-
Notifications
You must be signed in to change notification settings - Fork 1.4k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
[action] [PR:17281] Fix can't access IPV6 address via management interface because 'default' route table does not add to route lookup issue. #17676
Merged
Merged
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
…lt' route table does not add to route lookup issue. (sonic-net#17281) Fix can't access IPV6 address via management interface because 'default' route table does not add to route lookup issue. #### Why I did it When device set with IPV6 TACACS server address, and shutdown all BGP, device can't connect to TACACS server via management interface. After investigation, I found the IPV6 'default' route table does not add to route lookup: admin@vlab-01:~$ ip -6 rule list 1001: from all lookup local 32765: from fec0::ffff:afa:1 lookup default 32766: from all lookup main admin@vlab-01:~$ As compare: admin@vlab-01:~$ ip -4 rule list 1001: from all lookup local 32764: from all to 172.17.0.1/24 lookup default 32765: from 10.250.0.101 lookup default 32766: from all lookup main 32767: from all lookup default <== 'default' route table exist in IPV4 route lookup Issue fix by add 'default' route table to route lookup with following command: admin@vlab-01:~$ sudo ip -6 rule add pref 32767 lookup default admin@vlab-01:~$ ip -6 rule list 1001: from all lookup local 32765: from fec0::ffff:afa:1 lookup default 32766: from all lookup main 32767: from all lookup default <== 'default' route table been added to IPV6 route lookup admin@vlab-01:~$ ##### Work item tracking - Microsoft ADO: 25798732 #### How I did it When management interface using 'default' route table, add 'default' route table to IPV6 route lookup. #### How to verify it Pass all UT. Add new UT to cover this change. Manually verify issue fixed: ### Tested branch (Please provide the tested image version) - [x] master-17281.417570-2133d58fa #### Description for the changelog Fix can't access IPV6 address via management interface because 'default' route table does not add to route lookup issue.
8 tasks
Original PR: #17281 |
nonodark
added a commit
to nonodark/sonic-buildimage
that referenced
this pull request
Jan 29, 2024
Signed-off-by: nonodark <ef67891@yahoo.com.tw> Squashed commit of the following: commit 335ebaa Author: mssonicbld <79238446+mssonicbld@users.noreply.github.com> Date: Wed Jan 24 16:35:00 2024 +0800 [submodule] Update submodule sonic-platform-daemons to the latest HEAD automatically (sonic-net#17891) src/sonic-platform-daemons ``` * 824c20a - (HEAD -> 202305, origin/202305) Support 800G ifname in xcvrd (sonic-net#420) (20 hours ago) [Anoop Kamath] ``` commit 78e211c Author: mssonicbld <79238446+mssonicbld@users.noreply.github.com> Date: Sun Jan 21 16:32:35 2024 +0800 [submodule] Update submodule sonic-utilities to the latest HEAD automatically (sonic-net#17868) src/sonic-utilities ``` * 83a548de - (HEAD -> 202305, origin/202305) Disable Key Validation feature during sonic-installation for Cisco Platforms (sonic-net#3115) (22 hours ago) [selvipal] ``` commit 5d30151 Author: mssonicbld <79238446+mssonicbld@users.noreply.github.com> Date: Sat Jan 20 16:32:45 2024 +0800 [submodule] Update submodule sonic-snmpagent to the latest HEAD automatically (sonic-net#17863) src/sonic-snmpagent ``` * 6f59d29 - (HEAD -> 202305, origin/202305) Fix SNMP dropping some of the queue counter when create_only_config_db_buffers is set to true (sonic-net#303) (sonic-net#309) (33 minutes ago) [mssonicbld] ``` commit 208c170 Author: mssonicbld <79238446+mssonicbld@users.noreply.github.com> Date: Sat Jan 20 04:32:37 2024 +0800 [submodule] Update submodule sonic-snmpagent to the latest HEAD automatically (sonic-net#17859) src/sonic-snmpagent ``` * 2efaf2e - (HEAD -> 202305, origin/202305) Revert "[action] [PR:303] Fix SNMP dropping some of the queue counter when