[smartswitch] Add support for ENI Based Forwarding #3398

vivekrnv · 2024-11-27T18:51:57Z

What I did

Requires sonic-net/sonic-swss-common#976

Add DashEniFwdOrch which installs ACL rules to Redirect the DASH packet to corresponding DPU

Why I did it

How I verified it

UT's:

[----------] 9 tests from DashEniFwdOrchTest
[ RUN      ] DashEniFwdOrchTest.TestDpuRegistry
[       OK ] DashEniFwdOrchTest.TestDpuRegistry (0 ms)
[ RUN      ] DashEniFwdOrchTest.LocalNeighbor
[       OK ] DashEniFwdOrchTest.LocalNeighbor (0 ms)
[ RUN      ] DashEniFwdOrchTest.LocalNeighbor_NoVNI
[       OK ] DashEniFwdOrchTest.LocalNeighbor_NoVNI (0 ms)
[ RUN      ] DashEniFwdOrchTest.LocalNeighbor_MacDirection
[       OK ] DashEniFwdOrchTest.LocalNeighbor_MacDirection (0 ms)
[ RUN      ] DashEniFwdOrchTest.LocalNeighbor_Unresolved
[       OK ] DashEniFwdOrchTest.LocalNeighbor_Unresolved (0 ms)
[ RUN      ] DashEniFwdOrchTest.RemoteNeighbor
[       OK ] DashEniFwdOrchTest.RemoteNeighbor (0 ms)
[ RUN      ] DashEniFwdOrchTest.RemoteNeighbor_SwitchToLocal
[       OK ] DashEniFwdOrchTest.RemoteNeighbor_SwitchToLocal (0 ms)
[ RUN      ] DashEniFwdOrchTest.RemoteNeighbor_NoTunnelTerm
[       OK ] DashEniFwdOrchTest.RemoteNeighbor_NoTunnelTerm (0 ms)
[ RUN      ] DashEniFwdOrchTest.TestAclTableConfig
[       OK ] DashEniFwdOrchTest.TestAclTableConfig (0 ms)
[----------] 9 tests from DashEniFwdOrchTest (2 ms total)

[----------] 1 test from MockOrchTest
[ RUN      ] MockOrchTest.EniFwdCtx
[       OK ] MockOrchTest.EniFwdCtx (10 ms)
[----------] 1 test from MockOrchTest (10 ms total)

[----------] 1 test from AclOrchTest
[ RUN      ] AclOrchTest.Match_Inner_Mac
[       OK ] AclOrchTest.Match_Inner_Mac (11 ms)
[----------] 1 test from AclOrchTest (11 ms total)

Manual testing of installing ACL Rules for Local Endpoints:

{
  "DPU_TABLE": {
      "1": {
          "type": "local",
          "state": "up",
          "pa_ipv4": "10.0.0.75",
          "npu_ipv4": "10.1.0.32"
      },
      "2": {
            "type": "local",
            "state": "up",
            "pa_ipv4": "10.0.0.79",
            "npu_ipv4": "10.1.0.32"
      }
  },
  "VIP_TABLE": {
     "10.2.0.1/32" : {}
  }
}

Result:

/* Create */
{
      "DASH_ENI_FORWARD_TABLE:Vnet100:F4:93:9F:EF:C4:7E": {
          "vdpu_ids": "1,2",
          "primary_vdpu": "1",
          "outbound_vni": "4321"
      },
      "OP": "SET"
}

