[dhcp-relay]: Add DHCP Relay Monitor (#3886)

DHCP relay MONitor (dhcpmon) keeps track of DORA messages. If DHCP Relay is detected to be not forwarding DORA message, dhcpmon will log such event to syslog. Under the hood dhcpmon keeps counts of clients DR messages, forwarded DR messages, DHCP server OA messages, and forwarded OA messages. dhcpmon will check every 12 sec (configurable) if counts are monotonically increasing and record snapshot of those counters. dhcpmon will report discrepancies when detected between current counters and snapshot counters. pull-request: #3886 signed-off-by: Tamer Ahmed <tamer.ahmed@microsoft.com>
sonic-net · Jan 8, 2020 · 2658ab8 · 2658ab8
1 parent 3548587
commit 2658ab8
Show file tree

Hide file tree

Showing 21 changed files with 1,413 additions and 2 deletions.
diff --git a/.gitignore b/.gitignore
@@ -23,6 +23,11 @@ target/
 # Subdirectories in src
 src/bash/*
 !src/bash/Makefile
+src/dhcpmon/debian/*
+!src/dhcpmon/debian/changelog 
+!src/dhcpmon/debian/compat 
+!src/dhcpmon/debian/control
+!src/dhcpmon/debian/rules 
 src/ixgbe/*
 !src/ixgbe/Makefile
 src/isc-dhcp/*
@@ -106,6 +111,7 @@ src/thrift/*
 # Autogenerated Dockerfiles
 sonic-slave/Dockerfile
 sonic-slave-stretch/Dockerfile
+sonic-slave-jessie/Dockerfile
 dockers/docker-base/Dockerfile
 dockers/docker-base-stretch/Dockerfile
 dockers/docker-config-engine/Dockerfile

diff --git a/dockers/docker-dhcp-relay/docker-dhcp-relay.supervisord.conf.j2 b/dockers/docker-dhcp-relay/docker-dhcp-relay.supervisord.conf.j2
@@ -85,5 +85,53 @@ stderr_logfile=syslog
 {% endif %}
 {% endif %}
 {% endfor %}
+
+[group:dhcpmon]
+programs=
+{%- set add_preceding_comma = { 'flag': False } %}
+{% for vlan_name in VLAN %}
+{% if VLAN[vlan_name]['dhcp_servers'] %}
+{% if add_preceding_comma.flag %},{% endif %}
+{% set _dummy = add_preceding_comma.update({'flag': True}) %}
+dhcpmon-{{ vlan_name }}
+{%- endif %}
+{% endfor %}
+
+
+{# Create a program entry for each DHCP MONitor instance #}
+{% set relay_for_ipv4 = { 'flag': False } %}
+{% for vlan_name in VLAN %}
+{% if VLAN[vlan_name]['dhcp_servers'] %}
+{% for dhcp_server in VLAN[vlan_name]['dhcp_servers'] %}
+{% if dhcp_server | ipv4 %}
+{% set _dummy = relay_for_ipv4.update({'flag': True}) %}
+{% endif %}
+{% endfor %}
+{% if relay_for_ipv4.flag %}
+{% set _dummy = relay_for_ipv4.update({'flag': False}) %}
+[program:dhcpmon-{{ vlan_name }}]
+{# We treat this VLAN as a downstream interface (-id), as we only want to listen for requests #}
+command=/usr/sbin/dhcpmon -id {{ vlan_name }}
+{#- We treat all other interfaces as upstream interfaces (-iu), as we only want to listen for replies #}
+{% for (name, prefix) in VLAN_INTERFACE|pfx_filter %}
+{% if prefix | ipv4 and name != vlan_name %} -iu {{ name }}{% endif -%}
+{% endfor %}
+{% for (name, prefix) in INTERFACE|pfx_filter %}
+{% if prefix | ipv4 %} -iu {{ name }}{% endif -%}
+{% endfor %}
+{% for (name, prefix) in PORTCHANNEL_INTERFACE|pfx_filter %}
+{% if prefix | ipv4 %} -iu {{ name }}{% endif -%}
+{% endfor %}
+
+priority=4
+autostart=false
+autorestart=false
+stdout_logfile=syslog
+stderr_logfile=syslog
+
+{% endif %}
+{% endif %}
+{% endfor %}
+
 {% endif %}
 {% endif %}
diff --git a/dockers/docker-dhcp-relay/start.sh b/dockers/docker-dhcp-relay/start.sh
@@ -19,3 +19,9 @@ if [ $(supervisorctl status | grep -c "^isc-dhcp-relay:") -gt 0 ]; then
     # Start all DHCP relay agent(s)
     supervisorctl start isc-dhcp-relay:*
 fi
+
+# If our supervisor config has entries in the "dhcpmon" group...
+if [ $(supervisorctl status | grep -c "^dhcpmon:") -gt 0 ]; then
+    # Start all DHCP Monitor daemon(s)
+    supervisorctl start dhcpmon:*
+fi
diff --git a/rules/dhcpmon.mk b/rules/dhcpmon.mk
@@ -0,0 +1,8 @@
+# SONiC DHCP MONitor package
+
+SONIC_DHCPMON_VERSION = 1.0.0-0
+SONIC_DHCPMON_PKG_NAME = dhcpmon
+
+SONIC_DHCPMON = sonic-$(SONIC_DHCPMON_PKG_NAME)_$(SONIC_DHCPMON_VERSION)_$(CONFIGURED_ARCH).deb
+$(SONIC_DHCPMON)_SRC_PATH = $(SRC_PATH)/$(SONIC_DHCPMON_PKG_NAME)
+SONIC_DPKG_DEBS += $(SONIC_DHCPMON)
diff --git a/rules/docker-dhcp-relay.mk b/rules/docker-dhcp-relay.mk
@@ -6,7 +6,7 @@ DOCKER_DHCP_RELAY_DBG = $(DOCKER_DHCP_RELAY_STEM)-$(DBG_IMAGE_MARK).gz
 