create_only_config_db_buffers is set to true (sonic-net#303)" (sonic-net#308) (4 minutes ago) [StormLiangMS] ``` commit 306175b Author: Saikrishna Arcot <sarcot@microsoft.com> Date: Fri Jan 19 03:16:04 2024 -0800 dhcrelay: Don't look up the ifindex for the fallback interface (sonic-net#17797) (sonic-net#17840) Currently, whenever isc-dhcp-relay forwards a packet upstream, internally, it will try to send it on a "fallback" interface. My understanding is that this isn't meant to be a real interface, but instead is basically saying to use Linux's regular routing stack to route the packet appropriately (rather than having isc-dhcp-relay specify specifically which interface to use). The problem is that on systems with a weak CPU, a large number of interfaces, and many upstream servers specified, this can introduce a noticeable delay in packets getting sent. The delay comes from trying to get the ifindex of the fallback interface. In one test case, it got to the point that only 2 packets could be processed per second. Because of this, dhcrelay will easily get backlogged and likely get to a point where packets get dropped in the kernel. Fix this by adding a check saying if we're using the fallback interface, then don't try to get the ifindex of this interface. We're never going to have an interface named this in SONiC. Signed-off-by: Saikrishna Arcot <sarcot@microsoft.com> commit fc7a1ac Author: mssonicbld <79238446+mssonicbld@users.noreply.github.com> Date: Fri Jan 19 18:36:00 2024 +0800 [submodule] Update submodule sonic-snmpagent to the latest HEAD automatically (sonic-net#17853) src/sonic-snmpagent ``` * b0a4bcc - (HEAD -> 202305, origin/202305) Set the execute bit on sysDescr_pass.py (sonic-net#306) (22 hours ago) [Andre Kostur] ``` commit 30b1f05 Author: mssonicbld <79238446+mssonicbld@users.noreply.github.com> Date: Fri Jan 19 16:34:55 2024 +0800 [submodule] Update submodule linkmgrd to the latest HEAD automatically (sonic-net#17851) src/linkmgrd ``` * f5e9b54 - (HEAD -> 202305, origin/202305) [CodeQL] fix unmet build dependency (sonic-net#222) (10 hours ago) [Jing Zhang] * 2282cc5 - [active-standby] Probe the link in suspend timeout (sonic-net#235) (22 hours ago) [Longxiang Lyu] ``` commit 66ce739 Author: mssonicbld <79238446+mssonicbld@users.noreply.github.com> Date: Fri Jan 19 16:34:46 2024 +0800 [submodule] Update submodule sonic-utilities to the latest HEAD automatically (sonic-net#17855) src/sonic-utilities ``` * 93c42272 - (HEAD -> 202305, origin/202305) [chassis]: Support show ip bgp summary to display without error when no external neighbors are configured on chassis LC (sonic-net#3099) (22 hours ago) [Arvindsrinivasan Lakshmi Narasimhan] ``` commit 076b6c3 Author: zitingguo-ms <zitingguo@microsoft.com> Date: Fri Jan 19 14:56:01 2024 +0800 upgrade xgs SAI to 8.4.39.2 (sonic-net#17842) Why I did it Upgrade the xgs SAI version to 8.4.39.2 to include the following fix: 8.4.36.0: [submodule upgrade] [SAI_BRANCH rel_ocp_sai_8_4] SID: SDK-381039 Cosq control dynamic type changes 8.4.37.0: SID: MMU cosq control configuration with Dynamic Type Check 8.4.38.0: [sbumodule upgrade] [CSP 0001232212][SAI_BRANCH rel_ocp_sai_8_4]back-porting SONIC-82415 to SAI 8.4 8.4.39.0: [CSP CS00012320979] Port SONIC-81867 sai spec compliance for get SAI_SWITCH_ATTR_SWITCH_HARDWARE_INFO 8.4.39.1: changes for phy-re-init of 40G ports for TH platforms CS00012327470 8.4.39.2: fix capability for Hostif queue by change SET operation of SAI_HOSTIF_ATTR_QUEUE to be true Work item tracking Microsoft ADO (number only): 26491005 How I did it Upgrade xgs SAI version in sai.mk file. How to verify it Run basic SONiC test using SAI release pipeline, all cases passed. https://dev.azure.com/mssonic/internal/_build/results?buildId=457869&view=results commit 6d767e5 Author: abdosi <58047199+abdosi@users.noreply.github.com> Date: Thu Jan 18 20:53:26 2024 -0800 [chassis] Support