Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

[ACL] Failed to create ACL table because Action list is mandatory #10425

Closed
bingwang-ms opened this issue Apr 1, 2022 · 2 comments · Fixed by sonic-net/sonic-swss#2298
Closed

[ACL] Failed to create ACL table because Action list is mandatory #10425

bingwang-ms opened this issue Apr 1, 2022 · 2 comments · Fixed by sonic-net/sonic-swss#2298
Assignees
@bingwang-ms
Labels
Triaged this issue has been triaged

Comments

@bingwang-ms
Copy link
Contributor

Description

We saw below errors when creating ACL/EVERFLOW table in nightly test on master image.

Apr  1 01:24:11.702608 str2-7050cx3-acs-03 ERR swss#orchagent: :- validate: Action list for table DATAACL is mandatory
Apr  1 01:24:11.702608 str2-7050cx3-acs-03 ERR swss#orchagent: :- doAclTableTask: Failed to create ACL table DATAACL, invalid configuration
Apr  1 01:24:11.702741 str2-7050cx3-acs-03 ERR swss#orchagent: :- validate: Action list for table EVERFLOW is mandatory
Apr  1 01:24:11.702741 str2-7050cx3-acs-03 ERR swss#orchagent: :- doAclTableTask: Failed to create ACL table EVERFLOW, invalid configuration
Apr  1 01:24:11.702926 str2-7050cx3-acs-03 ERR swss#orchagent: :- validate: Action list for table EVERFLOWV6 is mandatory
Apr  1 01:24:11.702926 str2-7050cx3-acs-03 ERR swss#orchagent: :- doAclTableTask: Failed to create ACL table EVERFLOWV6, invalid configuration

Steps to reproduce the issue:

  1. Run test_acl or test_everflow

Describe the results you received:

Test should pass with no error.

Describe the results you expected:

Test failed because DATAACL and EVERFLOW tables were not created.

Output of show version:

SONiC Software Version: SONiC.master.85164-beead0a6c
Distribution: Debian 11.3
Kernel: 5.10.0-8-2-amd64
Build commit: beead0a6c
Build date: Tue Mar 29 17:21:59 UTC 2022
Built by: AzDevOps@sonic-build-workers-001B4E

Platform: x86_64-arista_7050cx3_32s
HwSKU: Arista-7050CX3-32S-C32
ASIC: broadcom
ASIC Count: 1
Serial Number: JPE21041273
Model Number: DCS-7050CX3-32S-SSD
Hardware Revision: 01.00
Uptime: 01:34:05 up 11 min,  1 user,  load average: 1.27, 1.12, 0.80

Docker images:
REPOSITORY                    TAG                      IMAGE ID       SIZE
docker-dhcp-relay             latest                   e5e6183e2d23   426MB
docker-database               latest                   46832e39811d   417MB
docker-database               master.85164-beead0a6c   46832e39811d   417MB
docker-sonic-telemetry        latest                   c26591f84f3d   505MB
docker-sonic-telemetry        master.85164-beead0a6c   c26591f84f3d   505MB
docker-orchagent              latest                   1567ae509d28   437MB
docker-orchagent              master.85164-beead0a6c   1567ae509d28   437MB
docker-sflow                  latest                   1a57d1aaca59   421MB
docker-sflow                  master.85164-beead0a6c   1a57d1aaca59   421MB
docker-nat                    latest                   998ad5248baa   423MB
docker-nat                    master.85164-beead0a6c   998ad5248baa   423MB
docker-macsec                 latest                   95977b6a62bb   423MB
docker-macsec                 master.85164-beead0a6c   95977b6a62bb   423MB
docker-fpm-frr                latest                   8a5fef1c3d33   438MB
docker-fpm-frr                master.85164-beead0a6c   8a5fef1c3d33   438MB
docker-teamd                  latest                   2f19d1bfc839   420MB
docker-teamd                  master.85164-beead0a6c   2f19d1bfc839   420MB
docker-snmp                   latest                   6916d323c745   449MB
docker-snmp                   master.85164-beead0a6c   6916d323c745   449MB
docker-syncd-brcm             latest                   0136a2657db8   784MB
docker-syncd-brcm             master.85164-beead0a6c   0136a2657db8   784MB
docker-sonic-mgmt-framework   latest                   d7b257309d33   549MB
docker-sonic-mgmt-framework   master.85164-beead0a6c   d7b257309d33   549MB
docker-platform-monitor       latest                   8c73e653c346   519MB
docker-platform-monitor       master.85164-beead0a6c   8c73e653c346   519MB
docker-router-advertiser      latest                   d7330046db1d   405MB
docker-router-advertiser      master.85164-beead0a6c   d7330046db1d   405MB
docker-mux                    latest                   7a10f96f26fb   458MB
docker-mux                    master.85164-beead0a6c   7a10f96f26fb   458MB
docker-lldp                   latest                   2862cbbaefe3   445MB
docker-lldp                   master.85164-beead0a6c   2862cbbaefe3   445MB
docker-gbsyncd-credo          latest                   35d941712bdc   422MB
docker-gbsyncd-credo          master.85164-beead0a6c   35d941712bdc   422MB

Output of show techsupport:

(paste your output here or download and attach the file here )

Additional information you deem important (e.g. issue happens only occasionally):
@bingwang-ms
Copy link
Contributor Author

Similar issue with #9406

@prsunny prsunny added the Triaged this issue has been triaged label Apr 13, 2022
@bingwang-ms
Copy link
Contributor Author

A possible solution is in PR https://github.com/Azure/sonic-swss/pull/2205/files
Since the action_list is mainly used for custom ACL table type, we may add a default action_list for the already existing hardcoded types, such as L3, L3v6, MIRROR.
What do you think? @stepanblyschak

@bingwang-ms bingwang-ms mentioned this issue May 18, 2022
Closed
@bingwang-ms bingwang-ms mentioned this issue May 27, 2022
Merged
yxieca pushed a commit to sonic-net/sonic-swss that referenced this issue May 27, 2022
@bingwang-ms @ysmanman
[ACL] Add default action_list for default ACL table type (#2298)
910bfd4 
What I did
This PR is derived from #2205
Fix sonic-net/sonic-buildimage#10425

We were seeing ACL table creation failure on some platform because action_list is mandatory, while the action_list is not provided by aclorch.

Apr  1 01:24:11.702608 str2-7050cx3-acs-03 ERR swss#orchagent: :- validate: Action list for table DATAACL is mandatory
Apr  1 01:24:11.702608 str2-7050cx3-acs-03 ERR swss#orchagent: :- doAclTableTask: Failed to create ACL table DATAACL, invalid configuration
Apr  1 01:24:11.702741 str2-7050cx3-acs-03 ERR swss#orchagent: :- validate: Action list for table EVERFLOW is mandatory
Apr  1 01:24:11.702741 str2-7050cx3-acs-03 ERR swss#orchagent: :- doAclTableTask: Failed to create ACL table EVERFLOW, invalid configuration
Apr  1 01:24:11.702926 str2-7050cx3-acs-03 ERR swss#orchagent: :- validate: Action list for table EVERFLOWV6 is mandatory
Apr  1 01:24:11.702926 str2-7050cx3-acs-03 ERR swss#orchagent: :- doAclTableTask: Failed to create ACL table EVERFLOWV6, invalid configuration
This PR fixed the issue by adding default action_list to the default ACL table type if not present.

Why I did it
Fix the ACL table creation issue.

How I verified it
Verified by running test_acl and test_everflow on Broadcom TD3 platform

Signed-off-by: bingwang <wang.bing@microsoft.com>
Co-authored-by: syuan <syuan@arista.com>
preetham-singh pushed a commit to preetham-singh/sonic-swss that referenced this issue Aug 6, 2022
@bingwang-ms @ysmanman @preetham-singh
[ACL] Add default action_list for default ACL table type (sonic-net#2298
d2a25ab 
)

What I did
This PR is derived from sonic-net#2205
Fix sonic-net/sonic-buildimage#10425

We were seeing ACL table creation failure on some platform because action_list is mandatory, while the action_list is not provided by aclorch.

Apr  1 01:24:11.702608 str2-7050cx3-acs-03 ERR swss#orchagent: :- validate: Action list for table DATAACL is mandatory
Apr  1 01:24:11.702608 str2-7050cx3-acs-03 ERR swss#orchagent: :- doAclTableTask: Failed to create ACL table DATAACL, invalid configuration
Apr  1 01:24:11.702741 str2-7050cx3-acs-03 ERR swss#orchagent: :- validate: Action list for table EVERFLOW is mandatory
Apr  1 01:24:11.702741 str2-7050cx3-acs-03 ERR swss#orchagent: :- doAclTableTask: Failed to create ACL table EVERFLOW, invalid configuration
Apr  1 01:24:11.702926 str2-7050cx3-acs-03 ERR swss#orchagent: :- validate: Action list for table EVERFLOWV6 is mandatory
Apr  1 01:24:11.702926 str2-7050cx3-acs-03 ERR swss#orchagent: :- doAclTableTask: Failed to create ACL table EVERFLOWV6, invalid configuration
This PR fixed the issue by adding default action_list to the default ACL table type if not present.

Why I did it
Fix the ACL table creation issue.

How I verified it
Verified by running test_acl and test_everflow on Broadcom TD3 platform

Signed-off-by: bingwang <wang.bing@microsoft.com>
Co-authored-by: syuan <syuan@arista.com>
judyjoseph pushed a commit to judyjoseph/sonic-swss that referenced this issue Oct 27, 2022
@bingwang-ms @ysmanman @judyjoseph
[ACL] Add default action_list for default ACL table type (sonic-net#2298
d53625c 
)

What I did
This PR is derived from sonic-net#2205
Fix sonic-net/sonic-buildimage#10425

We were seeing ACL table creation failure on some platform because action_list is mandatory, while the action_list is not provided by aclorch.

Apr  1 01:24:11.702608 str2-7050cx3-acs-03 ERR swss#orchagent: :- validate: Action list for table DATAACL is mandatory
Apr  1 01:24:11.702608 str2-7050cx3-acs-03 ERR swss#orchagent: :- doAclTableTask: Failed to create ACL table DATAACL, invalid configuration
Apr  1 01:24:11.702741 str2-7050cx3-acs-03 ERR swss#orchagent: :- validate: Action list for table EVERFLOW is mandatory
Apr  1 01:24:11.702741 str2-7050cx3-acs-03 ERR swss#orchagent: :- doAclTableTask: Failed to create ACL table EVERFLOW, invalid configuration
Apr  1 01:24:11.702926 str2-7050cx3-acs-03 ERR swss#orchagent: :- validate: Action list for table EVERFLOWV6 is mandatory
Apr  1 01:24:11.702926 str2-7050cx3-acs-03 ERR swss#orchagent: :- doAclTableTask: Failed to create ACL table EVERFLOWV6, invalid configuration
This PR fixed the issue by adding default action_list to the default ACL table type if not present.

Why I did it
Fix the ACL table creation issue.

How I verified it
Verified by running test_acl and test_everflow on Broadcom TD3 platform

Signed-off-by: bingwang <wang.bing@microsoft.com>
Co-authored-by: syuan <syuan@arista.com>
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@bingwang-ms bingwang-ms

Labels
Triaged this issue has been triaged
Projects
None yet
Milestone
No milestone
Development

Successfully merging a pull request may close this issue.

[ACL] Add default action_list for default ACL table type bingwang-ms/sonic-swss
2 participants
@prsunny @bingwang-ms