CoPP Neighbor Miss Trap and Other Enhancements HLD #1943
Conversation
|
/azp run |
|
Azure Pipelines will not run the associated pipelines, because the pull request was updated after the run command was issued. Review the pull request again and issue a new run command. |
|
@prabhataravind , please review as this should cover subnet trap. |
|
/azp run |
|
No pipelines are associated with this pull request. |
|
/azp run |
|
No pipelines are associated with this pull request. |
|
/azp run |
|
No pipelines are associated with this pull request. |
|
/azp run |
|
No pipelines are associated with this pull request. |
|
|
||
| During initialization, Copporch in Orchagent will perform an SAI enum capability query to identify supported trap types and maintain them in a local list called `supported_trap_ids`. | ||
|
|
||
| Additionally, Copporch will maintain a list called `default_supported_trap_ids`, which contains currently supported trap IDs in copporch in orchagent. If the SAI does not support the enum capability query API, Copporch will assume that the `default_supported_trap_ids` are supported for backward compatibility. |
There was a problem hiding this comment.
the existing default_supported_trap_ids is vendor specific?
There was a problem hiding this comment.
default_supported_trap_ids is not vendor specific. This will have all the enums that are currently known to Orchagent. New trap types like neighbor miss won't be part of this list.
Idea is to have backward compatibility with existing behavior if the SAI enum capability query for trap type attribute is not supported.
| ### 7.4 Schema Changes | ||
|
|
||
| State DB will have a new table called COPP_TRAP_CAPABILITY_TABLE which will have the supported trap types. | ||
| Introducing new value pair "oper_status" field in existing COPP_TRAP_TABLE, to track the operational status of the trap type. |
There was a problem hiding this comment.
What happens if there is any change happens in SAI capabilities (e..g firmware upgrade)? Will it trigger any daemon restart? how this list will be updated for such changes?
There was a problem hiding this comment.
When syncd docker restarts, it triggers a restart of swss. During the initialization of CoppOrch, an enum capability query is performed. This occurs in both warmboot and coldboot scenarios. This process is similar to the flow in other Orch's, such as aclorch.cpp
Can you elaborate the use case?
| "queue": "1", | ||
| "meter_type":"packets", | ||
| "mode":"sr_tcm", | ||
| "cir":"200", |
There was a problem hiding this comment.
How the cir, cbs, and red_action values are derived? These values might be strict for high-traffic environments causing unnecessary packet drops.
There was a problem hiding this comment.
These values are posted by Microsoft in the SAI PR based on their internal tests:
opencomputeproject/SAI#2066 (comment)
|
|
||
| An existing test case in the sonic-mgmt PTF framework tests VLAN subnet route traffic policing under the default CoPP configuration. | ||
|
|
||
| A new test case will be introduced to verify the neighbor miss trap configuration with its default settings in copp_cfg.json using VLAN subnet route traffic. This test case will also update/empty/NULL configuration for neighbor miss in CONFIG_DB to override the default settings and verify the operational status of neighbor miss in the CLI output accordingly. |
There was a problem hiding this comment.
can we add real-world ARP traffic stress tests ?
There was a problem hiding this comment.
Neighbor miss traffic does not police ARP traffic. It is to police IP traffic that is trapped to the CPU when the L3 lookup for ARP resolution has no entry for the neighbor. ARP traffic has a separate copp configuration in copp_cfg.json.
| A new trap group queue1_group3 will be added to the default configuration with the following settings: | ||
|
|
||
| ```json | ||
| "queue1_group3": { |
There was a problem hiding this comment.
Rationale behind using queue1_group3?
If queue1_group3 is congested, Neighbor Miss traffic may be dropped while other less critical packets get through.
| ### 10.1 Show Commands | ||
|
|
||
| A new CLI command, `show copp configuration`, is being introduced. The purpose of this command is to display the CoPP configuration applied to SAI. The command will retrieve configuration from copp_cfg.json and CONFIG_DB. Additionally, the command will display the operational status of the trap types retrieved from STATE_DB. | ||
|
|
There was a problem hiding this comment.
Can we measure the performance of this CLI in scale/stress environment? It is retrieving from multiple sources and it might take several seconds in large-scale switches.
There was a problem hiding this comment.
At present, traps supported by Orchagent are 47 and total traps defined by SAI are only ~67.
