Rev 0.1
- List of Tables
- Revision
- About this Manual
- Definition/Abbreviation
- 1 Feature Overview
- 2 Functionality
- 2.1 Functional Description
- 2.1.1 Dynamic configuration of MCLAG
- 2.1.2 Dynamic configuration of mclag_interface
- 2.1.3 Keep-alive timer configuration
- 2.1.4 Session timeout configuration
- 2.1.5 Static MAC support
- 2.1.6 Aging disable for ICCP learned MAC addresses
- 2.1.7 Performance improvements
- 2.1.8 Isolation group support
- 2.1.9 Unique IP enhancements
- 2.1 Functional Description
- 3 Design
- 4 Flow Diagrams
- 5 Serviceability and Debug
- 6 Warm Boot Support
- 7 Scalability
- 8 Upgrade/Downgrade considerations
- 9 Unit Test
| Rev | Date | Author | Change Description |
|---|---|---|---|
| 0.1 | 08/02/2019 | Lisa Nguyen, Praveen Elagala, Abhishek Dharwadkar, Sabarivel Sakthivel, Adam Yeung | Initial draft |
| 0.2 | 10/22/2019 | Tapash Das | L3 Protocol support enhancement |
This document provides general information about SONiC MCLAG feature enhancements. The original MCLAG feature is described at https://github.com/sonic-net/SONiC/blob/f478fe7cbc03c144f3b147e9638f460f764ce4b7/doc/Sonic-mclag-hld.md
| Term | Definition |
|---|---|
| MCLAG | Multi-Chassis Link Aggregation Group |
| ICCP | Inter-Chassis Communication Protocol |
| FDB | Layer-2 (MAC) based forwarding table |
| MHD | Multi Home Device |
This document captures the feature enhancements of SONiC ICCP MCLAG. This includes MCLAG configuration support, data structure changes, MAC event handling optimizations for scaling performance, support of static MAC address over MCLAG, support bridge-port isolation group for BUM control to MCLAG, and traffic recovery sequencing for traffic loop prevention.
- Advertise locally configured Static MAC address to peer MCLAG node
- Withdraw MAC from peer MCLAG node when static MAC address is un-configured
- Dynamic MAC move is prohibited on Static MAC over MCLAG
-
Configure MCLAG domain and corresponding attributes domain-id, local-ip-address and peer-ip-address
-
Configure optional attribute [peer-interface]
-
Configure keep-alive timer value
-
Configure session-timeout value
-
Add support for addition/deletion of mclag_interfaces under MCLAG domain
- Optimize code flow and data structures to improve scaling performance
- Support 40K FDB entries
- Support 4K VLAN's
- MCLAG peer nodes should reconcile the local FDB table upon completion of warm boot, as the MAC learn and age updates from peer would be lost during the time ICCP control session is down due to warm boot.
- For VLAN's associated with MCLAG interface, allow configuration of Unique IP address on VLAN interface of Peer nodes.
- Provide mechanism for running L3 protocols such as BGP, BFD between both Peer nodes VLAN interface.
- Provide mechanism for running L3 protocols such as BGP, BFD between Peer node VLAN interface and device connected to MCLAG Client.
- For MCLAG gateway functionality (Data path) Static Anycast Gateway (SAG) or VRRP configuration will be mandatory, SAG is preferred for active-active forwarding.
- Current MCLAG configuration is generated from config_db.json file with no CLI support. New CLIs will be added to configure MCLAG which includes domain-id, local ip address, peer ip address and peer_link. peer_link configuration is mandatory for Layer2 MCLAG while optional for Layer3 MCLAG.
- In the current implementation the mclag_interfaces configuration is generated from config_db.json file no CLI support is present, a new configuration command is introduced to dynamically add/delete the mclag_interfaces.
- In current implementation the keep-alive timer is hardcoded to 1 second. A new CLI command will be introduced to allow the configuration range of values from 1 to 60 seconds for keep-alive timer.
- In current implementation the session time out 15 seconds after the last keep-alive messages exchange, the timeout duration is hardcoded. A new CLI command will be added to allow a configurable duration for session timeout with the supported range of 3 to 3600 seconds. Session timeout has to be configured in multiples keep-alive timer value.
- Current implementation does not support static MAC address over MCLAG. Static MAC information is not exchanged in the FDB TLV between the MCLAG peer nodes. Changes will be added to support Static MAC with TLV.
- Changes will be added to support the static MAC syncing from local MCLAG node to peer MCLAG node.
- Changes will be added to handle the MAC move scenarios in presence of remote Static MAC.
- In the current implementation, MAC addresses learned in the control plane from the MCLAG peer are installed as dynamic entries. Therefore, if no local traffic from these MAC addresses is seen for the ageing period then they will age out, causing a notification back to ICCPd. However if the mac is learned from peer then it will immediately re-program MAC . The result is transient flooding for the MAC and some unnecessary control plane overhead.
- When the local MCLAG node learns the MAC addresses from peer MCLAG node the type of the MAC set as dynamic. For the remote MAC addresses learned via ICCP if no traffic received on local MCLAG interface MAC addresses get age out from HW. ICCPd process the age notifications as the MAC address is peer learned re-installs MAC address back to HW. Transient traffic flooding can occur during remote MAC re-installation.
- The process of remote MAC aging and re-installation is repetitive causing un-necessary messaging between modules and processing.
- To suppress the unwanted MAC age events, the new implementation programs remote MAC addresses with aging disabled. For the MAC address learned from ICCPd, FdbOrch to set new SAI attribute SAI_FDB_ENTRY_ATTR_ALLOW_MAC_MOVE while programming, which causes SAI to not age out the MAC, but allows it to move.
The following improvements are made in this enhancement:
- Convert FDB and VLAN related linked list to binary trees to improve scaling performance
- When MCLAG node learns a new MAC address via ICCP from peer MCLAG node learned over remote orphan port, it sends a age notification back to peer to indicate MAC is locally aged, this update is not necessary as MAC not learned locally. Avoid sending the local age notification back to peer MCLAG node each time a MAC address is learned from peer.
To control the BUM traffic towards the MHD bridge-port isolation groups is used. The isolation group is applied on the ingress side of peer-link port to filter traffic towards the MHD to avoid duplicate traffic received at MHD.
Existing ACL based support will continue to support.
- Current design mandates configuring same IP address on the VLAN interface for each VLAN of which an MCLAG is a member.
- L3 protocols such as BGP, BFD, VRRP etc cannot be configured on the VLAN interface associated with MCLAG interface because such protocols cannot address the individual routers.
- A new configuration command is introduced for allowing separate per-peer IP configuration on the VLAN interfaces associated with MCLAG interface.
- Both same IP configuration and unique IP configuration will co-exist based on the new configuration.
New changes will be added on top of the existing MCLAG implementation. Following diagram captures the high level module changes made for the MCLAG enhancements.
Figure 1: Overview of module changes
Below is the summary of the changes for each flow number mentioned in the above diagram.
- New CLI commands are introduced to configure MCLAG and its related attributes. Two new tables are added in CONFIG_DB to store the MCLAG configuration and mclag_interface configuration generated from CLI.
- MclagSyncd receives the new MCLAG configuration updates.
- MclagSyncd receives new local (both static and dynamic) MAC updates from STATE_DB FDB_TABLE
- MclagSyncd sends new MCLAG configuration to ICCPd.
- ICCPd sends new remote static MAC updates, ICCP session and MCLAG remote interface state information updates to MclagSyncd.
- ICCPd sets new static MAC flag in FDB TLV for local static MAC addresses advertisement.
- MclagSyncd updates ICCP session and MCLAG remote interface state information to STATE_DB FDB_TABLE and MCLAG_REMOTE_INTF_TABLE
- MclagSyncd updates MAC addresses learned from peer MCLAG node to new MCLAG FDB table .
- FdbOrch registers for new MCLAG FDB table updates to process MAC updates from peer MCLAG node, ISOGRP Orch process new updates from MclagSyncd.
- FdbOrch updates remote MAC addresses with new SAI attribute not to age them out.
- Syncd gets the ICCP learned remote MAC addresses with new SAI attribute SAI_FDB_ENTRY_ATTR_ALLOW_MAC_MOVE set .
- Syncd programs the remote MAC to HW
- FdbOrch update the MAC address to STATE_DB MCLAG REMOTE FDB Table.
- FdbSycd gets the MAC updates from STATE_DB MCLAG REMOTE FDB Table.
- FdbSyncd programs the MAC updates to kernel.
