From cd6898babcb56f9e022a41e6bda043b673da7f4c Mon Sep 17 00:00:00 2001 From: bingwang-ms <66248323+bingwang-ms@users.noreply.github.com> Date: Wed, 27 Jul 2022 05:53:49 +0800 Subject: [PATCH 01/47] Update db_migrator to support `PORT_QOS_MAP|global` (#2205) Signed-off-by: bingwang What I did This PR is to update the db_migrator to support generation of PORT_QOS_MAP|global. After PR Azure/sonic-buildimage#10565, there will be two DSCP_TO_TC_MAP DSCP_TO_TC_MAP|AZURE is the default map, which is used at port level and switch level DSCP_TO_TC_MAP|AZURE_TUNNEL is used to remap the priority of tunnel traffic in dualtor deployment To address the issue, an entry PORT_QOS_MAP|global will be added into config_db "PORT_QOS_MAP": { "global": { "dscp_to_tc_map": "AZURE" } } To handle the upgrade from older image, db_migrator is updated to generate the entry. There is no way to check if PORT_QOS_MAP|global is supported, so the migration is ran on all platforms. There is check in sonic-swss to check the switch capability code, so it will not cause issue. How I did it Update db_migrator to add a common migration step. How to verify it Verified by vstest --- scripts/db_migrator.py | 29 +++++++++++++-- .../qos_map_table_global_expected.json | 12 +++++++ .../config_db/qos_map_table_global_input.json | 10 ++++++ tests/db_migrator_test.py | 36 +++++++++++++++++++ 4 files changed, 85 insertions(+), 2 deletions(-) create mode 100644 tests/db_migrator_input/config_db/qos_map_table_global_expected.json create mode 100644 tests/db_migrator_input/config_db/qos_map_table_global_input.json diff --git a/scripts/db_migrator.py b/scripts/db_migrator.py index ae7437389a..ddd1290767 100755 --- a/scripts/db_migrator.py +++ b/scripts/db_migrator.py @@ -44,7 +44,7 @@ def __init__(self, namespace, socket=None): none-zero values. build: sequentially increase within a minor version domain. """ - self.CURRENT_VERSION = 'version_3_0_5' + self.CURRENT_VERSION = 'version_3_0_6' self.TABLE_NAME = 'VERSIONS' self.TABLE_KEY = 'DATABASE' @@ -485,6 +485,23 @@ def migrate_qos_fieldval_reference_format(self): self.migrate_qos_db_fieldval_reference_remove(qos_table_list, self.configDB, self.configDB.CONFIG_DB, '|') return True + def migrate_port_qos_map_global(self): + """ + Generate dscp_to_tc_map for switch. + """ + asics_require_global_dscp_to_tc_map = ["broadcom"] + if self.asic_type not in asics_require_global_dscp_to_tc_map: + return + dscp_to_tc_map_table_names = self.configDB.get_keys('DSCP_TO_TC_MAP') + if len(dscp_to_tc_map_table_names) == 0: + return + + qos_maps = self.configDB.get_table('PORT_QOS_MAP') + if 'global' not in qos_maps.keys(): + # We are unlikely to have more than 1 DSCP_TO_TC_MAP in previous versions + self.configDB.set_entry('PORT_QOS_MAP', 'global', {"dscp_to_tc_map": dscp_to_tc_map_table_names[0]}) + log.log_info("Created entry for global DSCP_TO_TC_MAP {}".format(dscp_to_tc_map_table_names[0])) + def version_unknown(self): """ version_unknown tracks all SONiC versions that doesn't have a version @@ -681,9 +698,17 @@ def version_3_0_4(self): def version_3_0_5(self): """ - Current latest version. Nothing to do here. + Version 3_0_5 """ log.log_info('Handling version_3_0_5') + self.migrate_port_qos_map_global() + return 'version_3_0_6' + + def version_3_0_6(self): + """ + Current latest version. Nothing to do here. + """ + log.log_info('Handling version_3_0_6') return None def get_version(self): diff --git a/tests/db_migrator_input/config_db/qos_map_table_global_expected.json b/tests/db_migrator_input/config_db/qos_map_table_global_expected.json new file mode 100644 index 0000000000..c7fea9c013 --- /dev/null +++ b/tests/db_migrator_input/config_db/qos_map_table_global_expected.json @@ -0,0 +1,12 @@ +{ + "VERSIONS|DATABASE": { + "VERSION": "version_3_0_6" + }, + "DSCP_TO_TC_MAP|AZURE": { + "0": "0", + "1": "1" + }, + "PORT_QOS_MAP|global": { + "dscp_to_tc_map": "AZURE" + } +} diff --git a/tests/db_migrator_input/config_db/qos_map_table_global_input.json b/tests/db_migrator_input/config_db/qos_map_table_global_input.json new file mode 100644 index 0000000000..0ca51a4525 --- /dev/null +++ b/tests/db_migrator_input/config_db/qos_map_table_global_input.json @@ -0,0 +1,10 @@ +{ + "VERSIONS|DATABASE": { + "VERSION": "version_3_0_5" + }, + "DSCP_TO_TC_MAP|AZURE": { + "0": "0", + "1": "1" + } +} + diff --git a/tests/db_migrator_test.py b/tests/db_migrator_test.py index b688aa2de5..faa09c7ed2 100644 --- a/tests/db_migrator_test.py +++ b/tests/db_migrator_test.py @@ -374,3 +374,39 @@ def test_pfc_enable_migrator(self): diff = DeepDiff(resulting_table, expected_table, ignore_order=True) assert not diff + +class TestGlobalDscpToTcMapMigrator(object): + @classmethod + def setup_class(cls): + os.environ['UTILITIES_UNIT_TESTING'] = "2" + + @classmethod + def teardown_class(cls): + os.environ['UTILITIES_UNIT_TESTING'] = "0" + dbconnector.dedicated_dbs['CONFIG_DB'] = None + + def test_global_dscp_to_tc_map_migrator(self): + dbconnector.dedicated_dbs['CONFIG_DB'] = os.path.join(mock_db_path, 'config_db', 'qos_map_table_global_input') + import db_migrator + dbmgtr = db_migrator.DBMigrator(None) + dbmgtr.asic_type = "broadcom" + dbmgtr.hwsku = "vs" + dbmgtr.migrate() + dbconnector.dedicated_dbs['CONFIG_DB'] = os.path.join(mock_db_path, 'config_db', 'qos_map_table_global_expected') + expected_db = Db() + + resulting_table = dbmgtr.configDB.get_table('PORT_QOS_MAP') + expected_table = expected_db.cfgdb.get_table('PORT_QOS_MAP') + + diff = DeepDiff(resulting_table, expected_table, ignore_order=True) + assert not diff + + # Check port_qos_map|global is not generated on mellanox asic + dbconnector.dedicated_dbs['CONFIG_DB'] = os.path.join(mock_db_path, 'config_db', 'qos_map_table_global_input') + dbmgtr_mlnx = db_migrator.DBMigrator(None) + dbmgtr_mlnx.asic_type = "mellanox" + dbmgtr_mlnx.hwsku = "vs" + dbmgtr_mlnx.migrate() + resulting_table = dbmgtr_mlnx.configDB.get_table('PORT_QOS_MAP') + assert resulting_table == {} + From cd7909ebb95474f7e5037e50a399a1bc255659e1 Mon Sep 17 00:00:00 2001 From: kannankvs Date: Wed, 27 Jul 2022 10:13:49 +0530 Subject: [PATCH 02/47] Updated the CLI file for Radius and Linux kernel commands (#2276) Signed-off-by: kannankvs --- doc/Command-Reference.md | 21977 +++++++++++++++++++------------------ 1 file changed, 11023 insertions(+), 10954 deletions(-) diff --git a/doc/Command-Reference.md b/doc/Command-Reference.md index 670049fe56..f19c98751c 100644 --- a/doc/Command-Reference.md +++ b/doc/Command-Reference.md @@ -1,10954 +1,11023 @@ -# SONiC Command Line Interface Guide - -## Table of Contents - -* [Document History](#document-history) -* [Introduction](#introduction) -* [Basic Tasks](#basic-tasks) - * [SSH Login](#ssh-login) - * [Show Management Interface](#show-management-interface) - * [Configuring Management Interface](#configuring-management-interface) -* [Getting Help](#getting-help) - * [Help for Config Commands](#help-for-config-commands) - * [Help for Show Commands](#help-for-show-commands) -* [Basic Show Commands](#basic-show-commands) - * [Show Versions](#show-versions) - * [Show System Status](#show-system-status) - * [Show Hardware Platform](#show-hardware-platform) - * [Transceivers](#transceivers) -* [AAA & TACACS+](#aaa--tacacs) - * [AAA](#aaa) - * [AAA show commands](#aaa-show-commands) - * [AAA config commands](#aaa-config-commands) - * [TACACS+](#tacacs) - * [TACACS+ show commands](#tacacs-show-commands) - * [TACACS+ config commands](#tacacs-config-commands) -* [ACL](#acl) - * [ACL show commands](#acl-show-commands) - * [ACL config commands](#acl-config-commands) -* [ARP & NDP](#arp--ndp) - * [ARP show commands](#arp-show-commands) - * [NDP show commands](#ndp-show-commands) -* [BFD](#bfd) - * [BFD show commands](#bfd-show-commands) -* [BGP](#bgp) - * [BGP show commands](#bgp-show-commands) - * [BGP config commands](#bgp-config-commands) -* [Console](#console) - * [Console show commands](#console-show-commands) - * [Console config commands](#console-config-commands) - * [Console connect commands](#console-connect-commands) - * [Console clear commands](#console-clear-commands) -* [DHCP Relay](#dhcp-relay) - * [DHCP Relay config commands](#dhcp-relay-config-commands) -* [Drop Counters](#drop-counters) - * [Drop Counter show commands](#drop-counters-show-commands) - * [Drop Counter config commands](#drop-counters-config-commands) - * [Drop Counter clear commands](#drop-counters-clear-commands) -* [Dynamic Buffer Management](#dynamic-buffer-management) - * [Configuration commands](#configuration-commands) - * [Show commands](#show-commands) -* [ECN](#ecn) - * [ECN show commands](#ecn-show-commands) - * [ECN config commands](#ecn-config-commands) -* [Feature](#feature) - * [Feature show commands](#feature-show-commands) - * [Feature config commands](#feature-config-commands) -* [Flow Counters](#flow-counters) - * [Flow Counters show commands](#flow-counters-show-commands) - * [Flow Counters clear commands](#flow-counters-clear-commands) - * [Flow Counters config commands](#flow-counters-config-commands) -* [Gearbox](#gearbox) - * [Gearbox show commands](#gearbox-show-commands) -* [Interfaces](#interfaces) - * [Interface Show Commands](#interface-show-commands) - * [Interface Config Commands](#interface-config-commands) -* [Interface Naming Mode](#interface-naming-mode) - * [Interface naming mode show commands](#interface-naming-mode-show-commands) - * [Interface naming mode config commands](#interface-naming-mode-config-commands) - * [Interface Vrf binding](#interface-vrf-binding) - * [Interface vrf bind & unbind config commands](#interface-vrf-bind-&-unbind-config-commands) - * [Interface vrf binding show commands](#interface-vrf-binding-show-commands) -* [IP / IPv6](#ip--ipv6) - * [IP show commands](#ip-show-commands) - * [IPv6 show commands](#ipv6-show-commands) -* [IPv6 Link Local](#ipv6-link-local) - * [IPv6 Link Local config commands](#ipv6-link-local-config-commands) - * [IPv6 Link Local show commands](#ipv6-link-local-show-commands) -* [Kubernetes](#Kubernetes) - * [Kubernetes show commands](#Kubernetes-show-commands) - * [Kubernetes config commands](#Kubernetes-config-commands) -* [Linux Kernel Dump](#kdump) - * [Linux Kernel Dump show commands](#kdump-show-commands) - * [Linux Kernel Dump config commands](#kdump-config-commands) -* [LLDP](#lldp) - * [LLDP show commands](#lldp-show-commands) -* [Loading, Reloading And Saving Configuration](#loading-reloading-and-saving-configuration) - * [Loading configuration from JSON file](#loading-configuration-from-json-file) - * [Loading configuration from minigraph (XML) file](#loading-configuration-from-minigraph-xml-file) - * [Reloading Configuration](#reloading-configuration) - * [Loading Management Configuration](#loading-management-configuration) - * [Saving Configuration to a File for Persistence](saving-configuration-to-a-file-for-persistence) - * [Loopback Interfaces](#loopback-interfaces) - * [Loopback show commands](#loopback-show-commands) - * [Loopback config commands](#loopback-config-commands) -* [VRF Configuration](#vrf-configuration) - * [VRF show commands](#vrf-show-commands) - * [VRF config commands](#vrf-config-commands) -* [Management VRF](#Management-VRF) - * [Management VRF Show commands](#management-vrf-show-commands) - * [Management VRF Config commands](#management-vrf-config-commands) -* [Mirroring](#mirroring) - * [Mirroring Show commands](#mirroring-show-commands) - * [Mirroring Config commands](#mirroring-config-commands) -* [Muxcable](#muxcable) - * [Muxcable Show commands](#muxcable-show-commands) - * [Muxcable Config commands](#muxcable-config-commands) -* [NAT](#nat) - * [NAT Show commands](#nat-show-commands) - * [NAT Config commands](#nat-config-commands) - * [NAT Clear commands](#nat-clear-commands) -* [NTP](#ntp) - * [NTP show commands](#ntp-show-commands) - * [NTP config commands](#ntp-config-commands) -* [NVGRE](#nvgre) - * [NVGRE show commands](#nvgre-show-commands) - * [NVGRE config commands](#nvgre-config-commands) -* [PBH](#pbh) - * [PBH show commands](#pbh-show-commands) - * [PBH config commands](#pbh-config-commands) -* [PFC Watchdog Commands](#pfc-watchdog-commands) -* [Platform Component Firmware](#platform-component-firmware) - * [Platform Component Firmware show commands](#platform-component-firmware-show-commands) - * [Platform Component Firmware config commands](#platform-component-firmware-config-commands) - * [Platform Component Firmware vendor specific behaviour](#platform-component-firmware-vendor-specific-behaviour) -* [Platform Specific Commands](#platform-specific-commands) - * [Mellanox Platform Specific Commands](#mellanox-platform-specific-commands) - * [Barefoot Platform Specific Commands](#barefoot-platform-specific-commands) -* [PortChannels](#portchannels) - * [PortChannel Show commands](#portchannel-show-commands) - * [PortChannel Config commands](#portchannel-config-commands) -* [QoS](#qos) - * [QoS Show commands](#qos-show-commands) - * [PFC](#pfc) - * [Queue And Priority-Group](#queue-and-priority-group) - * [Buffer Pool](#buffer-pool) - * [QoS config commands](#qos-config-commands) -* [sFlow](#sflow) - * [sFlow Show commands](#sflow-show-commands) - * [sFlow Config commands](#sflow-config-commands) -* [SNMP](#snmp) - * [SNMP Show commands](#snmp-show-commands) - * [SNMP Config commands](#snmp-config-commands) -* [Startup & Running Configuration](#startup--running-configuration) - * [Startup Configuration](#startup-configuration) - * [Running Configuration](#running-configuration) -* [Static routing](#static-routing) -* [Subinterfaces](#subinterfaces) - * [Subinterfaces Show Commands](#subinterfaces-show-commands) - * [Subinterfaces Config Commands](#subinterfaces-config-commands) -* [Syslog](#syslog) - * [Syslog show commands](#syslog-show-commands) - * [Syslog config commands](#syslog-config-commands) -* [System State](#system-state) - * [Processes](#processes) - * [Services & Memory](#services--memory) -* [System-Health](#System-Health) -* [VLAN & FDB](#vlan--fdb) - * [VLAN](#vlan) - * [VLAN show commands](#vlan-show-commands) - * [VLAN Config commands](#vlan-config-commands) - * [FDB](#fdb) - * [FDB show commands](#fdb-show-commands) -* [VxLAN & Vnet](#vxlan--vnet) - * [VxLAN](#vxlan) - * [VxLAN show commands](#vxlan-show-commands) - * [Vnet](#vnet) - * [Vnet show commands](#vnet-show-commands) -* [Warm Reboot](#warm-reboot) -* [Warm Restart](#warm-restart) - * [Warm Restart show commands](#warm-restart-show-commands) - * [Warm Restart Config commands](#warm-restart-config-commands) -* [Watermark](#watermark) - * [Watermark Show commands](#watermark-show-commands) - * [Watermark Config commands](#watermark-config-commands) -* [Software Installation and Management](#software-installation-and-management) - * [SONiC Package Manager](#sonic-package-manager) - * [SONiC Installer](#sonic-installer) -* [Troubleshooting Commands](#troubleshooting-commands) - * [Debug Dumps](#debug-dumps) - * [Event Driven Techsupport Invocation](#event-driven-techsupport-invocation) -* [Routing Stack](#routing-stack) -* [Quagga BGP Show Commands](#Quagga-BGP-Show-Commands) -* [ZTP Configuration And Show Commands](#ztp-configuration-and-show-commands) - * [ ZTP show commands](#ztp-show-commands) - * [ZTP configuration commands](#ztp-configuration-commands) - -## Document History - -| Version | Modification Date | Details | -| --- | --- | --- | -| v6 | May-06-2021 | Add SNMP show and config commands | -| v5 | Nov-05-2020 | Add document for console commands | -| v4 | Oct-17-2019 | Unify usage statements and other formatting; Replace tabs with spaces; Modify heading sizes; Fix spelling, grammar and other errors; Fix organization of new commands | -| v3 | Jun-26-2019 | Update based on 201904 (build#19) release, "config interface" command changes related to interfacename order, FRR/Quagga show command changes, platform specific changes, ACL show changes and few formatting changes | -| v2 | Apr-22-2019 | CLI Guide for SONiC 201811 version (build#32) with complete "config" command set | -| v1 | Mar-23-2019 | Initial version of CLI Guide with minimal command set | - -## Introduction -SONiC is an open source network operating system based on Linux that runs on switches from multiple vendors and ASICs. SONiC offers a full-suite of network functionality, like BGP and RDMA, that has been production-hardened in the data centers of some of the largest cloud-service providers. It offers teams the flexibility to create the network solutions they need while leveraging the collective strength of a large ecosystem and community. - -SONiC software shall be loaded in these [supported devices](https://github.com/Azure/SONiC/wiki/Supported-Devices-and-Platforms) and this CLI guide shall be used to configure the devices as well as to display the configuration, state and status. - -Follow the [Quick Start Guide](https://github.com/Azure/SONiC/wiki/Quick-Start) to boot the device in ONIE mode, install the SONiC software using the steps specified in the document and login to the device using the default username and password. - -After logging into the device, SONiC software can be configured in following three methods. - 1. Command Line Interface (CLI) - 2. [config_db.json](https://github.com/Azure/SONiC/wiki/Configuration) - 3. [minigraph.xml](https://github.com/Azure/SONiC/wiki/Configuration-with-Minigraph-(~Sep-2017)) - -This document explains the first method and gives the complete list of commands that are supported in SONiC 201904 version (build#19). -All the configuration commands need root privileges to execute them. Note that show commands can be executed by all users without the root privileges. -Root privileges can be obtained either by using "sudo" keyword in front of all config commands, or by going to root prompt using "sudo -i". -Note that all commands are case sensitive. - -- Example: - ``` - admin@sonic:~$ sudo config aaa authentication login tacacs+ - - OR - - admin@sonic:~$ sudo -i - root@sonic:~# config aaa authentication login tacacs+ - ``` - -Note that the command list given in this document is just a subset of all possible configurations in SONiC. -Please follow config_db.json based configuration for the complete list of configuration options. - -**Scope of this Document** - -It is assumed that all configuration commands start with the keyword “config” as prefix. -Any other scripts/utilities/commands that need user configuration control are wrapped as sub-commands under the “config” command. -The direct scripts/utilities/commands (examples given below) that are not wrapped under the "config" command are not in the scope of this document. - 1. acl_loader – This script is already wrapped inside “config acl” command; i.e. any ACL configuration that user is allowed to do is already part of “config acl” command; users are not expected to use the acl_loader script directly and hence this document need not explain the “acl_loader” script. - 2. crm – this command is not explained in this document. - 3. sonic-clear, sfputil, etc., This document does not explain these scripts also. - -## Basic Tasks - -This section covers the basic configurations related to the following: - 1. [SSH login](#SSH-Login) - 2. [Configuring the Management Interface](#Configuring-Management-Interface) - -### SSH Login - -All SONiC devices support both the serial console based login and the SSH based login by default. -The default credential (if not modified at image build time) for login is `admin/YourPaSsWoRd`. -In case of SSH login, users can login to the management interface (eth0) IP address after configuring the same using serial console. -Refer the following section for configuring the IP address for management interface. - -- Example: - ``` - At Console: - Debian GNU/Linux 9 sonic ttyS1 - - sonic login: admin - Password: YourPaSsWoRd - - SSH from any remote server to sonic can be done by connecting to SONiC IP - user@debug:~$ ssh admin@sonic_ip_address(or SONIC DNS Name) - admin@sonic's password: - ``` - -By default, login takes the user to the default prompt from which all the show commands can be executed. - -Go Back To [Beginning of the document](#) or [Beginning of this section](#basic-tasks) - -### Show Management Interface - -Please check [show ip interfaces](#show-ip-interfaces) - -### Configuring Management Interface - -The management interface (eth0) in SONiC is configured (by default) to use DHCP client to get the IP address from the DHCP server. Connect the management interface to the same network in which your DHCP server is connected and get the IP address from DHCP server. -The IP address received from DHCP server can be verified using the `/sbin/ifconfig eth0` Linux command. - -SONiC provides a CLI to configure the static IP for the management interface. There are few ways by which a static IP address can be configured for the management interface. - 1. Use the `config interface ip add eth0` command. - - Example: - ``` - admin@sonic:~$ sudo config interface ip add eth0 20.11.12.13/24 20.11.12.254 - ``` - 2. Use config_db.json and configure the MGMT_INTERFACE key with the appropriate values. Refer [here](https://github.com/Azure/SONiC/wiki/Configuration#Management-Interface) - 3. Use minigraph.xml and configure "ManagementIPInterfaces" tag inside "DpgDesc" tag as given at the [page](https://github.com/Azure/SONiC/wiki/Configuration-with-Minigraph-(~Sep-2017)) - -Once the IP address is configured, the same can be verified using either `show management_interface address` command or the `/sbin/ifconfig eth0` linux command. -Users can SSH login to this management interface IP address from their management network. - -- Example: - ``` - admin@sonic:~$ /sbin/ifconfig eth0 - eth0: flags=4163 mtu 1500 - inet 10.11.11.13 netmask 255.255.255.0 broadcast 10.11.12.255 - ``` -Go Back To [Beginning of the document](#) or [Beginning of this section](#basic-tasks) - -## Getting Help - -Subsections: - 1. [Help for Config Commands](#Config-Help) - 2. [Help for Show Commands](#Show-Help) - 3. [Show Versions](#Show-Versions) - 4. [Show System Status](#Show-System-Status) - 5. [Show Hardware Platform](#Show-Hardware-Platform) - -### Help for Config Commands - -All commands have in-built help that aids the user in understanding the command as well as the possible sub-commands and options. -"--help" can be used at any level of the command; i.e. it can be used at the command level, or sub-command level or at argument level. The in-built help will display the available possibilities corresponding to that particular command/sub-command. - -**config --help** - -This command lists all the possible configuration commands at the top level. - -- Usage: - ``` - config --help - ``` - -- Example: - ``` - admin@sonic:~$ config --help - Usage: config [OPTIONS] COMMAND [ARGS] - SONiC command line - 'config' command - - Options: - --help Show this message and exit. - - Commands: - aaa AAA command line - acl ACL-related configuration tasks - bgp BGP-related configuration tasks - ecn ECN-related configuration tasks - feature Modify configuration of features - hostname Change device hostname without impacting traffic - interface Interface-related configuration tasks - interface_naming_mode Modify interface naming mode for interacting... - kubernetes Kubernetes server related configuration - load Import a previous saved config DB dump file. - load_mgmt_config Reconfigure hostname and mgmt interface based... - load_minigraph Reconfigure based on minigraph. - loopback Loopback-related configuration tasks. - mirror_session - nat NAT-related configuration tasks - platform Platform-related configuration tasks - portchannel - qos - reload Clear current configuration and import a... - route route-related configuration tasks - save Export current config DB to a file on disk. - tacacs TACACS+ server configuration - vlan VLAN-related configuration tasks - vrf VRF-related configuration tasks - warm_restart warm_restart-related configuration tasks - watermark Configure watermark - ``` -Go Back To [Beginning of the document](#) or [Beginning of this section](#getting-help) - -### Help For Show Commands - -**show help** - -This command displays the full list of show commands available in the software; the output of each of those show commands can be used to analyze, debug or troubleshoot the network node. - -- Usage: - ``` - show (-?|-h|--help) - ``` - -- Example: - ``` - admin@sonic:~$ show -? - Usage: show [OPTIONS] COMMAND [ARGS]... - SONiC command line - 'show' command - - Options: - -?, -h, --help Show this message and exit. - - Commands: - aaa Show AAA configuration - acl Show ACL related information - arp Show IP ARP table - buffer_pool Show details of the Buffer-pools - clock Show date and time - ecn Show ECN configuration - environment Show environmentals (voltages, fans, temps) - feature Show feature status - interfaces Show details of the network interfaces - ip Show IP (IPv4) commands - ipv6 Show IPv6 commands - kubernetes Show kubernetes commands - line Show all /dev/ttyUSB lines and their info - lldp Show LLDP information - logging Show system log - mac Show MAC (FDB) entries - mirror_session Show existing everflow sessions - mmu Show mmu configuration - muxcable Show muxcable information - nat Show details of the nat - ndp Show IPv6 Neighbour table - ntp Show NTP information - pfc Show details of the priority-flow-control... - platform Show platform-specific hardware info - priority-group Show details of the PGs - processes Show process information - queue Show details of the queues - reboot-cause Show cause of most recent reboot - route-map Show route-map - runningconfiguration Show current running configuration... - services Show all daemon services - startupconfiguration Show startup configuration information - subinterfaces Show details of the sub port interfaces - system-memory Show memory information - tacacs Show TACACS+ configuration - techsupport Gather information for troubleshooting - uptime Show system uptime - users Show users - version Show version information - vlan Show VLAN information - vrf Show vrf config - warm_restart Show warm restart configuration and state - watermark Show details of watermark - ``` - -The same syntax applies to all subgroups of `show` which themselves contain subcommands, and subcommands which accept options/arguments. - -- Example: - ``` - admin@sonic:~$ show interfaces -? - - Show details of the network interfaces - - Options: - -?, -h, --help Show this message and exit. - - Commands: - counters Show interface counters - description Show interface status, protocol and... - naming_mode Show interface naming_mode status - neighbor Show neighbor related information - portchannel Show PortChannel information - status Show Interface status information - tpid Show Interface tpid information - transceiver Show SFP Transceiver information - ``` - -Go Back To [Beginning of the document](#) or [Beginning of this section](#getting-help) - -## Basic Show Commands - -Subsections: - 1. [Show Versions](#Show-Versions) - 2. [Show System Status](#Show-System-Status) - 3. [Show Hardware Platform](#Show-Hardware-Platform) - -### Show Versions - -**show version** - -This command displays software component versions of the currently running SONiC image. This includes the SONiC image version as well as Docker image versions. -This command displays relevant information as the SONiC and Linux kernel version being utilized, as well as the ID of the commit used to build the SONiC image. The second section of the output displays the various docker images and their associated IDs. - -- Usage: - ``` - show version - ``` - -- Example: - ``` - admin@sonic:~$ show version - SONiC Software Version: SONiC.HEAD.32-21ea29a - Distribution: Debian 9.8 - Kernel: 4.9.0-8-amd64 - Build commit: 21ea29a - Build date: Fri Mar 22 01:55:48 UTC 2019 - Built by: johnar@jenkins-worker-4 - - Platform: x86_64-mlnx_msn2700-r0 - HwSKU: Mellanox-SN2700 - ASIC: mellanox - ASIC Count: 1 - Serial Number: MT1822K07815 - Model Number: MSN2700-CS2FO - Hardware Rev: A1 - Uptime: 14:40:15 up 3 min, 1 user, load average: 1.26, 1.45, 0.66 - Date: Fri 22 Mar 2019 14:40:15 - - Docker images: - REPOSITORY TAG IMAGE ID SIZE - docker-syncd-brcm HEAD.32-21ea29a 434240daff6e 362MB - docker-syncd-brcm latest 434240daff6e 362MB - docker-orchagent-brcm HEAD.32-21ea29a e4f9c4631025 287MB - docker-orchagent-brcm latest e4f9c4631025 287MB - docker-nat HEAD.32-21ea29a 46075edc1c69 305MB - docker-nat latest 46075edc1c69 305MB - docker-lldp-sv2 HEAD.32-21ea29a 9681bbfea3ac 275MB - docker-lldp-sv2 latest 9681bbfea3ac 275MB - docker-dhcp-relay HEAD.32-21ea29a 2db34c7bc6f4 257MB - docker-dhcp-relay latest 2db34c7bc6f4 257MB - docker-database HEAD.32-21ea29a badc6fc84cdb 256MB - docker-database latest badc6fc84cdb 256MB - docker-snmp-sv2 HEAD.32-21ea29a e2776e2a30b7 295MB - docker-snmp-sv2 latest e2776e2a30b7 295MB - docker-teamd HEAD.32-21ea29a caf957cd2ad1 275MB - docker-teamd latest caf957cd2ad1 275MB - docker-router-advertiser HEAD.32-21ea29a b1a62023958c 255MB - docker-router-advertiser latest b1a62023958c 255MB - docker-platform-monitor HEAD.32-21ea29a 40b40a4b2164 287MB - docker-platform-monitor latest 40b40a4b2164 287MB - docker-fpm-quagga HEAD.32-21ea29a 546036fe6838 282MB - docker-fpm-quagga latest 546036fe6838 282MB - ``` -Go Back To [Beginning of the document](#) or [Beginning of this section](#basic-show-commands) - - -### Show System Status -This sub-section explains some set of sub-commands that are used to display the status of various parameters pertaining to the physical state of the network node. - -**show clock** - -This command displays the current date and time configured on the system - -- Usage: - ``` - show clock - ``` - -- Example: - ``` - admin@sonic:~$ show clock - Mon Mar 25 20:25:16 UTC 2019 - ``` - -**show boot** - -This command displays the current OS image, the image to be loaded on next reboot, and lists all the available images installed on the device - -- Usage: - ``` - show boot - ``` - -- Example: - ``` - admin@sonic:~$ show boot - Current: SONiC-OS-20181130.31 - Next: SONiC-OS-20181130.31 - Available: - SONiC-OS-20181130.31 - ``` - -**show environment** - -This command displays the platform environmentals, such as voltages, temperatures and fan speeds - -- Usage: - ``` - show environment - ``` - -- Example: - ``` - admin@sonic:~$ show environment - coretemp-isa-0000 - Adapter: ISA adapter - Core 0: +28.0 C (high = +98.0 C, crit = +98.0 C) - Core 1: +28.0 C (high = +98.0 C, crit = +98.0 C) - Core 2: +28.0 C (high = +98.0 C, crit = +98.0 C) - Core 3: +28.0 C (high = +98.0 C, crit = +98.0 C) - SMF_Z9100_ON-isa-0000 - Adapter: ISA adapter - CPU XP3R3V_EARLY: +3.22 V - <... few more things ...> - - Onboard Temperature Sensors: - CPU: 30 C - BCM56960 (PSU side): 35 C - <... few more things ...> - - Onboard Voltage Sensors: - CPU XP3R3V_EARLY 3.22 V - <... few more things ...> - - Fan Trays: - Fan Tray 1: - Fan1 Speed: 6192 RPM - Fan2 Speed: 6362 RPM - Fan1 State: Normal - Fan2 State: Normal - Air Flow: F2B - <... few more things ...> - - PSUs: - PSU 1: - Input: AC - <... few more things ...> - ``` -NOTE: The show output has got lot of information; only the sample output is given in the above example. -Though the displayed output slightly differs from one platform to another platform, the overall content will be similar to the example mentioned above. - -**show reboot-cause** - -This command displays the cause of the previous reboot - -- Usage: - ``` - show reboot-cause - ``` - -- Example: - ``` - admin@sonic:~$ show reboot-cause - User issued reboot command [User: admin, Time: Mon Mar 25 01:02:03 UTC 2019] - ``` - -**show reboot-cause history** - -This command displays the history of the previous reboots up to 10 entry - -- Usage: - ``` - show reboot-cause history - ``` - -- Example: - ``` - admin@sonic:~$ show reboot-cause history - Name Cause Time User Comment - ------------------- ----------- ---------------------------- ------ --------- - 2020_10_09_02_33_06 reboot Fri Oct 9 02:29:44 UTC 2020 admin - 2020_10_09_01_56_59 reboot Fri Oct 9 01:53:49 UTC 2020 admin - 2020_10_09_02_00_53 fast-reboot Fri Oct 9 01:58:04 UTC 2020 admin - 2020_10_09_04_53_58 warm-reboot Fri Oct 9 04:51:47 UTC 2020 admin - ``` - -**show uptime** - -This command displays the current system uptime - -- Usage: - ``` - show uptime - ``` - -- Example: - ``` - admin@sonic:~$ show uptime - up 2 days, 21 hours, 30 minutes - ``` - -**show logging** - -This command displays all the currently stored log messages. -All the latest processes and corresponding transactions are stored in the "syslog" file. -This file is saved in the path `/var/log` and can be viewed by giving the command ` sudo cat syslog` as this requires root login. - -- Usage: - ``` - show logging [( [-l|--lines ]) | (-f|--follow)] - ``` - -- Example: - ``` - admin@sonic:~$ show logging - ``` - -It can be useful to pipe the output from `show logging` to the command `more` in order to examine one screenful of log messages at a time - -- Example: - ``` - admin@sonic:~$ show logging | more - ``` - -Optionally, you can specify a process name in order to display only log messages mentioning that process - -- Example: - ``` - admin@sonic:~$ show logging sensord - ``` - -Optionally, you can specify a number of lines to display using the `-l` or `--lines` option. Only the most recent N lines will be displayed. Also note that this option can be combined with a process name. - -- Examples: - ``` - admin@sonic:~$ show logging --lines 50 - ``` - ``` - admin@sonic:~$ show logging sensord --lines 50 - ``` - -Optionally, you can follow the log live as entries are written to it by specifying the `-f` or `--follow` flag - -- Example: - ``` - admin@sonic:~$ show logging --follow - ``` - -**show users** - -This command displays a list of users currently logged in to the device - -- Usage: - ``` - show users - ``` - -- Examples: - ``` - admin@sonic:~$ show users - admin pts/9 Mar 25 20:31 (100.127.20.23) - - admin@sonic:~$ show users - admin ttyS1 2019-03-25 20:31 - ``` -Go Back To [Beginning of the document](#) or [Beginning of this section](#basic-show-commands) - -### Show Hardware Platform - -The information displayed in this set of commands partially overlaps with the one generated by “show envinronment” instruction. In this case though, the information is presented in a more succinct fashion. In the future these two CLI stanzas may end up getting combined. - -**show platform summary** - -This command displays a summary of the device's hardware platform - -- Usage: - ``` - show platform summary - ``` - -- Example: - ``` - admin@sonic:~$ show platform summary - Platform: x86_64-mlnx_msn2700-r0 - HwSKU: Mellanox-SN2700 - ASIC: mellanox - ASIC Count: 1 - Serial Number: MT1822K07815 - Model Number: MSN2700-CS2FO - Hardware Rev: A1 - ``` - -**show platform syseeprom** - -This command displays information stored on the system EEPROM. -Note that the output of this command is not the same for all vendor's platforms. -Couple of example outputs are given below. - -- Usage: - ``` - show platform syseeprom - ``` - -- Example: - ``` - admin@sonic:~$ show platform syseeprom - lsTLV Name Len Value - -------------------- --- ----- - PPID 20 XX-XXXXXX-00000-000-0000 - DPN Rev 3 XXX - Service Tag 7 XXXXXXX - Part Number 10 XXXXXX - Part Number Rev 3 XXX - Mfg Test Results 2 FF - Card ID 2 0x0000 - Module ID 2 0 - Base MAC Address 12 FE:EC:BA:AB:CD:EF - (checksum valid) - ``` - - ``` - admin@sonic:~$ show platform syseeprom - TlvInfo Header: - Id String: TlvInfo - Version: 1 - Total Length: 527 - TLV Name Code Len Value - ---- --- ----- - Product Name 0x21 64 MSN2700 - Part Number 0x22 20 MSN2700-CS2FO - Serial Number 0x23 24 MT1822K07815 - Base MAC Address 0x24 6 50:6B:4B:8F:CE:40 - Manufacture Date 0x25 19 05/28/2018 23:56:02 - Device Version 0x26 1 16 - MAC Addresses 0x2A 2 128 - Manufacturer 0x2B 8 Mellanox - Vendor Extension 0xFD 36 - Vendor Extension 0xFD 164 - Vendor Extension 0xFD 36 - Vendor Extension 0xFD 36 - Vendor Extension 0xFD 36 - Platform Name 0x28 18 x86_64-mlnx_x86-r0 - ONIE Version 0x29 21 2018.08-5.2.0006-9600 - CRC-32 0xFE 4 0x11C017E1 - - (checksum valid) - ``` - -**show platform ssdhealth** - -This command displays health parameters of the device's SSD - -- Usage: - ``` - show platform ssdhealth [--vendor] - ``` - -- Example: - ``` - admin@sonic:~$ show platform ssdhealth - Device Model : M.2 (S42) 3IE3 - Health : 99.665% - Temperature : 30C - ``` - -**show platform psustatus** - -This command displays the status of the device's power supply units - -- Usage: - ``` - show platform psustatus - ``` - -- Example: - ``` - admin@sonic:~$ show platform psustatus - PSU Model Serial HW Rev Voltage (V) Current (A) Power (W) Status LED - ----- ------------- ------------ -------- ------------- ------------- ----------- -------- ----- - PSU 1 MTEF-PSF-AC-A MT1621X15246 A3 11.97 4.56 54.56 OK green - ``` - -**show platform fan** - -This command displays the status of the device's fans - -- Usage: - ``` - show platform fan - ``` - -- Example: - ``` - admin@sonic:~$ show platform fan - FAN Speed Direction Presence Status Timestamp - ----------- -------- ----------- ---------- -------- ----------------- - fan1 34% intake Present OK 20200302 06:58:56 - fan2 43% intake Present OK 20200302 06:58:56 - fan3 38% intake Present OK 20200302 06:58:56 - fan4 49% intake Present OK 20200302 06:58:57 - fan5 38% exhaust Present OK 20200302 06:58:57 - fan6 48% exhaust Present OK 20200302 06:58:57 - fan7 39% exhaust Present OK 20200302 06:58:57 - fan8 48% exhaust Present OK 20200302 06:58:57 - ``` - -**show platform temperature** - -This command displays the status of the device's thermal sensors - -- Usage: - ``` - show platform temperature - ``` - -- Example: - ``` - admin@sonic:~$ show platform temperature - NAME Temperature High Th Low Th Crit High Th Crit Low Th Warning Timestamp - ---------------------- ------------- --------- -------- -------------- ------------- --------- ----------------- - Ambient ASIC Temp 37.0 100.0 N/A 120.0 N/A False 20200302 06:58:57 - Ambient Fan Side Temp 28.5 100.0 N/A 120.0 N/A False 20200302 06:58:57 - Ambient Port Side Temp 31.0 100.0 N/A 120.0 N/A False 20200302 06:58:57 - CPU Core 0 Temp 36.0 87.0 N/A 105.0 N/A False 20200302 06:59:57 - CPU Core 1 Temp 38.0 87.0 N/A 105.0 N/A False 20200302 06:59:57 - CPU Pack Temp 38.0 87.0 N/A 105.0 N/A False 20200302 06:59:57 - PSU-1 Temp 28.0 100.0 N/A 120.0 N/A False 20200302 06:59:58 - PSU-2 Temp 28.0 100.0 N/A 120.0 N/A False 20200302 06:59:58 - xSFP module 1 Temp 31.5 70.0 N/A 90.0 N/A False 20200302 06:59:57 - xSFP module 2 Temp 35.0 70.0 N/A 90.0 N/A False 20200302 06:59:57 - xSFP module 3 Temp 32.0 70.0 N/A 90.0 N/A False 20200302 06:59:57 - xSFP module 4 Temp 33.5 70.0 N/A 90.0 N/A False 20200302 06:59:57 - xSFP module 5 Temp 34.0 70.0 N/A 90.0 N/A False 20200302 06:59:57 - xSFP module 6 Temp 36.0 70.0 N/A 90.0 N/A False 20200302 06:59:57 - xSFP module 7 Temp 33.5 70.0 N/A 90.0 N/A False 20200302 06:59:57 - xSFP module 8 Temp 33.0 70.0 N/A 90.0 N/A False 20200302 06:59:57 - xSFP module 9 Temp 32.0 70.0 N/A 90.0 N/A False 20200302 06:59:57 - xSFP module 10 Temp 38.5 70.0 N/A 90.0 N/A False 20200302 06:59:57 - xSFP module 11 Temp 38.0 70.0 N/A 90.0 N/A False 20200302 06:59:57 - xSFP module 12 Temp 39.0 70.0 N/A 90.0 N/A False 20200302 06:59:57 - xSFP module 13 Temp 35.5 70.0 N/A 90.0 N/A False 20200302 06:59:57 - xSFP module 14 Temp 37.0 70.0 N/A 90.0 N/A False 20200302 06:59:57 - xSFP module 15 Temp 36.0 70.0 N/A 90.0 N/A False 20200302 06:59:57 - xSFP module 16 Temp 36.5 70.0 N/A 90.0 N/A False 20200302 06:59:57 - xSFP module 17 Temp 32.0 70.0 N/A 90.0 N/A False 20200302 06:59:57 - xSFP module 18 Temp 34.5 70.0 N/A 90.0 N/A False 20200302 06:59:57 - xSFP module 19 Temp 30.0 70.0 N/A 90.0 N/A False 20200302 06:59:57 - xSFP module 20 Temp 31.5 70.0 N/A 90.0 N/A False 20200302 06:59:57 - xSFP module 21 Temp 34.0 70.0 N/A 90.0 N/A False 20200302 06:59:57 - xSFP module 22 Temp 34.4 70.0 N/A 90.0 N/A False 20200302 06:59:57 - xSFP module 23 Temp 34.0 70.0 N/A 90.0 N/A False 20200302 06:59:57 - xSFP module 24 Temp 35.6 70.0 N/A 90.0 N/A False 20200302 06:59:57 - xSFP module 25 Temp 38.0 70.0 N/A 90.0 N/A False 20200302 06:59:57 - xSFP module 26 Temp 32.2 70.0 N/A 90.0 N/A False 20200302 06:59:58 - xSFP module 27 Temp 39.0 70.0 N/A 90.0 N/A False 20200302 06:59:58 - xSFP module 28 Temp 30.1 70.0 N/A 90.0 N/A False 20200302 06:59:58 - xSFP module 29 Temp 32.0 70.0 N/A 90.0 N/A False 20200302 06:59:58 - xSFP module 30 Temp 35.3 70.0 N/A 90.0 N/A False 20200302 06:59:58 - xSFP module 31 Temp 31.0 70.0 N/A 90.0 N/A False 20200302 06:59:58 - xSFP module 32 Temp 39.5 70.0 N/A 90.0 N/A False 20200302 06:59:58 - ``` - -#### Transceivers -Displays diagnostic monitoring information of the transceivers - -**show interfaces transceiver** - -This command displays information for all the interfaces for the transceiver requested or a specific interface if the optional "interface_name" is specified. - -- Usage: - ``` - show interfaces transceiver (eeprom [-d|--dom] | lpmode | presence | error-status [-hw|--fetch-from-hardware]) [] - ``` - -- Example (Decode and display information stored on the EEPROM of SFP transceiver connected to Ethernet0): - ``` - admin@sonic:~$ show interfaces transceiver eeprom --dom Ethernet0 - Ethernet0: SFP detected - Connector : No separable connector - Encoding : Unspecified - Extended Identifier : Unknown - Extended RateSelect Compliance : QSFP+ Rate Select Version 1 - Identifier : QSFP+ - Length Cable Assembly(m) : 1 - Specification compliance : - 10/40G Ethernet Compliance Code : 40GBASE-CR4 - Fibre Channel Speed : 1200 Mbytes/Sec - Fibre Channel link length/Transmitter Technology : Electrical inter-enclosure (EL) - Fibre Channel transmission media : Twin Axial Pair (TW) - Vendor Date Code(YYYY-MM-DD Lot) : 2015-10-31 - Vendor Name : XXXXX - Vendor OUI : XX-XX-XX - Vendor PN : 1111111111 - Vendor Rev : - Vendor SN : 111111111 - ChannelMonitorValues: - RX1Power: -1.1936dBm - RX2Power: -1.1793dBm - RX3Power: -0.9388dBm - RX4Power: -1.0729dBm - TX1Bias: 4.0140mA - TX2Bias: 4.0140mA - TX3Bias: 4.0140mA - TX4Bias: 4.0140mA - ModuleMonitorValues : - Temperature : 1.1111C - Vcc : 0.0000Volts - ``` - -- Example (Display status of low-power mode of SFP transceiver connected to Ethernet100): - ``` - admin@sonic:~$ show interfaces transceiver lpmode Ethernet100 - Port Low-power Mode - ----------- ---------------- - Ethernet100 On - ``` - - -- Example (Display presence of SFP transceiver connected to Ethernet100): - ``` - admin@sonic:~$ show interfaces transceiver presence Ethernet100 - Port Presence - ----------- ---------- - Ethernet100 Present - ``` - -- Example (Display error status of SFP transceiver connected to Ethernet100): - ``` - admin@sonic:~$ show interfaces transceiver error-status Ethernet100 - Port Error Status - ----------- -------------- - Ethernet100 OK - ``` - -Go Back To [Beginning of the document](#) or [Beginning of this section](#basic-show-commands) - -## AAA & TACACS+ -This section captures the various show commands & configuration commands that are applicable for the AAA (Authentication, Authorization, and Accounting) module. -Admins can configure the type of authentication (local or remote tacacs based) required for the users and also the authentication failthrough and fallback options. -Following show command displays the current running configuration related to the AAA. - -### AAA - -#### AAA show commands - -This command is used to view the Authentication, Authorization & Accounting settings that are configured in the network node. - -**show aaa** - -This command displays the AAA settings currently present in the network node - -- Usage: - ``` - show aaa - ``` - -- Example: - ``` - admin@sonic:~$ show aaa - AAA authentication login local (default) - AAA authentication failthrough True (default) - AAA authentication fallback True (default) - ``` - -#### AAA config commands - -This sub-section explains all the possible CLI based configuration options for the AAA module. The list of commands/sub-commands possible for aaa is given below. - - Command: aaa authentication - sub-commands: - - aaa authentication failthrough - - aaa authentication fallback - - aaa authentication login - -**aaa authentication failthrough** - -This command is used to either enable or disable the failthrough option. -This command is useful when user has configured more than one tacacs+ server and when user has enabled tacacs+ authentication. -When authentication request to the first server fails, this configuration allows to continue the request to the next server. -When this configuration is enabled, authentication process continues through all servers configured. -When this is disabled and if the authentication request fails on first server, authentication process will stop and the login will be disallowed. - - -- Usage: - ``` - config aaa authentication failthrough (enable | disable | default) - ``` - - - Parameters: - - enable: This allows the AAA module to process with local authentication if remote authentication fails. - - disable: This disallows the AAA module to proceed further if remote authentication fails. - - default: This re-configures the default value, which is "enable". - - -- Example: - ``` - admin@sonic:~$ sudo config aaa authentication failthrough enable - ``` -**aaa authentication fallback** - -The command is not used at the moment. -When the tacacs+ authentication fails, it falls back to local authentication by default. - -- Usage: - ``` - config aaa authentication fallback (enable | disable | default) - ``` - -- Example: - ``` - admin@sonic:~$ sudo config aaa authentication fallback enable - ``` - -**aaa authentication login** - -This command is used to either configure whether AAA should use local database or remote tacacs+ database for user authentication. -By default, AAA uses local database for authentication. New users can be added/deleted using the linux commands (Note that the configuration done using linux commands are not preserved during reboot). -Admin can enable remote tacacs+ server based authentication by selecting the AUTH_PROTOCOL as tacacs+ in this command. -Admins need to configure the tacacs+ server accordingly and ensure that the connectivity to tacacas+ server is available via the management interface. -Once if the admins choose the remote authentication based on tacacs+ server, all user logins will be authenticated by the tacacs+ server. -If the authentication fails, AAA will check the "failthrough" configuration and authenticates the user based on local database if failthrough is enabled. - -- Usage: - ``` - config aaa authentication (tacacs+ | local | default) - ``` - - - Parameters: - - tacacs+: Enables remote authentication based on tacacs+ - - local: Disables remote authentication and uses local authentication - - default: Reset back to default value, which is only "local" authentication - - -- Example: - ``` - admin@sonic:~$ sudo config aaa authentication login tacacs+ - ``` - -Go Back To [Beginning of the document](#) or [Beginning of this section](#aaa--tacacs) - -### TACACS+ - -#### TACACS+ show commands - -**show tacacs** - -This command displays the global configuration fields and the list of all tacacs servers and their correponding configurations. - -- Usage: - ``` - show tacacs - ``` - -- Example: - ``` - admin@sonic:~$ show tacacs - TACPLUS global auth_type pap (default) - TACPLUS global timeout 99 - TACPLUS global passkey (default) - - TACPLUS_SERVER address 10.11.12.14 - priority 9 - tcp_port 50 - auth_type mschap - timeout 10 - passkey testing789 - - TACPLUS_SERVER address 10.0.0.9 - priority 1 - tcp_port 49 - ``` - -#### TACACS+ config commands - -This sub-section explains the command "config tacacs" and its sub-commands that are used to configure the following tacacs+ parameters. -Some of the parameters like authtype, passkey and timeout can be either configured at per server level or at global level (global value will be applied if there no server level configuration) - -1) Add/Delete the tacacs+ server details. -2) authtype - global configuration that is applied to all servers if there is no server specific configuration. -3) default - reset the authtype or passkey or timeout to the default values. -4) passkey - global configuration that is applied to all servers if there is no server specific configuration. -5) timeout - global configuration that is applied to all servers if there is no server specific configuration. - -**config tacacs add** - -This command is used to add a TACACS+ server to the tacacs server list. -Note that more than one tacacs+ (maximum of seven) can be added in the device. -When user tries to login, tacacs client shall contact the servers one by one. -When any server times out, device will try the next server one by one based on the priority value configured for that server. -When this command is executed, the configured tacacs+ server addresses are updated in /etc/pam.d/common-auth-sonic configuration file which is being used by tacacs service. - -- Usage: - ``` - config tacacs add [-t|--timeout ] [-k|--key ] [-a|--type ] [-o|--port ] [-p|--pri ] [-m|--use-mgmt-vrf] - ``` - - - Parameters: - - ip_address: TACACS+ server IP address. - - timeout: Transmission timeout interval in seconds, range 1 to 60, default 5 - - key: Shared secret - - type: Authentication type, "chap" or "pap" or "mschap" or "login", default is "pap". - - port: TCP port range is 1 to 65535, default 49 - - pri: Priority, priority range 1 to 64, default 1. - - use-mgmt-vrf: This means that the server is part of Management vrf, default is "no vrf" - - -- Example: - ``` - admin@sonic:~$ sudo config tacacs add 10.11.12.13 -t 10 -k testing789 -a mschap -o 50 -p 9 - ``` - - - Example Server Configuration in /etc/pam.d/common-auth-sonic configuration file: - ``` - auth [success=done new_authtok_reqd=done default=ignore] pam_tacplus.so server=10.11.12.14:50 secret=testing789 login=mschap timeout=10 try_first_pass - auth [success=done new_authtok_reqd=done default=ignore] pam_tacplus.so server=10.11.12.24:50 secret=testing789 login=mschap timeout=987654321098765433211 - 0987 try_first_pass - auth [success=done new_authtok_reqd=done default=ignore] pam_tacplus.so server=10.0.0.9:49 secret= login=mschap timeout=5 try_first_pass - auth [success=done new_authtok_reqd=done default=ignore] pam_tacplus.so server=10.0.0.8:49 secret= login=mschap timeout=5 try_first_pass - auth [success=done new_authtok_reqd=done default=ignore] pam_tacplus.so server=10.11.12.13:50 secret=testing789 login=mschap timeout=10 try_first_pass - auth [success=1 default=ignore] pam_unix.so nullok try_first_pass - ``` - - *NOTE: In the above example, the servers are stored (sorted) based on the priority value configured for the server.* - -**config tacacs delete** - -This command is used to delete the tacacs+ servers configured. - -- Usage: - ``` - config tacacs delete - ``` - -- Example: - ``` - admin@sonic:~$ sudo config tacacs delete 10.11.12.13 - ``` - -**config tacacs authtype** - -This command is used to modify the global value for the TACACS+ authtype. -When user has not configured server specific authtype, this global value shall be used for that server. - -- Usage: - ``` - config tacacs authtype (chap | pap | mschap | login) - ``` - -- Example: - ``` - admin@sonic:~$ sudo config tacacs authtype mschap - ``` - -**config tacacs default** - -This command is used to reset the global value for authtype or passkey or timeout to default value. -Default for authtype is "pap", default for passkey is EMPTY_STRING and default for timeout is 5 seconds. - -- Usage: - ``` - config tacacs default (authtype | passkey | timeout) - ``` - -- Example (This will reset the global authtype back to the default value "pap"): - ``` - admin@sonic:~$ sudo config tacacs default authtype - ``` - -**config tacacs passkey** - -This command is used to modify the global value for the TACACS+ passkey. -When user has not configured server specific passkey, this global value shall be used for that server. - -- Usage: - ``` - config tacacs passkey - ``` - -- Example: - ``` - admin@sonic:~$ sudo config tacacs passkey testing123 - ``` - -**config tacacs timeout** - -This command is used to modify the global value for the TACACS+ timeout. -When user has not configured server specific timeout, this global value shall be used for that server. - - -- Usage: - ``` - config tacacs [default] timeout [] - ``` - - - Options: - - Valid values for timeout is 1 to 60 seconds. - - When the optional keyword "default" is specified, timeout_value_in_seconds parameter wont be used; default value of 5 is used. - - Configuration using the keyword "default" is introduced in 201904 release. - -- Example: To configure non-default timeout value - ``` - admin@sonic:~$ sudo config tacacs timeout 60 - ``` - -Go Back To [Beginning of the document](#) or [Beginning of this section](#aaa--tacacs) - - - -## ACL - -This section explains the various show commands and configuration commands available for users. - -### ACL show commands - -**show acl table** - -This command displays either all the ACL tables that are configured or only the specified "TABLE_NAME". -Output from the command displays the table name, type of the table, the list of interface(s) to which the table is bound and the description about the table. - -- Usage: - ``` - show acl table [] - ``` - -- Example: - ``` - admin@sonic:~$ show acl table - Name Type Binding Description Stage - -------- --------- --------------- ---------------- ------- - EVERFLOW MIRROR Ethernet16 EVERFLOW ingress - Ethernet96 - Ethernet108 - Ethernet112 - PortChannel0001 - PortChannel0002 - SNMP_ACL CTRLPLANE SNMP SNMP_ACL ingress - DT_ACL_T1 L3 Ethernet0 DATA_ACL_TABLE_1 egress - Ethernet4 - Ethernet112 - Ethernet116 - SSH_ONLY CTRLPLANE SSH SSH_ONLY ingress - ``` - -**show acl rule** - -This command displays all the ACL rules present in all the ACL tables or only the rules present in specified table "TABLE_NAME" or only the rule matching the RULE_ID option. -Output from the command gives the following information about the rules -1) Table name - ACL table name to which the rule belongs to. -2) Rule name - ACL rule name -3) Priority - Priority for this rule. -4) Action - Action to be performed if the packet matches with this ACL rule. - -It can be: -- "DROP"/"FORWARD"("ACCEPT" for control plane ACL) -- "REDIRECT: redirect-object" for redirect rule, where "redirect-object" is either: - - physical interface name, e.g. "Ethernet10" - - port channel name, e.g. "PortChannel0002" - - next-hop IP address, e.g. "10.0.0.1" - - next-hop group set of IP addresses with comma seperator, e.g. "10.0.0.1,10.0.0.3" -- "MIRROR INGRESS|EGRESS: session-name" for mirror rules, where "session-name" refers to mirror session - -Users can choose to have a default permit rule or default deny rule. In case of default "deny all" rule, add the permitted rules on top of the deny rule. In case of the default "permit all" rule, users can add the deny rules on top of it. If users have not confgured any rule, SONiC allows all traffic (which is "permit all"). - -5) Match - The fields from the packet header that need to be matched against the same present in the incoming traffic. - -- Usage: - ``` - show acl rule [] [] - ``` - -- Example: - ``` - admin@sonic:~$ show acl rule - Table Rule Priority Action Match - -------- ------------ ---------- ------------------------- ---------------------------- - SNMP_ACL RULE_1 9999 ACCEPT IP_PROTOCOL: 17 - SRC_IP: 1.1.1.1/32 - SSH_ONLY RULE_2 9998 ACCEPT IP_PROTOCOL: 6 - SRC_IP: 1.1.1.1/32 - EVERFLOW RULE_3 9997 MIRROR INGRESS: everflow0 SRC_IP: 20.0.0.2/32 - EVERFLOW RULE_4 9996 MIRROR EGRESS : everflow1 L4_SRC_PORT: 4621 - DATAACL RULE_5 9995 REDIRECT: Ethernet8 IP_PROTOCOL: 126 - DATAACL RULE_6 9994 FORWARD L4_SRC_PORT: 179 - DATAACL RULE_7 9993 FORWARD L4_DST_PORT: 179 - SNMP_ACL DEFAULT_RULE 1 DROP ETHER_TYPE: 2048 - SSH_ONLY DEFAULT_RULE 1 DROP ETHER_TYPE: 2048 - ``` - - -### ACL config commands -This sub-section explains the list of configuration options available for ACL module. -Note that there is no direct command to add or delete or modify the ACL table and ACL rule. -Existing ACL tables and ACL rules can be updated by specifying the ACL rules in json file formats and configure those files using this CLI command. - -**config acl update full** - -This command is to update the rules in all the tables or in one specific table in full. If a table_name is provided, the operation will be restricted in the specified table. All existing rules in the specified table or all tables will be removed. New rules loaded from file will be installed. If the table_name is specified, only rules within that table will be removed and new rules in that table will be installed. If the table_name is not specified, all rules from all tables will be removed and only the rules present in the input file will be added. - -The command does not modify anything in the list of acl tables. It modifies only the rules present in those pre-existing tables. - -In order to create acl tables, either follow the config_db.json method or minigraph method to populate the list of ACL tables. - -After creating tables, either the config_db.json method or the minigraph method or the CLI method (explained here) can be used to populate the rules in those ACL tables. - -This command updates only the ACL rules and it does not disturb the ACL tables; i.e. the output of "show acl table" is not alterted by using this command; only the output of "show acl rule" will be changed after this command. - -When "--session_name" optional argument is specified, command sets the session_name for the ACL table with this mirror session name. It fails if the specified mirror session name does not exist. - -When "--mirror_stage" optional argument is specified, command sets the mirror action to ingress/egress based on this parameter. By default command sets ingress mirror action in case argument is not specified. - -When the optional argument "max_priority" is specified, each rule’s priority is calculated by subtracting its “sequence_id” value from the “max_priority”. If this value is not passed, the default “max_priority” 10000 is used. - -- Usage: - ``` - config acl update full [--table_name ] [--session_name ] [--mirror_stage (ingress | egress)] [--max_priority ] - ``` - - - Parameters: - - table_name: Specifiy the name of the ACL table to load. Example: config acl update full "--table_name DT_ACL_T1 /etc/sonic/acl_table_1.json" - - session_name: Specifiy the name of the ACL session to load. Example: config acl update full "--session_name mirror_ses1 /etc/sonic/acl_table_1.json" - - priority_value: Specify the maximum priority to use when loading ACL rules. Example: config acl update full "--max-priority 100 /etc/sonic/acl_table_1.json" - - *NOTE 1: All these optional parameters should be inside double quotes. If none of the options are provided, double quotes are not required for specifying filename alone.* - *NOTE 2: Any number of optional parameters can be configured in the same command.* - -- Examples: - ``` - admin@sonic:~$ sudo config acl update full /etc/sonic/acl_full_snmp_1_2_ssh_4.json - admin@sonic:~$ sudo config acl update full "--table_name SNMP-ACL /etc/sonic/acl_full_snmp_1_2_ssh_4.json" - admin@sonic:~$ sudo config acl update full "--session_name everflow0 /etc/sonic/acl_full_snmp_1_2_ssh_4.json" - ``` - - This command will remove all rules from all the ACL tables and insert all the rules present in this input file. - Refer the example file [acl_full_snmp_1_2_ssh_4.json](#) that adds two rules for SNMP (Rule1 and Rule2) and one rule for SSH (Rule4) - Refer an example for input file format [here](https://github.com/Azure/sonic-mgmt/blob/master/ansible/roles/test/files/helpers/config_service_acls.sh) - Refer another example [here](https://github.com/Azure/sonic-mgmt/blob/master/ansible/roles/test/tasks/acl/acltb_test_rules_part_1.json) - -**config acl update incremental** - -This command is used to perform incremental update of ACL rule table. This command gets existing rules from Config DB and compares with rules specified in input file and performs corresponding modifications. - -With respect to DATA ACLs, the command does not assume that new dataplane ACLs can be inserted in betweeen by shifting existing ACLs in all ASICs. Therefore, this command performs a full update on dataplane ACLs. -With respect to control plane ACLs, this command performs an incremental update. -If we assume that "file1.json" is the already loaded ACL rules file and if "file2.json" is the input file that is passed as parameter for this command, the following requirements are valid for the input file. -1) First copy the file1.json to file2.json. -2) Remove the unwanted ACL rules from file2.json -3) Add the newly required ACL rules into file2.json. -4) Modify the existing ACL rules (that require changes) in file2.json. - -NOTE: If any ACL rule that is already available in file1.json is required even after this command execution, such rules should remain unalterted in file2.json. Don't remove them. -Note that "incremental" is working like "full". - -When "--session_name" optional argument is specified, command sets the session_name for the ACL table with this mirror session name. It fails if the specified mirror session name does not exist. - -When "--mirror_stage" optional argument is specified, command sets the mirror action to ingress/egress based on this parameter. By default command sets ingress mirror action in case argument is not specified. - -When the optional argument "max_priority" is specified, each rule’s priority is calculated by subtracting its “sequence_id” value from the “max_priority”. If this value is not passed, the default “max_priority” 10000 is used. - -- Usage: - ``` - config acl update incremental [--session_name ] [--mirror_stage (ingress | egress)] [--max_priority ] - ``` - - - Parameters: - - table_name: Specifiy the name of the ACL table to load. Example: config acl update full "--table_name DT_ACL_T1 /etc/sonic/acl_table_1.json" - - session_name: Specifiy the name of the ACL session to load. Example: config acl update full "--session_name mirror_ses1 /etc/sonic/acl_table_1.json" - - priority_value: Specify the maximum priority to use when loading ACL rules. Example: config acl update full "--max-priority 100 /etc/sonic/acl_table_1.json" - - *NOTE 1: All these optional parameters should be inside double quotes. If none of the options are provided, double quotes are not required for specifying filename alone.* - *NOTE 2: Any number of optional parameters can be configured in the same command.