Fix can't access IPV6 address via management interface because 'defau…

…lt' route table does not add to route lookup issue. (#17281)

Fix can't access IPV6 address via management interface because 'default' route table does not add to route lookup issue.

#### Why I did it
When device set with IPV6 TACACS server address, and shutdown all BGP, device can't connect to TACACS server via management interface.

After investigation, I found the IPV6 'default' route table does not add to route lookup:

admin@vlab-01:~$ ip -6 rule list
1001:   from all lookup local
32765:  from fec0::ffff:afa:1 lookup default
32766:  from all lookup main
admin@vlab-01:~$

As compare:
admin@vlab-01:~$ ip -4 rule list
1001:   from all lookup local
32764:  from all to 172.17.0.1/24 lookup default
32765:  from 10.250.0.101 lookup default
32766:  from all lookup main
32767:  from all lookup default <== 'default' route table exist in IPV4 route lookup

Issue fix by add 'default' route table to route lookup with following command:
admin@vlab-01:~$ sudo ip -6 rule add pref 32767 lookup default
admin@vlab-01:~$ ip -6 rule list
1001:   from all lookup local
32765:  from fec0::ffff:afa:1 lookup default
32766:  from all lookup main
32767:  from all lookup default <== 'default' route table been added to IPV6 route lookup
admin@vlab-01:~$

##### Work item tracking
- Microsoft ADO: 25798732

#### How I did it
When management interface using 'default' route table, add 'default' route table to IPV6 route lookup.

#### How to verify it
Pass all UT.
Add new UT to cover this change.
Manually verify issue fixed:

### Tested branch (Please provide the tested image version)

- [x]  master-17281.417570-2133d58fa

#### Description for the changelog
Fix can't access IPV6 address via management interface because 'default' route table does not add to route lookup issue.

files/image_config/interfaces/interfaces.j2

@@ -79,21 +79,29 @@ iface {{ name }} {{ 'inet' if prefix | ipv4 else 'inet6' }} static
 {%     set vrf_table = '5000' %}
     vrf mgmt
 {% endif %}
+{% set force_mgmt_route_priority = 32764 %}
     ########## management network policy routing rules
     # management port up rules
     up ip {{ '-4' if prefix | ipv4 else '-6' }} route add default via {{ MGMT_INTERFACE[(name, prefix)]['gwaddr'] }} dev {{ name }} table {{ vrf_table }} metric 201
     up ip {{ '-4' if prefix | ipv4 else '-6' }} route add {{ prefix | network }}/{{ prefix | prefixlen }} dev {{ name }} table {{ vrf_table }}
-    up ip {{ '-4' if prefix | ipv4 else '-6' }} rule add pref 32765 from {{ prefix | ip }}/{{ '32' if prefix | ipv4 else '128' }} table {{ vrf_table }}
+    up ip {{ '-4' if prefix | ipv4 else '-6' }} rule add pref {{ force_mgmt_route_priority + 1 }} from {{ prefix | ip }}/{{ '32' if prefix | ipv4 else '128' }} table {{ vrf_table }}
 {% for route in MGMT_INTERFACE[(name, prefix)]['forced_mgmt_routes'] %}
-    up ip rule add pref 32764 to {{ route }} table {{ vrf_table }}
+    up ip rule add pref {{ force_mgmt_route_priority }} to {{ route }} table {{ vrf_table }}
 {% endfor %}
+{% if prefix | ipv6 and vrf_table == 'default'%}
+    # IPV6 default table not add to lookup by default, management server need this to access IPV6 address when BGP shutdown
+    up ip -6 rule add pref {{ force_mgmt_route_priority + 3 }} lookup {{ vrf_table }}
+{% endif %}
     # management port down rules
     pre-down ip {{ '-4' if prefix | ipv4 else '-6' }} route delete default via {{ MGMT_INTERFACE[(name, prefix)]['gwaddr'] }} dev {{ name }} table {{ vrf_table }}
     pre-down ip {{ '-4' if prefix | ipv4 else '-6' }} route delete {{ prefix | network }}/{{ prefix | prefixlen }} dev {{ name }} table {{ vrf_table }}
-    pre-down ip {{ '-4' if prefix | ipv4 else '-6' }} rule delete pref 32765 from {{ prefix | ip }}/{{ '32' if prefix | ipv4 else '128' }} table {{ vrf_table }}
+    pre-down ip {{ '-4' if prefix | ipv4 else '-6' }} rule delete pref {{ force_mgmt_route_priority + 1 }} from {{ prefix | ip }}/{{ '32' if prefix | ipv4 else '128' }} table {{ vrf_table }}
 {% for route in MGMT_INTERFACE[(name, prefix)]['forced_mgmt_routes'] %}
-    pre-down ip rule delete pref 32764 to {{ route }} table {{ vrf_table }}
+    pre-down ip rule delete pref {{ force_mgmt_route_priority }} to {{ route }} table {{ vrf_table }}
 {% endfor %}
+{% if prefix | ipv6 and vrf_table == 'default'%}
+    pre-down ip -6 rule delete pref {{ force_mgmt_route_priority + 3 }} lookup {{ vrf_table }}
+{% endif %}
 {# TODO: COPP policy type rules #}
 {% endfor %}
 {% else %}