2024 Nov 15 02:31:38.329767 smartswitch NOTICE swss#orchagent: :- initLocalEndpoints: Local DPU endpoint detected 10.0.0.75
2024 Nov 15 02:31:38.329975 smartswitch NOTICE swss#orchagent: :- initLocalEndpoints: Local DPU endpoint detected 10.0.0.77
2024 Nov 15 02:31:38.330287 smartswitch WARNING swss#orchagent: :- findLocalEp: Multiple Local Endpoints for the ENI f4:93:9f:ef:c4:7e found, proceeding with 1
2024 Nov 15 02:31:38.332229 smartswitch NOTICE swss#orchagent: :- doAclTableTypeTask: Created ACL table type ENI_REDIRECT
2024 Nov 15 02:31:38.413127 smartswitch NOTICE swss#orchagent: :- addAclTable: Created ACL table ENI oid:700000000068b
2024 Nov 15 02:31:38.416161 smartswitch NOTICE swss#orchagent: :- addNeighbor: Created neighbor ip 10.0.0.75, b0:cf:0e:0e:35:eb on Ethernet232
2024 Nov 15 02:31:38.420296 smartswitch NOTICE swss#orchagent: :- addNextHop: Created next hop 10.0.0.75 on Ethernet232
2024 Nov 15 02:31:38.420610 smartswitch NOTICE swss#orchagent: :- handleNeighUpdate: Neighbor Update: 10.0.0.75, add: 1
2024 Nov 15 02:31:38.421243 smartswitch NOTICE swss#orchagent: :- getVip: VIP found: 10.2.0.1/32
2024 Nov 15 02:31:38.421641 smartswitch NOTICE swss#orchagent: :- fire: EniFwd ACL Rule Vnet100_F4939FEFC47E_IN installed
2024 Nov 15 02:31:38.422130 smartswitch NOTICE swss#orchagent: :- fire: EniFwd ACL Rule Vnet100_F4939FEFC47E_OUT installed

2024-11-15.00:31:38.328312|DASH_ENI_FORWARD_TABLE:Vnet100:F4:93:9F:EF:C4:7E|SET|outbound_vni:4321|primary_vdpu:1|vdpu_ids:1,2
2024-11-15.00:31:38.330997|ACL_TABLE_TABLE:ENI|SET|PORTS:Ethernet104,Ethernet112,Ethernet120,Ethernet128,Ethernet136,Ethernet144,Ethernet152,Ethernet160,Ethernet168,Ethernet176,Ethernet184,Ethernet192,Ethernet200,Ethernet208,Ethernet216,Ethernet64,Ethernet72,Ethernet80,Ethernet88,Ethernet96,PortChannel1011,PortChannel102,PortChannel105,PortChannel108|STAGE:INGRESS|TYPE:ENI_REDIRECT|POLICY_DESC:Contains Rule for DASH ENI Based Forwarding
2024-11-15.00:31:38.331916|ACL_TABLE_TYPE_TABLE:ENI_REDIRECT|SET|MATCHES:TUNNEL_VNI,DST_IP,INNER_SRC_MAC,INNER_DST_MAC|ACTIONS:REDIRECT_ACTION|BIND_POINTS:PORT,PORTCHANNEL
2024-11-15.00:31:38.413964|NEIGH_TABLE:Ethernet232:10.0.0.75|SET|neigh:b0:cf:0e:0e:35:eb|family:IPv4
2024-11-15.00:31:38.414061|NEIGH_TABLE:Ethernet240:10.0.0.77|SET|neigh:b0:cf:0e:0e:35:e3|family:IPv4
2024-11-15.00:31:38.428735|ACL_RULE_TABLE:ENI:Vnet100_F4939FEFC47E_IN|SET|PRIORITY:9996|DST_IP:10.2.0.1/32|INNER_DST_MAC:f4:93:9f:ef:c4:7e|REDIRECT_ACTION:10.0.0.75
2024-11-15.00:31:38.428818|ACL_RULE_TABLE:ENI:Vnet100_F4939FEFC47E_OUT|SET|PRIORITY:9997|DST_IP:10.2.0.1/32|INNER_SRC_MAC:f4:93:9f:ef:c4:7e|REDIRECT_ACTION:10.0.0.75|TUNNEL_VNI:4321

/* Update */
[
    {
        "DASH_ENI_FORWARD_TABLE:Vnet100:F4:93:9F:EF:C4:7E": {
            "primary_vdpu": "2"
        },
        "OP": "SET"
    }
]