* - -- Examples: - ``` - admin@sonic:~$ sudo config acl update incremental /etc/sonic/acl_incremental_snmp_1_3_ssh_4.json - ``` - ``` - admin@sonic:~$ sudo config acl update incremental "--session_name everflow0 /etc/sonic/acl_incremental_snmp_1_3_ssh_4.json" - ``` - - Refer the example file [acl_incremental_snmp_1_3_ssh_4.json](#) that adds two rules for SNMP (Rule1 and Rule3) and one rule for SSH (Rule4) - When this "incremental" command is executed after "full" command, it has removed SNMP Rule2 and added SNMP Rule3 in the example. - File "acl_full_snmp_1_2_ssh_4.json" has got SNMP Rule1, SNMP Rule2 and SSH Rule4. - File "acl_incremental_snmp_1_3_ssh_4.json" has got SNMP Rule1, SNMP Rule3 and SSH Rule4. - This file is created by copying the file "acl_full_snmp_1_2_ssh_4.json" to "acl_incremental_snmp_1_3_ssh_4.json" and then removing SNMP Rule2 and adding SNMP Rule3. - -Go Back To [Beginning of the document](#) or [Beginning of this section](#acl) - -**config acl add table** - -This command is used to create new ACL tables. - -- Usage: - ``` - config acl add table [OPTIONS] [-d ] [-p ] [-s (ingress | egress)] - ``` - -- Parameters: - - table_name: The name of the ACL table to create. - - table_type: The type of ACL table to create (e.g. "L3", "L3V6", "MIRROR") - - description: A description of the table for the user. (default is the table_name) - - ports: A comma-separated list of ports/interfaces to add to the table. The behavior is as follows: - - Physical ports will be bound as physical ports - - Portchannels will be bound as portchannels - passing a portchannel member is invalid - - VLANs will be expanded into their members (e.g. "Vlan1000" will become "Ethernet0,Ethernet2,Ethernet4...") - - stage: The stage this ACL table will be applied to, either ingress or egress. (default is ingress) - -- Examples: - ``` - admin@sonic:~$ sudo config acl add table EXAMPLE L3 -p Ethernet0,Ethernet4 -s ingress - ``` - ``` - admin@sonic:~$ sudo config acl add table EXAMPLE_2 L3V6 -p Vlan1000,PortChannel0001,Ethernet128 -s egress - ``` - -Go Back To [Beginning of the document](#) or [Beginning of this section](#acl) - - -## ARP & NDP - -### ARP show commands - -**show arp** - -This command displays the ARP entries in the device with following options. -1) Display the entire table. -2) Display the ARP entries learnt on a specific interface. -3) Display the ARP of a specific ip-address. - -- Usage: - ``` - show arp [-if ] [] - ``` - -- Details: - - show arp: Displays all entries - - show arp -if : Displays the ARP specific to the specified interface. - - show arp : Displays the ARP specific to the specicied ip-address. - - -- Example: - ``` - admin@sonic:~$ show arp - Address MacAddress Iface Vlan - ------------- ----------------- ------- ------ - 192.168.1.183 88:5a:92:fb:bf:41 Ethernet44 - - 192.168.1.175 88:5a:92:fc:95:81 Ethernet28 - - 192.168.1.181 e4:c7:22:c1:07:7c Ethernet40 - - 192.168.1.179 88:5a:92:de:a8:bc Ethernet36 - - 192.168.1.118 00:1c:73:3c:de:43 Ethernet64 - - 192.168.1.11 00:1c:73:3c:e1:38 Ethernet88 - - 192.168.1.161 24:e9:b3:71:3a:01 Ethernet0 - - 192.168.1.189 24:e9:b3:9d:57:41 Ethernet56 - - 192.168.1.187 74:26:ac:8b:8f:c1 Ethernet52 - - 192.168.1.165 88:5a:92:de:a0:7c Ethernet8 - - - Total number of entries 10 - ``` - -Optionally, you can specify the interface in order to display the ARPs learnt on that particular interface - -- Example: - ``` - admin@sonic:~$ show arp -if Ethernet40 - Address MacAddress Iface Vlan - ------------- ----------------- ---------- ------ - 192.168.1.181 e4:c7:22:c1:07:7c Ethernet40 - - Total number of entries 1 - ``` - -Optionally, you can specify an IP address in order to display only that particular entry - -- Example: - ``` - admin@sonic:~$ show arp 192.168.1.181 - Address MacAddress Iface Vlan - ------------- ----------------- ---------- ------ - 192.168.1.181 e4:c7:22:c1:07:7c Ethernet40 - - Total number of entries 1 - ``` - -### NDP show commands - -**show ndp** - -This command displays either all the IPv6 neighbor mac addresses, or for a particular IPv6 neighbor, or for all IPv6 neighbors reachable via a specific interface. - -- Usage: - ``` - show ndp [-if|--iface ] - ``` - -- Example (show all IPv6 neighbors): - ``` - admin@sonic:~$ show ndp - Address MacAddress Iface Vlan Status - ------------------------ ----------------- ------- ------ --------- - fe80::20c:29ff:feb8:b11e 00:0c:29:b8:b1:1e eth0 - REACHABLE - fe80::20c:29ff:feb8:cff0 00:0c:29:b8:cf:f0 eth0 - REACHABLE - fe80::20c:29ff:fef9:324 00:0c:29:f9:03:24 eth0 - REACHABLE - Total number of entries 3 - ``` - -- Example (show specific IPv6 neighbor): - ``` - admin@sonic:~$ show ndp fe80::20c:29ff:feb8:b11e - Address MacAddress Iface Vlan Status - ------------------------ ----------------- ------- ------ --------- - fe80::20c:29ff:feb8:b11e 00:0c:29:b8:b1:1e eth0 - REACHABLE - Total number of entries 1 - ``` - -- Example (show IPv6 neighbors learned on a specific interface): - ``` - admin@sonic:~$ show ndp -if eth0 - Address MacAddress Iface Vlan Status - ------------------------ ----------------- ------- ------ --------- - fe80::20c:29ff:feb8:b11e 00:0c:29:b8:b1:1e eth0 - REACHABLE - fe80::20c:29ff:feb8:cff0 00:0c:29:b8:cf:f0 eth0 - REACHABLE - fe80::20c:29ff:fef9:324 00:0c:29:f9:03:24 eth0 - REACHABLE - Total number of entries 3 - ``` - -Go Back To [Beginning of the document](#) or [Beginning of this section](#arp--ndp) - -## BFD - -### BFD show commands - -**show bfd summary** - -This command displays the state and key parameters of all BFD sessions. - -- Usage: - ``` - show bgp summary - ``` -- Example: - ``` - >> show bfd summary - Total number of BFD sessions: 3 - Peer Addr Interface Vrf State Type Local Addr TX Interval RX Interval Multiplier Multihop - ----------- ----------- ------- ------- ------------ ------------ ------------- ------------- ------------ ---------- - 10.0.1.1 default default DOWN async_active 10.0.0.1 300 500 3 true - 10.0.2.1 Ethernet12 default UP async_active 10.0.0.1 200 600 3 false - 2000::10:1 default default UP async_active 2000::1 100 700 3 false - ``` - -**show bfd peer** - -This command displays the state and key parameters of all BFD sessions that match an IP address. - -- Usage: - ``` - show bgp peer - ``` -- Example: - ``` - >> show bfd peer 10.0.1.1 - Total number of BFD sessions for peer IP 10.0.1.1: 1 - Peer Addr Interface Vrf State Type Local Addr TX Interval RX Interval Multiplier Multihop - ----------- ----------- ------- ------- ------------ ------------ ------------- ------------- ------------ ---------- - 10.0.1.1 default default DOWN async_active 10.0.0.1 300 500 3 true - ``` - -## BGP - -This section explains all the BGP show commands and BGP configuation commands in both "Quagga" and "FRR" routing software that are supported in SONiC. -In 201811 and older verisons "Quagga" was enabled by default. In current version "FRR" is enabled by default. -Most of the FRR show commands start with "show bgp". Similar commands in Quagga starts with "show ip bgp". All sub-options supported in all these show commands are common for FRR and Quagga. -Detailed show commands examples for Quagga are provided at the end of this document.This section captures only the commands supported by FRR. - -### BGP show commands - - -**show bgp summary (Versions >= 201904 using default FRR routing stack)** - -**show ip bgp summary (Versions <= 201811 using Quagga routing stack)** - -This command displays the summary of all IPv4 & IPv6 bgp neighbors that are configured and the corresponding states. - -- Usage: - - *Versions >= 201904 using default FRR routing stack* - ``` - show bgp summary - ``` - *Versions <= 201811 using Quagga routing stack* - ``` - show ip bgp summary - ``` - -- Example: - ``` - admin@sonic:~$ show ip bgp summary - - IPv4 Unicast Summary: - BGP router identifier 10.1.0.32, local AS number 65100 vrf-id 0 - BGP table version 6465 - RIB entries 12807, using 2001 KiB of memory - Peers 4, using 83 KiB of memory - Peer groups 2, using 128 bytes of memory - - Neighbor V AS MsgRcvd MsgSent TblVer InQ OutQ Up/Down State/PfxRcd NeighborName - 10.0.0.57 4 64600 3995 4001 0 0 0 00:39:32 6400 Lab-T1-01 - 10.0.0.59 4 64600 3995 3998 0 0 0 00:39:32 6400 Lab-T1-02 - 10.0.0.61 4 64600 3995 4001 0 0 0 00:39:32 6400 Lab-T1-03 - 10.0.0.63 4 64600 3995 3998 0 0 0 00:39:32 6400 NotAvailable - - Total number of neighbors 4 - ``` - -- Example: - ``` - admin@sonic:~$ show bgp summary - - IPv4 Unicast Summary: - BGP router identifier 10.1.0.32, local AS number 65100 vrf-id 0 - BGP table version 6465 - RIB entries 12807, using 2001 KiB of memory - Peers 4, using 83 KiB of memory - Peer groups 2, using 128 bytes of memory - - Neighbor V AS MsgRcvd MsgSent TblVer InQ OutQ Up/Down State/PfxRcd - 10.0.0.57 4 64600 3995 4001 0 0 0 00:39:32 6400 - 10.0.0.59 4 64600 3995 3998 0 0 0 00:39:32 6400 - 10.0.0.61 4 64600 3995 4001 0 0 0 00:39:32 6400 - 10.0.0.63 4 64600 3995 3998 0 0 0 00:39:32 6400 - - Total number of neighbors 4 - - IPv6 Unicast Summary: - BGP router identifier 10.1.0.32, local AS number 65100 vrf-id 0 - BGP table version 12803 - RIB entries 12805, using 2001 KiB of memory - Peers 4, using 83 KiB of memory - Peer groups 2, using 128 bytes of memory - - Neighbor V AS MsgRcvd MsgSent TblVer InQ OutQ Up/Down State/PfxRcd - fc00::72 4 64600 3995 5208 0 0 0 00:39:30 6400 - fc00::76 4 64600 3994 5208 0 0 0 00:39:30 6400 - fc00::7a 4 64600 3993 5208 0 0 0 00:39:30 6400 - fc00::7e 4 64600 3993 5208 0 0 0 00:39:30 6400 - - Total number of neighbors 4 - ``` - Click [here](#Quagga-BGP-Show-Commands) to see the example for "show ip bgp summary" for Quagga. - - - -**show bgp neighbors (Versions >= 201904 using default FRR routing stack)** - -**show ip bgp neighbors (Versions <= 201811 using Quagga routing stack)** - -This command displays all the details of IPv4 & IPv6 BGP neighbors when no optional argument is specified. - -When the optional argument IPv4_address is specified, it displays the detailed neighbor information about that specific IPv4 neighbor. - -Command has got additional optional arguments to display only the advertised routes, or the received routes, or all routes. - -In order to get details for an IPv6 neigbor, use "show bgp ipv6 neighbor " command. - - -- Usage: - - *Versions >= 201904 using default FRR routing stack* - ``` - show bgp neighbors [ [advertised-routes | received-routes | routes]] - ``` - *Versions <= 201811 using Quagga routing stack* - ``` - show ip bgp neighbors [ [advertised-routes | received-routes | routes]] - ``` - -- Example: - ``` - admin@sonic:~$ show bgp neighbors - BGP neighbor is 10.0.0.57, remote AS 64600, local AS 65100, external link - Description: ARISTA01T1 - BGP version 4, remote router ID 100.1.0.29, local router ID 10.1.0.32 - BGP state = Established, up for 00:42:15 - Last read 00:00:00, Last write 00:00:03 - Hold time is 10, keepalive interval is 3 seconds - Configured hold time is 10, keepalive interval is 3 seconds - Neighbor capabilities: - 4 Byte AS: advertised and received - AddPath: - IPv4 Unicast: RX advertised IPv4 Unicast and received - Route refresh: advertised and received(new) - Address Family IPv4 Unicast: advertised and received - Hostname Capability: advertised (name: sonic-z9264f-9251,domain name: n/a) not received - Graceful Restart Capabilty: advertised and received - Remote Restart timer is 300 seconds - Address families by peer: - none - Graceful restart information: - End-of-RIB send: IPv4 Unicast - End-of-RIB received: IPv4 Unicast - Message statistics: - Inq depth is 0 - Outq depth is 0 - Sent Rcvd - Opens: 2 1 - Notifications: 2 0 - Updates: 3206 3202 - Keepalives: 845 847 - Route Refresh: 0 0 - Capability: 0 0 - Total: 4055 4050 - Minimum time between advertisement runs is 0 seconds - - For address family: IPv4 Unicast - Update group 1, subgroup 1 - Packet Queue length 0 - Inbound soft reconfiguration allowed - Community attribute sent to this neighbor(all) - 6400 accepted prefixes - - Connections established 1; dropped 0 - Last reset 00:42:37, due to NOTIFICATION sent (Cease/Connection collision resolution) - Local host: 10.0.0.56, Local port: 179 - Foreign host: 10.0.0.57, Foreign port: 46419 - Nexthop: 10.0.0.56 - Nexthop global: fc00::71 - Nexthop local: fe80::2204:fff:fe36:9449 - BGP connection: shared network - BGP Connect Retry Timer in Seconds: 120 - Read thread: on Write thread: on - ``` - -Optionally, you can specify an IP address in order to display only that particular neighbor. In this mode, you can optionally specify whether you want to display all routes advertised to the specified neighbor, all routes received from the specified neighbor or all routes (received and accepted) from the specified neighbor. - -- Example: - ``` - admin@sonic:~$ show bgp neighbors 10.0.0.57 - - admin@sonic:~$ show bgp neighbors 10.0.0.57 advertised-routes - - admin@sonic:~$ show bgp neighbors 10.0.0.57 received-routes - - admin@sonic:~$ show bgp neighbors 10.0.0.57 routes - ``` - - Click [here](#Quagga-BGP-Show-Commands) to see the example for "show ip bgp neighbors" for Quagga. - - -**show ip bgp network [[|] [(bestpath | multipath | longer-prefixes | json)]] - -This command displays all the details of IPv4 Border Gateway Protocol (BGP) prefixes. - -- Usage: - - - ``` - show ip bgp network [[|] [(bestpath | multipath | longer-prefixes | json)]] - ``` - -- Example: - - NOTE: The "longer-prefixes" option is only available when a network prefix with a "/" notation is used. - - ``` - admin@sonic:~$ show ip bgp network - - admin@sonic:~$ show ip bgp network 10.1.0.32 bestpath - - admin@sonic:~$ show ip bgp network 10.1.0.32 multipath - - admin@sonic:~$ show ip bgp network 10.1.0.32 json - - admin@sonic:~$ show ip bgp network 10.1.0.32/32 bestpath - - admin@sonic:~$ show ip bgp network 10.1.0.32/32 multipath - - admin@sonic:~$ show ip bgp network 10.1.0.32/32 json - - admin@sonic:~$ show ip bgp network 10.1.0.32/32 longer-prefixes - ``` - -**show bgp ipv6 summary (Versions >= 201904 using default FRR routing stack)** - -**show ipv6 bgp summary (Versions <= 201811 using Quagga routing stack)** - -This command displays the summary of all IPv6 bgp neighbors that are configured and the corresponding states. - -- Usage: - - *Versions >= 201904 using default FRR routing stack* - ``` - show bgp ipv6 summary - ``` - *Versions <= 201811 using Quagga routing stack* - ``` - show ipv6 bgp summary - ``` - -- Example: - ``` - admin@sonic:~$ show bgp ipv6 summary - BGP router identifier 10.1.0.32, local AS number 65100 vrf-id 0 - BGP table version 12803 - RIB entries 12805, using 2001 KiB of memory - Peers 4, using 83 KiB of memory - Peer groups 2, using 128 bytes of memory - - Neighbor V AS MsgRcvd MsgSent TblVer InQ OutQ Up/Down State/PfxRcd NeighborName - fc00::72 4 64600 3995 5208 0 0 0 00:39:30 6400 Lab-T1-01 - fc00::76 4 64600 3994 5208 0 0 0 00:39:30 6400 Lab-T1-02 - fc00::7a 4 64600 3993 5208 0 0 0 00:39:30 6400 Lab-T1-03 - fc00::7e 4 64600 3993 5208 0 0 0 00:39:30 6400 Lab-T1-04 - - Total number of neighbors 4 - ``` - Click [here](#Quagga-BGP-Show-Commands) to see the example for "show ipv6 bgp summary" for Quagga. - - - -**show bgp ipv6 neighbors (Versions >= 201904 using default FRR routing stack)** - -**show ipv6 bgp neighbors (Versions <= 201811 using Quagga routing stack)** - -This command displays all the details of one particular IPv6 Border Gateway Protocol (BGP) neighbor. Option is also available to display only the advertised routes, or the received routes, or all routes. - - -- Usage: - - *Versions >= 201904 using default FRR routing stack* - ``` - show bgp ipv6 neighbors [ [(advertised-routes | received-routes | routes)]] - ``` - *Versions <= 201811 using Quagga routing stack* - ``` - show ipv6 bgp neighbors [ [(advertised-routes | received-routes | routes)]] - ``` - -- Example: - ``` - admin@sonic:~$ show bgp ipv6 neighbors fc00::72 advertised-routes - - admin@sonic:~$ show bgp ipv6 neighbors fc00::72 received-routes - - admin@sonic:~$ show bgp ipv6 neighbors fc00::72 routes - ``` - Click [here](#Quagga-BGP-Show-Commands) to see the example for "show ip bgp summary" for Quagga. - - -**show ipv6 bgp network [[|] [(bestpath | multipath | longer-prefixes | json)]] - -This command displays all the details of IPv6 Border Gateway Protocol (BGP) prefixes. - -- Usage: - - - ``` - show ipv6 bgp network [[|] [(bestpath | multipath | longer-prefixes | json)]] - ``` - -- Example: - - NOTE: The "longer-prefixes" option is only available when a network prefix with a "/" notation is used. - - ``` - admin@sonic:~$ show ipv6 bgp network - - admin@sonic:~$ show ipv6 bgp network fc00::72 bestpath - - admin@sonic:~$ show ipv6 bgp network fc00::72 multipath - - admin@sonic:~$ show ipv6 bgp network fc00::72 json - - admin@sonic:~$ show ipv6 bgp network fc00::72/64 bestpath - - admin@sonic:~$ show ipv6 bgp network fc00::72/64 multipath - - admin@sonic:~$ show ipv6 bgp network fc00::72/64 json - - admin@sonic:~$ show ipv6 bgp network fc00::72/64 longer-prefixes - ``` - - - - -**show route-map** - -This command displays the routing policy that takes precedence over the other route processes that are configured. - -- Usage: - ``` - show route-map - ``` - -- Example: - ``` - admin@sonic:~$ show route-map - ZEBRA: - route-map RM_SET_SRC, permit, sequence 10 - Match clauses: - Set clauses: - src 10.12.0.102 - Call clause: - Action: - Exit routemap - ZEBRA: - route-map RM_SET_SRC6, permit, sequence 10 - Match clauses: - Set clauses: - src fc00:1::102 - Call clause: - Action: - Exit routemap - BGP: - route-map FROM_BGP_SPEAKER_V4, permit, sequence 10 - Match clauses: - Set clauses: - Call clause: - Action: - Exit routemap - BGP: - route-map TO_BGP_SPEAKER_V4, deny, sequence 10 - Match clauses: - Set clauses: - Call clause: - Action: - Exit routemap - BGP: - route-map ISOLATE, permit, sequence 10 - Match clauses: - Set clauses: - as-path prepend 65000 - Call clause: - Action: - Exit routemap - ``` - - -### BGP config commands - -This sub-section explains the list of configuration options available for BGP module for both IPv4 and IPv6 BGP neighbors. - -**config bgp shutdown all** - -This command is used to shutdown all the BGP IPv4 & IPv6 sessions. -When the session is shutdown using this command, BGP state in "show ip bgp summary" is displayed as "Idle (Admin)" - -- Usage: - ``` - config bgp shutdown all - ``` - -- Example: - ``` - admin@sonic:~$ sudo config bgp shutdown all - ``` - -**config bgp shutdown neighbor** - -This command is to shut down a BGP session with a neighbor by that neighbor's IP address or hostname - -- Usage: - ``` - sudo config bgp shutdown neighbor ( | ) - ``` - -- Examples: - ``` - admin@sonic:~$ sudo config bgp shutdown neighbor 192.168.1.124 - ``` - ``` - admin@sonic:~$ sudo config bgp shutdown neighbor SONIC02SPINE - ``` - - -**config bgp startup all** - -This command is used to start up all the IPv4 & IPv6 BGP neighbors - -- Usage: - ``` - config bgp startup all - ``` - -- Example: - ``` - admin@sonic:~$ sudo config bgp startup all - ``` - - -**config bgp startup neighbor** - -This command is used to start up the particular IPv4 or IPv6 BGP neighbor using either the IP address or hostname. - -- Usage: - ``` - config bgp startup neighbor ( | ) - ``` - -- Examples: - ``` - admin@sonic:~$ sudo config bgp startup neighbor 192.168.1.124 - ``` - ``` - admin@sonic:~$ sudo config bgp startup neighbor SONIC02SPINE - ``` - - -**config bgp remove neighbor** - -This command is used to remove particular IPv4 or IPv6 BGP neighbor configuration using either the IP address or hostname. - -- Usage: - ``` - config bgp remove neighbor - ``` - -- Examples: - ``` - admin@sonic:~$ sudo config bgp remove neighbor 192.168.1.124 - ``` - ``` - admin@sonic:~$ sudo config bgp remove neighbor 2603:10b0:b0f:346::4a - ``` - ``` - admin@sonic:~$ sudo config bgp remove neighbor SONIC02SPINE - ``` - -Go Back To [Beginning of the document](#) or [Beginning of this section](#bgp) - -## Console - -This section explains all Console show commands and configuration options that are supported in SONiC. - -All commands are used only when SONiC is used as console switch. - -All commands under this section are not applicable when SONiC used as regular switch. - -### Console show commands - -**show line** - -This command displays serial port or a virtual network connection status. - -- Usage: - ``` - show line (-b|--breif) - ``` - -- Example: - ``` - admin@sonic:~$ show line - Line Baud Flow Control PID Start Time Device - ------ ------ -------------- ----- ------------ -------- - 1 9600 Enabled - - switch1 - 2 - Disabled - - - 3 - Disabled - - - 4 - Disabled - - - 5 - Disabled - - - ``` - -Optionally, you can display configured console ports only by specifying the `-b` or `--breif` flag. - -- Example: - ``` - admin@sonic:~$ show line -b - Line Baud Flow Control PID Start Time Device - ------ ------ -------------- ----- ------------ -------- - 1 9600 Enabled - - switch1 - ``` - -## Console config commands - -This sub-section explains the list of configuration options available for console management module. - -**config console enable** - -This command is used to enable SONiC console switch feature. - -- Usage: - ``` - config console enable - ``` - -- Example: - ``` - admin@sonic:~$ sudo config console enable - ``` - -**config console disable** - -This command is used to disable SONiC console switch feature. - -- Usage: - ``` - config console disable - ``` - -- Example: - ``` - admin@sonic:~$ sudo config console disable - ``` - -**config console add** - -This command is used to add a console port setting. - -- Usage: - ``` - config console add [--baud|-b ] [--flowcontrol|-f] [--devicename|-d ] - ``` - -- Example: - ``` - admin@sonic:~$ config console add 1 --baud 9600 --devicename switch1 - ``` - -**config console del** - -This command is used to remove a console port setting. - -- Usage: - ``` - config console del - ``` - -- Example: - ``` - admin@sonic:~$ sudo config console del 1 - ``` - -**config console remote_device** - -This command is used to update the remote device name for a console port. - -- Usage: - ``` - config console remote_device - ``` - -- Example: - ``` - admin@sonic:~$ sudo config console remote_device 1 switch1 - ``` - -**config console baud** - -This command is used to update the baud rate for a console port. - -- Usage: - ``` - config console baud - ``` - -- Example: - ``` - admin@sonic:~$ sudo config console baud 1 9600 - ``` - -**config console flow_control** - -This command is used to enable or disable flow control feature for a console port. - -- Usage: - ``` - config console flow_control {enable|disable} - ``` - -- Example: - ``` - admin@sonic:~$ sudo config console flow_control enable 1 - ``` - -### Console connect commands - -**connect line** - -This command allows user to connect to a remote device via console line with an interactive cli. - -- Usage: - ``` - connect line (-d|--devicename) - ``` - -By default, the target is `port_name`. - -- Example: - ``` - admin@sonic:~$ connect line 1 - Successful connection to line 1 - Press ^A ^X to disconnect - ``` - -Optionally, you can connect with a remote device name by specifying the `-d` or `--devicename` flag. - -- Example: - ``` - admin@sonic:~$ connect line --devicename switch1 - Successful connection to line 1 - Press ^A ^X to disconnect - ``` - -**connect device** - -This command allows user to connect to a remote device via console line with an interactive cli. - -- Usage: - ``` - connect device - ``` - -The command is same with `connect line --devicename ` - -- Example: - ``` - admin@sonic:~$ connect line 1 - Successful connection to line 1 - Press ^A ^X to disconnect - ``` - -### Console clear commands - -**sonic-clear line** - -This command allows user to connect to a remote device via console line with an interactive cli. - -- Usage: - ``` - sonc-clear line (-d|--devicename) - ``` - -By default, the target is `port_name`. - -- Example: - ``` - admin@sonic:~$ sonic-clear line 1 - ``` - -Optionally, you can clear with a remote device name by specifying the `-d` or `--devicename` flag. - -- Example: - ``` - admin@sonic:~$ sonic-clear --devicename switch1 - ``` - -Go Back To [Beginning of the document](#) or [Beginning of this section](#console) - - -## DHCP Relay - -### DHCP Relay config commands - -This sub-section of commands is used to add or remove the DHCP Relay Destination IP address(es) for a VLAN interface. - -**config vlan dhcp_relay add** - -This command is used to add a DHCP Relay Destination IP address or multiple IP addresses to a VLAN. Note that more than one DHCP Relay Destination IP address can be added on a VLAN interface. - -- Usage: - ``` - config vlan dhcp_relay add - ``` - -- Example: - ``` - admin@sonic:~$ sudo config vlan dhcp_relay add 1000 7.7.7.7 - Added DHCP relay destination address ['7.7.7.7'] to Vlan1000 - Restarting DHCP relay service... - ``` - ``` - admin@sonic:~$ sudo config vlan dhcp_relay add 1000 7.7.7.7 1.1.1.1 - Added DHCP relay destination address ['7.7.7.7', '1.1.1.1'] to Vlan1000 - Restarting DHCP relay service... - ``` - -**config vlan dhcp_relay delete** - -This command is used to delete a configured DHCP Relay Destination IP address or multiple IP addresses from a VLAN interface. - -- Usage: - ``` - config vlan dhcp_relay del - ``` - -- Example: - ``` - admin@sonic:~$ sudo config vlan dhcp_relay del 1000 7.7.7.7 - Removed DHCP relay destination address 7.7.7.7 from Vlan1000 - Restarting DHCP relay service... - ``` - ``` - admin@sonic:~$ sudo config vlan dhcp_relay del 1000 7.7.7.7 1.1.1.1 - Removed DHCP relay destination address ('7.7.7.7', '1.1.1.1') from Vlan1000 - Restarting DHCP relay service... - ``` - -Go Back To [Beginning of the document](#) or [Beginning of this section](#dhcp-relay) - - -## Drop Counters - -This section explains all the Configurable Drop Counters show commands and configuration options that are supported in SONiC. - -### Drop Counters show commands - -**show dropcounters capabilities** - -This command is used to show the drop counter capabilities that are available on this device. It displays the total number of drop counters that can be configured on this device as well as the drop reasons that can be configured for the counters. - -- Usage: - ``` - show dropcounters capabilities - ``` - -- Examples: - ``` - admin@sonic:~$ show dropcounters capabilities - Counter Type Total - -------------------- ------- - PORT_INGRESS_DROPS 3 - SWITCH_EGRESS_DROPS 2 - - PORT_INGRESS_DROPS: - L2_ANY - SMAC_MULTICAST - SMAC_EQUALS_DMAC - INGRESS_VLAN_FILTER - EXCEEDS_L2_MTU - SIP_CLASS_E - SIP_LINK_LOCAL - DIP_LINK_LOCAL - UNRESOLVED_NEXT_HOP - DECAP_ERROR - - SWITCH_EGRESS_DROPS: - L2_ANY - L3_ANY - A_CUSTOM_REASON - ``` - -**show dropcounters configuration** - -This command is used to show the current running configuration of the drop counters on this device. - -- Usage: - ``` - show dropcounters configuration [-g ] - ``` - -- Examples: - ``` - admin@sonic:~$ show dropcounters configuration - Counter Alias Group Type Reasons Description - -------- -------- ----- ------------------ ------------------- -------------- - DEBUG_0 RX_LEGIT LEGIT PORT_INGRESS_DROPS SMAC_EQUALS_DMAC Legitimate port-level RX pipeline drops - INGRESS_VLAN_FILTER - DEBUG_1 TX_LEGIT None SWITCH_EGRESS_DROPS EGRESS_VLAN_FILTER Legitimate switch-level TX pipeline drops - - admin@sonic:~$ show dropcounters configuration -g LEGIT - Counter Alias Group Type Reasons Description - -------- -------- ----- ------------------ ------------------- -------------- - DEBUG_0 RX_LEGIT LEGIT PORT_INGRESS_DROPS SMAC_EQUALS_DMAC Legitimate port-level RX pipeline drops - INGRESS_VLAN_FILTER - ``` - -**show dropcounters counts** - -This command is used to show the current statistics for the configured drop counters. Standard drop counters are displayed as well for convenience. - -Because clear (see below) is handled on a per-user basis different users may see different drop counts. - -- Usage: - ``` - show dropcounters counts [-g ] [-t ] - ``` - -- Example: - ``` - admin@sonic:~$ show dropcounters counts - IFACE STATE RX_ERR RX_DROPS TX_ERR TX_DROPS RX_LEGIT - --------- ------- -------- ---------- -------- ---------- --------- - Ethernet0 U 10 100 0 0 20 - Ethernet4 U 0 1000 0 0 100 - Ethernet8 U 100 10 0 0 0 - - DEVICE TX_LEGIT - ------ -------- - sonic 1000 - - admin@sonic:~$ show dropcounters counts -g LEGIT - IFACE STATE RX_ERR RX_DROPS TX_ERR TX_DROPS RX_LEGIT - --------- ------- -------- ---------- -------- ---------- --------- - Ethernet0 U 10 100 0 0 20 - Ethernet4 U 0 1000 0 0 100 - Ethernet8 U 100 10 0 0 0 - - admin@sonic:~$ show dropcounters counts -t SWITCH_EGRESS_DROPS - DEVICE TX_LEGIT - ------ -------- - sonic 1000 - ``` - -### Drop Counters config commands - -**config dropcounters install** - -This command is used to initialize a new drop counter. The user must specify a name, type, and initial list of drop reasons. - -This command will fail if the given name is already in use, if the type of counter is not supported, or if any of the specified drop reasons are not supported. It will also fail if all avaialble counters are already in use on the device. - -- Usage: - ``` - config dropcounters install [-d ] [-g ] [-a ] - ``` - -- Example: - ``` - admin@sonic:~$ sudo config dropcounters install DEBUG_2 PORT_INGRESS_DROPS [EXCEEDS_L2_MTU,DECAP_ERROR] -d "More port ingress drops" -g BAD -a BAD_DROPS - ``` - -**config dropcounters add_reasons** - -This command is used to add drop reasons to an already initialized counter. - -This command will fail if any of the specified drop reasons are not supported. - -- Usage: - ``` - config dropcounters add_reasons - ``` - -- Example: - ``` - admin@sonic:~$ sudo config dropcounters add_reasons DEBUG_2 [SIP_CLASS_E] - ``` - -**config dropcounters remove_reasons** - -This command is used to remove drop reasons from an already initialized counter. - -- Usage: - ``` - config dropcounters remove_reasons - ``` - -- Example: - ``` - admin@sonic:~$ sudo config dropcounters remove_reasons DEBUG_2 [SIP_CLASS_E] - ``` - -**config dropcounters delete** - -This command is used to delete a drop counter. - -- Usage: - ``` - config dropcounters delete - ``` - -- Example: - ``` - admin@sonic:~$ sudo config dropcounters delete DEBUG_2 - ``` - -### Drop Counters clear commands - -**sonic-clear dropcounters** - -This comnmand is used to clear drop counters. This is done on a per-user basis. - -- Usage: - ``` - sonic-clear dropcounters - ``` - -- Example: - ``` - admin@sonic:~$ sonic-clear dropcounters - Cleared drop counters - ``` - -Go Back To [Beginning of the document](#) or [Beginning of this section](##drop-counters) - -## Dynamic Buffer Management - -This section explains all the show and configuration commands regarding the dynamic buffer management. - -Dynamic buffer management is responsible for calculating buffer size according to the ports' configured speed and administrative state. In order to enable dynamic buffer management feature, the ports' speed must be configured. For this please refer [Interface naming mode config commands](#interface-naming-mode-config-commands) - -### Configuration commands - -**configure shared headroom pool** - -This command is used to configure the shared headroom pool. The shared headroom pool can be enabled in the following ways: - -- Configure the over subscribe ratio. In this case, the size of shared headroom pool is calculated as the accumulative xoff of all of the lossless PG divided by the over subscribe ratio. -- Configure the size. - -In case both of the above parameters have been configured, the `size` will take effect. To disable shared headroom pool, configure both parameters to zero. - -- Usage: - - ``` - config buffer shared-headroom-pool over-subscribe-ratio - config buffer shared-headroom-pool size - ``` - - The range of over-subscribe-ratio is from 1 to number of ports inclusive. - -- Example: - - ``` - admin@sonic:~$ sudo config shared-headroom-pool over-subscribe-ratio 2 - admin@sonic:~$ sudo config shared-headroom-pool size 1024000 - ``` - -**configure a lossless buffer profile** - -This command is used to configure a lossless buffer profile. - -- Usage: - - ``` - config buffer profile add --xon --xoff [-size ] [-dynamic_th ] [-pool ] - config buffer profile set --xon --xoff [-size ] [-dynamic_th ] [-pool ] - config buffer profile remove - ``` - - All the parameters are devided to two groups, one for headroom and one for dynamic_th. For any command at lease one group of parameters should be provided. - For headroom parameters: - - - `xon` is madantory. - - If shared headroom pool is disabled: - - At lease one of `xoff` and `size` should be provided and the other will be optional and conducted via the formula `xon + xoff = size`. - - `xon` + `xoff` <= `size`; For Mellanox platform xon + xoff == size - - If shared headroom pool is enabled: - - `xoff` should be provided. - - `size` = `xoff` if it is not provided. - - If only headroom parameters are provided, the `dynamic_th` will be taken from `CONFIG_DB.DEFAULT_LOSSLESS_BUFFER_PARAMETER.default_dynamic_th`. - - If only dynamic_th parameter is provided, the `headroom_type` will be set as `dynamic` and `xon`, `xoff` and `size` won't be set. This is only used for non default dynamic_th. In this case, the profile won't be deployed to ASIC directly. It can be configured to a lossless PG and then a dynamic profile will be generated based on the port's speed, cable length, and MTU and deployed to the ASIC. - - The subcommand `add` is designed for adding a new buffer profile to the system. - - The subcommand `set` is designed for modifying an existing buffer profile in the system. - For a profile with dynamically calculated headroom information, only `dynamic_th` can be modified. - - The subcommand `remove` is designed for removing an existing buffer profile from the system. When removing a profile, it shouldn't be referenced by any entry in `CONFIG_DB.BUFFER_PG`. - -- Example: - - ``` - admin@sonic:~$ sudo config buffer profile add profile1 --xon 18432 --xoff 18432 - admin@sonic:~$ sudo config buffer profile remove profile1 - ``` - -**config interface cable_length** - -This command is used to configure the length of the cable connected to a port. The cable_length is in unit of meters and must be suffixed with "m". - -- Usage: - - ``` - config interface cable_length - ``` - -- Example: - - ``` - admin@sonic:~$ sudo config interface cable_length Ethernet0 40m - ``` - -Go Back To [Beginning of the document](#) or [Beginning of this section](#dynamic-buffer-management) - -**config interface buffer priority-group lossless** - -This command is used to configure the priority groups on which lossless traffic runs. - -- Usage: - - ``` - config interface buffer priority-group lossless add [profile] - config interface buffer priority-group lossless set [profile] - config interface buffer priority-group lossless remove [] - ``` - - The can be in one of the following two forms: - - - For a range of priorities, the lower bound and upper bound connected by a dash, like `3-4` - - For a single priority, the number, like `6` - - The `pg-map` represents the map of priorities for lossless traffic. It should be a string and in form of a bit map like `3-4`. The `-` connects the lower bound and upper bound of a range of priorities. - - The subcommand `add` is designed for adding a new lossless PG on top of current PGs. The new PG range must be disjoint with all existing PGs. - - For example, currently the PG range 3-4 exist on port Ethernet4, to add PG range 4-5 will fail because it isn't disjoint with 3-4. To add PG range 5-6 will succeed. After that both range 3-4 and 5-6 will work as lossless PG. - - The `override-profile` parameter is optional. When provided, it represents the predefined buffer profile for headroom override. - - The subcommand `set` is designed for modifying an existing PG from dynamic calculation to headroom override or vice versa. The `pg-map` must be an existing PG. - - The subcommand `remove` is designed for removing an existing PG. The option `pg-map` must be an existing PG. All lossless PGs will be removed in case no `pg-map` provided. - -- Example: - - To configure lossless_pg on a port: - - ``` - admin@sonic:~$ sudo config interface buffer priority-group lossless add Ethernet0 3-4 - ``` - - To change the profile used for lossless_pg on a port: - - ``` - admin@sonic:~$ sudo config interface buffer priority-group lossless set Ethernet0 3-4 new-profile - ``` - - To remove one lossless priority from a port: - - ``` - admin@sonic:~$ sudo config interface buffer priority-group lossless remove Ethernet0 6 - ``` - - To remove all lossless priorities from a port: - - ``` - admin@sonic:~$ sudo config interface buffer priority-group lossless remove Ethernet0 - ``` - -Go Back To [Beginning of the document](#) or [Beginning of this section](#dynamic-buffer-management) - -**config interface buffer queue** - -This command is used to configure the buffer profiles for queues. - -- Usage: - - ``` - config interface buffer queue add - config interface buffer queue set - config interface buffer queue remove - ``` - - The represents the map of queues. It can be in one of the following two forms: - - - For a range of priorities, the lower bound and upper bound connected by a dash, like `3-4` - - For a single priority, the number, like `6` - - The subcommand `add` is designed for adding a buffer profile for a group of queues. The new queue range must be disjoint with all queues with buffer profile configured. - - For example, currently the buffer profile configured on queue 3-4 on port Ethernet4, to configure buffer profile on queue 4-5 will fail because it isn't disjoint with 3-4. To configure it on range 5-6 will succeed. - - The `profile` parameter represents a predefined egress buffer profile to be configured on the queues. - - The subcommand `set` is designed for modifying an existing group of queues. - - The subcommand `remove` is designed for removing buffer profile on an existing group of queues. - -- Example: - - To configure buffer profiles for queues on a port: - - ``` - admin@sonic:~$ sudo config interface buffer queue add Ethernet0 3-4 egress_lossless_profile - ``` - - To change the profile used for queues on a port: - - ``` - admin@sonic:~$ sudo config interface buffer queue set Ethernet0 3-4 new-profile - ``` - - To remove a group of queues from a port: - - ``` - admin@sonic:~$ sudo config interface buffer queue remove Ethernet0 3-4 - ``` - -Go Back To [Beginning of the document](#) or [Beginning of this section](#dynamic-buffer-management) - -### Show commands - -**show buffer information** - -This command is used to display the status of buffer pools and profiles currently deployed to the ASIC. - -- Usage: - - ``` - show buffer information - ``` - -- Example: - - ``` - admin@sonic:~$ show buffer information - Pool: ingress_lossless_pool - ---- -------- - type ingress - mode dynamic - size 17170432 - ---- -------- - - Pool: egress_lossless_pool - ---- -------- - type egress - mode dynamic - size 34340822 - ---- -------- - - Pool: ingress_lossy_pool - ---- -------- - type ingress - mode dynamic - size 17170432 - ---- -------- - - Pool: egress_lossy_pool - ---- -------- - type egress - mode dynamic - size 17170432 - ---- -------- - - Profile: pg_lossless_100000_5m_profile - ---------- ----------------------------------- - xon 18432 - dynamic_th 0 - xoff 18432 - pool [BUFFER_POOL:ingress_lossless_pool] - size 36864 - ---------- ----------------------------------- - - Profile: q_lossy_profile - ---------- ------------------------------- - dynamic_th 3 - pool [BUFFER_POOL:egress_lossy_pool] - size 0 - ---------- ------------------------------- - - Profile: egress_lossy_profile - ---------- ------------------------------- - dynamic_th 3 - pool [BUFFER_POOL:egress_lossy_pool] - size 4096 - ---------- ------------------------------- - - Profile: egress_lossless_profile - ---------- ---------------------------------- - dynamic_th 7 - pool [BUFFER_POOL:egress_lossless_pool] - size 0 - ---------- ---------------------------------- - - Profile: ingress_lossless_profile - ---------- ----------------------------------- - dynamic_th 0 - pool [BUFFER_POOL:ingress_lossless_pool] - size 0 - ---------- ----------------------------------- - - Profile: pg_lossless_100000_79m_profile - ---------- ----------------------------------- - xon 18432 - dynamic_th 0 - xoff 60416 - pool [BUFFER_POOL:ingress_lossless_pool] - size 78848 - ---------- ----------------------------------- - - Profile: pg_lossless_100000_40m_profile - ---------- ----------------------------------- - xon 18432 - dynamic_th 0 - xoff 38912 - pool [BUFFER_POOL:ingress_lossless_pool] - size 57344 - ---------- ----------------------------------- - - Profile: ingress_lossy_profile - ---------- -------------------------------- - dynamic_th 3 - pool [BUFFER_POOL:ingress_lossy_pool] - size 0 - ---------- -------------------------------- - ``` - -**show buffer configuration** - -This command is used to display the status of buffer pools and profiles currently configured. - -- Usage: - - ``` - show buffer configuration - ``` - -- Example: - - ``` - admin@sonic:~$ show buffer configuration - Lossless traffic pattern: - -------------------- - - default_dynamic_th 0 - over_subscribe_ratio 0 - -------------------- - - - Pool: ingress_lossless_pool - ---- -------- - type ingress - mode dynamic - ---- -------- - - Pool: egress_lossless_pool - ---- -------- - type egress - mode dynamic - size 34340822 - ---- -------- - - Pool: ingress_lossy_pool - ---- -------- - type ingress - mode dynamic - ---- -------- - - Pool: egress_lossy_pool - ---- -------- - type egress - mode dynamic - ---- -------- - - Profile: q_lossy_profile - ---------- ------------------------------- - dynamic_th 3 - pool [BUFFER_POOL:egress_lossy_pool] - size 0 - ---------- ------------------------------- - - Profile: egress_lossy_profile - ---------- ------------------------------- - dynamic_th 3 - pool [BUFFER_POOL:egress_lossy_pool] - size 4096 - ---------- ------------------------------- - - Profile: egress_lossless_profile - ---------- ---------------------------------- - dynamic_th 7 - pool [BUFFER_POOL:egress_lossless_pool] - size 0 - ---------- ---------------------------------- - - Profile: ingress_lossless_profile - ---------- ----------------------------------- - dynamic_th 0 - pool [BUFFER_POOL:ingress_lossless_pool] - size 0 - ---------- ----------------------------------- - - Profile: ingress_lossy_profile - ---------- -------------------------------- - dynamic_th 3 - pool [BUFFER_POOL:ingress_lossy_pool] - size 0 - ---------- -------------------------------- - ``` - -## ECN - -This section explains all the Explicit Congestion Notification (ECN) show commands and ECN configuation options that are supported in SONiC. - -### ECN show commands -This sub-section contains the show commands that are supported in ECN. - -**show ecn** - -This command displays all the WRED profiles that are configured in the device. - -- Usage: - ``` - show ecn - ``` - -- Example: - ``` - admin@sonic:~$ show ecn - Profile: **AZURE_LOSSLESS** - ----------------------- ------- - red_max_threshold 2097152 - red_drop_probability 5 - yellow_max_threshold 2097152 - ecn ecn_all - green_min_threshold 1048576 - red_min_threshold 1048576 - wred_yellow_enable true - yellow_min_threshold 1048576 - green_max_threshold 2097152 - green_drop_probability 5 - wred_green_enable true - yellow_drop_probability 5 - wred_red_enable true - ----------------------- ------- - - Profile: **wredprofileabcd** - ----------------- --- - red_max_threshold 100 - ----------------- --- - ``` - -### ECN config commands - -This sub-section contains the configuration commands that can configure the WRED profiles. - -**config ecn** - -This command configures the possible fields in a particular WRED profile that is specified using "-profile " argument. -The list of the WRED profile fields that are configurable is listed in the below "Usage". - -- Usage: - ``` - config ecn -profile [-rmax ] [-rmin ] [-ymax ] [-ymin ] [-gmax ] [-gmin ] [-v|--verbose] - ``` - - - Parameters: - - profile_name Profile name - - red_threshold_max Set red max threshold - - red_threshold_min Set red min threshold - - yellow_threshold_max Set yellow max threshold - - yellow_threshold_min Set yellow min threshold - - green_threshold_max Set green max threshold - - green_threshold_min Set green min threshold - -- Example (Configures the "red max threshold" for the WRED profile name "wredprofileabcd". It will create the WRED profile if it does not exist.): - ``` - admin@sonic:~$ sudo config ecn -profile wredprofileabcd -rmax 100 - ``` - -Go Back To [Beginning of the document](#) or [Beginning of this section](#ecn) - -## Feature - -SONiC includes a capability in which Feature state can be enabled/disabled -which will make corresponding feature docker container to start/stop. - -Also SONiC provide capability in which Feature docker container can be automatically shut -down and restarted if one of critical processes running in the container exits -unexpectedly. Restarting the entire feature container ensures that configuration is -reloaded and all processes in the feature container get restarted, thus increasing the -likelihood of entering a healthy state. - -### Feature show commands - -**show feature config** - -Shows the config of given feature or all if no feature is given. The "fallback" is shown only if configured. The fallback defaults to "true" when not configured. - -- Usage: - ``` - show feature config [] - ``` - -- Example: - ``` - admin@sonic:~$ show feature config - Feature State AutoRestart Owner fallback - -------------- -------- ------------- ------- ---------- - bgp enabled enabled local - database enabled disabled local - dhcp_relay enabled enabled kube - lldp enabled enabled kube true - mgmt-framework enabled enabled local - nat disabled enabled local - pmon enabled enabled kube - radv enabled enabled kube - sflow disabled enabled local - snmp enabled enabled kube - swss enabled enabled local - syncd enabled enabled local - teamd enabled enabled local - telemetry enabled enabled kube - ``` - -**show feature status** - -Shows the status of given feature or all if no feature is given. The "fallback" defaults to "true" when not configured. -The subset of features are configurable for remote management and only those report additional data. - -- Usage: - ``` - show feature status [] - ``` - -- Example: - ``` - admin@sonic:~$ show feature status - Feature State AutoRestart SystemState UpdateTime ContainerId ContainerVersion SetOwner CurrentOwner RemoteState - -------------- -------- ------------- ------------- ------------------- ------------- ------------------ ---------- -------------- ------------- - bgp enabled enabled up local local none - database enabled disabled local - dhcp_relay enabled enabled up 2020-11-15 18:21:09 249e70102f55 20201230.100 kube local - lldp enabled enabled up 2020-11-15 18:21:09 779c2d55ee12 20201230.100 kube local - mgmt-framework enabled enabled up local local none - nat disabled enabled local - pmon enabled enabled up 2020-11-15 18:20:27 a2b9ffa8aba3 20201230.100 kube local - radv enabled enabled up 2020-11-15 18:21:05 d8ff27dcfe46 20201230.100 kube local - sflow disabled enabled local - snmp enabled enabled up 2020-11-15 18:25:51 8b7d5529e306 20201230.111 kube kube running - swss enabled enabled up local local none - syncd enabled enabled up local local none - teamd enabled enabled up local local none - telemetry enabled enabled down 2020-11-15 18:24:59 20201230.100 kube none - ``` - -**config feature owner** - -Configures the owner for a feature as "local" or "kube". The "local" implies starting the feature container from local image. The "kube" implies that kubernetes server is made eligible to deploy the feature. The deployment of a feature by kubernetes is conditional based on many factors like, whether the kube server is configured or not, connected-to-kube-server or not and if that master has manifest for this feature for this switch or not and more. At some point in future, the deployment *could* happen and till that point the feature can run from local image, called "fallback". The fallback is allowed by default and it could be toggled to "not allowed". When fallback is not allowed, the feature would run only upon deployment by kubernetes master. - -- Usage: - ``` - config feature owner [] [local/kube] - ``` - -- Example: - ``` - admin@sonic:~$ sudo config feature owner snmp kube - ``` - -**config feature fallback** - -Features configured for "kube" deployment could be allowed to fallback to using local image, until the point of successful kube deployment. The fallback is allowed by default. - -- Usage: - ``` - config feature fallback [] [on/off] - ``` - -- Example: - ``` - admin@sonic:~$ sudo config feature fallback snmp on - ``` - -**show feature autorestart** - -This command will display the status of auto-restart for feature container. - -- Usage: - ``` - show feature autorestart [] - admin@sonic:~$ show feature autorestart - Feature AutoRestart - ---------- -------------- - bgp enabled - database always_enabled - dhcp_relay enabled - lldp enabled - pmon enabled - radv enabled - snmp enabled - swss enabled - syncd enabled - teamd enabled - telemetry enabled - ``` - -Optionally, you can specify a feature name in order to display -status for that feature - -### Feature config commands - -**config feature state ** - -This command will configure the state for a specific feature. - -- Usage: - ``` - config feature state (enabled | disabled) - admin@sonic:~$ sudo config feature state bgp disabled - ``` - -**config feature autorestart ** - -This command will configure the status of auto-restart for a specific feature container. - -- Usage: - ``` - config feature autorestart (enabled | disabled) - admin@sonic:~$ sudo config feature autorestart bgp disabled - ``` -NOTE: If the existing state or auto-restart value for a feature is "always_enabled" then config -commands are don't care and will not update state/auto-restart value. - -Go Back To [Beginning of the document](#) or [Beginning of this section](#feature) - -## Flow Counters - -This section explains all the Flow Counters show commands, clear commands and config commands that are supported in SONiC. Flow counters are usually used for debugging, troubleshooting and performance enhancement processes. Flow counters supports case like: - - - Host interface traps (number of received traps per Trap ID) - - Routes matching the configured prefix pattern (number of hits and number of bytes) - -### Flow Counters show commands - -**show flowcnt-trap stats** - -This command is used to show the current statistics for the registered host interface traps. - -Because clear (see below) is handled on a per-user basis different users may see different counts. - -- Usage: - ``` - show flowcnt-trap stats - ``` - -- Example: - ``` - admin@sonic:~$ show flowcnt-trap stats - Trap Name Packets Bytes PPS - --------- --------- ------- ------- - dhcp 100 2,000 50.25/s - - For multi-ASIC: - admin@sonic:~$ show flowcnt-trap stats - ASIC ID Trap Name Packets Bytes PPS - ------- ----------- --------- ------- ------- - asic0 dhcp 100 2,000 50.25/s - asic1 dhcp 200 3,000 45.25/s - ``` - -**show flowcnt-route stats** - -This command is used to show the current statistics for route flow patterns. - -Because clear (see below) is handled on a per-user basis different users may see different counts. - -- Usage: - ``` - show flowcnt-route stats - show flowcnt-route stats pattern [--vrf ] - show flowcnt-route stats route [--vrf ] - ``` - -- Example: - ``` - admin@sonic:~$ show flowcnt-route stats - Route pattern VRF Matched routes Packets Bytes - -------------------------------------------------------------------------------------- - 3.3.0.0/16 default 3.3.1.0/24 100 4543 - 3.3.2.3/32 3443 929229 - 3.3.0.0/16 0 0 - 2000::/64 default 2000::1/128 100 4543 - ``` - -The "pattern" subcommand is used to display the route flow counter statistics by route pattern. - -- Example: - ``` - admin@sonic:~$ show flowcnt-route stats pattern 3.3.0.0/16 - Route pattern VRF Matched routes Packets Bytes - -------------------------------------------------------------------------------------- - 3.3.0.0/16 default 3.3.1.0/24 100 4543 - 3.3.2.3/32 3443 929229 - 3.3.0.0/16 0 0 - ``` - -The "route" subcommand is used to display the route flow counter statistics by route prefix. - ``` - admin@sonic:~$ show flowcnt-route stats route 3.3.3.2/32 --vrf Vrf_1 - Route VRF Route Pattern Packets Bytes - ----------------------------------------------------------------------------------------- - 3.3.3.2/32 Vrf_1 3.3.0.0/16 100 4543 - ``` - -### Flow Counters clear commands - -**sonic-clear flowcnt-trap** - -This command is used to clear the current statistics for the registered host interface traps. This is done on a per-user basis. - -- Usage: - ``` - sonic-clear flowcnt-trap - ``` - -- Example: - ``` - admin@sonic:~$ sonic-clear flowcnt-trap - Trap Flow Counters were successfully cleared - ``` - -**sonic-clear flowcnt-route** - -This command is used to clear the current statistics for the route flow counter. This is done on a per-user basis. - -- Usage: - ``` - sonic-clear flowcnt-route - sonic-clear flowcnt-route pattern [--vrf ] - sonic-clear flowcnt-route route [--vrf ] - ``` - -- Example: - ``` - admin@sonic:~$ sonic-clear flowcnt-route - Route Flow Counters were successfully cleared - ``` - -The "pattern" subcommand is used to clear the route flow counter statistics by route pattern. - -- Example: - ``` - admin@sonic:~$ sonic-clear flowcnt-route pattern 3.3.0.0/16 --vrf Vrf_1 - Flow Counters of all routes matching the configured route pattern were successfully cleared - ``` - -The "route" subcommand is used to clear the route flow counter statistics by route prefix. - -- Example: - ``` - admin@sonic:~$ sonic-clear flowcnt-route route 3.3.3.2/32 --vrf Vrf_1 - Flow Counters of the specified route were successfully cleared - ``` - -### Flow Counters config commands - -**config flowcnt-route pattern add** - -This command is used to add or update the route pattern which is used by route flow counter to match route entries. - -- Usage: - ``` - config flowcnt-route pattern add [--vrf ] [--max ] - ``` - -- Example: - ``` - admin@sonic:~$ config flowcnt-route pattern add 2.2.0.0/16 --vrf Vrf_1 --max 50 - ``` - -**config flowcnt-route pattern remove** - -This command is used to remove the route pattern which is used by route flow counter to match route entries. - -- Usage: - ``` - config flowcnt-route pattern remove [--vrf ] - ``` - -- Example: - ``` - admin@sonic:~$ config flowcnt-route pattern remove 2.2.0.0/16 --vrf Vrf_1 - ``` - - -Go Back To [Beginning of the document](#) or [Beginning of this section](#flow-counters) -## Gearbox - -This section explains all the Gearbox PHY show commands that are supported in SONiC. - -### Gearbox show commands -This sub-section contains the show commands that are supported for gearbox phy. - -**show gearbox interfaces status** - -This command displays information about the gearbox phy interface lanes, speeds and status. Data is displayed for both MAC side and line side of the gearbox phy - -- Usage: - ``` - show gearbox interfaces status - ``` - -- Example: - -``` -home/admin# show gearbox interfaces status - PHY Id Interface MAC Lanes MAC Lane Speed PHY Lanes PHY Lane Speed Line Lanes Line Lane Speed Oper Admin --------- ----------- ----------- ---------------- ----------- ---------------- ------------ ----------------- ------ ------- - 1 Ethernet0 25,26,27,28 10G 200,201 20G 206 40G up up - 1 Ethernet4 29,30,31,32 10G 202,203 20G 207 40G up up - 1 Ethernet8 33,34,35,36 10G 204,205 20G 208 40G up up - - ``` - -**show gearbox phys status** - -This command displays basic information about the gearbox phys configured on the switch. - -- Usage: - ``` - show gearbox phys status - ``` - -- Example: - -``` -/home/admin# show gearbox phys status - PHY Id Name Firmware --------- ------- ---------- - 1 sesto-1 v0.1 - - ``` - -Go Back To [Beginning of the document](#) or [Beginning of this section](#gearbox) - - -## Update Device Hostname Configuration Commands - -This sub-section of commands is used to change device hostname without traffic being impacted. - -**config hostname** - -This command is used to change device hostname without traffic being impacted. - -- Usage: - ``` - config hostname - ``` - -- Example: - ``` - admin@sonic:~$ sudo config hostname CSW06 - Please note loaded setting will be lost after system reboot. To preserve setting, run `config save`. - ``` - -## Interfaces - -### Interface Show Commands - -This sub-section lists all the possible show commands for the interfaces available in the device. Following example gives the list of possible shows on interfaces. -Subsequent pages explain each of these commands in detail. - -- Example: - ``` - admin@sonic:~$ show interfaces -? - - Show details of the network interfaces - - Options: - -?, -h, --help Show this message and exit. - - Commands: - autoneg Show interface autoneg information - breakout Show Breakout Mode information by interfaces - counters Show interface counters - description Show interface status, protocol and... - mpls Show Interface MPLS status - naming_mode Show interface naming_mode status - neighbor Show neighbor related information - portchannel Show PortChannel information - status Show Interface status information - tpid Show Interface tpid information - transceiver Show SFP Transceiver information - ``` - -**show interfaces autoneg** - -This show command displays the port auto negotiation status for all interfaces i.e. interface name, auto negotiation mode, speed, advertised speeds, interface type, advertised interface types, operational status, admin status. For a single interface, provide the interface name with the sub-command. - -- Usage: - ``` - show interfaces autoneg status - show interfaces autoneg status - ``` - -- Example: - ``` - admin@sonic:~$ show interfaces autoneg status - Interface Auto-Neg Mode Speed Adv Speeds Type Adv Types Oper Admin - ----------- --------------- ------- ------------ ------ ----------- ------ ------- - Ethernet0 enabled 25G 10G,25G CR CR,CR4 up up - Ethernet4 disabled 100G all CR4 all up up - - admin@sonic:~$ show interfaces autoneg status Ethernet8 - Interface Auto-Neg Mode Speed Adv Speeds Type Adv Types Oper Admin - ----------- --------------- ------- ------------ ------ ----------- ------ ------- - Ethernet8 disabled 100G N/A CR4 N/A up up - ``` - -**show interfaces breakout (Versions >= 202006)** - -This show command displays the port capability for all interfaces i.e. index, lanes, default_brkout_mode, breakout_modes(i.e. available breakout modes) and brkout_mode (i.e. current breakout mode). To display current breakout mode, "current-mode" subcommand can be used.For a single interface, provide the interface name with the sub-command. - -- Usage: - ``` - show interfaces breakout - show interfaces breakout current-mode - show interfaces breakout current-mode - ``` - -- Example: - ``` - admin@lnos-x1-a-fab01:~$ show interfaces breakout - { - "Ethernet0": { - "index": "1,1,1,1", - "default_brkout_mode": "1x100G[40G]", - "child ports": "Ethernet0", - "child port speed": "100G", - "breakout_modes": "1x100G[40G],2x50G,4x25G[10G]", - "Current Breakout Mode": "1x100G[40G]", - "lanes": "65,66,67,68", - "alias_at_lanes": "Eth1/1, Eth1/2, Eth1/3, Eth1/4" - },... continue - } - ``` -The "current-mode" subcommand is used to display current breakout mode for all interfaces. - ``` - admin@lnos-x1-a-fab01:~$ show interfaces breakout current-mode - +-------------+-------------------------+ - | Interface | Current Breakout Mode | - +=============+=========================+ - | Ethernet0 | 4x25G[10G] | - +-------------+-------------------------+ - | Ethernet4 | 4x25G[10G] | - +-------------+-------------------------+ - | Ethernet8 | 4x25G[10G] | - +-------------+-------------------------+ - | Ethernet12 | 4x25G[10G] | - +-------------+-------------------------+ - - admin@lnos-x1-a-fab01:~$ show interfaces breakout current-mode Ethernet0 - +-------------+-------------------------+ - | Interface | Current Breakout Mode | - +=============+=========================+ - | Ethernet0 | 4x25G[10G] | - +-------------+-------------------------+ - ``` - -**show interfaces counters** - -This show command displays packet counters for all interfaces since the last time the counters were cleared. To display l3 counters "rif" subcommand can be used. There is no facility to display counters for one specific l2 interface. For l3 interfaces a single interface output mode is present. Optional argument "-a" provides two additional columns - RX-PPS and TX_PPS. -Optional argument "-p" specify a period (in seconds) with which to gather counters over. - -- Usage: - ``` - show interfaces counters [-a|--printall] [-p|--period ] - show interfaces counters errors - show interfaces counters rates - show interfaces counters rif [-p|--period ] [-i ] - ``` - -- Example: - ``` - admin@sonic:~$ show interfaces counters - IFACE STATE RX_OK RX_BPS RX_UTIL RX_ERR RX_DRP RX_OVR TX_OK TX_BPS TX_UTIL TX_ERR TX_DRP TX_OVR - ----------- ------- --------------- ----------- --------- -------- -------- -------- --------------- ----------- --------- -------- -------- -------- - Ethernet0 U 471,729,839,997 653.87 MB/s 12.77% 0 18,682 0 409,682,385,925 556.84 MB/s 10.88% 0 0 0 - Ethernet4 U 453,838,006,636 632.97 MB/s 12.36% 0 1,636 0 388,299,875,056 529.34 MB/s 10.34% 0 0 0 - Ethernet8 U 549,034,764,539 761.15 MB/s 14.87% 0 18,274 0 457,603,227,659 615.20 MB/s 12.02% 0 0 0 - Ethernet12 U 458,052,204,029 636.84 MB/s 12.44% 0 17,614 0 388,341,776,615 527.37 MB/s 10.30% 0 0 0 - Ethernet16 U 16,679,692,972 13.83 MB/s 0.27% 0 17,605 0 18,206,586,265 17.51 MB/s 0.34% 0 0 0 - Ethernet20 U 47,983,339,172 35.89 MB/s 0.70% 0 2,174 0 58,986,354,359 51.83 MB/s 1.01% 0 0 0 - Ethernet24 U 33,543,533,441 36.59 MB/s 0.71% 0 1,613 0 43,066,076,370 49.92 MB/s 0.97% 0 0 0 - - admin@sonic:~$ show interfaces counters -i Ethernet4,Ethernet12-16 - IFACE STATE RX_OK RX_BPS RX_UTIL RX_ERR RX_DRP RX_OVR TX_OK TX_BPS TX_UTIL TX_ERR TX_DRP TX_OVR - ----------- ------- --------------- ----------- --------- -------- -------- -------- --------------- ----------- --------- -------- -------- -------- - Ethernet4 U 453,838,006,636 632.97 MB/s 12.36% 0 1,636 0 388,299,875,056 529.34 MB/s 10.34% 0 0 0 - Ethernet12 U 458,052,204,029 636.84 MB/s 12.44% 0 17,614 0 388,341,776,615 527.37 MB/s 10.30% 0 0 0 - Ethernet16 U 16,679,692,972 13.83 MB/s 0.27% 0 17,605 0 18,206,586,265 17.51 MB/s 0.34% 0 0 0 - ``` - -The "errors" subcommand is used to display the interface errors. - -- Example: - ``` - admin@str-s6000-acs-11:~$ show interface counters errors - IFACE STATE RX_ERR RX_DRP RX_OVR TX_ERR TX_DRP TX_OVR - ----------- ------- -------- -------- -------- -------- -------- -------- - Ethernet0 U 0 4 0 0 0 0 - Ethernet4 U 0 0 0 0 0 0 - Ethernet8 U 0 1 0 0 0 0 - Ethernet12 U 0 0 0 0 0 0 - ``` - -The "rates" subcommand is used to disply only the interface rates. - -- Example: - ``` - admin@str-s6000-acs-11:/usr/bin$ show int counters rates - IFACE STATE RX_OK RX_BPS RX_PPS RX_UTIL TX_OK TX_BPS TX_PPS TX_UTIL - ----------- ------- ------- -------- -------- --------- ------- -------- -------- --------- - Ethernet0 U 467510 N/A N/A N/A 466488 N/A N/A N/A - Ethernet4 U 469679 N/A N/A N/A 469245 N/A N/A N/A - Ethernet8 U 466660 N/A N/A N/A 465982 N/A N/A N/A - Ethernet12 U 466579 N/A N/A N/A 466318 N/A N/A N/A - ``` - - -The "rif" subcommand is used to display l3 interface counters. Layer 3 interfaces include router interfaces, portchannels and vlan interfaces. - -- Example: - -``` - admin@sonic:~$ show interfaces counters rif - IFACE RX_OK RX_BPS RX_PPS RX_ERR TX_OK TX_BPS TX_PPS TX_ERR ---------------- ------- ---------- -------- -------- ------- -------- -------- -------- -PortChannel0001 62,668 107.81 B/s 1.34/s 3 6 0.02 B/s 0.00/s 0 -PortChannel0002 62,645 107.77 B/s 1.34/s 3 2 0.01 B/s 0.00/s 0 -PortChannel0003 62,481 107.56 B/s 1.34/s 3 3 0.01 B/s 0.00/s 0 -PortChannel0004 62,732 107.88 B/s 1.34/s 2 3 0.01 B/s 0.00/s 0 - Vlan1000 0 0.00 B/s 0.00/s 0 0 0.00 B/s 0.00/s 0 -``` - - -Optionally, you can specify a layer 3 interface name to display the counters in single interface mode. - -- Example: - -``` - admin@sonic:~$ show interfaces counters rif PortChannel0001 - PortChannel0001 - --------------- - - RX: - 3269 packets - 778494 bytesq - 3 error packets - 292 error bytes - TX: - 0 packets - 0 bytes - 0 error packets - 0 error bytes -``` - - -Optionally, you can specify a period (in seconds) with which to gather counters over. Note that this function will take `` seconds to execute. - -- Example: - -``` - admin@sonic:~$ show interfaces counters -p 5 - IFACE STATE RX_OK RX_BPS RX_UTIL RX_ERR RX_DRP RX_OVR TX_OK TX_BPS TX_UTIL TX_ERR TX_DRP TX_OVR - ----------- ------- ------- ----------- --------- -------- -------- -------- ------- ----------- --------- -------- -------- -------- - Ethernet0 U 515 59.14 KB/s 0.00% 0 0 0 1,305 127.60 KB/s 0.00% 0 0 0 - Ethernet4 U 305 26.54 KB/s 0.00% 0 0 0 279 39.12 KB/s 0.00% 0 0 0 - Ethernet8 U 437 42.96 KB/s 0.00% 0 0 0 182 18.37 KB/s 0.00% 0 0 0 - Ethernet12 U 284 40.79 KB/s 0.00% 0 0 0 160 13.03 KB/s 0.00% 0 0 0 - Ethernet16 U 377 32.64 KB/s 0.00% 0 0 0 214 18.01 KB/s 0.00% 0 0 0 - Ethernet20 U 284 36.81 KB/s 0.00% 0 0 0 138 8758.25 B/s 0.00% 0 0 0 - Ethernet24 U 173 16.09 KB/s 0.00% 0 0 0 169 11.39 KB/s 0.00% 0 0 0 -``` - -- NOTE: Interface counters can be cleared by the user with the following command: - - ``` - admin@sonic:~$ sonic-clear counters - ``` - -- NOTE: Layer 3 interface counters can be cleared by the user with the following command: - - ``` - admin@sonic:~$ sonic-clear rifcounters - ``` - -**show interfaces description** - -This command displays the key fields of the interfaces such as Operational Status, Administrative Status, Alias and Description. - -- Usage: - ``` - show interfaces description [] - ``` - -- Example: - ``` - admin@sonic:~$ show interfaces description - Interface Oper Admin Alias Description - ----------- ------ ------- --------------- -------------------- - Ethernet0 down up hundredGigE1/1 T0-1:hundredGigE1/30 - Ethernet4 down up hundredGigE1/2 T0-2:hundredGigE1/30 - Ethernet8 down down hundredGigE1/3 hundredGigE1/3 - Ethernet12 down down hundredGigE1/4 hundredGigE1/4 - ``` - -- Example (to only display the description for interface Ethernet4): - - ``` - admin@sonic:~$ show interfaces description Ethernet4 - Interface Oper Admin Alias Description - ----------- ------ ------- -------------- -------------------- - Ethernet4 down up hundredGigE1/2 T0-2:hundredGigE1/30 - ``` - -**show interfaces mpls** - -This command is used to display the configured MPLS state for the list of configured interfaces. - -- Usage: - ``` - show interfaces mpls [] - ``` - -- Example: - ``` - admin@sonic:~$ show interfaces mpls - Interface MPLS State - ----------- ------------ - Ethernet0 disable - Ethernet4 enable - Ethernet8 enable - Ethernet12 disable - Ethernet16 disable - Ethernet20 disable - ``` - -- Example (to only display the MPLS state for interface Ethernet4): - ``` - admin@sonic:~$ show interfaces mpls Ethernet4 - Interface MPLS State - ----------- ------------ - Ethernet4 enable - ``` - -**show interfaces loopback-action** - -This command displays the configured loopback action - -- Usage: - ``` - show ip interfaces loopback-action - ``` - -- Example: - ``` - root@sonic:~# show ip interfaces loopback-action - Interface Action - ------------ ---------- - Ethernet232 drop - Vlan100 forward - ``` - - -**show interfaces tpid** - -This command displays the key fields of the interfaces such as Operational Status, Administrative Status, Alias and TPID. - -- Usage: - ``` - show interfaces tpid [] - ``` - -- Example: - ``` - admin@sonic:~$ show interfaces tpid - Interface Alias Oper Admin TPID - --------------- --------------- ------ ------- ------ - Ethernet0 fortyGigE1/1/1 up up 0x8100 - Ethernet1 fortyGigE1/1/2 up up 0x8100 - Ethernet2 fortyGigE1/1/3 down down 0x8100 - Ethernet3 fortyGigE1/1/4 down down 0x8100 - Ethernet4 fortyGigE1/1/5 up up 0x8100 - Ethernet5 fortyGigE1/1/6 up up 0x8100 - Ethernet6 fortyGigE1/1/7 up up 0x9200 - Ethernet7 fortyGigE1/1/8 up up 0x88A8 - Ethernet8 fortyGigE1/1/9 up up 0x8100 - ... - Ethernet63 fortyGigE1/4/16 down down 0x8100 - PortChannel0001 N/A up up 0x8100 - PortChannel0002 N/A up up 0x8100 - PortChannel0003 N/A up up 0x8100 - PortChannel0004 N/A up up 0x8100 - admin@sonic:~$ - ``` - -- Example (to only display the TPID for interface Ethernet6): - - ``` - admin@sonic:~$ show interfaces tpid Ethernet6 - Interface Alias Oper Admin TPID - ----------- -------------- ------ ------- ------ - Ethernet6 fortyGigE1/1/7 up up 0x9200 - admin@sonic:~$ - ``` - -**show interfaces naming_mode** - -Refer sub-section [Interface-Naming-Mode](#Interface-Naming-Mode) - - -**show interfaces neighbor** - -This command is used to display the list of expected neighbors for all interfaces (or for a particular interface) that is configured. - -- Usage: - ``` - show interfaces neighbor expected [] - ``` - -- Example: - ``` - admin@sonic:~$ show interfaces neighbor expected - LocalPort Neighbor NeighborPort NeighborLoopback NeighborMgmt NeighborType - ----------- ---------- -------------- ------------------ -------------- -------------- - Ethernet112 ARISTA01T1 Ethernet1 None 10.16.205.100 ToRRouter - Ethernet116 ARISTA02T1 Ethernet1 None 10.16.205.101 SpineRouter - Ethernet120 ARISTA03T1 Ethernet1 None 10.16.205.102 LeafRouter - Ethernet124 ARISTA04T1 Ethernet1 None 10.16.205.103 LeafRouter - ``` - -**show interfaces portchannel** - -This command displays information regarding port-channel interfaces - -- Usage: - ``` - show interfaces portchannel - ``` - -- Example: - ``` - admin@sonic:~$ show interfaces portchannel - Flags: A - active, I - inactive, Up - up, Dw - Down, N/A - not available, S - selected, D - deselected - No. Team Dev Protocol Ports - ----- ------------- ----------- --------------------------- - 24 PortChannel24 LACP(A)(Up) Ethernet28(S) Ethernet24(S) - 48 PortChannel48 LACP(A)(Up) Ethernet52(S) Ethernet48(S) - 40 PortChannel40 LACP(A)(Up) Ethernet44(S) Ethernet40(S) - 0 PortChannel0 LACP(A)(Up) Ethernet0(S) Ethernet4(S) - 8 PortChannel8 LACP(A)(Up) Ethernet8(S) Ethernet12(S) - ``` - -**show interface status** - -This command displays some more fields such as Lanes, Speed, MTU, Type, Asymmetric PFC status and also the operational and administrative status of the interfaces - -- Usage: - ``` - show interfaces status [] - ``` - -- Example (show interface status of all interfaces): - ``` - admin@sonic:~$ show interfaces status - Interface Lanes Speed MTU Alias Oper Admin Type Asym PFC - ----------- --------------- ------- ----- --------------- ------ ------- ------ ---------- - Ethernet0 49,50,51,52 100G 9100 hundredGigE1/1 down up N/A off - Ethernet4 53,54,55,56 100G 9100 hundredGigE1/2 down up N/A off - Ethernet8 57,58,59,60 100G 9100 hundredGigE1/3 down down N/A off - - ``` - -- Example (to only display the status for interface Ethernet0): - ``` - admin@sonic:~$ show interface status Ethernet0 - Interface Lanes Speed MTU Alias Oper Admin - ----------- -------- ------- ----- -------------- ------ ------- - Ethernet0 101,102 40G 9100 fortyGigE1/1/1 up up - ``` - -- Example (to only display the status for range of interfaces): - ``` - admin@sonic:~$ show interfaces status Ethernet8,Ethernet168-180 - Interface Lanes Speed MTU Alias Oper Admin Type Asym PFC - ----------- ----------------- ------- ----- --------------- ------ ------- ------ ---------- - Ethernet8 49,50,51,52 100G 9100 hundredGigE3 down down N/A N/A - Ethernet168 9,10,11,12 100G 9100 hundredGigE43 down down N/A N/A - Ethernet172 13,14,15,16 100G 9100 hundredGigE44 down down N/A N/A - Ethernet176 109,110,111,112 100G 9100 hundredGigE45 down down N/A N/A - Ethernet180 105,106,107,108 100G 9100 hundredGigE46 down down N/A N/A - ``` - -**show interfaces transceiver** - -This command is already explained [here](#Transceivers) - -### Interface Config Commands -This sub-section explains the following list of configuration on the interfaces. -1) ip - To add or remove IP address for the interface -2) pfc - to set the PFC configuration for the interface -3) shutdown - to administratively shut down the interface -4) speed - to set the interface speed -5) startup - to bring up the administratively shutdown interface -6) breakout - to set interface breakout mode -7) autoneg - to set interface auto negotiation mode -8) advertised-speeds - to set interface advertised speeds -9) advertised-types - to set interface advertised types -10) type - to set interface type -11) mpls - To add or remove MPLS operation for the interface -12) loopback-action - to set action for packet that ingress and gets routed on the same IP interface - -From 201904 release onwards, the “config interface” command syntax is changed and the format is as follows: - -- config interface interface_subcommand -i.e Interface name comes after the subcommand -- Ex: config interface startup Ethernet63 - -The syntax for all such interface_subcommands are given below under each command - -NOTE: In older versions of SONiC until 201811 release, the command syntax was `config interface interface_subcommand` - - -**config interface ip add [default_gw] (Versions >= 201904)** - -**config interface ip add (Versions <= 201811)** - -This command is used for adding the IP address for an interface. -IP address for either physical interface or for portchannel or for VLAN interface or for Loopback interface can be configured using this command. -While configuring the IP address for the management interface "eth0", users can provide the default gateway IP address as an optional parameter from release 201911. - - -- Usage: - - *Versions >= 201904* - ``` - config interface ip add - ``` - *Versions <= 201811* - ``` - config interface ip add - ``` - -- Example: - - *Versions >= 201904* - ``` - admin@sonic:~$ sudo config interface ip add Ethernet63 10.11.12.13/24 - admin@sonic:~$ sudo config interface ip add eth0 20.11.12.13/24 20.11.12.254 - ``` - *Versions <= 201811* - ``` - admin@sonic:~$ sudo config interface Ethernet63 ip add 10.11.12.13/24 - ``` - -VLAN interface names take the form of `vlan`. E.g., VLAN 100 will be named `vlan100` - -- Example: - - *Versions >= 201904* - ``` - admin@sonic:~$ sudo config interface ip add Vlan100 10.11.12.13/24 - ``` - *Versions <= 201811* - ``` - admin@sonic:~$ sudo config interface vlan100 ip add 10.11.12.13/24 - ``` - - -**config interface ip remove (Versions >= 201904)** - -**config interface ip remove (Versions <= 201811)** - -- Usage: - - *Versions >= 201904* - ``` - config interface ip remove - ``` - *Versions <= 201811* - ``` - config interface ip remove - ``` - -- Example: - - *Versions >= 201904* - ``` - admin@sonic:~$ sudo config interface ip remove Ethernet63 10.11.12.13/24 - admin@sonic:~$ sudo config interface ip remove eth0 20.11.12.13/24 - ``` - *Versions <= 201811* - ``` - admin@sonic:~$ sudo config interface Ethernet63 ip remove 10.11.12.13/24 - ``` - -VLAN interface names take the form of `vlan`. E.g., VLAN 100 will be named `vlan100` - -- Example: - - *Versions >= 201904* - ``` - admin@sonic:~$ sudo config interface ip remove vlan100 10.11.12.13/24 - ``` - *Versions <= 201811* - ``` - admin@sonic:~$ sudo config interface vlan100 ip remove 10.11.12.13/24 - ``` - -**config interface pfc priority (on | off)** - -This command is used to set PFC on a given priority of a given interface to either "on" or "off". Once it is successfully configured, it will show current losses priorities on the given interface. Otherwise, it will show error information - -- Example: - *Versions >= 201904* - ``` - admin@sonic:~$ sudo config interface pfc priority Ethernet0 3 off - - Interface Lossless priorities - ----------- --------------------- - Ethernet0 4 - - admin@sonic:~$ sudo config interface pfc priority Ethernet0 8 off - Usage: pfc config priority [OPTIONS] STATUS INTERFACE PRIORITY - - Error: Invalid value for "priority": invalid choice: 8. (choose from 0, 1, 2, 3, 4, 5, 6, 7) - - admin@sonic:~$ sudo config interface pfc priority Ethernet101 3 off - Cannot find interface Ethernet101 - - admin@sonic:~$ sudo config interface pfc priority Ethernet0 3 on - - Interface Lossless priorities - ----------- --------------------- - Ethernet0 3,4 - ``` - -**config interface pfc asymmetric (Versions >= 201904)** - -**config interface pfc asymmetric (Versions <= 201811)** - -This command is used for setting the asymmetric PFC for an interface to either "on" or "off". Once if it is configured, use "show interfaces status" to check the same. - -- Usage: - - *Versions >= 201904* - ``` - config interface pfc asymmetric on/off (for 201904+ version) - ``` - *Versions <= 201811* - ``` - config interface pfc asymmetric on/off (for 201811- version) - ``` - -- Example: - - *Versions >= 201904* - ``` - admin@sonic:~$ sudo config interface pfc asymmetric Ethernet60 on - ``` - *Versions <= 201811* - ``` - admin@sonic:~$ sudo config interface Ethernet60 pfc asymmetric on - ``` - -**config interface shutdown (Versions >= 201904)** - -**config interface shutdown (Versions <= 201811)** - -This command is used to administratively shut down either the Physical interface or port channel interface. Once if it is configured, use "show interfaces status" to check the same. - -- Usage: - - *Versions >= 201904* - ``` - config interface shutdown (for 201904+ version) - ``` - *Versions <= 201811* - ``` - config interface shutdown (for 201811- version) - ``` - -- Example: - - *Versions >= 201904* - ``` - admin@sonic:~$ sudo config interface shutdown Ethernet63 - ``` - *Versions <= 201811* - ``` - admin@sonic:~$ sudo config interface Ethernet63 shutdown - ``` - - shutdown multiple interfaces - ``` - admin@sonic:~$ sudo config interface shutdown Ethernet8,Ethernet16-20,Ethernet32 - ``` - -**config interface startup (Versions >= 201904)** - -**config interface startup (Versions <= 201811)** - -This command is used for administratively bringing up the Physical interface or port channel interface.Once if it is configured, use "show interfaces status" to check the same. - -- Usage: - - *Versions >= 201904* - ``` - config interface startup (for 201904+ version) - ``` - *Versions <= 201811* - ``` - config interface startup (for 201811- version) - ``` - -- Example: - - *Versions >= 201904* - ``` - admin@sonic:~$ sudo config interface startup Ethernet63 - ``` - *Versions <= 201811* - ``` - admin@sonic:~$ sudo config interface Ethernet63 startup - ``` - - startup multiple interfaces - ``` - admin@sonic:~$ sudo config interface startup Ethernet8,Ethernet16-20,Ethernet32 - ``` - -**config interface speed (Versions >= 202006)** - -Dynamic breakout feature is supported in SONiC from 202006 version. -User can configure any speed specified under "breakout_modes" keys for the parent interface in the platform-specific port configuration file (i.e. platform.json). - -For example for a breakout mode of 2x50G[25G,10G] the default speed is 50G but the interface also supports 25G and 10G. - -Refer [DPB HLD DOC](https://github.com/Azure/SONiC/blob/master/doc/dynamic-port-breakout/sonic-dynamic-port-breakout-HLD.md#cli-design) to know more about this command. - -**config interface speed (Versions >= 201904)** - -**config interface speed (Versions <= 201811)** - -This command is used to configure the speed for the Physical interface. Use the value 40000 for setting it to 40G and 100000 for 100G. Users need to know the device to configure it properly. - -- Usage: - - *Versions >= 201904* - ``` - config interface speed - ``` - *Versions <= 201811* - ``` - config interface speed - ``` - -- Example (Versions >= 201904): - ``` - admin@sonic:~$ sudo config interface speed Ethernet63 40000 - ``` - -- Example (Versions <= 201811): - ``` - admin@sonic:~$ sudo config interface Ethernet63 speed 40000 - - ``` - -**config interface transceiver lpmode** - -This command is used to enable or disable low-power mode for an SFP transceiver - -- Usage: - - ``` - config interface transceiver lpmode (enable | disable) - ``` - -- Examples: - - ``` - user@sonic~$ sudo config interface transceiver lpmode Ethernet0 enable - Enabling low-power mode for port Ethernet0... OK - - user@sonic~$ sudo config interface transceiver lpmode Ethernet0 disable - Disabling low-power mode for port Ethernet0... OK - ``` - -**config interface transceiver reset** - -This command is used to reset an SFP transceiver - -- Usage: - - ``` - config interface transceiver reset - ``` - -- Examples: - - ``` - user@sonic~$ sudo config interface transceiver reset Ethernet0 - Resetting port Ethernet0... OK - ``` - -**config interface mtu (Versions >= 201904)** - -This command is used to configure the mtu for the Physical interface. Use the value 1500 for setting max transfer unit size to 1500 bytes. - -- Usage: - - *Versions >= 201904* - ``` - config interface mtu - ``` - -- Example (Versions >= 201904): - ``` - admin@sonic:~$ sudo config interface mtu Ethernet64 1500 - ``` - -**config interface tpid (Versions >= 202106)** - -This command is used to configure the TPID for the Physical/PortChannel interface. default is 0x8100. Other allowed values if supported by HW SKU (0x9100, 0x9200, 0x88A8). - -- Usage: - - *Versions >= 202106* - ``` - config interface tpid - ``` - -- Example (Versions >= 202106): - ``` - admin@sonic:~$ sudo config interface tpid Ethernet64 0x9200 - ``` - -**config interface breakout (Versions >= 202006)** - -This command is used to set active breakout mode available for user-specified interface based on the platform-specific port configuration file(i.e. platform.json) -and the current mode set for the interface. - -Based on the platform.json and the current mode set in interface, this command acts on setting breakout mode for the interface. - -Double tab i.e. to see the available breakout option customized for each interface provided by the user. - -- Usage: - ``` - sudo config interface breakout --help - Usage: config interface breakout [OPTIONS] MODE - - Set interface breakout mode - - Options: - -f, --force-remove-dependencies - Clear all depenedecies internally first. - -l, --load-predefined-config load predefied user configuration (alias, - lanes, speed etc) first. - -y, --yes - -v, --verbose Enable verbose output - -?, -h, --help Show this message and exit. - ``` -- Example : - ``` - admin@sonic:~$ sudo config interface breakout Ethernet0 - - 1x100G[40G] 2x50G 4x25G[10G] - ``` - - This command also provides "--force-remove-dependencies/-f" option to CLI, which will automatically determine and remove the configuration dependencies using Yang models. - - ``` - admin@sonic:~$ sudo config interface breakout Ethernet0 4x25G[10G] -f -l -v -y - ``` - -For details please refer [DPB HLD DOC](https://github.com/Azure/SONiC/blob/master/doc/dynamic-port-breakout/sonic-dynamic-port-breakout-HLD.md#cli-design) to know more about this command. - -Go Back To [Beginning of the document](#) or [Beginning of this section](#interfaces) - -**config interface autoneg (Versions >= 202106)** - -This command is used to set port auto negotiation mode. - -- Usage: - ``` - sudo config interface autoneg --help - Usage: config interface autoneg [OPTIONS] - - Set interface auto negotiation mode - - Options: - -v, --verbose Enable verbose output - -h, -?, --help Show this message and exit. - ``` - -- Example: - ``` - admin@sonic:~$ sudo config interface autoneg Ethernet0 enabled - - admin@sonic:~$ sudo config interface autoneg Ethernet0 disabled - ``` - -Go Back To [Beginning of the document](#) or [Beginning of this section](#interfaces) - -**config interface advertised-speeds (Versions >= 202106)** - -This command is used to set port advertised speed. - -- Usage: - ``` - sudo config interface advertised-speeds --help - Usage: config interface advertised-speeds [OPTIONS] - - Set interface advertised speeds - - Options: - -v, --verbose Enable verbose output - -h, -?, --help Show this message and exit. - ``` - -- Example: - ``` - admin@sonic:~$ sudo config interface advertised-speeds Ethernet0 all - - admin@sonic:~$ sudo config interface advertised-speeds Ethernet0 50000,100000 - ``` - -Go Back To [Beginning of the document](#) or [Beginning of this section](#interfaces) - -**config interface advertised-types (Versions >= 202106)** - -This command is used to set port advertised interface types. - -- Usage: - ``` - sudo config interface advertised-types --help - Usage: config interface advertised-types [OPTIONS] - - Set interface advertised types - - Options: - -v, --verbose Enable verbose output - -h, -?, --help Show this message and exit. - ``` - -- Example: - ``` - admin@sonic:~$ sudo config interface advertised-types Ethernet0 all - - admin@sonic:~$ sudo config interface advertised-types Ethernet0 CR,CR4 - ``` - -Go Back To [Beginning of the document](#) or [Beginning of this section](#interfaces) - -**config interface type (Versions >= 202106)** - -This command is used to set port interface type. - -- Usage: - ``` - sudo config interface type --help - Usage: config interface type [OPTIONS] - - Set interface type - - Options: - -v, --verbose Enable verbose output - -h, -?, --help Show this message and exit. - ``` - -- Example: - ``` - admin@sonic:~$ sudo config interface type Ethernet0 CR4 - ``` - -Go Back To [Beginning of the document](#) or [Beginning of this section](#interfaces) - -**config interface cable_length (Versions >= 202006)** - -This command is used to configure the length of the cable connected to a port. The cable_length is in unit of meters and must be suffixed with "m". - -For details please refer [dynamic buffer management](#dynamic-buffer-management) - -Go Back To [Beginning of the document](#) or [Beginning of this section](#interfaces) - -**config interface lossless_pg (Versions >= 202006)** - -This command is used to configure the priority groups on which lossless traffic runs. - -For details please refer [dynamic buffer management](#dynamic-buffer-management) - -Go Back To [Beginning of the document](#) or [Beginning of this section](#interfaces) - -**config interface headroom_override (Versions >= 202006)** - -This command is used to configure a static buffer profile on a port's lossless priorities. There shouldn't be any `lossless_pg` configured on the port when configuring `headroom_override`. The port's headroom won't be updated after `headroom_override` has been configured on the port. - -For details please refer [dynamic buffer management](#dynamic-buffer-management) - -Go Back To [Beginning of the document](#) or [Beginning of this section](#interfaces) - -**config interface mpls add (Versions >= 202106)** - -This command is used for adding MPLS operation on the interface. -MPLS operation for either physical, portchannel, or VLAN interface can be configured using this command. - - -- Usage: - ``` - sudo config interface mpls add --help - Usage: config interface mpls add [OPTIONS] - - Add MPLS operation on the interface - - Options: - -?, -h, --help Show this message and exit. - ``` - -- Example: - ``` - admin@sonic:~$ sudo config interface mpls add Ethernet4 - ``` - -**config interface mpls remove (Versions >= 202106)** - -This command is used for removing MPLS operation on the interface. -MPLS operation for either physical, portchannel, or VLAN interface can be configured using this command. - -- Usage: - ``` - sudo config interface mpls remove --help - Usage: config interface mpls remove [OPTIONS] - - Remove MPLS operation from the interface - - Options: - -?, -h, --help Show this message and exit. - ``` - -- Example: - ``` - admin@sonic:~$ sudo config interface mpls remove Ethernet4 - ``` - -**config interface ip loopback-action (Versions >= 202205)** - -This command is used for setting the action being taken on packets that ingress and get routed on the same IP interface. -Loopback action can be set on IP interface from type physical, portchannel, VLAN interface and VLAN subinterface. -Loopback action can be drop or forward. - -- Usage: - ``` - config interface ip loopback-action --help - Usage: config interface ip loopback-action [OPTIONS] - - Set IP interface loopback action - - Options: - -?, -h, --help Show this message and exit. - ``` - -- Example: - ``` - admin@sonic:~$ config interface ip loopback-action Ethernet0 drop - admin@sonic:~$ config interface ip loopback-action Ethernet0 forward - - ``` -Go Back To [Beginning of the document](#) or [Beginning of this section](#interfaces) - -## Interface Naming Mode - -### Interface naming mode show commands -This command displays the current interface naming mode. Interface naming mode originally set to 'default'. Interfaces are referenced by default SONiC interface names. -Users can change the naming_mode using "config interface_naming_mode" command. - -**show interfaces naming_mode** - -This command displays the current interface naming mode - -- Usage: - ``` - show interfaces naming_mode - ``` - -- Examples: - ``` - admin@sonic:~$ show interfaces naming_mode - default - ``` - - - "default" naming mode will display all SONiC interface names in 'show' commands and accept SONiC interface names as parameters in 'config commands - - ``` - admin@sonic:~$ show interfaces naming_mode - alias - ``` - - - "alias" naming mode will display all hardware vendor interface aliases in 'show' commands and accept hardware vendor interface aliases as parameters in 'config commands - - -### Interface naming mode config commands - -**config interface_naming_ mode** - -This command is used to change the interface naming mode. -Users can select between default mode (SONiC interface names) or alias mode (Hardware vendor names). -The user must log out and log back in for changes to take effect. Note that the newly-applied interface mode will affect all interface-related show/config commands. - - -*NOTE: Some platforms do not support alias mapping. In such cases, this command is not applicable. Such platforms always use the same SONiC interface names.* - -- Usage: - ``` - config interface_naming_mode (default | alias) - ``` - - - Interface naming mode is originally set to 'default'. Interfaces are referenced by default SONiC interface names: - -- Example: - ``` - admin@sonic:~$ show interfaces naming_mode - default - - admin@sonic:~$ show interface status Ethernet0 - Interface Lanes Speed MTU Alias Oper Admin - ----------- -------- ------- ----- -------------- ------ ------- - Ethernet0 101,102 40G 9100 fortyGigE1/1/1 up up - - admin@sonic:~$ sudo config interface_naming_mode alias - Please logout and log back in for changes take effect. - ``` - - - After user logs out and logs back in again, interfaces will then referenced by hardware vendor aliases: - - ``` - admin@sonic:~$ show interfaces naming_mode - alias - - admin@sonic:~$ sudo config interface fortyGigE1/1/1 shutdown - admin@sonic:~$ show interface status fortyGigE1/1/1 - Interface Lanes Speed MTU Alias Oper Admin - ----------- -------- ------- ----- -------------- ------ ------- - Ethernet0 101,102 40G 9100 fortyGigE1/1/1 down down - ``` - -Go Back To [Beginning of the document](#) or [Beginning of this section](#interface-naming-mode) - -## Interface Vrf binding - -### Interface vrf bind & unbind config commands - -**config interface vrf bind** - -This command is used to bind a interface to a vrf. -By default, all L3 interfaces will be in default vrf. Above vrf bind command will let users bind interface to a vrf. - -- Usage: - ``` - config interface vrf bind - ``` - -**config interface vrf unbind** - -This command is used to ubind a interface from a vrf. -This will move the interface to default vrf. - -- Usage: - ``` - config interface vrf unbind - ``` - - ### Interface vrf binding show commands - - To display interface vrf binding information, user can use show vrf command. Please refer sub-section [Vrf-show-command](#vrf-show-commands). - -Go Back To [Beginning of the document](#) or [Beginning of this section](#interface-vrf-binding) - -## IP / IPv6 - -### IP show commands - -This sub-section explains the various IP protocol specific show commands that are used to display the following. -1) routes -2) bgp details - Explained in the [bgp section](#show-bgp) -3) IP interfaces -4) prefix-list -5) protocol - -#### show ip route - -This command displays either all the route entries from the routing table or a specific route. - -- Usage: - ``` - show ip route [] [] - ``` - -- Example: - ``` - admin@sonic:~$ show ip route - Codes: K - kernel route, C - connected, S - static, R - RIP, - O - OSPF, I - IS-IS, B - BGP, P - PIM, A - Babel, - > - selected route, * - FIB route - S>* 0.0.0.0/0 [200/0] via 10.11.162.254, eth0 - C>* 1.1.0.0/16 is directly connected, Vlan100 - C>* 10.1.1.0/31 is directly connected, Ethernet112 - C>* 10.1.1.2/31 is directly connected, Ethernet116 - C>* 10.11.162.0/24 is directly connected, eth0 - C>* 127.0.0.0/8 is directly connected, lo - C>* 240.127.1.0/24 is directly connected, docker0 - ``` - - - Optionally, you can specify an IP address in order to display only routes to that particular IP address - -- Example: - ``` - admin@sonic:~$ show ip route 10.1.1.0 - Routing entry for 10.1.1.0/31 - Known via "connected", distance 0, metric 0, best - * directly connected, Ethernet112 - ``` - - - Vrf-name can also be specified to get IPv4 routes programmed in the vrf. - - - Example: - ``` - admin@sonic:~$ show ip route vrf Vrf-red - Codes: K - kernel route, C - connected, S - static, R - RIP, - O - OSPF, I - IS-IS, B - BGP, E - EIGRP, N - NHRP, - T - Table, v - VNC, V - VNC-Direct, A - Babel, D - SHARP, - F - PBR, f - OpenFabric, - > - selected route, * - FIB route - VRF Vrf-red: - C>* 11.1.1.1/32 is directly connected, Loopback11, 21:50:47 - C>* 100.1.1.0/24 is directly connected, Vlan100, 03w1d06h - - admin@sonic:~$ show ip route vrf Vrf-red 11.1.1.1/32 - Routing entry for 11.1.1.1/32 - Known via "connected", distance 0, metric 0, vrf Vrf-red, best - Last update 21:57:53 ago - * directly connected, Loopback11 - ``` - -#### show ip interfaces - -This command displays the details about all the Layer3 IP interfaces in the device for which IP address has been assigned. -The type of interfaces include the following. -1) Front panel physical ports. -2) PortChannel. -3) VLAN interface. -4) Loopback interfaces -5) docker interface and -6) management interface - -- Usage: - ``` - show ip interfaces - ``` - -- Example: - ``` - admin@sonic:~$ show ip interfaces - Interface Master IPv4 address/mask Admin/Oper BGP Neighbor Neighbor IP Flags - ------------- ------------ ------------------ -------------- ------------- ------------- ------- - Loopback0 1.0.0.1/32 up/up N/A N/A - Loopback11 Vrf-red 11.1.1.1/32 up/up N/A N/A - Loopback100 Vrf-blue 100.0.0.1/32 up/up N/A N/A - PortChannel01 10.0.0.56/31 up/down DEVICE1 10.0.0.57 - PortChannel02 10.0.0.58/31 up/down DEVICE2 10.0.0.59 - PortChannel03 10.0.0.60/31 up/down DEVICE3 10.0.0.61 - PortChannel04 10.0.0.62/31 up/down DEVICE4 10.0.0.63 - Vlan100 Vrf-red 1001.1.1/24 up/up N/A N/A - Vlan1000 192.168.0.1/27 up/up N/A N/A - docker0 240.127.1.1/24 up/down N/A N/A - eth0 10.3.147.252/23 up/up N/A N/A - lo 127.0.0.1/8 up/up N/A N/A - ``` - -#### show ip protocol - -This command displays the route-map that is configured for the routing protocol. -Refer the routing stack [Quagga Command Reference](https://www.quagga.net/docs/quagga.pdf) or [FRR Command Reference](https://buildmedia.readthedocs.org/media/pdf/frrouting/latest/frrouting.pdf) to know more about this command. - -- Usage: - ``` - show ip protocol - ``` - -- Example: - ``` - admin@sonic:~$ show ip protocol - Protocol : route-map - ------------------------ - system : none - kernel : none - connected : none - static : none - rip : none - ripng : none - ospf : none - ospf6 : none - isis : none - bgp : RM_SET_SRC - pim : none - hsls : none - olsr : none - babel : none - any : none - ``` - -### IPv6 show commands - -This sub-section explains the various IPv6 protocol specific show commands that are used to display the following. -1) routes -2) IPv6 bgp details - Explained in the [bgp section](#show-bgp) -3) IP interfaces -4) protocol - -**show ipv6 route** - -This command displays either all the IPv6 route entries from the routing table or a specific IPv6 route. - -- Usage: - ``` - show ipv6 route [] [] - ``` - -- Example: - ``` - admin@sonic:~$ show ipv6 route - Codes: K - kernel route, C - connected, S - static, R - RIPng, - O - OSPFv6, I - IS-IS, B - BGP, A - Babel, - > - selected route, * - FIB route - - C>* ::1/128 is directly connected, lo - C>* 2018:2001::/126 is directly connected, Ethernet112 - C>* 2018:2002::/126 is directly connected, Ethernet116 - C>* fc00:1::32/128 is directly connected, lo - C>* fc00:1::102/128 is directly connected, lo - C>* fc00:2::102/128 is directly connected, eth0 - C * fe80::/64 is directly connected, Vlan100 - C * fe80::/64 is directly connected, Ethernet112 - C * fe80::/64 is directly connected, Ethernet116 - C * fe80::/64 is directly connected, Bridge - C * fe80::/64 is directly connected, PortChannel0011 - C>* fe80::/64 is directly connected, eth0 - ``` - - Optionally, you can specify an IPv6 address in order to display only routes to that particular IPv6 address - - -- Example: - ``` - admin@sonic:~$ show ipv6 route fc00:1::32 - Routing entry for fc00:1::32/128 - Known via "connected", distance 0, metric 0, best - * directly connected, lo - ``` - - Vrf-name can also be specified to get IPv6 routes programmed in the vrf. - - - Example: - ``` - admin@sonic:~$ show ipv6 route vrf Vrf-red - Codes: K - kernel route, C - connected, S - static, R - RIP, - O - OSPF, I - IS-IS, B - BGP, E - EIGRP, N - NHRP, - T - Table, v - VNC, V - VNC-Direct, A - Babel, D - SHARP, - F - PBR, f - OpenFabric, - > - selected route, * - FIB route - VRF Vrf-red: - C>* 1100::1/128 is directly connected, Loopback11, 21:50:47 - C>* 100::/112 is directly connected, Vlan100, 03w1d06h - C>* fe80::/64 is directly connected, Loopback11, 21:50:47 - C>* fe80::/64 is directly connected, Vlan100, 03w1d06h - - admin@sonic:~$ show ipv6 route vrf Vrf-red 1100::1/128 - Routing entry for 1100::1/128 - Known via "connected", distance 0, metric 0, vrf Vrf-red, best - Last update 21:57:53 ago - * directly connected, Loopback11 - ``` - -**show ipv6 interfaces** - -This command displays the details about all the Layer3 IPv6 interfaces in the device for which IPv6 address has been assigned. -The type of interfaces include the following. -1) Front panel physical ports. -2) PortChannel. -3) VLAN interface. -4) Loopback interfaces -5) management interface - -- Usage: - ``` - show ipv6 interfaces - ``` - -- Example: - ``` - admin@sonic:~$ show ipv6 interfaces - Interface Master IPv6 address/mask Admin/Oper BGP Neighbor Neighbor IP - ----------- -------- ---------------------------------------- ------------ -------------- ------------- - Bridge fe80::7c45:1dff:fe08:cdd%Bridge/64 up/up N/A N/A - Loopback11 Vrf-red 1100::1/128 up/up - PortChannel01 fc00::71/126 up/down DEVICE1 fc00::72 - PortChannel02 fc00::75/126 up/down DEVICE2 fc00::76 - PortChannel03 fc00::79/126 up/down DEVICE3 fc00::7a - PortChannel04 fc00::7d/126 up/down DEVICE4 fc00::7e - Vlan100 Vrf-red 100::1/112 up/up N/A N/A - fe80::eef4:bbff:fefe:880a%Vlan100/64 - eth0 fe80::eef4:bbff:fefe:880a%eth0/64 up/up N/A N/A - lo fc00:1::32/128 up/up N/A N/A - ``` - -**show ipv6 protocol** - -This command displays the route-map that is configured for the IPv6 routing protocol. -Refer the routing stack [Quagga Command Reference](https://www.quagga.net/docs/quagga.pdf) or [FRR Command Reference](https://buildmedia.readthedocs.org/media/pdf/frrouting/latest/frrouting.pdf) to know more about this command. - - -- Usage: - ``` - show ipv6 protocol - ``` - -- Example: - ``` - admin@sonic:~$ show ipv6 protocol - Protocol : route-map - ------------------------ - system : none - kernel : none - connected : none - static : none - rip : none - ripng : none - ospf : none - ospf6 : none - isis : none - bgp : RM_SET_SRC6 - pim : none - hsls : none - olsr : none - babel : none - any : none - ``` - -Go Back To [Beginning of the document](#) or [Beginning of this section](#ip--ipv6) - -## IPv6 Link Local - -### IPv6 Link Local config commands - -This section explains all the commands that are supported in SONiC to configure IPv6 Link-local. - -**config interface ipv6 enable use-link-local-only ** - -This command enables user to enable an interface to forward L3 traffic with out configuring an address. This command creates the routing interface based on the auto generated IPv6 link-local address. This command can be used even if an address is configured on the interface. - -- Usage: - ``` - config interface ipv6 enable use-link-local-only - ``` - -- Example: - ``` - admin@sonic:~$ sudo config interface ipv6 enable use-link-local-only Vlan206 - admin@sonic:~$ sudo config interface ipv6 enable use-link-local-only PortChannel007 - admin@sonic:~$ sudo config interface ipv6 enable use-link-local-only Ethernet52 - ``` - -**config interface ipv6 disable use-link-local-only ** - -This command enables user to disable use-link-local-only configuration on an interface. - -- Usage: - ``` - config interface ipv6 disable use-link-local-only - ``` - -- Example: - ``` - admin@sonic:~$ sudo config interface ipv6 disable use-link-local-only Vlan206 - admin@sonic:~$ sudo config interface ipv6 disable use-link-local-only PortChannel007 - admin@sonic:~$ sudo config interface ipv6 disable use-link-local-only Ethernet52 - ``` - -**config ipv6 enable link-local** - -This command enables user to enable use-link-local-only command on all the interfaces globally. - -- Usage: - ``` - sudo config ipv6 enable link-local - ``` - -- Example: - ``` - admin@sonic:~$ sudo config ipv6 enable link-local - ``` - -**config ipv6 disable link-local** - -This command enables user to disable use-link-local-only command on all the interfaces globally. - -- Usage: - ``` - sudo config ipv6 disable link-local - ``` - -- Example: - ``` - admin@sonic:~$ sudo config ipv6 disable link-local - ``` - -### IPv6 Link Local show commands - -**show ipv6 link-local-mode** - -This command displays the link local mode of all the interfaces. - -- Usage: - ``` - show ipv6 link-local-mode - ``` - -- Example: - ``` - root@sonic:/home/admin# show ipv6 link-local-mode - +------------------+----------+ - | Interface Name | Mode | - +==================+==========+ - | Ethernet16 | Disabled | - +------------------+----------+ - | Ethernet18 | Enabled | - +------------------+----------+ - ``` - -Go Back To [Beginning of the document](#) or [Beginning of this section](#ipv6-link-local) - -## Kubernetes - -### Kubernetes show commands - -**show kubernetes server config** - -This command displays the kubernetes server configuration, if any, else would report as not configured. - -- Usage: - ``` - show kubernetes server config - ``` - -- Example: - ``` - admin@sonic:~$ show kubernetes server config - ip port insecure disable - ----------- ------ ---------- --------- - 10.3.157.24 6443 True False - ``` - -**show kubernetes server status** - -This command displays the kubernetes server status. - -- Usage: - ``` - show kubernetes server status - ``` - -- Example: - ``` - admin@sonic:~$ show kubernetes server status - ip port connected update-time - ----------- ------ ----------- ------------------- - 10.3.157.24 6443 true 2020-11-15 18:25:05 - ``` -Go Back To [Beginning of the document](#) or [Beginning of this section](#Kubernetes) - -## Linux Kernel Dump - -This section demonstrates the show commands and configuration commands of Linux kernel dump mechanism in SONiC. - -### Linux Kernel Dump show commands - -**show kdump config** - -This command shows the configuration of Linux kernel dump. - -- Usage: - ``` - show kdump config - ``` - -- Example: - ``` - admin@sonic:$ show kdump config - Kdump administrative mode: Disabled - Kdump operational mode: Unready - Kdump memory researvation: 0M-2G:256M,2G-4G:320M,4G-8G:384M,8G-:448M - Maximum number of Kdump files: 3 - ``` - -**show kdump files** - -This command shows the Linux kernel core dump files and dmesg files which are -generated by kernel dump tool. - -- Usage: - ``` - show kdump files - ``` - -- Example: - ``` - admin@sonic:~$ show kdump files - Kernel core dump files Kernel dmesg files - ------------------------------------------ ------------------------------------------ - /var/crash/202106242344/kdump.202106242344 /var/crash/202106242344/dmesg.202106242344 - /var/crash/202106242337/kdump.202106242337 /var/crash/202106242337/dmesg.202106242337 - ``` - -**show kdump logging ** - -By default, this command will show the last 10 lines of latest dmesg file. -This command can also accept a specific file name and number of lines as arguments. - -- Usage: - ``` - show kdump logging - ``` - -- Example: - ``` - admin@sonic:~$ show kdump logging - [ 157.642053] RSP: 002b:00007fff1beee708 EFLAGS: 00000246 ORIG_RAX: 0000000000000001 - [ 157.732635] RAX: ffffffffffffffda RBX: 0000000000000002 RCX: 00007fc3887d4504 - [ 157.818015] RDX: 0000000000000002 RSI: 000055d388eceb40 RDI: 0000000000000001 - [ 157.903401] RBP: 000055d388eceb40 R08: 000000000000000a R09: 00007fc3888255f0 - [ 157.988784] R10: 000000000000000a R11: 0000000000000246 R12: 00007fc3888a6760 - [ 158.074166] R13: 0000000000000002 R14: 00007fc3888a1760 R15: 0000000000000002 - [ 158.159553] Modules linked in: nft_chain_route_ipv6(E) nft_chain_route_ipv4(E) xt_TCPMSS(E) dummy(E) team_mode_loadbalance(E) team(E) sx_bfd(OE) sx_netdev(OE) psample(E) sx_core(OE) 8021q(E) garp(E) mrp(E) mst_pciconf(OE) mst_pci(OE) xt_hl(E) xt_tcpudp(E) ip6_tables(E) nft_compat(E) nft_chain_nat_ipv4(E) nf_nat_ipv4(E) nft_counter(E) xt_conntrack(E) nf_nat(E) jc42(E) nf_conntrack_netlink(E) nf_conntrack(E) nf_defrag_ipv6(E) nf_defrag_ipv4(E) libcrc32c(E) xfrm_user(E) xfrm_algo(E) mlxsw_minimal(E) mlxsw_i2c(E) i2c_mux_reg(E) i2c_mux(E) i2c_mlxcpld(E) leds_mlxreg(E) mlxreg_io(E) mlxreg_hotplug(E) mei_wdt(E) evdev(E) intel_rapl(E) x86_pkg_temp_thermal(E) intel_powerclamp(E) kvm_intel(E) mlx_platform(E) kvm(E) irqbypass(E) crct10dif_pclmul(E) crc32_pclmul(E) ghash_clmulni_intel(E) intel_cstate(E) intel_uncore(E) - [ 159.016731] intel_rapl_perf(E) pcspkr(E) sg(E) iTCO_wdt(E) iTCO_vendor_support(E) mei_me(E) mei(E) bonding(E) pcc_cpufreq(E) video(E) button(E) ebt_vlan(E) ebtable_broute(E) bridge(E) stp(E) llc(E) ebtable_nat(E) ebtable_filter(E) ebtables(E) nf_tables(E) nfnetlink(E) xdpe12284(E) at24(E) ledtrig_timer(E) tmp102(E) lm75(E) drm(E) coretemp(E) max1363(E) industrialio_triggered_buffer(E) kfifo_buf(E) industrialio(E) tps53679(E) fuse(E) pmbus(E) pmbus_core(E) i2c_dev(E) configfs(E) ip_tables(E) x_tables(E) autofs4(E) loop(E) ext4(E) crc16(E) mbcache(E) jbd2(E) crc32c_generic(E) fscrypto(E) ecb(E) crypto_simd(E) cryptd(E) glue_helper(E) aes_x86_64(E) nvme(E) nvme_core(E) nls_utf8(E) nls_cp437(E) nls_ascii(E) vfat(E) fat(E) overlay(E) squashfs(E) zstd_decompress(E) xxhash(E) sd_mod(E) gpio_ich(E) ahci(E) - [ 159.864532] libahci(E) mlxsw_core(E) devlink(E) ehci_pci(E) ehci_hcd(E) crc32c_intel(E) libata(E) i2c_i801(E) scsi_mod(E) usbcore(E) usb_common(E) lpc_ich(E) mfd_core(E) e1000e(E) fan(E) thermal(E) - [ 160.075846] CR2: 0000000000000000 - ``` -You can specify a file name in order to show its -last 10 lines. - -- Example: - ``` - admin@sonic:~$ show kdump logging dmesg.202106242337 - [ 654.120195] RSP: 002b:00007ffe697690f8 EFLAGS: 00000246 ORIG_RAX: 0000000000000001 - [ 654.210778] RAX: ffffffffffffffda RBX: 0000000000000002 RCX: 00007fcfca27b504 - [ 654.296157] RDX: 0000000000000002 RSI: 000055a6e4d1b3f0 RDI: 0000000000000001 - [ 654.381543] RBP: 000055a6e4d1b3f0 R08: 000000000000000a R09: 00007fcfca2cc5f0 - [ 654.466925] R10: 000000000000000a R11: 0000000000000246 R12: 00007fcfca34d760 - [ 654.552310] R13: 0000000000000002 R14: 00007fcfca348760 R15: 0000000000000002 - [ 654.637694] Modules linked in: binfmt_misc(E) nft_chain_route_ipv6(E) nft_chain_route_ipv4(E) xt_TCPMSS(E) dummy(E) team_mode_loadbalance(E) team(E) sx_bfd(OE) sx_netdev(OE) psample(E) sx_core(OE) 8021q(E) garp(E) mrp(E) mst_pciconf(OE) mst_pci(OE) xt_hl(E) xt_tcpudp(E) ip6_tables(E) nft_chain_nat_ipv4(E) nf_nat_ipv4(E) nft_compat(E) nft_counter(E) xt_conntrack(E) nf_nat(E) jc42(E) nf_conntrack_netlink(E) nf_conntrack(E) nf_defrag_ipv6(E) nf_defrag_ipv4(E) libcrc32c(E) xfrm_user(E) xfrm_algo(E) mlxsw_minimal(E) mlxsw_i2c(E) i2c_mux_reg(E) i2c_mux(E) mlxreg_hotplug(E) mlxreg_io(E) i2c_mlxcpld(E) leds_mlxreg(E) mei_wdt(E) evdev(E) intel_rapl(E) x86_pkg_temp_thermal(E) intel_powerclamp(E) kvm_intel(E) kvm(E) mlx_platform(E) irqbypass(E) crct10dif_pclmul(E) crc32_pclmul(E) ghash_clmulni_intel(E) intel_cstate(E) - [ 655.493833] intel_uncore(E) intel_rapl_perf(E) pcspkr(E) sg(E) iTCO_wdt(E) iTCO_vendor_support(E) mei_me(E) mei(E) bonding(E) video(E) button(E) pcc_cpufreq(E) ebt_vlan(E) ebtable_broute(E) bridge(E) stp(E) llc(E) ebtable_nat(E) ebtable_filter(E) ebtables(E) nf_tables(E) nfnetlink(E) xdpe12284(E) at24(E) ledtrig_timer(E) tmp102(E) drm(E) lm75(E) coretemp(E) max1363(E) industrialio_triggered_buffer(E) kfifo_buf(E) industrialio(E) fuse(E) tps53679(E) pmbus(E) pmbus_core(E) i2c_dev(E) configfs(E) ip_tables(E) x_tables(E) autofs4(E) loop(E) ext4(E) crc16(E) mbcache(E) jbd2(E) crc32c_generic(E) fscrypto(E) ecb(E) crypto_simd(E) cryptd(E) glue_helper(E) aes_x86_64(E) nvme(E) nvme_core(E) nls_utf8(E) nls_cp437(E) nls_ascii(E) vfat(E) fat(E) overlay(E) squashfs(E) zstd_decompress(E) xxhash(E) sd_mod(E) - [ 656.337476] gpio_ich(E) ahci(E) mlxsw_core(E) libahci(E) devlink(E) crc32c_intel(E) libata(E) i2c_i801(E) scsi_mod(E) lpc_ich(E) mfd_core(E) ehci_pci(E) ehci_hcd(E) usbcore(E) e1000e(E) usb_common(E) fan(E) thermal(E) - [ 656.569590] CR2: 0000000000000000 - ``` -You can also specify a file name and number of lines in order to show the -last number of lines. - -- Example: - ``` - admin@sonic:~$ show kdump logging dmesg.202106242337 -l 20 - [ 653.525427] __handle_sysrq.cold.9+0x45/0xf2 - [ 653.576487] write_sysrq_trigger+0x2b/0x30 - [ 653.625472] proc_reg_write+0x39/0x60 - [ 653.669252] vfs_write+0xa5/0x1a0 - [ 653.708881] ksys_write+0x57/0xd0 - [ 653.748501] do_syscall_64+0x53/0x110 - [ 653.792287] entry_SYSCALL_64_after_hwframe+0x44/0xa9 - [ 653.852707] RIP: 0033:0x7fcfca27b504 - [ 653.895452] Code: 00 f7 d8 64 89 02 48 c7 c0 ff ff ff ff eb b3 0f 1f 80 00 00 00 00 48 8d 05 f9 61 0d 00 8b 00 85 c0 75 13 b8 01 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 54 c3 0f 1f 00 41 54 49 89 d4 55 48 89 f5 53 - [ 654.120195] RSP: 002b:00007ffe697690f8 EFLAGS: 00000246 ORIG_RAX: 0000000000000001 - [ 654.210778] RAX: ffffffffffffffda RBX: 0000000000000002 RCX: 00007fcfca27b504 - [ 654.296157] RDX: 0000000000000002 RSI: 000055a6e4d1b3f0 RDI: 0000000000000001 - [ 654.381543] RBP: 000055a6e4d1b3f0 R08: 000000000000000a R09: 00007fcfca2cc5f0 - [ 654.466925] R10: 000000000000000a R11: 0000000000000246 R12: 00007fcfca34d760 - [ 654.552310] R13: 0000000000000002 R14: 00007fcfca348760 R15: 0000000000000002 - [ 654.637694] Modules linked in: binfmt_misc(E) nft_chain_route_ipv6(E) nft_chain_route_ipv4(E) xt_TCPMSS(E) dummy(E) team_mode_loadbalance(E) team(E) sx_bfd(OE) sx_netdev(OE) psample(E) sx_core(OE) 8021q(E) garp(E) mrp(E) mst_pciconf(OE) mst_pci(OE) xt_hl(E) xt_tcpudp(E) ip6_tables(E) nft_chain_nat_ipv4(E) nf_nat_ipv4(E) nft_compat(E) nft_counter(E) xt_conntrack(E) nf_nat(E) jc42(E) nf_conntrack_netlink(E) nf_conntrack(E) nf_defrag_ipv6(E) nf_defrag_ipv4(E) libcrc32c(E) xfrm_user(E) xfrm_algo(E) mlxsw_minimal(E) mlxsw_i2c(E) i2c_mux_reg(E) i2c_mux(E) mlxreg_hotplug(E) mlxreg_io(E) i2c_mlxcpld(E) leds_mlxreg(E) mei_wdt(E) evdev(E) intel_rapl(E) x86_pkg_temp_thermal(E) intel_powerclamp(E) kvm_intel(E) kvm(E) mlx_platform(E) irqbypass(E) crct10dif_pclmul(E) crc32_pclmul(E) ghash_clmulni_intel(E) intel_cstate(E) - [ 655.493833] intel_uncore(E) intel_rapl_perf(E) pcspkr(E) sg(E) iTCO_wdt(E) iTCO_vendor_support(E) mei_me(E) mei(E) bonding(E) video(E) button(E) pcc_cpufreq(E) ebt_vlan(E) ebtable_broute(E) bridge(E) stp(E) llc(E) ebtable_nat(E) ebtable_filter(E) ebtables(E) nf_tables(E) nfnetlink(E) xdpe12284(E) at24(E) ledtrig_timer(E) tmp102(E) drm(E) lm75(E) coretemp(E) max1363(E) industrialio_triggered_buffer(E) kfifo_buf(E) industrialio(E) fuse(E) tps53679(E) pmbus(E) pmbus_core(E) i2c_dev(E) configfs(E) ip_tables(E) x_tables(E) autofs4(E) loop(E) ext4(E) crc16(E) mbcache(E) jbd2(E) crc32c_generic(E) fscrypto(E) ecb(E) crypto_simd(E) cryptd(E) glue_helper(E) aes_x86_64(E) nvme(E) nvme_core(E) nls_utf8(E) nls_cp437(E) nls_ascii(E) vfat(E) fat(E) overlay(E) squashfs(E) zstd_decompress(E) xxhash(E) sd_mod(E) - [ 656.337476] gpio_ich(E) ahci(E) mlxsw_core(E) libahci(E) devlink(E) crc32c_intel(E) libata(E) i2c_i801(E) scsi_mod(E) lpc_ich(E) mfd_core(E) ehci_pci(E) ehci_hcd(E) usbcore(E) e1000e(E) usb_common(E) fan(E) thermal(E) - [ 656.569590] CR2: 0000000000000000 - ``` -Go Back To [Beginning of the document](#) or [Beginning of this section](#kdump) - -## LLDP - -### LLDP show commands - -**show lldp table** - -This command displays the brief summary of all LLDP neighbors. - -- Usage: - ``` - show lldp table - ``` - -- Example: - ``` - admin@sonic:~$ show lldp table - Capability codes: (R) Router, (B) Bridge, (O) Other - LocalPort RemoteDevice RemotePortID Capability RemotePortDescr - ----------- ----------------- ------------------- ------------ -------------------- - Ethernet112 T1-1 hundredGigE1/2 BR T0-2:hundredGigE1/29 - Ethernet116 T1-2 hundredGigE1/2 BR T0-2:hundredGigE1/30 - eth0 swtor-b2lab2-1610 GigabitEthernet 0/2 OBR - -------------------------------------------------- - Total entries displayed: 3 - ``` - -**show lldp neighbors** - -This command displays more details about all LLDP neighbors or only the neighbors connected to a specific interface. - -- Usage: - ``` - show lldp neighbors - ``` - -- Example1: To display all neighbors in all interfaces - ``` - admin@sonic:~$ show lldp neighbors - ------------------------------------------------------------------------------- - LLDP neighbors: - ------------------------------------------------------------------------------- - Interface: eth0, via: LLDP, RID: 1, Time: 0 day, 12:21:21 - Chassis: - ChassisID: mac 00:01:e8:81:e3:45 - SysName: swtor-b2lab2-1610 - SysDescr: Dell Force10 Networks Real Time Operating System Software. Dell Force10 Operating System Version: 1.0. Dell Force10 Application Software Version: 8.3.3.10d. Copyright (c) 1999-2012 by Dell Inc. All Rights Reserved.Build Time: Tue Sep 22 11:21:54 PDT 2015 - TTL: 20 - Capability: Repeater, on - Capability: Bridge, on - Capability: Router, on - Port: - PortID: ifname GigabitEthernet 0/2 - VLAN: 162, pvid: yes - ------------------------------------------------------------------------------- - Interface: Ethernet116, via: LLDP, RID: 3, Time: 0 day, 12:20:49 - Chassis: - ChassisID: mac 4c:76:25:e7:f0:c0 - SysName: T1-2 - SysDescr: Debian GNU/Linux 8 (jessie) Linux 4.9.0-8-amd64 #1 SMP Debian 4.9.110-3+deb9u6 (2015-12-19) x86_64 - TTL: 120 - MgmtIP: 10.11.162.40 - Capability: Bridge, on - Capability: Router, on - Capability: Wlan, off - Capability: Station, off - Port: - PortID: local hundredGigE1/2 - PortDescr: T0-2:hundredGigE1/30 - ------------------------------------------------------------------------------- - ``` - -Optionally, you can specify an interface name in order to display only that particular interface - -- Example2: - ``` - admin@sonic:~$ show lldp neighbors Ethernet112 - show lldp neighbors Ethernet112 - ------------------------------------------------------------------------------- - LLDP neighbors: - ------------------------------------------------------------------------------- - Interface: Ethernet112, via: LLDP, RID: 2, Time: 0 day, 19:24:17 - Chassis: - ChassisID: mac 4c:76:25:e5:e6:c0 - SysName: T1-1 - SysDescr: Debian GNU/Linux 8 (jessie) Linux 4.9.0-8-amd64 #1 SMP Debian 4.9.110-3+deb9u6 (2015-12-19) x86_64 - TTL: 120 - MgmtIP: 10.11.162.41 - Capability: Bridge, on - Capability: Router, on - Capability: Wlan, off - Capability: Station, off - Port: - PortID: local hundredGigE1/2 - PortDescr: T0-2:hundredGigE1/29 - ------------------------------------------------------------------------------- - ``` -Go Back To [Beginning of the document](#) or [Beginning of this section](#lldp) - - -## Loading, Reloading And Saving Configuration - -This section explains the commands that are used to load the configuration from either the ConfigDB or from the minigraph. - -### Loading configuration from JSON file - -**config load** - -This command is used to load the configuration from a JSON file like the file which SONiC saves its configuration to, `/etc/sonic/config_db.json` -This command loads the configuration from the input file (if user specifies this optional filename, it will use that input file. Otherwise, it will use the default `/etc/sonic/config_db.json` file as the input file) into CONFIG_DB. -The configuration present in the input file is applied on top of the already running configuration. -This command does not flush the config DB before loading the new configuration (i.e., If the configuration present in the input file is same as the current running configuration, nothing happens) -If the config present in the input file is not present in running configuration, it will be added. -If the config present in the input file differs (when key matches) from that of the running configuration, it will be modified as per the new values for those keys. - -When user specifies the optional argument "-y" or "--yes", this command forces the loading without prompting the user for confirmation. -If the argument is not specified, it prompts the user to confirm whether user really wants to load this configuration file. - -- Usage: - ``` - config load [-y|--yes] [] - ``` - -- Example: - ``` - admin@sonic:~$ sudo config load - Load config from the file /etc/sonic/config_db.json? [y/N]: y - Running command: /usr/local/bin/sonic-cfggen -j /etc/sonic/config_db.json --write-to-db - ``` - -### Loading configuration from minigraph (XML) file - -**config load_minigraph** - -This command is used to load the configuration from /etc/sonic/minigraph.xml. -When users do not want to use configuration from config_db.json, they can copy the minigraph.xml configuration file to the device and load it using this command. -This command restarts various services running in the device and it takes some time to complete the command. - -NOTE: If the user had logged in using SSH, users might get disconnected and some configuration failures might happen which might be hard to recover. Users need to reconnect their SSH sessions after configuring the management IP address. It is recommended to execute this command from console port -NOTE: Management interface IP address and default route (or specific route) may require reconfiguration in case if those parameters are not part of the minigraph.xml. - -When user specifies the optional argument "-y" or "--yes", this command forces the loading without prompting the user for confirmation. -If the argument is not specified, it prompts the user to confirm whether user really wants to load this configuration file. - -When user specifies the optional argument "-n" or "--no-service-restart", this command loads the configuration without restarting dependent services -running on the device. One use case for this option is during boot time when config-setup service loads minigraph configuration and there is no services -running on the device. - -When user specifies the optional argument "-t" or "--traffic-shift-away", this command executes TSA command at the end to ensure the device remains in maintenance after loading minigraph. - -- Usage: - ``` - config load_minigraph [-y|--yes] [-n|--no-service-restart] [-t|--traffic-shift-away] - ``` - -- Example: - ``` - admin@sonic:~$ sudo config load_minigraph - Reload config from minigraph? [y/N]: y - Running command: /usr/local/bin/sonic-cfggen -j /etc/sonic/config_db.json --write-to-db - ``` - -### Reloading Configuration - -**config reload** - -This command is used to clear current configuration and import new configurationn from the input file or from /etc/sonic/config_db.json. -This command shall stop all services before clearing the configuration and it then restarts those services. - -This command restarts various services running in the device and it takes some time to complete the command. -NOTE: If the user had logged in using SSH, users **might get disconnected** depending upon the new management IP address. Users need to reconnect their SSH sessions. -In general, it is recommended to execute this command from console port after disconnecting all SSH sessions to the device. -When users to do “config reload” the newly loaded config may have management IP address, or it may not have management IP address. -If mgmtIP is there in the newly loaded config file, that mgmtIP might be same as previously configured value or it might be different. -This difference in mgmtIP address values results in following possible behaviours. - -Case1: Previously configured mgmtIP is same as newly loaded mgmtIP. The SSH session may not be affected at all, but it’s possible that there will be a brief interruption in the SSH session. But, assuming the client’s timeout value isn’t on the order of a couple of seconds, the session would most likely just resume again as soon as the interface is reconfigured and up with the same IP. -Case2: Previously configured mgmtIP is different from newly loaded mgmtIP. Users will lose their SSH connections. -Case3: Newly loaded config does not have any mgmtIP. Users will lose their SSH connections. - -NOTE: Management interface IP address and default route (or specific route) may require reconfiguration in case if those parameters are not part of the minigraph.xml. - -When user specifies the optional argument "-y" or "--yes", this command forces the loading without prompting the user for confirmation. -If the argument is not specified, it prompts the user to confirm whether user really wants to load this configuration file. - -When user specifies the optional argument "-n" or "--no-service-restart", this command clear and loads the configuration without restarting dependent services -running on the device. One use case for this option is during boot time when config-setup service loads existing old configuration and there is no services -running on the device. - -When user specifies the optional argument "-f" or "--force", this command ignores the system sanity checks. By default a list of sanity checks are performed and if one of the checks fail, the command will not execute. The sanity checks include ensuring the system status is not starting, all the essential services are up and swss is in ready state. - -- Usage: - ``` - config reload [-y|--yes] [-l|--load-sysinfo] [] [-n|--no-service-restart] [-f|--force] - ``` - -- Example: - ``` - admin@sonic:~$ sudo config reload - Clear current config and reload config from the file /etc/sonic/config_db.json? [y/N]: y - Running command: systemctl stop dhcp_relay - Running command: systemctl stop swss - Running command: systemctl stop snmp - Warning: Stopping snmp.service, but it can still be activated by: - snmp.timer - Running command: systemctl stop lldp - Running command: systemctl stop pmon - Running command: systemctl stop bgp - Running command: systemctl stop teamd - Running command: /usr/local/bin/sonic-cfggen -H -k Force10-Z9100-C32 --write-to-db - Running command: /usr/local/bin/sonic-cfggen -j /etc/sonic/config_db.json --write-to-db - Running command: systemctl restart hostname-config - Running command: systemctl restart interfaces-config - Timeout, server 10.11.162.42 not responding. - ``` - When some sanity checks fail below error messages can be seen - ``` - admin@sonic:~$ sudo config reload -y - System is not up. Retry later or use -f to avoid system checks - ``` - ``` - admin@sonic:~$ sudo config reload -y - Relevant services are not up. Retry later or use -f to avoid system checks - ``` - ``` - admin@sonic:~$ sudo config reload -y - SwSS container is not ready. Retry later or use -f to avoid system checks - ``` - - -### Loading Management Configuration - -**config load_mgmt_config** - -This command is used to reconfigure hostname and mgmt interface based on device description file. -This command either uses the optional file specified as arguement or looks for the file "/etc/sonic/device_desc.xml". -If the file does not exist or if the file does not have valid fields for "hostname" and "ManagementAddress" (or "ManagementAddressV6"), it fails. - -When user specifies the optional argument "-y" or "--yes", this command forces the loading without prompting the user for confirmation. -If the argument is not specified, it prompts the user to confirm whether user really wants to load this configuration file. - -- Usage: - ``` - config load_mgmt_config [-y|--yes] [] - ``` - -- Example: - ``` - admin@sonic:~$ sudo config load_mgmt_config - Reload config from minigraph? [y/N]: y - Running command: /usr/local/bin/sonic-cfggen -M /etc/sonic/device_desc.xml --write-to-db - ``` - - -### Saving Configuration to a File for Persistence - -**config save** - -This command is to save the config DB configuration into the user-specified filename or into the default /etc/sonic/config_db.json. This saves the configuration into the disk which is available even after reboots. -Saved file can be transferred to remote machines for debugging. If users wants to load the configuration from this new file at any point of time, they can use "config load" command and provide this newly generated file as input. If users wants this newly generated file to be used during reboot, they need to copy this file to /etc/sonic/config_db.json. - -- Usage: - ``` - config save [-y|--yes] [] - ``` - -- Example (Save configuration to /etc/sonic/config_db.json): - ``` - admin@sonic:~$ sudo config save -y - ``` - -- Example (Save configuration to a specified file): - ``` - admin@sonic:~$ sudo config save -y /etc/sonic/config2.json - ``` - -Go Back To [Beginning of the document](#) or [Beginning of this section](#loading-reloading-and-saving-configuration) - -## Loopback Interfaces - -### Loopback show commands - -Please check [show ip interfaces](#show-ip-interfaces) - -### Loopback config commands - -This sub-section explains how to create and delete loopback interfaces. - -**config interface loopback** - -This command is used to add or delete loopback interfaces. -It is recommended to use loopback names in the format "Loopbackxxx", where "xxx" is number of 1 to 3 digits. Ex: "Loopback11". - -- Usage: - ``` - config loopback (add | del) - ``` - -- Example (Create the loopback with name "Loopback11"): - ``` - admin@sonic:~$ sudo config loopback add Loopback11 - ``` - -## VRF Configuration - -### VRF show commands - -**show vrf** - -This command displays all vrfs configured on the system along with interface binding to the vrf. -If vrf-name is also provided as part of the command, if the vrf is created it will display all interfaces binding to the vrf, if vrf is not created nothing will be displayed. - -- Usage: - ``` - show vrf [] - ``` - -- Example: - ```` - admin@sonic:~$ show vrf - VRF Interfaces - ------- ------------ - default Vlan20 - Vrf-red Vlan100 - Loopback11 - Eth0.100 - Vrf-blue Loopback100 - Loopback102 - Ethernet0.10 - PortChannel101 - ```` - -### VRF config commands - -**config vrf add ** - -This command creates vrf in SONiC system with provided vrf-name. - -- Usage: - ``` -config vrf add -``` -Note: vrf-name should always start with keyword "Vrf" - -**config vrf del ** - -This command deletes vrf with name vrf-name. - -- Usage: - ``` -config vrf del -``` - -## Management VRF - -### Management VRF Show commands - -**show mgmt-vrf** - -This command displays whether the management VRF is enabled or disabled. It also displays the details about the the links (eth0, mgmt, lo-m) that are related to management VRF. - -- Usage: - ``` - show mgmt-vrf - ``` - -- Example: - ``` - admin@sonic:~$ show mgmt-vrf - - ManagementVRF : Enabled - - Management VRF interfaces in Linux: - 348: mgmt: mtu 65536 qdisc noqueue state UP mode DEFAULT group default qlen 1000 - link/ether f2:2a:d9:bc:e8:f0 brd ff:ff:ff:ff:ff:ff - 2: eth0: mtu 1500 qdisc mq master mgmt state UP mode DEFAULT group default qlen 1000 - link/ether 4c:76:25:f4:f9:f3 brd ff:ff:ff:ff:ff:ff - 350: lo-m: mtu 1500 qdisc noqueue master mgmt state UNKNOWN mode DEFAULT group default qlen 1000 - link/ether b2:4c:c6:f3:e9:92 brd ff:ff:ff:ff:ff:ff - - NOTE: The management interface "eth0" shows the "master" as "mgmt" since it is part of management VRF. - ``` - -**show mgmt-vrf routes** - -This command displays the routes that are present in the routing table 5000 that is meant for management VRF. - -- Usage: - ``` - show mgmt-vrf routes - ``` - -- Example: - ``` - admin@sonic:~$ show mgmt-vrf routes - - Routes in Management VRF Routing Table: - default via 10.16.210.254 dev eth0 metric 201 - broadcast 10.16.210.0 dev eth0 proto kernel scope link src 10.16.210.75 - 10.16.210.0/24 dev eth0 proto kernel scope link src 10.16.210.75 - local 10.16.210.75 dev eth0 proto kernel scope host src 10.16.210.75 - broadcast 10.16.210.255 dev eth0 proto kernel scope link src 10.16.210.75 - broadcast 127.0.0.0 dev lo-m proto kernel scope link src 127.0.0.1 - 127.0.0.0/8 dev lo-m proto kernel scope link src 127.0.0.1 - local 127.0.0.1 dev lo-m proto kernel scope host src 127.0.0.1 - broadcast 127.255.255.255 dev lo-m proto kernel scope link src 127.0.0.1 - ``` - -**show management_interface address** - -This command displays the IP address(es) configured for the management interface "eth0" and the management network default gateway. - -- Usage: - ``` - show management_interface address - ``` - -- Example: - ``` - admin@sonic:~$ show management_interface address - Management IP address = 10.16.210.75/24 - Management NetWork Default Gateway = 10.16.210.254 - Management IP address = FC00:2::32/64 - Management Network Default Gateway = fc00:2::1 - ``` - -**show snmpagentaddress** - -This command displays the configured SNMP agent IP addresses. - -- Usage: - ``` - show snmpagentaddress - ``` - -- Example: - ``` - admin@sonic:~$ show snmpagentaddress - ListenIP ListenPort ListenVrf - ---------- ------------ ----------- - 1.2.3.4 787 mgmt - ``` - -**show snmptrap** - -This command displays the configured SNMP Trap server IP addresses. - -- Usage: - ``` - show snmptrap - ``` - -- Example: - ``` - admin@sonic:~$ show snmptrap - Version TrapReceiverIP Port VRF Community - --------- ---------------- ------ ----- ----------- - 2 31.31.31.31 456 mgmt public - ``` - -### Management VRF Config commands - -**config vrf add mgmt** - -This command enables the management VRF in the system. This command restarts the "interfaces-config" service which in turn regenerates the /etc/network/interfaces file and restarts the "networking" service. This creates a new interface and l3mdev CGROUP with the name as "mgmt" and enslaves the management interface "eth0" into this master interface "mgmt". Note that the VRFName "mgmt" (or "management") is reserved for management VRF. i.e. Data VRFs should not use these reserved VRF names. - -- Usage: - ``` - config vrf add mgmt - ``` - -- Example: - ``` - admin@sonic:~$ sudo config vrf add mgmt - ``` - -**config vrf del mgmt** - -This command disables the management VRF in the system. This command restarts the "interfaces-config" service which in turn regenerates the /etc/network/interfaces file and restarts the "networking" service. This deletes the interface "mgmt" and deletes the l3mdev CGROUP named "mgmt" and puts back the management interface "eth0" into the default VRF. Note that the VRFName "mgmt" (or "management") is reserved for management VRF. i.e. Data VRFs should not use these reserved VRF names. - -- Usage: - ``` - config vrf del mgmt - ``` - -- Example: - ``` - admin@sonic:~$ sudo config vrf del mgmt - ``` - -**config snmpagentaddress add** - -This command adds the SNMP agent IP address on which the SNMP agent is expected to listen. When SNMP agent is expected to work as part of management VRF, users should specify the optional vrf_name parameter as "mgmt". This configuration goes into snmpd.conf that is used by SNMP agent. SNMP service is restarted to make this configuration effective in SNMP agent. - -- Usage: - ``` - config snmpagentaddress add [-p ] [-v ] agentip - ``` - -- Example: - ``` - admin@sonic:~$ sudo config snmpagentaddress add -v mgmt -p 123 21.22.13.14 - - Note: For this example, configuration goes into /etc/snmp/snmpd.conf inside snmp docker as follows. When "-v" parameter is not used, the additional "%" in the following line will not be present. - - agentAddress 21.22.13.14:123%mgmt - ``` - -**config snmpagentaddress del** - -This command deletes the SNMP agent IP address on which the SNMP agent is expected to listen. When users had added the agent IP as part of "mgmt" VRF, users should specify the optional vrf_name parameter as "mgmt" while deleting as well. This configuration is removed from snmpd.conf that is used by SNMP agent. SNMP service is restarted to make this configuration effective in SNMP agent. - -- Usage: - ``` - config snmpagentaddress del [-p ] [-v ] agentip - ``` - -- Example: - ``` - admin@sonic:~$ sudo config snmpagentaddress del -v mgmt -p 123 21.22.13.14 - - ``` - -**config snmptrap modify** - -This command modifies the SNMP trap server IP address to which the SNMP agent is expected to send the traps. Users can configure one server IP addrss for each SNMP version to send the traps. When SNMP agent is expected to send traps as part of management VRF, users should specify the optional vrf_name parameter as "mgmt". This configuration goes into snmpd.conf that is used by SNMP agent. SNMP service is restarted to make this configuration effective in SNMP agent. - -- Usage: - ``` - config snmptrap modify [-p ] [-v ] [-c ] trapserverip - ``` - -- Example: - ``` - admin@sonic:~$ sudo config snmptrap modify 2 -p 456 -v mgmt 21.21.21.21 - - For this example, configuration goes into /etc/snmp/snmpd.conf inside snmp docker as follows. When "-v" parameter is not used, the additional "%" in the following line will not be present. In case of SNMPv1, "trapsink" will be updated, in case of v2, "trap2sink" will be updated and in case of v3, "informsink" will be updated. - - trap2sink 31.31.31.31:456%mgmt public - - ``` - -**config snmptrap del** - -This command deletes the SNMP Trap server IP address to which SNMP agent is expected to send TRAPs. When users had added the trap server IP as part of "mgmt" VRF, users should specify the optional vrf_name parameter as "mgmt" while deleting as well. This configuration is removed from snmpd.conf that is used by SNMP agent. SNMP service is restarted to make this configuration effective in SNMP agent. - -- Usage: - ``` - config snmptrap del [-p ] [-v ] [-c ] trapserverip - ``` - -- Example: - ``` - admin@sonic:~$ sudo config snmptrap del -v mgmt -p 123 21.22.13.14 - - ``` - -Go Back To [Beginning of the document](#) or [Beginning of this section](#management-vrf) - -## Muxcable - -### Muxcable Show commands - -**show muxcable status** - -This command displays all the status of either all the ports which are connected to muxcable or any individual port selected by the user. The resultant table or json output will show the current status of muxcable on the port (auto/active) and also the health of the muxcable. - -- Usage: - ``` - show muxcable status [OPTIONS] [PORT] - ``` - -While displaying the muxcable status, users can configure the following fields - -- PORT optional - Port name should be a valid port -- --json optional - -- option to display the result in json format. By default output will be in tabular format. - -With no optional argument, all the ports muxcable status will be displayed in tabular form, or user can pass --json option to display in json format - -- Example: - ``` - admin@sonic:~$ show muxcable status - PORT STATUS HEALTH - ---------- -------- -------- - Ethernet32 active HEALTHY - Ethernet0 auto HEALTHY - ``` - ``` - admin@sonic:~$ show muxcable status --json - ``` - ```json - { - "MUX_CABLE": { - "Ethernet32": { - "STATUS": "active", - "HEALTH": "HEALTHY" - }, - "Ethernet0": { - "STATUS": "auto", - "HEALTH": "HEALTHY" - } - } - } - - ``` - ``` - admin@sonic:~$ show muxcable status Ethernet0 - PORT STATUS HEALTH - --------- -------- -------- - Ethernet0 auto HEALTHY - ``` - ``` - admin@sonic:~$ show muxcable status Ethernet0 --json - ``` - ```json - { - "MUX_CABLE": { - "Ethernet0": { - "STATUS": "auto", - "HEALTH": "HEALTHY" - } - } - } - ``` - -**show muxcable config** - -This command displays all the configurations of either all the ports which are connected to muxcable or any individual port selected by the user. The resultant table or json output will show the current configurations of muxcable on the port(active/standby) and also the ipv4 and ipv6 address of the port as well as peer TOR ip address with the hostname. - -- Usage: - ``` - show muxcable config [OPTIONS] [PORT] - ``` - -With no optional argument, all the ports muxcable configuration will be displayed in tabular form -While displaying the muxcable configuration, users can configure the following fields - -- PORT optional - Port name should be a valid port -- --json optional - option to display the result in json format. By default output will be in tabular format. - -- Example: - ``` - admin@sonic:~$ show muxcable config - SWITCH_NAME PEER_TOR - ------------- ---------- - sonic 10.1.1.1 - port state ipv4 ipv6 - --------- ------- -------- -------- - Ethernet0 active 10.1.1.1 fc00::75 - ``` - ``` - admin@sonic:~$ show muxcable config --json - ``` - ```json - { - "MUX_CABLE": { - "PEER_TOR": "10.1.1.1", - "PORTS": { - "Ethernet0": { - "STATE": "active", - "SERVER": { - "IPv4": "10.1.1.1", - "IPv6": "fc00::75" - } - } - } - } - } - ``` - ``` - admin@sonic:~$ show muxcable config Ethernet0 - SWITCH_NAME PEER_TOR - ------------- ---------- - sonic 10.1.1.1 - port state ipv4 ipv6 - --------- ------- -------- -------- - Ethernet0 active 10.1.1.1 fc00::75 - ``` - ``` - admin@sonic:~$ show muxcable config Ethernet0 --json - ``` - ```json - { - "MUX_CABLE": { - "PORTS": { - "Ethernet0": { - "STATE": "active", - "SERVER": { - "IPv4": "10.1.1.1", - "IPv6": "fc00::75" - } - } - } - } - } - ``` - -**show muxcable ber-info** - -This command displays the ber(Bit error rate) of the port user provides on the target user provides. The target provided as an integer corresponds to actual target as. -0 -> local -1 -> tor 1 -2 -> tor 2 -3 -> nic - -- Usage: - ``` - Usage: show muxcable ber-info [OPTIONS] PORT TARGET - ``` - - -- PORT required - Port number should be a valid port -- TARGET required - the actual target to get the ber info of. - -- Example: - ``` - admin@sonic:~$ show muxcable ber-info 1 1 - Lane1 Lane2 - ------- ------- - 0 0 - ``` - -**show muxcable ber-info** - -This command displays the eye info in mv(milli volts) of the port user provides on the target user provides. The target provided as an integer corresponds to actual target as. -0 -> local -1 -> tor 1 -2 -> tor 2 -3 -> nic - -- Usage: - ``` - Usage: show muxcable eye-info [OPTIONS] PORT TARGET - ``` - -- PORT required - Port number should be a valid port -- TARGET required - the actual target to get the eye info of. - -- Example: - ``` - admin@sonic:~$ show muxcable ber-info 1 1 - Lane1 Lane2 - ------- ------- - 632 622 - ``` - -### Muxcable Config commands - - -**config muxcable mode** - -This command is used for setting the configuration of a muxcable Port/all ports to be active or auto. The user has to enter a port number or else all to make the muxcable config operation on all the ports. Depending on the status of the muxcable port state the resultant output could be OK or INPROGRESS . OK would imply no change on the state, INPROGRESS would mean the toggle is happening in the background. - -- Usage: - ``` - config muxcable mode [OPTIONS] - ``` - -While configuring the muxcable, users needs to configure the following fields for the operation - -- operation_state, permitted operation to be configured which can only be auto or active -- PORT optional - Port name should be a valid port -- --json optional - option to display the result in json format. By default output will be in tabular format. - - -- Example: - ``` - admin@sonic:~$ sudo config muxcable mode active Ethernet0 - port state - --------- ------- - Ethernet0 OK - ``` - ``` - admin@sonic:~$ sudo config muxcable mode --json active Ethernet0 - ``` - ```json - { - "Ethernet0": "OK" - } - ``` - ``` - admin@sonic:~$ sudo config muxcable mode active all - port state - ---------- ---------- - Ethernet0 OK - Ethernet32 INPROGRESS - ``` - ``` - admin@sonic:~$ sudo config muxcable mode active all --json - ``` - ```json - { - "Ethernet32": "INPROGRESS", - "Ethernet0": "OK" - } - ``` -**config muxcable prbs enable/disable** - -This command is used for setting the configuration and enable/diable of prbs on a port user provides. While enabling in addition to port the user also needs to provides the target, prbs mode and lane map on which the user intends to run prbs on. The target reflects where the enable/dsiable will happen. - -- Usage: - ``` - config muxcable prbs enable [OPTIONS] PORT TARGET MODE_VALUE LANE_MAP - config muxcable prbs disable [OPTIONS] PORT TARGET - ``` - -While configuring the muxcable, users needs to configure the following fields for the operation - -- PORT required - Port number should be a valid port -- TARGET required - the actual target to run the prbs on - 0 -> local side, - 1 -> TOR 1 - 2 -> TOR 2 - 3 -> NIC -- MODE_VALUE required - the mode/type for configuring the PRBS mode. - 0x00 = PRBS 9, 0x01 = PRBS 15, 0x02 = PRBS 23, 0x03 = PRBS 31 -- LANE_MAP required - an integer representing the lane_map to be run PRBS on - 0bit for lane 0, 1bit for lane1 and so on. - for example 3 -> 0b'0011 , means running on lane0 and lane1 -- Example: - ``` - admin@sonic:~$ sudo config muxcable prbs enable 1 1 3 3 - PRBS config sucessful - admin@sonic:~$ sudo config muxcable prbs disable 1 0 - PRBS disable sucessful - ``` - -**config muxcable loopback enable/disable** - -This command is used for setting the configuration and enable/disable of loopback on a port user provides. While enabling in addition to port the user also needs to provides the target and lane map on which the user intends to run loopback on. The target reflects where the enable/dsiable will happen. - -- Usage: - ``` - config muxcable loopback enable [OPTIONS] PORT TARGET LANE_MAP - config muxcable loopback disable [OPTIONS] PORT TARGET - ``` - -While configuring the muxcable, users needs to configure the following fields for the operation - -- PORT required - Port number should be a valid port -- TARGET required - the actual target to run the loopback on - 0 -> local side, - 1 -> TOR 1 - 2 -> TOR 2 - 3 -> NIC -- LANE_MAP required - an integer representing the lane_map to be run loopback on - 0bit for lane 0, 1bit for lane1 and so on. - for example 3 -> 0b'0011 , means running on lane0 and lane1 - -- Example: - ``` - admin@sonic:~$ sudo config muxcable loopback enable 1 1 3 - loopback config sucessful - admin@sonic:~$ sudo config muxcable loopback disable 1 0 - loopback disable sucessfull - ``` - -Go Back To [Beginning of the document](#) or [Beginning of this section](#muxcable) - -## Mirroring - -### Mirroring Show commands - -**show mirror_session** - -This command displays all the mirror sessions that are configured. - -- Usage: - ``` - show mirror_session - ``` - -- Example: - ``` - admin@sonic:~$ show mirror_session - ERSPAN Sessions - Name Status SRC IP DST IP GRE DSCP TTL Queue Policer Monitor Port SRC Port Direction - ------ -------- -------- -------- ----- ------ ----- ------- --------- -------------- ---------- ----------- - everflow0 active 10.1.0.32 10.0.0.7 - - SPAN Sessions - Name Status DST Port SRC Port Direction - ------ -------- ---------- ------------- ----------- - port0 active Ethernet0 PortChannel10 rx - ``` - -### Mirroring Config commands - -**config mirror_session** - -This command is used to add or remove mirroring sessions. Mirror session is identified by "session_name". -This command supports configuring both SPAN/ERSPAN sessions. -In SPAN user can configure mirroring of list of source ports/LAG to destination port in ingress/egress/both directions. -In ERSPAN user can configure mirroring of list of source ports/LAG to a destination IP. -Both SPAN/ERSPAN support ACL based mirroring and can be used in ACL configurations. - -While adding a new ERSPAN session, users need to configure the following fields that are used while forwarding the mirrored packets. - -1) source IP address, -2) destination IP address, -3) DSCP (QoS) value with which mirrored packets are forwarded -4) TTL value -5) optional - GRE Type in case if user wants to send the packet via GRE tunnel. GRE type could be anything; it could also be left as empty; by default, it is 0x8949 for Mellanox; and 0x88be for the rest of the chips. -6) optional - Queue in which packets shall be sent out of the device. Valid values 0 to 7 for most of the devices. Users need to know their device and the number of queues supported in that device. -7) optional - Policer which will be used to control the rate at which frames are mirrored. -8) optional - List of source ports which can have both Ethernet and LAG ports. -9) optional - Direction - Mirror session direction when configured along with Source port. (Supported rx/tx/both. default direction is both) - -- Usage: - ``` - config mirror_session erspan add [gre_type] [queue] [policer ] [source-port-list] [direction] - ``` - - The following command is also supported to be backward compatible. - This command will be deprecated in future releases. - ``` - config mirror_session add [gre_type] [queue] - ``` - -- Example: - ``` - root@T1-2:~# config mirror_session add mrr_legacy 1.2.3.4 20.21.22.23 8 100 0x6558 0 - root@T1-2:~# show mirror_session - Name Status SRC IP DST IP GRE DSCP TTL Queue Policer Monitor Port SRC Port Direction - --------- -------- -------- ----------- ------ ------ ----- ------- --------- -------------- ---------- ----------- - mrr_legacy inactive 1.2.3.4 20.21.22.23 0x6558 8 100 0 - - - root@T1-2:~# config mirror_session erspan add mrr_abcd 1.2.3.4 20.21.22.23 8 100 0x6558 0 - root@T1-2:~# show mirror_session - Name Status SRC IP DST IP GRE DSCP TTL Queue Policer Monitor Port SRC Port Direction - --------- -------- -------- ----------- ------ ------ ----- ------- --------- -------------- ---------- ----------- - mrr_abcd inactive 1.2.3.4 20.21.22.23 0x6558 8 100 0 - root@T1-2:~# - - root@T1-2:~# config mirror_session erspan add mrr_port 1.2.3.4 20.21.22.23 8 100 0x6558 0 Ethernet0 - root@T1-2:~# show mirror_session - Name Status SRC IP DST IP GRE DSCP TTL Queue Policer Monitor Port SRC Port Direction - --------- -------- -------- ----------- ------ ------ ----- ------- --------- -------------- ---------- ----------- - mrr_port inactive 1.2.3.4 20.21.22.23 0x6558 8 100 0 Ethernet0 both - root@T1-2:~# - ``` - -While adding a new SPAN session, users need to configure the following fields that are used while forwarding the mirrored packets. -1) destination port, -2) optional - List of source ports- List of source ports which can have both Ethernet and LAG ports. -3) optional - Direction - Mirror session direction when configured along with Source port. (Supported rx/tx/both. default direction is both) -4) optional - Queue in which packets shall be sent out of the device. Valid values 0 to 7 for most of the devices. Users need to know their device and the number of queues supported in that device. -5) optional - Policer which will be used to control the rate at which frames are mirrored. - -- Usage: - ``` - config mirror_session span add [source-port-list] [direction] [queue] [policer ] - ``` - -- Example: - ``` - root@T1-2:~# config mirror_session span add port0 Ethernet0 Ethernet4,PortChannel001,Ethernet8 - root@T1-2:~# show mirror_session - Name Status DST Port SRC Port Direction - ------ -------- ---------- --------------------------------- ----------- - port0 active Ethernet0 Ethernet4,PortChannel10,Ethernet8 both - root@T1-2:~# - ``` - -Go Back To [Beginning of the document](#) or [Beginning of this section](#mirroring) - -## NAT - -### NAT Show commands - -**show nat config** - -This command displays the NAT configuration. - -- Usage: - ``` - show nat config [static | pool | bindings | globalvalues | zones] - ``` - -With no optional arguments, the whole NAT configuration is displayed. - -- Example: - ``` - admin@sonic:~$ show nat config static - - Nat Type IP Protocol Global IP Global L4 Port Local IP Local L4 Port Twice-Nat Id - -------- ----------- ------------ -------------- ------------- ------------- ------------ - dnat all 65.55.45.5 --- 10.0.0.1 --- --- - dnat all 65.55.45.6 --- 10.0.0.2 --- --- - dnat tcp 65.55.45.7 2000 20.0.0.1 4500 1 - snat tcp 20.0.0.2 4000 65.55.45.8 1030 1 - - admin@sonic:~$ show nat config pool - - Pool Name Global IP Range Global L4 Port Range - ------------ ------------------------- -------------------- - Pool1 65.55.45.5 1024-65535 - Pool2 65.55.45.6-65.55.45.8 --- - Pool3 65.55.45.10-65.55.45.15 500-1000 - - admin@sonic:~$ show nat config bindings - - Binding Name Pool Name Access-List Nat Type Twice-Nat Id - ------------ ------------ ------------ -------- ------------ - Bind1 Pool1 --- snat --- - Bind2 Pool2 1 snat 1 - Bind3 Pool3 2 snat -- - - admin@sonic:~$ show nat config globalvalues - - Admin Mode : enabled - Global Timeout : 600 secs - TCP Timeout : 86400 secs - UDP Timeout : 300 secs - - admin@sonic:~$ show nat config zones - - Port Zone - ---- ---- - Ethernet2 0 - Vlan100 1 - ``` - -**show nat statistics** - -This command displays the NAT translation statistics for each entry. - -- Usage: - ``` - show nat statistics - ``` - -- Example: - ``` - admin@sonic:~$ show nat statistics - - Protocol Source Destination Packets Bytes - -------- --------- -------------- ------------- ------------- - all 10.0.0.1 --- 802 1009280 - all 10.0.0.2 --- 23 5590 - tcp 20.0.0.1:4500 --- 110 12460 - udp 20.0.0.1:4000 --- 1156 789028 - tcp 20.0.0.1:6000 --- 30 34800 - tcp 20.0.0.1:5000 65.55.42.1:2000 128 110204 - tcp 20.0.0.1:5500 65.55.42.1:2000 8 3806 - ``` - -**show nat translations** - -This command displays the NAT translation entries. - -- Usage: - ``` - show nat translations [count] - ``` -Giving the optional count argument displays only the details about the number of translation entries. -- Example: - ``` - admin@sonic:~$ show nat translations - - Static NAT Entries ................. 