-
Notifications
You must be signed in to change notification settings - Fork 539
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Vlanmgr and Fdborch changes for PAC #3143
Conversation
Added Vlanmgr and Fdborch changes to support PAC.
The following PR needs to be merged to resolve the compilation error: |
@@ -1410,7 +1416,9 @@ bool FdbOrch::addFdbEntry(const FdbEntry& entry, const string& port_name, | |||
attrs.push_back(attr); | |||
} | |||
} | |||
|
|||
attr.id = SAI_FDB_ENTRY_ATTR_PACKET_ACTION; |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Should there be changes in fdborch to push the packet to PACD socket? https://github.com/sonic-net/SONiC/blob/master/doc/pac/Port%20Access%20Control.md#313-mab-packet-receive-flow. How are the packets delivered for authentication when MAB is enabled on the interface please?
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
These packets that come to CPU are received by PACD as it registers socket for the same. If MAB is enabled, then PACD informs , the information that is required for authentication, such as mac address and the interface to MAB process. The communication between the PACD and MABD uses simple client-server socket communication.
Added Vlanmgr and Fdborch changes to support PAC.
@sutharsansr pls review and sign off if you have no further comments |
/azpw run Azure.sonic-swss |
/AzurePipelines run Azure.sonic-swss |
Azure Pipelines successfully started running 1 pipeline(s). |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Please add tests and fix code coverage
@prsunny please help review and signoff, this is planned for 202411 |
vstest failing after rebasing with latest upstream/master |
/azpw run Azure.sonic-swss |
/AzurePipelines run Azure.sonic-swss |
Azure Pipelines successfully started running 1 pipeline(s). |
@prsunny, can you please check and approve the PR for merge for 202411? |
/azpw run Azure.sonic-swss |
/AzurePipelines run Azure.sonic-swss |
Azure Pipelines successfully started running 1 pipeline(s). |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Thanks for clarifying @anilkpan
Added Vlanmgr and Fdborch changes to support PAC.
The following PAC operations are supported to be passed down from Vlanmgr to OA for updating the ASIC DB:
PAC HLD: https://github.com/sonic-net/SONiC/blob/master/doc/pac/Port%20Access%20Control.md