2024 Nov 15 02:33:09.616143 smartswitch NOTICE swss#orchagent: :- processUpdate: Endpoint IP for Rule Vnet100_F4939FEFC47E_IN updated from 10.0.0.75 -> 10.0.0.77
2024 Nov 15 02:33:09.616414 smartswitch NOTICE swss#orchagent: :- fire: EniFwd ACL Rule Vnet100_F4939FEFC47E_IN deleted
2024 Nov 15 02:33:09.616755 smartswitch NOTICE swss#orchagent: :- fire: EniFwd ACL Rule Vnet100_F4939FEFC47E_IN installed
2024 Nov 15 02:33:09.616755 smartswitch NOTICE swss#orchagent: :- processUpdate: Endpoint IP for Rule Vnet100_F4939FEFC47E_OUT updated from 10.0.0.75 -> 10.0.0.77
2024 Nov 15 02:33:09.617020 smartswitch NOTICE swss#orchagent: :- fire: EniFwd ACL Rule Vnet100_F4939FEFC47E_OUT deleted
2024 Nov 15 02:33:09.617440 smartswitch NOTICE swss#orchagent: :- fire: EniFwd ACL Rule Vnet100_F4939FEFC47E_OUT installed
2024 Nov 15 02:33:09.627630 smartswitch NOTICE swss#orchagent: :- add: Successfully deleted ACL rule Vnet100_F4939FEFC47E_IN in table ENI
2024 Nov 15 02:33:09.632306 smartswitch NOTICE swss#orchagent: :- add: Successfully created ACL rule Vnet100_F4939FEFC47E_IN in table ENI
2024 Nov 15 02:33:09.640190 smartswitch NOTICE swss#orchagent: :- add: Successfully deleted ACL rule Vnet100_F4939FEFC47E_OUT in table ENI
2024 Nov 15 02:33:09.644913 smartswitch NOTICE swss#orchagent: :- add: Successfully created ACL rule Vnet100_F4939FEFC47E_OUT in table ENI
2024-11-15.00:33:09.615782|DASH_ENI_FORWARD_TABLE:Vnet100:F4:93:9F:EF:C4:7E|SET|primary_vdpu:2
2024-11-15.00:33:09.618507|ACL_RULE_TABLE:ENI:Vnet100_F4939FEFC47E_IN|SET|PRIORITY:9996|DST_IP:10.2.0.1/32|INNER_DST_MAC:f4:93:9f:ef:c4:7e|REDIRECT_ACTION:10.0.0.77
2024-11-15.00:33:09.618581|ACL_RULE_TABLE:ENI:Vnet100_F4939FEFC47E_OUT|SET|PRIORITY:9997|DST_IP:10.2.0.1/32|INNER_SRC_MAC:f4:93:9f:ef:c4:7e|REDIRECT_ACTION:10.0.0.77|TUNNEL_VNI:4321

Details if related

Signed-off-by: Vivek Reddy <vkarri@nvidia.com>

mssonicbld · 2024-12-30T07:43:31Z

/azp run

azure-pipelines · 2024-12-30T07:43:41Z

Azure Pipelines successfully started running 1 pipeline(s).

mssonicbld · 2025-01-08T03:35:33Z

/azp run

azure-pipelines · 2025-01-08T03:35:43Z

Azure Pipelines successfully started running 1 pipeline(s).

mssonicbld · 2025-01-22T17:38:16Z

/azp run

azure-pipelines · 2025-01-22T17:38:27Z

Azure Pipelines successfully started running 1 pipeline(s).

mssonicbld · 2025-01-29T04:06:30Z

/azp run

azure-pipelines · 2025-01-29T04:06:40Z

Azure Pipelines successfully started running 1 pipeline(s).

mssonicbld · 2025-02-03T04:23:37Z

/azp run

azure-pipelines · 2025-02-03T04:23:47Z

Azure Pipelines successfully started running 1 pipeline(s).