4 - Static NAPT Entries ................. 2 - Dynamic NAT Entries ................. 0 - Dynamic NAPT Entries ................. 4 - Static Twice NAT Entries ................. 0 - Static Twice NAPT Entries ................. 4 - Dynamic Twice NAT Entries ................ 0 - Dynamic Twice NAPT Entries ................ 0 - Total SNAT/SNAPT Entries ................ 9 - Total DNAT/DNAPT Entries ................ 9 - Total Entries ................ 14 - - Protocol Source Destination Translated Source Translated Destination - -------- --------- -------------- ----------------- ---------------------- - all 10.0.0.1 --- 65.55.42.2 --- - all --- 65.55.42.2 --- 10.0.0.1 - all 10.0.0.2 --- 65.55.42.3 --- - all --- 65.55.42.3 --- 10.0.0.2 - tcp 20.0.0.1:4500 --- 65.55.42.1:2000 --- - tcp --- 65.55.42.1:2000 --- 20.0.0.1:4500 - udp 20.0.0.1:4000 --- 65.55.42.1:1030 --- - udp --- 65.55.42.1:1030 --- 20.0.0.1:4000 - tcp 20.0.0.1:6000 --- 65.55.42.1:1024 --- - tcp --- 65.55.42.1:1024 --- 20.0.0.1:6000 - tcp 20.0.0.1:5000 65.55.42.1:2000 65.55.42.1:1025 20.0.0.1:4500 - tcp 20.0.0.1:4500 65.55.42.1:1025 65.55.42.1:2000 20.0.0.1:5000 - tcp 20.0.0.1:5500 65.55.42.1:2000 65.55.42.1:1026 20.0.0.1:4500 - tcp 20.0.0.1:4500 65.55.42.1:1026 65.55.42.1:2000 20.0.0.1:5500 - - admin@sonic:~$ show nat translations count - - Static NAT Entries ................. 4 - Static NAPT Entries ................. 2 - Dynamic NAT Entries ................. 0 - Dynamic NAPT Entries ................. 4 - Static Twice NAT Entries ................. 0 - Static Twice NAPT Entries ................. 4 - Dynamic Twice NAT Entries ................ 0 - Dynamic Twice NAPT Entries ................ 0 - Total SNAT/SNAPT Entries ................ 9 - Total DNAT/DNAPT Entries ................ 9 - Total Entries ................ 14 - ``` - -### NAT Config commands - -**config nat add static** - -This command is used to add a static NAT or NAPT entry. -When configuring the Static NAT entry, user has to specify the following fields with 'basic' keyword. - -1. Global IP address, -2. Local IP address, -3. NAT type (snat / dnat) to be applied on the Global IP address. Default value is dnat. This is optinoal argument. -4. Twice NAT Id. This is optional argument used in case of twice nat configuration. - -When configuring the Static NAPT entry, user has to specify the following fields. - -1. IP protocol type (tcp / udp) -2. Global IP address + Port -3. Local IP address + Port -4. NAT type (snat / dnat) to be applied on the Global IP address + Port. Default value is dnat. This is optional argument. -5. Twicw NAT Id. This is optional argument used in case of twice nat configuration. - -- Usage: - ``` - config nat add static {{basic (global-ip) (local-ip)} | {{tcp | udp} (global-ip) (global-port) (local-ip) (local-port)}} [-nat_type {snat | dnat}] [-twice_nat_id (value)] - ``` - -To delete a static NAT or NAPT entry, use the command below. Giving the all argument deletes all the configured static NAT and NAPT entries. -``` -config nat remove static {{basic (global-ip) (local-ip)} | {{tcp | udp} (global-ip) (global-port) (local-ip) (local-port)} | all} -``` -- Example: - ``` - admin@sonic:~$ sudo config nat add static basic 65.55.45.1 12.12.12.14 -nat_type dnat - admin@sonic:~$ sudo config nat add static tcp 65.55.45.2 100 12.12.12.15 200 -nat_type dnat - - admin@sonic:~$ show nat translations - - Static NAT Entries ................. 2 - Static NAPT Entries ................. 2 - Dynamic NAT Entries ................. 0 - Dynamic NAPT Entries ................. 0 - Static Twice NAT Entries ................. 0 - Static Twice NAPT Entries ................. 0 - Dynamic Twice NAT Entries ................ 0 - Dynamic Twice NAPT Entries ................ 0 - Total SNAT/SNAPT Entries ................ 2 - Total DNAT/DNAPT Entries ................ 2 - Total Entries ................ 4 - - Protocol Source Destination Translated Source Translated Destination - -------- --------- -------------- ----------------- ---------------------- - all 12.12.12.14 --- 65.55.42.1 --- - all --- 65.55.42.1 --- 12.12.12.14 - tcp 12.12.12.15:200 --- 65.55.42.2:100 --- - tcp --- 65.55.42.2:100 --- 12.12.12.15:200 - ``` - -**config nat add pool** - -This command is used to create a NAT pool used for dynamic Source NAT or NAPT translations. -Pool can be configured in one of the following combinations. - -1. Global IP address range (or) -2. Global IP address + L4 port range (or) -3. Global IP address range + L4 port range. - -- Usage: - ``` - config nat add pool (pool-name) (global-ip-range) (global-port-range) - ``` -To delete a NAT pool, use the command. Pool cannot be removed if it is referenced by a NAT binding. Giving the pools argument removes all the configured pools. -``` -config nat remove {pool (pool-name) | pools} -``` -- Example: - ``` - admin@sonic:~$ sudo config nat add pool pool1 65.55.45.2-65.55.45.10 - admin@sonic:~$ sudo config nat add pool pool2 65.55.45.3 100-1024 - - admin@sonic:~$ show nat config pool - - Pool Name Global IP Range Global Port Range - ----------- ---------------------- ------------------- - pool1 65.55.45.2-65.55.45.10 --- - pool2 65.55.45.3 100-1024 - ``` - -**config nat add binding** - -This command is used to create a NAT binding between a pool and an ACL. The following fields are needed for configuring the binding. - - 1. ACL is an optional argument. If ACL argument is not given, the NAT binding is applicable to match all traffic. - 2. NAT type is an optional argument. Only DNAT type is supoprted for binding. - 3. Twice NAT Id is an optional argument. This Id is used to form a twice nat grouping with the static NAT/NAPT entry configured with the same Id. - -- Usage: - ``` - config nat add binding (binding-name) [(pool-name)] [(acl-name)] [-nat_type {snat | dnat}] [-twice_nat_id (value)] - ``` -To delete a NAT binding, use the command below. Giving the bindings argument removes all the configured bindings. -``` -config nat remove {binding (binding-name) | bindings} -``` -- Example: - ``` - admin@sonic:~$ sudo config nat add binding bind1 pool1 acl1 - admin@sonic:~$ sudo config nat add binding bind2 pool2 - - admin@sonic:~$ show nat config bindings - - Binding Name Pool Name Access-List Nat Type Twice-NAT Id - -------------- ----------- ------------- ---------- -------------- - bind1 pool1 acl1 snat --- - bind2 pool2 snat --- - ``` - -**config nat add interface** - -This command is used to configure NAT zone on an L3 interface. Default value of NAT zone on an L3 interface is 0. Valid range of zone values is 0-3. - -- Usage: - ``` - config nat add interface (interface-name) -nat_zone (value) - ``` -To reset the NAT zone on an interface, use the command below. Giving the interfaces argument resets the NAT zone on all the L3 interfaces to 0. -``` -config nat remove {interface (interface-name) | interfaces} -``` -- Example: - ``` - admin@sonic:~$ sudo config nat add interface Ethernet28 -nat_zone 1 - - admin@sonic:~$ show nat config zones - - Port Zone - ---------- ------ - Ethernet0 0 - Ethernet28 1 - Ethernet22 0 - Vlan2091 0 - ``` - -**config nat set** - -This command is used to set the NAT timeout values. Different timeout values can be configured for the NAT entry timeout, NAPT TCP entry timeout, NAPT UDP entry timeout. -Range for Global NAT entry timeout is 300 sec to 432000 sec, default value is 600 sec. -Range for TCP NAT/NAPT entry timeout is 300 sec to 432000 sec, default value is 86400 sec. -Range for UDP NAT/NAPT entry timeout is 120 sec to 600 sec, default value is 300 sec. - -- Usage: - ``` - config nat set {tcp-timeout (value) | timeout (value) | udp-timeout (value)} - ``` -To reset the timeout values to the default values, use the command -``` -config nat reset {tcp-timeout | timeout | udp-timeout} -``` -- Example: - ``` - admin@sonic:~$ sudo config nat add set tcp-timeout 3600 - - admin@sonic:~$ show nat config globalvalues - - Admin Mode : enabled - Global Timeout : 600 secs - TCP Timeout : 600 secs - UDP Timeout : 300 secs - ``` - -**config nat feature** - -This command is used to enable or disable the NAT feature. - -- Usage: - ``` - config nat feature {enable | disable} - ``` - -- Example: - ``` - admin@sonic:~$ sudo config nat feature enable - admin@sonic:~$ sudo config nat feature disable - ``` - -### NAT Clear commands - -**sonic-clear nat translations** - -This command is used to clear the dynamic NAT and NAPT translation entries. - -- Usage: - ``` - sonic-clear nat translations - ``` - -**sonic-clear nat statistics** - -This command is used to clear the statistics of all the NAT and NAPT entries. - -- Usage: - ``` - sonic-clear nat statistics - ``` - -Go Back To [Beginning of the document](#) or [Beginning of this section](#nat) - - -## NTP - -### NTP show commands - -**show ntp** - -This command displays a list of NTP peers known to the server as well as a summary of their state. - -- Usage: - ``` - show ntp - ``` - -- Example: - ``` - admin@sonic:~$ show ntp - synchronised to NTP server (204.2.134.164) at stratum 3 - time correct to within 326797 ms - polling server every 1024 s - - remote refid st t when poll reach delay offset jitter - ============================================================================== - 23.92.29.245 .XFAC. 16 u - 1024 0 0.000 0.000 0.000 - *204.2.134.164 46.233.231.73 2 u 916 1024 377 3.079 0.394 0.128 - ``` - - -### NTP Config Commands - -This sub-section of commands is used to add or remove the configured NTP servers. - -**config ntp add** - -This command is used to add a NTP server IP address to the NTP server list. Note that more that one NTP server IP address can be added in the device. - -- Usage: - ``` - config ntp add - ``` - -- Example: - ``` - admin@sonic:~$ sudo config ntp add 9.9.9.9 - NTP server 9.9.9.9 added to configuration - Restarting ntp-config service... - ``` - -**config ntp delete** - -This command is used to delete a configured NTP server IP address. - -- Usage: - ``` - config ntp del - ``` - -- Example: - ``` - admin@sonic:~$ sudo config ntp del 9.9.9.9 - NTP server 9.9.9.9 removed from configuration - Restarting ntp-config service... - ``` - -Go Back To [Beginning of the document](#) or [Beginning of this section](#NTP) - -# PFC Watchdog Commands -Detailed description of the PFC Watchdog could be fount on the [this wiki page](https://github.com/Azure/SONiC/wiki/PFC-Watchdog) - -**config pfcwd start \** - -This command starts PFC Watchdog - -- Usage: - ``` - config pfcwd start --action drop all 400 --restoration-time 400 - config pfcwd start --action forward Ethernet0 Ethernet8 400 - ``` - -**config pfcwd stop** - -This command stops PFC Watchdog - -- Usage: - ``` - config pfcwd stop - ``` - -**config pfcwd interval \** - -This command sets PFC Watchdog counter polling interval (in ms) - -- Usage: - ``` - config pfcwd interval 200 - ``` - -**config pfcwd counter_poll \** - -This command enables or disables PFCWD related counters polling - -- Usage: - ``` - config pfcwd counter_poll disable - ``` - -**config pfcwd big_red_switch \** - -This command enables or disables PFCWD's "BIG RED SWITCH"(BRS). After enabling BRS PFC Watchdog will be activated on all ports/queues it is configured for no matter whether the storm was detected or not - -- Usage: - ``` - config pfcwd big_red_switch enable - ``` - -**config pfcwd start_default** - -This command starts PFC Watchdog with the default settings. - -- Usage: - ``` - config pfcwd start_default - ``` - -Default values are the following: - - - detection time - 200ms - - restoration time - 200ms - - polling interval - 200ms - - action - 'drop' - -Additionally if number of ports in the system exceeds 32, all times will be multiplied by roughly /32. - - -**show pfcwd config** - -This command shows current PFC Watchdog configuration - -- Usage: - ``` - show pfcwd config - ``` - -**show pfcwd stats** - -This command shows current PFC Watchdog statistics (storms detected, packets dropped, etc) - -- Usage: - ``` - show pfcwd stats - ``` - -Go Back To [Beginning of the document](#) or [Beginning of this section](#pfc-watchdog-commands) - -## Platform Component Firmware - -### Platform Component Firmware show commands - -**show platform firmware status** - -This command displays platform components firmware status information. - -- Usage: -```bash -show platform firmware status -``` - -- Example: -```bash -admin@sonic:~$ sudo show platform firmware status -Chassis Module Component Version Description ---------- -------- ----------- ----------------------- ---------------------------------------- -MSN3800 N/A ONIE 2020.11-5.2.0022-9600 ONIE - Open Network Install Environment - SSD 0202-000 SSD - Solid-State Drive - BIOS 0ACLH004_02.02.008_9600 BIOS - Basic Input/Output System - CPLD1 CPLD000120_REV0900 CPLD - Complex Programmable Logic Device - CPLD2 CPLD000165_REV0500 CPLD - Complex Programmable Logic Device - CPLD3 CPLD000166_REV0300 CPLD - Complex Programmable Logic Device - CPLD4 CPLD000167_REV0100 CPLD - Complex Programmable Logic Device -``` - -**show platform firmware updates** - -This command displays platform components firmware updates information. - -- Usage: -```bash -show platform firmware updates [-i|--image] -``` - -- Options: - - _-i|--image_: show updates using current/next SONiC image - - Valid values: - - current - - next - - Default: - - current - -- Example: -```bash -admin@sonic:~$ sudo show platform firmware updates -Chassis Module Component Firmware Version (Current/Available) Status ---------- -------- ----------- ------------------------------------------ ------------------------------------------------- ------------------ -MSN3800 N/A ONIE /usr/local/lib/firmware/mellanox/onie.bin 2020.11-5.2.0022-9600 / 2020.11-5.2.0024-9600 update is required - SSD /usr/local/lib/firmware/mellanox/ssd.bin 0202-000 / 0204-000 update is required - BIOS /usr/local/lib/firmware/mellanox/bios.bin 0ACLH004_02.02.008_9600 / 0ACLH004_02.02.010_9600 update is required - CPLD1 /usr/local/lib/firmware/mellanox/cpld.mpfa CPLD000120_REV0900 / CPLD000120_REV0900 up-to-date - CPLD2 /usr/local/lib/firmware/mellanox/cpld.mpfa CPLD000165_REV0500 / CPLD000165_REV0500 up-to-date - CPLD3 /usr/local/lib/firmware/mellanox/cpld.mpfa CPLD000166_REV0300 / CPLD000166_REV0300 up-to-date - CPLD4 /usr/local/lib/firmware/mellanox/cpld.mpfa CPLD000167_REV0100 / CPLD000167_REV0100 up-to-date -``` - -- Note: - - current/next values for _-i|--image_ are taken from `sonic-installer list` - ```bash - admin@sonic:~$ sudo sonic-installer list - Current: SONiC-OS-202012.0-fb89c28c9 - Next: SONiC-OS-201911.0-2bec3004e - Available: - SONiC-OS-202012.0-fb89c28c9 - SONiC-OS-201911.0-2bec3004e - ``` - -**show platform firmware version** - -This command displays platform components firmware utility version. - -- Usage: -```bash -show platform firmware version -``` - -- Example: -```bash -admin@sonic:~$ show platform firmware version -fwutil version 2.0.0.0 -``` - -### Platform Component Firmware config commands - -**config platform firmware install** - -This command is used to install a platform component firmware. -Both modular and non modular chassis platforms are supported. - -- Usage: -```bash -config platform firmware install chassis component fw [-y|--yes] -config platform firmware install module component fw [-y|--yes] -``` - -- Options: - - _-y|--yes_: automatic yes to prompts. Assume "yes" as answer to all prompts and run non-interactively - -- Example: -```bash -admin@sonic:~$ sudo config platform firmware install chassis component BIOS fw /usr/local/lib/firmware/mellanox/sn3800/chassis1/bios.bin -Warning: Immediate cold reboot is required to complete BIOS firmware update. -New firmware will be installed, continue? [y/N]: y -Installing firmware: - /usr/local/lib/firmware/mellanox/sn3800/chassis1/bios.bin - -admin@sonic:~$ sudo config platform firmware install module Module1 component BIOS fw https://www.mellanox.com/fw/sn3800/module1/bios.bin -Warning: Immediate cold reboot is required to complete BIOS firmware update. -New firmware will be installed, continue? [y/N]: y -Downloading firmware: - [##################################################] 100% -Installing firmware: - /tmp/bios.bin -``` - -- Note: - - can be absolute path or URL - -**config platform firmware update** - -This command is used to update a platform component firmware from current/next SONiC image. -Both modular and non modular chassis platforms are supported. - -FW update requires `platform_components.json` to be created and placed at: -sonic-buildimage/device///platform_components.json - -Example: -1. Non modular chassis platform -```json -{ - "chassis": { - "Chassis1": { - "component": { - "BIOS": { - "firmware": "/usr/local/lib/firmware///chassis1/bios.bin", - "version": "" - }, - "CPLD": { - "firmware": "/usr/local/lib/firmware///chassis1/cpld.bin", - "version": "" - }, - "FPGA": { - "firmware": "/usr/local/lib/firmware///chassis1/fpga.bin", - "version": "" - } - } - } - } -} -``` - -2. Modular chassis platform -```json -{ - "chassis": { - "Chassis1": { - "component": { - "BIOS": { - "firmware": "/usr/local/lib/firmware///chassis1/bios.bin", - "version": "" - }, - "CPLD": { - "firmware": "/usr/local/lib/firmware///chassis1/cpld.bin", - "version": "" - }, - "FPGA": { - "firmware": "/usr/local/lib/firmware///chassis1/fpga.bin", - "version": "" - } - } - } - }, - "module": { - "Module1": { - "component": { - "CPLD": { - "firmware": "/usr/local/lib/firmware///module1/cpld.bin", - "version": "" - }, - "FPGA": { - "firmware": "/usr/local/lib/firmware///module1/fpga.bin", - "version": "" - } - } - } - } -} -``` - -- Usage: -```bash -config platform firmware update chassis component fw [-y|--yes] [-f|--force] [-i|--image] -config platform firmware update module component fw [-y|--yes] [-f|--force] [-i|--image] -``` - -- Options: - - _-y|--yes_: automatic yes to prompts. Assume "yes" as answer to all prompts and run non-interactively - - _-f|--force_: update FW regardless the current version - - _-i|--image_: update FW using current/next SONiC image - - Valid values: - - current - - next - - Default: - - current - -- Example: -```bash -admin@sonic:~$ sudo config platform firmware update chassis component BIOS fw -Warning: Immediate cold reboot is required to complete BIOS firmware update. -New firmware will be installed, continue? [y/N]: y -Updating firmware: - /usr/local/lib/firmware/mellanox/x86_64-mlnx_msn3800-r0/chassis1/bios.bin - -admin@sonic:~$ sudo config platform firmware update module Module1 component BIOS fw -Warning: Immediate cold reboot is required to complete BIOS firmware update. -New firmware will be installed, continue? [y/N]: y -Updating firmware: - /usr/local/lib/firmware/mellanox/x86_64-mlnx_msn3800-r0/module1/bios.bin -``` - -- Note: - - FW update will be disabled if component definition is not provided (e.g., 'BIOS': { }) - - FW version will be read from image if `version` field is not provided - - current/next values for _-i|--image_ are taken from `sonic-installer list` - ```bash - admin@sonic:~$ sudo sonic-installer list - Current: SONiC-OS-202012.0-fb89c28c9 - Next: SONiC-OS-201911.0-2bec3004e - Available: - SONiC-OS-202012.0-fb89c28c9 - SONiC-OS-201911.0-2bec3004e - ``` - -### Platform Component Firmware vendor specific behaviour - -#### Mellanox - -**CPLD update** - -On Mellanox platforms CPLD update can be done either for single or for all components at once. -The second approach is preferred. In this case an aggregated `vme` binary is used and -CPLD component can be specified arbitrary. - -- Example: -```bash -root@sonic:/home/admin# show platform firmware -Chassis Module Component Version Description ----------------------- -------- ----------- ----------------------- ---------------------------------------- -x86_64-mlnx_msn3800-r0 N/A BIOS 0ACLH004_02.02.007_9600 BIOS - Basic Input/Output System - CPLD1 CPLD000000_REV0400 CPLD - Complex Programmable Logic Device - CPLD2 CPLD000000_REV0300 CPLD - Complex Programmable Logic Device - CPLD3 CPLD000000_REV0300 CPLD - Complex Programmable Logic Device - CPLD4 CPLD000000_REV0100 CPLD - Complex Programmable Logic Device - -root@sonic:/home/admin# BURN_VME="$(pwd)/FUI000091_Burn_SN3800_CPLD000120_REV0600_CPLD000165_REV0400_CPLD000166_REV0300_CPLD000167_REV0100.vme" -root@sonic:/home/admin# REFRESH_VME="$(pwd)/FUI000091_Refresh_SN3800_CPLD000120_REV0600_CPLD000165_REV0400_CPLD000166_REV0300_CPLD000167_REV0100.vme" - -root@sonic:/home/admin# config platform firmware install chassis component CPLD1 fw -y ${BURN_VME} -root@sonic:/home/admin# config platform firmware install chassis component CPLD1 fw -y ${REFRESH_VME} - -root@sonic:/home/admin# show platform firmware -Chassis Module Component Version Description ----------------------- -------- ----------- ----------------------- ---------------------------------------- -x86_64-mlnx_msn3800-r0 N/A BIOS 0ACLH004_02.02.007_9600 BIOS - Basic Input/Output System - CPLD1 CPLD000000_REV0600 CPLD - Complex Programmable Logic Device - CPLD2 CPLD000000_REV0400 CPLD - Complex Programmable Logic Device - CPLD3 CPLD000000_REV0300 CPLD - Complex Programmable Logic Device - CPLD4 CPLD000000_REV0100 CPLD - Complex Programmable Logic Device -``` - -Note: the update will have the same effect if any of CPLD1/CPLD2/CPLD3/CPLD4 will be used - -Go Back To [Beginning of the document](#) or [Beginning of this section](#platform-component-firmware) - - -## Platform Specific Commands - -### Mellanox Platform Specific Commands - -There are few commands that are platform specific. Mellanox has used this feature and implemented Mellanox specific commands as follows. - -**show platform mlnx sniffer** - -This command shows the SDK sniffer status - -- Usage: - ``` - show platform mlnx sniffer - ``` - -- Example: - ``` - admin@sonic:~$ show platform mlnx sniffer - sdk sniffer is disabled - ``` - -**show platform mlnx sniffer** - -Another show command available on ‘show platform mlnx’ which is the issu status. -This means if ISSU is enabled on this SKU or not. A warm boot command can be executed only when ISSU is enabled on the SKU. - -- Usage: - ``` - show platform mlnx issu - ``` - -- Example: - ``` - admin@sonic:~$ show platform mlnx issu - ISSU is enabled - ``` - -In the case ISSU is disabled and warm-boot is called, the user will get a notification message explaining that the command cannot be invoked. - -- Example: - ``` - admin@sonic:~$ sudo warm-reboot - ISSU is not enabled on this HWSKU - Warm reboot is not supported - ``` - -**config platform mlnx** - -This command is valid only on mellanox devices. The sub-commands for "config platform" gets populated only on mellanox platforms. -There are no other subcommands on non-Mellanox devices and hence this command appears empty and useless in other platforms. -The platform mellanox command currently includes a single sub command which is the SDK sniffer. -The SDK sniffer is a troubleshooting tool which records the RPC calls from the Mellanox SDK user API library to the sx_sdk task into a .pcap file. -This .pcap file can be replayed afterward to get the exact same configuration state on SDK and FW to reproduce and investigate issues. - -A new folder will be created to store the sniffer files: "/var/log/mellanox/sniffer/". The result file will be stored in a .pcap file, which includes a time stamp of the starting time in the file name, for example, "sx_sdk_sniffer_20180224081306.pcap" -In order to have a complete .pcap file with all the RPC calls, the user should disable the SDK sniffer. Swss service will be restarted and no capturing is taken place from that moment. -It is recommended to review the .pcap file while sniffing is disabled. -Once SDK sniffer is enabled/disabled, the user is requested to approve that swss service will be restarted. -For example: To change SDK sniffer status, swss service will be restarted, continue? [y/N]: -In order to avoid that confirmation the -y / --yes option should be used. - -- Usage: - ``` - config platform mlnx sniffer sdk [-y|--yes] - ``` - -- Example: - ``` - admin@sonic:~$ config platform mlnx sniffer sdk - To change SDK sniffer status, swss service will be restarted, continue? [y/N]: y - NOTE: In order to avoid that confirmation the -y / --yes option should be used. - ``` - -### Barefoot Platform Specific Commands - -**show platform barefoot profile** - -This command displays active P4 profile and lists available ones. - -- Usage: - ``` - show platform barefoot profile - ``` - -- Example: - ``` - admin@sonic:~$ show platform barefoot profile - Current profile: x1 - Available profile(s): - x1 - x2 - ``` - -**config platform barefoot profile** - -This command sets P4 profile. - -- Usage: - ``` - config platform barefoot profile [-y|--yes] - ``` - -- Example: - ``` - admin@sonic:~$ sudo config platform barefoot profile x1 - Swss service will be restarted, continue? [y/N]: y - ``` - -Go Back To [Beginning of the document](#) or [Beginning of this section](#platform-specific-commands) - - -## PortChannels - -### PortChannel Show commands - -**show interfaces portchannel** - -This command displays all the port channels that are configured in the device and its current status. - -- Usage: - ``` - show interfaces portchannel - ``` - -- Example: - ``` - admin@sonic:~$ show interfaces portchannel - Flags: A - active, I - inactive, Up - up, Dw - Down, N/A - not available, S - selected, D - deselected - No. Team Dev Protocol Ports - ----- ------------- ----------- --------------------------- - 24 PortChannel24 LACP(A)(Up) Ethernet28(S) Ethernet24(S) - 48 PortChannel48 LACP(A)(Up) Ethernet52(S) Ethernet48(S) - 40 PortChannel40 LACP(A)(Up) Ethernet44(S) Ethernet40(S) - 0 PortChannel0 LACP(A)(Up) Ethernet0(S) Ethernet4(S) - 8 PortChannel8 LACP(A)(Up) Ethernet8(S) Ethernet12(S) - ``` - - -### PortChannel Config commands - -This sub-section explains how to configure the portchannel and its member ports. - -**config portchannel** - -This command is used to add or delete the portchannel. -It is recommended to use portchannel names in the format "PortChannelxxxx", where "xxxx" is number of 1 to 4 digits. Ex: "PortChannel0002". - -NOTE: If users specify any other name like "pc99", command will succeed, but such names are not supported. Such names are not printed properly in the "show interface portchannel" command. It is recommended not to use such names. - -When any port is already member of any other portchannel and if user tries to add the same port in some other portchannel (without deleting it from the current portchannel), the command fails internally. But, it does not print any error message. In such cases, remove the member from current portchannel and then add it to new portchannel. - -Command takes two optional arguements given below. -1) min-links - minimum number of links required to bring up the portchannel -2) fallback - true/false. LACP fallback feature can be enabled / disabled. When it is set to true, only one member port will be selected as active per portchannel during fallback mode. Refer https://github.com/Azure/SONiC/blob/master/doc/lag/LACP%20Fallback%20Feature%20for%20SONiC_v0.5.md for more details about fallback feature. - -A port channel can be deleted only if it does not have any members or the members are already deleted. When a user tries to delete a port channel and the port channel still has one or more members that exist, the deletion of port channel is blocked. - -- Usage: - ``` - config portchannel (add | del) [--min-links ] [--fallback (true | false)] - ``` - -- Example (Create the portchannel with name "PortChannel0011"): - ``` - admin@sonic:~$ sudo config portchannel add PortChannel0011 - ``` - -**config portchannel member** - -This command adds or deletes a member port to/from the already created portchannel. - -- Usage: - ``` - config portchannel member (add | del) - ``` - -- Example (Add interface Ethernet4 as member of the portchannel "PortChannel0011"): - ``` - admin@sonic:~$ sudo config portchannel member add PortChannel0011 Ethernet4 - ``` - -Go Back To [Beginning of the document](#) or [Beginning of this section](#portchannels) - -## NVGRE - -This section explains the various show commands and configuration commands available for users. - -### NVGRE show commands - -This subsection explains how to display the NVGRE configuration. - -**show nvgre-tunnel** - -This command displays the NVGRE tunnel configuration. - -- Usage: -```bash -show nvgre-tunnel -``` - -- Example: -```bash -admin@sonic:~$ show nvgre-tunnel -TUNNEL NAME SRC IP -------------- -------- -tunnel_1 10.0.0.1 -``` - -**show nvgre-tunnel-map** - -This command displays the NVGRE tunnel map configuration. - -- Usage: -```bash -show nvgre-tunnel-map -``` - -- Example: -```bash -admin@sonic:~$ show nvgre-tunnel-map -TUNNEL NAME TUNNEL MAP NAME VLAN ID VSID -------------- ----------------- --------- ------ -tunnel_1 Vlan1000 1000 5000 -tunnel_1 Vlan2000 2000 6000 -``` - -### NVGRE config commands - -This subsection explains how to configure the NVGRE. - -**config nvgre-tunnel** - -This command is used to manage the NVGRE tunnel objects. -It supports add/delete operations. - -- Usage: -```bash -config nvgre-tunnel add --src-ip -config nvgre-tunnel delete -``` - -- Parameters: - - _tunnel-name_: the name of the NVGRE tunnel - - _src-ip_: source ip address - -- Examples: -```bash -config nvgre-tunnel add 'tunnel_1' --src-ip '10.0.0.1' -config nvgre-tunnel delete 'tunnel_1' -``` - -**config nvgre-tunnel-map** - -This command is used to manage the NVGRE tunnel map objects. -It supports add/delete operations. - -- Usage: -```bash -config nvgre-tunnel-map add --vlan-id --vsid -config nvgre-tunnel-map delete -``` - -- Parameters: - - _tunnel-name_: the name of the NVGRE tunnel - - _tunnel-map-name_: the name of the NVGRE tunnel map - - _vlan-id_: VLAN identifier - - _vsid_: Virtual Subnet Identifier - -- Examples: -```bash -config nvgre-tunnel-map add 'tunnel_1' 'Vlan2000' --vlan-id '2000' --vsid '6000' -config nvgre-tunnel-map delete 'tunnel_1' 'Vlan2000' -``` - -## PBH - -This section explains the various show commands and configuration commands available for users. - -### PBH show commands - -This subsection explains how to display PBH configuration and statistics. - -**show pbh table** - -This command displays PBH table configuration. - -- Usage: -```bash -show pbh table -``` - -- Example: -```bash -admin@sonic:~$ show pbh table -NAME INTERFACE DESCRIPTION ---------- --------------- --------------- -pbh_table Ethernet0 NVGRE and VxLAN - Ethernet4 - PortChannel0001 - PortChannel0002 -``` - -**show pbh rule** - -This command displays PBH rule configuration. - -- Usage: -```bash -show pbh rule -``` - -- Example: -```bash -admin@sonic:~$ show pbh rule -TABLE RULE PRIORITY MATCH HASH ACTION COUNTER ---------- ------ ---------- ------------------------------------ ------------- ------------- --------- -pbh_table nvgre 2 ether_type: 0x0800 inner_v6_hash SET_ECMP_HASH DISABLED - ip_protocol: 0x2f - gre_key: 0x2500/0xffffff00 - inner_ether_type: 0x86dd -pbh_table vxlan 1 ether_type: 0x0800 inner_v4_hash SET_LAG_HASH ENABLED - ip_protocol: 0x11 - l4_dst_port: 0x12b5 - inner_ether_type: 0x0800 -``` - -**show pbh hash** - -This command displays PBH hash configuration. - -- Usage: -```bash -show pbh hash -``` - -- Example: -```bash -admin@sonic:~$ show pbh hash -NAME HASH FIELD -------------- ----------------- -inner_v4_hash inner_ip_proto - inner_l4_dst_port - inner_l4_src_port - inner_dst_ipv4 - inner_src_ipv4 -inner_v6_hash inner_ip_proto - inner_l4_dst_port - inner_l4_src_port - inner_dst_ipv6 - inner_src_ipv6 -``` - -**show pbh hash-field** - -This command displays PBH hash field configuration. - -- Usage: -```bash -show pbh hash-field -``` - -- Example: -```bash -admin@sonic:~$ show pbh hash-field -NAME FIELD MASK SEQUENCE SYMMETRIC ------------------ ----------------- --------- ---------- ----------- -inner_ip_proto INNER_IP_PROTOCOL N/A 1 No -inner_l4_dst_port INNER_L4_DST_PORT N/A 2 Yes -inner_l4_src_port INNER_L4_SRC_PORT N/A 2 Yes -inner_dst_ipv4 INNER_DST_IPV4 255.0.0.0 3 Yes -inner_src_ipv4 INNER_SRC_IPV4 0.0.0.255 3 Yes -inner_dst_ipv6 INNER_DST_IPV6 ffff:: 4 Yes -inner_src_ipv6 INNER_SRC_IPV6 ::ffff 4 Yes -``` - -- Note: - - _SYMMETRIC_ is an artificial column and is only used to indicate fields symmetry - -**show pbh statistics** - -This command displays PBH statistics. - -- Usage: -```bash -show pbh statistics -``` - -- Example: -```bash -admin@sonic:~$ show pbh statistics -TABLE RULE RX PACKETS COUNT RX BYTES COUNT ---------- ------ ------------------ ---------------- -pbh_table nvgre 0 0 -pbh_table vxlan 0 0 -``` - -- Note: - - _RX PACKETS COUNT_ and _RX BYTES COUNT_ can be cleared by user: - ```bash - admin@sonic:~$ sonic-clear pbh statistics - ``` - -### PBH config commands - -This subsection explains how to configure PBH. - -**config pbh table** - -This command is used to manage PBH table objects. -It supports add/update/remove operations. - -- Usage: -```bash -config pbh table add --interface-list --description -config pbh table update [ --interface-list ] [ --description ] -config pbh table delete -``` - -- Parameters: - - _table_name_: the name of the PBH table - - _interface_list_: interfaces to which PBH table is applied - - _description_: the description of the PBH table - -- Examples: -```bash -config pbh table add 'pbh_table' \ ---interface-list 'Ethernet0,Ethernet4,PortChannel0001,PortChannel0002' \ ---description 'NVGRE and VxLAN' -config pbh table update 'pbh_table' \ ---interface-list 'Ethernet0' -config pbh table delete 'pbh_table' -``` - -**config pbh rule** - -This command is used to manage PBH rule objects. -It supports add/update/remove operations. - -- Usage: -```bash -config pbh rule add --priority \ -[ --gre-key ] [ --ether-type ] [ --ip-protocol ] \ -[ --ipv6-next-header ] [ --l4-dst-port ] [ --inner-ether-type ] \ ---hash [ --packet-action ] [ --flow-counter ] -config pbh rule update [ --priority ] \ -[ --gre-key ] [ --ether-type ] [ --ip-protocol ] \ -[ --ipv6-next-header ] [ --l4-dst-port ] [ --inner-ether-type ] \ -[ --hash ] [ --packet-action ] [ --flow-counter ] -config pbh rule delete -``` - -- Parameters: - - _table_name_: the name of the PBH table - - _rule_name_: the name of the PBH rule - - _priority_: the priority of the PBH rule - - _gre_key_: packet match for the PBH rule: GRE key (value/mask) - - _ether_type_: packet match for the PBH rule: EtherType (IANA Ethertypes) - - _ip_protocol_: packet match for the PBH rule: IP protocol (IANA Protocol Numbers) - - _ipv6_next_header_: packet match for the PBH rule: IPv6 Next header (IANA Protocol Numbers) - - _l4_dst_port_: packet match for the PBH rule: L4 destination port - - _inner_ether_type_: packet match for the PBH rule: inner EtherType (IANA Ethertypes) - - _hash_: _hash_ object to apply with the PBH rule - - _packet_action_: packet action for the PBH rule - - Valid values: - - SET_ECMP_HASH - - SET_LAG_HASH - - Default: - - SET_ECMP_HASH - - - _flow_counter_: packet/byte counter for the PBH rule - - Valid values: - - DISABLED - - ENABLED - - Default: - - DISABLED - -- Examples: -```bash -config pbh rule add 'pbh_table' 'nvgre' \ ---priority '2' \ ---ether-type '0x0800' \ ---ip-protocol '0x2f' \ ---gre-key '0x2500/0xffffff00' \ ---inner-ether-type '0x86dd' \ ---hash 'inner_v6_hash' \ ---packet-action 'SET_ECMP_HASH' \ ---flow-counter 'DISABLED' -config pbh rule update 'pbh_table' 'nvgre' \ ---flow-counter 'ENABLED' -config pbh rule delete 'pbh_table' 'nvgre' -``` - -**config pbh hash** - -This command is used to manage PBH hash objects. -It supports add/update/remove operations. - -- Usage: -```bash -config pbh hash add --hash-field-list -config pbh hash update [ --hash-field-list ] -config pbh hash delete -``` - -- Parameters: - - _hash_name_: the name of the PBH hash - - _hash_field_list_: list of _hash-field_ objects to apply with the PBH hash - -- Examples: -```bash -config pbh hash add 'inner_v6_hash' \ ---hash-field-list 'inner_ip_proto,inner_l4_dst_port,inner_l4_src_port,inner_dst_ipv6,inner_src_ipv6' -config pbh hash update 'inner_v6_hash' \ ---hash-field-list 'inner_ip_proto' -config pbh hash delete 'inner_v6_hash' -``` - -**config pbh hash-field** - -This command is used to manage PBH hash field objects. -It supports add/update/remove operations. - -- Usage: -```bash -config pbh hash-field add \ ---hash-field [ --ip-mask ] --sequence-id -config pbh hash-field update \ -[ --hash-field ] [ --ip-mask ] [ --sequence-id ] -config pbh hash-field delete -``` - -- Parameters: - - _hash_field_name_: the name of the PBH hash field - - _hash_field_: native hash field for the PBH hash field - - Valid values: - - INNER_IP_PROTOCOL - - INNER_L4_DST_PORT - - INNER_L4_SRC_PORT - - INNER_DST_IPV4 - - INNER_SRC_IPV4 - - INNER_DST_IPV6 - - INNER_SRC_IPV6 - - - _ip_mask_: IPv4/IPv6 address mask for the PBH hash field - - Valid only: _hash_field_ is: - - INNER_DST_IPV4 - - INNER_SRC_IPV4 - - INNER_DST_IPV6 - - INNER_SRC_IPV6 - - - _sequence_id_: the order in which fields are hashed - -- Examples: -```bash -config pbh hash-field add 'inner_dst_ipv6' \ ---hash-field 'INNER_DST_IPV6' \ ---ip-mask 'ffff::' \ ---sequence-id '4' -config pbh hash-field update 'inner_dst_ipv6' \ ---ip-mask 'ffff:ffff::' -config pbh hash-field delete 'inner_dst_ipv6' -``` - -Go Back To [Beginning of the document](#) or [Beginning of this section](#pbh) - -## QoS - -### QoS Show commands - -#### PFC - -**show pfc counters** - -This command displays the details of Rx & Tx priority-flow-control (pfc) for all ports. This command can be used to clear the counters using -c option. - -- Usage: - ``` - show pfc counters - ``` - -- Example: - ``` - admin@sonic:~$ show pfc counters - Port Rx PFC0 PFC1 PFC2 PFC3 PFC4 PFC5 PFC6 PFC7 - ----------- ------ ------ ------ ------ ------ ------ ------ ------ - Ethernet0 0 0 0 0 0 0 0 0 - Ethernet4 0 0 0 0 0 0 0 0 - Ethernet8 0 0 0 0 0 0 0 0 - Ethernet12 0 0 0 0 0 0 0 0 - - Port Tx PFC0 PFC1 PFC2 PFC3 PFC4 PFC5 PFC6 PFC7 - ----------- ------ ------ ------ ------ ------ ------ ------ ------ - Ethernet0 0 0 0 0 0 0 0 0 - Ethernet4 0 0 0 0 0 0 0 0 - Ethernet8 0 0 0 0 0 0 0 0 - Ethernet12 0 0 0 0 0 0 0 0 - - ... - ``` - - -- NOTE: PFC counters can be cleared by the user with the following command: - ``` - admin@sonic:~$ sonic-clear pfccounters - ``` - -**show pfc asymmetric** - -This command displays the status of asymmetric PFC for all interfaces or a given interface. - -- Usage: - ``` - show pfc asymmetric [] - ``` - -- Example: - ``` - admin@sonic:~$ show pfc asymmetric - - Interface Asymmetric - ----------- ------------ - Ethernet0 off - Ethernet2 off - Ethernet4 off - Ethernet6 off - Ethernet8 off - Ethernet10 off - Ethernet12 off - Ethernet14 off - - admin@sonic:~$ show pfc asymmetric Ethernet0 - - Interface Asymmetric - ----------- ------------ - Ethernet0 off - ``` - -**show pfc priority** - -This command displays the lossless priorities for all interfaces or a given interface. - -- Usage: - ``` - show pfc priority [] - ``` - -- Example: - ``` - admin@sonic:~$ show pfc priority - - Interface Lossless priorities - ----------- --------------------- - Ethernet0 3,4 - Ethernet2 3,4 - Ethernet8 3,4 - Ethernet10 3,4 - Ethernet16 3,4 - - admin@sonic:~$ show pfc priority Ethernet0 - - Interface Lossless priorities - ----------- --------------------- - Ethernet0 3,4 - ``` - -#### Queue And Priority-Group - -This sub-section explains the following queue parameters that can be displayed using "show queue" command. -1) queue counters -2) queue watermark -3) priority-group watermark -4) queue persistent-watermark - - -**show queue counters** - -This command displays packet and byte counters for all queues of all ports or one specific-port given as arguement. -This command can be used to clear the counters for all queues of all ports. Note that port specific clear is not supported. - -- Usage: - ``` - show queue counters [] - ``` - -- Example: - ``` - admin@sonic:~$ show queue counters - Port TxQ Counter/pkts Counter/bytes Drop/pkts Drop/bytes - --------- ----- -------------- --------------- ----------- ------------ - Ethernet0 UC0 0 0 0 0 - Ethernet0 UC1 0 0 0 0 - Ethernet0 UC2 0 0 0 0 - Ethernet0 UC3 0 0 0 0 - Ethernet0 UC4 0 0 0 0 - Ethernet0 UC5 0 0 0 0 - Ethernet0 UC6 0 0 0 0 - Ethernet0 UC7 0 0 0 0 - Ethernet0 UC8 0 0 0 0 - Ethernet0 UC9 0 0 0 0 - Ethernet0 MC0 0 0 0 0 - Ethernet0 MC1 0 0 0 0 - Ethernet0 MC2 0 0 0 0 - Ethernet0 MC3 0 0 0 0 - Ethernet0 MC4 0 0 0 0 - Ethernet0 MC5 0 0 0 0 - Ethernet0 MC6 0 0 0 0 - Ethernet0 MC7 0 0 0 0 - Ethernet0 MC8 0 0 0 0 - Ethernet0 MC9 0 0 0 0 - - Port TxQ Counter/pkts Counter/bytes Drop/pkts Drop/bytes - --------- ----- -------------- --------------- ----------- ------------ - Ethernet4 UC0 0 0 0 0 - Ethernet4 UC1 0 0 0 0 - Ethernet4 UC2 0 0 0 0 - Ethernet4 UC3 0 0 0 0 - Ethernet4 UC4 0 0 0 0 - Ethernet4 UC5 0 0 0 0 - Ethernet4 UC6 0 0 0 0 - Ethernet4 UC7 0 0 0 0 - Ethernet4 UC8 0 0 0 0 - Ethernet4 UC9 0 0 0 0 - Ethernet4 MC0 0 0 0 0 - Ethernet4 MC1 0 0 0 0 - Ethernet4 MC2 0 0 0 0 - Ethernet4 MC3 0 0 0 0 - Ethernet4 MC4 0 0 0 0 - Ethernet4 MC5 0 0 0 0 - Ethernet4 MC6 0 0 0 0 - Ethernet4 MC7 0 0 0 0 - Ethernet4 MC8 0 0 0 0 - Ethernet4 MC9 0 0 0 0 - - ... - ``` - -Optionally, you can specify an interface name in order to display only that particular interface - -- Example: - ``` - admin@sonic:~$ show queue counters Ethernet72 - ``` - -- NOTE: Queue counters can be cleared by the user with the following command: - ``` - admin@sonic:~$ sonic-clear queuecounters - ``` - -**show queue watermark** - -This command displays the user watermark for the queues (Egress shared pool occupancy per queue) for either the unicast queues or multicast queues for all ports - -- Usage: - ``` - show queue watermark (multicast | unicast) - ``` - -- Example: - ``` - admin@sonic:~$ show queue watermark unicast - Egress shared pool occupancy per unicast queue: - Port UC0 UC1 UC2 UC3 UC4 UC5 UC6 UC7 - ----------- ----- ----- ----- ----- ----- ----- ----- ----- - Ethernet0 0 0 0 0 0 0 0 0 - Ethernet4 0 0 0 0 0 0 0 0 - Ethernet8 0 0 0 0 0 0 0 0 - Ethernet12 0 0 0 0 0 0 0 0 - - admin@sonic:~$ show queue watermark multicast (Egress shared pool occupancy per multicast queue) - ``` - -**show priority-group** - -This command displays: -1) The user watermark or persistent-watermark for the Ingress "headroom" or "shared pool occupancy" per priority-group for all ports. -2) Dropped packets per priority-group for all ports - -- Usage: - ``` - show priority-group (watermark | persistent-watermark) (headroom | shared) - show priority-group drop counters - ``` - -- Example: - ``` - admin@sonic:~$ show priority-group watermark shared - Ingress shared pool occupancy per PG: - Port PG0 PG1 PG2 PG3 PG4 PG5 PG6 PG7 - ----------- ----- ----- ----- ----- ----- ----- ----- ----- - Ethernet0 0 0 0 0 0 0 0 0 - Ethernet4 0 0 0 0 0 0 0 0 - Ethernet8 0 0 0 0 0 0 0 0 - Ethernet12 0 0 0 0 0 0 0 0 - ``` - -- Example (Ingress headroom per PG): - ``` - admin@sonic:~$ show priority-group watermark headroom - ``` - -- Example (Ingress shared pool occupancy per PG): - ``` - admin@sonic:~$ show priority-group persistent-watermark shared - ``` - -- Example (Ingress headroom per PG): - ``` - admin@sonic:~$ show priority-group persistent-watermark headroom - ``` - -- Example (Ingress dropped packets per PG): - ``` - admin@sonic:~$ show priority-group drop counters - Ingress PG dropped packets: - Port PG0 PG1 PG2 PG3 PG4 PG5 PG6 PG7 - ----------- ----- ----- ----- ----- ----- ----- ----- ----- - Ethernet0 0 0 0 0 0 0 0 0 - Ethernet4 0 0 0 0 0 0 0 0 - Ethernet8 0 0 0 0 0 0 0 0 - Ethernet12 0 0 0 0 0 0 0 0 - ``` - -In addition to user watermark("show queue|priority-group watermark ..."), a persistent watermark is available. -It hold values independently of user watermark. This way user can use "user watermark" for debugging, clear it, etc, but the "persistent watermark" will not be affected. - -**show queue persistent-watermark** - -This command displays the user persistet-watermark for the queues (Egress shared pool occupancy per queue) for either the unicast queues or multicast queues for all ports - -- Usage: - ``` - show queue persistent-watermark (unicast | multicast) - ``` - -- Example: - ``` - admin@sonic:~$ show queue persistent-watermark unicast - Egress shared pool occupancy per unicast queue: - Port UC0 UC1 UC2 UC3 UC4 UC5 UC6 UC7 - ----------- ----- ----- ----- ----- ----- ----- ----- ----- - Ethernet0 N/A N/A N/A N/A N/A N/A N/A N/A - Ethernet4 N/A N/A N/A N/A N/A N/A N/A N/A - Ethernet8 N/A N/A N/A N/A N/A N/A N/A N/A - Ethernet12 N/A N/A N/A N/A N/A N/A N/A N/A - ``` - -- Example (Egress shared pool occupancy per multicast queue): - ``` - admin@sonic:~$ show queue persistent-watermark multicast - ``` - -- NOTE: "user watermark", "persistent watermark" and "ingress dropped packets" can be cleared by user: - - ``` - admin@sonic:~$ sonic-clear queue persistent-watermark unicast - - admin@sonic:~$ sonic-clear queue persistent-watermark multicast - - admin@sonic:~$ sonic-clear priority-group persistent-watermark shared - - admin@sonic:~$ sonic-clear priority-group persistent-watermark headroom - - admin@sonic:~$ sonic-clear priority-group drop counters - ``` - -#### Buffer Pool - -This sub-section explains the following buffer pool parameters that can be displayed using "show buffer_pool" command. -1) buffer pool watermark -2) buffer pool persistent-watermark - -**show buffer_pool watermark** - -This command displays the user watermark for all the buffer pools - -- Usage: - ``` - show buffer_pool watermark - ``` - -- Example: - ``` - admin@sonic:~$ show buffer_pool watermark - Shared pool maximum occupancy: - Pool Bytes - --------------------- ------- - ingress_lossless_pool 0 - lossy_pool 2464 - ``` - - -**show buffer_pool persistent-watermark** - -This command displays the user persistent-watermark for all the buffer pools - -- Usage: - ``` - show buffer_pool persistent-watermark - ``` - -- Example: - ``` - admin@sonic:~$ show buffer_pool persistent-watermark - Shared pool maximum occupancy: - Pool Bytes - --------------------- ------- - ingress_lossless_pool 0 - lossy_pool 2464 - ``` - - - -### QoS config commands - -**config qos clear** - -This command is used to clear all the QoS configuration from all the following QOS Tables in ConfigDB. - -1) TC_TO_PRIORITY_GROUP_MAP, -2) MAP_PFC_PRIORITY_TO_QUEUE, -3) TC_TO_QUEUE_MAP, -4) DSCP_TO_TC_MAP, -5) MPLS_TC_TO_TC_MAP, -6) SCHEDULER, -7) PFC_PRIORITY_TO_PRIORITY_GROUP_MAP, -8) PORT_QOS_MAP, -9) WRED_PROFILE, -10) QUEUE, -11) CABLE_LENGTH, -12) BUFFER_POOL, -13) BUFFER_PROFILE, -14) BUFFER_PG, -15) BUFFER_QUEUE - -- Usage: - ``` - config qos clear - ``` - -- Example: - ``` - admin@sonic:~$ sudo config qos clear - ``` - -**config qos reload** - -This command is used to reload the QoS configuration. -QoS configuration has got two sets of configurations. -1) Generic QOS Configuration - This gives complete list of all possible QOS configuration. Its given in the file /usr/share/sonic/templates/qos_config.j2 in the device. - Reference: https://github.com/Azure/sonic-buildimage/blob/master/files/build_templates/qos_config.j2 - Users have flexibility to have platform specific qos configuration by placing the qos_config.j2 file at /usr/share/sonic/device///. - If users want to modify any of this loaded QOS configuration, they can modify this file in the device and then issue the "config qos reload" command. - -2) Platform specific buffer configuration. Every platform has got platform specific and topology specific (T0 or T1 or T2) buffer configuration at /usr/share/sonic/device///buffers_defaults_tx.j2 - In addition to platform specific configuration file, a generic configuration file is also present at /usr/share/sonic/templates/buffers_config.j2. - Reference: https://github.com/Azure/sonic-buildimage/blob/master/files/build_templates/buffers_config.j2 - Users can either modify the platform specific configuration file, or the generic configuration file and then issue this "config qos reload" command. - -These configuration files are already loaded in the device as part of the reboot process. In case if users wants to modify any of these configurations, they need to modify the appropriate QOS tables and fields in these files and then use this reload command. -This command uses those modified buffers.json.j2 file & qos.json.j2 file and reloads the new QOS configuration. -If users have not made any changes in these configuration files, this command need not be executed. - -Some of the example QOS configurations that users can modify are given below. -1) TC_TO_PRIORITY_GROUP_MAP -2) MAP_PFC_PRIORITY_TO_QUEUE -3) TC_TO_QUEUE_MAP -4) DSCP_TO_TC_MAP -5) MPLS_TC_TO_TC_MAP -6) SCHEDULER -7) PFC_PRIORITY_TO_PRIORITY_GROUP_MAP -8) PORT_QOS_MAP -9) WRED_PROFILE -10) CABLE_LENGTH -11) BUFFER_QUEUE - -- Usage: - ``` - config qos reload - ``` - -- Example: - ``` - admin@sonic:~$ sudo config qos reload - Running command: /usr/local/bin/sonic-cfggen -d -t /usr/share/sonic/device/x86_64-dell_z9100_c2538-r0/Force10-Z9100-C32/buffers.json.j2 >/tmp/buffers.json - Running command: /usr/local/bin/sonic-cfggen -d -t /usr/share/sonic/device/x86_64-dell_z9100_c2538-r0/Force10-Z9100-C32/qos.json.j2 -y /etc/sonic/sonic_version.yml >/tmp/qos.json - Running command: /usr/local/bin/sonic-cfggen -j /tmp/buffers.json --write-to-db - Running command: /usr/local/bin/sonic-cfggen -j /tmp/qos.json --write-to-db - - In this example, it uses the buffers.json.j2 file and qos.json.j2 file from platform specific folders. - When there are no changes in the platform specific configutation files, they internally use the file "/usr/share/sonic/templates/buffers_config.j2" and "/usr/share/sonic/templates/qos_config.j2" to generate the configuration. - ``` - -**config qos reload --ports port_list** - -This command is used to reload the default QoS configuration on a group of ports. -Typically, the default QoS configuration is in the following tables. -1) PORT_QOS_MAP -2) QUEUE -3) BUFFER_PG -4) BUFFER_QUEUE -5) BUFFER_PORT_INGRESS_PROFILE_LIST -6) BUFFER_PORT_EGRESS_PROFILE_LIST -7) CABLE_LENGTH - -If there was QoS configuration in the above tables for the ports: - - - if `--force` option is provied, the existing QoS configuration will be replaced by the default QoS configuration, - - otherwise, the command will exit with nothing updated. - -- Usage: - ``` - config qos reload --ports [,port] - ``` - -- Example: - ``` - admin@sonic:~$ sudo config qos reload --ports Ethernet0,Ethernet4 - - In this example, it updates the QoS configuration on port Ethernet0 and Ethernet4 to default. - If there was QoS configuration on the ports, the command will clear the existing QoS configuration on the port and reload to default. - ``` - -Go Back To [Beginning of the document](#) or [Beginning of this section](#qos) - -## sFlow - -### sFlow Show commands - -**show sflow** - -This command displays the global sFlow configuration that includes the admin state, collectors, the Agent ID and counter polling interval. - -- Usage: - ``` - show sflow - ``` - -- Example: - ``` - admin@sonic:~# show sflow - sFlow Global Information: - sFlow Admin State: up - sFlow Polling Interval: default - sFlow AgentID: lo - - 2 Collectors configured: - Name: collector_A IP addr: 10.11.46.2 UDP port: 6343 - Name: collector_lo IP addr: 127.0.0.1 UDP port: 6343 - ``` - - -**show sflow interface** - -This command displays the per-interface sflow admin status and the sampling rate. - -- Usage: - ``` - show sflow interface - ``` - -- Example: - ``` - admin@sonic:~# show sflow interface - - sFlow interface configurations - +-------------+---------------+-----------------+ - | Interface | Admin State | Sampling Rate | - +=============+===============+=================+ - | Ethernet0 | up | 4000 | - +-------------+---------------+-----------------+ - | Ethernet1 | up | 4000 | - +-------------+---------------+-----------------+ - ... - +-------------+---------------+-----------------+ - | Ethernet61 | up | 4000 | - +-------------+---------------+-----------------+ - | Ethernet62 | up | 4000 | - +-------------+---------------+-----------------+ - | Ethernet63 | up | 4000 | - +-------------+---------------+-----------------+ - - ``` - -### sFlow Config commands - -**config sflow collector add** - -This command is used to add a sFlow collector. Note that a maximum of 2 collectors is allowed. - -- Usage: - ``` - config sflow collector add [port ] - ``` - - - Parameters: - - collector-name: unique name of the sFlow collector - - ipv4-address : IP address of the collector in dotted decimal format for IPv4 - - ipv6-address : x: x: x: x::x format for IPv6 address of the collector (where :: notation specifies successive hexadecimal fields of zeros) - - port (OPTIONAL): specifies the UDP port of the collector (the range is from 0 to 65535. The default is 6343.) - -- Example: - ``` - admin@sonic:~# sudo config sflow collector add collector_A 10.11.46.2 - ``` - -**config sflow collector del** - -This command is used to delete a sFlow collector with the given name. - -- Usage: - ``` - config sflow collector del - ``` - - - Parameters: - - collector-name: unique name of the sFlow collector - -- Example: - ``` - admin@sonic:~# sudo config sflow collector del collector_A - ``` - -**config sflow agent-id** - -This command is used to add/delete the sFlow agent-id. This setting is global (applicable to both collectors) and optional. Only a single agent-id is allowed. If agent-id is not specified (with this CLI), an appropriate IP that belongs to the switch is used as the agent-id based on some simple heuristics. - -- Usage: - ``` - config sflow agent-id - ``` - - - Parameters: - - interface-name: specify the interface name whose ipv4 or ipv6 address will be used as the agent-id in sFlow datagrams. - -- Example: - ``` - admin@sonic:~# sudo config sflow agent-id add lo - ``` - -**config sflow** - -Globally, sFlow is disabled by default. When sFlow is enabled globally, the sflow deamon is started and sampling will start on all interfaces which have sFlow enabled at the interface level (see “config sflow interface…”). When sflow is disabled globally, sampling is stopped on all relevant interfaces and sflow daemon is stopped. - -- Usage: - ``` - config sflow - ``` -- Example: - ``` - admin@sonic:~# sudo config sflow enable - ``` -**config sflow interface** - -Enable/disable sflow at an interface level. By default, sflow is enabled on all interfaces at the interface level. Use this command to explicitly disable sFlow for a specific interface. An interface is sampled if sflow is enabled globally as well as at the interface level. Note that this configuration deals only with sFlow flow samples and not counter samples. - -- Usage: - ``` - config sflow interface - ``` - - - Parameters: - - interface-name: specify the interface for which sFlow flow samples have to be enabled/disabled. The “all” keyword is used as a convenience to enable/disable sflow at the interface level for all the interfaces. - -- Example: - ``` - admin@sonic:~# sudo config sflow interface disable Ethernet40 - ``` - -**config sflow interface sample-rate** - -Configure the sample-rate for a specific interface. - -The default sample rate for any interface is (ifSpeed / 1e6) where ifSpeed is in bits/sec. So, the default sample rate based on interface speed is: - - 1-in-1000 for a 1G link - 1-in-10,000 for a 10G link - 1-in-40,000 for a 40G link - 1-in-50,000 for a 50G link - 1-in-100,000 for a 100G link - -It is recommended not to change the defaults. This CLI is to be used only in case of exceptions (e.g., to set the sample-rate to the nearest power-of-2 if there are hardware restrictions in using the defaults) - -- Usage: - ``` - config sflow interface sample-rate - ``` - - - Parameters: - - interface-name: specify the interface for which the sampling rate value is to be set - - value: value is the average number of packets skipped before the sample is taken. "The sampling rate specifies random sampling probability as the ratio of packets observed to samples generated. For example a sampling rate of 256 specifies that, on average, 1 sample will be generated for every 256 packets observed." Valid range 256:8388608. - -- Example: - ``` - admin@sonic:~# sudo config sflow interface sample-rate Ethernet32 1000 - ``` -**config sflow polling-interval** - -This command is used to set the counter polling interval. Default is 20 seconds. - -- Usage: - ``` - config sflow polling-interval - ``` - - - Parameters: - - value: 0-300 seconds. Set polling-interval to 0 to disable counter polling - -- Example: - ``` - admin@sonic:~# sudo config sflow polling-interval 30 - ``` - - -Go Back To [Beginning of the document](#) or [Beginning of this section](#sflow) - -## SNMP - -### SNMP Show commands - -**show runningconfiguration snmp** - -This command displays the global SNMP configuration that includes the location, contact, community, and user settings. - -- Usage: - ``` - show runningconfiguration snmp - ``` - -- Example: - ``` - admin@sonic:~$ show runningconfiguration snmp - Location - ------------ - Emerald City - - - SNMP_CONTACT SNMP_CONTACT_EMAIL - -------------- -------------------- - joe joe@contoso.com - - - Community String Community Type - ------------------ ---------------- - Jack RW - - - User Permission Type Type Auth Type Auth Password Encryption Type Encryption Password - ------ ----------------- ------ ----------- --------------- ----------------- --------------------- - Travis RO Priv SHA TravisAuthPass AES TravisEncryptPass - ``` - -**show runningconfiguration snmp location** - -This command displays the SNMP location setting. - -- Usage: - ``` - show runningconfiguration snmp location - ``` - -- Example: - ``` - admin@sonic:~$ show runningconfiguration snmp location - Location - ------------ - Emerald City - ``` - -- Usage: - ``` - show runningconfiguration snmp location --json - ``` - -- Example: - ``` - admin@sonic:~$ show runningconfiguration snmp location --json - {'Location': 'Emerald City'} - ``` - -**show runningconfiguration snmp contact** - -This command displays the SNMP contact setting. - -- Usage: - ``` - show runningconfiguration snmp contact - ``` - -- Example: - ``` - admin@sonic:~$ show runningconfiguration snmp contact - Contact Contact Email - --------- --------------- - joe joe@contoso.com - ``` - -- Usage: - ``` - show runningconfiguration snmp contact --json - ``` - -- Example: - ``` - admin@sonic:~$ show runningconfiguration snmp contact --json - {'joe': 'joe@contoso.com'} - ``` - -**show runningconfiguration snmp community** - -This command display the SNMP community settings. - -- Usage: - ``` - show runningconfiguration snmp community - ``` - -- Example: - ``` - admin@sonic:~$ show runningconfiguration snmp community - Community String Community Type - ------------------ ---------------- - Jack RW - ``` - -- Usage: - ``` - show runningconfiguration snmp community --json - ``` - -- Example: - ``` - admin@sonic:~$ show runningconfiguration snmp community --json - {'Jack': {'TYPE': 'RW'}} - ``` - -**show runningconfiguration snmp user** - -This command display the SNMP user settings. - -- Usage: - ``` - show runningconfiguration snmp user - ``` - -- Example: - ``` - admin@sonic:~$ show runningconfiguration snmp user - User Permission Type Type Auth Type Auth Password Encryption Type Encryption Password - ------ ----------------- ------ ----------- --------------- ----------------- --------------------- - Travis RO Priv SHA TravisAuthPass AES TravisEncryptPass - ``` - -- Usage: - ``` - show runningconfiguration snmp user --json - ``` - -- Example: - ``` - admin@sonic:~$ show runningconfiguration snmp user --json - {'Travis': {'SNMP_USER_TYPE': 'Priv', 'SNMP_USER_PERMISSION': 'RO', 'SNMP_USER_AUTH_TYPE': 'SHA', 'SNMP_USER_AUTH_PASSWORD': 'TravisAuthPass', 'SNMP_USER_ENCRYPTION_TYPE': 'AES', 'SNMP_USER_ENCRYPTION_PASSWORD': 'TravisEncryptPass'}} - ``` - - -### SNMP Config commands - -This sub-section explains how to configure SNMP. - -**config snmp location add/del/modify** - -This command is used to add, delete, or modify the SNMP location. - -- Usage: - ``` - config snmp location (add | del | modify) - ``` - -- Example (Add new SNMP location "Emerald City" if it does not already exist): - ``` - admin@sonic:~$ sudo config snmp location add Emerald City - SNMP Location Emerald City has been added to configuration - Restarting SNMP service... - ``` - -- Example (Delete SNMP location "Emerald City" if it already exists): - ``` - admin@sonic:~$ sudo config snmp location del Emerald City - SNMP Location Emerald City removed from configuration - Restarting SNMP service... - ``` - -- Example (Modify SNMP location "Emerald City" to "Redmond"): - ``` - admin@sonic:~$ sudo config snmp location modify Redmond - SNMP location Redmond modified in configuration - Restarting SNMP service... - ``` - -**config snmp contact add/del/modify** - -This command is used to add, delete, or modify the SNMP contact. - -- Usage: - ``` - config snmp contact add - ``` - -- Example: - ``` - admin@sonic:~$ sudo config snmp contact add joe joe@contoso.com - Contact name joe and contact email joe@contoso.com have been added to configuration - Restarting SNMP service... - ``` - -- Usage: - ``` - config snmp contact del - ``` - -- Example: - ``` - admin@sonic:~$ sudo config snmp contact del joe - SNMP contact joe removed from configuration - Restarting SNMP service... - ``` - -- Usage: - ``` - config snmp contact modify - ``` - -- Example: - ``` - admin@sonic:~$ sudo config snmp contact modify test test@contoso.com - SNMP contact test and contact email test@contoso.com updated - Restarting SNMP service... - ``` - -**config snmp community add/del/replace** - -This command is used to add, delete, or replace the SNMP community. - -- Usage: - ``` - config snmp community add (RO | RW) - ``` - -- Example: - ``` - admin@sonic:~$ sudo config snmp community add testcomm ro - SNMP community testcomm added to configuration - Restarting SNMP service... - ``` - -- Usage: - ``` - config snmp community del - ``` - -- Example: - ``` - admin@sonic:~$ sudo config snmp community del testcomm - SNMP community testcomm removed from configuration - Restarting SNMP service... - ``` - -- Usage: - ``` - config snmp community replace - ``` - -- Example: - ``` - admin@sonic:~$ sudo config snmp community replace testcomm newtestcomm - SNMP community newtestcomm added to configuration - SNMP community newtestcomm replace community testcomm - Restarting SNMP service... - ``` - -**config snmp user add/del** - -This command is used to add or delete the SNMP user for SNMPv3. - -- Usage: - ``` - config snmp user add (noAuthNoPriv | AuthNoPriv | Priv) (RO | RW) [[(MD5 | SHA | MMAC-SHA-2) ] [(DES |AES) ]] - ``` - -- Example: - ``` - admin@sonic:~$ sudo config snmp user add testuser1 noauthnopriv ro - SNMP user testuser1 added to configuration - Restarting SNMP service... - ``` - -- Example: - ``` - admin@sonic:~$ sudo config snmp user add testuser2 authnopriv ro sha testuser2_auth_pass - SNMP user testuser2 added to configuration - Restarting SNMP service... - ``` - -- Example: - ``` - admin@sonic:~$ sudo config snmp user add testuser3 priv rw md5 testuser3_auth_pass aes testuser3_encrypt_pass - SNMP user testuser3 added to configuration - Restarting SNMP service... - ``` - -- Usage: - ``` - config snmp user del - ``` - -- Example: - ``` - admin@sonic:~$ sudo config snmp user del testuser1 - SNMP user testuser1 removed from configuration - Restarting SNMP service... - ``` - -## Startup & Running Configuration - -### Startup Configuration - -**show startupconfiguration bgp** - -This command is used to display the startup configuration for the BGP module. - -- Usage: - ``` - show startupconfiguration bgp - ``` - -- Example: - ``` - admin@sonic:~$ show startupconfiguration bgp - Routing-Stack is: quagga - ! - ! =========== Managed by sonic-cfggen DO NOT edit manually! ==================== - ! generated by templates/quagga/bgpd.conf.j2 with config DB data - ! file: bgpd.conf - ! - ! - hostname T1-2 - password zebra - log syslog informational - log facility local4 - ! enable password ! - ! - ! bgp multiple-instance - ! - route-map FROM_BGP_SPEAKER_V4 permit 10 - ! - route-map TO_BGP_SPEAKER_V4 deny 10 - ! - router bgp 65000 - bgp log-neighbor-changes - bgp bestpath as-path multipath-relax - no bgp default ipv4-unicast - bgp graceful-restart restart-time 180 - - - ``` - -### Running Configuration -This sub-section explains the show commands for displaying the running configuration for the following modules. -1) bgp -2) interfaces -3) ntp -4) snmp -5) all -6) acl -7) ports -8) syslog - -**show runningconfiguration all** - -This command displays the entire running configuration. - -- Usage: - ``` - show runningconfiguration all - ``` - -- Example: - ``` - admin@sonic:~$ show runningconfiguration all - ``` - -**show runningconfiguration bgp** - -This command displays the running configuration of the BGP module. - -- Usage: - ``` - show runningconfiguration bgp - ``` - -- Example: - ``` - admin@sonic:~$ show runningconfiguration bgp - ``` - -**show runningconfiguration interfaces** - -This command displays the running configuration for the "interfaces". - -- Usage: - ``` - show runningconfiguration interfaces - ``` - -- Example: - ``` - admin@sonic:~$ show runningconfiguration interfaces - ``` - -**show runningconfiguration ntp** - -This command displays the running configuration of the ntp module. - -- Usage: - ``` - show runningconfiguration ntp - ``` - -- Example: - ``` - admin@sonic:~$ show runningconfiguration ntp - NTP Servers - ------------- - 1.1.1.1 - 2.2.2.2 - ``` - -**show runningconfiguration syslog** - -This command displays the running configuration of the syslog module. - -- Usage: - ``` - show runningconfiguration syslog - ``` - -- Example: - ``` - admin@sonic:~$ show runningconfiguration syslog - Syslog Servers - ---------------- - 4.4.4.4 - 5.5.5.5 - ``` - - -**show runningconfiguration snmp** - -This command displays the running configuration of the snmp module. - -- Usage: - ``` - show runningconfiguration snmp - ``` - -- Example: - ``` - admin@sonic:~$ show runningconfiguration snmp - ``` - -**show runningconfiguration acl** - - This command displays the running configuration of the acls - -- Usage: - ``` - show runningconfiguration acl - ``` - -- Example: - ``` - admin@sonic:~$ show runningconfiguration acl - ``` - - **show runningconfiguration ports** - - This command displays the running configuration of the ports - -- Usage: - ``` - show runningconfiguration ports [] - ``` - -- Examples: - ``` - admin@sonic:~$ show runningconfiguration ports - ``` - - ``` - admin@sonic:~$ show runningconfiguration ports Ethernet0 - ``` - -Go Back To [Beginning of the document](#) or [Beginning of this section](#Startup--Running-Configuration) - - -## Static routing - -### Static routing Config Commands - -This sub-section explains of commands is used to add or remove the static route. - -**config route add** - -This command is used to add a static route. Note that prefix /nexthop vrf`s and interface name are optional. - -- Usage: - - ``` - config route add prefix [vrf ] nexthop [vrf ] dev - ``` - -- Example: - - ``` - admin@sonic:~$ config route add prefix 2.2.3.4/32 nexthop 30.0.0.9 - admin@sonic:~$ config route add prefix 4.0.0.0/24 nexthop dev Ethernet32.10 - ``` - -It also supports ECMP, and adding a new nexthop to the existing prefix will complement it and not overwrite them. - -- Example: - - ``` - admin@sonic:~$ sudo config route add prefix 2.2.3.4/32 nexthop vrf Vrf-RED 30.0.0.9 - admin@sonic:~$ sudo config route add prefix 2.2.3.4/32 nexthop vrf Vrf-BLUE 30.0.0.10 - ``` - -**config route del** - -This command is used to remove a static route. Note that prefix /nexthop vrf`s and interface name are optional. - -- Usage: - - ``` - config route del prefix [vrf ] nexthop [vrf ] dev - ``` - -- Example: - - ``` - admin@sonic:~$ sudo config route del prefix 2.2.3.4/32 nexthop vrf Vrf-RED 30.0.0.9 - admin@sonic:~$ sudo config route del prefix 2.2.3.4/32 nexthop vrf Vrf-BLUE 30.0.0.10 - ``` - -This sub-section explains of command is used to show current routes. - -**show ip route** - -- Usage: - - ``` - show ip route - ``` - -- Example: - - ``` - admin@sonic:~$ show ip route - Codes: K - kernel route, C - connected, S - static, R - RIP, - O - OSPF, I - IS-IS, B - BGP, E - EIGRP, N - NHRP, - T - Table, v - VNC, V - VNC-Direct, A - Babel, D - SHARP, - F - PBR, f - OpenFabric, - > - selected route, * - FIB route, q - queued, r - rejected, b - backup - - S>* 0.0.0.0/0 [200/0] via 192.168.111.3, eth0, weight 1, 3d03h58m - S> 1.2.3.4/32 [1/0] via 30.0.0.7, weight 1, 00:00:06 - C>* 10.0.0.18/31 is directly connected, Ethernet36, 3d03h57m - C>* 10.0.0.20/31 is directly connected, Ethernet40, 3d03h57m - ``` - -Go Back To [Beginning of the document](#) or [Beginning of this section](#static-routing) - -## Subinterfaces - -### Subinterfaces Show Commands - -**show subinterfaces status** - -This command displays all the subinterfaces that are configured on the device and its current status. - -- Usage: -``` -show subinterfaces status -``` - -- Example: -``` -admin@sonic:~$ show subinterfaces status -Sub port interface Speed MTU Vlan Admin Type ------------------- ------- ----- ------ ------- ------------------- - Eth64.10 100G 9100 100 up dot1q-encapsulation - Ethernet0.100 100G 9100 100 up dot1q-encapsulation -``` - -### Subinterfaces Config Commands - -This sub-section explains how to configure subinterfaces. - -**config subinterface** - -- Usage: -``` -config subinterface (add | del) [vlan <1-4094>] -``` - -- Example (Create the subinterfces with name "Ethernet0.100"): -``` -admin@sonic:~$ sudo config subinterface add Ethernet0.100 -``` - -- Example (Create the subinterfces with name "Eth64.100"): -``` -admin@sonic:~$ sudo config subinterface add Eth64.100 100 -``` - -- Example (Delete the subinterfces with name "Ethernet0.100"): -``` -admin@sonic:~$ sudo config subinterface del Ethernet0.100 -``` - -- Example (Delete the subinterfces with name "Eth64.100"): -``` -admin@sonic:~$ sudo config subinterface del Eth64.100 100 -``` - -Go Back To [Beginning of the document](#) or [Beginning of this section](#static-routing) - -## Syslog - -### Syslog Show Commands - -This subsection explains how to display configured syslog servers. - -**show syslog** - -This command displays configured syslog servers. - -- Usage: - ``` - show syslog - ``` - -- Example: - ``` - admin@sonic:~$ show syslog - SERVER IP SOURCE IP PORT VRF - ----------- ----------- ------ ------- - 2.2.2.2 1.1.1.1 514 default - ``` - -### Syslog Config Commands - -This subsection explains how to configure syslog servers. - -**config syslog add** - -This command is used to add a syslog server to the syslog server list. -Note that more that one syslog server can be added in the device. - -- Usage: - ``` - config syslog add - ``` - -- Parameters: - - _server_address_: syslog server IP address - - _source_: syslog source IP address - - _port_: syslog server UDP port - - _vrf_: syslog VRF device - -- Example: - ``` - admin@sonic:~$ sudo config syslog add 2.2.2.2 --source 1.1.1.1 --port 514 --vrf default - Running command: systemctl reset-failed rsyslog-config - Running command: systemctl restart rsyslog-config - ``` - -**config syslog del** - -This command is used to delete the configured syslog server. - -- Usage: - ``` - config syslog del - ``` - -- Parameters: - - _server_address_: syslog server IP address - -- Example: - ``` - admin@sonic:~$ sudo config syslog del 2.2.2.2 - Running command: systemctl reset-failed rsyslog-config - Running command: systemctl restart rsyslog-config - ``` - -Go Back To [Beginning of the document](#) or [Beginning of this section](#syslog) - -## System State - -### Processes - -This command is used to determine the CPU utilization. It also lists the active processes along with their corresponding process ID and other relevant parameters. - -This sub-section explains the various "processes" specific data that includes the following. -1) cpu Show processes CPU info -2) memory Show processes memory info -3) summary Show processes info - -“show processes” commands provide a wrapper over linux’s “top” command. “show process cpu” sorts the processes being displayed by cpu-utilization, whereas “show process memory” does it attending to processes’ memory-utilization. - -**show processes cpu** - -This command displays the current CPU usage by process. This command uses linux's "top -bn 1 -o %CPU" command to display the output. - -- Usage: - ``` - show processes cpu - ``` - -*TIP: Users can pipe the output to "head" to display only the "n" number of lines (e.g., `show processes cpu | head -n 10`)* - -- Example: - ``` - admin@sonic:~$ show processes cpu - top - 23:50:08 up 1:18, 1 user, load average: 0.25, 0.29, 0.25 - Tasks: 161 total, 1 running, 160 sleeping, 0 stopped, 0 zombie - %Cpu(s): 3.8 us, 1.0 sy, 0.0 ni, 95.1 id, 0.1 wa, 0.0 hi, 0.0 si, 0.0 st - KiB Mem: 8181216 total, 1161060 used, 7020156 free, 105656 buffers - KiB Swap: 0 total, 0 used, 0 free. 557560 cached Mem - - PID USER PR NI VIRT RES SHR S %CPU %MEM TIME+ COMMAND - 2047 root 20 0 683772 109288 39652 S 23.8 1.3 7:44.79 syncd - 1351 root 20 0 43360 5616 2844 S 11.9 0.1 1:41.56 redis-server - 10093 root 20 0 21944 2476 2088 R 5.9 0.0 0:00.03 top - 1 root 20 0 28992 5508 3236 S 0.0 0.1 0:06.42 systemd - 2 root 20 0 0 0 0 S 0.0 0.0 0:00.00 kthreadd - 3 root 20 0 0 0 0 S 0.0 0.0 0:00.56 ksoftirqd/0 - 5 root 0 -20 0 0 0 S 0.0 0.0 0:00.00 kworker/0:0H - ... - ``` - -*TIP: Advanced users can view individual processes using variations of the `ps` command (e.g., `ps -ax | grep `)* - -**show processes memory** - -This command displays the current memory usage by processes. This command uses linux's "top -bn 1 -o %MEM" command to display the output. - -- Usage: - ``` - show processes memory - ``` - -*NOTE that pipe option can be used using " | head -n" to display only the "n" number of lines* - -- Example: - ``` - admin@sonic:~$ show processes memory - top - 23:41:24 up 7 days, 39 min, 2 users, load average: 1.21, 1.19, 1.18 - Tasks: 191 total, 2 running, 189 sleeping, 0 stopped, 0 zombie - %Cpu(s): 2.8 us, 20.7 sy, 0.0 ni, 76.3 id, 0.0 wa, 0.0 hi, 0.2 si, 0.0 st - KiB Mem : 8162264 total, 5720412 free, 945516 used, 1496336 buff/cache - KiB Swap: 0 total, 0 free, 0 used. 6855632 avail Mem - - PID USER PR NI VIRT RES SHR S %CPU %MEM TIME+ COMMAND - 18051 root 20 0 851540 274784 8344 S 0.0 3.4 0:02.77 syncd - 17760 root 20 0 1293428 259212 58732 S 5.9 3.2 96:46.22 syncd - 508 root 20 0 725364 76244 38220 S 0.0 0.9 4:54.49 dockerd - 30853 root 20 0 96348 56824 7880 S 0.0 0.7 0:00.98 show - 17266 root 20 0 509876 49772 30640 S 0.0 0.6 0:06.36 docker - 24891 admin 20 0 515864 49560 30644 S 0.0 0.6 0:05.54 docker - 17643 admin 20 0 575668 49428 30628 S 0.0 0.6 0:06.29 docker - 23885 admin 20 0 369552 49344 30840 S 0.0 0.6 0:05.57 docker - 18055 root 20 0 509076 49260 30296 S 0.0 0.6 0:06.36 docker - 17268 root 20 0 371120 49052 30372 S 0.0 0.6 0:06.45 docker - 1227 root 20 0 443284 48640 30100 S 0.0 0.6 0:41.91 docker - 23785 admin 20 0 443796 48552 30128 S 0.0 0.6 0:05.58 docker - 17820 admin 20 0 435088 48144 29480 S 0.0 0.6 0:06.33 docker - 506 root 20 0 1151040 43140 23964 S 0.0 0.5 8:51.08 containerd - 18437 root 20 0 84852 26388 7380 S 0.0 0.3 65:59.76 python3.6 - ``` - - -**show processes summary** - -This command displays the current summary information about all the processes - -- Usage: - ``` - show processes summary - ``` - -- Example: - ``` - admin@sonic:~$ show processes summary - PID PPID CMD %MEM %CPU - 1 0 /sbin/init 0.0 0.0 - 2 0 [kthreadd] 0.0 0.0 - 3 2 [ksoftirqd/0] 0.0 0.0 - 5 2 [kworker/0:0H] 0.0 0.0 - ... - ``` - -Go Back To [Beginning of the document](#) or [Beginning of this section](#System-State) - -### Services & Memory - -These commands are used to know the services that are running and the memory that is utilized currently. - - -**show services** - -This command displays the state of all the SONiC processes running inside a docker container. This helps to identify the status of SONiC’s critical processes. - -- Usage: - ``` - show services - ``` - -- Example: - ``` - admin@sonic:~$ show services - dhcp_relay docker - --------------------------- - UID PID PPID C STIME TTY TIME CMD - root 1 0 0 05:26 ? 