Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

[PortsOrch] Add reference counting to ports for ACL bindings #1614

Merged
merged 4 commits into from
Jan 28, 2021
Merged

[PortsOrch] Add reference counting to ports for ACL bindings #1614

merged 4 commits into from
Jan 28, 2021

Conversation

chaoskao
Copy link
Contributor

What I did:
Use reference count for protect interface, If interface bind to ACL the reference will increase and vice versa.

Why I did it:
If interface bind to ACL and remove interface causes the ACL rule become global rule to match all interfaces.

How I verified it:
Run the pytest check ACL and Port test case passed.

@chaoskao
Protected interface should not be removed, which bind into ACL table.
5c59002 
What I did:
Use reference count for protect interface, If interface bind to ACL the reference will increase and vice versa.

Why I did it:
If interface bind to ACL and remove LAG causes the ACL rule become global rule
to match all interfaces.

How I verified it:
Run the pytest check ACL and Port test case passed.
@chaoskao
Protected interface should not be removed, which bind into ACL table.
5dec093 
What I did:
Use reference count for protect interface, If interface bind to ACL the reference will increase and vice versa.

Why I did it:
If interface bind to ACL and remove LAG causes the ACL rule become global rule
to match all interfaces.

How I verified it:
Run the pytest check ACL and Port test case passed.
@chaoskao
Merge branch 'protect_interface' of https://github.com/chaoskao/sonic…
0e55f1d 
…-swss into protect_interface
@chaoskao
Fix wrong variable name.
3b15577
@prsunny prsunny requested a review from daall January 28, 2021 21:39
@daall daall changed the title [PortsOrch] Protected interface should not be removed, which bind into ACL table. [PortsOrch] Add reference counting to ports for ACL bindings Jan 28, 2021
@daall daall merged commit 008325c into sonic-net:master Jan 28, 2021
@lguohan
Copy link
Contributor

lguohan commented Jan 29, 2021

@daall , is this needed for 202012?

@daall
Copy link
Contributor

daall commented Jan 29, 2021

@daall , is this needed for 202012?

We should take it, yes. Label added

daall pushed a commit that referenced this pull request Feb 5, 2021
@chaoskao @daall
[PortsOrch] Add reference counting to ports for ACL bindings (#1614)
0602c69 
What I did:
Use reference count for protect interface, If interface bind to ACL the reference will increase and vice versa.

Why I did it:
If interface bind to ACL and remove LAG causes the ACL rule become global rule
to match all interfaces.

How I verified it:
Run the pytest check ACL and Port test case passed.
DavidZagury pushed a commit to DavidZagury/sonic-swss that referenced this pull request Mar 4, 2021
@chaoskao @DavidZagury
[PortsOrch] Add reference counting to ports for ACL bindings (sonic-n…
e70e585 
…et#1614)

What I did:
Use reference count for protect interface, If interface bind to ACL the reference will increase and vice versa.

Why I did it:
If interface bind to ACL and remove LAG causes the ACL rule become global rule
to match all interfaces.

How I verified it:
Run the pytest check ACL and Port test case passed.
@wendani wendani mentioned this pull request May 8, 2021
Merged
1 task
raphaelt-nvidia pushed a commit to raphaelt-nvidia/sonic-swss that referenced this pull request Oct 5, 2021
@chaoskao @raphaelt-nvidia
[PortsOrch] Add reference counting to ports for ACL bindings (sonic-n…
b098799 
…et#1614)

What I did:
Use reference count for protect interface, If interface bind to ACL the reference will increase and vice versa.

Why I did it:
If interface bind to ACL and remove LAG causes the ACL rule become global rule
to match all interfaces.

How I verified it:
Run the pytest check ACL and Port test case passed.
EdenGri pushed a commit to EdenGri/sonic-swss that referenced this pull request Feb 28, 2022
@stephenxs
Make advance_version_for_expected_database available for other db mig…
f1726fe 
…rator test cases as well (sonic-net#1614)

- What I did
Originally, the method advance_version_for_expected_database was introduced (in sonic-net#1566) to handle the case the latest version in CONFIG_DB is greater than the latest version in mellanox_buffer_migrator.
Now there are other database migrators whose test cases can also encounter this situation, like port auto-negotiation (sonic-net#1568) and port-channel for LACP key (sonic-net#1473).
So I would like to make the method public, available for all database migrators.
Related database migrator test cases have been updated accordingly.

- How to verify it
Run the unit test.

Signed-off-by: Stephen Sun <stephens@nvidia.com>
EdenGri pushed a commit to EdenGri/sonic-swss that referenced this pull request Feb 28, 2022
@stephenxs
Fix the target db version of portchannel-key test (sonic-net#1842)
00948d0 
What I did
The port-channel key migrator was introduced in version 2_0_2 so the expected database version of the test case should be 2_0_2.
It was modified to 2_0_3 when the new version was introduced by mistake. This won't fail the test but disable the require its database version to be updated every time a new version is introduced. (Refer sonic-net#1566 and sonic-net#1614 for details)
This is to correct it by changing it back to 2_0_2.

Signed-off-by: Stephen Sun <stephens@nvidia.com>
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@daall daall daall approved these changes

Assignees
No one assigned
Labels
Bug 🐛 Included in 202012 Branch Request for 202012 Branch
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
3 participants
@chaoskao @lguohan @daall