src/sonic-config-engine/tests/sample_output/py2/interfaces

@@ -38,10 +38,13 @@ iface eth0 inet6 static
     up ip -6 route add default via 2603:10e2:0:2902::1 dev eth0 table default metric 201
     up ip -6 route add 2603:10e2:0:2902::/64 dev eth0 table default
     up ip -6 rule add pref 32765 from 2603:10e2:0:2902::8/128 table default
+    # IPV6 default table not add to lookup by default, management server need this to access IPV6 address when BGP shutdown
+    up ip -6 rule add pref 32767 lookup default
     # management port down rules
     pre-down ip -6 route delete default via 2603:10e2:0:2902::1 dev eth0 table default
     pre-down ip -6 route delete 2603:10e2:0:2902::/64 dev eth0 table default
     pre-down ip -6 rule delete pref 32765 from 2603:10e2:0:2902::8/128 table default
+    pre-down ip -6 rule delete pref 32767 lookup default
 #
 source /etc/network/interfaces.d/*
 #

src/sonic-config-engine/tests/sample_output/py2/two_mgmt_interfaces

@@ -53,10 +53,13 @@ iface eth1 inet6 static
     up ip -6 route add default via 2603:10e2:0:abcd::1 dev eth1 table default metric 201
     up ip -6 route add 2603:10e2:0:abcd::/64 dev eth1 table default
     up ip -6 rule add pref 32765 from 2603:10e2:0:abcd::8/128 table default
+    # IPV6 default table not add to lookup by default, management server need this to access IPV6 address when BGP shutdown
+    up ip -6 rule add pref 32767 lookup default
     # management port down rules
     pre-down ip -6 route delete default via 2603:10e2:0:abcd::1 dev eth1 table default
     pre-down ip -6 route delete 2603:10e2:0:abcd::/64 dev eth1 table default
     pre-down ip -6 rule delete pref 32765 from 2603:10e2:0:abcd::8/128 table default
+    pre-down ip -6 rule delete pref 32767 lookup default
 iface eth0 inet6 static
     address 2603:10e2:0:2902::8
     netmask 64
@@ -67,10 +70,13 @@ iface eth0 inet6 static
     up ip -6 route add default via 2603:10e2:0:2902::1 dev eth0 table default metric 201
     up ip -6 route add 2603:10e2:0:2902::/64 dev eth0 table default
     up ip -6 rule add pref 32765 from 2603:10e2:0:2902::8/128 table default
+    # IPV6 default table not add to lookup by default, management server need this to access IPV6 address when BGP shutdown
+    up ip -6 rule add pref 32767 lookup default
     # management port down rules
     pre-down ip -6 route delete default via 2603:10e2:0:2902::1 dev eth0 table default
     pre-down ip -6 route delete 2603:10e2:0:2902::/64 dev eth0 table default
     pre-down ip -6 rule delete pref 32765 from 2603:10e2:0:2902::8/128 table default
+    pre-down ip -6 rule delete pref 32767 lookup default
 #
 source /etc/network/interfaces.d/*
 #

src/sonic-config-engine/tests/sample_output/py3/interfaces

@@ -38,10 +38,13 @@ iface eth0 inet6 static
     up ip -6 route add default via 2603:10e2:0:2902::1 dev eth0 table default metric 201
     up ip -6 route add 2603:10e2:0:2902::/64 dev eth0 table default
     up ip -6 rule add pref 32765 from 2603:10e2:0:2902::8/128 table default
+    # IPV6 default table not add to lookup by default, management server need this to access IPV6 address when BGP shutdown
+    up ip -6 rule add pref 32767 lookup default
     # management port down rules
     pre-down ip -6 route delete default via 2603:10e2:0:2902::1 dev eth0 table default
     pre-down ip -6 route delete 2603:10e2:0:2902::/64 dev eth0 table default
     pre-down ip -6 rule delete pref 32765 from 2603:10e2:0:2902::8/128 table default
+    pre-down ip -6 rule delete pref 32767 lookup default
 #
 source /etc/network/interfaces.d/*
 #

src/sonic-config-engine/tests/sample_output/py3/two_mgmt_interfaces

@@ -39,10 +39,13 @@ iface eth0 inet6 static
     up ip -6 route add default via 2603:10e2:0:2902::1 dev eth0 table default metric 201
     up ip -6 route add 2603:10e2:0:2902::/64 dev eth0 table default
     up ip -6 rule add pref 32765 from 2603:10e2:0:2902::8/128 table default
+    # IPV6 default table not add to lookup by default, management server need this to access IPV6 address when BGP shutdown
+    up ip -6 rule add pref 32767 lookup default
     # management port down rules
     pre-down ip -6 route delete default via 2603:10e2:0:2902::1 dev eth0 table default
     pre-down ip -6 route delete 2603:10e2:0:2902::/64 dev eth0 table default
     pre-down ip -6 rule delete pref 32765 from 2603:10e2:0:2902::8/128 table default
+    pre-down ip -6 rule delete pref 32767 lookup default
 iface eth1 inet static
     address 10.0.10.100
     netmask 255.255.255.0
@@ -67,10 +70,13 @@ iface eth1 inet6 static
     up ip -6 route add default via 2603:10e2:0:abcd::1 dev eth1 table default metric 201
     up ip -6 route add 2603:10e2:0:abcd::/64 dev eth1 table default
     up ip -6 rule add pref 32765 from 2603:10e2:0:abcd::8/128 table default
+    # IPV6 default table not add to lookup by default, management server need this to access IPV6 address when BGP shutdown
+    up ip -6 rule add pref 32767 lookup default
     # management port down rules
     pre-down ip -6 route delete default via 2603:10e2:0:abcd::1 dev eth1 table default
     pre-down ip -6 route delete 2603:10e2:0:abcd::/64 dev eth1 table default
     pre-down ip -6 rule delete pref 32765 from 2603:10e2:0:abcd::8/128 table default
+    pre-down ip -6 rule delete pref 32767 lookup default
 #
 source /etc/network/interfaces.d/*
 #