00:00:12 /usr/bin/python /usr/bin/supervi - root 24 1 0 05:26 ? 00:00:00 /usr/sbin/rsyslogd -n - - nat docker - --------------------------- - USER PID PPID C STIME TTY TIME CMD - root 1 0 0 05:26 ? 00:00:12 /usr/bin/python /usr/bin/supervisord - root 18 1 0 05:26 ? 00:00:00 /usr/sbin/rsyslogd -n - root 23 1 0 05:26 ? 00:00:01 /usr/bin/natmgrd - root 34 1 0 05:26 ? 00:00:00 /usr/bin/natsyncd - - snmp docker - --------------------------- - UID PID PPID C STIME TTY TIME CMD - root 1 0 0 05:26 ? 00:00:16 /usr/bin/python /usr/bin/supervi - root 24 1 0 05:26 ? 00:00:02 /usr/sbin/rsyslogd -n - Debian-+ 29 1 0 05:26 ? 00:00:04 /usr/sbin/snmpd -f -LS4d -u Debi - root 31 1 1 05:26 ? 00:15:10 python3.6 -m sonic_ax_impl - - syncd docker - --------------------------- - UID PID PPID C STIME TTY TIME CMD - root 1 0 0 05:26 ? 00:00:13 /usr/bin/python /usr/bin/supervi - root 12 1 0 05:26 ? 00:00:00 /usr/sbin/rsyslogd -n - root 17 1 0 05:26 ? 00:00:00 /usr/bin/dsserve /usr/bin/syncd - root 27 17 22 05:26 ? 04:09:30 /usr/bin/syncd --diag -p /usr/sh - root 51 27 0 05:26 ? 00:00:01 /usr/bin/syncd --diag -p /usr/sh - - swss docker - --------------------------- - UID PID PPID C STIME TTY TIME CMD - root 1 0 0 05:26 ? 00:00:29 /usr/bin/python /usr/bin/supervi - root 25 1 0 05:26 ? 00:00:00 /usr/sbin/rsyslogd -n - root 30 1 0 05:26 ? 00:00:13 /usr/bin/orchagent -d /var/log/s - root 42 1 1 05:26 ? 00:12:40 /usr/bin/portsyncd -p /usr/share - root 45 1 0 05:26 ? 00:00:00 /usr/bin/intfsyncd - root 48 1 0 05:26 ? 00:00:03 /usr/bin/neighsyncd - root 59 1 0 05:26 ? 00:00:01 /usr/bin/vlanmgrd - root 92 1 0 05:26 ? 00:00:01 /usr/bin/intfmgrd - root 3606 1 0 23:36 ? 00:00:00 bash -c /usr/bin/arp_update; sle - root 3621 3606 0 23:36 ? 00:00:00 sleep 300 - - ... - ``` - -**show system-memory** - -This command displays the system-wide memory utilization information – just a wrapper over linux native “free” command - -- Usage: - ``` - show system-memory - ``` - -- Example: - ``` - admin@sonic:~$ show system-memory - Command: free -m -h - total used free shared buffers cached - Mem: 3.9G 2.0G 1.8G 33M 324M 791M - -/+ buffers/cache: 951M 2.9G - Swap: 0B 0B 0B - ``` - -**show mmu** - -This command displays virtual address to the physical address translation status of the Memory Management Unit (MMU). - -- Usage: - ``` - show mmu - ``` - -- Example: - ``` - admin@sonic:~$ show mmu - Pool: ingress_lossless_pool - ---- -------- - xoff 4194112 - type ingress - mode dynamic - size 10875072 - ---- -------- - - Pool: egress_lossless_pool - ---- -------- - type egress - mode static - size 15982720 - ---- -------- - - Pool: egress_lossy_pool - ---- ------- - type egress - mode dynamic - size 9243812 - ---- ------- - - Profile: egress_lossy_profile - ---------- ------------------------------- - dynamic_th 3 - pool [BUFFER_POOL|egress_lossy_pool] - size 1518 - ---------- ------------------------------- - - Profile: pg_lossless_100000_300m_profile - ---------- ----------------------------------- - xon_offset 2288 - dynamic_th -3 - xon 2288 - xoff 268736 - pool [BUFFER_POOL|ingress_lossless_pool] - size 1248 - ---------- ----------------------------------- - - Profile: egress_lossless_profile - --------- ---------------------------------- - static_th 3995680 - pool [BUFFER_POOL|egress_lossless_pool] - size 1518 - --------- ---------------------------------- - - Profile: pg_lossless_100000_40m_profile - ---------- ----------------------------------- - xon_offset 2288 - dynamic_th -3 - xon 2288 - xoff 177632 - pool [BUFFER_POOL|ingress_lossless_pool] - size 1248 - ---------- ----------------------------------- - - Profile: ingress_lossy_profile - ---------- ----------------------------------- - dynamic_th 3 - pool [BUFFER_POOL|ingress_lossless_pool] - size 0 - ---------- ----------------------------------- - - Profile: pg_lossless_40000_40m_profile - ---------- ----------------------------------- - xon_offset 2288 - dynamic_th -3 - xon 2288 - xoff 71552 - pool [BUFFER_POOL|ingress_lossless_pool] - size 1248 - ---------- ----------------------------------- - ``` - -Go Back To [Beginning of the document](#) or [Beginning of this section](#System-State) - -Go Back To [Beginning of the document](#) or [Beginning of this section](#System-Health) - -### System-Health - -These commands are used to monitor the system current running services and hardware state. - -**show system-health summary** - -This command displays the current status of 'Services' and 'Hardware' under monitoring. -If any of the elements under each of these two sections is 'Not OK' a proper message will appear under the relevant section. - -- Usage: - ``` - show system-health summary - ``` - -- Example: - ``` - admin@sonic:~$ show system-health summary - System status summary - - System status LED red - Services: - Status: Not OK - Not Running: 'telemetry', 'sflowmgrd' - Hardware: - Status: OK - ``` - ``` - admin@sonic:~$ show system-health summary - System status summary - - System status LED green - Services: - Status: OK - Hardware: - Status: OK - ``` - -**show system-health monitor-list** - -This command displays a list of all current 'Services' and 'Hardware' being monitored, their status and type. - -- Usage: - ``` - show system-health monitor-list - ``` - -- Example: - ``` - admin@sonic:~$ show system-health monitor-list - System services and devices monitor list - - Name Status Type - -------------- -------- ---------- - telemetry Not OK Process - orchagent Not OK Process - neighsyncd OK Process - vrfmgrd OK Process - dialout_client OK Process - zebra OK Process - rsyslog OK Process - snmpd OK Process - redis_server OK Process - intfmgrd OK Process - vxlanmgrd OK Process - lldpd_monitor OK Process - portsyncd OK Process - var-log OK Filesystem - lldpmgrd OK Process - syncd OK Process - sonic OK System - buffermgrd OK Process - portmgrd OK Process - staticd OK Process - bgpd OK Process - lldp_syncd OK Process - bgpcfgd OK Process - snmp_subagent OK Process - root-overlay OK Filesystem - fpmsyncd OK Process - sflowmgrd OK Process - vlanmgrd OK Process - nbrmgrd OK Process - PSU 2 OK PSU - psu_1_fan_1 OK Fan - psu_2_fan_1 OK Fan - fan11 OK Fan - fan10 OK Fan - fan12 OK Fan - ASIC OK ASIC - fan1 OK Fan - PSU 1 OK PSU - fan3 OK Fan - fan2 OK Fan - fan5 OK Fan - fan4 OK Fan - fan7 OK Fan - fan6 OK Fan - fan9 OK Fan - fan8 OK Fan - ``` - -**show system-health detail** - -This command displays the current status of 'Services' and 'Hardware' under monitoring. -If any of the elements under each of these two sections is 'Not OK' a proper message will appear under the relevant section. -In addition, displays a list of all current 'Services' and 'Hardware' being monitored and a list of ignored elements. - -- Usage: - ``` - show system-health detail - ``` - -- Example: - ``` - admin@sonic:~$ show system-health detail - System status summary - - System status LED red - Services: - Status: Not OK - Not Running: 'telemetry', 'orchagent' - Hardware: - Status: OK - - System services and devices monitor list - - Name Status Type - -------------- -------- ---------- - telemetry Not OK Process - orchagent Not OK Process - neighsyncd OK Process - vrfmgrd OK Process - dialout_client OK Process - zebra OK Process - rsyslog OK Process - snmpd OK Process - redis_server OK Process - intfmgrd OK Process - vxlanmgrd OK Process - lldpd_monitor OK Process - portsyncd OK Process - var-log OK Filesystem - lldpmgrd OK Process - syncd OK Process - sonic OK System - buffermgrd OK Process - portmgrd OK Process - staticd OK Process - bgpd OK Process - lldp_syncd OK Process - bgpcfgd OK Process - snmp_subagent OK Process - root-overlay OK Filesystem - fpmsyncd OK Process - sflowmgrd OK Process - vlanmgrd OK Process - nbrmgrd OK Process - PSU 2 OK PSU - psu_1_fan_1 OK Fan - psu_2_fan_1 OK Fan - fan11 OK Fan - fan10 OK Fan - fan12 OK Fan - ASIC OK ASIC - fan1 OK Fan - PSU 1 OK PSU - fan3 OK Fan - fan2 OK Fan - fan5 OK Fan - fan4 OK Fan - fan7 OK Fan - fan6 OK Fan - fan9 OK Fan - fan8 OK Fan - - System services and devices ignore list - - Name Status Type - ----------- -------- ------ - psu.voltage Ignored Device - ``` -Go Back To [Beginning of the document](#) or [Beginning of this section](#System-Health) - -## VLAN & FDB - -### VLAN - -#### VLAN show commands - -**show vlan brief** - -This command displays brief information about all the vlans configured in the device. It displays the vlan ID, IP address (if configured for the vlan), list of vlan member ports, whether the port is tagged or in untagged mode, the DHCP Helper Address, and the proxy ARP status - -- Usage: - ``` - show vlan brief - ``` - -- Example: - ``` - admin@sonic:~$ show vlan brief - - +-----------+--------------+-----------+----------------+-----------------------+-------------+ - | VLAN ID | IP Address | Ports | Port Tagging | DHCP Helper Address | Proxy ARP | - +===========+==============+===========+================+=======================+=============+ - | 100 | 1.1.2.2/16 | Ethernet0 | tagged | 192.0.0.1 | disabled | - | | | Ethernet4 | tagged | 192.0.0.2 | | - | | | | | 192.0.0.3 | | - +-----------+--------------+-----------+----------------+-----------------------+-------------+ - ``` - -**show vlan config** - -This command displays all the vlan configuration. - -- Usage: - ``` - show vlan config - ``` - -- Example: - ``` - admin@sonic:~$ show vlan config - Name VID Member Mode - ------- ----- --------- ------ - Vlan100 100 Ethernet0 tagged - Vlan100 100 Ethernet4 tagged - ``` - - -#### VLAN Config commands - -This sub-section explains how to configure the vlan and its member ports. - -**config vlan add/del** - -This command is used to add or delete the vlan. - -- Usage: - ``` - config vlan (add | del) - ``` - -- Example (Create the VLAN "Vlan100" if it does not already exist): - ``` - admin@sonic:~$ sudo config vlan add 100 - ``` - -**config vlan member add/del** - -This command is to add or delete a member port into the already created vlan. - -- Usage: - ``` - config vlan member add/del [-u|--untagged] - ``` - -*NOTE: Adding the -u or --untagged flag will set the member in "untagged" mode* - - -- Example: - ``` - admin@sonic:~$ sudo config vlan member add 100 Ethernet0 - This command will add Ethernet0 as member of the vlan 100 - - admin@sonic:~$ sudo config vlan member add 100 Ethernet4 - This command will add Ethernet4 as member of the vlan 100. - ``` - -**config proxy_arp enabled/disabled** - -This command is used to enable or disable proxy ARP for a VLAN interface - -- Usage: - ``` - config vlan proxy_arp enabled/disabled - ``` - -- Example: - ``` - admin@sonic:~$ sudo config vlan proxy_arp 1000 enabled - This command will enable proxy ARP for the interface 'Vlan1000' - ``` - -Go Back To [Beginning of the document](#) or [Beginning of this section](#vlan--FDB) - -### FDB - -#### FDB show commands - -**show mac** - -This command displays the MAC (FDB) entries either in full or partial as given below. -1) show mac - displays the full table -2) show mac -v - displays the MACs learnt on the particular VLAN ID. -3) show mac -p - displays the MACs learnt on the particular port. -4) show mac -a - display the MACs that match a specific mac-address -5) show mac -t - display the MACs that match a specific type (static/dynamic) -6) show mac -c - display the count of MAC addresses - -To show the default MAC address aging time on the switch. - -- Usage: - ``` - show mac [-v ] [-p ] [-a ] [-t ] [-c] - ``` - -- Example: - ``` - admin@sonic:~$ show mac - No. Vlan MacAddress Port Type - ----- ------ ----------------- ----------- ------- - 1 1000 E2:8C:56:85:4A:CD Ethernet192 Dynamic - 2 1000 A0:1B:5E:47:C9:76 Ethernet192 Dynamic - 3 1000 AA:54:EF:2C:EE:30 Ethernet192 Dynamic - 4 1000 A4:3F:F2:17:A3:FC Ethernet192 Dynamic - 5 1000 0C:FC:01:72:29:91 Ethernet192 Dynamic - 6 1000 48:6D:01:7E:C9:FD Ethernet192 Dynamic - 7 1000 1C:6B:7E:34:5F:A6 Ethernet192 Dynamic - 8 1000 EE:81:D9:7B:93:A9 Ethernet192 Dynamic - 9 1000 CC:F8:8D:BB:85:E2 Ethernet192 Dynamic - 10 1000 0A:52:B3:9C:FB:6C Ethernet192 Dynamic - 11 1000 C6:E2:72:02:D1:23 Ethernet192 Dynamic - 12 1000 8A:C9:5C:25:E9:28 Ethernet192 Dynamic - 13 1000 5E:CD:34:E4:94:18 Ethernet192 Dynamic - 14 1000 7E:49:1F:B5:91:B5 Ethernet192 Dynamic - 15 1000 AE:DD:67:F3:09:5A Ethernet192 Dynamic - 16 1000 DC:2F:D1:08:4B:DE Ethernet192 Dynamic - 17 1000 50:96:23:AD:F1:65 Ethernet192 Static - 18 1000 C6:C9:5E:AE:24:42 Ethernet192 Static - Total number of entries 18 - ``` - -Optionally, you can specify a VLAN ID or interface name or type or mac-address in order to display only that particular entries - -- Examples: - ``` - admin@sonic:~$ show mac -v 1000 - No. Vlan MacAddress Port Type - ----- ------ ----------------- ----------- ------- - 1 1000 E2:8C:56:85:4A:CD Ethernet192 Dynamic - 2 1000 A0:1B:5E:47:C9:76 Ethernet192 Dynamic - 3 1000 AA:54:EF:2C:EE:30 Ethernet192 Dynamic - 4 1000 A4:3F:F2:17:A3:FC Ethernet192 Dynamic - 5 1000 0C:FC:01:72:29:91 Ethernet192 Dynamic - 6 1000 48:6D:01:7E:C9:FD Ethernet192 Dynamic - 7 1000 1C:6B:7E:34:5F:A6 Ethernet192 Dynamic - 8 1000 EE:81:D9:7B:93:A9 Ethernet192 Dynamic - 9 1000 CC:F8:8D:BB:85:E2 Ethernet192 Dynamic - 10 1000 0A:52:B3:9C:FB:6C Ethernet192 Dynamic - 11 1000 C6:E2:72:02:D1:23 Ethernet192 Dynamic - 12 1000 8A:C9:5C:25:E9:28 Ethernet192 Dynamic - 13 1000 5E:CD:34:E4:94:18 Ethernet192 Dynamic - 14 1000 7E:49:1F:B5:91:B5 Ethernet192 Dynamic - 15 1000 AE:DD:67:F3:09:5A Ethernet192 Dynamic - 16 1000 DC:2F:D1:08:4B:DE Ethernet192 Dynamic - 17 1000 50:96:23:AD:F1:65 Ethernet192 Static - 18 1000 C6:C9:5E:AE:24:42 Ethernet192 Static - Total number of entries 18 - ``` - ``` - admin@sonic:~$ show mac -p Ethernet192 - No. Vlan MacAddress Port Type - ----- ------ ----------------- ----------- ------- - 1 1000 E2:8C:56:85:4A:CD Ethernet192 Dynamic - 2 1000 A0:1B:5E:47:C9:76 Ethernet192 Dynamic - 3 1000 AA:54:EF:2C:EE:30 Ethernet192 Dynamic - 4 1000 A4:3F:F2:17:A3:FC Ethernet192 Dynamic - 5 1000 0C:FC:01:72:29:91 Ethernet192 Dynamic - 6 1000 48:6D:01:7E:C9:FD Ethernet192 Dynamic - 7 1000 1C:6B:7E:34:5F:A6 Ethernet192 Dynamic - 8 1000 EE:81:D9:7B:93:A9 Ethernet192 Dynamic - 9 1000 CC:F8:8D:BB:85:E2 Ethernet192 Dynamic - 10 1000 0A:52:B3:9C:FB:6C Ethernet192 Dynamic - 11 1000 C6:E2:72:02:D1:23 Ethernet192 Dynamic - 12 1000 8A:C9:5C:25:E9:28 Ethernet192 Dynamic - 13 1000 5E:CD:34:E4:94:18 Ethernet192 Dynamic - 14 1000 7E:49:1F:B5:91:B5 Ethernet192 Dynamic - 15 1000 AE:DD:67:F3:09:5A Ethernet192 Dynamic - 16 1000 DC:2F:D1:08:4B:DE Ethernet192 Dynamic - 17 1000 50:96:23:AD:F1:65 Ethernet192 Static - 18 1000 C6:C9:5E:AE:24:42 Ethernet192 Static - Total number of entries 18 - ``` - ``` - admin@sonic:~$ show mac -a E2:8C:56:85:4A:CD - No. Vlan MacAddress Port Type - ----- ------ ----------------- ----------- ------- - 1 1000 E2:8C:56:85:4A:CD Ethernet192 Dynamic - Total number of entries 1 - ``` - ``` - admin@sonic:~$ show mac -t Static - No. Vlan MacAddress Port Type - ----- ------ ----------------- ----------- ------- - 2 1000 50:96:23:AD:F1:65 Ethernet192 Static - 2 1000 C6:C9:5E:AE:24:42 Ethernet192 Static - Total number of entries 2 - ``` - ``` - admin@sonic:~$ show mac -c - Total number of entries 18 - ``` - -**show mac aging-time** - -This command displays the default mac aging time on the switch - - ``` - admin@sonic:~$ show mac aging-time - Aging time for switch is 600 seconds - ``` - -**sonic-clear fdb all** - -Clear the FDB table - -- Usage: - ``` - sonic-clear fdb all - ``` -- Example: - ``` - admin@sonic:~$ sonic-clear fdb all - FDB entries are cleared. - ``` - -Go Back To [Beginning of the document](#) or [Beginning of this section](#vlan--FDB) - -## VxLAN & Vnet - -### VxLAN - -#### VxLAN show commands - -**show vxlan tunnel** - -This command displays brief information about all the vxlans configured in the device. It displays the vxlan tunnel name, source IP address, destination IP address (if configured), tunnel map name and mapping. - -- Usage: - - ``` - show vxlan tunnel - ``` - -- Example: - - ``` - admin@sonic:~$ show vxlan tunnel - vxlan tunnel name source ip destination ip tunnel map name tunnel map mapping(vni -> vlan) - ------------------- ----------- ---------------- ----------------- --------------------------------- - tunnel1 10.10.10.10 - tunnel2 10.10.10.10 20.10.10.10 tmap1 1234 -> 100 - tunnel3 10.10.10.10 30.10.10.10 tmap2 1235 -> 200 - ``` - -**show vxlan name ** - -This command displays configuration. - -- Usage: - - ``` - show vxlan name - ``` - -- Example: - - ``` - admin@sonic:~$ show vxlan name tunnel3 - vxlan tunnel name source ip destination ip tunnel map name tunnel map mapping(vni -> vlan) - ------------------- ----------- ---------------- ----------------- --------------------------------- - tunnel3 10.10.10.10 30.10.10.10 tmap2 1235 -> 200 - ``` - -Go Back To [Beginning of the document](#) or [Beginning of this section](#vxlan--vnet) - -### Vnet - -#### Vnet show commands - -**show vnet brief** - -This command displays brief information about all the vnets configured in the device. It displays the vnet name, vxlan tunnel name, vni and peer list (if configured). - -- Usage: - - ``` - show vnet brief - ``` - -- Example: - - ``` - admin@sonic:~$ show vnet brief - vnet name vxlan tunnel vni peer list - ----------- -------------- ----- ------------------ - Vnet_2000 tunnel1 2000 - Vnet_3000 tunnel1 3000 Vnet_2000,Vnet4000 - ``` - -**show vnet name ** - -This command displays brief information about configured in the device. - -- Usage: - - ``` - show vnet name - ``` - -- Example: - - ``` - admin@sonic:~$ show vnet name Vnet_3000 - vnet name vxlan tunnel vni peer list - ----------- -------------- ----- ------------------ - Vnet_3000 tunnel1 3000 Vnet_2000,Vnet4000 - ``` - -**show vnet interfaces** - -This command displays vnet interfaces information about all the vnets configured in the device. - -- Usage: - - ``` - show vnet interfaces - ``` - -- Example: - - ``` - admin@sonic:~$ show vnet interfaces - vnet name interfaces - ----------- ------------ - Vnet_2000 Ethernet1 - Vnet_3000 Vlan2000 - ``` - -**show vnet neighbors** - -This command displays vnet neighbor information about all the vnets configured in the device. It displays the vnet name, neighbor IP address, neighbor mac address (if configured) and interface. - -- Usage: - - ``` - show vnet neighbors - ``` - -- Example: - - ``` - admin@sonic:~$ show vnet neighbors - Vnet_2000 neighbor mac_address interfaces - ----------- ----------- ------------- ------------ - 11.11.11.11 Ethernet1 - 11.11.11.12 Ethernet1 - - Vnet_3000 neighbor mac_address interfaces - ----------- ----------- ----------------- ------------ - 20.20.20.20 aa:bb:cc:dd:ee:ff Vlan2000 - ``` - -**show vnet routes all** - -This command displays all routes information about all the vnets configured in the device. - -- Usage: - - ``` - show vnet routes all - ``` - -- Example: - - ``` - admin@sonic:~$ show vnet routes all - vnet name prefix nexthop interface - ----------- -------------- --------- ----------- - Vnet_2000 100.100.3.0/24 Ethernet52 - Vnet_3000 100.100.4.0/24 Vlan2000 - - vnet name prefix endpoint mac address vni - ----------- -------------- ---------- ----------------- ----- - Vnet_2000 100.100.1.1/32 10.10.10.1 - Vnet_3000 100.100.2.1/32 10.10.10.2 00:00:00:00:03:04 - ``` - -**show vnet routes tunnel** - -This command displays tunnel routes information about all the vnets configured in the device. - -- Usage: - - ``` - show vnet routes tunnel - ``` - -- Example: - - ``` - admin@sonic:~$ show vnet routes tunnel - vnet name prefix endpoint mac address vni - ----------- -------------- ---------- ----------------- ----- - Vnet_2000 100.100.1.1/32 10.10.10.1 - Vnet_3000 100.100.2.1/32 10.10.10.2 00:00:00:00:03:04 - ``` - -Go Back To [Beginning of the document](#) or [Beginning of this section](#vxlan--vnet) - -## Warm Reboot - -warm-reboot command initiates a warm reboot of the device. - -warm-reboot command doesn't require setting warm restart configuration. The -command will setup everything needed to perform warm reboot. - -This command requires root privilege. - -- Usage: - ``` - warm-reboot [-h|-?|-v|-f|-r|-k|-x|-c |-s|-D] - ``` - -- Parameters: - ``` - -h,-? : get this help - -v : turn on verbose mode - -f : force execution - -r : reboot with /sbin/reboot - -k : reboot with /sbin/kexec -e [default] - -x : execute script with -x flag - -c : specify control plane assistant IP list - -s : strict mode: do not proceed without: - - control plane assistant IP list. - -D : detached mode - closing terminal will not cause stopping reboot - ``` - -- Example: - ``` - admin@sonic:~$ sudo warm-reboot -v - Tue Oct 22 23:20:53 UTC 2019 Pausing orchagent ... - Tue Oct 22 23:20:53 UTC 2019 Stopping radv ... - Tue Oct 22 23:20:54 UTC 2019 Stopping bgp ... - Tue Oct 22 23:20:54 UTC 2019 Stopped bgp ... - Tue Oct 22 23:20:57 UTC 2019 Initialize pre-shutdown ... - Tue Oct 22 23:20:58 UTC 2019 Requesting pre-shutdown ... - Tue Oct 22 23:20:58 UTC 2019 Waiting for pre-shutdown ... - Tue Oct 22 23:20:59 UTC 2019 Pre-shutdown succeeded ... - Tue Oct 22 23:20:59 UTC 2019 Backing up database ... - Tue Oct 22 23:21:00 UTC 2019 Stopping teamd ... - Tue Oct 22 23:21:00 UTC 2019 Stopped teamd ... - Tue Oct 22 23:21:00 UTC 2019 Stopping syncd ... - Tue Oct 22 23:21:11 UTC 2019 Stopped syncd ... - Tue Oct 22 23:21:11 UTC 2019 Stopping all remaining containers ... - Tue Oct 22 23:21:13 UTC 2019 Stopped all remaining containers ... - Tue Oct 22 23:21:15 UTC 2019 Rebooting with /sbin/kexec -e to SONiC-OS-20191021.01 ... - ``` - -Go Back To [Beginning of the document](#) or [Beginning of this section](#Warm-Reboot) - -## Warm Restart - -Besides device level warm reboot, SONiC also provides docker based warm restart. This feature is currently supported by following dockers: BGP, teamD, and SWSS. A user can manage to restart a particular docker, with no interruption on packet forwarding and no effect on other services. This helps to reduce operational costs as well as development efforts. For example, to fix a bug in BGP routing stack, only the BGP docker image needs to be built, tested and upgraded. - -To achieve uninterrupted packet forwarding during the restarting stage and database reconciliation at the post restarting stage, warm restart enabled dockers with adjacency state machine facilitate standardized protocols. For example, a BGP restarting switch must have BGP "Graceful Restart" enabled, and its BGP neighbors must be "Graceful Restart Helper Capable", as specified in [IETF RFC4724](https://tools.ietf.org/html/rfc4724). - -Before warm restart BGP docker, the following BGP commands should be enabled: - ``` - bgp graceful-restart - bgp graceful-restart preserve-fw-state - ``` -In current SONiC release, the above two commands are enabled by default. - -It should be aware that during a warm restart, certain BGP fast convergence feature and black hole avoidance feature should either be disabled or be set to a lower preference to avoid conflicts with BGP graceful restart. - -For example, BGP BFD could be disabled via: - - ``` - no neighbor bfd - ``` - -otherwise, the fast failure detection would cause packet drop during warm reboot. - -Another commonly deployed blackhole avoidance feature: dynamic route priority adjustment, could be disabled via: - - ``` - no bgp max-med on-peerup - ``` - -to avoid large routes churn during BGP restart. - - -### Warm Restart show commands - -**show warm_restart config** - -This command displays all the configuration related to warm_restart. - -- Usage: - ``` - show warm_restart config - ``` - -- Example: - ``` - admin@sonic:~$ show warm_restart config - name enable timer_name timer_duration - ------ -------- ---------------- ---------------- - bgp true bgp_timer 100 - teamd false teamsyncd_timer 300 - swss false neighsyncd_timer 200 - system true NULL NULL - ``` - -**show warm_restart state** - -This command displays the warm_restart state. - -- Usage: - ``` - show warm_restart state - ``` - -- Example: - ``` - admin@sonic:~$ show warm_restart state - name restore_count state - ---------- --------------- ---------- - orchagent 0 - vlanmgrd 0 - bgp 1 reconciled - portsyncd 0 - teammgrd 1 - neighsyncd 0 - teamsyncd 1 - syncd 0 - natsyncd 0 - ``` - -Go Back To [Beginning of the document](#) or [Beginning of this section](#warm-restart) - -### Warm Restart Config commands - -This sub-section explains the various configuration related to warm restart feature. Following parameters can be configured using this command. -1) bgp_timer -2) disable -3) enable -4) neighsyncd_timer -5) teamsyncd_timer -Each of these sub-commands are explained in the following section. - -Users can use an optional parameter "-s" to use the unix domain socket for communicating with the RedisDB which will be faster when compared to using the default network sockets. -All these commands have the following option. - -Options: - -s, --redis-unix-socket-path TEXT - unix socket path for redis connection - - -**config warm_restart bgp_timer** - -This command is used to set the bgp_timer value for warm_restart of BGP service. -bgp_timer holds the time interval utilized by fpmsyncd during warm-restart episodes. -During this interval fpmsyncd will recover all the routing state previously pushed to AppDB, as well as all the new state coming from zebra/bgpd. -Upon expiration of this timer, fpmsyncd will execute the reconciliation logic to eliminate all the stale entries from AppDB. -This timer should match the BGP-GR restart-timer configured within the elected routing-stack. -Supported range: 1-3600. - -- Usage: - ``` - config warm_restart [-s|--redis-unix-socket-path ] bgp_timer - ``` - - - Parameters: - - seconds: Range from 1 to 3600 - -- Example: - ``` - admin@sonic:~$ sudo config warm_restart bgp_timer 1000 - ``` - -**config warm_restart enable/disable** - -This command is used to enable or disable the warm_restart for a particular service that supports warm reboot. -Following four services support warm reboot. When user restarts the particular service using "systemctl restart ", this configured value will be checked for whether it is enabled or disabled. -If this configuration is enabled for that service, it will perform warm reboot for that service. Otherwise, it will do cold restart of the service. - -- Usage: - ``` - config warm_restart [-s|--redis-unix-socket-path ] enable [] - ``` - - - Parameters: - - module_name: Can be either system or swss or bgp or teamd. If "module_name" argument is not specified, it will enable "system" module. - -- Example (Set warm_restart as "enable" for the "system" service): - ``` - admin@sonic:~$ sudo config warm_restart enable - ``` - -- Example (Set warm_restart as "enable" for the "swss" service. When user does "systemctl restart swss", it will perform warm reboot instead of cold reboot) - ``` - admin@sonic:~$ sudo config warm_restart enable swss - ``` - -- Example (Set warm_restart as "enable" for the "teamd" service. When user does "systemctl restart teamd", it will perform warm reboot instead of cold reboot) - ``` - admin@sonic:~$ sudo config warm_restart enable teamd - ``` - - -**config warm_restart neighsyncd_timer** - -This command is used to set the neighsyncd_timer value for warm_restart of "swss" service. -neighsyncd_timer is the timer used for "swss" (neighsyncd) service during the warm restart. -Timer is started after the neighborTable is restored to internal data structures. -neighborsyncd then starts to read all Linux kernel entries and mark the entries in the data structures accordingly. -Once the timer is expired, reconciliation is done and the delta is pushed to appDB -Valid value is 1-9999. 0 is invalid. - -- Usage: - ``` - config warm_restart [-s|--redis-unix-socket-path ] neighsyncd_timer - ``` - - - Parameters: - - seconds: Range from 1 to 9999 - -- Example: - ``` - admin@sonic:~$ sudo config warm_restart neighsyncd_timer 2000 - ``` - - -**config warm_restart bgp_timer** - -This command is used to set the bgp_timer value for warm_restart of "bgp" service. -bgp_timer is the timer used for "bgp" service during the warm restart. -Timer is started after the BGP table is restored to internal data structures. -BGP services then start to read all Linux kernel entries and mark the entries in the data structures accordingly. -Once the timer is expired, reconciliation is done and the delta is pushed to appDB -Valid value is 1-9999. 0 is invalid. - -- Usage: - ``` - config warm_restart [-s|--redis-unix-socket-path ] bgp_timer - ``` - - - Parameters: - - seconds: Range from 1 to 9999 - -- Example: - ``` - admin@sonic:~$ sudo config warm_restart bgp_timer 2000 - ``` - -**config warm_restart teamsyncd_timer** - -This command is used to set the teamsyncd_timer value for warm_restart of teamd service. -teamsyncd_timer holds the time interval utilized by teamsyncd during warm-restart episodes. -The timer is started when teamsyncd starts. During the timer interval, teamsyncd will preserve all LAG interface changes, but it will not apply them. -The changes will only be applied when the timer expires. -When the changes are applied, the stale LAG entries will be removed, the new LAG entries will be created. -Supported range: 1-9999. 0 is invalid - -- Usage: - ``` - config warm_restart teamsyncd_timer - ``` - - - Parameters: - - seconds: Range from 1 to 9999 - -- Example: - ``` - admin@sonic:~$ sudo config warm_restart teamsyncd_timer 3000 - ``` - -Go Back To [Beginning of the document](#) or [Beginning of this section](#warm-restart) - - -## Watermark - -### Watermark Show commands - -**show watermark telemetry interval** - -This command displays the configured interval for the telemetry. - -- Usage: - ``` - show watermark telemetry interval - ``` - -- Example: - ``` - admin@sonic:~$ show watermark telemetry interval - - Telemetry interval 120 second(s) - ``` - -### Watermark Config commands - -**config watermark telemetry interval** - -This command is used to configure the interval for telemetry. -The default interval is 120 seconds. -There is no regulation on the valid range of values; it leverages linux timer. - -- Usage: - ``` - config watermark telemetry interval - ``` - -- Example: - ``` - admin@sonic:~$ sudo config watermark telemetry interval 999 - ``` - -Go Back To [Beginning of the document](#) or [Beginning of this section](#watermark) - - - -## Software Installation and Management - -SONiC images can be installed in one of two methods: -1. From within a running SONiC image using the `sonic-installer` utility -2. From the vendor's bootloader (E.g., ONIE, Aboot, etc.) - -SONiC packages are available as prebuilt Docker images and meant to be installed with the *sonic-package-manager* utility. - -### SONiC Package Manager - -The *sonic-package-manager* is a command line tool to manage (e.g. install, upgrade or uninstall) SONiC Packages. - -**sonic-package-manager list** - -This command lists all available SONiC packages, their desription, installed version and installation status. -SONiC package status can be *Installed*, *Not installed* or *Built-In*. "Built-In" status means that a feature is built-in to SONiC image and can't be upgraded or uninstalled. - -- Usage: - ``` - sonic-package-manager list - ``` - -- Example: - ``` - admin@sonic:~$ sonic-package-manager list - Name Repository Description Version Status - -------------- --------------------------- ---------------------------- --------- -------------- - cpu-report azure/cpu-report CPU report package N/A Not Installed - database docker-database SONiC database package 1.0.0 Built-In - dhcp-relay azure/docker-dhcp-relay SONiC dhcp-relay package 1.0.0 Installed - fpm-frr docker-fpm-frr SONiC fpm-frr package 1.0.0 Built-In - lldp docker-lldp SONiC lldp package 1.0.0 Built-In - macsec docker-macsec SONiC macsec package 1.0.0 Built-In - mgmt-framework docker-sonic-mgmt-framework SONiC mgmt-framework package 1.0.0 Built-In - nat docker-nat SONiC nat package 1.0.0 Built-In - pmon docker-platform-monitor SONiC pmon package 1.0.0 Built-In - radv docker-router-advertiser SONiC radv package 1.0.0 Built-In - sflow docker-sflow SONiC sflow package 1.0.0 Built-In - snmp docker-snmp SONiC snmp package 1.0.0 Built-In - swss docker-orchagent SONiC swss package 1.0.0 Built-In - syncd docker-syncd-mlnx SONiC syncd package 1.0.0 Built-In - teamd docker-teamd SONiC teamd package 1.0.0 Built-In - telemetry docker-sonic-telemetry SONiC telemetry package 1.0.0 Built-In - ``` - -**sonic-package-manager repository add** - -This command will add a new repository as source for SONiC packages to the database. *NOTE*: requires elevated (root) privileges to run - -- Usage: - ``` - Usage: sonic-package-manager repository add [OPTIONS] NAME REPOSITORY - - Add a new repository to database. - - NOTE: This command requires elevated (root) privileges to run. - - Options: - --default-reference TEXT Default installation reference. Can be a tag or - sha256 digest in repository. - --description TEXT Optional package entry description. - --help Show this message and exit. - ``` -- Example: - ``` - admin@sonic:~$ sudo sonic-package-manager repository add \ - cpu-report azure/sonic-cpu-report --default-reference 1.0.0 - ``` - -**sonic-package-manager repository remove** - -This command will remove a repository as source for SONiC packages from the database . The package has to be *Not Installed* in order to be removed from package database. *NOTE*: requires elevated (root) privileges to run - -- Usage: - ``` - Usage: sonic-package-manager repository remove [OPTIONS] NAME - - Remove repository from database. - - NOTE: This command requires elevated (root) privileges to run. - - Options: - --help Show this message and exit. - ``` -- Example: - ``` - admin@sonic:~$ sudo sonic-package-manager repository remove cpu-report - ``` - -**sonic-package-manager install** - -This command pulls and installs a package on SONiC host. *NOTE*: this command requires elevated (root) privileges to run - -- Usage: - ``` - Usage: sonic-package-manager install [OPTIONS] [PACKAGE_EXPR] - - Install/Upgrade package using [PACKAGE_EXPR] in format - "[=|@]". - - The repository to pull the package from is resolved by lookup in - package database, thus the package has to be added via "sonic- - package-manager repository add" command. - - In case when [PACKAGE_EXPR] is a package name "" this command - will install or upgrade to a version referenced by "default- - reference" in package database. - - NOTE: This command requires elevated (root) privileges to run. - - Options: - --enable Set the default state of the feature to enabled - and enable feature right after installation. NOTE: - user needs to execute "config save -y" to make - this setting persistent. - --set-owner [local|kube] Default owner configuration setting for a feature. - --from-repository TEXT Fetch package directly from image registry - repository. NOTE: This argument is mutually - exclusive with arguments: [package_expr, - from_tarball]. - --from-tarball FILE Fetch package from saved image tarball. NOTE: This - argument is mutually exclusive with arguments: - [package_expr, from_repository]. - -f, --force Force operation by ignoring package dependency - tree and package manifest validation failures. - -y, --yes Automatically answer yes on prompts. - -v, --verbosity LVL Either CRITICAL, ERROR, WARNING, INFO or DEBUG. - Default is INFO. - --skip-host-plugins Do not install host OS plugins provided by the - package (CLI, etc). NOTE: In case when package - host OS plugins are set as mandatory in package - manifest this option will fail the installation. - --allow-downgrade Allow package downgrade. By default an attempt to - downgrade the package will result in a failure - since downgrade might not be supported by the - package, thus requires explicit request from the - user. - --help Show this message and exit.. - ``` -- Example: - ``` - admin@sonic:~$ sudo sonic-package-manager install dhcp-relay=1.0.2 - ``` - ``` - admin@sonic:~$ sudo sonic-package-manager install dhcp-relay@latest - ``` - ``` - admin@sonic:~$ sudo sonic-package-manager install dhcp-relay@sha256:9780f6d83e45878749497a6297ed9906c19ee0cc48cc88dc63827564bb8768fd - ``` - ``` - admin@sonic:~$ sudo sonic-package-manager install --from-repository azure/sonic-cpu-report:latest - ``` - ``` - admin@sonic:~$ sudo sonic-package-manager install --from-tarball sonic-docker-image.gz - ``` - -**sonic-package-manager uninstall** - -This command uninstalls package from SONiC host. User needs to stop the feature prior to uninstalling it. -*NOTE*: this command requires elevated (root) privileges to run. - -- Usage: - ``` - Usage: sonic-package-manager uninstall [OPTIONS] NAME - - Uninstall package. - - NOTE: This command requires elevated (root) privileges to run. - - Options: - -f, --force Force operation by ignoring package dependency tree and - package manifest validation failures. - -y, --yes Automatically answer yes on prompts. - -v, --verbosity LVL Either CRITICAL, ERROR, WARNING, INFO or DEBUG. Default - is INFO. - --help Show this message and exit. - ``` -- Example: - ``` - admin@sonic:~$ sudo sonic-package-manager uninstall dhcp-relay - ``` - -**sonic-package-manager reset** - -This comamnd resets the package by reinstalling it to its default version. *NOTE*: this command requires elevated (root) privileges to run. - -- Usage: - ``` - Usage: sonic-package-manager reset [OPTIONS] NAME - - Reset package to the default version. - - NOTE: This command requires elevated (root) privileges to run. - - Options: - -f, --force Force operation by ignoring package dependency tree and - package manifest validation failures. - -y, --yes Automatically answer yes on prompts. - -v, --verbosity LVL Either CRITICAL, ERROR, WARNING, INFO or DEBUG. Default - is INFO. - --skip-host-plugins Do not install host OS plugins provided by the package - (CLI, etc). NOTE: In case when package host OS plugins - are set as mandatory in package manifest this option - will fail the installation. - --help Show this message and exit. - ``` -- Example: - ``` - admin@sonic:~$ sudo sonic-package-manager reset dhcp-relay - ``` - -**sonic-package-manager show package versions** - -This command will retrieve a list of all available versions for the given package from the configured upstream repository - -- Usage: - ``` - Usage: sonic-package-manager show package versions [OPTIONS] NAME - - Show available versions. - - Options: - --all Show all available tags in repository. - --plain Plain output. - --help Show this message and exit. - ``` -- Example: - ``` - admin@sonic:~$ sonic-package-manager show package versions dhcp-relay - • 1.0.0 - • 1.0.2 - • 2.0.0 - ``` - ``` - admin@sonic:~$ sonic-package-manager show package versions dhcp-relay --plain - 1.0.0 - 1.0.2 - 2.0.0 - ``` - ``` - admin@sonic:~$ sonic-package-manager show package versions dhcp-relay --all - • 1.0.0 - • 1.0.2 - • 2.0.0 - • latest - ``` - -**sonic-package-manager show package changelog** - -This command fetches the changelog from the package manifest and displays it. *NOTE*: package changelog can be retrieved from registry or read from image tarball without installing it. - -- Usage: - ``` - Usage: sonic-package-manager show package changelog [OPTIONS] [PACKAGE_EXPR] - - Show package changelog. - - Options: - --from-repository TEXT Fetch package directly from image registry - repository NOTE: This argument is mutually exclusive - with arguments: [from_tarball, package_expr]. - --from-tarball FILE Fetch package from saved image tarball NOTE: This - argument is mutually exclusive with arguments: - [package_expr, from_repository]. - --help Show this message and exit. - ``` -- Example: - ``` - admin@sonic:~$ sonic-package-manager show package changelog dhcp-relay - 1.0.0: - - • Initial release - - Author (author@email.com) Mon, 25 May 2020 12:25:00 +0300 - ``` - -**sonic-package-manager show package manifest** - -This command fetches the package manifest and displays it. *NOTE*: package manifest can be retrieved from registry or read from image tarball without installing it. - -- Usage: - ``` - Usage: sonic-package-manager show package manifest [OPTIONS] [PACKAGE_EXPR] - - Show package manifest. - - Options: - --from-repository TEXT Fetch package directly from image registry - repository NOTE: This argument is mutually exclusive - with arguments: [package_expr, from_tarball]. - --from-tarball FILE Fetch package from saved image tarball NOTE: This - argument is mutually exclusive with arguments: - [from_repository, package_expr]. - -v, --verbosity LVL Either CRITICAL, ERROR, WARNING, INFO or DEBUG - --help Show this message and exit. - ``` -- Example: - ``` - admin@sonic:~$ sonic-package-manager show package manifest dhcp-relay=2.0.0 - { - "version": "1.0.0", - "package": { - "version": "2.0.0", - "depends": [ - "database>=1.0.0,<2.0.0" - ] - }, - "service": { - "name": "dhcp_relay" - } - } - ``` - -### SONiC Installer -This is a command line tool available as part of the SONiC software; If the device is already running the SONiC software, this tool can be used to install an alternate image in the partition. -This tool has facility to install an alternate image, list the available images and to set the next reboot image. -This command requires elevated (root) privileges to run. - -**sonic-installer list** - -This command displays information about currently installed images. It displays a list of installed images, currently running image and image set to be loaded in next reboot. - -- Usage: - ``` - sonic-installer list - ``` - -- Example: - ``` - admin@sonic:~$ sudo sonic-installer list - Current: SONiC-OS-HEAD.XXXX - Next: SONiC-OS-HEAD.XXXX - Available: - SONiC-OS-HEAD.XXXX - SONiC-OS-HEAD.YYYY - ``` - -TIP: This output can be obtained without evelated privileges by running the `show boot` command. See [here](#show-system-status) for details. - -**sonic-installer install** - -This command is used to install a new image on the alternate image partition. This command takes a path to an installable SONiC image or URL and installs the image. - -- Usage: - ``` - sonic-installer install - ``` - -- Example: - ``` - admin@sonic:~$ sudo sonic-installer install https://sonic-jenkins.westus.cloudapp.azure.com/job/xxxx/job/buildimage-xxxx-all/xxx/artifact/target/sonic-xxxx.bin - New image will be installed, continue? [y/N]: y - Downloading image... - ...100%, 480 MB, 3357 KB/s, 146 seconds passed - Command: /tmp/sonic_image - Verifying image checksum ... OK. - Preparing image archive ... OK. - ONIE Installer: platform: XXXX - onie_platform: - Installing SONiC in SONiC - Installing SONiC to /host/image-xxxx - Directory /host/image-xxxx/ already exists. Cleaning up... - Archive: fs.zip - creating: /host/image-xxxx/boot/ - inflating: /host/image-xxxx/boot/vmlinuz-3.16.0-4-amd64 - inflating: /host/image-xxxx/boot/config-3.16.0-4-amd64 - inflating: /host/image-xxxx/boot/System.map-3.16.0-4-amd64 - inflating: /host/image-xxxx/boot/initrd.img-3.16.0-4-amd64 - creating: /host/image-xxxx/platform/ - extracting: /host/image-xxxx/platform/firsttime - inflating: /host/image-xxxx/fs.squashfs - inflating: /host/image-xxxx/dockerfs.tar.gz - Log file system already exists. Size: 4096MB - Installed SONiC base image SONiC-OS successfully - - Command: cp /etc/sonic/minigraph.xml /host/ - - Command: grub-set-default --boot-directory=/host 0 - - Done - ``` - -Installing a new image using the sonic-installer will keep using the packages installed on the currently running SONiC image and automatically migrate those. In order to perform clean SONiC installation use the *--skip-package-migration* option: - -- Example: - ``` - admin@sonic:~$ sudo sonic-installer install https://sonic-jenkins.westus.cloudapp.azure.com/job/xxxx/job/buildimage-xxxx-all/xxx/artifact/target/sonic-xxxx.bin --skip-package-migration - ``` - -**sonic-installer set_default** - -This command is be used to change the image which can be loaded by default in all the subsequent reboots. - -- Usage: - ``` - sonic-installer set_default - ``` - -- Example: - ``` - admin@sonic:~$ sudo sonic-installer set_default SONiC-OS-HEAD.XXXX - ``` - -**sonic-installer set_next_boot** - -This command is used to change the image that can be loaded in the *next* reboot only. Note that it will fallback to current image in all other subsequent reboots after the next reboot. - -- Usage: - ``` - sonic-installer set_next_boot - ``` - -- Example: - ``` - admin@sonic:~$ sudo sonic-installer set_next_boot SONiC-OS-HEAD.XXXX - ``` - -**sonic-installer remove** - -This command is used to remove the unused SONiC image from the disk. Note that it's *not* allowed to remove currently running image. - -- Usage: - ``` - sonic-installer remove [-y|--yes] - ``` - -- Example: - ``` - admin@sonic:~$ sudo sonic-installer remove SONiC-OS-HEAD.YYYY - Image will be removed, continue? [y/N]: y - Updating GRUB... - Done - Removing image root filesystem... - Done - Command: grub-set-default --boot-directory=/host 0 - - Image removed - ``` - -**sonic-installer cleanup** - -This command removes all unused images from the device, leaving only the currently active image and the image which will be booted into next (if different) installed. If there are no images which can be removed, the command will output `No image(s) to remove` - -- Usage: - ``` - sonic-installer cleanup [-y|--yes] - ``` - -- Example: - ``` - admin@sonic:~$ sudo sonic-installer cleanup - Remove images which are not current and next, continue? [y/N]: y - No image(s) to remove - ``` - -Go Back To [Beginning of the document](#) or [Beginning of this section](#software-installation-and-management) - - - -## Troubleshooting Commands - -For troubleshooting and debugging purposes, this command gathers pertinent information about the state of the device; information is as diverse as syslog entries, database state, routing-stack state, etc., It then compresses it into an archive file. This archive file can be sent to the SONiC development team for examination. -Resulting archive file is saved as `/var/dump/_YYYYMMDD_HHMMSS.tar.gz` - -- Usage: - ``` - show techsupport - ``` - -- Example: - ``` - admin@sonic:~$ show techsupport [--since=] - ``` - -If the SONiC system was running for quite some time `show techsupport` will produce a large dump file. To reduce the amount of syslog and core files gathered during system dump use `--since` option: - -- Examples: - ``` - admin@sonic:~$ show techsupport --since=yesterday # Will collect syslog and core files for the last 24 hours - ``` - ``` - admin@sonic:~$ show techsupport --since='hour ago' # Will collect syslog and core files for the last one hour - ``` - -### Debug Dumps - -In SONiC, there usually exists a set of tables related/relevant to a particular module. All of these might have to be looked at to confirm whether any configuration update is properly applied and propagated. This utility comes in handy because it prints a unified view of the redis-state for a given module - -- Usage: - ``` - Usage: dump state [OPTIONS] MODULE IDENTIFIER - Dump the redis-state of the identifier for the module specified - - Options: - -s, --show Display Modules Available - -d, --db TEXT Only dump from these Databases - -t, --table Print in tabular format [default: False] - -k, --key-map Only fetch the keys matched, don't extract field-value dumps [default: False] - -v, --verbose Prints any intermediate output to stdout useful for dev & troubleshooting [default: False] - -n, --namespace TEXT Dump the redis-state for this namespace. [default: DEFAULT_NAMESPACE] - --help Show this message and exit. - ``` - - -- Examples: - ``` - root@sonic# dump state --show - Module Identifier - -------- ------------ - port port_name - copp trap_id - ``` - - ``` - admin@sonic:~$ dump state copp arp_req --key-map --db ASIC_DB - { - "arp_req": { - "ASIC_DB": { - "keys": [ - "ASIC_STATE:SAI_OBJECT_TYPE_HOSTIF_TRAP:oid:0x22000000000c5b", - "ASIC_STATE:SAI_OBJECT_TYPE_HOSTIF_TRAP_GROUP:oid:0x11000000000c59", - "ASIC_STATE:SAI_OBJECT_TYPE_POLICER:oid:0x12000000000c5a", - "ASIC_STATE:SAI_OBJECT_TYPE_QUEUE:oid:0x15000000000626" - ], - "tables_not_found": [], - "vidtorid": { - "oid:0x22000000000c5b": "oid:0x200000000022", - "oid:0x11000000000c59": "oid:0x300000011", - "oid:0x12000000000c5a": "oid:0x200000012", - "oid:0x15000000000626": "oid:0x12e0000040015" - } - } - } - } - ``` - -### Event Driven Techsupport Invocation - -This feature/capability makes the techsupport invocation event-driven based on core dump generation. This feature is only applicable for the processes running in the containers. More detailed explanation can be found in the HLD https://github.com/Azure/SONiC/blob/master/doc/auto_techsupport_and_coredump_mgmt.md - -#### config auto-techsupport global commands - -**config auto-techsupport global state** - -- Usage: - ``` - config auto-techsupport global state - ``` - -- Example: - ``` - config auto-techsupport global state enabled - ``` - -**config auto-techsupport global rate-limit-interval ** - -- Usage: - ``` - config auto-techsupport global rate-limit-interval - ``` - - Parameters: - - rate-limit-interval: Minimum time in seconds to wait after the last techsupport creation time before invoking a new one. - -- Example: - ``` - config auto-techsupport global rate-limit-interval 200 - ``` - -**config auto-techsupport global max-techsupport-limit ** - -- Usage: - ``` - config auto-techsupport global max-techsupport-limit - ``` - - Parameters: - - max-techsupport-limit: A percentage value should be specified. This signifies maximum size to which /var/dump/ directory can be grown until. - -- Example: - ``` - config auto-techsupport global max-techsupport-limit 10.15 - ``` - -**config auto-techsupport global max-core-limit ** - -- Usage: - ``` - config auto-techsupport global max-core-limit - ``` - - Parameters: - - max-core-limit: A percentage value should be specified. This signifies maximum size to which /var/core/ directory can be grown until. - -- Example: - ``` - config auto-techsupport global max-core-limit 10.15 - ``` - -**config auto-techsupport global since** - -- Usage: - ``` - config auto-techsupport global since - ``` - - Parameters: - - since: This limits the auto-invoked techsupport to only collect the logs & core-dumps generated since the time provided. Any valid date string of the formats specified here can be used. (https://www.gnu.org/software/coreutils/manual/html_node/Date-input-formats.html). If this value is not explicitly configured or a non-valid string is provided, a default value of "2 days ago" is used. - -- Example: - ``` - config auto-techsupport global since - ``` - - -#### config auto-techsupport-feature commands - -**config auto-techsupport-feature add** - -- Usage: - ``` - config auto-techsupport-feature add --state --rate-limit-interval - ``` - - Parameters: - - state: enable/disable the capability for the specific feature/container. - - rate-limit-interval: Rate limit interval for the corresponding feature. Configure 0 to explicitly disable. For the techsupport to be generated by auto-techsupport, both the global and feature specific rate-limit-interval has to be passed - -- Example: - ``` - config auto-techsupport-feature add bgp --state enabled --rate-limit-interval 200 - ``` - - -**config auto-techsupport-feature delete** - -- Usage: - ``` - config auto-techsupport-feature delete - ``` - -- Example: - ``` - config auto-techsupport-feature delete swss - ``` - -**config auto-techsupport-feature update** - -- Usage: - ``` - config auto-techsupport-feature update --state - config auto-techsupport-feature update --rate-limit-interval - ``` - -- Example: - ``` - config auto-techsupport-feature update snmp --state enabled - config auto-techsupport-feature update swss --rate-limit-interval 200 - ``` - -#### Show CLI: - -**show auto-techsupport global** - -- Usage: - ``` - show auto-techsupport global - ``` - -- Example: - ``` - admin@sonic:~$ show auto-techsupport global - STATE RATE LIMIT INTERVAL (sec) MAX TECHSUPPORT LIMIT (%) MAX CORE LIMIT (%) SINCE - ------- --------------------------- -------------------------- ------------------ ---------- - enabled 180 10.0 5.0 2 days ago - ``` - -**show auto-techsupport-feature** - -- Usage: - ``` - show auto-techsupport-feature - ``` - -- Example: - ``` - admin@sonic:~$ show auto-techsupport-feature - FEATURE NAME STATE RATE LIMIT INTERVAL (sec) - -------------- -------- -------------------------- - bgp enabled 600 - database enabled 600 - dhcp_relay enabled 600 - lldp enabled 600 - swss disabled 800 - ``` - -**show auto-techsupport history** - -- Usage: - ``` - show auto-techsupport history - ``` - -- Example: - ``` - admin@sonic:~$ show auto-techsupport history - TECHSUPPORT DUMP TRIGGERED BY CORE DUMP - ---------------------------------------- -------------- ----------------------------- - sonic_dump_r-lionfish-16_20210901_221402 bgp bgpcfgd.1630534439.55.core.gz - sonic_dump_r-lionfish-16_20210901_203725 snmp python3.1630528642.23.core.gz - sonic_dump_r-lionfish-16_20210901_222408 teamd python3.1630535045.34.core.gz - ``` - -Go Back To [Beginning of the document](#) or [Beginning of this section](#troubleshooting-commands) - -## Routing Stack - -SONiC software is agnostic of the routing software that is being used in the device. For example, users can use either Quagga or FRR routing stack as per their requirement. -A separate shell (vtysh) is provided to configure such routing stacks. -Once if users go to "vtysh", they can use the routing stack specific commands as given in the following example. - -- Example (Quagga Routing Stack): - ``` - admin@sonic:~$ vtysh - - Hello, this is Quagga (version 0.99.24.1). - Copyright 1996-2005 Kunihiro Ishiguro, et al. - - sonic# show route-map (This command displays the route-map that is configured for the routing protocol.) - ZEBRA: - route-map RM_SET_SRC, permit, sequence 10 - Match clauses: - Set clauses: - src 10.12.0.102 - Call clause: - Action: - Exit routemap - ``` - -Refer the routing stack [Quagga Command Reference](https://www.quagga.net/docs/quagga.pdf) or [FRR Command Reference](https://buildmedia.readthedocs.org/media/pdf/frrouting/latest/frrouting.pdf) to know more about about the routing stack configuration. - - -Go Back To [Beginning of the document](#) or [Beginning of this section](#routing-stack) - - -## Quagga BGP Show Commands - -**show ip bgp summary** - -This command displays the summary of all IPv4 bgp neighbors that are configured and the corresponding states. - -- Usage: - ``` - show ip bgp summary - ``` - -- Example: - ``` - admin@sonic:~$ show ip bgp summary - BGP router identifier 1.2.3.4, local AS number 65061 - RIB entries 6124, using 670 KiB of memory - Peers 2, using 143 KiB of memory - - Neighbor V AS MsgRcvd MsgSent TblVer InQ OutQ Up/Down State/PfxRcd - 192.168.1.161 4 65501 88698 102781 0 0 0 08w5d14h 2 - 192.168.1.163 4 65502 88698 102780 0 0 0 08w5d14h 2 - - Total number of neighbors 2 - ``` - -**show ip bgp neighbors** - -This command displays all the details of IPv4 & IPv6 BGP neighbors when no optional argument is specified. - -When the optional argument IPv4_address is specified, it displays the detailed neighbor information about that specific IPv4 neighbor. - -Command has got additional optional arguments to display only the advertised routes, or the received routes, or all routes. - -In order to get details for an IPv6 neigbor, use "show ipv6 bgp neighbor " command. - -- Usage: - ``` - show ip bgp neighbors [ [advertised-routes | received-routes | routes]] - ``` - -- Example: - ``` - admin@sonic:~$ show ip bgp neighbors - BGP neighbor is 192.168.1.161, remote AS 65501, local AS 65061, external link - Description: ARISTA01T0 - BGP version 4, remote router ID 1.2.3.4 - BGP state = Established, up for 08w5d14h - Last read 00:00:46, hold time is 180, keepalive interval is 60 seconds - Neighbor capabilities: - 4 Byte AS: advertised and received - Dynamic: received - Route refresh: advertised and received(old & new) - Address family IPv4 Unicast: advertised and received - Graceful Restart Capabilty: advertised and received - Remote Restart timer is 120 seconds - Address families by peer: - IPv4 Unicast(not preserved) - Graceful restart informations: - End-of-RIB send: IPv4 Unicast - End-of-RIB received: IPv4 Unicast - Message statistics: - Inq depth is 0 - Outq depth is 0 - Sent Rcvd - Opens: 1 1 - Notifications: 0 0 - Updates: 14066 3 - Keepalives: 88718 88698 - Route Refresh: 0 0 - Capability: 0 0 - Total: 102785 88702 - Minimum time between advertisement runs is 30 seconds - - For address family: IPv4 Unicast - Community attribute sent to this neighbor(both) - 2 accepted prefixes - - Connections established 1; dropped 0 - Last reset never - Local host: 192.168.1.160, Local port: 32961 - Foreign host: 192.168.1.161, Foreign port: 179 - Nexthop: 192.168.1.160 - Nexthop global: fe80::f60f:1bff:fe89:bc00 - Nexthop local: :: - BGP connection: non shared network - Read thread: on Write thread: off - ``` - -Optionally, you can specify an IP address in order to display only that particular neighbor. In this mode, you can optionally specify whether you want to display all routes advertised to the specified neighbor, all routes received from the specified neighbor or all routes (received and accepted) from the specified neighbor. - - -- Examples: - ``` - admin@sonic:~$ show ip bgp neighbors 192.168.1.161 - - admin@sonic:~$ show ip bgp neighbors 192.168.1.161 advertised-routes - - admin@sonic:~$ show ip bgp neighbors 192.168.1.161 received-routes - - admin@sonic:~$ show ip bgp neighbors 192.168.1.161 routes - ``` - -**show ipv6 bgp summary** - -This command displays the summary of all IPv4 bgp neighbors that are configured and the corresponding states. - -- Usage: - ``` - show ipv6 bgp summary - ``` - -- Example: - ``` - admin@sonic:~$ show ipv6 bgp summary - BGP router identifier 10.1.0.32, local AS number 65100 - RIB entries 12809, using 1401 KiB of memory - Peers 8, using 36 KiB of memory - - Neighbor V AS MsgRcvd MsgSent TblVer InQ OutQ Up/Down State/PfxRcd - fc00::72 4 64600 12588 12591 0 0 0 06:51:17 6402 - fc00::76 4 64600 12587 6190 0 0 0 06:51:28 6402 - fc00::7a 4 64600 12587 9391 0 0 0 06:51:23 6402 - fc00::7e 4 64600 12589 12592 0 0 0 06:51:25 6402 - - Total number of neighbors 4 - ``` - -**show ipv6 bgp neighbors** - -This command displays all the details of one particular IPv6 Border Gateway Protocol (BGP) neighbor. Option is also available to display only the advertised routes, or the received routes, or all routes. - -- Usage: - ``` - show ipv6 bgp neighbors (advertised-routes | received-routes | routes) - ``` - -- Examples: - ``` - admin@sonic:~$ show ipv6 bgp neighbors fc00::72 advertised-routes - - admin@sonic:~$ show ipv6 bgp neighbors fc00::72 received-routes - - admin@sonic:~$ show ipv6 bgp neighbors fc00::72 routes - ``` - -**show route-map** - -This command displays the routing policy that takes precedence over the other route processes that are configured. - -- Usage: - ``` - show route-map - ``` - -- Example: - ``` - admin@sonic:~$ show route-map - ZEBRA: - route-map RM_SET_SRC, permit, sequence 10 - Match clauses: - Set clauses: - src 10.12.0.102 - Call clause: - Action: - Exit routemap - ZEBRA: - route-map RM_SET_SRC6, permit, sequence 10 - Match clauses: - Set clauses: - src fc00:1::102 - Call clause: - Action: - Exit routemap - BGP: - route-map FROM_BGP_SPEAKER_V4, permit, sequence 10 - Match clauses: - Set clauses: - Call clause: - Action: - Exit routemap - BGP: - route-map TO_BGP_SPEAKER_V4, deny, sequence 10 - Match clauses: - Set clauses: - Call clause: - Action: - Exit routemap - BGP: - route-map ISOLATE, permit, sequence 10 - Match clauses: - Set clauses: - as-path prepend 65000 - Call clause: - Action: - Exit routemap - ``` -Go Back To [Beginning of the document](#) or [Beginning of this section](#quagga-bgp-show-commands) - -# ZTP Configuration And Show Commands - -This section explains all the Zero Touch Provisioning commands that are supported in SONiC. - -## ZTP show commands - - -This command displays the current ZTP configuration of the switch. It also displays detailed information about current state of a ZTP session. It displays information related to all configuration sections as defined in the switch provisioning information discovered in a particular ZTP session. - -- Usage: - show ztp status - - show ztp status --verbose - -- Example: - -``` -root@B1-SP1-7712:/home/admin# show ztp status -ZTP Admin Mode : True -ZTP Service : Inactive -ZTP Status : SUCCESS -ZTP Source : dhcp-opt67 (eth0) -Runtime : 05m 31s -Timestamp : 2019-09-11 19:12:24 UTC - -ZTP Service is not running - -01-configdb-json: SUCCESS -02-connectivity-check: SUCCESS -``` -Use the verbose option to display more detailed information. - -``` -root@B1-SP1-7712:/home/admin# show ztp status --verbose -Command: ztp status --verbose -======================================== -ZTP -======================================== -ZTP Admin Mode : True -ZTP Service : Inactive -ZTP Status : SUCCESS -ZTP Source : dhcp-opt67 (eth0) -Runtime : 05m 31s -Timestamp : 2019-09-11 19:12:16 UTC -ZTP JSON Version : 1.0 - -ZTP Service is not running - ----------------------------------------- -01-configdb-json ----------------------------------------- -Status : SUCCESS -Runtime : 02m 48s -Timestamp : 2019-09-11 19:11:55 UTC -Exit Code : 0 -Ignore Result : False - ----------------------------------------- -02-connectivity-check ----------------------------------------- -Status : SUCCESS -Runtime : 04s -Timestamp : 2019-09-11 19:12:16 UTC -Exit Code : 0 -Ignore Result : False -``` - -- Description - - - **ZTP Admin Mode** - Displays if the ZTP feature is administratively enabled or disabled. Possible values are True or False. This value is configurable using "config ztp enabled" and "config ztp disable" commands. - - **ZTP Service** - Displays the ZTP service status. The following are possible values this field can display: - - *Active Discovery*: ZTP service is operational and is performing DHCP discovery to learn switch provisioning information - - *Processing*: ZTP service has discovered switch provisioning information and is processing it - - **ZTP Status** - Displays the current state and result of ZTP session. The following are possible values this field can display: - - *IN-PROGRESS*: ZTP session is currently in progress. ZTP service is processing switch provisioning information. - - *SUCCESS*: ZTP service has successfully processed the switch provisioning information. - - *FAILED*: ZTP service has failed to process the switch provisioning information. - - *Not Started*: ZTP service has not started processing