Producer: Configuration Consumer: MclagSyncd Description: New table to store MCLAG domain configuration. Applications can use it to get MCLAG configuration
;New MCLAG Domain Table
key = MCLAG_DOMAIN|domain_id ; DIGIT 1-4095
;field = value
source_ip = IP ; local ip address
peer_ip = IP ; peer ip address
peer_link = port_name ; peer link name
keepalive_interval = time_in_secs ; keepalive time in seconds
session_timeout = time_in_secs ; session timeout in multiple of
; keepalive_interval.
;value annotations
port_name = 1*64VCHAR ; name of the port, must be unique
time_in_secs = dec-octet ; time in seconds
IP = IPV4address
IPv4address = dec-octet "." dec-octet "." dec-octet "." dec-octet "
dec-octet = DIGIT ; 0-9
/ %x31-39 DIGIT ; 10-99
/ "1" 2DIGIT ; 100-199
/ "2" %x30-34 DIGIT ; 200-249
/ "25" %x30-35 ; 250-255
Producer: Configuration Consumer: MclagSyncd Description: New table to store MCLAG interfaces for a MCLAG domain. MCLAG applications can query this table to check whether a interface is configured as MCLAG interface
;New MCLAG Interface Table
key = MCLAG_INTERFACE|domain_id|ifname ;
;value annotations
domain_id = DIGIT 1-4095 ; domain_id for the MCLAG
ifname = 1*64VCHAR ; name of the MCLAG Interface (PortChannel)
Note: Same PortChannel name (ifname) is required to configure across all the MCLAG peer nodes towards MHD.
Producer: Configuration Consumer: MclagSyncd Description: New table to store L3 VLAN interfaces that will have unique IP configuration. MCLAG applications can query this table to check whether a interface is configured for L3 protocol support.
;New MCLAG UniqueIP Table
key = MCLAG_UNIQUE_IP_TABLE|ifname ; Only VLAN interface supported currently
Producer: MclagSyncd Consumer: Isolation Group Orch Agent Description: Isolation group table contains information about the Isolation group type, members and ports.
key = ISOLATION_GROUP_TABLE:name
;field = value
Description = 1*255VCHAR
TYPE = "port" / "bridge-port"
PORTS = [0-max_ports]*port_name ; Ports on which this port isolation group
; is applied
MEMBERS = [0-max_ports]*port_name ; Port isolation group members
;value annotations
port_name = 1*64VCHAR ; name of the port, must be unique
max_ports = 1*5DIGIT ; number of ports supported on the chip
;Add one new attribute to existing LAG_TABLE to control whether traffic collection and distribution should be disabled for all LAG member ports.
traffic_disable = "true"/"false" ;default is false
Producer: MclagSyncd Consumer: FdbOrch agent Description: New table to store the MAC addresses learned via ICCP. FdbOrch processes the FDB updates to program in HW.
; Stores MCLAG FDB entries which were learned via ICCP
; Notes:
; - only unicast FDB entries supported
key = FDB_TABLE:"Vlan"vlanid:mac_address ;
;fields
port = ifName ; interface where the entry is bound to
type = "static" / "dynamic" ; type of the entry
Producer: MclagSyncd Consumer: Applications over MCLAG Description: New table to provide MCLAG domain states to applications running over MCLAG
;New STATE_MCLAG_TABLE
key = MCLAG_TABLE|domain_id
;value annotations
domain_id = DIGIT 1-4095 ; domain_id for the MCLAG
;fields
oper_status = "down"/"up"
role = "active"/"standby"
system_mac = 12HEXDIG
Producer: MclagSyncd Consumer: Applications over MCLAG Description: New table to provide remote MCLAG interface state received by ICCP Schema:
; New STATE_MCLAG_REMOTE_INTF_TABLE
key = MCLAG_REMOTE_INTF_TABLE|domain_id|ifname
oper_status = "down"/"up"
;value annotations
domain_id = DIGIT 1-4095 ; domain_id for the MCLAG
ifname = 1*64VCHAR ; name of the MCLAG Interface (PortChannel)
Producer: FdbOrch Consumer: FdbSyncd Description: New table to populate the ICCP learned remote MAC entries for kernel programming. Schema:
; New STATE_MCLAG_REMOTE_FDB_TABLE_NAME
key = MCLAG_REMOTE_FDB_TABLE:"Vlan"vlanid:mac_address
;value annotations
vlanid = DIGIT 1-4095 ; VLAN id.
mac_address = 12HEXDIG ; MAC address.
;fields
port = 1*64VCHAR ; name of the L2 Port
type = "static/dynamic" ; tpye of the MAC address.
In the current implementation, in normal operation, a port isolation filter is applied on both peers to ensure that traffic received from the peer-link is never forwarded to local MCLAG member ports. This ensures loop-free and packet duplication-free operation. Then, if all ports in an MCLAG on one peer go down (MCLAG PortChannel is down), this filter is removed on the other peer, allowing traffic destined to the MCLAG to cross the peer link, maintaining connectivity to the MCLAG. Later, when at least one member port comes back up (MCLAG PortChannel is up) on the first peer, then the filter must be re-applied on the other peer. However, this can cause transient loops if the MCLAG member ports come up before the filter is re-applied on the remote peer.
In this enhancement, acknowledgements are added to interface state notifications in ICCP, and these are used to ensure that the remote filter is applied before enabling traffic on the upcoming MCLAG member interface(s), thereby eliminating the possibility of loops and duplicates.
ICCP is extended to dynamically handle changes in MCLAG configurations. In the current implementation, MCLAG config attributes local ip, peer ip, peer interface and MCLAG interface configuration has to be done prior to bringing up ICCP docker. To handle configuration changes, MclagSyncd subscribes to CONFIG_DB MCLAG changes, saves configuration data in internal cache and notifies ICCPd. In this enhancement, Pre-provisioning support for MCLAG interfaces and peer interfaces is added.
ICCPd will be extended to support static MAC addresses, data structure changes, data type changes and MAC syncing optimizations. More details are captured in the below sections.
Changes will be added to extend the current FDB TLV to notify with a static MAC flag. ICCP MAC processing will be extended for local and remote static MAC addresses handling. Local and remote static MAC move scenarios will be handled.
In current ICCPd implementation MAC entries are stored in linked lists which can be costly in MAC scale scenarios for lookups. The existing linked list structures will be modified to binary trees for better add, delete and lookup operations. The MAC address entry is stored as 32 byte string in the messaging and local cache, the address will be converted to 6 bytes to optimize the space messages size while syncing the MAC addresses between MCLAG peer nodes.
When MCLAG node learns a new MAC address via ICCP from peer MCLAG node ( MAC learned on remote orphan port ), MAC address is added locally and an age notification is sent back to peer MCLAG node. These age notifications are not required to be sent, additional checks are added to stop sending such unwanted MAC updates.
In this enhancement, the port isolation logic is updated to use SAI Port Isolation instead of Egress ACL. Using isolation group, unwanted traffic can be dropped at the ingress, i.e. before it gets queued etc. This will give better performance as unnecessary traffic will filtered at ingress.
MclagSyncd is enhanced to check the platform capabilities for Isolationgroup support, platform not supporting isolation group will continue to use existing approach of using ACL's.
To support applications running over MCLAG, MCLAG domain states such as ICCP state, active and standby role, system MAC, and remote MCLAG interface state are populated in the STATE_DB for applications to consume.
To support Unique IP configuration on VLAN interface for the VLAN's associated with MCLAG interface following changes will be done.
- In Standby node, disable active node's MAC programming into MY Station TCAM. Also disable updating VLAN interface MAC in kernel.
- Add code to Sync VLAN interface MAC between Peers and program L2 Table with Peers VLAN interface MAC pointing to Peer Link. This is required since MAC learning is disabled for Peer Link.
- Add code to do ARP/ND sync for Local VLAN interface IP.
For MCLAG gateway functionality (Data path) Static Anycast Gateway or VRRP configuration will be mandatory.
A new isolation group orch agent will be added. Isolation group orch agent is the consumer of ISOLATION_GROUP_TABLE in APP DB. MclagSyncd will produce the isolation group configuration in the APP DB and isolation group will program it in the ASIC DB. Only bridge port isolation group will be supported and will be used by MclagSyncd.
To allow ICCP to control when traffic should be enabled on a LAG interface, PortsOrch is extended to support a new traffic disable attribute. When traffic disable attribute is set to true, LAG members are not added to hardware. They are kept in a temporary set until the traffic disable attribute is set to false.
As part of enhancements MclagSyncd populates the ICCP learned MAC addresses into the APP_DB MCLAG_FDB_TABLE instead of populating to APP_FDB_TABLE, FdbOrch registers to APP_DB MCLAG_FDB_TABLE to process the MAC updates from ICCP.
Advertised FDB cache entries will now be marked about the learn source, MAC entries learned from APP_DB MCLAG_FDB_TABLE will be marked as learned from ICCP, these MAC addresses will be updated to ASIC_DB FDB_TABLE with new SAI attributes.
Advertised FDB entries with type static will be programmed to HW similar to local static MAC addresses to avoid any dynamic MAC move to other interfaces.
When a static MAC address is configured locally and same MAC address is learned as advertised, FdbOrch to discard moving the MAC address. When static MAC address is deleted FdbOrch to re-program the advertised MAC address to HW.
If the ICCP learned MAC is static, then any dynamic MAC move will be discarded by FdbOrch.
MCLAG remote MAC entries to be programmed in kernel to allow the local system and applications to reach the associated IP address. ICCP received MAC address needs to be programmed in kernel. FdbOrch updates the MCLAG_REMOTE_FDB_TABLE in STATE_DB accordingly. FDBSyncd subscribes to this table and programs the kernel as required. A similar path is used to update kernel MAC entry If there is an interface change associated with the MAC or when the MAC address is deleted.
No change to SyncD
MclagSyncd is extended to optimize the FDB events handling.
The changes include: -
- sending of the MAC entries is event driven instead of the periodic 60 seconds polling
- removal of the FDB cache in the MclagSyncd
- adding the ICCP learned MAC addresses to APP_DB MCLAG_FDB_TABLE
With the above change to event-driven updates, MclagSyncd no longer needs a local FDB table copy - it can update directly between ICCPd and FdbOrch.
In current implementation MclagSyncd updates the MAC addresses into the existing APP_DB FDB_TABLE. In this enhancement, a new APP_DB MCLAG_FBD_TABLE is used. This allows clients to distinguish between local and remote (ICCP received) MAC address.
MclagSyncd is extended to receive the ICCP session related information from ICCPd and to populate this information in STATE_DB STATE_MCLAG_TABLE. MclagSyncd also receives MCLAG remote interface information which is populated in STATE_DB STATE_MCLAG_REMOTE_INTF_TABLE.
MclagSyncd will be enhanced to listen to CONFIG_DB changes in MCLAG domain table and MCLAG_INTF_TABLE and notify ICCPd. ICCPd is enhanced to process the configuration and handle config changes accordingly.
For controlling the BUM traffic received on the peer_link towards MCLAG portChannels, one isolation group is allocated of type SAI_ISOLATION_GROUP_TYPE_BRIDGE_PORT. All MCLAG PortChannel member ports get added to MLCAG isolation group , ports are set with attribute SAI_BRIDGE_PORT_ATTR_ISOLATION_GROUP.
The following SAI definitions will be used and no enhancements necessary.
Two new sets of configuration commands are introduced to configure MCLAG domain attributes and domain's MCLAG interfaces
config mclag {add | del} \<domain-id> \<local-ip-addr> \<peer-ip-addr> \ [\<peer-ifname>]
- domain-id MCLAG node's unique domain-id
- local_ip MCLAG node's local ipv4 address
- peer_ip MCLAG node's peer ipv4 address
- peer_ifname MCLAG peer interface name; optional for L3 MCLAG, mandatory for L2 MCLAG config
config mclag member {add | del} \<domain-id> <portchannel-names>
- comma seperated MCLAG interfaces for given MCLAG domain; MCLAG interfaces can be only portchannels
MCLAG Keepalive/session timeout configuration
config mclag keepalive-interval \<domain-id> \<keepalive-timer-val>
config mclag session-timeout \<domain-id> \<session-timeout-val>
- keepalive-timer in the range of 1 to 60 seconds with default value of 1 seconds.
- session-timeout in the range of 1 to 3600 seconds with default value of 15 seconds
- session-timeout should be at least greater than 3 times keepalive-timer value
config mclag unique-ip {add | del} <Vlan-interface's>
- Vlan-interface : VLAN interface for which unique IP can be configured.
Following KLISH based CLI configuration commands are introduced to configure MCLAG domain attributes and MCLAG interfaces.
