 5604566 2019-11-06 | [vs_test] fix fdb test failed randomly (sonic-net#1118) [Tyler Li] * 038d994 2019-11-05 | [vnet]: Correct VNET route table size for BITMAP implementation (sonic-net#1115) [Volodymyr Samotiy] * bb4e19c 2019-11-04 | Not wait till kernel net_devices are created for all physical ports to (sonic-net#1109) [Wenda Ni] * bab7b93 2019-11-02 | [portsorch] fix PortsOrch::allPortsReady() returns true when it should not (sonic-net#1103) [Stepan Blyshchak] * 5ab3f6b 2019-10-31 | Updating pytest for sflow (sonic-net#1095) [Sudharsan D.G] * d4ccdc3 2019-10-29 | Quote input strings before constructing a command line (sonic-net#1098) [Qi Luo] * 5516ec4 2019-10-29 | Check RIF/Port exists only for add entries (sonic-net#1110) [Prince Sunny] * 59440f2 2019-10-29 | Allow buffer profile apply after init (sonic-net#1099) [Wenda Ni] sairedis: * d9faa58 2019-10-24 | Copp changes for supporting genetlink in vs (sonic-net#522) [Sudharsan D.G] utiltiies: * e4a5e4c 2019-11-07 | Do not start pfcwd for M0 devices (sonic-net#726) (HEAD, origin/master, origin/HEAD) [Neetha John] * 2c0af8a 2019-11-07 | Add an on/off knob for BGP EOIU pulling on warm restart (sonic-net#655) [heidinet2007] * 2bce9ce 2019-11-07 | Make configlet application script idempotent for updates. (sonic-net#728) [Renuka Manavalan] * 4740617 2019-11-06 | Revert "show BPS, PPS, UTIL rates w/o previous clear (sonic-net#508)" (sonic-net#718) [Mykola F]
swss: * f354798 2019-11-09 | [tests] fix build agains real SAI (#1123) (HEAD, origin/master, origin/HEAD) [Stepan Blyshchak] * 56d66a1 2019-11-07 | Sub port interface implementation (#969) [Wenda Ni] * c57fc34 2019-11-07 | [bufferorch] Fixed buffer and buffer profile attributes types accoring to changes in SAI 1.5 (#1120) [Vitaliy Senchyshyn] * 85ff17d 2019-11-07 | [VRF]: submit vrf feature (#943) [Tyler Li] * 5604566 2019-11-06 | [vs_test] fix fdb test failed randomly (#1118) [Tyler Li] * 038d994 2019-11-05 | [vnet]: Correct VNET route table size for BITMAP implementation (#1115) [Volodymyr Samotiy] * bb4e19c 2019-11-04 | Not wait till kernel net_devices are created for all physical ports to (#1109) [Wenda Ni] * bab7b93 2019-11-02 | [portsorch] fix PortsOrch::allPortsReady() returns true when it should not (#1103) [Stepan Blyshchak] * 5ab3f6b 2019-10-31 | Updating pytest for sflow (#1095) [Sudharsan D.G] * d4ccdc3 2019-10-29 | Quote input strings before constructing a command line (#1098) [Qi Luo] * 5516ec4 2019-10-29 | Check RIF/Port exists only for add entries (#1110) [Prince Sunny] * 59440f2 2019-10-29 | Allow buffer profile apply after init (#1099) [Wenda Ni] sairedis: * d9faa58 2019-10-24 | Copp changes for supporting genetlink in vs (#522) [Sudharsan D.G] utiltiies: * e4a5e4c 2019-11-07 | Do not start pfcwd for M0 devices (#726) (HEAD, origin/master, origin/HEAD) [Neetha John] * 2c0af8a 2019-11-07 | Add an on/off knob for BGP EOIU pulling on warm restart (#655) [heidinet2007] * 2bce9ce 2019-11-07 | Make configlet application script idempotent for updates. (#728) [Renuka Manavalan] * 4740617 2019-11-06 | Revert "show BPS, PPS, UTIL rates w/o previous clear (#508)" (#718) [Mykola F]
swss: * f354798 2019-11-09 | [tests] fix build agains real SAI (sonic-net#1123) (HEAD, origin/master, origin/HEAD) [Stepan Blyshchak] * 56d66a1 2019-11-07 | Sub port interface implementation (sonic-net#969) [Wenda Ni] * c57fc34 2019-11-07 | [bufferorch] Fixed buffer and buffer profile attributes types accoring to changes in SAI 1.5 (sonic-net#1120) [Vitaliy Senchyshyn] * 85ff17d 2019-11-07 | [VRF]: submit vrf feature (sonic-net#943) [Tyler Li] * 5604566 2019-11-06 | [vs_test] fix fdb test failed randomly (sonic-net#1118) [Tyler Li] * 038d994 2019-11-05 | [vnet]: Correct VNET route table size for BITMAP implementation (sonic-net#1115) [Volodymyr Samotiy] * bb4e19c 2019-11-04 | Not wait till kernel net_devices are created for all physical ports to (sonic-net#1109) [Wenda Ni] * bab7b93 2019-11-02 | [portsorch] fix PortsOrch::allPortsReady() returns true when it should not (sonic-net#1103) [Stepan Blyshchak] * 5ab3f6b 2019-10-31 | Updating pytest for sflow (sonic-net#1095) [Sudharsan