the discovered switch provisioning information. - - **ZTP Source** - Displays the DHCP option and then interface name from which switch provisioning information has been discovered. - - **Runtime** - Displays the time taken for ZTP process to complete from start to finish. For individual configuration sections it indicates the time taken to process the associated configuration section. - - **Timestamp** - Displays the date/time stamp when the status field has last changed. - - **ZTP JSON Version** - Version of ZTP JSON file used for describing switch provisioning information. - - **Status** - Displays the current state and result of a configuration section. The following are possible values this field can display: - - *IN-PROGRESS*: Corresponding configuration section is currently being processed. - - *SUCCESS*: Corresponding configuration section was processed successfully. - - *FAILED*: Corresponding configuration section failed to execute successfully. - - *Not Started*: ZTP service has not started processing the corresponding configuration section. - - *DISABLED*: Corresponding configuration section has been marked as disabled and will not be processed. - - **Exit Code** - Displays the program exit code of the configuration section executed. Non-zero exit code indicates that the configuration section has failed to execute successfully. - - **Ignore Result** - If this value is True, the result of the corresponding configuration section is ignored and not used to evaluate the overall ZTP result. - - **Activity String** - In addition to above information an activity string is displayed indicating the current action being performed by the ZTP service and how much time it has been performing the mentioned activity. Below is an example. - - (04m 12s) Discovering provisioning data - -## ZTP configuration commands - -This sub-section explains the list of the configuration options available for ZTP. - - - -**config ztp enable** - -Use this command to enable ZTP administrative mode - -- Example: - -``` -root@sonic:/home/admin# config ztp enable -Running command: ztp enable -``` - - - -**config ztp disable** - -Use this command to disable ZTP administrative mode. This command can also be used to abort a current ZTP session and load the factory default switch configuration. - -- Usage: - config ztp disable - - config ztp disable -y - -- Example: - -``` -root@sonic:/home/admin# config ztp disable -Active ZTP session will be stopped and disabled, continue? [y/N]: y -Running command: ztp disable -y -``` - - -**config ztp run** - -Use this command to manually restart a new ZTP session. This command deletes the existing */etc/sonic/config_db.json* file and stats ZTP service. It also erases the previous ZTP session data. ZTP configuration is loaded on to the switch and ZTP discovery is performed. - -- Usage: - config ztp run - - config ztp run -y - -- Example: - -``` -root@sonic:/home/admin# config ztp run -ZTP will be restarted. You may lose switch data and connectivity, continue? [y/N]: y -Running command: ztp run -y -``` - -Go Back To [Beginning of the document](#SONiC-COMMAND-LINE-INTERFACE-GUIDE) or [Beginning of this section](#ztp-configuration-and-show-commands) +# SONiC Command Line Interface Guide + +## Table of Contents + +* [Document History](#document-history) +* [Introduction](#introduction) +* [Basic Tasks](#basic-tasks) + * [SSH Login](#ssh-login) + * [Show Management Interface](#show-management-interface) + * [Configuring Management Interface](#configuring-management-interface) +* [Getting Help](#getting-help) + * [Help for Config Commands](#help-for-config-commands) + * [Help for Show Commands](#help-for-show-commands) +* [Basic Show Commands](#basic-show-commands) + * [Show Versions](#show-versions) + * [Show System Status](#show-system-status) + * [Show Hardware Platform](#show-hardware-platform) + * [Transceivers](#transceivers) +* [AAA & TACACS+](#aaa--tacacs) + * [AAA](#aaa) + * [AAA show commands](#aaa-show-commands) + * [AAA config commands](#aaa-config-commands) + * [TACACS+](#tacacs) + * [TACACS+ show commands](#tacacs-show-commands) + * [TACACS+ config commands](#tacacs-config-commands) +* [ACL](#acl) + * [ACL show commands](#acl-show-commands) + * [ACL config commands](#acl-config-commands) +* [ARP & NDP](#arp--ndp) + * [ARP show commands](#arp-show-commands) + * [NDP show commands](#ndp-show-commands) +* [BFD](#bfd) + * [BFD show commands](#bfd-show-commands) +* [BGP](#bgp) + * [BGP show commands](#bgp-show-commands) + * [BGP config commands](#bgp-config-commands) +* [Console](#console) + * [Console show commands](#console-show-commands) + * [Console config commands](#console-config-commands) + * [Console connect commands](#console-connect-commands) + * [Console clear commands](#console-clear-commands) +* [DHCP Relay](#dhcp-relay) + * [DHCP Relay config commands](#dhcp-relay-config-commands) +* [Drop Counters](#drop-counters) + * [Drop Counter show commands](#drop-counters-show-commands) + * [Drop Counter config commands](#drop-counters-config-commands) + * [Drop Counter clear commands](#drop-counters-clear-commands) +* [Dynamic Buffer Management](#dynamic-buffer-management) + * [Configuration commands](#configuration-commands) + * [Show commands](#show-commands) +* [ECN](#ecn) + * [ECN show commands](#ecn-show-commands) + * [ECN config commands](#ecn-config-commands) +* [Feature](#feature) + * [Feature show commands](#feature-show-commands) + * [Feature config commands](#feature-config-commands) +* [Flow Counters](#flow-counters) + * [Flow Counters show commands](#flow-counters-show-commands) + * [Flow Counters clear commands](#flow-counters-clear-commands) + * [Flow Counters config commands](#flow-counters-config-commands) +* [Gearbox](#gearbox) + * [Gearbox show commands](#gearbox-show-commands) +* [Interfaces](#interfaces) + * [Interface Show Commands](#interface-show-commands) + * [Interface Config Commands](#interface-config-commands) +* [Interface Naming Mode](#interface-naming-mode) + * [Interface naming mode show commands](#interface-naming-mode-show-commands) + * [Interface naming mode config commands](#interface-naming-mode-config-commands) + * [Interface Vrf binding](#interface-vrf-binding) + * [Interface vrf bind & unbind config commands](#interface-vrf-bind-&-unbind-config-commands) + * [Interface vrf binding show commands](#interface-vrf-binding-show-commands) +* [IP / IPv6](#ip--ipv6) + * [IP show commands](#ip-show-commands) + * [IPv6 show commands](#ipv6-show-commands) +* [IPv6 Link Local](#ipv6-link-local) + * [IPv6 Link Local config commands](#ipv6-link-local-config-commands) + * [IPv6 Link Local show commands](#ipv6-link-local-show-commands) +* [Kubernetes](#Kubernetes) + * [Kubernetes show commands](#Kubernetes-show-commands) + * [Kubernetes config commands](#Kubernetes-config-commands) +* [Linux Kernel Dump](#kdump) + * [Linux Kernel Dump show commands](#Linux-Kernel-Dump-show-commands) + * [Linux Kernel Dump config commands](#Linux-Kernel-Dump-config-command) +* [LLDP](#lldp) + * [LLDP show commands](#lldp-show-commands) +* [Loading, Reloading And Saving Configuration](#loading-reloading-and-saving-configuration) + * [Loading configuration from JSON file](#loading-configuration-from-json-file) + * [Loading configuration from minigraph (XML) file](#loading-configuration-from-minigraph-xml-file) + * [Reloading Configuration](#reloading-configuration) + * [Loading Management Configuration](#loading-management-configuration) + * [Saving Configuration to a File for Persistence](saving-configuration-to-a-file-for-persistence) + * [Loopback Interfaces](#loopback-interfaces) + * [Loopback show commands](#loopback-show-commands) + * [Loopback config commands](#loopback-config-commands) +* [VRF Configuration](#vrf-configuration) + * [VRF show commands](#vrf-show-commands) + * [VRF config commands](#vrf-config-commands) +* [Management VRF](#Management-VRF) + * [Management VRF Show commands](#management-vrf-show-commands) + * [Management VRF Config commands](#management-vrf-config-commands) +* [Mirroring](#mirroring) + * [Mirroring Show commands](#mirroring-show-commands) + * [Mirroring Config commands](#mirroring-config-commands) +* [Muxcable](#muxcable) + * [Muxcable Show commands](#muxcable-show-commands) + * [Muxcable Config commands](#muxcable-config-commands) +* [NAT](#nat) + * [NAT Show commands](#nat-show-commands) + * [NAT Config commands](#nat-config-commands) + * [NAT Clear commands](#nat-clear-commands) +* [NTP](#ntp) + * [NTP show commands](#ntp-show-commands) + * [NTP config commands](#ntp-config-commands) +* [NVGRE](#nvgre) + * [NVGRE show commands](#nvgre-show-commands) + * [NVGRE config commands](#nvgre-config-commands) +* [PBH](#pbh) + * [PBH show commands](#pbh-show-commands) + * [PBH config commands](#pbh-config-commands) +* [PFC Watchdog Commands](#pfc-watchdog-commands) +* [Platform Component Firmware](#platform-component-firmware) + * [Platform Component Firmware show commands](#platform-component-firmware-show-commands) + * [Platform Component Firmware config commands](#platform-component-firmware-config-commands) + * [Platform Component Firmware vendor specific behaviour](#platform-component-firmware-vendor-specific-behaviour) +* [Platform Specific Commands](#platform-specific-commands) + * [Mellanox Platform Specific Commands](#mellanox-platform-specific-commands) + * [Barefoot Platform Specific Commands](#barefoot-platform-specific-commands) +* [PortChannels](#portchannels) + * [PortChannel Show commands](#portchannel-show-commands) + * [PortChannel Config commands](#portchannel-config-commands) +* [QoS](#qos) + * [QoS Show commands](#qos-show-commands) + * [PFC](#pfc) + * [Queue And Priority-Group](#queue-and-priority-group) + * [Buffer Pool](#buffer-pool) + * [QoS config commands](#qos-config-commands) +* [Radius](#radius) + * [radius show commands](#show-radius-commands) + * [radius config commands](#Radius-config-commands) +* [sFlow](#sflow) + * [sFlow Show commands](#sflow-show-commands) + * [sFlow Config commands](#sflow-config-commands) +* [SNMP](#snmp) + * [SNMP Show commands](#snmp-show-commands) + * [SNMP Config commands](#snmp-config-commands) +* [Startup & Running Configuration](#startup--running-configuration) + * [Startup Configuration](#startup-configuration) + * [Running Configuration](#running-configuration) +* [Static routing](#static-routing) +* [Subinterfaces](#subinterfaces) + * [Subinterfaces Show Commands](#subinterfaces-show-commands) + * [Subinterfaces Config Commands](#subinterfaces-config-commands) +* [Syslog](#syslog) + * [Syslog show commands](#syslog-show-commands) + * [Syslog config commands](#syslog-config-commands) +* [System State](#system-state) + * [Processes](#processes) + * [Services & Memory](#services--memory) +* [System-Health](#System-Health) +* [VLAN & FDB](#vlan--fdb) + * [VLAN](#vlan) + * [VLAN show commands](#vlan-show-commands) + * [VLAN Config commands](#vlan-config-commands) + * [FDB](#fdb) + * [FDB show commands](#fdb-show-commands) +* [VxLAN & Vnet](#vxlan--vnet) + * [VxLAN](#vxlan) + * [VxLAN show commands](#vxlan-show-commands) + * [Vnet](#vnet) + * [Vnet show commands](#vnet-show-commands) +* [Warm Reboot](#warm-reboot) +* [Warm Restart](#warm-restart) + * [Warm Restart show commands](#warm-restart-show-commands) + * [Warm Restart Config commands](#warm-restart-config-commands) +* [Watermark](#watermark) + * [Watermark Show commands](#watermark-show-commands) + * [Watermark Config commands](#watermark-config-commands) +* [Software Installation and Management](#software-installation-and-management) + * [SONiC Package Manager](#sonic-package-manager) + * [SONiC Installer](#sonic-installer) +* [Troubleshooting Commands](#troubleshooting-commands) + * [Debug Dumps](#debug-dumps) + * [Event Driven Techsupport Invocation](#event-driven-techsupport-invocation) +* [Routing Stack](#routing-stack) +* [Quagga BGP Show Commands](#Quagga-BGP-Show-Commands) +* [ZTP Configuration And Show Commands](#ztp-configuration-and-show-commands) + * [ ZTP show commands](#ztp-show-commands) + * [ZTP configuration commands](#ztp-configuration-commands) + +## Document History + +| Version | Modification Date | Details | +| --- | --- | --- | +| v6 | May-06-2021 | Add SNMP show and config commands | +| v5 | Nov-05-2020 | Add document for console commands | +| v4 | Oct-17-2019 | Unify usage statements and other formatting; Replace tabs with spaces; Modify heading sizes; Fix spelling, grammar and other errors; Fix organization of new commands | +| v3 | Jun-26-2019 | Update based on 201904 (build#19) release, "config interface" command changes related to interfacename order, FRR/Quagga show command changes, platform specific changes, ACL show changes and few formatting changes | +| v2 | Apr-22-2019 | CLI Guide for SONiC 201811 version (build#32) with complete "config" command set | +| v1 | Mar-23-2019 | Initial version of CLI Guide with minimal command set | + +## Introduction +SONiC is an open source network operating system based on Linux that runs on switches from multiple vendors and ASICs. SONiC offers a full-suite of network functionality, like BGP and RDMA, that has been production-hardened in the data centers of some of the largest cloud-service providers. It offers teams the flexibility to create the network solutions they need while leveraging the collective strength of a large ecosystem and community. + +SONiC software shall be loaded in these [supported devices](https://github.com/Azure/SONiC/wiki/Supported-Devices-and-Platforms) and this CLI guide shall be used to configure the devices as well as to display the configuration, state and status. + +Follow the [Quick Start Guide](https://github.com/Azure/SONiC/wiki/Quick-Start) to boot the device in ONIE mode, install the SONiC software using the steps specified in the document and login to the device using the default username and password. + +After logging into the device, SONiC software can be configured in following three methods. + 1. Command Line Interface (CLI) + 2. [config_db.json](https://github.com/Azure/SONiC/wiki/Configuration) + 3. [minigraph.xml](https://github.com/Azure/SONiC/wiki/Configuration-with-Minigraph-(~Sep-2017)) + +This document explains the first method and gives the complete list of commands that are supported in SONiC 201904 version (build#19). +All the configuration commands need root privileges to execute them. Note that show commands can be executed by all users without the root privileges. +Root privileges can be obtained either by using "sudo" keyword in front of all config commands, or by going to root prompt using "sudo -i". +Note that all commands are case sensitive. + +- Example: + ``` + admin@sonic:~$ sudo config aaa authentication login tacacs+ + + OR + + admin@sonic:~$ sudo -i + root@sonic:~# config aaa authentication login tacacs+ + ``` + +Note that the command list given in this document is just a subset of all possible configurations in SONiC. +Please follow config_db.json based configuration for the complete list of configuration options. + +**Scope of this Document** + +It is assumed that all configuration commands start with the keyword “config” as prefix. +Any other scripts/utilities/commands that need user configuration control are wrapped as sub-commands under the “config” command. +The direct scripts/utilities/commands (examples given below) that are not wrapped under the "config" command are not in the scope of this document. + 1. acl_loader – This script is already wrapped inside “config acl” command; i.e. any ACL configuration that user is allowed to do is already part of “config acl” command; users are not expected to use the acl_loader script directly and hence this document need not explain the “acl_loader” script. + 2. crm – this command is not explained in this document. + 3. sonic-clear, sfputil, etc., This document does not explain these scripts also. + +## Basic Tasks + +This section covers the basic configurations related to the following: + 1. [SSH login](#SSH-Login) + 2. [Configuring the Management Interface](#Configuring-Management-Interface) + +### SSH Login + +All SONiC devices support both the serial console based login and the SSH based login by default. +The default credential (if not modified at image build time) for login is `admin/YourPaSsWoRd`. +In case of SSH login, users can login to the management interface (eth0) IP address after configuring the same using serial console. +Refer the following section for configuring the IP address for management interface. + +- Example: + ``` + At Console: + Debian GNU/Linux 9 sonic ttyS1 + + sonic login: admin + Password: YourPaSsWoRd + + SSH from any remote server to sonic can be done by connecting to SONiC IP + user@debug:~$ ssh admin@sonic_ip_address(or SONIC DNS Name) + admin@sonic's password: + ``` + +By default, login takes the user to the default prompt from which all the show commands can be executed. + +Go Back To [Beginning of the document](#) or [Beginning of this section](#basic-tasks) + +### Show Management Interface + +Please check [show ip interfaces](#show-ip-interfaces) + +### Configuring Management Interface + +The management interface (eth0) in SONiC is configured (by default) to use DHCP client to get the IP address from the DHCP server. Connect the management interface to the same network in which your DHCP server is connected and get the IP address from DHCP server. +The IP address received from DHCP server can be verified using the `/sbin/ifconfig eth0` Linux command. + +SONiC provides a CLI to configure the static IP for the management interface. There are few ways by which a static IP address can be configured for the management interface. + 1. Use the `config interface ip add eth0` command. + - Example: + ``` + admin@sonic:~$ sudo config interface ip add eth0 20.11.12.13/24 20.11.12.254 + ``` + 2. Use config_db.json and configure the MGMT_INTERFACE key with the appropriate values. Refer [here](https://github.com/Azure/SONiC/wiki/Configuration#Management-Interface) + 3. Use minigraph.xml and configure "ManagementIPInterfaces" tag inside "DpgDesc" tag as given at the [page](https://github.com/Azure/SONiC/wiki/Configuration-with-Minigraph-(~Sep-2017)) + +Once the IP address is configured, the same can be verified using either `show management_interface address` command or the `/sbin/ifconfig eth0` linux command. +Users can SSH login to this management interface IP address from their management network. + +- Example: + ``` + admin@sonic:~$ /sbin/ifconfig eth0 + eth0: flags=4163 mtu 1500 + inet 10.11.11.13 netmask 255.255.255.0 broadcast 10.11.12.255 + ``` +Go Back To [Beginning of the document](#) or [Beginning of this section](#basic-tasks) + +## Getting Help + +Subsections: + 1. [Help for Config Commands](#Config-Help) + 2. [Help for Show Commands](#Show-Help) + 3. [Show Versions](#Show-Versions) + 4. [Show System Status](#Show-System-Status) + 5. [Show Hardware Platform](#Show-Hardware-Platform) + +### Help for Config Commands + +All commands have in-built help that aids the user in understanding the command as well as the possible sub-commands and options. +"--help" can be used at any level of the command; i.e. it can be used at the command level, or sub-command level or at argument level. The in-built help will display the available possibilities corresponding to that particular command/sub-command. + +**config --help** + +This command lists all the possible configuration commands at the top level. + +- Usage: + ``` + config --help + ``` + +- Example: + ``` + admin@sonic:~$ config --help + Usage: config [OPTIONS] COMMAND [ARGS] + SONiC command line - 'config' command + + Options: + --help Show this message and exit. + + Commands: + aaa AAA command line + acl ACL-related configuration tasks + bgp BGP-related configuration tasks + ecn ECN-related configuration tasks + feature Modify configuration of features + hostname Change device hostname without impacting traffic + interface Interface-related configuration tasks + interface_naming_mode Modify interface naming mode for interacting... + kubernetes Kubernetes server related configuration + load Import a previous saved config DB dump file. + load_mgmt_config Reconfigure hostname and mgmt interface based... + load_minigraph Reconfigure based on minigraph. + loopback Loopback-related configuration tasks. + mirror_session + nat NAT-related configuration tasks + platform Platform-related configuration tasks + portchannel + qos + reload Clear current configuration and import a... + route route-related configuration tasks + save Export current config DB to a file on disk. + tacacs TACACS+ server configuration + vlan VLAN-related configuration tasks + vrf VRF-related configuration tasks + warm_restart warm_restart-related configuration tasks + watermark Configure watermark + ``` +Go Back To [Beginning of the document](#) or [Beginning of this section](#getting-help) + +### Help For Show Commands + +**show help** + +This command displays the full list of show commands available in the software; the output of each of those show commands can be used to analyze, debug or troubleshoot the network node. + +- Usage: + ``` + show (-?|-h|--help) + ``` + +- Example: + ``` + admin@sonic:~$ show -? + Usage: show [OPTIONS] COMMAND [ARGS]... + SONiC command line - 'show' command + + Options: + -?, -h, --help Show this message and exit. + + Commands: + aaa Show AAA configuration + acl Show ACL related information + arp Show IP ARP table + buffer_pool Show details of the Buffer-pools + clock Show date and time + ecn Show ECN configuration + environment Show environmentals (voltages, fans, temps) + feature Show feature status + interfaces Show details of the network interfaces + ip Show IP (IPv4) commands + ipv6 Show IPv6 commands + kubernetes Show kubernetes commands + line Show all /dev/ttyUSB lines and their info + lldp Show LLDP information + logging Show system log + mac Show MAC (FDB) entries + mirror_session Show existing everflow sessions + mmu Show mmu configuration + muxcable Show muxcable information + nat Show details of the nat + ndp Show IPv6 Neighbour table + ntp Show NTP information + pfc Show details of the priority-flow-control... + platform Show platform-specific hardware info + priority-group Show details of the PGs + processes Show process information + queue Show details of the queues + reboot-cause Show cause of most recent reboot + route-map Show route-map + runningconfiguration Show current running configuration... + services Show all daemon services + startupconfiguration Show startup configuration information + subinterfaces Show details of the sub port interfaces + system-memory Show memory information + tacacs Show TACACS+ configuration + techsupport Gather information for troubleshooting + uptime Show system uptime + users Show users + version Show version information + vlan Show VLAN information + vrf Show vrf config + warm_restart Show warm restart configuration and state + watermark Show details of watermark + ``` + +The same syntax applies to all subgroups of `show` which themselves contain subcommands, and subcommands which accept options/arguments. + +- Example: + ``` + admin@sonic:~$ show interfaces -? + + Show details of the network interfaces + + Options: + -?, -h, --help Show this message and exit. + + Commands: + counters Show interface counters + description Show interface status, protocol and... + naming_mode Show interface naming_mode status + neighbor Show neighbor related information + portchannel Show PortChannel information + status Show Interface status information + tpid Show Interface tpid information + transceiver Show SFP Transceiver information + ``` + +Go Back To [Beginning of the document](#) or [Beginning of this section](#getting-help) + +## Basic Show Commands + +Subsections: + 1. [Show Versions](#Show-Versions) + 2. [Show System Status](#Show-System-Status) + 3. [Show Hardware Platform](#Show-Hardware-Platform) + +### Show Versions + +**show version** + +This command displays software component versions of the currently running SONiC image. This includes the SONiC image version as well as Docker image versions. +This command displays relevant information as the SONiC and Linux kernel version being utilized, as well as the ID of the commit used to build the SONiC image. The second section of the output displays the various docker images and their associated IDs. + +- Usage: + ``` + show version + ``` + +- Example: + ``` + admin@sonic:~$ show version + SONiC Software Version: SONiC.HEAD.32-21ea29a + Distribution: Debian 9.8 + Kernel: 4.9.0-8-amd64 + Build commit: 21ea29a + Build date: Fri Mar 22 01:55:48 UTC 2019 + Built by: johnar@jenkins-worker-4 + + Platform: x86_64-mlnx_msn2700-r0 + HwSKU: Mellanox-SN2700 + ASIC: mellanox + ASIC Count: 1 + Serial Number: MT1822K07815 + Model Number: MSN2700-CS2FO + Hardware Rev: A1 + Uptime: 14:40:15 up 3 min, 1 user, load average: 1.26, 1.45, 0.66 + Date: Fri 22 Mar 2019 14:40:15 + + Docker images: + REPOSITORY TAG IMAGE ID SIZE + docker-syncd-brcm HEAD.32-21ea29a 434240daff6e 362MB + docker-syncd-brcm latest 434240daff6e 362MB + docker-orchagent-brcm HEAD.32-21ea29a e4f9c4631025 287MB + docker-orchagent-brcm latest e4f9c4631025 287MB + docker-nat HEAD.32-21ea29a 46075edc1c69 305MB + docker-nat latest 46075edc1c69 305MB + docker-lldp-sv2 HEAD.32-21ea29a 9681bbfea3ac 275MB + docker-lldp-sv2 latest 9681bbfea3ac 275MB + docker-dhcp-relay HEAD.32-21ea29a 2db34c7bc6f4 257MB + docker-dhcp-relay latest 2db34c7bc6f4 257MB + docker-database HEAD.32-21ea29a badc6fc84cdb 256MB + docker-database latest badc6fc84cdb 256MB + docker-snmp-sv2 HEAD.32-21ea29a e2776e2a30b7 295MB + docker-snmp-sv2 latest e2776e2a30b7 295MB + docker-teamd HEAD.32-21ea29a caf957cd2ad1 275MB + docker-teamd latest caf957cd2ad1 275MB + docker-router-advertiser HEAD.32-21ea29a b1a62023958c 255MB + docker-router-advertiser latest b1a62023958c 255MB + docker-platform-monitor HEAD.32-21ea29a 40b40a4b2164 287MB + docker-platform-monitor latest 40b40a4b2164 287MB + docker-fpm-quagga HEAD.32-21ea29a 546036fe6838 282MB + docker-fpm-quagga latest 546036fe6838 282MB + ``` +Go Back To [Beginning of the document](#) or [Beginning of this section](#basic-show-commands) + + +### Show System Status +This sub-section explains some set of sub-commands that are used to display the status of various parameters pertaining to the physical state of the network node. + +**show clock** + +This command displays the current date and time configured on the system + +- Usage: + ``` + show clock + ``` + +- Example: + ``` + admin@sonic:~$ show clock + Mon Mar 25 20:25:16 UTC 2019 + ``` + +**show boot** + +This command displays the current OS image, the image to be loaded on next reboot, and lists all the available images installed on the device + +- Usage: + ``` + show boot + ``` + +- Example: + ``` + admin@sonic:~$ show boot + Current: SONiC-OS-20181130.31 + Next: SONiC-OS-20181130.31 + Available: + SONiC-OS-20181130.31 + ``` + +**show environment** + +This command displays the platform environmentals, such as voltages, temperatures and fan speeds + +- Usage: + ``` + show environment + ``` + +- Example: + ``` + admin@sonic:~$ show environment + coretemp-isa-0000 + Adapter: ISA adapter + Core 0: +28.0 C (high = +98.0 C, crit = +98.0 C) + Core 1: +28.0 C (high = +98.0 C, crit = +98.0 C) + Core 2: +28.0 C (high = +98.0 C, crit = +98.0 C) + Core 3: +28.0 C (high = +98.0 C, crit = +98.0 C) + SMF_Z9100_ON-isa-0000 + Adapter: ISA adapter + CPU XP3R3V_EARLY: +3.22 V + <... few more things ...> + + Onboard Temperature Sensors: + CPU: 30 C + BCM56960 (PSU side): 35 C + <... few more things ...> + + Onboard Voltage Sensors: + CPU XP3R3V_EARLY 3.22 V + <... few more things ...> + + Fan Trays: + Fan Tray 1: + Fan1 Speed: 6192 RPM + Fan2 Speed: 6362 RPM + Fan1 State: Normal + Fan2 State: Normal + Air Flow: F2B + <... few more things ...> + + PSUs: + PSU 1: + Input: AC + <... few more things ...> + ``` +NOTE: The show output has got lot of information; only the sample output is given in the above example. +Though the displayed output slightly differs from one platform to another platform, the overall content will be similar to the example mentioned above. + +**show reboot-cause** + +This command displays the cause of the previous reboot + +- Usage: + ``` + show reboot-cause + ``` + +- Example: + ``` + admin@sonic:~$ show reboot-cause + User issued reboot command [User: admin, Time: Mon Mar 25 01:02:03 UTC 2019] + ``` + +**show reboot-cause history** + +This command displays the history of the previous reboots up to 10 entry + +- Usage: + ``` + show reboot-cause history + ``` + +- Example: + ``` + admin@sonic:~$ show reboot-cause history + Name Cause Time User Comment + ------------------- ----------- ---------------------------- ------ --------- + 2020_10_09_02_33_06 reboot Fri Oct 9 02:29:44 UTC 2020 admin + 2020_10_09_01_56_59 reboot Fri Oct 9 01:53:49 UTC 2020 admin + 2020_10_09_02_00_53 fast-reboot Fri Oct 9 01:58:04 UTC 2020 admin + 2020_10_09_04_53_58 warm-reboot Fri Oct 9 04:51:47 UTC 2020 admin + ``` + +**show uptime** + +This command displays the current system uptime + +- Usage: + ``` + show uptime + ``` + +- Example: + ``` + admin@sonic:~$ show uptime + up 2 days, 21 hours, 30 minutes + ``` + +**show logging** + +This command displays all the currently stored log messages. +All the latest processes and corresponding transactions are stored in the "syslog" file. +This file is saved in the path `/var/log` and can be viewed by giving the command ` sudo cat syslog` as this requires root login. + +- Usage: + ``` + show logging [( [-l|--lines ]) | (-f|--follow)] + ``` + +- Example: + ``` + admin@sonic:~$ show logging + ``` + +It can be useful to pipe the output from `show logging` to the command `more` in order to examine one screenful of log messages at a time + +- Example: + ``` + admin@sonic:~$ show logging | more + ``` + +Optionally, you can specify a process name in order to display only log messages mentioning that process + +- Example: + ``` + admin@sonic:~$ show logging sensord + ``` + +Optionally, you can specify a number of lines to display using the `-l` or `--lines` option. Only the most recent N lines will be displayed. Also note that this option can be combined with a process name. + +- Examples: + ``` + admin@sonic:~$ show logging --lines 50 + ``` + ``` + admin@sonic:~$ show logging sensord --lines 50 + ``` + +Optionally, you can follow the log live as entries are written to it by specifying the `-f` or `--follow` flag + +- Example: + ``` + admin@sonic:~$ show logging --follow + ``` + +**show users** + +This command displays a list of users currently logged in to the device + +- Usage: + ``` + show users + ``` + +- Examples: + ``` + admin@sonic:~$ show users + admin pts/9 Mar 25 20:31 (100.127.20.23) + + admin@sonic:~$ show users + admin ttyS1 2019-03-25 20:31 + ``` +Go Back To [Beginning of the document](#) or [Beginning of this section](#basic-show-commands) + +### Show Hardware Platform + +The information displayed in this set of commands partially overlaps with the one generated by “show envinronment” instruction. In this case though, the information is presented in a more succinct fashion. In the future these two CLI stanzas may end up getting combined. + +**show platform summary** + +This command displays a summary of the device's hardware platform + +- Usage: + ``` + show platform summary + ``` + +- Example: + ``` + admin@sonic:~$ show platform summary + Platform: x86_64-mlnx_msn2700-r0 + HwSKU: Mellanox-SN2700 + ASIC: mellanox + ASIC Count: 1 + Serial Number: MT1822K07815 + Model Number: MSN2700-CS2FO + Hardware Rev: A1 + ``` + +**show platform syseeprom** + +This command displays information stored on the system EEPROM. +Note that the output of this command is not the same for all vendor's platforms. +Couple of example outputs are given below. + +- Usage: + ``` + show platform syseeprom + ``` + +- Example: + ``` + admin@sonic:~$ show platform syseeprom + lsTLV Name Len Value + -------------------- --- ----- + PPID 20 XX-XXXXXX-00000-000-0000 + DPN Rev 3 XXX + Service Tag 7 XXXXXXX + Part Number 10 XXXXXX + Part Number Rev 3 XXX + Mfg Test Results 2 FF + Card ID 2 0x0000 + Module ID 2 0 + Base MAC Address 12 FE:EC:BA:AB:CD:EF + (checksum valid) + ``` + + ``` + admin@sonic:~$ show platform syseeprom + TlvInfo Header: + Id String: TlvInfo + Version: 1 + Total Length: 527 + TLV Name Code Len Value + ---- --- ----- + Product Name 0x21 64 MSN2700 + Part Number 0x22 20 MSN2700-CS2FO + Serial Number 0x23 24 MT1822K07815 + Base MAC Address 0x24 6 50:6B:4B:8F:CE:40 + Manufacture Date 0x25 19 05/28/2018 23:56:02 + Device Version 0x26 1 16 + MAC Addresses 0x2A 2 128 + Manufacturer 0x2B 8 Mellanox + Vendor Extension 0xFD 36 + Vendor Extension 0xFD 164 + Vendor Extension 0xFD 36 + Vendor Extension 0xFD 36 + Vendor Extension 0xFD 36 + Platform Name 0x28 18 x86_64-mlnx_x86-r0 + ONIE Version 0x29 21 2018.08-5.2.0006-9600 + CRC-32 0xFE 4 0x11C017E1 + + (checksum valid) + ``` + +**show platform ssdhealth** + +This command displays health parameters of the device's SSD + +- Usage: + ``` + show platform ssdhealth [--vendor] + ``` + +- Example: + ``` + admin@sonic:~$ show platform ssdhealth + Device Model : M.2 (S42) 3IE3 + Health : 99.665% + Temperature : 30C + ``` + +**show platform psustatus** + +This command displays the status of the device's power supply units + +- Usage: + ``` + show platform psustatus + ``` + +- Example: + ``` + admin@sonic:~$ show platform psustatus + PSU Model Serial HW Rev Voltage (V) Current (A) Power (W) Status LED + ----- ------------- ------------ -------- ------------- ------------- ----------- -------- ----- + PSU 1 MTEF-PSF-AC-A MT1621X15246 A3 11.97 4.56 54.56 OK green + ``` + +**show platform fan** + +This command displays the status of the device's fans + +- Usage: + ``` + show platform fan + ``` + +- Example: + ``` + admin@sonic:~$ show platform fan + FAN Speed Direction Presence Status Timestamp + ----------- -------- ----------- ---------- -------- ----------------- + fan1 34% intake Present OK 20200302 06:58:56 + fan2 43% intake Present OK 20200302 06:58:56 + fan3 38% intake Present OK 20200302 06:58:56 + fan4 49% intake Present OK 20200302 06:58:57 + fan5 38% exhaust Present OK 20200302 06:58:57 + fan6 48% exhaust Present OK 20200302 06:58:57 + fan7 39% exhaust Present OK 20200302 06:58:57 + fan8 48% exhaust Present OK 20200302 06:58:57 + ``` + +**show platform temperature** + +This command displays the status of the device's thermal sensors + +- Usage: + ``` + show platform temperature + ``` + +- Example: + ``` + admin@sonic:~$ show platform temperature + NAME Temperature High Th Low Th Crit High Th Crit Low Th Warning Timestamp + ---------------------- ------------- --------- -------- -------------- ------------- --------- ----------------- + Ambient ASIC Temp 37.0 100.0 N/A 120.0 N/A False 20200302 06:58:57 + Ambient Fan Side Temp 28.5 100.0 N/A 120.0 N/A False 20200302 06:58:57 + Ambient Port Side Temp 31.0 100.0 N/A 120.0 N/A False 20200302 06:58:57 + CPU Core 0 Temp 36.0 87.0 N/A 105.0 N/A False 20200302 06:59:57 + CPU Core 1 Temp 38.0 87.0 N/A 105.0 N/A False 20200302 06:59:57 + CPU Pack Temp 38.0 87.0 N/A 105.0 N/A False 20200302 06:59:57 + PSU-1 Temp 28.0 100.0 N/A 120.0 N/A False 20200302 06:59:58 + PSU-2 Temp 28.0 100.0 N/A 120.0 N/A False 20200302 06:59:58 + xSFP module 1 Temp 31.5 70.0 N/A 90.0 N/A False 20200302 06:59:57 + xSFP module 2 Temp 35.0 70.0 N/A 90.0 N/A False 20200302 06:59:57 + xSFP module 3 Temp 32.0 70.0 N/A 90.0 N/A False 20200302 06:59:57 + xSFP module 4 Temp 33.5 70.0 N/A 90.0 N/A False 20200302 06:59:57 + xSFP module 5 Temp 34.0 70.0 N/A 90.0 N/A False 20200302 06:59:57 + xSFP module 6 Temp 36.0 70.0 N/A 90.0 N/A False 20200302 06:59:57 + xSFP module 7 Temp 33.5 70.0 N/A 90.0 N/A False 20200302 06:59:57 + xSFP module 8 Temp 33.0 70.0 N/A 90.0 N/A False 20200302 06:59:57 + xSFP module 9 Temp 32.0 70.0 N/A 90.0 N/A False 20200302 06:59:57 + xSFP module 10 Temp 38.5 70.0 N/A 90.0 N/A False 20200302 06:59:57 + xSFP module 11 Temp 38.0 70.0 N/A 90.0 N/A False 20200302 06:59:57 + xSFP module 12 Temp 39.0 70.0 N/A 90.0 N/A False 20200302 06:59:57 + xSFP module 13 Temp 35.5 70.0 N/A 90.0 N/A False 20200302 06:59:57 + xSFP module 14 Temp 37.0 70.0 N/A 90.0 N/A False 20200302 06:59:57 + xSFP module 15 Temp 36.0 70.0 N/A 90.0 N/A False 20200302 06:59:57 + xSFP module 16 Temp 36.5 70.0 N/A 90.0 N/A False 20200302 06:59:57 + xSFP module 17 Temp 32.0 70.0 N/A 90.0 N/A False 20200302 06:59:57 + xSFP module 18 Temp 34.5 70.0 N/A 90.0 N/A False 20200302 06:59:57 + xSFP module 19 Temp 30.0 70.0 N/A 90.0 N/A False 20200302 06:59:57 + xSFP module 20 Temp 31.5 70.0 N/A 90.0 N/A False 20200302 06:59:57 + xSFP module 21 Temp 34.0 70.0 N/A 90.0 N/A False 20200302 06:59:57 + xSFP module 22 Temp 34.4 70.0 N/A 90.0 N/A False 20200302 06:59:57 + xSFP module 23 Temp 34.0 70.0 N/A 90.0 N/A False 20200302 06:59:57 + xSFP module 24 Temp 35.6 70.0 N/A 90.0 N/A False 20200302 06:59:57 + xSFP module 25 Temp 38.0 70.0 N/A 90.0 N/A False 20200302 06:59:57 + xSFP module 26 Temp 32.2 70.0 N/A 90.0 N/A False 20200302 06:59:58 + xSFP module 27 Temp 39.0 70.0 N/A 90.0 N/A False 20200302 06:59:58 + xSFP module 28 Temp 30.1 70.0 N/A 90.0 N/A False 20200302 06:59:58 + xSFP module 29 Temp 32.0 70.0 N/A 90.0 N/A False 20200302 06:59:58 + xSFP module 30 Temp 35.3 70.0 N/A 90.0 N/A False 20200302 06:59:58 + xSFP module 31 Temp 31.0 70.0 N/A 90.0 N/A False 20200302 06:59:58 + xSFP module 32 Temp 39.5 70.0 N/A 90.0 N/A False 20200302 06:59:58 + ``` + +#### Transceivers +Displays diagnostic monitoring information of the transceivers + +**show interfaces transceiver** + +This command displays information for all the interfaces for the transceiver requested or a specific interface if the optional "interface_name" is specified. + +- Usage: + ``` + show interfaces transceiver (eeprom [-d|--dom] | lpmode | presence | error-status [-hw|--fetch-from-hardware]) [] + ``` + +- Example (Decode and display information stored on the EEPROM of SFP transceiver connected to Ethernet0): + ``` + admin@sonic:~$ show interfaces transceiver eeprom --dom Ethernet0 + Ethernet0: SFP detected + Connector : No separable connector + Encoding : Unspecified + Extended Identifier : Unknown + Extended RateSelect Compliance : QSFP+ Rate Select Version 1 + Identifier : QSFP+ + Length Cable Assembly(m) : 1 + Specification compliance : + 10/40G Ethernet Compliance Code : 40GBASE-CR4 + Fibre Channel Speed : 1200 Mbytes/Sec + Fibre Channel link length/Transmitter Technology : Electrical inter-enclosure (EL) + Fibre Channel transmission media : Twin Axial Pair (TW) + Vendor Date Code(YYYY-MM-DD Lot) : 2015-10-31 + Vendor Name : XXXXX + Vendor OUI : XX-XX-XX + Vendor PN : 1111111111 + Vendor Rev : + Vendor SN : 111111111 + ChannelMonitorValues: + RX1Power: -1.1936dBm + RX2Power: -1.1793dBm + RX3Power: -0.9388dBm + RX4Power: -1.0729dBm + TX1Bias: 4.0140mA + TX2Bias: 4.0140mA + TX3Bias: 4.0140mA + TX4Bias: 4.0140mA + ModuleMonitorValues : + Temperature : 1.1111C + Vcc : 0.0000Volts + ``` + +- Example (Display status of low-power mode of SFP transceiver connected to Ethernet100): + ``` + admin@sonic:~$ show interfaces transceiver lpmode Ethernet100 + Port Low-power Mode + ----------- ---------------- + Ethernet100 On + ``` + + +- Example (Display presence of SFP transceiver connected to Ethernet100): + ``` + admin@sonic:~$ show interfaces transceiver presence Ethernet100 + Port Presence + ----------- ---------- + Ethernet100 Present + ``` + +- Example (Display error status of SFP transceiver connected to Ethernet100): + ``` + admin@sonic:~$ show interfaces transceiver error-status Ethernet100 + Port Error Status + ----------- -------------- + Ethernet100 OK + ``` + +Go Back To [Beginning of the document](#) or [Beginning of this section](#basic-show-commands) + +## AAA & TACACS+ +This section captures the various show commands & configuration commands that are applicable for the AAA (Authentication, Authorization, and Accounting) module. +Admins can configure the type of authentication (local or remote tacacs based) required for the users and also the authentication failthrough and fallback options. +Following show command displays the current running configuration related to the AAA. + +### AAA + +#### AAA show commands + +This command is used to view the Authentication, Authorization & Accounting settings that are configured in the network node. + +**show aaa** + +This command displays the AAA settings currently present in the network node + +- Usage: + ``` + show aaa + ``` + +- Example: + ``` + admin@sonic:~$ show aaa + AAA authentication login local (default) + AAA authentication failthrough True (default) + AAA authentication fallback True (default) + ``` + +#### AAA config commands + +This sub-section explains all the possible CLI based configuration options for the AAA module. The list of commands/sub-commands possible for aaa is given below. + + Command: aaa authentication + sub-commands: + - aaa authentication failthrough + - aaa authentication fallback + - aaa authentication login + +**aaa authentication failthrough** + +This command is used to either enable or disable the failthrough option. +This command is useful when user has configured more than one tacacs+ server and when user has enabled tacacs+ authentication. +When authentication request to the first server fails, this configuration allows to continue the request to the next server. +When this configuration is enabled, authentication process continues through all servers configured. +When this is disabled and if the authentication request fails on first server, authentication process will stop and the login will be disallowed. + + +- Usage: + ``` + config aaa authentication failthrough (enable | disable | default) + ``` + + - Parameters: + - enable: This allows the AAA module to process with local authentication if remote authentication fails. + - disable: This disallows the AAA module to proceed further if remote authentication fails. + - default: This re-configures the default value, which is "enable". + + +- Example: + ``` + admin@sonic:~$ sudo config aaa authentication failthrough enable + ``` +**aaa authentication fallback** + +The command is not used at the moment. +When the tacacs+ authentication fails, it falls back to local authentication by default. + +- Usage: + ``` + config aaa authentication fallback (enable | disable | default) + ``` + +- Example: + ``` + admin@sonic:~$ sudo config aaa authentication fallback enable + ``` + +**aaa authentication login** + +This command is used to either configure whether AAA should use local database or remote tacacs+ database for user authentication. +By default, AAA uses local database for authentication. New users can be added/deleted using the linux commands (Note that the configuration done using linux commands are not preserved during reboot). +Admin can enable remote tacacs+ server based authentication by selecting the AUTH_PROTOCOL as tacacs+ in this command. +Admins need to configure the tacacs+ server accordingly and ensure that the connectivity to tacacas+ server is available via the management interface. +Once if the admins choose the remote authentication based on tacacs+ server, all user logins will be authenticated by the tacacs+ server. +If the authentication fails, AAA will check the "failthrough" configuration and authenticates the user based on local database if failthrough is enabled. + +- Usage: + ``` + config aaa authentication (tacacs+ | local | default) + ``` + + - Parameters: + - tacacs+: Enables remote authentication based on tacacs+ + - local: Disables remote authentication and uses local authentication + - default: Reset back to default value, which is only "local" authentication + + +- Example: + ``` + admin@sonic:~$ sudo config aaa authentication login tacacs+ + ``` + +Go Back To [Beginning of the document](#) or [Beginning of this section](#aaa--tacacs) + +### TACACS+ + +#### TACACS+ show commands + +**show tacacs** + +This command displays the global configuration fields and the list of all tacacs servers and their correponding configurations. + +- Usage: + ``` + show tacacs + ``` + +- Example: + ``` + admin@sonic:~$ show tacacs + TACPLUS global auth_type pap (default) + TACPLUS global timeout 99 + TACPLUS global passkey (default) + + TACPLUS_SERVER address 10.11.12.14 + priority 9 + tcp_port 50 + auth_type mschap + timeout 10 + passkey testing789 + + TACPLUS_SERVER address 10.0.0.9 + priority 1 + tcp_port 49 + ``` + +#### TACACS+ config commands + +This sub-section explains the command "config tacacs" and its sub-commands that are used to configure the following tacacs+ parameters. +Some of the parameters like authtype, passkey and timeout can be either configured at per server level or at global level (global value will be applied if there no server level configuration) + +1) Add/Delete the tacacs+ server details. +2) authtype - global configuration that is applied to all servers if there is no server specific configuration. +3) default - reset the authtype or passkey or timeout to the default values. +4) passkey - global configuration that is applied to all servers if there is no server specific configuration. +5) timeout - global configuration that is applied to all servers if there is no server specific configuration. + +**config tacacs add** + +This command is used to add a TACACS+ server to the tacacs server list. +Note that more than one tacacs+ (maximum of seven) can be added in the device. +When user tries to login, tacacs client shall contact the servers one by one. +When any server times out, device will try the next server one by one based on the priority value configured for that server. +When this command is executed, the configured tacacs+ server addresses are updated in /etc/pam.d/common-auth-sonic configuration file which is being used by tacacs service. + +- Usage: + ``` + config tacacs add [-t|--timeout ] [-k|--key ] [-a|--type ] [-o|--port ] [-p|--pri ] [-m|--use-mgmt-vrf] + ``` + + - Parameters: + - ip_address: TACACS+ server IP address. + - timeout: Transmission timeout interval in seconds, range 1 to 60, default 5 + - key: Shared secret + - type: Authentication type, "chap" or "pap" or "mschap" or "login", default is "pap". + - port: TCP port range is 1 to 65535, default 49 + - pri: Priority, priority range 1 to 64, default 1. + - use-mgmt-vrf: This means that the server is part of Management vrf, default is "no vrf" + + +- Example: + ``` + admin@sonic:~$ sudo config tacacs add 10.11.12.13 -t 10 -k testing789 -a mschap -o 50 -p 9 + ``` + + - Example Server Configuration in /etc/pam.d/common-auth-sonic configuration file: + ``` + auth [success=done new_authtok_reqd=done default=ignore] pam_tacplus.so server=10.11.12.14:50 secret=testing789 login=mschap timeout=10 try_first_pass + auth [success=done new_authtok_reqd=done default=ignore] pam_tacplus.so server=10.11.12.24:50 secret=testing789 login=mschap timeout=987654321098765433211 + 0987 try_first_pass + auth [success=done new_authtok_reqd=done default=ignore] pam_tacplus.so server=10.0.0.9:49 secret= login=mschap timeout=5 try_first_pass + auth [success=done new_authtok_reqd=done default=ignore] pam_tacplus.so server=10.0.0.8:49 secret= login=mschap timeout=5 try_first_pass + auth [success=done new_authtok_reqd=done default=ignore] pam_tacplus.so server=10.11.12.13:50 secret=testing789 login=mschap timeout=10 try_first_pass + auth [success=1 default=ignore] pam_unix.so nullok try_first_pass + ``` + + *NOTE: In the above example, the servers are stored (sorted) based on the priority value configured for the server.* + +**config tacacs delete** + +This command is used to delete the tacacs+ servers configured. + +- Usage: + ``` + config tacacs delete + ``` + +- Example: + ``` + admin@sonic:~$ sudo config tacacs delete 10.11.12.13 + ``` + +**config tacacs authtype** + +This command is used to modify the global value for the TACACS+ authtype. +When user has not configured server specific authtype, this global value shall be used for that server. + +- Usage: + ``` + config tacacs authtype (chap | pap | mschap | login) + ``` + +- Example: + ``` + admin@sonic:~$ sudo config tacacs authtype mschap + ``` + +**config tacacs default** + +This command is used to reset the global value for authtype or passkey or timeout to default value. +Default for authtype is "pap", default for passkey is EMPTY_STRING and default for timeout is 5 seconds. + +- Usage: + ``` + config tacacs default (authtype | passkey | timeout) + ``` + +- Example (This will reset the global authtype back to the default value "pap"): + ``` + admin@sonic:~$ sudo config tacacs default authtype + ``` + +**config tacacs passkey** + +This command is used to modify the global value for the TACACS+ passkey. +When user has not configured server specific passkey, this global value shall be used for that server. + +- Usage: + ``` + config tacacs passkey + ``` + +- Example: + ``` + admin@sonic:~$ sudo config tacacs passkey testing123 + ``` + +**config tacacs timeout** + +This command is used to modify the global value for the TACACS+ timeout. +When user has not configured server specific timeout, this global value shall be used for that server. + + +- Usage: + ``` + config tacacs [default] timeout [] + ``` + + - Options: + - Valid values for timeout is 1 to 60 seconds. + - When the optional keyword "default" is specified, timeout_value_in_seconds parameter wont be used; default value of 5 is used. + - Configuration using the keyword "default" is introduced in 201904 release. + +- Example: To configure non-default timeout value + ``` + admin@sonic:~$ sudo config tacacs timeout 60 + ``` + +Go Back To [Beginning of the document](#) or [Beginning of this section](#aaa--tacacs) + + + +## ACL + +This section explains the various show commands and configuration commands available for users. + +### ACL show commands + +**show acl table** + +This command displays either all the ACL tables that are configured or only the specified "TABLE_NAME". +Output from the command displays the table name, type of the table, the list of interface(s) to which the table is bound and the description about the table. + +- Usage: + ``` + show acl table [] + ``` + +- Example: + ``` + admin@sonic:~$ show acl table + Name Type Binding Description Stage + -------- --------- --------------- ---------------- ------- + EVERFLOW MIRROR Ethernet16 EVERFLOW ingress + Ethernet96 + Ethernet108 + Ethernet112 + PortChannel0001 + PortChannel0002 + SNMP_ACL CTRLPLANE SNMP SNMP_ACL ingress + DT_ACL_T1 L3 Ethernet0 DATA_ACL_TABLE_1 egress + Ethernet4 + Ethernet112 + Ethernet116 + SSH_ONLY CTRLPLANE SSH SSH_ONLY ingress + ``` + +**show acl rule** + +This command displays all the ACL rules present in all the ACL tables or only the rules present in specified table "TABLE_NAME" or only the rule matching the RULE_ID option. +Output from the command gives the following information about the rules +1) Table name - ACL table name to which the rule belongs to. +2) Rule name - ACL rule name +3) Priority - Priority for this rule. +4) Action - Action to be performed if the packet matches with this ACL rule. + +It can be: +- "DROP"/"FORWARD"("ACCEPT" for control plane ACL) +- "REDIRECT: redirect-object" for redirect rule, where "redirect-object" is either: + - physical interface name, e.g. "Ethernet10" + - port channel name, e.g. "PortChannel0002" + - next-hop IP address, e.g. "10.0.0.1" + - next-hop group set of IP addresses with comma seperator, e.g. "10.0.0.1,10.0.0.3" +- "MIRROR INGRESS|EGRESS: session-name" for mirror rules, where "session-name" refers to mirror session + +Users can choose to have a default permit rule or default deny rule. In case of default "deny all" rule, add the permitted rules on top of the deny rule. In case of the default "permit all" rule, users can add the deny rules on top of it. If users have not confgured any rule, SONiC allows all traffic (which is "permit all"). + +5) Match - The fields from the packet header that need to be matched against the same present in the incoming traffic. + +- Usage: + ``` + show acl rule [] [] + ``` + +- Example: + ``` + admin@sonic:~$ show acl rule + Table Rule Priority Action Match + -------- ------------ ---------- ------------------------- ---------------------------- + SNMP_ACL RULE_1 9999 ACCEPT IP_PROTOCOL: 17 + SRC_IP: 1.1.1.1/32 + SSH_ONLY RULE_2 9998 ACCEPT IP_PROTOCOL: 6 + SRC_IP: 1.1.1.1/32 + EVERFLOW RULE_3 9997 MIRROR INGRESS: everflow0 SRC_IP: 20.0.0.2/32 + EVERFLOW RULE_4 9996 MIRROR EGRESS : everflow1 L4_SRC_PORT: 4621 + DATAACL RULE_5 9995 REDIRECT: Ethernet8 IP_PROTOCOL: 126 + DATAACL RULE_6 9994 FORWARD L4_SRC_PORT: 179 + DATAACL RULE_7 9993 FORWARD L4_DST_PORT: 179 + SNMP_ACL DEFAULT_RULE 1 DROP ETHER_TYPE: 2048 + SSH_ONLY DEFAULT_RULE 1 DROP ETHER_TYPE: 2048 + ``` + + +### ACL config commands +This sub-section explains the list of configuration options available for ACL module. +Note that there is no direct command to add or delete or modify the ACL table and ACL rule. +Existing ACL tables and ACL rules can be updated by specifying the ACL rules in json file formats and configure those files using this CLI command. + +**config acl update full** + +This command is to update the rules in all the tables or in one specific table in full. If a table_name is provided, the operation will be restricted in the specified table. All existing rules in the specified table or all tables will be removed. New rules loaded from file will be installed. If the table_name is specified, only rules within that table will be removed and new rules in that table will be installed. If the table_name is not specified, all rules from all tables will be removed and only the rules present in the input file will be added. + +The command does not modify anything in the list of acl tables. It modifies only the rules present in those pre-existing tables. + +In order to create acl tables, either follow the config_db.json method or minigraph method to populate the list of ACL tables. + +After creating tables, either the config_db.json method or the minigraph method or the CLI method (explained here) can be used to populate the rules in those ACL tables. + +This command updates only the ACL rules and it does not disturb the ACL tables; i.e. the output of "show acl table" is not alterted by using this command; only the output of "show acl rule" will be changed after this command. + +When "--session_name" optional argument is specified, command sets the session_name for the ACL table with this mirror session name. It fails if the specified mirror session name does not exist. + +When "--mirror_stage" optional argument is specified, command sets the mirror action to ingress/egress based on this parameter. By default command sets ingress mirror action in case argument is not specified. + +When the optional argument "max_priority" is specified, each rule’s priority is calculated by subtracting its “sequence_id” value from the “max_priority”. If this value is not passed, the default “max_priority” 10000 is used. + +- Usage: + ``` + config acl update full [--table_name ] [--session_name ] [--mirror_stage (ingress | egress)] [--max_priority ] + ``` + + - Parameters: + - table_name: Specifiy the name of the ACL table to load. Example: config acl update full "--table_name DT_ACL_T1 /etc/sonic/acl_table_1.json" + - session_name: Specifiy the name of the ACL session to load. Example: config acl update full "--session_name mirror_ses1 /etc/sonic/acl_table_1.json" + - priority_value: Specify the maximum priority to use when loading ACL rules. Example: config acl update full "--max-priority 100 /etc/sonic/acl_table_1.json" + + *NOTE 1: All these optional parameters should be inside double quotes. If none of the options are provided, double quotes are not required for specifying filename alone.* + *NOTE 2: Any number of optional parameters can be configured in the same command.* + +- Examples: + ``` + admin@sonic:~$ sudo config acl update full /etc/sonic/acl_full_snmp_1_2_ssh_4.json + admin@sonic:~$ sudo config acl update full "--table_name SNMP-ACL /etc/sonic/acl_full_snmp_1_2_ssh_4.json" + admin@sonic:~$ sudo config acl update full "--session_name everflow0 /etc/sonic/acl_full_snmp_1_2_ssh_4.json" + ``` + + This command will remove all rules from all the ACL tables and insert all the rules present in this input file. + Refer the example file [acl_full_snmp_1_2_ssh_4.json](#) that adds two rules for SNMP (Rule1 and Rule2) and one rule for SSH (Rule4) + Refer an example for input file format [here](https://github.com/Azure/sonic-mgmt/blob/master/ansible/roles/test/files/helpers/config_service_acls.sh) + Refer another example [here](https://github.com/Azure/sonic-mgmt/blob/master/ansible/roles/test/tasks/acl/acltb_test_rules_part_1.json) + +**config acl update incremental** + +This command is used to perform incremental update of ACL rule table. This command gets existing rules from Config DB and compares with rules specified in input file and performs corresponding modifications. + +With respect to DATA ACLs, the command does not assume that new dataplane ACLs can be inserted in betweeen by shifting existing ACLs in all ASICs. Therefore, this command performs a full update on dataplane ACLs. +With respect to control plane ACLs, this command performs an incremental update. +If we assume that "file1.json" is the already loaded ACL rules file and if "file2.json" is the input file that is passed as parameter for this command, the following requirements are valid for the input file. +1) First copy the file1.json to file2.json. +2) Remove the unwanted ACL rules from file2.json +3) Add the newly required ACL rules into file2.json. +4) Modify the existing ACL rules (that require changes) in file2.json. + +NOTE: If any ACL rule that is already available in file1.json is required even after this command execution, such rules should remain unalterted in file2.json. Don't remove them. +Note that "incremental" is working like "full". + +When "--session_name" optional argument is specified, command sets the session_name for the ACL table with this mirror session name. It fails if the specified mirror session name does not exist. + +When "--mirror_stage" optional argument is specified, command sets the mirror action to ingress/egress based on this parameter. By default command sets ingress mirror action in case argument is not specified. + +When the optional argument "max_priority" is specified, each rule’s priority is calculated by subtracting its “sequence_id” value from the “max_priority”. If this value is not passed, the default “max_priority” 10000 is used. + +- Usage: + ``` + config acl update incremental [--session_name ] [--mirror_stage (ingress | egress)] [--max_priority ] + ``` + + - Parameters: + - table_name: Specifiy the name of the ACL table to load. Example: config acl update full "--table_name DT_ACL_T1 /etc/sonic/acl_table_1.json" + - session_name: Specifiy the name of the ACL session to load. Example: config acl update full "--session_name mirror_ses1 /etc/sonic/acl_table_1.json" + - priority_value: Specify the maximum priority to use when loading ACL rules. Example: config acl update full "--max-priority 100 /etc/sonic/acl_table_1.json" + + *NOTE 1: All these optional parameters should be inside double quotes. If none of the options are provided, double quotes are not required for specifying filename alone.* + *NOTE 2: Any number of optional parameters can be configured in the same command.* + +- Examples: + ``` + admin@sonic:~$ sudo config acl update incremental /etc/sonic/acl_incremental_snmp_1_3_ssh_4.json + ``` + ``` + admin@sonic:~$ sudo config acl update incremental "--session_name everflow0 /etc/sonic/acl_incremental_snmp_1_3_ssh_4.json" + ``` + + Refer the example file [acl_incremental_snmp_1_3_ssh_4.json](#) that adds two rules for SNMP (Rule1 and Rule3) and one rule for SSH (Rule4) + When this "incremental" command is executed after "full" command, it has removed SNMP Rule2 and added SNMP Rule3 in the example. + File "acl_full_snmp_1_2_ssh_4.json" has got SNMP Rule1, SNMP Rule2 and SSH Rule4. + File "acl_incremental_snmp_1_3_ssh_4.json" has got SNMP Rule1, SNMP Rule3 and SSH Rule4. + This file is created by copying the file "acl_full_snmp_1_2_ssh_4.json" to "acl_incremental_snmp_1_3_ssh_4.json" and then removing SNMP Rule2 and adding SNMP Rule3. + +Go Back To [Beginning of the document](#) or [Beginning of this section](#acl) + +**config acl add table** + +This command is used to create new ACL tables. + +- Usage: + ``` + config acl add table [OPTIONS] [-d ] [-p ] [-s (ingress | egress)] + ``` + +- Parameters: + - table_name: The name of the ACL table to create. + - table_type: The type of ACL table to create (e.g. "L3", "L3V6", "MIRROR") + - description: A description of the table for the user. (default is the table_name) + - ports: A comma-separated list of ports/interfaces to add to the table. The behavior is as follows: + - Physical ports will be bound as physical ports + - Portchannels will be bound as portchannels - passing a portchannel member is invalid + - VLANs will be expanded into their members (e.g. "Vlan1000" will become "Ethernet0,Ethernet2,Ethernet4...") + - stage: The stage this ACL table will be applied to, either ingress or egress. (default is ingress) + +- Examples: + ``` + admin@sonic:~$ sudo config acl add table EXAMPLE L3 -p Ethernet0,Ethernet4 -s ingress + ``` + ``` + admin@sonic:~$ sudo config acl add table EXAMPLE_2 L3V6 -p Vlan1000,PortChannel0001,Ethernet128 -s egress + ``` + +Go Back To [Beginning of the document](#) or [Beginning of this section](#acl) + + +## ARP & NDP + +### ARP show commands + +**show arp** + +This command displays the ARP entries in the device with following options. +1) Display the entire table. +2) Display the ARP entries learnt on a specific interface. +3) Display the ARP of a specific ip-address. + +- Usage: + ``` + show arp [-if ] [] + ``` + +- Details: + - show arp: Displays all entries + - show arp -if : Displays the ARP specific to the specified interface. + - show arp : Displays the ARP specific to the specicied ip-address. + + +- Example: + ``` + admin@sonic:~$ show arp + Address MacAddress Iface Vlan + ------------- ----------------- ------- ------ + 192.168.1.183 88:5a:92:fb:bf:41 Ethernet44 - + 192.168.1.175 88:5a:92:fc:95:81 Ethernet28 - + 192.168.1.181 e4:c7:22:c1:07:7c Ethernet40 - + 192.168.1.179 88:5a:92:de:a8:bc Ethernet36 - + 192.168.1.118 00:1c:73:3c:de:43 Ethernet64 - + 192.168.1.11 00:1c:73:3c:e1:38 Ethernet88 - + 192.168.1.161 24:e9:b3:71:3a:01 Ethernet0 - + 192.168.1.189 24:e9:b3:9d:57:41 Ethernet56 - + 192.168.1.187 74:26:ac:8b:8f:c1 Ethernet52 - + 192.168.1.165 88:5a:92:de:a0:7c Ethernet8 - + + Total number of entries 10 + ``` + +Optionally, you can specify the interface in order to display the ARPs learnt on that particular interface + +- Example: + ``` + admin@sonic:~$ show arp -if Ethernet40 + Address MacAddress Iface Vlan + ------------- ----------------- ---------- ------ + 192.168.1.181 e4:c7:22:c1:07:7c Ethernet40 - + Total number of entries 1 + ``` + +Optionally, you can specify an IP address in order to display only that particular entry + +- Example: + ``` + admin@sonic:~$ show arp 192.168.1.181 + Address MacAddress Iface Vlan + ------------- ----------------- ---------- ------ + 192.168.1.181 e4:c7:22:c1:07:7c Ethernet40 - + Total number of entries 1 + ``` + +### NDP show commands + +**show ndp** + +This command displays either all the IPv6 neighbor mac addresses, or for a particular IPv6 neighbor, or for all IPv6 neighbors reachable via a specific interface. + +- Usage: + ``` + show ndp [-if|--iface ] + ``` + +- Example (show all IPv6 neighbors): + ``` + admin@sonic:~$ show ndp + Address MacAddress Iface Vlan Status + ------------------------ ----------------- ------- ------ --------- + fe80::20c:29ff:feb8:b11e 00:0c:29:b8:b1:1e eth0 - REACHABLE + fe80::20c:29ff:feb8:cff0 00:0c:29:b8:cf:f0 eth0 - REACHABLE + fe80::20c:29ff:fef9:324 00:0c:29:f9:03:24 eth0 - REACHABLE + Total number of entries 3 + ``` + +- Example (show specific IPv6 neighbor): + ``` + admin@sonic:~$ show ndp fe80::20c:29ff:feb8:b11e + Address MacAddress Iface Vlan Status + ------------------------ ----------------- ------- ------ --------- + fe80::20c:29ff:feb8:b11e 00:0c:29:b8:b1:1e eth0 - REACHABLE + Total number of entries 1 + ``` + +- Example (show IPv6 neighbors learned on a specific interface): + ``` + admin@sonic:~$ show ndp -if eth0 + Address MacAddress Iface Vlan Status + ------------------------ ----------------- ------- ------ --------- + fe80::20c:29ff:feb8:b11e 00:0c:29:b8:b1:1e eth0 - REACHABLE + fe80::20c:29ff:feb8:cff0 00:0c:29:b8:cf:f0 eth0 - REACHABLE + fe80::20c:29ff:fef9:324 00:0c:29:f9:03:24 eth0 - REACHABLE + Total number of entries 3 + ``` + +Go Back To [Beginning of the document](#) or [Beginning of this section](#arp--ndp) + +## BFD + +### BFD show commands + +**show bfd summary** + +This command displays the state and key parameters of all BFD sessions. + +- Usage: + ``` + show bgp summary + ``` +- Example: + ``` + >> show bfd summary + Total number of BFD sessions: 3 + Peer Addr Interface Vrf State Type Local Addr TX Interval RX Interval Multiplier Multihop + ----------- ----------- ------- ------- ------------ ------------ ------------- ------------- ------------ ---------- + 10.0.1.1 default default DOWN async_active 10.0.0.1 300 500 3 true + 10.0.2.1 Ethernet12 default UP async_active 10.0.0.1 200 600 3 false + 2000::10:1 default default UP async_active 2000::1 100 700 3 false + ``` + +**show bfd peer** + +This command displays the state and key parameters of all BFD sessions that match an IP address. + +- Usage: + ``` + show bgp peer + ``` +- Example: + ``` + >> show bfd peer 10.0.1.1 + Total number of BFD sessions for peer IP 10.0.1.1: 1 + Peer Addr Interface Vrf State Type Local Addr TX Interval RX Interval Multiplier Multihop + ----------- ----------- ------- ------- ------------ ------------ ------------- ------------- ------------ ---------- + 10.0.1.1 default default DOWN async_active 10.0.0.1 300 500 3 true + ``` + +## BGP + +This section explains all the BGP show commands and BGP configuation commands in both "Quagga" and "FRR" routing software that are supported in SONiC. +In 201811 and older verisons "Quagga" was enabled by default. In current version "FRR" is enabled by default. +Most of the FRR show commands start with "show bgp". Similar commands in Quagga starts with "show ip bgp". All sub-options supported in all these show commands are common for FRR and Quagga. +Detailed show commands examples for Quagga are provided at the end of this document.This section captures only the commands supported by FRR. + +### BGP show commands + + +**show bgp summary (Versions >= 201904 using default FRR routing stack)** + +**show ip bgp summary (Versions <= 201811 using Quagga routing stack)** + +This command displays the summary of all IPv4 & IPv6 bgp neighbors that are configured and the corresponding states. + +- Usage: + + *Versions >= 201904 using default FRR routing stack* + ``` + show bgp summary + ``` + *Versions <= 201811 using Quagga routing stack* + ``` + show ip bgp summary + ``` + +- Example: + ``` + admin@sonic:~$ show ip bgp summary + + IPv4 Unicast Summary: + BGP router identifier 10.1.0.32, local AS number 65100 vrf-id 0 + BGP table version 6465 + RIB entries 12807, using 2001 KiB of memory + Peers 4, using 83 KiB of memory + Peer groups 2, using 128 bytes of memory + + Neighbor V AS MsgRcvd MsgSent TblVer InQ OutQ Up/Down State/PfxRcd NeighborName + 10.0.0.57 4 64600 3995 4001 0 0 0 00:39:32 6400 Lab-T1-01 + 10.0.0.59 4 64600 3995 3998 0 0 0 00:39:32 6400 Lab-T1-02 + 10.0.0.61 4 64600 3995 4001 0 0 0 00:39:32 6400 Lab-T1-03 + 10.0.0.63 4 64600 3995 3998 0 0 0 00:39:32 6400 NotAvailable + + Total number of neighbors 4 + ``` + +- Example: + ``` + admin@sonic:~$ show bgp summary + + IPv4 Unicast Summary: + BGP router identifier 10.1.0.32, local AS number 65100 vrf-id 0 + BGP table version 6465 + RIB entries 12807, using 2001 KiB of memory + Peers 4, using 83 KiB of memory + Peer groups 2, using 128 bytes of memory + + Neighbor V AS MsgRcvd MsgSent TblVer InQ OutQ Up/Down State/PfxRcd + 10.0.0.57 4 64600 3995 4001 0 0 0 00:39:32 6400 + 10.0.0.59 4 64600 3995 3998 0 0 0 00:39:32 6400 + 10.0.0.61 4 64600 3995 4001 0 0 0 00:39:32 6400 + 10.0.0.63 4 64600 3995 3998 0 0 0 00:39:32 6400 + + Total number of neighbors 4 + + IPv6 Unicast Summary: + BGP router identifier 10.1.0.32, local AS number 65100 vrf-id 0 + BGP table version 12803 + RIB entries 12805, using 2001 KiB of memory + Peers 4, using 83 KiB of memory + Peer groups 2, using 128 bytes of memory + + Neighbor V AS MsgRcvd MsgSent TblVer InQ OutQ Up/Down State/PfxRcd + fc00::72 4 64600 3995 5208 0 0 0 00:39:30 6400 + fc00::76 4 64600 3994 5208 0 0 0 00:39:30 6400 + fc00::7a 4 64600 3993 5208 0 0 0 00:39:30 6400 + fc00::7e 4 64600 3993 5208 0 0 0 00:39:30 6400 + + Total number of neighbors 4 + ``` + Click [here](#Quagga-BGP-Show-Commands) to see the example for "show ip bgp summary" for Quagga. + + + +**show bgp neighbors (Versions >= 201904 using default FRR routing stack)** + +**show ip bgp neighbors (Versions <= 201811 using Quagga routing stack)** + +This command displays all the details of IPv4 & IPv6 BGP neighbors when no optional argument is specified. + +When the optional argument IPv4_address is specified, it displays the detailed neighbor information about that specific IPv4 neighbor. + +Command has got additional optional arguments to display only the advertised routes, or the received routes, or all routes. + +In order to get details for an IPv6 neigbor, use "show bgp ipv6 neighbor " command. + + +- Usage: + + *Versions >= 201904 using default FRR routing stack* + ``` + show bgp neighbors [ [advertised-routes | received-routes | routes]] + ``` + *Versions <= 201811 using Quagga routing stack* + ``` + show ip bgp neighbors [ [advertised-routes | received-routes | routes]] + ``` + +- Example: + ``` + admin@sonic:~$ show bgp neighbors + BGP neighbor is 10.0.0.57, remote AS 64600, local AS 65100, external link + Description: ARISTA01T1 + BGP version 4, remote router ID 100.1.0.29, local router ID 10.1.0.32 + BGP state = Established, up for 00:42:15 + Last read 00:00:00, Last write 00:00:03 + Hold time is 10, keepalive interval is 3 seconds + Configured hold time is 10, keepalive interval is 3 seconds + Neighbor capabilities: + 4 