To configure and unconfigure MCLAG domain at global configuration level use below command. Config command creates MCLAG domain and enters domain configuration mode.
sonic(config)#[no] mclag domain <domain-id>
domain-id is a integer in the range of 1 to 4095
To configure MCLAG attributes enter MCLAG domain configuration mode and enter following command
sonic(config-mclag-domain)#[no] source-address <source-ipv4-address>
sonic(config-mclag-domain)#[no] peer-address <peer-ipv4-address>
sonic(config-mclag-domain)#[no] peer-link <peer-if-name>
To configure MCLAG session keepalive interval and session timeout use following commands
sonic(config-mclag-domain)#[no] keepalive-interval <keepalive interval in secs>
sonic(config-mclag-domain)#[no] session-timeout <keepalive interval in secs>
- Keepalive interval in the range of 1 to 60 seconds with default value of 1 seconds.
- session-timeout in the range of 1 to 3600 seconds with default value of 15 seconds
- session-timeout should be multipler of keepalive-timer value
To configure/unconfigure MCLAG interfaces use following command. MCLAG interfaces can only be portchannels. Configure MCLAG interface under the portchannel interface configuration mode.
**sonic(config-if-PortChannelx)# [no] mclag [domain-id]
Following new KLISH based show commands are introduced
Displays brief information about MCLAG domain
1. show mclag brief
Sonic#show mclag brief
Domain ID : 5
Role : Active
Session Status : Up
Peer Link Status : Up
Source Address : 192.168.1.1
Peer Address : 192.168.1.2
Peer Link : PortChannel30
Keepalive Interval : 1 secs
Session Timeout : 15 secs
System MAC : b8:6a:97:73:6c:96
Number of MCLAG Interfaces : 2
MCLAG Interface Local/Remote Status
PortChannel50 Up/Up
PortChannel60 Up/Up
- Show mclag interface
Sonic#show mclag interface 5 PortChannel50
Local/Remote Status : Up/Up
IsolateWithPeerLink : Yes
TrafficDisable : No
Below diagram shows the flow for local static MAC addresses upstream to ICCPd.
Figure 3: Local Static MAC upstream to ICCPd Flow Diagram
Below diagram shows the flow for local dynamic MAC addresses update to ICCPd.
Figure 4: Local Dynamic MAC upstream to ICCPd Flow Diagram
Below diagram shows the flow of MAC address programing learned from ICCP.
Figure 5: Peer MCLAG MAC programming flow Diagram
Below diagram show the flow of Port Isolation group from App DB to SyncD
Figure 6: Port Isolation group processing
- Existing mclagdctl dump commands output will be extended with additional debug state information.
Mclagdctl dump state command is added with new field to show the sync state.
Example output:
root@sonic:/home/admin# mclagdctl -i 5 dump state
The MCLAG's keepalive is: OK
**MCLAG info sync is: completed**
Domain id: 5
Local Ip: 192.168.1.1
Peer Ip: 192.168.1.2
Peer Link Interface: PortChannel30
Keepalive time: 1
sesssion Timeout : 15
Peer Link Mac: b8:6a:97:73:6c:96
Role: Active
MCLAG Interface: PortChannel50
root@sonic:/home/admin#
Mclagdctl is extended with new option to dump the debug counters information.
Example Output:
root@sonic:/home/admin# mclagdctl -i 5 dump debug counters
ICCP session down: 1
Peer link down: 0
Warmboot: 0
ICCP to MclagSyncd TX_OK TX_ERROR
------------------ ----- --------
PortIsolation 13 0
MacLearnMode 1 0
FlushFdb 1 0
SetIfMac 0 0
SetFdb 226003 0
SetL2mc 0 0
TrafficDistEnable 1 0
TrafficDistDisable 1 0
SetIccpState 2 0
SetIccpRole 1 0
SetSystemId 0 0
DelIccpInfo 0 0
SetRemoteIntfSts 9 0
DelRemoteIntf 0 0
MclagSyncd to ICCP RX_OK RX_ERROR
------------------ ----------- --------
FdbChange 161616 0
CfgMclag 1 0
CfgMclagIface 1 0
ICCP to Peer TX_OK RX_OK TX_ERROR RX_ERROR
------------ ----- ----- -------- --------
SysConfig 2 2 0 0
AggrConfig 2 1 0 0
AggrState 7 9 0 0
MacInfo 160896 142183 0 0
ArpInfo 0 0 0 0
L2mcInfo 0 0 0 0
PoInfo 2 1 0 0
PeerLinkInfo 2 2 0 0
Heartbeat 2533 2533 0 0
Nak 0 0 0 0
SyncData 2 2 0 0
SyncReq 1 0 0 0
Warmboot 0 0 0 0
IfUpAck 4 3 0 0
- After a warm boot is completed, the FDB table is reconciled with the MCLAG peer. ICCP is extended to advertise the local FDB table.
- Support scale of 40K MAC addresses.
As part of the current enhancements MCLAG configuration can be provisioned dynamically, MclagSyncd reads the MCLAG configuration from CONFIG_DB and updates to ICCPd. The older way of reading the configuration from configdb.json file during the ICCPd startup is deprecated.
Upgrade/downgrade from/to the older version is not supported with new enhanced version.
- Verify that MCLAG configuration of add/delete is updated in CONFIG_DB MCLAG Domain table.
- Verify that mclag_interface configuration add/delete is updated properly in CONFIG_DB MCLAG interface table.
- Verify that keep-alive and session-timeout values are updated properly in CONFIG_DB table.
- Verify that MAC address updates received from peer MCLAG nodes is updated to APP MCLAG FDB table.
- Verify that ICCP session state information is updated to STATE_MCLAG_TABLE.
- Verify that MCLAG interface state information is updated to STATE_MCLAG_REMOTE_INTF_TABLE
- Verify that Unique IP configuration if add/delete is updated in CONFIG_DB MCLAG UNIQUEIP TABLE
- Verify that MAC address learned locally on orphan port are synced to the peer MCLAG node.
- Verify that MAC address aged locally on orphan ports are withdrawn to peer MCLAG node.
- Verify that MAC address learned locally on MCLAG portchannel are synced to the peer MCLAG node.
- Verify that MAC address aged locally on MCLAG portchannel ports are withdrawn to peer MCLAG node.
- Verify that when MCLAG portchannel is down MAC addresses pointing to the MCLAG portchannel are updated to point to peer-link interface.
- Verify that when MClag portchannel is up MAC addresses pointing to peer-link interface are updated to point to MCLAG portchannel.
- Verify that when peer-link is down MAC addresses pointing to peer-link are deleted on both the MCLAG peer nodes.
- Verify that when clear FDB is executed local MAC addresses are cleared locally and withdrawn to the peer MCLAG node. Relearn the MAC addresses and advertise to peer MCLAG node.
- Verify that static MAC configured locally is advertised to peer MCLAG node.
- Verify that static MAC deleted locally is withdrawn to peer MCLAG node.
- Verify that in presence of remote static MAC addresses any dynamic local MAC move is not allowed.
- Verify MAC learn with scale of 40K MAC entries.
- Verify MCLAG domain configuration with local, peer ip, peer interface, MCLAG interface configures ICCP
- Verify adding MCLAG interface to existing MCLAG domain
- Verify deleting one MCLAG interface from existing MCLAG domain
- Verify modifying local ip configuration for an existing MCLAG domain
- Verify modifying peer interface for given MCLAG domain
- Verify configuration change of MCLAG keep-alive timer value to min/max values are reflected
- Verify configuration change of MCLAG session timeout value to min/max values are reflected
- Verify deletion of existing MCLAG domain
- Verify adding MCLAG domain without peer interface
- Verify adding MCLAG peer interface later after adding MCLAG domain
- Verify deleting MCLAG interfaces with synced up MAC addresses and make sure behavior is similar to having MCLAG interface down
- Verify Unique IP configuration on VLAN interface
- Configure Port Isolation group with members apply it to ingress port. Send unicast and BUM traffic and verify traffic is not seen at any member ports.
- Dynamically add and delete the Port Isolation group members and verify unicast and BUM traffic again.
- Remove Port Isolation group from ingress interface and verify traffic unicast and BUM again.
- Send traffic from interface which doesn't have any port isolation group attached and verify unicast and BUM traffic.
- Verify traffic is disabled until interface up ack is received from remote MCLAG peer when MCLAG interface flaps
- Verify traffic is re-enabled on MCLAG interface which is waiting for interface up ack from peer when ICCP goes down
- Verify traffic is disabled on a port when it is added to a MCLAG interface which is waiting for interface up ack from peer
- Verify traffic is re-enabled on a LAG interface when it is unconfigured as MCLAG interface
- Verify mclagdctl dump local interface output shows traffic is disabled on MCLAG interface which is waiting for interface up ack from peer
- Verify ARP and ND Sync.
- Verify IPv4 and IPv6 routing with traffic
- Veirfy Ping / Ping6 between Peer nodes VLAN interface
- Veirfy Ping / Ping6 between Peer node VLAN interface and MCLAG Client device
- Verify BGP session up on VLAN interface