sonic-utilities
sonic-utilities copied to clipboard
sonic-net
vlan secondary interface exists in CONFIG_DB after removement of primary
Description
From linux side, the secondary interface IP will be removed if primary interface IP is deleted. However, the secondary intf still existing CONFIG_DB
Steps to reproduce the issue
- Check existing vlan interface
admin@vlab-01:~$ show run all | grep VLAN_INTER -A5
"VLAN_INTERFACE": {
"Vlan1000": {},
"Vlan1000|192.168.0.1/21": {},
"Vlan1000|fc02:1000::1/64": {}
},
"VLAN_MEMBER": {
admin@vlab-01:~$ ip addr show Vlan1000
894: Vlan1000@Bridge: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 9100 qdisc noqueue state UP group default qlen 1000
link/ether 52:54:00:a9:e4:1a brd ff:ff:ff:ff:ff:ff
inet 192.168.0.1/21 brd 192.168.7.255 scope global Vlan1000
valid_lft forever preferred_lft forever
inet6 fc02:1000::1/64 scope global
valid_lft forever preferred_lft forever
inet6 fe80::5054:ff:fea9:e41a/64 scope link
- add secondary IP
admin@vlab-01:~$ sudo config interface ip add Vlan1000 192.168.0.2/21
admin@vlab-01:~$ show run all | grep VLAN_INTER -A5
"VLAN_INTERFACE": {
"Vlan1000": {},
"Vlan1000|192.168.0.1/21": {},
"Vlan1000|192.168.0.2/21": {}, <============
"Vlan1000|fc02:1000::1/64": {}
},
admin@vlab-01:~$ ip addr show Vlan1000
894: Vlan1000@Bridge: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 9100 qdisc noqueue state UP group default qlen 1000
link/ether 52:54:00:a9:e4:1a brd ff:ff:ff:ff:ff:ff
inet 192.168.0.1/21 brd 192.168.7.255 scope global Vlan1000
valid_lft forever preferred_lft forever
inet 192.168.0.2/21 brd 192.168.7.255 scope global secondary Vlan1000 <===============
valid_lft forever preferred_lft forever
inet6 fc02:1000::1/64 scope global
valid_lft forever preferred_lft forever
inet6 fe80::5054:ff:fea9:e41a/64 scope link
valid_lft forever preferred_lft forever
- remove primary ip and check CONFIG_DB
admin@vlab-01:~$ sudo config interface ip remove Vlan1000 192.168.0.1/21
admin@vlab-01:~$ ip addr show Vlan1000
894: Vlan1000@Bridge: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 9100 qdisc noqueue state UP group default qlen 1000
link/ether 52:54:00:a9:e4:1a brd ff:ff:ff:ff:ff:ff
inet6 fc02:1000::1/64 scope global <============ no secondary ip after primary removement
valid_lft forever preferred_lft forever
inet6 fe80::5054:ff:fea9:e41a/64 scope link
valid_lft forever preferred_lft forever
valid_lft forever preferred_lft forever
admin@vlab-01:~$ show run all | grep VLAN_INTER -A5
"VLAN_INTERFACE": {
"Vlan1000": {},
"Vlan1000|192.168.0.2/21": {},
"Vlan1000|fc02:1000::1/64": {}
},
"VLAN_MEMBER": {
admin@vlab-01:~$ ping 192.168.0.2
PING 192.168.0.2 (192.168.0.2) 56(84) bytes of data.