D.G] * d4ccdc3 2019-10-29 | Quote input strings before constructing a command line (sonic-net#1098) [Qi Luo] * 5516ec4 2019-10-29 | Check RIF/Port exists only for add entries (sonic-net#1110) [Prince Sunny] * 59440f2 2019-10-29 | Allow buffer profile apply after init (sonic-net#1099) [Wenda Ni] sairedis: * d9faa58 2019-10-24 | Copp changes for supporting genetlink in vs (sonic-net#522) [Sudharsan D.G] utiltiies: * e4a5e4c 2019-11-07 | Do not start pfcwd for M0 devices (sonic-net#726) (HEAD, origin/master, origin/HEAD) [Neetha John] * 2c0af8a 2019-11-07 | Add an on/off knob for BGP EOIU pulling on warm restart (sonic-net#655) [heidinet2007] * 2bce9ce 2019-11-07 | Make configlet application script idempotent for updates. (sonic-net#728) [Renuka Manavalan] * 4740617 2019-11-06 | Revert "show BPS, PPS, UTIL rates w/o previous clear (sonic-net#508)" (sonic-net#718) [Mykola F]
- Change test_FdbAddedAfterMemberCreated not to assert the count of entries but to check the existance of entry added by itself, because other entry may be learned after flush. The former test case does't clean the config, that makes more chance to learn fdb entry. - Fix the bug is_fdb_entry_exists didn't match key. Add a function get_vlan_oid to change vlanid to bvid. Change mac format to match in asic_db.
Revert "Revert " [201911]show interface counters for multi ASIC devices (#1104)"" Revert "Revert "Pfcstat (#1097)"" [show] Fix 'show int neighbor expected' (#1106) Update argument for docker exec it->i (#1118) Update to make config load/reload backward compatible. (#1115) Handling deletion of Port Channel before deletion of its members (#1062) Skip default route present in ASIC-DB but not in APP-DB. (#1107) [CLI][PFCWD][Multi-ASIC] Added multi ASIC support to 'pfcwd' CLI (#1102) [201911] Multi asic platform config interface portchannel, show transceiver (#1087) [drop counters] Fix configuration for counters with lowercase names (#1103) Signed-off-by: Abhishek Dosi <abdosi@microsoft.com>
Update sonic-sairedis submodule pointer to include the following: 402eb14 [ppi]: Enable bulk API. (#1171) 86bb828 Switch to using stock gcovr 5.2 (#1174) 1c9ca78 Manage LANES mapping on VOQ system (#1127) 5887d31 Fix for [EVPN] When MAC moves from remote end point to local, ASIC DB fields are not updated properly for the mac #11503Update NotificationProcessor.cpp (#1118) 559bd5b [ci][asan] add DVS tests run with ASAN (#1139) 4ab46b5 Initialize attr variables in Legacy.switch_get and LegacyFdbEntry.fdb_entry_get (#1169) 4e24c77 The meta_sai_validate_fdb_entry() validates the input FDB entry for the (#1154) Signed-off-by: Nazarii Hnydyn <nazariig@nvidia.com>
Why I did it sonic-sairedis 53488e9 - [sai_failure_dump]Invoking dump during SAI failure (Update Mellanox buffer profiles config #1198) (15 hours ago) [Sudharsan Dhamal Gopalarathnam] 85921af - [Mellanox] Enable DSCP remapping by using SAI attribute ([Nephos] Updating download link for SAI and SDK #1188) (15 hours ago) [Stephen Sun] 82f2cd7 - Switch to using stock gcovr 5.2 (Add service to config hostname based on configdb #1174) (15 hours ago) [Saikrishna Arcot] 3a6c60d - [ppi]: Enable bulk API. ([Aboot] Declare flash_size for all platform #1171) (15 hours ago) [Nazarii Hnydyn] f1303cb - Use github code scanning instead of LGTM (#1160) (15 hours ago) [Liu Shilong] b1972d9 - Fix for [EVPN] When MAC moves from remote end point to local, ASIC DB fields are not updated properly for the mac #11503Update NotificationProcessor.cpp ([libteam] Add fallback support for single-member-port LAG #1118) (15 hours ago) [anilkpan] How I did it How to verify it
- What I did
with fallback and port is in defaulted state due to missing
LACP PDUs from remote end
is link up
PLEASE note this pull request will only support LACP Fallback for single-member-port LAG as now. Since with this pull request, all member ports within LAG with fallback configured will be selected and active, which may not work for multiple member port LAG in some cases.
- How I did it
- How to verify it
- Description for the changelog
- A picture of a cute animal (not mandatory but encouraged)