advertisement of Loopback0 of all LC's across all e-BGP peers in TSA mode (sonic-net#16714) (sonic-net#17837) What I did: In Chassis TSA mode Loopback0 Ip's of each LC's should be advertise through e-BGP peers of each remote LC's How I did: - Route-map policy to Advertise own/self Loopback IP to other internal iBGP peers with a community internal_community as define in constants.yml - Route-map policy to match on above internal_community when route is received from internal iBGP peers and set a internal tag as define in constants.yml and also delete the internal_community so we don't send to any of e-BGP peers - In TSA new route-map match on above internal tag and permit the route (Loopback0 IP's of remote LC's) and set the community to traffic_shift_community. - In TSB delete the above new route-map. How I verify: Manual Verification UT updated. sonic-mgmt PR: sonic-net/sonic-mgmt#10239 Signed-off-by: Abhishek Dosi <abdosi@microsoft.com> commit 898f126 Author: Baorong Liu <baorliu@cisco.com> Date: Thu Jan 18 04:08:29 2024 -0800 [staticroutebfd]double commit PR-16450, change bfd to singlehop (sonic-net#17549) Why I did it double commit PR-16450 because of cherry pick conflict for PR#202305 Work item tracking Microsoft ADO (number only): How I did it How to verify it commit d81780b Author: ganglv <88995770+ganglyu@users.noreply.github.com> Date: Thu Jan 18 20:07:40 2024 +0800 Fix host service for 202305 branch (sonic-net#17781) Why I did it When we disable telemetry.service, sonic-hostservice will not start. And root cause is sonic-hostservice is only wanted by telemetry.service. Work item tracking Microsoft ADO (number only): How I did it Add dependency for gnmi.service. How to verify it Disable telemetry.service and build new image, and then check sonic-hostservice with new image. commit b99c46e Author: Liu Shilong <shilongliu@microsoft.com> Date: Thu Jan 18 20:05:04 2024 +0800 [build] Add gpg keys for sonic-slave-bullseye in arm64 cross build on amd64. (sonic-net#17182) (sonic-net#17828) Fix sonic-net#16204 Microsoft ADO (number only): 25746782 How I did it multiarch/debian-debootstrap:arm64-bullseye is too old. It needs to add some gpg keys before 'apt-get update' commit f460347 Author: mssonicbld <79238446+mssonicbld@users.noreply.github.com> Date: Thu Jan 18 16:34:00 2024 +0800 [submodule] Update submodule sonic-swss to the latest HEAD automatically (sonic-net#17821) src/sonic-swss ``` * ac94f0b7 - (HEAD -> 202305, origin/202305) [202305][routeorch] Fixing bug with multiple routes pointing to nhg (sonic-net#3002) (2 hours ago) [Nikola Dancejic] ``` commit ed71c12 Author: abdosi <58047199+abdosi@users.noreply.github.com> Date: Fri Jul 7 11:10:35 2023 -0700 Enable BFD for Static Route for chassis-packet. (sonic-net#15383) *What I did: Enable BFD for Static Route for chassis-packet. This will trigger the use of the feature as defined in here: sonic-net#13789 Signed-off-by: Abhishek Dosi <abdosi@microsoft.com> commit aa01630 Author: abdosi <58047199+abdosi@users.noreply.github.com> Date: Tue Aug 29 13:41:01 2023 -0700 [build]: Added flag in sonic_version.yml to see if image is secured or non-secured (sonic-net#16191) What I did: Added flag in sonic_version.yml to see if compiled image is secured or non-secured. This is done using build/compile time environmental variable SECURE_UPGRADE_MODE as define in HLD: https://github.com/sonic-net/SONiC/blob/master/doc/secure_boot/hld_secure_boot.md This flag does not provide the runtime status of whether the image has booted securely or not. It's possible that compile time signed image (secured image) can boot on non secure platform. Why I did: Flag can be used for manual check or by the test case. ADO: 24319390 How I verify: Manual Verification --- build_version: 'master-16191.346262-cdc5e72a3' debian_version: '11.7' kernel_version: '5.10.0-18-2-amd64' asic_type: broadcom asic_subtype: 