liat-grozovik · 2025-02-05T07:37:50Z

@prsunny kindly reminder to review it to avoid additional conflicts

mssonicbld · 2025-02-10T17:31:34Z

/azp run

azure-pipelines · 2025-02-10T17:31:46Z

Azure Pipelines successfully started running 1 pipeline(s).

vivekrnv · 2025-02-13T11:52:44Z

Hi @prsunny, Any ETA to finish review on this PR?

mssonicbld · 2025-02-13T18:26:31Z

/azp run

azure-pipelines · 2025-02-13T18:26:41Z

Azure Pipelines successfully started running 1 pipeline(s).

prsunny

Overall lgtm. Can you please put some example of DB entries for reference? like ENI_FWD_TABLE

prsunny · 2025-02-13T21:24:47Z

orchagent/aclorch.cpp

@@ -619,6 +623,7 @@ bool AclTableRangeMatch::validateAclRuleMatch(const AclRule& rule) const
    return true;
 }

+


please remove these extra lines (formatting changes)

prsunny · 2025-02-13T21:31:17Z

orchagent/dash/dashenifwdorch.h

+
+// TODO: Update in sonic-swss-common schema.h
+#define CFG_DPU_TABLE              "DPU_TABLE"
+#define APP_DASH_ENI_FORWARD_TABLE "DASH_ENI_FORWARD_TABLE"


Can we move these to swss common since a later change may break the code.

Removed, Will raise a swss-common PR

prsunny · 2025-02-13T22:00:47Z

orchagent/dash/dashenifwdinfo.cpp

+    return update_type;
+}
+
+void EniAclRule::fire(EniInfo& eni)


Please add a description of this function and what steps are executed.

prsunny · 2025-02-13T22:06:11Z

orchagent/dash/dashenifwdorch.cpp

+    }
+}
+
+void DashEniFwdOrch::handleNeighUpdate(const NeighborUpdate& update)


Please add a description. Also is it only for new neighbor add or do you also handle delete neighbor?

Updated, only neigh update is supported as of now

bool EniInfo::update(const NeighborUpdate& nbr_update) { if (nbr_update.add) { fireAllRules(); } else { /* Neighbor Delete handling not supported yet When this update comes, ACL rule must be deleted first, followed by the NEIGH object */ } return true; }

Signed-off-by: Vivek Reddy <vkarri@nvidia.com>

mssonicbld · 2025-02-14T23:10:32Z

/azp run

azure-pipelines · 2025-02-14T23:10:42Z

Azure Pipelines successfully started running 1 pipeline(s).

liat-grozovik · 2025-02-15T13:00:31Z

@prsunny kindly reminder to approve it

prsunny · 2025-02-18T18:03:48Z

@prsunny kindly reminder to approve it

Hi Liat, we need to get swss-common to approve/merge before this PR

mssonicbld · 2025-02-19T07:29:43Z

/azp run

azure-pipelines · 2025-02-19T07:29:54Z

Azure Pipelines successfully started running 1 pipeline(s).

vivekrnv · 2025-02-19T07:29:59Z

Hi @prsunny, Here is the dependent PR: sonic-net/sonic-swss-common#976

prsunny · 2025-02-25T20:30:20Z

@vivekrnv , swss-common PR is merged. would you update this PR?

mssonicbld · 2025-02-25T20:31:06Z

/azp run

azure-pipelines · 2025-02-25T20:31:16Z

Azure Pipelines successfully started running 1 pipeline(s).