Byte AS: advertised and received + AddPath: + IPv4 Unicast: RX advertised IPv4 Unicast and received + Route refresh: advertised and received(new) + Address Family IPv4 Unicast: advertised and received + Hostname Capability: advertised (name: sonic-z9264f-9251,domain name: n/a) not received + Graceful Restart Capabilty: advertised and received + Remote Restart timer is 300 seconds + Address families by peer: + none + Graceful restart information: + End-of-RIB send: IPv4 Unicast + End-of-RIB received: IPv4 Unicast + Message statistics: + Inq depth is 0 + Outq depth is 0 + Sent Rcvd + Opens: 2 1 + Notifications: 2 0 + Updates: 3206 3202 + Keepalives: 845 847 + Route Refresh: 0 0 + Capability: 0 0 + Total: 4055 4050 + Minimum time between advertisement runs is 0 seconds + + For address family: IPv4 Unicast + Update group 1, subgroup 1 + Packet Queue length 0 + Inbound soft reconfiguration allowed + Community attribute sent to this neighbor(all) + 6400 accepted prefixes + + Connections established 1; dropped 0 + Last reset 00:42:37, due to NOTIFICATION sent (Cease/Connection collision resolution) + Local host: 10.0.0.56, Local port: 179 + Foreign host: 10.0.0.57, Foreign port: 46419 + Nexthop: 10.0.0.56 + Nexthop global: fc00::71 + Nexthop local: fe80::2204:fff:fe36:9449 + BGP connection: shared network + BGP Connect Retry Timer in Seconds: 120 + Read thread: on Write thread: on + ``` + +Optionally, you can specify an IP address in order to display only that particular neighbor. In this mode, you can optionally specify whether you want to display all routes advertised to the specified neighbor, all routes received from the specified neighbor or all routes (received and accepted) from the specified neighbor. + +- Example: + ``` + admin@sonic:~$ show bgp neighbors 10.0.0.57 + + admin@sonic:~$ show bgp neighbors 10.0.0.57 advertised-routes + + admin@sonic:~$ show bgp neighbors 10.0.0.57 received-routes + + admin@sonic:~$ show bgp neighbors 10.0.0.57 routes + ``` + + Click [here](#Quagga-BGP-Show-Commands) to see the example for "show ip bgp neighbors" for Quagga. + + +**show ip bgp network [[|] [(bestpath | multipath | longer-prefixes | json)]] + +This command displays all the details of IPv4 Border Gateway Protocol (BGP) prefixes. + +- Usage: + + + ``` + show ip bgp network [[|] [(bestpath | multipath | longer-prefixes | json)]] + ``` + +- Example: + + NOTE: The "longer-prefixes" option is only available when a network prefix with a "/" notation is used. + + ``` + admin@sonic:~$ show ip bgp network + + admin@sonic:~$ show ip bgp network 10.1.0.32 bestpath + + admin@sonic:~$ show ip bgp network 10.1.0.32 multipath + + admin@sonic:~$ show ip bgp network 10.1.0.32 json + + admin@sonic:~$ show ip bgp network 10.1.0.32/32 bestpath + + admin@sonic:~$ show ip bgp network 10.1.0.32/32 multipath + + admin@sonic:~$ show ip bgp network 10.1.0.32/32 json + + admin@sonic:~$ show ip bgp network 10.1.0.32/32 longer-prefixes + ``` + +**show bgp ipv6 summary (Versions >= 201904 using default FRR routing stack)** + +**show ipv6 bgp summary (Versions <= 201811 using Quagga routing stack)** + +This command displays the summary of all IPv6 bgp neighbors that are configured and the corresponding states. + +- Usage: + + *Versions >= 201904 using default FRR routing stack* + ``` + show bgp ipv6 summary + ``` + *Versions <= 201811 using Quagga routing stack* + ``` + show ipv6 bgp summary + ``` + +- Example: + ``` + admin@sonic:~$ show bgp ipv6 summary + BGP router identifier 10.1.0.32, local AS number 65100 vrf-id 0 + BGP table version 12803 + RIB entries 12805, using 2001 KiB of memory + Peers 4, using 83 KiB of memory + Peer groups 2, using 128 bytes of memory + + Neighbor V AS MsgRcvd MsgSent TblVer InQ OutQ Up/Down State/PfxRcd NeighborName + fc00::72 4 64600 3995 5208 0 0 0 00:39:30 6400 Lab-T1-01 + fc00::76 4 64600 3994 5208 0 0 0 00:39:30 6400 Lab-T1-02 + fc00::7a 4 64600 3993 5208 0 0 0 00:39:30 6400 Lab-T1-03 + fc00::7e 4 64600 3993 5208 0 0 0 00:39:30 6400 Lab-T1-04 + + Total number of neighbors 4 + ``` + Click [here](#Quagga-BGP-Show-Commands) to see the example for "show ipv6 bgp summary" for Quagga. + + + +**show bgp ipv6 neighbors (Versions >= 201904 using default FRR routing stack)** + +**show ipv6 bgp neighbors (Versions <= 201811 using Quagga routing stack)** + +This command displays all the details of one particular IPv6 Border Gateway Protocol (BGP) neighbor. Option is also available to display only the advertised routes, or the received routes, or all routes. + + +- Usage: + + *Versions >= 201904 using default FRR routing stack* + ``` + show bgp ipv6 neighbors [ [(advertised-routes | received-routes | routes)]] + ``` + *Versions <= 201811 using Quagga routing stack* + ``` + show ipv6 bgp neighbors [ [(advertised-routes | received-routes | routes)]] + ``` + +- Example: + ``` + admin@sonic:~$ show bgp ipv6 neighbors fc00::72 advertised-routes + + admin@sonic:~$ show bgp ipv6 neighbors fc00::72 received-routes + + admin@sonic:~$ show bgp ipv6 neighbors fc00::72 routes + ``` + Click [here](#Quagga-BGP-Show-Commands) to see the example for "show ip bgp summary" for Quagga. + + +**show ipv6 bgp network [[|] [(bestpath | multipath | longer-prefixes | json)]] + +This command displays all the details of IPv6 Border Gateway Protocol (BGP) prefixes. + +- Usage: + + + ``` + show ipv6 bgp network [[|] [(bestpath | multipath | longer-prefixes | json)]] + ``` + +- Example: + + NOTE: The "longer-prefixes" option is only available when a network prefix with a "/" notation is used. + + ``` + admin@sonic:~$ show ipv6 bgp network + + admin@sonic:~$ show ipv6 bgp network fc00::72 bestpath + + admin@sonic:~$ show ipv6 bgp network fc00::72 multipath + + admin@sonic:~$ show ipv6 bgp network fc00::72 json + + admin@sonic:~$ show ipv6 bgp network fc00::72/64 bestpath + + admin@sonic:~$ show ipv6 bgp network fc00::72/64 multipath + + admin@sonic:~$ show ipv6 bgp network fc00::72/64 json + + admin@sonic:~$ show ipv6 bgp network fc00::72/64 longer-prefixes + ``` + + + + +**show route-map** + +This command displays the routing policy that takes precedence over the other route processes that are configured. + +- Usage: + ``` + show route-map + ``` + +- Example: + ``` + admin@sonic:~$ show route-map + ZEBRA: + route-map RM_SET_SRC, permit, sequence 10 + Match clauses: + Set clauses: + src 10.12.0.102 + Call clause: + Action: + Exit routemap + ZEBRA: + route-map RM_SET_SRC6, permit, sequence 10 + Match clauses: + Set clauses: + src fc00:1::102 + Call clause: + Action: + Exit routemap + BGP: + route-map FROM_BGP_SPEAKER_V4, permit, sequence 10 + Match clauses: + Set clauses: + Call clause: + Action: + Exit routemap + BGP: + route-map TO_BGP_SPEAKER_V4, deny, sequence 10 + Match clauses: + Set clauses: + Call clause: + Action: + Exit routemap + BGP: + route-map ISOLATE, permit, sequence 10 + Match clauses: + Set clauses: + as-path prepend 65000 + Call clause: + Action: + Exit routemap + ``` + + +### BGP config commands + +This sub-section explains the list of configuration options available for BGP module for both IPv4 and IPv6 BGP neighbors. + +**config bgp shutdown all** + +This command is used to shutdown all the BGP IPv4 & IPv6 sessions. +When the session is shutdown using this command, BGP state in "show ip bgp summary" is displayed as "Idle (Admin)" + +- Usage: + ``` + config bgp shutdown all + ``` + +- Example: + ``` + admin@sonic:~$ sudo config bgp shutdown all + ``` + +**config bgp shutdown neighbor** + +This command is to shut down a BGP session with a neighbor by that neighbor's IP address or hostname + +- Usage: + ``` + sudo config bgp shutdown neighbor ( | ) + ``` + +- Examples: + ``` + admin@sonic:~$ sudo config bgp shutdown neighbor 192.168.1.124 + ``` + ``` + admin@sonic:~$ sudo config bgp shutdown neighbor SONIC02SPINE + ``` + + +**config bgp startup all** + +This command is used to start up all the IPv4 & IPv6 BGP neighbors + +- Usage: + ``` + config bgp startup all + ``` + +- Example: + ``` + admin@sonic:~$ sudo config bgp startup all + ``` + + +**config bgp startup neighbor** + +This command is used to start up the particular IPv4 or IPv6 BGP neighbor using either the IP address or hostname. + +- Usage: + ``` + config bgp startup neighbor ( | ) + ``` + +- Examples: + ``` + admin@sonic:~$ sudo config bgp startup neighbor 192.168.1.124 + ``` + ``` + admin@sonic:~$ sudo config bgp startup neighbor SONIC02SPINE + ``` + + +**config bgp remove neighbor** + +This command is used to remove particular IPv4 or IPv6 BGP neighbor configuration using either the IP address or hostname. + +- Usage: + ``` + config bgp remove neighbor + ``` + +- Examples: + ``` + admin@sonic:~$ sudo config bgp remove neighbor 192.168.1.124 + ``` + ``` + admin@sonic:~$ sudo config bgp remove neighbor 2603:10b0:b0f:346::4a + ``` + ``` + admin@sonic:~$ sudo config bgp remove neighbor SONIC02SPINE + ``` + +Go Back To [Beginning of the document](#) or [Beginning of this section](#bgp) + +## Console + +This section explains all Console show commands and configuration options that are supported in SONiC. + +All commands are used only when SONiC is used as console switch. + +All commands under this section are not applicable when SONiC used as regular switch. + +### Console show commands + +**show line** + +This command displays serial port or a virtual network connection status. + +- Usage: + ``` + show line (-b|--breif) + ``` + +- Example: + ``` + admin@sonic:~$ show line + Line Baud Flow Control PID Start Time Device + ------ ------ -------------- ----- ------------ -------- + 1 9600 Enabled - - switch1 + 2 - Disabled - - + 3 - Disabled - - + 4 - Disabled - - + 5 - Disabled - - + ``` + +Optionally, you can display configured console ports only by specifying the `-b` or `--breif` flag. + +- Example: + ``` + admin@sonic:~$ show line -b + Line Baud Flow Control PID Start Time Device + ------ ------ -------------- ----- ------------ -------- + 1 9600 Enabled - - switch1 + ``` + +## Console config commands + +This sub-section explains the list of configuration options available for console management module. + +**config console enable** + +This command is used to enable SONiC console switch feature. + +- Usage: + ``` + config console enable + ``` + +- Example: + ``` + admin@sonic:~$ sudo config console enable + ``` + +**config console disable** + +This command is used to disable SONiC console switch feature. + +- Usage: + ``` + config console disable + ``` + +- Example: + ``` + admin@sonic:~$ sudo config console disable + ``` + +**config console add** + +This command is used to add a console port setting. + +- Usage: + ``` + config console add [--baud|-b ] [--flowcontrol|-f] [--devicename|-d ] + ``` + +- Example: + ``` + admin@sonic:~$ config console add 1 --baud 9600 --devicename switch1 + ``` + +**config console del** + +This command is used to remove a console port setting. + +- Usage: + ``` + config console del + ``` + +- Example: + ``` + admin@sonic:~$ sudo config console del 1 + ``` + +**config console remote_device** + +This command is used to update the remote device name for a console port. + +- Usage: + ``` + config console remote_device + ``` + +- Example: + ``` + admin@sonic:~$ sudo config console remote_device 1 switch1 + ``` + +**config console baud** + +This command is used to update the baud rate for a console port. + +- Usage: + ``` + config console baud + ``` + +- Example: + ``` + admin@sonic:~$ sudo config console baud 1 9600 + ``` + +**config console flow_control** + +This command is used to enable or disable flow control feature for a console port. + +- Usage: + ``` + config console flow_control {enable|disable} + ``` + +- Example: + ``` + admin@sonic:~$ sudo config console flow_control enable 1 + ``` + +### Console connect commands + +**connect line** + +This command allows user to connect to a remote device via console line with an interactive cli. + +- Usage: + ``` + connect line (-d|--devicename) + ``` + +By default, the target is `port_name`. + +- Example: + ``` + admin@sonic:~$ connect line 1 + Successful connection to line 1 + Press ^A ^X to disconnect + ``` + +Optionally, you can connect with a remote device name by specifying the `-d` or `--devicename` flag. + +- Example: + ``` + admin@sonic:~$ connect line --devicename switch1 + Successful connection to line 1 + Press ^A ^X to disconnect + ``` + +**connect device** + +This command allows user to connect to a remote device via console line with an interactive cli. + +- Usage: + ``` + connect device + ``` + +The command is same with `connect line --devicename ` + +- Example: + ``` + admin@sonic:~$ connect line 1 + Successful connection to line 1 + Press ^A ^X to disconnect + ``` + +### Console clear commands + +**sonic-clear line** + +This command allows user to connect to a remote device via console line with an interactive cli. + +- Usage: + ``` + sonc-clear line (-d|--devicename) + ``` + +By default, the target is `port_name`. + +- Example: + ``` + admin@sonic:~$ sonic-clear line 1 + ``` + +Optionally, you can clear with a remote device name by specifying the `-d` or `--devicename` flag. + +- Example: + ``` + admin@sonic:~$ sonic-clear --devicename switch1 + ``` + +Go Back To [Beginning of the document](#) or [Beginning of this section](#console) + + +## DHCP Relay + +### DHCP Relay config commands + +This sub-section of commands is used to add or remove the DHCP Relay Destination IP address(es) for a VLAN interface. + +**config vlan dhcp_relay add** + +This command is used to add a DHCP Relay Destination IP address or multiple IP addresses to a VLAN. Note that more than one DHCP Relay Destination IP address can be added on a VLAN interface. + +- Usage: + ``` + config vlan dhcp_relay add + ``` + +- Example: + ``` + admin@sonic:~$ sudo config vlan dhcp_relay add 1000 7.7.7.7 + Added DHCP relay destination address ['7.7.7.7'] to Vlan1000 + Restarting DHCP relay service... + ``` + ``` + admin@sonic:~$ sudo config vlan dhcp_relay add 1000 7.7.7.7 1.1.1.1 + Added DHCP relay destination address ['7.7.7.7', '1.1.1.1'] to Vlan1000 + Restarting DHCP relay service... + ``` + +**config vlan dhcp_relay delete** + +This command is used to delete a configured DHCP Relay Destination IP address or multiple IP addresses from a VLAN interface. + +- Usage: + ``` + config vlan dhcp_relay del + ``` + +- Example: + ``` + admin@sonic:~$ sudo config vlan dhcp_relay del 1000 7.7.7.7 + Removed DHCP relay destination address 7.7.7.7 from Vlan1000 + Restarting DHCP relay service... + ``` + ``` + admin@sonic:~$ sudo config vlan dhcp_relay del 1000 7.7.7.7 1.1.1.1 + Removed DHCP relay destination address ('7.7.7.7', '1.1.1.1') from Vlan1000 + Restarting DHCP relay service... + ``` + +Go Back To [Beginning of the document](#) or [Beginning of this section](#dhcp-relay) + + +## Drop Counters + +This section explains all the Configurable Drop Counters show commands and configuration options that are supported in SONiC. + +### Drop Counters show commands + +**show dropcounters capabilities** + +This command is used to show the drop counter capabilities that are available on this device. It displays the total number of drop counters that can be configured on this device as well as the drop reasons that can be configured for the counters. + +- Usage: + ``` + show dropcounters capabilities + ``` + +- Examples: + ``` + admin@sonic:~$ show dropcounters capabilities + Counter Type Total + -------------------- ------- + PORT_INGRESS_DROPS 3 + SWITCH_EGRESS_DROPS 2 + + PORT_INGRESS_DROPS: + L2_ANY + SMAC_MULTICAST + SMAC_EQUALS_DMAC + INGRESS_VLAN_FILTER + EXCEEDS_L2_MTU + SIP_CLASS_E + SIP_LINK_LOCAL + DIP_LINK_LOCAL + UNRESOLVED_NEXT_HOP + DECAP_ERROR + + SWITCH_EGRESS_DROPS: + L2_ANY + L3_ANY + A_CUSTOM_REASON + ``` + +**show dropcounters configuration** + +This command is used to show the current running configuration of the drop counters on this device. + +- Usage: + ``` + show dropcounters configuration [-g ] + ``` + +- Examples: + ``` + admin@sonic:~$ show dropcounters configuration + Counter Alias Group Type Reasons Description + -------- -------- ----- ------------------ ------------------- -------------- + DEBUG_0 RX_LEGIT LEGIT PORT_INGRESS_DROPS SMAC_EQUALS_DMAC Legitimate port-level RX pipeline drops + INGRESS_VLAN_FILTER + DEBUG_1 TX_LEGIT None SWITCH_EGRESS_DROPS EGRESS_VLAN_FILTER Legitimate switch-level TX pipeline drops + + admin@sonic:~$ show dropcounters configuration -g LEGIT + Counter Alias Group Type Reasons Description + -------- -------- ----- ------------------ ------------------- -------------- + DEBUG_0 RX_LEGIT LEGIT PORT_INGRESS_DROPS SMAC_EQUALS_DMAC Legitimate port-level RX pipeline drops + INGRESS_VLAN_FILTER + ``` + +**show dropcounters counts** + +This command is used to show the current statistics for the configured drop counters. Standard drop counters are displayed as well for convenience. + +Because clear (see below) is handled on a per-user basis different users may see different drop counts. + +- Usage: + ``` + show dropcounters counts [-g ] [-t ] + ``` + +- Example: + ``` + admin@sonic:~$ show dropcounters counts + IFACE STATE RX_ERR RX_DROPS TX_ERR TX_DROPS RX_LEGIT + --------- ------- -------- ---------- -------- ---------- --------- + Ethernet0 U 10 100 0 0 20 + Ethernet4 U 0 1000 0 0 100 + Ethernet8 U 100 10 0 0 0 + + DEVICE TX_LEGIT + ------ -------- + sonic 1000 + + admin@sonic:~$ show dropcounters counts -g LEGIT + IFACE STATE RX_ERR RX_DROPS TX_ERR TX_DROPS RX_LEGIT + --------- ------- -------- ---------- -------- ---------- --------- + Ethernet0 U 10 100 0 0 20 + Ethernet4 U 0 1000 0 0 100 + Ethernet8 U 100 10 0 0 0 + + admin@sonic:~$ show dropcounters counts -t SWITCH_EGRESS_DROPS + DEVICE TX_LEGIT + ------ -------- + sonic 1000 + ``` + +### Drop Counters config commands + +**config dropcounters install** + +This command is used to initialize a new drop counter. The user must specify a name, type, and initial list of drop reasons. + +This command will fail if the given name is already in use, if the type of counter is not supported, or if any of the specified drop reasons are not supported. It will also fail if all avaialble counters are already in use on the device. + +- Usage: + ``` + config dropcounters install [-d ] [-g ] [-a ] + ``` + +- Example: + ``` + admin@sonic:~$ sudo config dropcounters install DEBUG_2 PORT_INGRESS_DROPS [EXCEEDS_L2_MTU,DECAP_ERROR] -d "More port ingress drops" -g BAD -a BAD_DROPS + ``` + +**config dropcounters add_reasons** + +This command is used to add drop reasons to an already initialized counter. + +This command will fail if any of the specified drop reasons are not supported. + +- Usage: + ``` + config dropcounters add_reasons + ``` + +- Example: + ``` + admin@sonic:~$ sudo config dropcounters add_reasons DEBUG_2 [SIP_CLASS_E] + ``` + +**config dropcounters remove_reasons** + +This command is used to remove drop reasons from an already initialized counter. + +- Usage: + ``` + config dropcounters remove_reasons + ``` + +- Example: + ``` + admin@sonic:~$ sudo config dropcounters remove_reasons DEBUG_2 [SIP_CLASS_E] + ``` + +**config dropcounters delete** + +This command is used to delete a drop counter. + +- Usage: + ``` + config dropcounters delete + ``` + +- Example: + ``` + admin@sonic:~$ sudo config dropcounters delete DEBUG_2 + ``` + +### Drop Counters clear commands + +**sonic-clear dropcounters** + +This comnmand is used to clear drop counters. This is done on a per-user basis. + +- Usage: + ``` + sonic-clear dropcounters + ``` + +- Example: + ``` + admin@sonic:~$ sonic-clear dropcounters + Cleared drop counters + ``` + +Go Back To [Beginning of the document](#) or [Beginning of this section](##drop-counters) + +## Dynamic Buffer Management + +This section explains all the show and configuration commands regarding the dynamic buffer management. + +Dynamic buffer management is responsible for calculating buffer size according to the ports' configured speed and administrative state. In order to enable dynamic buffer management feature, the ports' speed must be configured. For this please refer [Interface naming mode config commands](#interface-naming-mode-config-commands) + +### Configuration commands + +**configure shared headroom pool** + +This command is used to configure the shared headroom pool. The shared headroom pool can be enabled in the following ways: + +- Configure the over subscribe ratio. In this case, the size of shared headroom pool is calculated as the accumulative xoff of all of the lossless PG divided by the over subscribe ratio. +- Configure the size. + +In case both of the above parameters have been configured, the `size` will take effect. To disable shared headroom pool, configure both parameters to zero. + +- Usage: + + ``` + config buffer shared-headroom-pool over-subscribe-ratio + config buffer shared-headroom-pool size + ``` + + The range of over-subscribe-ratio is from 1 to number of ports inclusive. + +- Example: + + ``` + admin@sonic:~$ sudo config shared-headroom-pool over-subscribe-ratio 2 + admin@sonic:~$ sudo config shared-headroom-pool size 1024000 + ``` + +**configure a lossless buffer profile** + +This command is used to configure a lossless buffer profile. + +- Usage: + + ``` + config buffer profile add --xon --xoff [-size ] [-dynamic_th ] [-pool ] + config buffer profile set --xon --xoff [-size ] [-dynamic_th ] [-pool ] + config buffer profile remove + ``` + + All the parameters are devided to two groups, one for headroom and one for dynamic_th. For any command at lease one group of parameters should be provided. + For headroom parameters: + + - `xon` is madantory. + - If shared headroom pool is disabled: + - At lease one of `xoff` and `size` should be provided and the other will be optional and conducted via the formula `xon + xoff = size`. + - `xon` + `xoff` <= `size`; For Mellanox platform xon + xoff == size + - If shared headroom pool is enabled: + - `xoff` should be provided. + - `size` = `xoff` if it is not provided. + + If only headroom parameters are provided, the `dynamic_th` will be taken from `CONFIG_DB.DEFAULT_LOSSLESS_BUFFER_PARAMETER.default_dynamic_th`. + + If only dynamic_th parameter is provided, the `headroom_type` will be set as `dynamic` and `xon`, `xoff` and `size` won't be set. This is only used for non default dynamic_th. In this case, the profile won't be deployed to ASIC directly. It can be configured to a lossless PG and then a dynamic profile will be generated based on the port's speed, cable length, and MTU and deployed to the ASIC. + + The subcommand `add` is designed for adding a new buffer profile to the system. + + The subcommand `set` is designed for modifying an existing buffer profile in the system. + For a profile with dynamically calculated headroom information, only `dynamic_th` can be modified. + + The subcommand `remove` is designed for removing an existing buffer profile from the system. When removing a profile, it shouldn't be referenced by any entry in `CONFIG_DB.BUFFER_PG`. + +- Example: + + ``` + admin@sonic:~$ sudo config buffer profile add profile1 --xon 18432 --xoff 18432 + admin@sonic:~$ sudo config buffer profile remove profile1 + ``` + +**config interface cable_length** + +This command is used to configure the length of the cable connected to a port. The cable_length is in unit of meters and must be suffixed with "m". + +- Usage: + + ``` + config interface cable_length + ``` + +- Example: + + ``` + admin@sonic:~$ sudo config interface cable_length Ethernet0 40m + ``` + +Go Back To [Beginning of the document](#) or [Beginning of this section](#dynamic-buffer-management) + +**config interface buffer priority-group lossless** + +This command is used to configure the priority groups on which lossless traffic runs. + +- Usage: + + ``` + config interface buffer priority-group lossless add [profile] + config interface buffer priority-group lossless set [profile] + config interface buffer priority-group lossless remove [] + ``` + + The can be in one of the following two forms: + + - For a range of priorities, the lower bound and upper bound connected by a dash, like `3-4` + - For a single priority, the number, like `6` + + The `pg-map` represents the map of priorities for lossless traffic. It should be a string and in form of a bit map like `3-4`. The `-` connects the lower bound and upper bound of a range of priorities. + + The subcommand `add` is designed for adding a new lossless PG on top of current PGs. The new PG range must be disjoint with all existing PGs. + + For example, currently the PG range 3-4 exist on port Ethernet4, to add PG range 4-5 will fail because it isn't disjoint with 3-4. To add PG range 5-6 will succeed. After that both range 3-4 and 5-6 will work as lossless PG. + + The `override-profile` parameter is optional. When provided, it represents the predefined buffer profile for headroom override. + + The subcommand `set` is designed for modifying an existing PG from dynamic calculation to headroom override or vice versa. The `pg-map` must be an existing PG. + + The subcommand `remove` is designed for removing an existing PG. The option `pg-map` must be an existing PG. All lossless PGs will be removed in case no `pg-map` provided. + +- Example: + + To configure lossless_pg on a port: + + ``` + admin@sonic:~$ sudo config interface buffer priority-group lossless add Ethernet0 3-4 + ``` + + To change the profile used for lossless_pg on a port: + + ``` + admin@sonic:~$ sudo config interface buffer priority-group lossless set Ethernet0 3-4 new-profile + ``` + + To remove one lossless priority from a port: + + ``` + admin@sonic:~$ sudo config interface buffer priority-group lossless remove Ethernet0 6 + ``` + + To remove all lossless priorities from a port: + + ``` + admin@sonic:~$ sudo config interface buffer priority-group lossless remove Ethernet0 + ``` + +Go Back To [Beginning of the document](#) or [Beginning of this section](#dynamic-buffer-management) + +**config interface buffer queue** + +This command is used to configure the buffer profiles for queues. + +- Usage: + + ``` + config interface buffer queue add + config interface buffer queue set + config interface buffer queue remove + ``` + + The represents the map of queues. It can be in one of the following two forms: + + - For a range of priorities, the lower bound and upper bound connected by a dash, like `3-4` + - For a single priority, the number, like `6` + + The subcommand `add` is designed for adding a buffer profile for a group of queues. The new queue range must be disjoint with all queues with buffer profile configured. + + For example, currently the buffer profile configured on queue 3-4 on port Ethernet4, to configure buffer profile on queue 4-5 will fail because it isn't disjoint with 3-4. To configure it on range 5-6 will succeed. + + The `profile` parameter represents a predefined egress buffer profile to be configured on the queues. + + The subcommand `set` is designed for modifying an existing group of queues. + + The subcommand `remove` is designed for removing buffer profile on an existing group of queues. + +- Example: + + To configure buffer profiles for queues on a port: + + ``` + admin@sonic:~$ sudo config interface buffer queue add Ethernet0 3-4 egress_lossless_profile + ``` + + To change the profile used for queues on a port: + + ``` + admin@sonic:~$ sudo config interface buffer queue set Ethernet0 3-4 new-profile + ``` + + To remove a group of queues from a port: + + ``` + admin@sonic:~$ sudo config interface buffer queue remove Ethernet0 3-4 + ``` + +Go Back To [Beginning of the document](#) or [Beginning of this section](#dynamic-buffer-management) + +### Show commands + +**show buffer information** + +This command is used to display the status of buffer pools and profiles currently deployed to the ASIC. + +- Usage: + + ``` + show buffer information + ``` + +- Example: + + ``` + admin@sonic:~$ show buffer information + Pool: ingress_lossless_pool + ---- -------- + type ingress + mode dynamic + size 17170432 + ---- -------- + + Pool: egress_lossless_pool + ---- -------- + type egress + mode dynamic + size 34340822 + ---- -------- + + Pool: ingress_lossy_pool + ---- -------- + type ingress + mode dynamic + size 17170432 + ---- -------- + + Pool: egress_lossy_pool + ---- -------- + type egress + mode dynamic + size 17170432 + ---- -------- + + Profile: pg_lossless_100000_5m_profile + ---------- ----------------------------------- + xon 18432 + dynamic_th 0 + xoff 18432 + pool [BUFFER_POOL:ingress_lossless_pool] + size 36864 + ---------- ----------------------------------- + + Profile: q_lossy_profile + ---------- ------------------------------- + dynamic_th 3 + pool [BUFFER_POOL:egress_lossy_pool] + size 0 + ---------- ------------------------------- + + Profile: egress_lossy_profile + ---------- ------------------------------- + dynamic_th 3 + pool [BUFFER_POOL:egress_lossy_pool] + size 4096 + ---------- ------------------------------- + + Profile: egress_lossless_profile + ---------- ---------------------------------- + dynamic_th 7 + pool [BUFFER_POOL:egress_lossless_pool] + size 0 + ---------- ---------------------------------- + + Profile: ingress_lossless_profile + ---------- ----------------------------------- + dynamic_th 0 + pool [BUFFER_POOL:ingress_lossless_pool] + size 0 + ---------- ----------------------------------- + + Profile: pg_lossless_100000_79m_profile + ---------- ----------------------------------- + xon 18432 + dynamic_th 0 + xoff 60416 + pool [BUFFER_POOL:ingress_lossless_pool] + size 78848 + ---------- ----------------------------------- + + Profile: pg_lossless_100000_40m_profile + ---------- ----------------------------------- + xon 18432 + dynamic_th 0 + xoff 38912 + pool [BUFFER_POOL:ingress_lossless_pool] + size 57344 + ---------- ----------------------------------- + + Profile: ingress_lossy_profile + ---------- -------------------------------- + dynamic_th 3 + pool [BUFFER_POOL:ingress_lossy_pool] + size 0 + ---------- -------------------------------- + ``` + +**show buffer configuration** + +This command is used to display the status of buffer pools and profiles currently configured. + +- Usage: + + ``` + show buffer configuration + ``` + +- Example: + + ``` + admin@sonic:~$ show buffer configuration + Lossless traffic pattern: + -------------------- - + default_dynamic_th 0 + over_subscribe_ratio 0 + -------------------- - + + Pool: ingress_lossless_pool + ---- -------- + type ingress + mode dynamic + ---- -------- + + Pool: egress_lossless_pool + ---- -------- + type egress + mode dynamic + size 34340822 + ---- -------- + + Pool: ingress_lossy_pool + ---- -------- + type ingress + mode dynamic + ---- -------- + + Pool: egress_lossy_pool + ---- -------- + type egress + mode dynamic + ---- -------- + + Profile: q_lossy_profile + ---------- ------------------------------- + dynamic_th 3 + pool [BUFFER_POOL:egress_lossy_pool] + size 0 + ---------- ------------------------------- + + Profile: egress_lossy_profile + ---------- ------------------------------- + dynamic_th 3 + pool [BUFFER_POOL:egress_lossy_pool] + size 4096 + ---------- ------------------------------- + + Profile: egress_lossless_profile + ---------- ---------------------------------- + dynamic_th 7 + pool [BUFFER_POOL:egress_lossless_pool] + size 0 + ---------- ---------------------------------- + + Profile: ingress_lossless_profile + ---------- ----------------------------------- + dynamic_th 0 + pool [BUFFER_POOL:ingress_lossless_pool] + size 0 + ---------- ----------------------------------- + + Profile: ingress_lossy_profile + ---------- -------------------------------- + dynamic_th 3 + pool [BUFFER_POOL:ingress_lossy_pool] + size 0 + ---------- -------------------------------- + ``` + +## ECN + +This section explains all the Explicit Congestion Notification (ECN) show commands and ECN configuation options that are supported in SONiC. + +### ECN show commands +This sub-section contains the show commands that are supported in ECN. + +**show ecn** + +This command displays all the WRED profiles that are configured in the device. + +- Usage: + ``` + show ecn + ``` + +- Example: + ``` + admin@sonic:~$ show ecn + Profile: **AZURE_LOSSLESS** + ----------------------- ------- + red_max_threshold 2097152 + red_drop_probability 5 + yellow_max_threshold 2097152 + ecn ecn_all + green_min_threshold 1048576 + red_min_threshold 1048576 + wred_yellow_enable true + yellow_min_threshold 1048576 + green_max_threshold 2097152 + green_drop_probability 5 + wred_green_enable true + yellow_drop_probability 5 + wred_red_enable true + ----------------------- ------- + + Profile: **wredprofileabcd** + ----------------- --- + red_max_threshold 100 + ----------------- --- + ``` + +### ECN config commands + +This sub-section contains the configuration commands that can configure the WRED profiles. + +**config ecn** + +This command configures the possible fields in a particular WRED profile that is specified using "-profile " argument. +The list of the WRED profile fields that are configurable is listed in the below "Usage". + +- Usage: + ``` + config ecn -profile [-rmax ] [-rmin ] [-ymax ] [-ymin ] [-gmax ] [-gmin ] [-v|--verbose] + ``` + + - Parameters: + - profile_name Profile name + - red_threshold_max Set red max threshold + - red_threshold_min Set red min threshold + - yellow_threshold_max Set yellow max threshold + - yellow_threshold_min Set yellow min threshold + - green_threshold_max Set green max threshold + - green_threshold_min Set green min threshold + +- Example (Configures the "red max threshold" for the WRED profile name "wredprofileabcd". It will create the WRED profile if it does not exist.): + ``` + admin@sonic:~$ sudo config ecn -profile wredprofileabcd -rmax 100 + ``` + +Go Back To [Beginning of the document](#) or [Beginning of this section](#ecn) + +## Feature + +SONiC includes a capability in which Feature state can be enabled/disabled +which will make corresponding feature docker container to start/stop. + +Also SONiC provide capability in which Feature docker container can be automatically shut +down and restarted if one of critical processes running in the container exits +unexpectedly. Restarting the entire feature container ensures that configuration is +reloaded and all processes in the feature container get restarted, thus increasing the +likelihood of entering a healthy state. + +### Feature show commands + +**show feature config** + +Shows the config of given feature or all if no feature is given. The "fallback" is shown only if configured. The fallback defaults to "true" when not configured. + +- Usage: + ``` + show feature config [] + ``` + +- Example: + ``` + admin@sonic:~$ show feature config + Feature State AutoRestart Owner fallback + -------------- -------- ------------- ------- ---------- + bgp enabled enabled local + database enabled disabled local + dhcp_relay enabled enabled kube + lldp enabled enabled kube true + mgmt-framework enabled enabled local + nat disabled enabled local + pmon enabled enabled kube + radv enabled enabled kube + sflow disabled enabled local + snmp enabled enabled kube + swss enabled enabled local + syncd enabled enabled local + teamd enabled enabled local + telemetry enabled enabled kube + ``` + +**show feature status** + +Shows the status of given feature or all if no feature is given. The "fallback" defaults to "true" when not configured. +The subset of features are configurable for remote management and only those report additional data. + +- Usage: + ``` + show feature status [] + ``` + +- Example: + ``` + admin@sonic:~$ show feature status + Feature State AutoRestart SystemState UpdateTime ContainerId ContainerVersion SetOwner CurrentOwner RemoteState + -------------- -------- ------------- ------------- ------------------- ------------- ------------------ ---------- -------------- ------------- + bgp enabled enabled up local local none + database enabled disabled local + dhcp_relay enabled enabled up 2020-11-15 18:21:09 249e70102f55 20201230.100 kube local + lldp enabled enabled up 2020-11-15 18:21:09 779c2d55ee12 20201230.100 kube local + mgmt-framework enabled enabled up local local none + nat disabled enabled local + pmon enabled enabled up 2020-11-15 18:20:27 a2b9ffa8aba3 20201230.100 kube local + radv enabled enabled up 2020-11-15 18:21:05 d8ff27dcfe46 20201230.100 kube local + sflow disabled enabled local + snmp enabled enabled up 2020-11-15 18:25:51 8b7d5529e306 20201230.111 kube kube running + swss enabled enabled up local local none + syncd enabled enabled up local local none + teamd enabled enabled up local local none + telemetry enabled enabled down 2020-11-15 18:24:59 20201230.100 kube none + ``` + +**config feature owner** + +Configures the owner for a feature as "local" or "kube". The "local" implies starting the feature container from local image. The "kube" implies that kubernetes server is made eligible to deploy the feature. The deployment of a feature by kubernetes is conditional based on many factors like, whether the kube server is configured or not, connected-to-kube-server or not and if that master has manifest for this feature for this switch or not and more. At some point in future, the deployment *could* happen and till that point the feature can run from local image, called "fallback". The fallback is allowed by default and it could be toggled to "not allowed". When fallback is not allowed, the feature would run only upon deployment by kubernetes master. + +- Usage: + ``` + config feature owner [] [local/kube] + ``` + +- Example: + ``` + admin@sonic:~$ sudo config feature owner snmp kube + ``` + +**config feature fallback** + +Features configured for "kube" deployment could be allowed to fallback to using local image, until the point of successful kube deployment. The fallback is allowed by default. + +- Usage: + ``` + config feature fallback [] [on/off] + ``` + +- Example: + ``` + admin@sonic:~$ sudo config feature fallback snmp on + ``` + +**show feature autorestart** + +This command will display the status of auto-restart for feature container. + +- Usage: + ``` + show feature autorestart [] + admin@sonic:~$ show feature autorestart + Feature AutoRestart + ---------- -------------- + bgp enabled + database always_enabled + dhcp_relay enabled + lldp enabled + pmon enabled + radv enabled + snmp enabled + swss enabled + syncd enabled + teamd enabled + telemetry enabled + ``` + +Optionally, you can specify a feature name in order to display +status for that feature + +### Feature config commands + +**config feature state ** + +This command will configure the state for a specific feature. + +- Usage: + ``` + config feature state (enabled | disabled) + admin@sonic:~$ sudo config feature state bgp disabled + ``` + +**config feature autorestart ** + +This command will configure the status of auto-restart for a specific feature container. + +- Usage: + ``` + config feature autorestart (enabled | disabled) + admin@sonic:~$ sudo config feature autorestart bgp disabled + ``` +NOTE: If the existing state or auto-restart value for a feature is "always_enabled" then config +commands are don't care and will not update state/auto-restart value. + +Go Back To [Beginning of the document](#) or [Beginning of this section](#feature) + +## Flow Counters + +This section explains all the Flow Counters show commands, clear commands and config commands that are supported in SONiC. Flow counters are usually used for debugging, troubleshooting and performance enhancement processes. Flow counters supports case like: + + - Host interface traps (number of received traps per Trap ID) + - Routes matching the configured prefix pattern (number of hits and number of bytes) + +### Flow Counters show commands + +**show flowcnt-trap stats** + +This command is used to show the current statistics for the registered host interface traps. + +Because clear (see below) is handled on a per-user basis different users may see different counts. + +- Usage: + ``` + show flowcnt-trap stats + ``` + +- Example: + ``` + admin@sonic:~$ show flowcnt-trap stats + Trap Name Packets Bytes PPS + --------- --------- ------- ------- + dhcp 100 2,000 50.25/s + + For multi-ASIC: + admin@sonic:~$ show flowcnt-trap stats + ASIC ID Trap Name Packets Bytes PPS + ------- ----------- --------- ------- ------- + asic0 dhcp 100 2,000 50.25/s + asic1 dhcp 200 3,000 45.25/s + ``` + +**show flowcnt-route stats** + +This command is used to show the current statistics for route flow patterns. + +Because clear (see below) is handled on a per-user basis different users may see different counts. + +- Usage: + ``` + show flowcnt-route stats + show flowcnt-route stats pattern [--vrf ] + show flowcnt-route stats route [--vrf ] + ``` + +- Example: + ``` + admin@sonic:~$ show flowcnt-route stats + Route pattern VRF Matched routes Packets Bytes + -------------------------------------------------------------------------------------- + 3.3.0.0/16 default 3.3.1.0/24 100 4543 + 3.3.2.3/32 3443 929229 + 3.3.0.0/16 0 0 + 2000::/64 default 2000::1/128 100 4543 + ``` + +The "pattern" subcommand is used to display the route flow counter statistics by route pattern. + +- Example: + ``` + admin@sonic:~$ show flowcnt-route stats pattern 3.3.0.0/16 + Route pattern VRF Matched routes Packets Bytes + -------------------------------------------------------------------------------------- + 3.3.0.0/16 default 3.3.1.0/24 100 4543 + 3.3.2.3/32 3443 929229 + 3.3.0.0/16 0 0 + ``` + +The "route" subcommand is used to display the route flow counter statistics by route prefix. + ``` + admin@sonic:~$ show flowcnt-route stats route 3.3.3.2/32 --vrf Vrf_1 + Route VRF Route Pattern Packets Bytes + ----------------------------------------------------------------------------------------- + 3.3.3.2/32 Vrf_1 3.3.0.0/16 100 4543 + ``` + +### Flow Counters clear commands + +**sonic-clear flowcnt-trap** + +This command is used to clear the current statistics for the registered host interface traps. This is done on a per-user basis. + +- Usage: + ``` + sonic-clear flowcnt-trap + ``` + +- Example: + ``` + admin@sonic:~$ sonic-clear flowcnt-trap + Trap Flow Counters were successfully cleared + ``` + +**sonic-clear flowcnt-route** + +This command is used to clear the current statistics for the route flow counter. This is done on a per-user basis. + +- Usage: + ``` + sonic-clear flowcnt-route + sonic-clear flowcnt-route pattern [--vrf ] + sonic-clear flowcnt-route route [--vrf ] + ``` + +- Example: + ``` + admin@sonic:~$ sonic-clear flowcnt-route + Route Flow Counters were successfully cleared + ``` + +The "pattern" subcommand is used to clear the route flow counter statistics by route pattern. + +- Example: + ``` + admin@sonic:~$ sonic-clear flowcnt-route pattern 3.3.0.0/16 --vrf Vrf_1 + Flow Counters of all routes matching the configured route pattern were successfully cleared + ``` + +The "route" subcommand is used to clear the route flow counter statistics by route prefix. + +- Example: + ``` + admin@sonic:~$ sonic-clear flowcnt-route route 3.3.3.2/32 --vrf Vrf_1 + Flow Counters of the specified route were successfully cleared + ``` + +### Flow Counters config commands + +**config flowcnt-route pattern add** + +This command is used to add or update the route pattern which is used by route flow counter to match route entries. + +- Usage: + ``` + config flowcnt-route pattern add [--vrf ] [--max ] + ``` + +- Example: + ``` + admin@sonic:~$ config flowcnt-route pattern add 2.2.0.0/16 --vrf Vrf_1 --max 50 + ``` + +**config flowcnt-route pattern remove** + +This command is used to remove the route pattern which is used by route flow counter to match route entries. + +- Usage: + ``` + config flowcnt-route pattern remove [--vrf ] + ``` + +- Example: + ``` + admin@sonic:~$ config flowcnt-route pattern remove 2.2.0.0/16 --vrf Vrf_1 + ``` + + +Go Back To [Beginning of the document](#) or [Beginning of this section](#flow-counters) +## Gearbox + +This section explains all the Gearbox PHY show commands that are supported in SONiC. + +### Gearbox show commands +This sub-section contains the show commands that are supported for gearbox phy. + +**show gearbox interfaces status** + +This command displays information about the gearbox phy interface lanes, speeds and status. Data is displayed for both MAC side and line side of the gearbox phy + +- Usage: + ``` + show gearbox interfaces status + ``` + +- Example: + +``` +home/admin# show gearbox interfaces status + PHY Id Interface MAC Lanes MAC Lane Speed PHY Lanes PHY Lane Speed Line Lanes Line Lane Speed Oper Admin +-------- ----------- ----------- ---------------- ----------- ---------------- ------------ ----------------- ------ ------- + 1 Ethernet0 25,26,27,28 10G 200,201 20G 206 40G up up + 1 Ethernet4 29,30,31,32 10G 202,203 20G 207 40G up up + 1 Ethernet8 33,34,35,36 10G 204,205 20G 208 40G up up + + ``` + +**show gearbox phys status** + +This command displays basic information about the gearbox phys configured on the switch. + +- Usage: + ``` + show gearbox phys status + ``` + +- Example: + +``` +/home/admin# show gearbox phys status + PHY Id Name Firmware +-------- ------- ---------- + 1 sesto-1 v0.1 + + ``` + +Go Back To [Beginning of the document](#) or [Beginning of this section](#gearbox) + + +## Update Device Hostname Configuration Commands + +This sub-section of commands is used to change device hostname without traffic being impacted. + +**config hostname** + +This command is used to change device hostname without traffic being impacted. + +- Usage: + ``` + config hostname + ``` + +- Example: + ``` + admin@sonic:~$ sudo config hostname CSW06 + Please note loaded setting will be lost after system reboot. To preserve setting, run `config save`. + ``` + +## Interfaces + +### Interface Show Commands + +This sub-section lists all the possible show commands for the interfaces available in the device. Following example gives the list of possible shows on interfaces. +Subsequent pages explain each of these commands in detail. + +- Example: + ``` + admin@sonic:~$ show interfaces -? + + Show details of the network interfaces + + Options: + -?, -h, --help Show this message and exit. + + Commands: + autoneg Show interface autoneg information + breakout Show Breakout Mode information by interfaces + counters Show interface counters + description Show interface status, protocol and... + mpls Show Interface MPLS status + naming_mode Show interface naming_mode status + neighbor Show neighbor related information + portchannel Show PortChannel information + status Show Interface status information + tpid Show Interface tpid information + transceiver Show SFP Transceiver information + ``` + +**show interfaces autoneg** + +This show command displays the port auto negotiation status for all interfaces i.e. interface name, auto negotiation mode, speed, advertised speeds, interface type, advertised interface types, operational status, admin status. For a single interface, provide the interface name with the sub-command. + +- Usage: + ``` + show interfaces autoneg status + show interfaces autoneg status + ``` + +- Example: + ``` + admin@sonic:~$ show interfaces autoneg status + Interface Auto-Neg Mode Speed Adv Speeds Type Adv Types Oper Admin + ----------- --------------- ------- ------------ ------ ----------- ------ ------- + Ethernet0 enabled 25G 10G,25G CR CR,CR4 up up + Ethernet4 disabled 100G all CR4 all up up + + admin@sonic:~$ show interfaces autoneg status Ethernet8 + Interface Auto-Neg Mode Speed Adv Speeds Type Adv Types Oper Admin + ----------- --------------- ------- ------------ ------ ----------- ------ ------- + Ethernet8 disabled 100G N/A CR4 N/A up up + ``` + +**show interfaces breakout (Versions >= 202006)** + +This show command displays the port capability for all interfaces i.e. index, lanes, default_brkout_mode, breakout_modes(i.e. available breakout modes) and brkout_mode (i.e. current breakout mode). To display current breakout mode, "current-mode" subcommand can be used.For a single interface, provide the interface name with the sub-command. + +- Usage: + ``` + show interfaces breakout + show interfaces breakout current-mode + show interfaces breakout current-mode + ``` + +- Example: + ``` + admin@lnos-x1-a-fab01:~$ show interfaces breakout + { + "Ethernet0": { + "index": "1,1,1,1", + "default_brkout_mode": "1x100G[40G]", + "child ports": "Ethernet0", + "child port speed": "100G", + "breakout_modes": "1x100G[40G],2x50G,4x25G[10G]", + "Current Breakout Mode": "1x100G[40G]", + "lanes": "65,66,67,68", + "alias_at_lanes": "Eth1/1, Eth1/2, Eth1/3, Eth1/4" + },... continue + } + ``` +The "current-mode" subcommand is used to display current breakout mode for all interfaces. + ``` + admin@lnos-x1-a-fab01:~$ show interfaces breakout current-mode + +-------------+-------------------------+ + | Interface | Current Breakout Mode | + +=============+=========================+ + | Ethernet0 | 4x25G[10G] | + +-------------+-------------------------+ + | Ethernet4 | 4x25G[10G] | + +-------------+-------------------------+ + | Ethernet8 | 4x25G[10G] | + +-------------+-------------------------+ + | Ethernet12 | 4x25G[10G] | + +-------------+-------------------------+ + + admin@lnos-x1-a-fab01:~$ show interfaces breakout current-mode Ethernet0 + +-------------+-------------------------+ + | Interface | Current Breakout Mode | + +=============+=========================+ + | Ethernet0 | 4x25G[10G] | + +-------------+-------------------------+ + ``` + +**show interfaces counters** + +This show command displays packet counters for all interfaces since the last time the counters were cleared. To display l3 counters "rif" subcommand can be used. There is no facility to display counters for one specific l2 interface. For l3 interfaces a single interface output mode is present. Optional argument "-a" provides two additional columns - RX-PPS and TX_PPS. +Optional argument "-p" specify a period (in seconds) with which to gather counters over. + +- Usage: + ``` + show interfaces counters [-a|--printall] [-p|--period ] + show interfaces counters errors + show interfaces counters rates + show interfaces counters rif [-p|--period ] [-i ] + ``` + +- Example: + ``` + admin@sonic:~$ show interfaces counters + IFACE STATE RX_OK RX_BPS RX_UTIL RX_ERR RX_DRP RX_OVR TX_OK TX_BPS TX_UTIL TX_ERR TX_DRP TX_OVR + ----------- ------- --------------- ----------- --------- -------- -------- -------- --------------- ----------- --------- -------- -------- -------- + Ethernet0 U 471,729,839,997 653.87 MB/s 12.77% 0 18,682 0 409,682,385,925 556.84 MB/s 10.88% 0 0 0 + Ethernet4 U 453,838,006,636 632.97 MB/s 12.36% 0 1,636 0 388,299,875,056 529.34 MB/s 10.34% 0 0 0 + Ethernet8 U 549,034,764,539 761.15 MB/s 14.87% 0 18,274 0 457,603,227,659 615.20 MB/s 12.02% 0 0 0 + Ethernet12 U 458,052,204,029 636.84 MB/s 12.44% 0 17,614 0 388,341,776,615 527.37 MB/s 10.30% 0 0 0 + Ethernet16 U 16,679,692,972 13.83 MB/s 0.27% 0 17,605 0 18,206,586,265 17.51 MB/s 0.34% 0 0 0 + Ethernet20 U 47,983,339,172 35.89 MB/s 0.70% 0 2,174 0 58,986,354,359 51.83 MB/s 1.01% 0 0 0 + Ethernet24 U 33,543,533,441 36.59 MB/s 0.71% 0 1,613 0 43,066,076,370 49.92 MB/s 0.97% 0 0 0 + + admin@sonic:~$ show interfaces counters -i Ethernet4,Ethernet12-16 + IFACE STATE RX_OK RX_BPS RX_UTIL RX_ERR RX_DRP RX_OVR TX_OK TX_BPS TX_UTIL TX_ERR TX_DRP TX_OVR + ----------- ------- --------------- ----------- --------- -------- -------- -------- --------------- ----------- --------- -------- -------- -------- + Ethernet4 U 453,838,006,636 632.97 MB/s 12.36% 0 1,636 0 388,299,875,056 529.34 MB/s 10.34% 0 0 0 + Ethernet12 U 458,052,204,029 636.84 MB/s 12.44% 0 17,614 0 388,341,776,615 527.37 MB/s 10.30% 0 0 0 + Ethernet16 U 16,679,692,972 13.83 MB/s 0.27% 0 17,605 0 18,206,586,265 17.51 MB/s 0.34% 0 0 0 + ``` + +The "errors" subcommand is used to display the interface errors. + +- Example: + ``` + admin@str-s6000-acs-11:~$ show interface counters errors + IFACE STATE RX_ERR RX_DRP RX_OVR TX_ERR TX_DRP TX_OVR + ----------- ------- -------- -------- -------- -------- -------- -------- + Ethernet0 U 0 4 0 0 0 0 + Ethernet4 U 0 0 0 0 0 0 + Ethernet8 U 0 1 0 0 0 0 + Ethernet12 U 0 0 0 0 0 0 + ``` + +The "rates" subcommand is used to disply only the interface rates. + +- Example: + ``` + admin@str-s6000-acs-11:/usr/bin$ show int counters rates + IFACE STATE RX_OK RX_BPS RX_PPS RX_UTIL TX_OK TX_BPS TX_PPS TX_UTIL + ----------- ------- ------- -------- -------- --------- ------- -------- -------- --------- + Ethernet0 U 467510 N/A N/A N/A 466488 N/A N/A N/A + Ethernet4 U 469679 N/A N/A N/A 469245 N/A N/A N/A + Ethernet8 U 466660 N/A N/A N/A 465982 N/A N/A N/A + Ethernet12 U 466579 N/A N/A N/A 466318 N/A N/A N/A + ``` + + +The "rif" subcommand is used to display l3 interface counters. Layer 3 interfaces include router interfaces, portchannels and vlan interfaces. + +- Example: + +``` + admin@sonic:~$ show interfaces counters rif + IFACE RX_OK RX_BPS RX_PPS RX_ERR TX_OK TX_BPS TX_PPS TX_ERR +--------------- ------- ---------- -------- -------- ------- -------- -------- -------- +PortChannel0001 62,668 107.81 B/s 1.34/s 3 6 0.02 B/s 0.00/s 0 +PortChannel0002 62,645 107.77 B/s 1.34/s 3 2 0.01 B/s 0.00/s 0 +PortChannel0003 62,481 107.56 B/s 1.34/s 3 3 0.01 B/s 0.00/s 0 +PortChannel0004 62,732 107.88 B/s 1.34/s 2 3 0.01 B/s 0.00/s 0 + Vlan1000 0 0.00 B/s 0.00/s 0 0 0.00 B/s 0.00/s 0 +``` + + +Optionally, you can specify a layer 3 interface name to display the counters in single interface mode. + +- Example: + +``` + admin@sonic:~$ show interfaces counters rif PortChannel0001 + PortChannel0001 + --------------- + + RX: + 3269 packets + 778494 bytesq + 3 error packets + 292 error bytes + TX: + 0 packets + 0 bytes + 0 error packets + 0 error bytes +``` + + +Optionally, you can specify a period (in seconds) with which to gather counters over. Note that this function will take `` seconds to execute. + +- Example: + +``` + admin@sonic:~$ show interfaces counters -p 5 + IFACE STATE RX_OK RX_BPS RX_UTIL RX_ERR RX_DRP RX_OVR TX_OK TX_BPS TX_UTIL TX_ERR TX_DRP TX_OVR + ----------- ------- ------- ----------- --------- -------- -------- -------- ------- ----------- --------- -------- -------- -------- + Ethernet0 U 515 59.14 KB/s 0.00% 0 0 0 1,305 127.60 KB/s 0.00% 0 0 0 + Ethernet4 U 305 26.54 KB/s 0.00% 0 0 0 279 39.12 KB/s 0.00% 0 0 0 + Ethernet8 U 437 42.96 KB/s 0.00% 0 0 0 182 18.37 KB/s 0.00% 0 0 0 + Ethernet12 U 284 40.79 KB/s 0.00% 0 0 0 160 13.03 KB/s 0.00% 0 0 0 + Ethernet16 U 377 32.64 KB/s 0.00% 0 0 0 214 18.01 KB/s 0.00% 0 0 0 + Ethernet20 U 284 36.81 KB/s 0.00% 0 0 0 138 8758.25 B/s 0.00% 0 0 0 + Ethernet24 U 173 16.09 KB/s 0.00% 0 0 0 169 11.39 KB/s 0.00% 0 0 0 +``` + +- NOTE: Interface counters can be cleared by the user with the following command: + + ``` + admin@sonic:~$ sonic-clear counters + ``` + +- NOTE: Layer 3 interface counters can be cleared by the user with the following command: + + ``` + admin@sonic:~$ sonic-clear rifcounters + ``` + +**show interfaces description** + +This command displays the key fields of the interfaces such as Operational Status, Administrative Status, Alias and Description. + +- Usage: + ``` + show interfaces description [] + ``` + +- Example: + ``` + admin@sonic:~$ show interfaces description + Interface Oper Admin Alias Description + ----------- ------ ------- --------------- -------------------- + Ethernet0 down up hundredGigE1/1 T0-1:hundredGigE1/30 + Ethernet4 down up hundredGigE1/2 T0-2:hundredGigE1/30 + Ethernet8 down down hundredGigE1/3 hundredGigE1/3 + Ethernet12 down down hundredGigE1/4 hundredGigE1/4 + ``` + +- Example (to only display the description for interface Ethernet4): + + ``` + admin@sonic:~$ show interfaces description Ethernet4 + Interface Oper Admin Alias Description + ----------- ------ ------- -------------- -------------------- + Ethernet4 down up hundredGigE1/2 T0-2:hundredGigE1/30 + ``` + +**show interfaces mpls** + +This command is used to display the configured MPLS state for the list of configured interfaces. + +- Usage: + ``` + show interfaces mpls [] + ``` + +- Example: + ``` + admin@sonic:~$ show interfaces mpls + Interface MPLS State + ----------- ------------ + Ethernet0 disable + Ethernet4 enable + Ethernet8 enable + Ethernet12 disable + Ethernet16 disable + Ethernet20 disable + ``` + +- Example (to only display the MPLS state for interface Ethernet4): + ``` + admin@sonic:~$ show interfaces mpls Ethernet4 + Interface MPLS State + ----------- ------------ + Ethernet4 enable + ``` + +**show interfaces loopback-action** + +This command displays the configured loopback action + +- Usage: + ``` + show ip interfaces loopback-action + ``` + +- Example: + ``` + root@sonic:~# show ip interfaces loopback-action + Interface Action + ------------ ---------- + Ethernet232 drop + Vlan100 forward + ``` + + +**show interfaces tpid** + +This command displays the key fields of the interfaces such as Operational Status, Administrative Status, Alias and TPID. + +- Usage: + ``` + show interfaces tpid [] + ``` + +- Example: + ``` + admin@sonic:~$ show interfaces tpid + Interface Alias Oper Admin TPID + --------------- --------------- ------ ------- ------ + Ethernet0 fortyGigE1/1/1 up up 0x8100 + Ethernet1 fortyGigE1/1/2 up up 0x8100 + Ethernet2 fortyGigE1/1/3 down down 0x8100 + Ethernet3 fortyGigE1/1/4 down down 0x8100 + Ethernet4 fortyGigE1/1/5 up up 0x8100 + Ethernet5 fortyGigE1/1/6 up up 0x8100 + Ethernet6 fortyGigE1/1/7 up up 0x9200 + Ethernet7 fortyGigE1/1/8 up up 0x88A8 + Ethernet8 fortyGigE1/1/9 up up 0x8100 + ... + Ethernet63 fortyGigE1/4/16 down down 0x8100 + PortChannel0001 N/A up up 0x8100 + PortChannel0002 N/A up up 0x8100 + PortChannel0003 N/A up up 0x8100 + PortChannel0004 N/A up up 0x8100 + admin@sonic:~$ + ``` + +- Example (to only display the TPID for interface Ethernet6): + + ``` + admin@sonic:~$ show interfaces tpid Ethernet6 + Interface Alias Oper Admin TPID + ----------- -------------- ------ ------- ------ + Ethernet6 fortyGigE1/1/7 up up 0x9200 + admin@sonic:~$ + ``` + +**show interfaces naming_mode** + +Refer sub-section [Interface-Naming-Mode](#Interface-Naming-Mode) + + +**show interfaces neighbor** + +This command is used to display the list of expected neighbors for all interfaces (or for a particular interface) that is configured. + +- Usage: + ``` + show interfaces neighbor expected [] + ``` + +- Example: + ``` + admin@sonic:~$ show interfaces neighbor expected + LocalPort Neighbor NeighborPort NeighborLoopback NeighborMgmt NeighborType + ----------- ---------- -------------- ------------------ -------------- -------------- + Ethernet112 ARISTA01T1 Ethernet1 None 10.16.205.100 ToRRouter + Ethernet116 ARISTA02T1 Ethernet1 None 10.16.205.101 SpineRouter + Ethernet120 ARISTA03T1 Ethernet1 None 10.16.205.102 LeafRouter + Ethernet124 ARISTA04T1 Ethernet1 None 10.16.205.103 LeafRouter + ``` + +**show interfaces portchannel** + +This command displays information regarding port-channel interfaces + +- Usage: + ``` + show interfaces portchannel + ``` + +- Example: + ``` + admin@sonic:~$ show interfaces portchannel + Flags: A - active, I - inactive, Up - up, Dw - Down, N/A - not available, S - selected, D - deselected + No. Team Dev Protocol Ports + ----- ------------- ----------- --------------------------- + 24 PortChannel24 LACP(A)(Up) Ethernet28(S) Ethernet24(S) + 48 PortChannel48 LACP(A)(Up) Ethernet52(S) Ethernet48(S) + 40 PortChannel40 LACP(A)(Up) Ethernet44(S) Ethernet40(S) + 0 PortChannel0 LACP(A)(Up) Ethernet0(S) Ethernet4(S) + 8 PortChannel8 LACP(A)(Up) Ethernet8(S) Ethernet12(S) + ``` + +**show interface status** + +This command displays some more fields such as Lanes, Speed, MTU, Type, Asymmetric PFC status and also the operational and administrative status of the interfaces + +- Usage: + ``` + show interfaces status [] + ``` + +- Example (show interface status of all interfaces): + ``` + admin@sonic:~$ show interfaces status + Interface Lanes Speed MTU Alias Oper Admin Type Asym PFC + ----------- --------------- ------- ----- --------------- ------ ------- ------ ---------- + Ethernet0 49,50,51,52 100G 9100 hundredGigE1/1 down up N/A off + Ethernet4 53,54,55,56 100G 9100 hundredGigE1/2 down up N/A off + Ethernet8 57,58,59,60 100G 9100 hundredGigE1/3 down down N/A off + + ``` + +- Example (to only display the status for interface Ethernet0): + ``` + admin@sonic:~$ show interface status Ethernet0 + Interface Lanes Speed MTU Alias Oper Admin + ----------- -------- ------- ----- -------------- ------ ------- + Ethernet0 101,102 40G 9100 fortyGigE1/1/1 up up + ``` + +- Example (to only display the status for range of interfaces): + ``` + admin@sonic:~$ show interfaces status Ethernet8,Ethernet168-180 + Interface Lanes Speed MTU Alias Oper Admin Type Asym PFC + ----------- ----------------- ------- ----- --------------- ------ ------- ------ ---------- + Ethernet8 49,50,51,52 100G 9100 hundredGigE3 down down N/A N/A + Ethernet168 9,10,11,12 100G 9100 hundredGigE43 down down N/A N/A + Ethernet172 13,14,15,16 100G 9100 hundredGigE44 down down N/A N/A + Ethernet176 109,110,111,112 100G 9100 hundredGigE45 down down N/A N/A + Ethernet180 105,106,107,108 100G 9100 hundredGigE46 down down N/A N/A + ``` + +**show interfaces transceiver** + +This command is already explained [here](#Transceivers) + +### Interface Config Commands +This sub-section explains the following list of configuration on the interfaces. +1) ip - To add or remove IP address for the interface +2) pfc - to set the PFC configuration for the interface +3) shutdown - to administratively shut down the interface +4) speed - to set the interface speed +5) startup - to bring up the administratively shutdown interface +6) breakout - to set interface breakout mode +7) autoneg - to set interface auto negotiation mode +8) advertised-speeds - to set interface advertised speeds +9) advertised-types - to set interface advertised types +10) type - to set interface type +11) mpls - To add or remove MPLS operation for the interface +12) loopback-action - to set action for packet that ingress and gets routed on the same IP interface + +From 201904 release onwards, the “config interface” command syntax is changed and the format is as follows: + +- config interface interface_subcommand +i.e Interface name comes after the subcommand +- Ex: config interface startup Ethernet63 + +The syntax for all such interface_subcommands are given below under each command + +NOTE: In older versions of SONiC until 201811 release, the command syntax was `config interface interface_subcommand` + + +**config interface ip add [default_gw] (Versions >= 201904)** + +**config interface ip add (Versions <= 201811)** + +This command is used for adding the IP address for an interface. +IP address for either physical interface or for portchannel or for VLAN interface or for Loopback interface can be configured using this command. +While configuring the IP address for the management interface "eth0", users can provide the default gateway IP address as an optional parameter from release 201911. + + +- Usage: + + *Versions >= 201904* + ``` + config interface ip add + ``` + *Versions <= 201811* + ``` + config interface ip add + ``` + +- Example: + + *Versions >= 201904* + ``` + admin@sonic:~$ sudo config interface ip add Ethernet63 10.11.12.13/24 + admin@sonic:~$ sudo config interface ip add eth0 20.11.12.13/24 20.11.12.254 + ``` + *Versions <= 201811* + ``` + admin@sonic:~$ sudo config interface Ethernet63 ip add 10.11.12.13/24 + ``` + +VLAN interface names take the form of `vlan`. E.g., VLAN 100 will be named `vlan100` + +- Example: + + *Versions >= 201904* + ``` + admin@sonic:~$ sudo config interface ip add Vlan100 10.11.12.13/24 + ``` + *Versions <= 201811* + ``` + admin@sonic:~$ sudo config interface vlan100 ip add 10.11.12.13/24 + ``` + + +**config interface ip remove (Versions >= 201904)** + +**config interface ip remove (Versions <= 201811)** + +- Usage: + + *Versions >= 201904* + ``` + config interface ip remove + ``` + *Versions <= 201811* + ``` + config interface ip remove + ``` + +- Example: + + *Versions >= 201904* + ``` + admin@sonic:~$ sudo config interface ip remove Ethernet63 10.11.12.13/24 + admin@sonic:~$ sudo config interface ip remove eth0 20.11.12.13/24 + ``` + *Versions <= 201811* + ``` + admin@sonic:~$ sudo config interface Ethernet63 ip remove 10.11.12.13/24 + ``` + +VLAN interface names take the form of `vlan`. E.g., VLAN 100 will be named `vlan100` + +- Example: + + *Versions >= 201904* + ``` + admin@sonic:~$ sudo config interface ip remove vlan100 10.11.12.13/24 + ``` + *Versions <= 201811* + ``` + admin@sonic:~$ sudo config interface vlan100 ip remove 10.11.12.13/24 + ``` + +**config interface pfc priority (on | off)** + +This command is used to set PFC on a given priority of a given interface to either "on" or "off". Once it is successfully configured, it will show current losses priorities on the given interface. Otherwise, it will show error information + +- Example: + *Versions >= 201904* + ``` + admin@sonic:~$ sudo config interface pfc priority Ethernet0 3 off + + Interface Lossless priorities + ----------- --------------------- + Ethernet0 4 + + admin@sonic:~$ sudo config interface pfc priority Ethernet0 8 off + Usage: pfc config priority [OPTIONS] STATUS INTERFACE PRIORITY + + Error: Invalid value for "priority": invalid choice: 8. (choose from 0, 1, 2, 3, 4, 5, 6, 7) + + admin@sonic:~$ sudo config interface pfc priority Ethernet101 3 off + Cannot find interface Ethernet101 + + admin@sonic:~$ sudo config interface pfc priority Ethernet0 3 on + + Interface Lossless priorities + ----------- --------------------- + Ethernet0 3,4 + ``` + +**config interface pfc asymmetric (Versions >= 201904)** + +**config interface pfc asymmetric (Versions <= 201811)** + +This command is used for setting the asymmetric PFC for an interface to either "on" or "off". Once if it is configured, use "show interfaces status" to check the same. + +- Usage: + + *Versions >= 201904* + ``` + config interface pfc asymmetric on/off (for 201904+ version) + ``` + *Versions <= 201811* + ``` + config interface pfc asymmetric on/off (for 201811- version) + ``` + +- Example: + + *Versions >= 201904* + ``` + admin@sonic:~$ sudo config interface pfc asymmetric Ethernet60 on + ``` + *Versions <= 201811* + ``` + admin@sonic:~$ sudo config interface Ethernet60 pfc asymmetric on + ``` + +**config interface shutdown (Versions >= 201904)** + +**config interface shutdown (Versions <= 201811)** + +This command is used to administratively shut down either the Physical interface or port channel interface. Once if it is configured, use "show interfaces status" to check the same. + +- Usage: + + *Versions >= 201904* + ``` + config interface shutdown (for 201904+ version) + ``` + *Versions <= 201811* + ``` + config interface shutdown (for 201811- version) + ``` + +- Example: + + *Versions >= 201904* + ``` + admin@sonic:~$ sudo config interface shutdown Ethernet63 + ``` + *Versions <= 201811* + ``` + admin@sonic:~$ sudo config interface Ethernet63 shutdown + ``` + + shutdown multiple interfaces + ``` + admin@sonic:~$ sudo config interface shutdown Ethernet8,Ethernet16-20,Ethernet32 + ``` + +**config interface startup (Versions >= 201904)** + +**config interface startup (Versions <= 201811)** + +This command is used for administratively bringing up the Physical interface or port channel interface.Once if it is configured, use "show interfaces status" to check the same. + +- Usage: + + *Versions >= 201904* + ``` + config interface startup (for 201904+ version) + ``` + *Versions <= 201811* + ``` + config interface startup (for 201811- version) + ``` + +- Example: + + *Versions >= 201904* + ``` + admin@sonic:~$ sudo config interface startup Ethernet63 + ``` + *Versions <= 201811* + ``` + admin@sonic:~$ sudo config interface Ethernet63 startup + ``` + + startup multiple interfaces + ``` + admin@sonic:~$ sudo config interface startup Ethernet8,Ethernet16-20,Ethernet32 + ``` + +**config interface speed (Versions >= 202006)** + +Dynamic breakout feature is supported in SONiC from 202006 version. +User can configure any speed specified under "breakout_modes" keys for the parent interface in the platform-specific port configuration file (i.e. platform.json). + +For example for a breakout mode of 2x50G[25G,10G] the default speed is 50G but the interface also supports 25G and 10G. + +Refer [DPB HLD DOC](https://github.com/Azure/SONiC/blob/master/doc/dynamic-port-breakout/sonic-dynamic-port-breakout-HLD.md#cli-design) to know more about this command. + +**config interface speed (Versions >= 201904)** + +**config interface speed (Versions <= 201811)** + +This command is used to configure the speed for the Physical interface. Use the value 40000 for setting it to 40G and 100000 for 100G. Users need to know the device to configure it properly. + +- Usage: + + *Versions >= 201904* + ``` + config interface speed + ``` + *Versions <= 201811* + ``` + config interface speed + ``` + +- Example (Versions >= 201904): + ``` + admin@sonic:~$ sudo config interface speed Ethernet63 40000 + ``` + +- Example (Versions <= 201811): + ``` + admin@sonic:~$ sudo config interface Ethernet63 speed 40000 + + ``` + +**config interface transceiver lpmode** + +This command is used to enable or disable low-power mode for an SFP transceiver + +- Usage: + + ``` + config interface transceiver lpmode (enable | disable) + ``` + +- Examples: + + ``` + user@sonic~$ sudo config interface transceiver lpmode Ethernet0 enable + Enabling low-power mode for port Ethernet0... OK + + user@sonic~$ sudo config interface transceiver lpmode Ethernet0 disable + Disabling low-power mode for port Ethernet0... OK + ``` + +**config interface transceiver reset** + +This command is used to reset an SFP transceiver + +- Usage: + + ``` + config interface transceiver reset + ``` + +- Examples: + + ``` + user@sonic~$ sudo config interface transceiver reset Ethernet0 + Resetting port Ethernet0... OK + ``` + +**config interface mtu (Versions >= 201904)** + +This command is used to configure the mtu for the Physical interface. Use the value 1500 for setting max transfer unit size to 1500 bytes. + +- Usage: + + *Versions >= 201904* + ``` + config interface mtu + ``` + +- Example (Versions >= 201904): + ``` + admin@sonic:~$ sudo config interface mtu Ethernet64 1500 + ``` + +**config interface tpid (Versions >= 202106)** + +This command is used to configure the TPID for the Physical/PortChannel interface. default is 0x8100. Other allowed values if supported by HW SKU (0x9100, 0x9200, 0x88A8). + +- Usage: + + *Versions >= 202106* + ``` + config interface tpid + ``` + +- Example (Versions >= 202106): + ``` + admin@sonic:~$ sudo config interface tpid Ethernet64 0x9200 + ``` + +**config interface breakout (Versions >= 202006)** + +This command is used to set active breakout mode available for user-specified interface based on the platform-specific port configuration file(i.e. platform.json) +and the current mode set for the interface. + +Based on the platform.json and the current mode set in interface, this command acts on setting breakout mode for the interface. + +Double tab i.e. to see the available breakout option customized for each interface provided by the user. + +- Usage: + ``` + sudo config interface breakout --help + Usage: config interface breakout [OPTIONS] MODE + + Set interface breakout mode + + Options: + -f, --force-remove-dependencies + Clear all depenedecies internally first. + -l, --load-predefined-config load predefied user configuration (alias, + lanes, speed etc) first. + -y, --yes + -v, --verbose Enable verbose output + -?, -h, --help Show this message and exit. + ``` +- Example : + ``` + admin@sonic:~$ sudo config interface breakout Ethernet0 + + 1x100G[40G] 2x50G 4x25G[10G] + ``` + + This command also provides "--force-remove-dependencies/-f" option to CLI, which will automatically determine and remove the configuration dependencies using Yang models. + + ``` + admin@sonic:~$ sudo config interface breakout Ethernet0 4x25G[10G] -f -l -v -y + ``` + +For details please refer [DPB HLD DOC](https://github.com/Azure/SONiC/blob/master/doc/dynamic-port-breakout/sonic-dynamic-port-breakout-HLD.md#cli-design) to know more about this command. + +Go Back To [Beginning of the document](#) or [Beginning of this section](#interfaces) + +**config interface autoneg (Versions >= 202106)** + +This command is used to set port auto negotiation mode. + +- Usage: + ``` + sudo config interface autoneg --help + Usage: config interface autoneg [OPTIONS] + + Set interface auto negotiation mode + + Options: + -v, --verbose Enable verbose output + -h, -?, --help Show this message and exit. + ``` + +- Example: + ``` + admin@sonic:~$ sudo config interface autoneg Ethernet0 enabled + + admin@sonic:~$ sudo config interface autoneg Ethernet0 disabled + ``` + +Go Back To [Beginning of the document](#) or [Beginning of this section](#interfaces) + +**config interface advertised-speeds (Versions >= 202106)** + +This command is used to set port advertised speed. + +- Usage: + ``` + sudo config interface advertised-speeds --help + Usage: config interface advertised-speeds [OPTIONS] + + Set interface advertised speeds + + Options: + -v, --verbose Enable verbose output + -h, -?, --help Show this message and exit. + ``` + +- Example: + ``` + admin@sonic:~$ sudo config interface advertised-speeds Ethernet0 all + + admin@sonic:~$ sudo config interface advertised-speeds Ethernet0 50000,100000 + ``` + +Go Back To [Beginning of the document](#) or [Beginning of this section](#interfaces) + +**config interface advertised-types (Versions >= 202106)** + +This command is used to set port advertised interface types. + +- Usage: + ``` + sudo config interface advertised-types --help + Usage: config interface advertised-types [OPTIONS] + + Set interface advertised types + + Options: + -v, --verbose Enable verbose output + -h, -?, --help Show this message and exit. + ``` + +- Example: + ``` + admin@sonic:~$ sudo config interface advertised-types Ethernet0 all + + admin@sonic:~$ sudo config interface advertised-types Ethernet0 CR,CR4 + ``` + +Go Back To [Beginning of the document](#) or [Beginning of this section](#interfaces) + +**config interface type (Versions >= 202106)** + +This command is used to set port interface type. + +- Usage: + ``` + sudo config interface type --help + Usage: config interface type [OPTIONS] + + Set interface type + + Options: + -v, --verbose Enable verbose output + -h, -?, --help Show this message and exit. + ``` + +- Example: + ``` + admin@sonic:~$ sudo config interface type Ethernet0 CR4 + ``` + +Go Back To [Beginning of the document](#) or [Beginning of this section](#interfaces) + +**config interface cable_length (Versions >= 202006)** + +This command is used to configure the length of the cable connected to a port. The cable_length is in unit of meters and must be suffixed with "m". + +For details please refer [dynamic buffer management](#dynamic-buffer-management) + +Go Back To [Beginning of the document](#) or [Beginning of this section](#interfaces) + +**config interface lossless_pg (Versions >= 202006)** + +This command is used to configure the priority groups on which lossless traffic runs. + +For details please refer [dynamic buffer management](#dynamic-buffer-management) + +Go Back To [Beginning of the document](#) or [Beginning of this section](#interfaces) + +**config interface headroom_override (Versions >= 202006)** + +This command is used to configure a static buffer profile on a port's lossless priorities. There shouldn't be any `lossless_pg` configured on the port when configuring `headroom_override`. The port's headroom won't be updated after `headroom_override` has been configured on the port. + +For details please refer [dynamic buffer management](#dynamic-buffer-management) + +Go Back To [Beginning of the document](#) or [Beginning of this section](#interfaces) + +**config interface mpls add (Versions >= 202106)** + +This command is used for adding MPLS operation on the interface. +MPLS operation for either physical, portchannel, or VLAN interface can be configured using this command. + + +- Usage: + ``` + sudo config interface mpls add --help + Usage: config interface mpls add [OPTIONS] + + Add MPLS operation on the interface + + Options: + -?, -h, --help Show this message and exit. + ``` + +- Example: + ``` + admin@sonic:~$ sudo config interface mpls add Ethernet4 + ``` + +**config interface mpls remove (Versions >= 202106)** + +This command is used for removing MPLS operation on the interface. +MPLS operation for either physical, portchannel, or VLAN interface can be configured using this command. + +- Usage: + ``` + sudo config interface mpls remove --help + Usage: config interface mpls remove [OPTIONS] + + Remove MPLS operation from the interface + + Options: + -?, -h, --help Show this message and exit. + ``` + +- Example: + ``` + admin@sonic:~$ sudo config interface mpls remove Ethernet4 + ``` + +**config interface ip loopback-action (Versions >= 202205)** + +This command is used for setting the action being taken on packets that ingress and get routed on the same IP interface. +Loopback action can be set on IP interface from type physical, portchannel, VLAN interface and VLAN subinterface. +Loopback action can be drop or forward. + +- Usage: + ``` + config interface ip loopback-action --help + Usage: config interface ip loopback-action [OPTIONS] + + Set IP interface loopback action + + Options: + -?, -h, --help Show this message and exit. + ``` + +- Example: + ``` + admin@sonic:~$ config interface ip loopback-action Ethernet0 drop + admin@sonic:~$ config interface ip loopback-action Ethernet0 forward + + ``` +Go Back To [Beginning of the document](#) or [Beginning of this section](#interfaces) + +## Interface Naming Mode + +### Interface naming mode show commands +This command displays the current interface naming mode. Interface naming mode originally set to 'default'. Interfaces are referenced by default SONiC interface names. +Users can change the naming_mode using "config interface_naming_mode" command. + +**show interfaces naming_mode** + +This command displays the current interface naming mode + +- Usage: + ``` + show interfaces naming_mode + ``` + +- Examples: + ``` + admin@sonic:~$ show interfaces naming_mode + default + ``` + + - "default" naming mode will display all SONiC interface names in 'show' commands and accept SONiC interface names as parameters in 'config commands + + ``` + admin@sonic:~$ show interfaces naming_mode + alias + ``` + + - "alias" naming mode will display all hardware vendor interface aliases in 'show' commands and accept hardware vendor interface aliases as parameters in 'config commands + + +### Interface naming mode config commands + +**config interface_naming_ mode** + +This command is used to change the interface naming mode. +Users can select between default mode (SONiC interface names) or alias mode (Hardware vendor names). +The user must log out and log back in for changes to take effect. Note that the newly-applied interface mode will affect all interface-related show/config commands. + + +*NOTE: Some platforms do not support alias mapping. In such cases, this command is not applicable. Such platforms always use the same SONiC interface names.