'broadcom' commit_id: 'cdc5e72a3' branch: 'master-16191' release: 'none' build_date: Fri Aug 25 03:15:45 UTC 2023 build_number: 346262 built_by: AzDevOps@vmss-soni001UR5 libswsscommon: 1.0.0 sonic_utilities: 1.2 sonic_os_version: 11 secure_boot_image: 'no' Signed-off-by: Abhishek Dosi <abdosi@microsoft.com> commit 9f81d9d Author: snider-nokia <76123698+snider-nokia@users.noreply.github.com> Date: Mon Jan 8 14:38:46 2024 -0500 [Nokia][sonic-platform] Update Nokia sonic-platform submodule and device data (sonic-net#17378) These changes, in conjunction with NDK version >= 22.9.17 address the thermal logging issues discussed at Nokia-ION/ndk#27. While the changes contained at this PR do not require coupling to NDK version >= 22.9.17, thermal logging enhancements will not be available without updated NDK >= 22.9.17. Thus, coupling with NDK >=22.9.17 is preferred and recommended. Why I did it To address thermal logging deficiencies. Work item tracking Microsoft ADO (number only): 26365734 How I did it The following changes are included: Threshold configuration values are provided in the associated device data .json files. There is also a change included to better handle the condition where an SFP module read fails. Modify the module.py reboot to support reboot linecard from Supervisor - Modify reboot to call _reboot_imm for single IMM card reboot - Add log to the ndk_cmd to log the operation of "reboot-linecard" and "shutdown/satrtup the sfm" Add new nokia_cmd set command and modify show ndk-status output - Add a new function reboot_imm() to nokia_common.py to support reboot a single IMM slot from CPM - Added new command: nokia_cmd set reboot-linecard <slot> [forece] for CPM - Append a new column "RebootStatus" at the end of output of "nokia_cmd show ndk-status" - Provide ability for IMM to disable all transceiver module TX at reboot time - Remove defunct xcvr-resync service commit 2f8630c Author: Marty Y. Lok <76118573+mlok-nokia@users.noreply.github.com> Date: Mon Jan 8 14:39:30 2024 -0500 [Nokia-IXR7250E] Modify the platform_reboot on the IXR7250E for PMON API reboot and Disable all SFPs (sonic-net#17483) Why I did it When Supervisor card is rebooted by using PMON API, it takes about 90 seconds to trigger the shutdown in down path. At this time linecards have been up. This delays linecards database initialization which is trying to PING/PONG the database-chassis. To address this issue, we modified the NDK to use the system call with "sudo reboot" when the request is from PMON API on Supervisor case. The NDK version is 22.9.20 and greater. This new NDK requires this modifcaiton of platform_reboot to work with. Work item tracking Microsoft ADO (number only): 26365734 How I did it Modify the platform_reboot In Supervisor not to reboot all IMMs since it has been done in the function reboot() in module.py. Also handle the reboot-cause.txt for on the Supervisor when the reboot is request from PMON API. Modify the Nokia platform specific platform_reboot in linecard to disable all SPFs. This PR works with NDK version 22.9.20 and above Signed-off-by: mlok <marty.lok@nokia.com> commit 6926171 Author: Liu Shilong <shilongliu@microsoft.com> Date: Mon Jan 15 14:59:21 2024 +0800 [build] Fix a bash script some times called by sh issue. (sonic-net#17761) Why I did it Fix a bug that sometimes the script runs in sh not bash. Work item tracking Microsoft ADO (number only): 26297955 How I did it commit a262306 Author: vdahiya12 <67608553+vdahiya12@users.noreply.github.com> Date: Tue Jan 16 11:34:19 2024 -0800 [Arista] Update config.bcm of 7060_cx32s for handling 40g optics with unreliable los settings (sonic-net#17768) For 40G optics there is SAI handling of T0 facing ports to be set with SR4 type and unreliable los set for a fixed set of ports. For this property to be invoked the requirement is set phy_unlos_msft=1 in config.bcm. This change is to meet the