Trap configurations are not expected to grow in large-scale networks.
|
|
||
| ## 11. Warmboot and Fastboot Design Impact | ||
|
|
||
| No warmboot and fastboot impact is expected for this feature. |
There was a problem hiding this comment.
how CoPP changes apply during warmboot?
|
/azp run |
|
No pipelines are associated with this pull request. |
|
Can you please test trap flow counters with this feature? |
What I did * Added neighbor_miss trap type support * enum capability query for hostif trap type * Added trap hw_status field to state_db HLD: sonic-net/SONiC#1943 Signed-off-by: Ravi Minnikanti <[email protected]>
What I did: CoPP show commands: * show copp configuration * show copp configuration detailed --trapid <trap_id> * show copp configuration detailed --group <group> Added UT for the CLI commands. HLD: sonic-net/SONiC#1943 Signed-off-by: Ravi Minnikanti <[email protected]>
What I did * Added neighbor_miss trap type support * enum capability query for hostif trap type * Added trap hw_status field to state_db HLD: sonic-net/SONiC#1943 Signed-off-by: Ravi Minnikanti <[email protected]>
What I did * Added neighbor_miss trap type support * enum capability query for hostif trap type * Added trap hw_status field to state_db HLD: sonic-net/SONiC#1943 Signed-off-by: Ravi Minnikanti <[email protected]>
HLD: sonic-net/SONiC#1943 Signed-off-by: Ravi Minnikanti <[email protected]>
vslib support for SAI_OBJECT_TYPE_HOSTIF_TRAP, attribute - SAI_HOSTIF_TRAP_ATTR_TRAP_TYPE HLD: sonic-net/SONiC#1943 Signed-off-by: Ravi Minnikanti <[email protected]>
Added copp default configuration for neighbor_miss trap type to copp_cfg.json HLD: sonic-net/SONiC#1943 Signed-off-by: Ravi Minnikanti <[email protected]>
What I did: CoPP show commands: * show copp configuration * show copp configuration detailed --trapid <trap_id> * show copp configuration detailed --group <group> Added UT for the CLI commands. HLD: sonic-net/SONiC#1943 Signed-off-by: Ravi Minnikanti <[email protected]>
What I did: CoPP show commands: * show copp configuration * show copp configuration detailed --trapid <trap_id> * show copp configuration detailed --group <group> Added UT for the CLI commands. HLD: sonic-net/SONiC#1943 Signed-off-by: Ravi Minnikanti <[email protected]>
vslib support for SAI_OBJECT_TYPE_HOSTIF_TRAP, attribute - SAI_HOSTIF_TRAP_ATTR_TRAP_TYPE HLD: sonic-net/SONiC#1943 Signed-off-by: Ravi Minnikanti <[email protected]>
What I did: CoPP show commands: * show copp configuration * show copp configuration detailed --trapid <trap_id> * show copp configuration detailed --group <group> Added UT for the CLI commands. HLD: sonic-net/SONiC#1943 Signed-off-by: Ravi Minnikanti <[email protected]>
Signed-off-by: Ravi Minnikanti <[email protected]>
Signed-off-by: Ravi Minnikanti <[email protected]>
rminnikanti
force-pushed
the
neighbor_miss
branch
from
6582e97 to
1fba163
Compare
|
/azp run |
|
No pipelines are associated with this pull request. |
What I did: CoPP show commands: * show copp configuration * show copp configuration detailed --trapid <trap_id> * show copp configuration detailed --group <group> Added UT for the CLI commands. HLD: sonic-net/SONiC#1943 Signed-off-by: Ravi Minnikanti <[email protected]>
vslib support for SAI_OBJECT_TYPE_HOSTIF_TRAP, attribute - SAI_HOSTIF_TRAP_ATTR_TRAP_TYPE HLD: sonic-net/SONiC#1943 Signed-off-by: Ravi Minnikanti <[email protected]>
What I did * Added neighbor_miss trap type support * enum capability query for hostif trap type * Added trap hw_status field to state_db HLD: sonic-net/SONiC#1943 Signed-off-by: Ravi Minnikanti <[email protected]>
trap counters tested. |
|
@rminnikanti , can you please follow the description template and update all the associated PRs? |
Added copp default configuration for neighbor_miss trap type to copp_cfg.json HLD: sonic-net/SONiC#1943 Signed-off-by: Ravi Minnikanti <[email protected]>
|
|
||
| During initialization, Copporch in Orchagent will perform an SAI enum capability query to identify supported trap types and maintain them in a local list called `supported_trap_ids`. | ||
|
|
||
| Additionally, Copporch will maintain a list called `default_supported_trap_ids`, which contains currently supported trap IDs in copporch in orchagent. If the SAI does not support the enum capability query API, Copporch will assume that the `default_supported_trap_ids` are supported for backward compatibility. |
There was a problem hiding this comment.
I don't support adding default_supported_trap_ids. If the query API is not present, we should treat it as any configuration and push to the SAI. This will ensure the backward compatibility as well
There was a problem hiding this comment.
Hi @dgsudharsan,
The default_supported_trap_ids list ensures backward compatibility. It includes all currently known traps used by orchagent, except for "neighbor_miss". This ensures that all existing trap configurations are pushed to the SAI, even if the query API isn't available. It also prevents orchagent from throwing exceptions in cases where the vendor SAI does not support "neighbor_miss" and using a different method to handle neighbor_miss traffic.
In summary, all current traps are pushed to SAI even if query API is not available only neighbor_miss and future traps need query API availability.
HLD for CoPP Neighbor Miss Trap type support and Other CoPP Enhancements
What we did:
PRs: