Remove port from VLAN leaving the port in default VLAN

[stcheng]

root@str-s6100-acs-5:/sys/class/net/Ethernet63# bridge vlan show
port    vlan ids
docker0  1 PVID Egress Untagged

Bridge   1088

root@str-s6100-acs-5:/sys/class/net/Ethernet63# config vlan member add 1088 Ethernet63
root@str-s6100-acs-5:/sys/class/net/Ethernet63# bridge vlan show
port    vlan ids
docker0  1 PVID Egress Untagged

Bridge   1088

Ethernet63       1 PVID Egress Untagged
         1088
root@str-s6100-acs-5:/sys/class/net/Ethernet63# bridge vlan del vid 1088 dev Ethernet63
root@str-s6100-acs-5:/sys/class/net/Ethernet63# bridge vlan show
port    vlan ids
docker0  1 PVID Egress Untagged

Bridge   1088

Ethernet63       1 PVID Egress Untagged

This is an unsymmetrical behavior and it causes the port to have a master - causing it failed to be added into a port channel.

[jipanyang]

Introduced with 4.9 kernel. It is ok with 3.16.

# config vlan member  add 1000 Ethernet68
# bridge vlan
port	vlan ids
docker0	None
Bridge	 1000

Ethernet68	 1000

# uname -a
Linux PSW-7002 3.16.0-5-amd64 #1 SMP Debian 3.16.51-3+deb8u1 (2015-12-19) x86_64 GNU/Linux

with 4.9 kernel, it looks "ip link set dev Ethernet68 master Bridge" will automatically have " 1 PVID Egress Untagged" configured on the port.

[stcheng]

what would be the desired behavior? Do we want any untagged packet coming through this bridge port gets tagged with VID 1?

[jipanyang]

Bridge is the internal implementation. My understanding of the expect behavior :

1. If a port is configured in vlan with untagged mode, we set pvid of the port as this vlan id (as discussed before, no explicit pvid setting). Ingress untagged packet will gets tagged with the pvid.

2. If a port is put in vlan with tagged mode only, Ingress untagged packet will be dropped.

3. if a port is put in one VLAN in untagged mode and other VLANs in tagged mode. Port pvid will be the vid of untagged vlan. Ingress untagged packet gets tagged with the pvid.

4. If a port is not in any VLAN, we don't put it in bridge at linux layer.

Probably " bridge vlan del vid 1 dev {{ port }}" should be called immediately after "ip link set dev {{ port }} master Bridge" the first time.

[vemulabalaji]

Thought of sharing few more observations.
I am seeing difference in configuration using json file and "config vlan".
In my case, config_db.json file we created VLAN 1000 and attached few ports to VLAN 1000.
My understanding is by default All front panel ports are attached to VLAN 1 as untagged ports,

1. bridge vlan show is not displaying them
2. But when a port is attached to some vlan and then if we delete it, it's getting displayed as attached to VLAN 1.
   ------ Is my understanding correct or wrong ----------

Here is the ouput

uroot@test-bed-1:~# uname -a
Linux test-bed-1 4.9.0-8-amd64 #1 SMP Debian 4.9.110-3+deb9u6 (2015-12-19) x86_64 GNU/Linux

<------- All the below configuration is done using config_db.json ----------- >
root@test-bed-1:~# bridge vlan show
port vlan ids
docker0 1 PVID Egress Untagged

Bridge 1000

Ethernet188 1 Egress Untagged
1000 PVID Egress Untagged

Ethernet192 1 Egress Untagged
1000 PVID Egress Untagged

Ethernet196 1 Egress Untagged
1000 PVID Egress Untagged

Ethernet200 1 Egress Untagged
1000 PVID Egress Untagged

Ethernet204 1 Egress Untagged
1000 PVID Egress Untagged

Ethernet212 1 Egress Untagged
1000 PVID Egress Untagged

Ethernet216 1 Egress Untagged
1000 PVID Egress Untagged

Ethernet220 1 Egress Untagged
1000 PVID Egress Untagged

root@test-bed-1:~#

<-------- Attaching a port to Existing VLAN & out put ------------>
< ----------- **Ethernet76 and Ethernet188 entries are differently displayed ** -------------->
root@test-bed-1:# config vlan member add 1000 Ethernet76
root@test-bed-1:# bridge vlan show
port vlan ids
docker0 1 PVID Egress Untagged

Bridge 1000

Ethernet76 1 PVID Egress Untagged
1000

Ethernet188 1 Egress Untagged
1000 PVID Egress Untagged

Ethernet192 1 Egress Untagged
1000 PVID Egress Untagged

Ethernet196 1 Egress Untagged
1000 PVID Egress Untagged

Ethernet200 1 Egress Untagged
1000 PVID Egress Untagged

Ethernet204 1 Egress Untagged
1000 PVID Egress Untagged

Ethernet212 1 Egress Untagged
1000 PVID Egress Untagged

Ethernet216 1 Egress Untagged
1000 PVID Egress Untagged

Ethernet220 1 Egress Untagged
1000 PVID Egress Untagged

root@test-bed-1:~#

< ------------ On deleting Ethernet76 from VLAN 1000, still we are observing the Ethernet76 (the same is reported in this bug) --------------- >

root@test-bed-1:# config vlan member del 1000 Ethernet76
root@test-bed-1:# bridge vlan show
port vlan ids
docker0 1 PVID Egress Untagged

Bridge 1000

Ethernet76 1 PVID Egress Untagged

Ethernet188 1 Egress Untagged
1000 PVID Egress Untagged

Ethernet192 1 Egress Untagged
1000 PVID Egress Untagged

Ethernet196 1 Egress Untagged
1000 PVID Egress Untagged

Ethernet200 1 Egress Untagged
1000 PVID Egress Untagged

Ethernet204 1 Egress Untagged
1000 PVID Egress Untagged

Ethernet212 1 Egress Untagged
1000 PVID Egress Untagged

Ethernet216 1 Egress Untagged
1000 PVID Egress Untagged

Ethernet220 1 Egress Untagged
1000 PVID Egress Untagged

root@test-bed-1:~#

[jipanyang]

config vlan member issue: sonic-net/SONiC#323

[yxieca]

Fixed.