requirement and once this property is set, the los/interface type settings is applied by SAI on the required ports. Why I did it For Arista-7060CX-32S-Q32 T1, 40G ports RX_ERR minimalization during connected device reboot can be achieved by turning on Unreliable LOS and SR4 media_type for all ports which are connected to T0. The property phy_unlos_msft=1 is to exclusively enable this property. Microsoft ADO: 25941176 How I did it Changes in SAI and turning on property How to verify it Ran the changes on a testbed and verified configurations are as intended. with property admin@sonic2:~$ bcmcmd "phy diag xe8 dsc config" | grep -C 2 "LOS" Brdfe_on = 0 Media Type = 2 Unreliable LOS = 1 Scrambling Disable = 0 Lane Config from PCS = 0 without property admin@sonic:~$ bcmcmd "phy diag xe8 dsc config" | grep -C 2 "LOS" Brdfe_on = 0 Media Type = 0 Unreliable LOS = 0 Scrambling Disable = 0 Lane Config from PCS = 0 Signed-off-by: vaibhav-dahiya <vdahiya@microsoft.com> commit 245f337 Author: Feng-msft <fenpan@microsoft.com> Date: Fri Jan 12 10:51:48 2024 +0800 Fix dialout build flag issue. (sonic-net#17715) Fix ENABLE_DIALOUT flag issue. - Microsoft ADO **(number only)**: 21326000 Update Makefile.work and add debug string. ![image](https://github.com/sonic-net/sonic-buildimage/assets/97083744/960d75d1-618c-4734-acb5-7a32a28c262b) commit b53a890 Author: Liping Xu <108326363+lipxu@users.noreply.github.com> Date: Fri Jan 12 15:26:06 2024 +0800 disable restapi for leafRouter in slim image (sonic-net#17713) Why I did it For some devices with small memory, after upgrading to the latest image, the available memory is not enough. Work item tracking Microsoft ADO (number only): 26324242 How I did it Disable restapi feature for LeafRouter which with slim image. How to verify it verified on 7050qx T1 (slim image), restapi disabled verified on 7050qx T0 (slim image), restapi enabled verified on 7260 T1 (normal image), restapi enabled commit 8561fa6 Author: mssonicbld <79238446+mssonicbld@users.noreply.github.com> Date: Fri Jan 12 16:34:35 2024 +0800 [submodule] Update submodule sonic-utilities to the latest HEAD automatically (sonic-net#17757) src/sonic-utilities ``` * 651a80b1 - (HEAD -> 202305, origin/202305) Modify teamd retry count script to base BGP status on default BGP status (sonic-net#3069) (22 hours ago) [Saikrishna Arcot] ``` commit 9f66a7d Author: Lawrence Lee <lawlee@microsoft.com> Date: Wed Jan 10 14:40:15 2024 -0800 add timeout to ping6 command (sonic-net#17729) Signed-off-by: Lawrence Lee <lawlee@microsoft.com> commit 13aa19a Author: Nazarii Hnydyn <nazariig@nvidia.com> Date: Wed Jan 10 15:15:55 2024 +0200 [swss/syncd]: Remove dependency on interfaces-config.service (sonic-net#17649) Signed-off-by: Nazarii Hnydyn nazariig@nvidia.com This improvement does not bring any warm-reboot degradation, since the database availability (tcp/ip access over the loopback interface) was fixed by these PRs: Re-add 127.0.0.1/8 when bringing down the interfaces sonic-net#15080 Fix potentially not having any loopback address on lo interface sonic-net#16490 Why I did it Removed dependency on interfaces-config.service to speed up the boot, because interfaces-config.service takes a lot of time on init Work item tracking N/A How I did it Changed service files for swss/syncd How to verify it Boot and check swss/syncd start time comparing to interfaces-config commit f4c15b8 Author: mssonicbld <79238446+mssonicbld@users.noreply.github.com> Date: Wed Jan 10 16:34:10 2024 +0800 [submodule] Update submodule linkmgrd to the latest HEAD automatically (sonic-net#17731) src/linkmgrd ``` * 2f5971f - (HEAD -> 202305, origin/202305) [warmboot] use config_db connector to update mux mode config instead of CLI (sonic-net#223) (4 hours ago) [Jing Zhang] ``` commit a3b5ea9 Author: Nazarii Hnydyn <nazariig@nvidia.com> Date: Wed Jan 10 02:56:20 2024 +0200 [sonic-cfggen]: Optimize template