prsunny

lgtm

vivekrnv added 3 commits November 27, 2024 18:48

[smartswitch] Add support for ENI Based Forwarding

1fd179f

Signed-off-by: Vivek Reddy <vkarri@nvidia.com>

Handle coverage failure because of uncaptured inline methods

b09d6d8

Signed-off-by: Vivek Reddy <vkarri@nvidia.com>

Fix armhf build failure

5a38040

Signed-off-by: Vivek Reddy <vkarri@nvidia.com>

vivekrnv marked this pull request as ready for review November 28, 2024 08:45

vivekrnv requested a review from prsunny as a code owner November 28, 2024 08:45

vivekrnv requested a review from oleksandrivantsiv November 28, 2024 08:46

vivekrnv mentioned this pull request Nov 29, 2024

[SmartSwitch] Add HLD for ENI Based Forwarding sonic-net/SONiC#1842

Merged

oleksandrivantsiv approved these changes Dec 2, 2024

View reviewed changes

Merge branch 'master' into dasn_eni_fwd

ab339af

oleksandrivantsiv added the Request for 202411 Branch label Dec 10, 2024

vivekrnv removed the Request for 202411 Branch label Dec 26, 2024

Merge branch 'master' into dasn_eni_fwd

6d38599

Merge branch 'master' into dasn_eni_fwd

6eacf71

Merge branch 'master' into dasn_eni_fwd

e5e23be

Merge branch 'master' into dasn_eni_fwd

f93fe3d

Merge branch 'master' into dasn_eni_fwd

cded7dd

Merge branch 'master' into dasn_eni_fwd

8952101

Merge branch 'master' into dasn_eni_fwd

be548a4

prsunny reviewed Feb 14, 2025

View reviewed changes

Handle comments

711765f

Signed-off-by: Vivek Reddy <vkarri@nvidia.com>

Merge branch 'master' into dasn_eni_fwd

2695e6a

dgsudharsan requested a review from prsunny February 20, 2025 15:36

Merge branch 'master' into dasn_eni_fwd

423864f

prsunny requested a review from bingwang-ms as a code owner February 25, 2025 20:31

prsunny approved these changes Feb 27, 2025

View reviewed changes

prsunny merged commit 8c778bf into sonic-net:master Feb 27, 2025
15 checks passed

		@@ -619,6 +623,7 @@ bool AclTableRangeMatch::validateAclRuleMatch(const AclRule& rule) const
		return true;
		}

[smartswitch] Add support for ENI Based Forwarding #3398

[smartswitch] Add support for ENI Based Forwarding #3398

Conversation

vivekrnv commented Nov 27, 2024 • edited Loading

mssonicbld commented Dec 30, 2024

azure-pipelines bot commented Dec 30, 2024

mssonicbld commented Jan 8, 2025

azure-pipelines bot commented Jan 8, 2025

mssonicbld commented Jan 22, 2025

azure-pipelines bot commented Jan 22, 2025

mssonicbld commented Jan 29, 2025

azure-pipelines bot commented Jan 29, 2025

mssonicbld commented Feb 3, 2025

azure-pipelines bot commented Feb 3, 2025

liat-grozovik commented Feb 5, 2025

mssonicbld commented Feb 10, 2025

azure-pipelines bot commented Feb 10, 2025

vivekrnv commented Feb 13, 2025

mssonicbld commented Feb 13, 2025

azure-pipelines bot commented Feb 13, 2025

prsunny left a comment

Choose a reason for hiding this comment

Choose a reason for hiding this comment

Choose a reason for hiding this comment

Choose a reason for hiding this comment

Choose a reason for hiding this comment

Choose a reason for hiding this comment

Choose a reason for hiding this comment

Choose a reason for hiding this comment

Choose a reason for hiding this comment

mssonicbld commented Feb 14, 2025

azure-pipelines bot commented Feb 14, 2025

liat-grozovik commented Feb 15, 2025

prsunny commented Feb 18, 2025

mssonicbld commented Feb 19, 2025

azure-pipelines bot commented Feb 19, 2025

vivekrnv commented Feb 19, 2025

prsunny commented Feb 25, 2025

mssonicbld commented Feb 25, 2025

azure-pipelines bot commented Feb 25, 2025

prsunny left a comment

Choose a reason for hiding this comment

vivekrnv commented Nov 27, 2024 •

edited

Loading