 $(DOCKER_DHCP_RELAY)_PATH = $(DOCKERS_PATH)/$(DOCKER_DHCP_RELAY_STEM)
 
-$(DOCKER_DHCP_RELAY)_DEPENDS += $(ISC_DHCP_RELAY) $(REDIS_TOOLS)
+$(DOCKER_DHCP_RELAY)_DEPENDS += $(ISC_DHCP_RELAY) $(REDIS_TOOLS) $(SONIC_DHCPMON)
 $(DOCKER_DHCP_RELAY)_DBG_DEPENDS = $($(DOCKER_CONFIG_ENGINE_STRETCH)_DBG_DEPENDS)
 $(DOCKER_DHCP_RELAY)_DBG_DEPENDS += $(ISC_DHCP_RELAY_DBG)
 

diff --git a/sonic-slave-stretch/Dockerfile.j2 b/sonic-slave-stretch/Dockerfile.j2
@@ -295,7 +295,10 @@ RUN apt-get update && apt-get install -y \
 # For kdump-tools
         liblzo2-dev \
 # For SAI3.7
-        libprotobuf-dev
+        libprotobuf-dev \
+# For DHCP Monitor tool
+        libexplain-dev \
+        libevent-dev
 
 ## Config dpkg
 ## install the configuration file if it’s currently missing

diff --git a/src/dhcpmon/Makefile b/src/dhcpmon/Makefile
@@ -0,0 +1,44 @@
+RM := rm -rf
+DHCPMON_TARGET := dhcpmon
+CP := cp
+MKDIR := mkdir
+CC := gcc
+MV := mv
+
+# All of the sources participating in the build are defined here
+-include src/subdir.mk
+-include objects.mk
+
+ifneq ($(MAKECMDGOALS),clean)
+ifneq ($(strip $(C_DEPS)),)
+-include $(C_DEPS)
+endif
+endif
+
+# Add inputs and outputs from these tool invocations to the build variables 
+
+# All Target
+all: sonic-dhcpmon
+
+# Tool invocations
+sonic-dhcpmon: $(OBJS) $(USER_OBJS)
+	@echo 'Building target: $@'
+	@echo 'Invoking: GCC C Linker'
+	$(CC) -o "$(DHCPMON_TARGET)" $(OBJS) $(USER_OBJS) $(LIBS)
+	@echo 'Finished building target: $@'
+	@echo ' '
+
+# Other Targets
+install:
+	$(MKDIR) -p $(DESTDIR)/usr/sbin
+	$(MV) $(DHCPMON_TARGET) $(DESTDIR)/usr/sbin
+
+deinstall:
+	$(RM) $(DESTDIR)/usr/sbin/$(DHCPMON_TARGET)
+	$(RM) -rf $(DESTDIR)/usr/sbin
+
+clean:
+	-$(RM) $(EXECUTABLES)$(OBJS)$(C_DEPS) $(DHCPMON_TARGET)
+	-@echo ' '
+
+.PHONY: all clean dependents
diff --git a/src/dhcpmon/debian/changelog b/src/dhcpmon/debian/changelog
@@ -0,0 +1,5 @@
+sonic-dhcpmon (1.0.0-0) UNRELEASED; urgency=medium
+
+  * Initial release.
+
+ -- Tamer Ahmed <tamer.ahmed@microsoft.com>  Mon, 09 Dec 2019 12:00:00 -0700
diff --git a/src/dhcpmon/debian/compat b/src/dhcpmon/debian/compat
@@ -0,0 +1 @@
+9
diff --git a/src/dhcpmon/debian/control b/src/dhcpmon/debian/control
@@ -0,0 +1,16 @@
+Source: sonic-dhcpmon
+Section: devel
+Priority: optional
+Maintainer: Tamer Ahmed <tamer.ahmed@microsoft.com>
+Build-Depends: debhelper (>= 8.0.0),
+               dh-systemd
+Standards-Version: 3.9.3
+Homepage: https://github.com/Azure/sonic-buildimage
+XS-Go-Import-Path: github.com/Azure/sonic-buildimage
+
+Package: sonic-dhcpmon
+Architecture: any
+Built-Using: ${misc:Built-Using}
+Depends: libexplain51,
+         libevent-2.0-5
+Description: SONiC DHCP Monitor
diff --git a/src/dhcpmon/debian/rules b/src/dhcpmon/debian/rules
@@ -0,0 +1,3 @@
+#!/usr/bin/make -f
+%:
+	dh $@ --with systemd
diff --git a/src/dhcpmon/objects.mk b/src/dhcpmon/objects.mk
@@ -0,0 +1,4 @@
+USER_OBJS :=
+
+LIBS := -levent -lexplain
+