rendering and database access. (sonic-net#17650) Signed-off-by: Nazarii Hnydyn nazariig@nvidia.com Why I did it Improved switch init time Work item tracking N/A How I did it Replaced: sonic-cfggen -> sonic-db-cli Aggregated template list for sonic-cfggen How to verify it Run warm-reboot commit 44bc291 Author: mssonicbld <79238446+mssonicbld@users.noreply.github.com> Date: Wed Jan 10 04:32:40 2024 +0800 [submodule] Update submodule linkmgrd to the latest HEAD automatically (sonic-net#17721) src/linkmgrd ``` * 2089ab6 - (HEAD -> 202305, origin/202305) Exclude DbInterface in PR coverage check (sonic-net#224) (3 hours ago) [Jing Zhang] ``` commit 1337597 Author: mssonicbld <79238446+mssonicbld@users.noreply.github.com> Date: Wed Jan 10 02:32:19 2024 +0800 [submodule] Update submodule sonic-snmpagent to the latest HEAD automatically (sonic-net#17722) src/sonic-snmpagent ``` * e5fd192 - (HEAD -> 202305, origin/202305) Fix SNMP dropping some of the queue counter when create_only_config_db_buffers is set to true (sonic-net#303) (9 hours ago) [DavidZagury] ``` commit bb23f7b Author: mssonicbld <79238446+mssonicbld@users.noreply.github.com> Date: Sat Jan 6 16:42:00 2024 +0800 [submodule] Update submodule sonic-gnmi to the latest HEAD automatically (sonic-net#17696) commit 7ccef97 Author: mssonicbld <79238446+mssonicbld@users.noreply.github.com> Date: Sat Jan 6 03:37:17 2024 +0800 [YANG] Enable Yang model for BGP_BBR config entry (sonic-net#17622) (sonic-net#17692) commit 8defdfe Author: mssonicbld <79238446+mssonicbld@users.noreply.github.com> Date: Sat Jan 6 01:15:01 2024 +0800 [submodule] Update submodule sonic-sairedis to the latest HEAD automatically (sonic-net#17691) commit b549962 Author: mssonicbld <79238446+mssonicbld@users.noreply.github.com> Date: Sat Jan 6 01:00:55 2024 +0800 [submodule] Update submodule sonic-gnmi to the latest HEAD automatically (sonic-net#17690) commit 02dc49a Author: mssonicbld <79238446+mssonicbld@users.noreply.github.com> Date: Fri Jan 5 15:14:43 2024 +0800 [submodule] Update submodule linkmgrd to the latest HEAD automatically (sonic-net#17687) commit 0d31ee8 Author: mssonicbld <79238446+mssonicbld@users.noreply.github.com> Date: Fri Jan 5 02:39:03 2024 +0800 Update TELEMETRY_CLIENT YANG model (sonic-net#16861) (sonic-net#17679) commit df22ca9 Author: mssonicbld <79238446+mssonicbld@users.noreply.github.com> Date: Fri Jan 5 01:04:39 2024 +0800 [Arista] Remove aggregate port config files for multi-asic devices (sonic-net#16923) (sonic-net#17678) commit ca2695f Author: mssonicbld <79238446+mssonicbld@users.noreply.github.com> Date: Fri Jan 5 00:44:19 2024 +0800 password-hardening: Add support to disable expiration date like in Linux (PAM) (sonic-net#17426) (sonic-net#17674) commit 388457a Author: mssonicbld <79238446+mssonicbld@users.noreply.github.com> Date: Fri Jan 5 00:35:07 2024 +0800 [arp_update]: Flush neighbors with incorrect MAC info (sonic-net#17238) (sonic-net#17677) commit 38c5e68 Author: mssonicbld <79238446+mssonicbld@users.noreply.github.com> Date: Fri Jan 5 00:32:38 2024 +0800 Fix can't access IPV6 address via management interface because 'default' route table does not add to route lookup issue. (sonic-net#17281) (sonic-net#17676) commit 76d8ff0 Author: mssonicbld <79238446+mssonicbld@users.noreply.github.com> Date: Thu Jan 4 23:10:28 2024 +0800 Update backend_acl.py to specify ACL table name (sonic-net#17553) (sonic-net#17673) commit b72a740 Author: mssonicbld <79238446+mssonicbld@users.noreply.github.com> Date: Thu Jan 4 22:37:26 2024 +0800 [docker_image_ctl.j2]: swss docker initialization improvements (sonic-net#17628) (sonic-net#17672) commit 609b3a7 Author: mssonicbld <79238446+mssonicbld@users.noreply.github.com> Date: Thu Jan 4 22:29:00 2024 +0800 [image_config]: Update DHCP rate-limit for mgmt TOR devices (sonic-net#17630) (sonic-net#17671) commit 8362c09 Author: mssonicbld <79238446+mssonicbld@users.noreply.github.com> Date: Tue Jan 2 15:13:53 2024 +0800 [submodule] Update submodule sonic-swss to the latest HEAD automatically (sonic-net#17642) commit 3cb6343 Author: Stepan Blyshchak <38952541+stepanblyschak@users.noreply.github.com> Date: Tue Jan 2 02:59:17 2024 +0200 [202305] Revert bgp suppress fib pending (sonic-net#17578) DEPENDS ON: sonic-net/sonic-swss#2997 sonic-net/sonic-utilities#3093 What I did Revert the feature. Why I did it Revert bgp suppress FIB functionality due to found FRR memory consumption issues and bugs. How I verified it Basic sanity check on t1-lag, regression in progress. commit 64ed3d5 Author: mssonicbld <79238446+mssonicbld@users.noreply.github.com> Date: Mon Jan 1 10:31:33 2024 +0800 Fix system-health hardware_checker to consume fan tolerance details (sonic-net#16689) (sonic-net#17640) commit 98ad3b0 Author: mssonicbld <79238446+mssonicbld@users.noreply.github.com> Date: Sun Dec 31 17:01:53 2023 +0800 [submodule] Update submodule sonic-utilities to the latest HEAD automatically (sonic-net#17643) commit 1398daa Author: mssonicbld <79238446+mssonicbld@users.noreply.github.com> Date: Sun Dec 31 15:20:25 2023 +0800 [submodule] Update submodule sonic-platform-daemons to the latest HEAD automatically (sonic-net#17641) commit fb83d4d Author: mssonicbld <79238446+mssonicbld@users.noreply.github.com> Date: Fri Dec 29 01:07:45 2023 +0800 [Mellanox] wait until hw-management watchdog files ready (sonic-net#17618) (sonic-net#17633) commit a8ad19d Author: Junchao-Mellanox <57339448+Junchao-Mellanox@users.noreply.github.com> Date: Thu Dec 28 20:53:49 2023 +0800 [202305] Optimize syslog rate limit feature for fast and warm boot (sonic-net#17478) Backport PR sonic-net#17458 due to conflict. Why I did it Optimize syslog rate limit feature for fast and warm boot Work item tracking Microsoft ADO (number only): How I did it Optimize redis start time Don't render rsyslog.conf in container startup script Disable containercfgd by default. There is a new CLI to enable it (in another PR) How to verify it Manual test Regression test
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
Fix can't access IPV6 address via management interface because 'default' route table does not add to route lookup issue.
Why I did it
When device set with IPV6 TACACS server address, and shutdown all BGP, device can't connect to TACACS server via management interface.
After investigation, I found the IPV6 'default' route table does not add to route lookup:
admin@vlab-01:
$ ip -6 rule list$1001: from all lookup local
32765: from fec0::ffff:afa:1 lookup default
32766: from all lookup main
admin@vlab-01:
As compare:
admin@vlab-01:~$ ip -4 rule list
1001: from all lookup local
32764: from all to 172.17.0.1/24 lookup default
32765: from 10.250.0.101 lookup default
32766: from all lookup main
32767: from all lookup default <== 'default' route table exist in IPV4 route lookup
Issue fix by add 'default' route table to route lookup with following command:
admin@vlab-01:
$ sudo ip -6 rule add pref 32767 lookup default$ ip -6 rule listadmin@vlab-01:
1001: from all lookup local
32765: from fec0::ffff:afa:1 lookup default
32766: from all lookup main
32767: from all lookup default <== 'default' route table been added to IPV6 route lookup
admin@vlab-01:~$
Work item tracking
How I did it
When management interface using 'default' route table, add 'default' route table to IPV6 route lookup.
How to verify it
Pass all UT.
Add new UT to cover this change.
Manually verify issue fixed:
Which release branch to backport (provide reason below if selected)
Tested branch (Please provide the tested image version)
Description for the changelog
Fix can't access IPV6 address via management interface because 'default' route table does not add to route lookup issue.
Link to config_db schema for YANG module changes
A picture of a cute animal (not mandatory but encouraged)