^C
--- 192.168.0.2 ping statistics ---
1 packets transmitted, 0 received, 100% packet loss, time 0ms
Describe the results you received
ip addr is contradict with CONFIG_DB
Describe the results you expected
CONFIG_DB should be algned with ip addr
Additional information you deem important (e.g. issue happens only occasionally)
Output of show version
admin@vlab-01:~$ show ver
SONiC Software Version: SONiC.master.161252-1f2ee7b72
Distribution: Debian 11.5
Kernel: 5.10.0-12-2-amd64
Build commit: 1f2ee7b72
Build date: Sun Oct 16 18:29:57 UTC 2022
Built by: AzDevOps@sonic-build-workers-0028WV
Platform: x86_64-kvm_x86_64-r0
HwSKU: Force10-S6000
ASIC: vs
ASIC Count: 1
Serial Number: N/A
Model Number: N/A
Hardware Revision: N/A
Uptime: 01:16:43 up 76 days, 22:53, 1 user, load average: 0.04, 0.07, 0.10
Date: Fri 03 Mar 2023 01:16:43
Docker images:
REPOSITORY TAG IMAGE ID SIZE
docker-orchagent latest 2f9b988fbc5a 486MB
docker-orchagent master.161252-1f2ee7b72 2f9b988fbc5a 486MB
docker-fpm-frr latest 06ba5903a238 497MB
docker-fpm-frr master.161252-1f2ee7b72 06ba5903a238 497MB
docker-teamd latest f5fe61425852 467MB
docker-teamd master.161252-1f2ee7b72 f5fe61425852 467MB
docker-macsec latest a2759f06d184 469MB
docker-gbsyncd-vs latest ed81ab3e2966 459MB
docker-gbsyncd-vs master.161252-1f2ee7b72 ed81ab3e2966 459MB
docker-dhcp-relay latest f78af0be8396 460MB
docker-snmp latest c995e97fa0e9 497MB
docker-snmp master.161252-1f2ee7b72 c995e97fa0e9 497MB
docker-eventd latest e671a740aad3 451MB
docker-eventd master.161252-1f2ee7b72 e671a740aad3 451MB
docker-router-advertiser latest 547966567879 451MB
docker-router-advertiser master.161252-1f2ee7b72 547966567879 451MB
docker-platform-monitor latest 52b171385c2b 576MB
docker-platform-monitor master.161252-1f2ee7b72 52b171385c2b 576MB
docker-mux latest c454d8ba9b92 500MB
docker-mux master.161252-1f2ee7b72 c454d8ba9b92 500MB
docker-lldp latest f89c6e7e4c97 493MB
docker-lldp master.161252-1f2ee7b72 f89c6e7e4c97 493MB
docker-database latest c0aab1af0bf0 451MB
docker-database master.161252-1f2ee7b72 c0aab1af0bf0 451MB
docker-sonic-telemetry latest bcff7e14161c 745MB
docker-sonic-telemetry master.161252-1f2ee7b72 bcff7e14161c 745MB
docker-nat latest b9d7a3dece48 438MB
docker-nat master.161252-1f2ee7b72 b9d7a3dece48 438MB
docker-sflow latest 7a29ae2edb65 436MB
docker-sflow master.161252-1f2ee7b72 7a29ae2edb65 436MB
docker-syncd-vs latest 5e29ba2bb5b7 432MB
docker-syncd-vs master.161252-1f2ee7b72 5e29ba2bb5b7 432MB
docker-sonic-mgmt-framework latest 05d7cb848faa 564MB
docker-sonic-mgmt-framework master.161252-1f2ee7b72 05d7cb848faa 564MB
Hi,
We are able to recreate this issue by following the above steps.
Root cause for this issue: Their is no logic to handle the ip's as primary/secondary in the source code.
Observation: Created the vlan id and assigned ip's to that vlan. While removing the "scope global ip" from linux side "scope global secondary ip" also get removed from the linux. But in the "config_db.json" file secondary ip's still remains.
Logs: Logs - Adding & Removing of Vlan ip.docx
Observation from the logs: In the logs three modules from the swss#orchagent are getting hit while assigning the ip's to the vlan. "path: /sonic-buildimage/src/sonic-swss/orchagent/intfsorch.cpp" this where the code gets hits.
From the intfsorch.cpp file gone through this three module. swss#orchagent: :- addRouterIntfs swss#orchagent: :- addIp2MeRoute swss#orchagent: :- addDirectedBroadcast
Observations from the source code: 1.Router Interface Addition (addRouterIntfs): The code is responsible for adding router interfaces to the networking system based on the provided parameters and port information.It checks if a router interface already exists for a given port before attempting to create a new one.SAI API functions are used to create router interfaces with specific attributes.It updates port information, logs events, and, in a specific switch type case ("voq"), synchronizes the interface to a database table.
2.IP2Me Route Addition (addIp2MeRoute): This code is focused on adding an IP-to-me route to the system based on the provided virtual router ID and IP prefix.It constructs a route entry with specific attributes, such as the packet action and next hop (CPU port).The code logs events, increments counters based on the IP address family, and calls a function related to flow counter handling.
3.Directed Broadcast Addition (addDirectedBroadcast): The purpose of this code is to add a directed broadcast entry for a specific IPv4 subnet.It checks for specific conditions related to the IPv4 subnet and returns early if those conditions are not met.The broadcast IP is calculated, a neighbor entry is initialized, and a SAI API function is used to create the neighbor entry with the broadcast MAC address. Logging is performed, and error handling is implemented.
This issue happen every time (not in occasionally)
We have verified on Both Target & VS-image also. Both images are master branch, cloned from community and complied locally and verified.
Output of Show Verison: Output of show version.txt
Output of VS-Show Verison: Output of VS - show version.txt