* + +- Usage: + ``` + config interface_naming_mode (default | alias) + ``` + + - Interface naming mode is originally set to 'default'. Interfaces are referenced by default SONiC interface names: + +- Example: + ``` + admin@sonic:~$ show interfaces naming_mode + default + + admin@sonic:~$ show interface status Ethernet0 + Interface Lanes Speed MTU Alias Oper Admin + ----------- -------- ------- ----- -------------- ------ ------- + Ethernet0 101,102 40G 9100 fortyGigE1/1/1 up up + + admin@sonic:~$ sudo config interface_naming_mode alias + Please logout and log back in for changes take effect. + ``` + + - After user logs out and logs back in again, interfaces will then referenced by hardware vendor aliases: + + ``` + admin@sonic:~$ show interfaces naming_mode + alias + + admin@sonic:~$ sudo config interface fortyGigE1/1/1 shutdown + admin@sonic:~$ show interface status fortyGigE1/1/1 + Interface Lanes Speed MTU Alias Oper Admin + ----------- -------- ------- ----- -------------- ------ ------- + Ethernet0 101,102 40G 9100 fortyGigE1/1/1 down down + ``` + +Go Back To [Beginning of the document](#) or [Beginning of this section](#interface-naming-mode) + +## Interface Vrf binding + +### Interface vrf bind & unbind config commands + +**config interface vrf bind** + +This command is used to bind a interface to a vrf. +By default, all L3 interfaces will be in default vrf. Above vrf bind command will let users bind interface to a vrf. + +- Usage: + ``` + config interface vrf bind + ``` + +**config interface vrf unbind** + +This command is used to ubind a interface from a vrf. +This will move the interface to default vrf. + +- Usage: + ``` + config interface vrf unbind + ``` + + ### Interface vrf binding show commands + + To display interface vrf binding information, user can use show vrf command. Please refer sub-section [Vrf-show-command](#vrf-show-commands). + +Go Back To [Beginning of the document](#) or [Beginning of this section](#interface-vrf-binding) + +## IP / IPv6 + +### IP show commands + +This sub-section explains the various IP protocol specific show commands that are used to display the following. +1) routes +2) bgp details - Explained in the [bgp section](#show-bgp) +3) IP interfaces +4) prefix-list +5) protocol + +#### show ip route + +This command displays either all the route entries from the routing table or a specific route. + +- Usage: + ``` + show ip route [] [] + ``` + +- Example: + ``` + admin@sonic:~$ show ip route + Codes: K - kernel route, C - connected, S - static, R - RIP, + O - OSPF, I - IS-IS, B - BGP, P - PIM, A - Babel, + > - selected route, * - FIB route + S>* 0.0.0.0/0 [200/0] via 10.11.162.254, eth0 + C>* 1.1.0.0/16 is directly connected, Vlan100 + C>* 10.1.1.0/31 is directly connected, Ethernet112 + C>* 10.1.1.2/31 is directly connected, Ethernet116 + C>* 10.11.162.0/24 is directly connected, eth0 + C>* 127.0.0.0/8 is directly connected, lo + C>* 240.127.1.0/24 is directly connected, docker0 + ``` + + - Optionally, you can specify an IP address in order to display only routes to that particular IP address + +- Example: + ``` + admin@sonic:~$ show ip route 10.1.1.0 + Routing entry for 10.1.1.0/31 + Known via "connected", distance 0, metric 0, best + * directly connected, Ethernet112 + ``` + + - Vrf-name can also be specified to get IPv4 routes programmed in the vrf. + + - Example: + ``` + admin@sonic:~$ show ip route vrf Vrf-red + Codes: K - kernel route, C - connected, S - static, R - RIP, + O - OSPF, I - IS-IS, B - BGP, E - EIGRP, N - NHRP, + T - Table, v - VNC, V - VNC-Direct, A - Babel, D - SHARP, + F - PBR, f - OpenFabric, + > - selected route, * - FIB route + VRF Vrf-red: + C>* 11.1.1.1/32 is directly connected, Loopback11, 21:50:47 + C>* 100.1.1.0/24 is directly connected, Vlan100, 03w1d06h + + admin@sonic:~$ show ip route vrf Vrf-red 11.1.1.1/32 + Routing entry for 11.1.1.1/32 + Known via "connected", distance 0, metric 0, vrf Vrf-red, best + Last update 21:57:53 ago + * directly connected, Loopback11 + ``` + +#### show ip interfaces + +This command displays the details about all the Layer3 IP interfaces in the device for which IP address has been assigned. +The type of interfaces include the following. +1) Front panel physical ports. +2) PortChannel. +3) VLAN interface. +4) Loopback interfaces +5) docker interface and +6) management interface + +- Usage: + ``` + show ip interfaces + ``` + +- Example: + ``` + admin@sonic:~$ show ip interfaces + Interface Master IPv4 address/mask Admin/Oper BGP Neighbor Neighbor IP Flags + ------------- ------------ ------------------ -------------- ------------- ------------- ------- + Loopback0 1.0.0.1/32 up/up N/A N/A + Loopback11 Vrf-red 11.1.1.1/32 up/up N/A N/A + Loopback100 Vrf-blue 100.0.0.1/32 up/up N/A N/A + PortChannel01 10.0.0.56/31 up/down DEVICE1 10.0.0.57 + PortChannel02 10.0.0.58/31 up/down DEVICE2 10.0.0.59 + PortChannel03 10.0.0.60/31 up/down DEVICE3 10.0.0.61 + PortChannel04 10.0.0.62/31 up/down DEVICE4 10.0.0.63 + Vlan100 Vrf-red 1001.1.1/24 up/up N/A N/A + Vlan1000 192.168.0.1/27 up/up N/A N/A + docker0 240.127.1.1/24 up/down N/A N/A + eth0 10.3.147.252/23 up/up N/A N/A + lo 127.0.0.1/8 up/up N/A N/A + ``` + +#### show ip protocol + +This command displays the route-map that is configured for the routing protocol. +Refer the routing stack [Quagga Command Reference](https://www.quagga.net/docs/quagga.pdf) or [FRR Command Reference](https://buildmedia.readthedocs.org/media/pdf/frrouting/latest/frrouting.pdf) to know more about this command. + +- Usage: + ``` + show ip protocol + ``` + +- Example: + ``` + admin@sonic:~$ show ip protocol + Protocol : route-map + ------------------------ + system : none + kernel : none + connected : none + static : none + rip : none + ripng : none + ospf : none + ospf6 : none + isis : none + bgp : RM_SET_SRC + pim : none + hsls : none + olsr : none + babel : none + any : none + ``` + +### IPv6 show commands + +This sub-section explains the various IPv6 protocol specific show commands that are used to display the following. +1) routes +2) IPv6 bgp details - Explained in the [bgp section](#show-bgp) +3) IP interfaces +4) protocol + +**show ipv6 route** + +This command displays either all the IPv6 route entries from the routing table or a specific IPv6 route. + +- Usage: + ``` + show ipv6 route [] [] + ``` + +- Example: + ``` + admin@sonic:~$ show ipv6 route + Codes: K - kernel route, C - connected, S - static, R - RIPng, + O - OSPFv6, I - IS-IS, B - BGP, A - Babel, + > - selected route, * - FIB route + + C>* ::1/128 is directly connected, lo + C>* 2018:2001::/126 is directly connected, Ethernet112 + C>* 2018:2002::/126 is directly connected, Ethernet116 + C>* fc00:1::32/128 is directly connected, lo + C>* fc00:1::102/128 is directly connected, lo + C>* fc00:2::102/128 is directly connected, eth0 + C * fe80::/64 is directly connected, Vlan100 + C * fe80::/64 is directly connected, Ethernet112 + C * fe80::/64 is directly connected, Ethernet116 + C * fe80::/64 is directly connected, Bridge + C * fe80::/64 is directly connected, PortChannel0011 + C>* fe80::/64 is directly connected, eth0 + ``` + - Optionally, you can specify an IPv6 address in order to display only routes to that particular IPv6 address + + +- Example: + ``` + admin@sonic:~$ show ipv6 route fc00:1::32 + Routing entry for fc00:1::32/128 + Known via "connected", distance 0, metric 0, best + * directly connected, lo + ``` + + Vrf-name can also be specified to get IPv6 routes programmed in the vrf. + + - Example: + ``` + admin@sonic:~$ show ipv6 route vrf Vrf-red + Codes: K - kernel route, C - connected, S - static, R - RIP, + O - OSPF, I - IS-IS, B - BGP, E - EIGRP, N - NHRP, + T - Table, v - VNC, V - VNC-Direct, A - Babel, D - SHARP, + F - PBR, f - OpenFabric, + > - selected route, * - FIB route + VRF Vrf-red: + C>* 1100::1/128 is directly connected, Loopback11, 21:50:47 + C>* 100::/112 is directly connected, Vlan100, 03w1d06h + C>* fe80::/64 is directly connected, Loopback11, 21:50:47 + C>* fe80::/64 is directly connected, Vlan100, 03w1d06h + + admin@sonic:~$ show ipv6 route vrf Vrf-red 1100::1/128 + Routing entry for 1100::1/128 + Known via "connected", distance 0, metric 0, vrf Vrf-red, best + Last update 21:57:53 ago + * directly connected, Loopback11 + ``` + +**show ipv6 interfaces** + +This command displays the details about all the Layer3 IPv6 interfaces in the device for which IPv6 address has been assigned. +The type of interfaces include the following. +1) Front panel physical ports. +2) PortChannel. +3) VLAN interface. +4) Loopback interfaces +5) management interface + +- Usage: + ``` + show ipv6 interfaces + ``` + +- Example: + ``` + admin@sonic:~$ show ipv6 interfaces + Interface Master IPv6 address/mask Admin/Oper BGP Neighbor Neighbor IP + ----------- -------- ---------------------------------------- ------------ -------------- ------------- + Bridge fe80::7c45:1dff:fe08:cdd%Bridge/64 up/up N/A N/A + Loopback11 Vrf-red 1100::1/128 up/up + PortChannel01 fc00::71/126 up/down DEVICE1 fc00::72 + PortChannel02 fc00::75/126 up/down DEVICE2 fc00::76 + PortChannel03 fc00::79/126 up/down DEVICE3 fc00::7a + PortChannel04 fc00::7d/126 up/down DEVICE4 fc00::7e + Vlan100 Vrf-red 100::1/112 up/up N/A N/A + fe80::eef4:bbff:fefe:880a%Vlan100/64 + eth0 fe80::eef4:bbff:fefe:880a%eth0/64 up/up N/A N/A + lo fc00:1::32/128 up/up N/A N/A + ``` + +**show ipv6 protocol** + +This command displays the route-map that is configured for the IPv6 routing protocol. +Refer the routing stack [Quagga Command Reference](https://www.quagga.net/docs/quagga.pdf) or [FRR Command Reference](https://buildmedia.readthedocs.org/media/pdf/frrouting/latest/frrouting.pdf) to know more about this command. + + +- Usage: + ``` + show ipv6 protocol + ``` + +- Example: + ``` + admin@sonic:~$ show ipv6 protocol + Protocol : route-map + ------------------------ + system : none + kernel : none + connected : none + static : none + rip : none + ripng : none + ospf : none + ospf6 : none + isis : none + bgp : RM_SET_SRC6 + pim : none + hsls : none + olsr : none + babel : none + any : none + ``` + +Go Back To [Beginning of the document](#) or [Beginning of this section](#ip--ipv6) + +## IPv6 Link Local + +### IPv6 Link Local config commands + +This section explains all the commands that are supported in SONiC to configure IPv6 Link-local. + +**config interface ipv6 enable use-link-local-only ** + +This command enables user to enable an interface to forward L3 traffic with out configuring an address. This command creates the routing interface based on the auto generated IPv6 link-local address. This command can be used even if an address is configured on the interface. + +- Usage: + ``` + config interface ipv6 enable use-link-local-only + ``` + +- Example: + ``` + admin@sonic:~$ sudo config interface ipv6 enable use-link-local-only Vlan206 + admin@sonic:~$ sudo config interface ipv6 enable use-link-local-only PortChannel007 + admin@sonic:~$ sudo config interface ipv6 enable use-link-local-only Ethernet52 + ``` + +**config interface ipv6 disable use-link-local-only ** + +This command enables user to disable use-link-local-only configuration on an interface. + +- Usage: + ``` + config interface ipv6 disable use-link-local-only + ``` + +- Example: + ``` + admin@sonic:~$ sudo config interface ipv6 disable use-link-local-only Vlan206 + admin@sonic:~$ sudo config interface ipv6 disable use-link-local-only PortChannel007 + admin@sonic:~$ sudo config interface ipv6 disable use-link-local-only Ethernet52 + ``` + +**config ipv6 enable link-local** + +This command enables user to enable use-link-local-only command on all the interfaces globally. + +- Usage: + ``` + sudo config ipv6 enable link-local + ``` + +- Example: + ``` + admin@sonic:~$ sudo config ipv6 enable link-local + ``` + +**config ipv6 disable link-local** + +This command enables user to disable use-link-local-only command on all the interfaces globally. + +- Usage: + ``` + sudo config ipv6 disable link-local + ``` + +- Example: + ``` + admin@sonic:~$ sudo config ipv6 disable link-local + ``` + +### IPv6 Link Local show commands + +**show ipv6 link-local-mode** + +This command displays the link local mode of all the interfaces. + +- Usage: + ``` + show ipv6 link-local-mode + ``` + +- Example: + ``` + root@sonic:/home/admin# show ipv6 link-local-mode + +------------------+----------+ + | Interface Name | Mode | + +==================+==========+ + | Ethernet16 | Disabled | + +------------------+----------+ + | Ethernet18 | Enabled | + +------------------+----------+ + ``` + +Go Back To [Beginning of the document](#) or [Beginning of this section](#ipv6-link-local) + +## Kubernetes + +### Kubernetes show commands + +**show kubernetes server config** + +This command displays the kubernetes server configuration, if any, else would report as not configured. + +- Usage: + ``` + show kubernetes server config + ``` + +- Example: + ``` + admin@sonic:~$ show kubernetes server config + ip port insecure disable + ----------- ------ ---------- --------- + 10.3.157.24 6443 True False + ``` + +**show kubernetes server status** + +This command displays the kubernetes server status. + +- Usage: + ``` + show kubernetes server status + ``` + +- Example: + ``` + admin@sonic:~$ show kubernetes server status + ip port connected update-time + ----------- ------ ----------- ------------------- + 10.3.157.24 6443 true 2020-11-15 18:25:05 + ``` +Go Back To [Beginning of the document](#) or [Beginning of this section](#Kubernetes) + +## Linux Kernel Dump + +This section demonstrates the show commands and configuration commands of Linux kernel dump mechanism in SONiC. + +### Linux Kernel Dump show commands + +**show kdump config** + +This command shows the configuration of Linux kernel dump. + +- Usage: + ``` + show kdump config + ``` + +- Example: + ``` + admin@sonic:$ show kdump config + Kdump administrative mode: Disabled + Kdump operational mode: Unready + Kdump memory researvation: 0M-2G:256M,2G-4G:320M,4G-8G:384M,8G-:448M + Maximum number of Kdump files: 3 + ``` + +**show kdump files** + +This command shows the Linux kernel core dump files and dmesg files which are +generated by kernel dump tool. + +- Usage: + ``` + show kdump files + ``` + +- Example: + ``` + admin@sonic:~$ show kdump files + Kernel core dump files Kernel dmesg files + ------------------------------------------ ------------------------------------------ + /var/crash/202106242344/kdump.202106242344 /var/crash/202106242344/dmesg.202106242344 + /var/crash/202106242337/kdump.202106242337 /var/crash/202106242337/dmesg.202106242337 + ``` + +**show kdump logging ** + +By default, this command will show the last 10 lines of latest dmesg file. +This command can also accept a specific file name and number of lines as arguments. + +- Usage: + ``` + show kdump logging + ``` + +- Example: + ``` + admin@sonic:~$ show kdump logging + [ 157.642053] RSP: 002b:00007fff1beee708 EFLAGS: 00000246 ORIG_RAX: 0000000000000001 + [ 157.732635] RAX: ffffffffffffffda RBX: 0000000000000002 RCX: 00007fc3887d4504 + [ 157.818015] RDX: 0000000000000002 RSI: 000055d388eceb40 RDI: 0000000000000001 + [ 157.903401] RBP: 000055d388eceb40 R08: 000000000000000a R09: 00007fc3888255f0 + [ 157.988784] R10: 000000000000000a R11: 0000000000000246 R12: 00007fc3888a6760 + [ 158.074166] R13: 0000000000000002 R14: 00007fc3888a1760 R15: 0000000000000002 + [ 158.159553] Modules linked in: nft_chain_route_ipv6(E) nft_chain_route_ipv4(E) xt_TCPMSS(E) dummy(E) team_mode_loadbalance(E) team(E) sx_bfd(OE) sx_netdev(OE) psample(E) sx_core(OE) 8021q(E) garp(E) mrp(E) mst_pciconf(OE) mst_pci(OE) xt_hl(E) xt_tcpudp(E) ip6_tables(E) nft_compat(E) nft_chain_nat_ipv4(E) nf_nat_ipv4(E) nft_counter(E) xt_conntrack(E) nf_nat(E) jc42(E) nf_conntrack_netlink(E) nf_conntrack(E) nf_defrag_ipv6(E) nf_defrag_ipv4(E) libcrc32c(E) xfrm_user(E) xfrm_algo(E) mlxsw_minimal(E) mlxsw_i2c(E) i2c_mux_reg(E) i2c_mux(E) i2c_mlxcpld(E) leds_mlxreg(E) mlxreg_io(E) mlxreg_hotplug(E) mei_wdt(E) evdev(E) intel_rapl(E) x86_pkg_temp_thermal(E) intel_powerclamp(E) kvm_intel(E) mlx_platform(E) kvm(E) irqbypass(E) crct10dif_pclmul(E) crc32_pclmul(E) ghash_clmulni_intel(E) intel_cstate(E) intel_uncore(E) + [ 159.016731] intel_rapl_perf(E) pcspkr(E) sg(E) iTCO_wdt(E) iTCO_vendor_support(E) mei_me(E) mei(E) bonding(E) pcc_cpufreq(E) video(E) button(E) ebt_vlan(E) ebtable_broute(E) bridge(E) stp(E) llc(E) ebtable_nat(E) ebtable_filter(E) ebtables(E) nf_tables(E) nfnetlink(E) xdpe12284(E) at24(E) ledtrig_timer(E) tmp102(E) lm75(E) drm(E) coretemp(E) max1363(E) industrialio_triggered_buffer(E) kfifo_buf(E) industrialio(E) tps53679(E) fuse(E) pmbus(E) pmbus_core(E) i2c_dev(E) configfs(E) ip_tables(E) x_tables(E) autofs4(E) loop(E) ext4(E) crc16(E) mbcache(E) jbd2(E) crc32c_generic(E) fscrypto(E) ecb(E) crypto_simd(E) cryptd(E) glue_helper(E) aes_x86_64(E) nvme(E) nvme_core(E) nls_utf8(E) nls_cp437(E) nls_ascii(E) vfat(E) fat(E) overlay(E) squashfs(E) zstd_decompress(E) xxhash(E) sd_mod(E) gpio_ich(E) ahci(E) + [ 159.864532] libahci(E) mlxsw_core(E) devlink(E) ehci_pci(E) ehci_hcd(E) crc32c_intel(E) libata(E) i2c_i801(E) scsi_mod(E) usbcore(E) usb_common(E) lpc_ich(E) mfd_core(E) e1000e(E) fan(E) thermal(E) + [ 160.075846] CR2: 0000000000000000 + ``` +You can specify a file name in order to show its +last 10 lines. + +- Example: + ``` + admin@sonic:~$ show kdump logging dmesg.202106242337 + [ 654.120195] RSP: 002b:00007ffe697690f8 EFLAGS: 00000246 ORIG_RAX: 0000000000000001 + [ 654.210778] RAX: ffffffffffffffda RBX: 0000000000000002 RCX: 00007fcfca27b504 + [ 654.296157] RDX: 0000000000000002 RSI: 000055a6e4d1b3f0 RDI: 0000000000000001 + [ 654.381543] RBP: 000055a6e4d1b3f0 R08: 000000000000000a R09: 00007fcfca2cc5f0 + [ 654.466925] R10: 000000000000000a R11: 0000000000000246 R12: 00007fcfca34d760 + [ 654.552310] R13: 0000000000000002 R14: 00007fcfca348760 R15: 0000000000000002 + [ 654.637694] Modules linked in: binfmt_misc(E) nft_chain_route_ipv6(E) nft_chain_route_ipv4(E) xt_TCPMSS(E) dummy(E) team_mode_loadbalance(E) team(E) sx_bfd(OE) sx_netdev(OE) psample(E) sx_core(OE) 8021q(E) garp(E) mrp(E) mst_pciconf(OE) mst_pci(OE) xt_hl(E) xt_tcpudp(E) ip6_tables(E) nft_chain_nat_ipv4(E) nf_nat_ipv4(E) nft_compat(E) nft_counter(E) xt_conntrack(E) nf_nat(E) jc42(E) nf_conntrack_netlink(E) nf_conntrack(E) nf_defrag_ipv6(E) nf_defrag_ipv4(E) libcrc32c(E) xfrm_user(E) xfrm_algo(E) mlxsw_minimal(E) mlxsw_i2c(E) i2c_mux_reg(E) i2c_mux(E) mlxreg_hotplug(E) mlxreg_io(E) i2c_mlxcpld(E) leds_mlxreg(E) mei_wdt(E) evdev(E) intel_rapl(E) x86_pkg_temp_thermal(E) intel_powerclamp(E) kvm_intel(E) kvm(E) mlx_platform(E) irqbypass(E) crct10dif_pclmul(E) crc32_pclmul(E) ghash_clmulni_intel(E) intel_cstate(E) + [ 655.493833] intel_uncore(E) intel_rapl_perf(E) pcspkr(E) sg(E) iTCO_wdt(E) iTCO_vendor_support(E) mei_me(E) mei(E) bonding(E) video(E) button(E) pcc_cpufreq(E) ebt_vlan(E) ebtable_broute(E) bridge(E) stp(E) llc(E) ebtable_nat(E) ebtable_filter(E) ebtables(E) nf_tables(E) nfnetlink(E) xdpe12284(E) at24(E) ledtrig_timer(E) tmp102(E) drm(E) lm75(E) coretemp(E) max1363(E) industrialio_triggered_buffer(E) kfifo_buf(E) industrialio(E) fuse(E) tps53679(E) pmbus(E) pmbus_core(E) i2c_dev(E) configfs(E) ip_tables(E) x_tables(E) autofs4(E) loop(E) ext4(E) crc16(E) mbcache(E) jbd2(E) crc32c_generic(E) fscrypto(E) ecb(E) crypto_simd(E) cryptd(E) glue_helper(E) aes_x86_64(E) nvme(E) nvme_core(E) nls_utf8(E) nls_cp437(E) nls_ascii(E) vfat(E) fat(E) overlay(E) squashfs(E) zstd_decompress(E) xxhash(E) sd_mod(E) + [ 656.337476] gpio_ich(E) ahci(E) mlxsw_core(E) libahci(E) devlink(E) crc32c_intel(E) libata(E) i2c_i801(E) scsi_mod(E) lpc_ich(E) mfd_core(E) ehci_pci(E) ehci_hcd(E) usbcore(E) e1000e(E) usb_common(E) fan(E) thermal(E) + [ 656.569590] CR2: 0000000000000000 + ``` +You can also specify a file name and number of lines in order to show the +last number of lines. + +- Example: + ``` + admin@sonic:~$ show kdump logging dmesg.202106242337 -l 20 + [ 653.525427] __handle_sysrq.cold.9+0x45/0xf2 + [ 653.576487] write_sysrq_trigger+0x2b/0x30 + [ 653.625472] proc_reg_write+0x39/0x60 + [ 653.669252] vfs_write+0xa5/0x1a0 + [ 653.708881] ksys_write+0x57/0xd0 + [ 653.748501] do_syscall_64+0x53/0x110 + [ 653.792287] entry_SYSCALL_64_after_hwframe+0x44/0xa9 + [ 653.852707] RIP: 0033:0x7fcfca27b504 + [ 653.895452] Code: 00 f7 d8 64 89 02 48 c7 c0 ff ff ff ff eb b3 0f 1f 80 00 00 00 00 48 8d 05 f9 61 0d 00 8b 00 85 c0 75 13 b8 01 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 54 c3 0f 1f 00 41 54 49 89 d4 55 48 89 f5 53 + [ 654.120195] RSP: 002b:00007ffe697690f8 EFLAGS: 00000246 ORIG_RAX: 0000000000000001 + [ 654.210778] RAX: ffffffffffffffda RBX: 0000000000000002 RCX: 00007fcfca27b504 + [ 654.296157] RDX: 0000000000000002 RSI: 000055a6e4d1b3f0 RDI: 0000000000000001 + [ 654.381543] RBP: 000055a6e4d1b3f0 R08: 000000000000000a R09: 00007fcfca2cc5f0 + [ 654.466925] R10: 000000000000000a R11: 0000000000000246 R12: 00007fcfca34d760 + [ 654.552310] R13: 0000000000000002 R14: 00007fcfca348760 R15: 0000000000000002 + [ 654.637694] Modules linked in: binfmt_misc(E) nft_chain_route_ipv6(E) nft_chain_route_ipv4(E) xt_TCPMSS(E) dummy(E) team_mode_loadbalance(E) team(E) sx_bfd(OE) sx_netdev(OE) psample(E) sx_core(OE) 8021q(E) garp(E) mrp(E) mst_pciconf(OE) mst_pci(OE) xt_hl(E) xt_tcpudp(E) ip6_tables(E) nft_chain_nat_ipv4(E) nf_nat_ipv4(E) nft_compat(E) nft_counter(E) xt_conntrack(E) nf_nat(E) jc42(E) nf_conntrack_netlink(E) nf_conntrack(E) nf_defrag_ipv6(E) nf_defrag_ipv4(E) libcrc32c(E) xfrm_user(E) xfrm_algo(E) mlxsw_minimal(E) mlxsw_i2c(E) i2c_mux_reg(E) i2c_mux(E) mlxreg_hotplug(E) mlxreg_io(E) i2c_mlxcpld(E) leds_mlxreg(E) mei_wdt(E) evdev(E) intel_rapl(E) x86_pkg_temp_thermal(E) intel_powerclamp(E) kvm_intel(E) kvm(E) mlx_platform(E) irqbypass(E) crct10dif_pclmul(E) crc32_pclmul(E) ghash_clmulni_intel(E) intel_cstate(E) + [ 655.493833] intel_uncore(E) intel_rapl_perf(E) pcspkr(E) sg(E) iTCO_wdt(E) iTCO_vendor_support(E) mei_me(E) mei(E) bonding(E) video(E) button(E) pcc_cpufreq(E) ebt_vlan(E) ebtable_broute(E) bridge(E) stp(E) llc(E) ebtable_nat(E) ebtable_filter(E) ebtables(E) nf_tables(E) nfnetlink(E) xdpe12284(E) at24(E) ledtrig_timer(E) tmp102(E) drm(E) lm75(E) coretemp(E) max1363(E) industrialio_triggered_buffer(E) kfifo_buf(E) industrialio(E) fuse(E) tps53679(E) pmbus(E) pmbus_core(E) i2c_dev(E) configfs(E) ip_tables(E) x_tables(E) autofs4(E) loop(E) ext4(E) crc16(E) mbcache(E) jbd2(E) crc32c_generic(E) fscrypto(E) ecb(E) crypto_simd(E) cryptd(E) glue_helper(E) aes_x86_64(E) nvme(E) nvme_core(E) nls_utf8(E) nls_cp437(E) nls_ascii(E) vfat(E) fat(E) overlay(E) squashfs(E) zstd_decompress(E) xxhash(E) sd_mod(E) + [ 656.337476] gpio_ich(E) ahci(E) mlxsw_core(E) libahci(E) devlink(E) crc32c_intel(E) libata(E) i2c_i801(E) scsi_mod(E) lpc_ich(E) mfd_core(E) ehci_pci(E) ehci_hcd(E) usbcore(E) e1000e(E) usb_common(E) fan(E) thermal(E) + [ 656.569590] CR2: 0000000000000000 + ``` +### Linux Kernel Dump config command + +**config kdump** + +Administrative state of kdump is stored in ConfigDB. + +The variable USE_KDUMP in the file /etc/default/kdump-tools is set to 0 to disable kdump, and set to 1 to enable kdump. + +Since this command might require changing the kernel parameters to specify the amount of memory reserved for the capture kernel (the kernel parameters which are exported through /proc/cmdline), a reboot is necessary. The command displays a message showing that kdump functionality will be either enabled or disabled following the next reboot. + +- Usage: +``` + admin@sonic:~$ config kdump + +Commands: + disable Disable the KDUMP mechanism + enable Enable the KDUMP mechanism + memory Configure the memory for KDUMP mechanism + num_dumps Configure the maximum dump files of KDUMP mechanism + +``` +Go Back To [Beginning of the document](#) or [Beginning of this section](#kdump) + +## LLDP + +### LLDP show commands + +**show lldp table** + +This command displays the brief summary of all LLDP neighbors. + +- Usage: + ``` + show lldp table + ``` + +- Example: + ``` + admin@sonic:~$ show lldp table + Capability codes: (R) Router, (B) Bridge, (O) Other + LocalPort RemoteDevice RemotePortID Capability RemotePortDescr + ----------- ----------------- ------------------- ------------ -------------------- + Ethernet112 T1-1 hundredGigE1/2 BR T0-2:hundredGigE1/29 + Ethernet116 T1-2 hundredGigE1/2 BR T0-2:hundredGigE1/30 + eth0 swtor-b2lab2-1610 GigabitEthernet 0/2 OBR + -------------------------------------------------- + Total entries displayed: 3 + ``` + +**show lldp neighbors** + +This command displays more details about all LLDP neighbors or only the neighbors connected to a specific interface. + +- Usage: + ``` + show lldp neighbors + ``` + +- Example1: To display all neighbors in all interfaces + ``` + admin@sonic:~$ show lldp neighbors + ------------------------------------------------------------------------------- + LLDP neighbors: + ------------------------------------------------------------------------------- + Interface: eth0, via: LLDP, RID: 1, Time: 0 day, 12:21:21 + Chassis: + ChassisID: mac 00:01:e8:81:e3:45 + SysName: swtor-b2lab2-1610 + SysDescr: Dell Force10 Networks Real Time Operating System Software. Dell Force10 Operating System Version: 1.0. Dell Force10 Application Software Version: 8.3.3.10d. Copyright (c) 1999-2012 by Dell Inc. All Rights Reserved.Build Time: Tue Sep 22 11:21:54 PDT 2015 + TTL: 20 + Capability: Repeater, on + Capability: Bridge, on + Capability: Router, on + Port: + PortID: ifname GigabitEthernet 0/2 + VLAN: 162, pvid: yes + ------------------------------------------------------------------------------- + Interface: Ethernet116, via: LLDP, RID: 3, Time: 0 day, 12:20:49 + Chassis: + ChassisID: mac 4c:76:25:e7:f0:c0 + SysName: T1-2 + SysDescr: Debian GNU/Linux 8 (jessie) Linux 4.9.0-8-amd64 #1 SMP Debian 4.9.110-3+deb9u6 (2015-12-19) x86_64 + TTL: 120 + MgmtIP: 10.11.162.40 + Capability: Bridge, on + Capability: Router, on + Capability: Wlan, off + Capability: Station, off + Port: + PortID: local hundredGigE1/2 + PortDescr: T0-2:hundredGigE1/30 + ------------------------------------------------------------------------------- + ``` + +Optionally, you can specify an interface name in order to display only that particular interface + +- Example2: + ``` + admin@sonic:~$ show lldp neighbors Ethernet112 + show lldp neighbors Ethernet112 + ------------------------------------------------------------------------------- + LLDP neighbors: + ------------------------------------------------------------------------------- + Interface: Ethernet112, via: LLDP, RID: 2, Time: 0 day, 19:24:17 + Chassis: + ChassisID: mac 4c:76:25:e5:e6:c0 + SysName: T1-1 + SysDescr: Debian GNU/Linux 8 (jessie) Linux 4.9.0-8-amd64 #1 SMP Debian 4.9.110-3+deb9u6 (2015-12-19) x86_64 + TTL: 120 + MgmtIP: 10.11.162.41 + Capability: Bridge, on + Capability: Router, on + Capability: Wlan, off + Capability: Station, off + Port: + PortID: local hundredGigE1/2 + PortDescr: T0-2:hundredGigE1/29 + ------------------------------------------------------------------------------- + ``` +Go Back To [Beginning of the document](#) or [Beginning of this section](#lldp) + + +## Loading, Reloading And Saving Configuration + +This section explains the commands that are used to load the configuration from either the ConfigDB or from the minigraph. + +### Loading configuration from JSON file + +**config load** + +This command is used to load the configuration from a JSON file like the file which SONiC saves its configuration to, `/etc/sonic/config_db.json` +This command loads the configuration from the input file (if user specifies this optional filename, it will use that input file. Otherwise, it will use the default `/etc/sonic/config_db.json` file as the input file) into CONFIG_DB. +The configuration present in the input file is applied on top of the already running configuration. +This command does not flush the config DB before loading the new configuration (i.e., If the configuration present in the input file is same as the current running configuration, nothing happens) +If the config present in the input file is not present in running configuration, it will be added. +If the config present in the input file differs (when key matches) from that of the running configuration, it will be modified as per the new values for those keys. + +When user specifies the optional argument "-y" or "--yes", this command forces the loading without prompting the user for confirmation. +If the argument is not specified, it prompts the user to confirm whether user really wants to load this configuration file. + +- Usage: + ``` + config load [-y|--yes] [] + ``` + +- Example: + ``` + admin@sonic:~$ sudo config load + Load config from the file /etc/sonic/config_db.json? [y/N]: y + Running command: /usr/local/bin/sonic-cfggen -j /etc/sonic/config_db.json --write-to-db + ``` + +### Loading configuration from minigraph (XML) file + +**config load_minigraph** + +This command is used to load the configuration from /etc/sonic/minigraph.xml. +When users do not want to use configuration from config_db.json, they can copy the minigraph.xml configuration file to the device and load it using this command. +This command restarts various services running in the device and it takes some time to complete the command. + +NOTE: If the user had logged in using SSH, users might get disconnected and some configuration failures might happen which might be hard to recover. Users need to reconnect their SSH sessions after configuring the management IP address. It is recommended to execute this command from console port +NOTE: Management interface IP address and default route (or specific route) may require reconfiguration in case if those parameters are not part of the minigraph.xml. + +When user specifies the optional argument "-y" or "--yes", this command forces the loading without prompting the user for confirmation. +If the argument is not specified, it prompts the user to confirm whether user really wants to load this configuration file. + +When user specifies the optional argument "-n" or "--no-service-restart", this command loads the configuration without restarting dependent services +running on the device. One use case for this option is during boot time when config-setup service loads minigraph configuration and there is no services +running on the device. + +When user specifies the optional argument "-t" or "--traffic-shift-away", this command executes TSA command at the end to ensure the device remains in maintenance after loading minigraph. + +- Usage: + ``` + config load_minigraph [-y|--yes] [-n|--no-service-restart] [-t|--traffic-shift-away] + ``` + +- Example: + ``` + admin@sonic:~$ sudo config load_minigraph + Reload config from minigraph? [y/N]: y + Running command: /usr/local/bin/sonic-cfggen -j /etc/sonic/config_db.json --write-to-db + ``` + +### Reloading Configuration + +**config reload** + +This command is used to clear current configuration and import new configurationn from the input file or from /etc/sonic/config_db.json. +This command shall stop all services before clearing the configuration and it then restarts those services. + +This command restarts various services running in the device and it takes some time to complete the command. +NOTE: If the user had logged in using SSH, users **might get disconnected** depending upon the new management IP address. Users need to reconnect their SSH sessions. +In general, it is recommended to execute this command from console port after disconnecting all SSH sessions to the device. +When users to do “config reload” the newly loaded config may have management IP address, or it may not have management IP address. +If mgmtIP is there in the newly loaded config file, that mgmtIP might be same as previously configured value or it might be different. +This difference in mgmtIP address values results in following possible behaviours. + +Case1: Previously configured mgmtIP is same as newly loaded mgmtIP. The SSH session may not be affected at all, but it’s possible that there will be a brief interruption in the SSH session. But, assuming the client’s timeout value isn’t on the order of a couple of seconds, the session would most likely just resume again as soon as the interface is reconfigured and up with the same IP. +Case2: Previously configured mgmtIP is different from newly loaded mgmtIP. Users will lose their SSH connections. +Case3: Newly loaded config does not have any mgmtIP. Users will lose their SSH connections. + +NOTE: Management interface IP address and default route (or specific route) may require reconfiguration in case if those parameters are not part of the minigraph.xml. + +When user specifies the optional argument "-y" or "--yes", this command forces the loading without prompting the user for confirmation. +If the argument is not specified, it prompts the user to confirm whether user really wants to load this configuration file. + +When user specifies the optional argument "-n" or "--no-service-restart", this command clear and loads the configuration without restarting dependent services +running on the device. One use case for this option is during boot time when config-setup service loads existing old configuration and there is no services +running on the device. + +When user specifies the optional argument "-f" or "--force", this command ignores the system sanity checks. By default a list of sanity checks are performed and if one of the checks fail, the command will not execute. The sanity checks include ensuring the system status is not starting, all the essential services are up and swss is in ready state. + +- Usage: + ``` + config reload [-y|--yes] [-l|--load-sysinfo] [] [-n|--no-service-restart] [-f|--force] + ``` + +- Example: + ``` + admin@sonic:~$ sudo config reload + Clear current config and reload config from the file /etc/sonic/config_db.json? [y/N]: y + Running command: systemctl stop dhcp_relay + Running command: systemctl stop swss + Running command: systemctl stop snmp + Warning: Stopping snmp.service, but it can still be activated by: + snmp.timer + Running command: systemctl stop lldp + Running command: systemctl stop pmon + Running command: systemctl stop bgp + Running command: systemctl stop teamd + Running command: /usr/local/bin/sonic-cfggen -H -k Force10-Z9100-C32 --write-to-db + Running command: /usr/local/bin/sonic-cfggen -j /etc/sonic/config_db.json --write-to-db + Running command: systemctl restart hostname-config + Running command: systemctl restart interfaces-config + Timeout, server 10.11.162.42 not responding. + ``` + When some sanity checks fail below error messages can be seen + ``` + admin@sonic:~$ sudo config reload -y + System is not up. Retry later or use -f to avoid system checks + ``` + ``` + admin@sonic:~$ sudo config reload -y + Relevant services are not up. Retry later or use -f to avoid system checks + ``` + ``` + admin@sonic:~$ sudo config reload -y + SwSS container is not ready. Retry later or use -f to avoid system checks + ``` + + +### Loading Management Configuration + +**config load_mgmt_config** + +This command is used to reconfigure hostname and mgmt interface based on device description file. +This command either uses the optional file specified as arguement or looks for the file "/etc/sonic/device_desc.xml". +If the file does not exist or if the file does not have valid fields for "hostname" and "ManagementAddress" (or "ManagementAddressV6"), it fails. + +When user specifies the optional argument "-y" or "--yes", this command forces the loading without prompting the user for confirmation. +If the argument is not specified, it prompts the user to confirm whether user really wants to load this configuration file. + +- Usage: + ``` + config load_mgmt_config [-y|--yes] [] + ``` + +- Example: + ``` + admin@sonic:~$ sudo config load_mgmt_config + Reload config from minigraph? [y/N]: y + Running command: /usr/local/bin/sonic-cfggen -M /etc/sonic/device_desc.xml --write-to-db + ``` + + +### Saving Configuration to a File for Persistence + +**config save** + +This command is to save the config DB configuration into the user-specified filename or into the default /etc/sonic/config_db.json. This saves the configuration into the disk which is available even after reboots. +Saved file can be transferred to remote machines for debugging. If users wants to load the configuration from this new file at any point of time, they can use "config load" command and provide this newly generated file as input. If users wants this newly generated file to be used during reboot, they need to copy this file to /etc/sonic/config_db.json. + +- Usage: + ``` + config save [-y|--yes] [] + ``` + +- Example (Save configuration to /etc/sonic/config_db.json): + ``` + admin@sonic:~$ sudo config save -y + ``` + +- Example (Save configuration to a specified file): + ``` + admin@sonic:~$ sudo config save -y /etc/sonic/config2.json + ``` + +Go Back To [Beginning of the document](#) or [Beginning of this section](#loading-reloading-and-saving-configuration) + +## Loopback Interfaces + +### Loopback show commands + +Please check [show ip interfaces](#show-ip-interfaces) + +### Loopback config commands + +This sub-section explains how to create and delete loopback interfaces. + +**config interface loopback** + +This command is used to add or delete loopback interfaces. +It is recommended to use loopback names in the format "Loopbackxxx", where "xxx" is number of 1 to 3 digits. Ex: "Loopback11". + +- Usage: + ``` + config loopback (add | del) + ``` + +- Example (Create the loopback with name "Loopback11"): + ``` + admin@sonic:~$ sudo config loopback add Loopback11 + ``` + +## VRF Configuration + +### VRF show commands + +**show vrf** + +This command displays all vrfs configured on the system along with interface binding to the vrf. +If vrf-name is also provided as part of the command, if the vrf is created it will display all interfaces binding to the vrf, if vrf is not created nothing will be displayed. + +- Usage: + ``` + show vrf [] + ``` + +- Example: + ```` + admin@sonic:~$ show vrf + VRF Interfaces + ------- ------------ + default Vlan20 + Vrf-red Vlan100 + Loopback11 + Eth0.100 + Vrf-blue Loopback100 + Loopback102 + Ethernet0.10 + PortChannel101 + ```` + +### VRF config commands + +**config vrf add ** + +This command creates vrf in SONiC system with provided vrf-name. + +- Usage: + ``` +config vrf add +``` +Note: vrf-name should always start with keyword "Vrf" + +**config vrf del ** + +This command deletes vrf with name vrf-name. + +- Usage: + ``` +config vrf del +``` + +## Management VRF + +### Management VRF Show commands + +**show mgmt-vrf** + +This command displays whether the management VRF is enabled or disabled. It also displays the details about the the links (eth0, mgmt, lo-m) that are related to management VRF. + +- Usage: + ``` + show mgmt-vrf + ``` + +- Example: + ``` + admin@sonic:~$ show mgmt-vrf + + ManagementVRF : Enabled + + Management VRF interfaces in Linux: + 348: mgmt: mtu 65536 qdisc noqueue state UP mode DEFAULT group default qlen 1000 + link/ether f2:2a:d9:bc:e8:f0 brd ff:ff:ff:ff:ff:ff + 2: eth0: mtu 1500 qdisc mq master mgmt state UP mode DEFAULT group default qlen 1000 + link/ether 4c:76:25:f4:f9:f3 brd ff:ff:ff:ff:ff:ff + 350: lo-m: mtu 1500 qdisc noqueue master mgmt state UNKNOWN mode DEFAULT group default qlen 1000 + link/ether b2:4c:c6:f3:e9:92 brd ff:ff:ff:ff:ff:ff + + NOTE: The management interface "eth0" shows the "master" as "mgmt" since it is part of management VRF. + ``` + +**show mgmt-vrf routes** + +This command displays the routes that are present in the routing table 5000 that is meant for management VRF. + +- Usage: + ``` + show mgmt-vrf routes + ``` + +- Example: + ``` + admin@sonic:~$ show mgmt-vrf routes + + Routes in Management VRF Routing Table: + default via 10.16.210.254 dev eth0 metric 201 + broadcast 10.16.210.0 dev eth0 proto kernel scope link src 10.16.210.75 + 10.16.210.0/24 dev eth0 proto kernel scope link src 10.16.210.75 + local 10.16.210.75 dev eth0 proto kernel scope host src 10.16.210.75 + broadcast 10.16.210.255 dev eth0 proto kernel scope link src 10.16.210.75 + broadcast 127.0.0.0 dev lo-m proto kernel scope link src 127.0.0.1 + 127.0.0.0/8 dev lo-m proto kernel scope link src 127.0.0.1 + local 127.0.0.1 dev lo-m proto kernel scope host src 127.0.0.1 + broadcast 127.255.255.255 dev lo-m proto kernel scope link src 127.0.0.1 + ``` + +**show management_interface address** + +This command displays the IP address(es) configured for the management interface "eth0" and the management network default gateway. + +- Usage: + ``` + show management_interface address + ``` + +- Example: + ``` + admin@sonic:~$ show management_interface address + Management IP address = 10.16.210.75/24 + Management NetWork Default Gateway = 10.16.210.254 + Management IP address = FC00:2::32/64 + Management Network Default Gateway = fc00:2::1 + ``` + +**show snmpagentaddress** + +This command displays the configured SNMP agent IP addresses. + +- Usage: + ``` + show snmpagentaddress + ``` + +- Example: + ``` + admin@sonic:~$ show snmpagentaddress + ListenIP ListenPort ListenVrf + ---------- ------------ ----------- + 1.2.3.4 787 mgmt + ``` + +**show snmptrap** + +This command displays the configured SNMP Trap server IP addresses. + +- Usage: + ``` + show snmptrap + ``` + +- Example: + ``` + admin@sonic:~$ show snmptrap + Version TrapReceiverIP Port VRF Community + --------- ---------------- ------ ----- ----------- + 2 31.31.31.31 456 mgmt public + ``` + +### Management VRF Config commands + +**config vrf add mgmt** + +This command enables the management VRF in the system. This command restarts the "interfaces-config" service which in turn regenerates the /etc/network/interfaces file and restarts the "networking" service. This creates a new interface and l3mdev CGROUP with the name as "mgmt" and enslaves the management interface "eth0" into this master interface "mgmt". Note that the VRFName "mgmt" (or "management") is reserved for management VRF. i.e. Data VRFs should not use these reserved VRF names. + +- Usage: + ``` + config vrf add mgmt + ``` + +- Example: + ``` + admin@sonic:~$ sudo config vrf add mgmt + ``` + +**config vrf del mgmt** + +This command disables the management VRF in the system. This command restarts the "interfaces-config" service which in turn regenerates the /etc/network/interfaces file and restarts the "networking" service. This deletes the interface "mgmt" and deletes the l3mdev CGROUP named "mgmt" and puts back the management interface "eth0" into the default VRF. Note that the VRFName "mgmt" (or "management") is reserved for management VRF. i.e. Data VRFs should not use these reserved VRF names. + +- Usage: + ``` + config vrf del mgmt + ``` + +- Example: + ``` + admin@sonic:~$ sudo config vrf del mgmt + ``` + +**config snmpagentaddress add** + +This command adds the SNMP agent IP address on which the SNMP agent is expected to listen. When SNMP agent is expected to work as part of management VRF, users should specify the optional vrf_name parameter as "mgmt". This configuration goes into snmpd.conf that is used by SNMP agent. SNMP service is restarted to make this configuration effective in SNMP agent. + +- Usage: + ``` + config snmpagentaddress add [-p ] [-v ] agentip + ``` + +- Example: + ``` + admin@sonic:~$ sudo config snmpagentaddress add -v mgmt -p 123 21.22.13.14 + + Note: For this example, configuration goes into /etc/snmp/snmpd.conf inside snmp docker as follows. When "-v" parameter is not used, the additional "%" in the following line will not be present. + + agentAddress 21.22.13.14:123%mgmt + ``` + +**config snmpagentaddress del** + +This command deletes the SNMP agent IP address on which the SNMP agent is expected to listen. When users had added the agent IP as part of "mgmt" VRF, users should specify the optional vrf_name parameter as "mgmt" while deleting as well. This configuration is removed from snmpd.conf that is used by SNMP agent. SNMP service is restarted to make this configuration effective in SNMP agent. + +- Usage: + ``` + config snmpagentaddress del [-p ] [-v ] agentip + ``` + +- Example: + ``` + admin@sonic:~$ sudo config snmpagentaddress del -v mgmt -p 123 21.22.13.14 + + ``` + +**config snmptrap modify** + +This command modifies the SNMP trap server IP address to which the SNMP agent is expected to send the traps. Users can configure one server IP addrss for each SNMP version to send the traps. When SNMP agent is expected to send traps as part of management VRF, users should specify the optional vrf_name parameter as "mgmt". This configuration goes into snmpd.conf that is used by SNMP agent. SNMP service is restarted to make this configuration effective in SNMP agent. + +- Usage: + ``` + config snmptrap modify [-p ] [-v ] [-c ] trapserverip + ``` + +- Example: + ``` + admin@sonic:~$ sudo config snmptrap modify 2 -p 456 -v mgmt 21.21.21.21 + + For this example, configuration goes into /etc/snmp/snmpd.conf inside snmp docker as follows. When "-v" parameter is not used, the additional "%" in the following line will not be present. In case of SNMPv1, "trapsink" will be updated, in case of v2, "trap2sink" will be updated and in case of v3, "informsink" will be updated. + + trap2sink 31.31.31.31:456%mgmt public + + ``` + +**config snmptrap del** + +This command deletes the SNMP Trap server IP address to which SNMP agent is expected to send TRAPs. When users had added the trap server IP as part of "mgmt" VRF, users should specify the optional vrf_name parameter as "mgmt" while deleting as well. This configuration is removed from snmpd.conf that is used by SNMP agent. SNMP service is restarted to make this configuration effective in SNMP agent. + +- Usage: + ``` + config snmptrap del [-p ] [-v ] [-c ] trapserverip + ``` + +- Example: + ``` + admin@sonic:~$ sudo config snmptrap del -v mgmt -p 123 21.22.13.14 + + ``` + +Go Back To [Beginning of the document](#) or [Beginning of this section](#management-vrf) + +## Muxcable + +### Muxcable Show commands + +**show muxcable status** + +This command displays all the status of either all the ports which are connected to muxcable or any individual port selected by the user. The resultant table or json output will show the current status of muxcable on the port (auto/active) and also the health of the muxcable. + +- Usage: + ``` + show muxcable status [OPTIONS] [PORT] + ``` + +While displaying the muxcable status, users can configure the following fields + +- PORT optional - Port name should be a valid port +- --json optional - -- option to display the result in json format. By default output will be in tabular format. + +With no optional argument, all the ports muxcable status will be displayed in tabular form, or user can pass --json option to display in json format + +- Example: + ``` + admin@sonic:~$ show muxcable status + PORT STATUS HEALTH + ---------- -------- -------- + Ethernet32 active HEALTHY + Ethernet0 auto HEALTHY + ``` + ``` + admin@sonic:~$ show muxcable status --json + ``` + ```json + { + "MUX_CABLE": { + "Ethernet32": { + "STATUS": "active", + "HEALTH": "HEALTHY" + }, + "Ethernet0": { + "STATUS": "auto", + "HEALTH": "HEALTHY" + } + } + } + + ``` + ``` + admin@sonic:~$ show muxcable status Ethernet0 + PORT STATUS HEALTH + --------- -------- -------- + Ethernet0 auto HEALTHY + ``` + ``` + admin@sonic:~$ show muxcable status Ethernet0 --json + ``` + ```json + { + "MUX_CABLE": { + "Ethernet0": { + "STATUS": "auto", + "HEALTH": "HEALTHY" + } + } + } + ``` + +**show muxcable config** + +This command displays all the configurations of either all the ports which are connected to muxcable or any individual port selected by the user. The resultant table or json output will show the current configurations of muxcable on the port(active/standby) and also the ipv4 and ipv6 address of the port as well as peer TOR ip address with the hostname. + +- Usage: + ``` + show muxcable config [OPTIONS] [PORT] + ``` + +With no optional argument, all the ports muxcable configuration will be displayed in tabular form +While displaying the muxcable configuration, users can configure the following fields + +- PORT optional - Port name should be a valid port +- --json optional - option to display the result in json format. By default output will be in tabular format. + +- Example: + ``` + admin@sonic:~$ show muxcable config + SWITCH_NAME PEER_TOR + ------------- ---------- + sonic 10.1.1.1 + port state ipv4 ipv6 + --------- ------- -------- -------- + Ethernet0 active 10.1.1.1 fc00::75 + ``` + ``` + admin@sonic:~$ show muxcable config --json + ``` + ```json + { + "MUX_CABLE": { + "PEER_TOR": "10.1.1.1", + "PORTS": { + "Ethernet0": { + "STATE": "active", + "SERVER": { + "IPv4": "10.1.1.1", + "IPv6": "fc00::75" + } + } + } + } + } + ``` + ``` + admin@sonic:~$ show muxcable config Ethernet0 + SWITCH_NAME PEER_TOR + ------------- ---------- + sonic 10.1.1.1 + port state ipv4 ipv6 + --------- ------- -------- -------- + Ethernet0 active 10.1.1.1 fc00::75 + ``` + ``` + admin@sonic:~$ show muxcable config Ethernet0 --json + ``` + ```json + { + "MUX_CABLE": { + "PORTS": { + "Ethernet0": { + "STATE": "active", + "SERVER": { + "IPv4": "10.1.1.1", + "IPv6": "fc00::75" + } + } + } + } + } + ``` + +**show muxcable ber-info** + +This command displays the ber(Bit error rate) of the port user provides on the target user provides. The target provided as an integer corresponds to actual target as. +0 -> local +1 -> tor 1 +2 -> tor 2 +3 -> nic + +- Usage: + ``` + Usage: show muxcable ber-info [OPTIONS] PORT TARGET + ``` + + +- PORT required - Port number should be a valid port +- TARGET required - the actual target to get the ber info of. + +- Example: + ``` + admin@sonic:~$ show muxcable ber-info 1 1 + Lane1 Lane2 + ------- ------- + 0 0 + ``` + +**show muxcable ber-info** + +This command displays the eye info in mv(milli volts) of the port user provides on the target user provides. The target provided as an integer corresponds to actual target as. +0 -> local +1 -> tor 1 +2 -> tor 2 +3 -> nic + +- Usage: + ``` + Usage: show muxcable eye-info [OPTIONS] PORT TARGET + ``` + +- PORT required - Port number should be a valid port +- TARGET required - the actual target to get the eye info of. + +- Example: + ``` + admin@sonic:~$ show muxcable ber-info 1 1 + Lane1 Lane2 + ------- ------- + 632 622 + ``` + +### Muxcable Config commands + + +**config muxcable mode** + +This command is used for setting the configuration of a muxcable Port/all ports to be active or auto. The user has to enter a port number or else all to make the muxcable config operation on all the ports. Depending on the status of the muxcable port state the resultant output could be OK or INPROGRESS . OK would imply no change on the state, INPROGRESS would mean the toggle is happening in the background. + +- Usage: + ``` + config muxcable mode [OPTIONS] + ``` + +While configuring the muxcable, users needs to configure the following fields for the operation + +- operation_state, permitted operation to be configured which can only be auto or active +- PORT optional - Port name should be a valid port +- --json optional - option to display the result in json format. By default output will be in tabular format. + + +- Example: + ``` + admin@sonic:~$ sudo config muxcable mode active Ethernet0 + port state + --------- ------- + Ethernet0 OK + ``` + ``` + admin@sonic:~$ sudo config muxcable mode --json active Ethernet0 + ``` + ```json + { + "Ethernet0": "OK" + } + ``` + ``` + admin@sonic:~$ sudo config muxcable mode active all + port state + ---------- ---------- + Ethernet0 OK + Ethernet32 INPROGRESS + ``` + ``` + admin@sonic:~$ sudo config muxcable mode active all --json + ``` + ```json + { + "Ethernet32": "INPROGRESS", + "Ethernet0": "OK" + } + ``` +**config muxcable prbs enable/disable** + +This command is used for setting the configuration and enable/diable of prbs on a port user provides. While enabling in addition to port the user also needs to provides the target, prbs mode and lane map on which the user intends to run prbs on. The target reflects where the enable/dsiable will happen. + +- Usage: + ``` + config muxcable prbs enable [OPTIONS] PORT TARGET MODE_VALUE LANE_MAP + config muxcable prbs disable [OPTIONS] PORT TARGET + ``` + +While configuring the muxcable, users needs to configure the following fields for the operation + +- PORT required - Port number should be a valid port +- TARGET required - the actual target to run the prbs on + 0 -> local side, + 1 -> TOR 1 + 2 -> TOR 2 + 3 -> NIC +- MODE_VALUE required - the mode/type for configuring the PRBS mode. + 0x00 = PRBS 9, 0x01 = PRBS 15, 0x02 = PRBS 23, 0x03 = PRBS 31 +- LANE_MAP required - an integer representing the lane_map to be run PRBS on + 0bit for lane 0, 1bit for lane1 and so on. + for example 3 -> 0b'0011 , means running on lane0 and lane1 +- Example: + ``` + admin@sonic:~$ sudo config muxcable prbs enable 1 1 3 3 + PRBS config sucessful + admin@sonic:~$ sudo config muxcable prbs disable 1 0 + PRBS disable sucessful + ``` + +**config muxcable loopback enable/disable** + +This command is used for setting the configuration and enable/disable of loopback on a port user provides. While enabling in addition to port the user also needs to provides the target and lane map on which the user intends to run loopback on. The target reflects where the enable/dsiable will happen. + +- Usage: + ``` + config muxcable loopback enable [OPTIONS] PORT TARGET LANE_MAP + config muxcable loopback disable [OPTIONS] PORT TARGET + ``` + +While configuring the muxcable, users needs to configure the following fields for the operation + +- PORT required - Port number should be a valid port +- TARGET required - the actual target to run the loopback on + 0 -> local side, + 1 -> TOR 1 + 2 -> TOR 2 + 3 -> NIC +- LANE_MAP required - an integer representing the lane_map to be run loopback on + 0bit for lane 0, 1bit for lane1 and so on. + for example 3 -> 0b'0011 , means running on lane0 and lane1 + +- Example: + ``` + admin@sonic:~$ sudo config muxcable loopback enable 1 1 3 + loopback config sucessful + admin@sonic:~$ sudo config muxcable loopback disable 1 0 + loopback disable sucessfull + ``` + +Go Back To [Beginning of the document](#) or [Beginning of this section](#muxcable) + +## Mirroring + +### Mirroring Show commands + +**show mirror_session** + +This command displays all the mirror sessions that are configured. + +- Usage: + ``` + show mirror_session + ``` + +- Example: + ``` + admin@sonic:~$ show mirror_session + ERSPAN Sessions + Name Status SRC IP DST IP GRE DSCP TTL Queue Policer Monitor Port SRC Port Direction + ------ -------- -------- -------- ----- ------ ----- ------- --------- -------------- ---------- ----------- + everflow0 active 10.1.0.32 10.0.0.7 + + SPAN Sessions + Name Status DST Port SRC Port Direction + ------ -------- ---------- ------------- ----------- + port0 active Ethernet0 PortChannel10 rx + ``` + +### Mirroring Config commands + +**config mirror_session** + +This command is used to add or remove mirroring sessions. Mirror session is identified by "session_name". +This command supports configuring both SPAN/ERSPAN sessions. +In SPAN user can configure mirroring of list of source ports/LAG to destination port in ingress/egress/both directions. +In ERSPAN user can configure mirroring of list of source ports/LAG to a destination IP. +Both SPAN/ERSPAN support ACL based mirroring and can be used in ACL configurations. + +While adding a new ERSPAN session, users need to configure the following fields that are used while forwarding the mirrored packets. + +1) source IP address, +2) destination IP address, +3) DSCP (QoS) value with which mirrored packets are forwarded +4) TTL value +5) optional - GRE Type in case if user wants to send the packet via GRE tunnel. GRE type could be anything; it could also be left as empty; by default, it is 0x8949 for Mellanox; and 0x88be for the rest of the chips. +6) optional - Queue in which packets shall be sent out of the device. Valid values 0 to 7 for most of the devices. Users need to know their device and the number of queues supported in that device. +7) optional - Policer which will be used to control the rate at which frames are mirrored. +8) optional - List of source ports which can have both Ethernet and LAG ports. +9) optional - Direction - Mirror session direction when configured along with Source port. (Supported rx/tx/both. default direction is both) + +- Usage: + ``` + config mirror_session erspan add [gre_type] [queue] [policer ] [source-port-list] [direction] + ``` + + The following command is also supported to be backward compatible. + This command will be deprecated in future releases. + ``` + config mirror_session add [gre_type] [queue] + ``` + +- Example: + ``` + root@T1-2:~# config mirror_session add mrr_legacy 1.2.3.4 20.21.22.23 8 100 0x6558 0 + root@T1-2:~# show mirror_session + Name Status SRC IP DST IP GRE DSCP TTL Queue Policer Monitor Port SRC Port Direction + --------- -------- -------- ----------- ------ ------ ----- ------- --------- -------------- ---------- ----------- + mrr_legacy inactive 1.2.3.4 20.21.22.23 0x6558 8 100 0 + + + root@T1-2:~# config mirror_session erspan add mrr_abcd 1.2.3.4 20.21.22.23 8 100 0x6558 0 + root@T1-2:~# show mirror_session + Name Status SRC IP DST IP GRE DSCP TTL Queue Policer Monitor Port SRC Port Direction + --------- -------- -------- ----------- ------ ------ ----- ------- --------- -------------- ---------- ----------- + mrr_abcd inactive 1.2.3.4 20.21.22.23 0x6558 8 100 0 + root@T1-2:~# + + root@T1-2:~# config mirror_session erspan add mrr_port 1.2.3.4 20.21.22.23 8 100 0x6558 0 Ethernet0 + root@T1-2:~# show mirror_session + Name Status SRC IP DST IP GRE DSCP TTL Queue Policer Monitor Port SRC Port Direction + --------- -------- -------- ----------- ------ ------ ----- ------- --------- -------------- ---------- ----------- + mrr_port inactive 1.2.3.4 20.21.22.23 0x6558 8 100 0 Ethernet0 both + root@T1-2:~# + ``` + +While adding a new SPAN session, users need to configure the following fields that are used while forwarding the mirrored packets. +1) destination port, +2) optional - List of source ports- List of source ports which can have both Ethernet and LAG ports. +3) optional - Direction - Mirror session direction when configured along with Source port. (Supported rx/tx/both. default direction is both) +4) optional - Queue in which packets shall be sent out of the device. Valid values 0 to 7 for most of the devices. Users need to know their device and the number of queues supported in that device. +5) optional - Policer which will be used to control the rate at which frames are mirrored. + +- Usage: + ``` + config mirror_session span add [source-port-list] [direction] [queue] [policer ] + ``` + +- Example: + ``` + root@T1-2:~# config mirror_session span add port0 Ethernet0 Ethernet4,PortChannel001,Ethernet8 + root@T1-2:~# show mirror_session + Name Status DST Port SRC Port Direction + ------ -------- ---------- --------------------------------- ----------- + port0 active Ethernet0 Ethernet4,PortChannel10,Ethernet8 both + root@T1-2:~# + ``` + +Go Back To [Beginning of the document](#) or [Beginning of this section](#mirroring) + +## NAT + +### NAT Show commands + +**show nat config** + +This command displays the NAT configuration. + +- Usage: + ``` + show nat config [static | pool | bindings | globalvalues | zones] + ``` + +With no optional arguments, the whole NAT configuration is displayed. + +- Example: + ``` + admin@sonic:~$ show nat config static + + Nat Type IP Protocol Global IP Global L4 Port Local IP Local L4 Port Twice-Nat Id + -------- ----------- ------------ -------------- ------------- ------------- ------------ + dnat all 65.55.45.5 --- 10.0.0.1 --- --- + dnat all 65.55.45.6 --- 10.0.0.2 --- --- + dnat tcp 65.55.45.7 2000 20.0.0.1 4500 1 + snat tcp 20.0.0.2 4000 65.55.45.8 1030 1 + + admin@sonic:~$ show nat config pool + + Pool Name Global IP Range Global L4 Port Range + ------------ ------------------------- -------------------- + Pool1 65.55.45.5 1024-65535 + Pool2 65.55.45.6-65.55.45.8 --- + Pool3 65.55.45.10-65.55.45.15 500-1000 + + admin@sonic:~$ show nat config bindings + + Binding Name Pool Name Access-List Nat Type Twice-Nat Id + ------------ ------------ ------------ -------- ------------ + Bind1 Pool1 --- snat --- + Bind2 Pool2 1 snat 1 + Bind3 Pool3 2 snat -- + + admin@sonic:~$ show nat config globalvalues + + Admin Mode : enabled + Global Timeout : 600 secs + TCP Timeout : 86400 secs + UDP Timeout : 300 secs + + admin@sonic:~$ show nat config zones + + Port Zone + ---- ---- + Ethernet2 0 + Vlan100 1 + ``` + +**show nat statistics** + +This command displays the NAT translation statistics for each entry. + +- Usage: + ``` + show nat statistics + ``` + +- Example: + ``` + admin@sonic:~$ show nat statistics + + Protocol Source Destination Packets Bytes + -------- --------- -------------- ------------- ------------- + all 10.0.0.1 --- 802 1009280 + all 10.0.0.2 --- 23 5590 + tcp 20.0.0.1:4500 --- 110 12460 + udp 20.0.0.1:4000 --- 1156 789028 + tcp 20.0.0.1:6000 --- 30 34800 + tcp 20.0.0.1:5000 65.55.42.1:2000 128 110204 + tcp 20.0.0.1:5500 65.55.42.1:2000 8 3806 + ``` + +**show nat translations** + +This command displays the NAT translation entries. + +- Usage: + ``` + show nat translations [count] + ``` +Giving the optional count argument displays only the details about the number of translation entries. +- Example: + ``` + admin@sonic:~$ show nat translations + + Static NAT Entries ................. 4 + Static NAPT Entries ................. 2 + Dynamic NAT Entries ................. 0 + Dynamic NAPT Entries ................. 4 + Static Twice NAT Entries ................. 0 + Static Twice NAPT Entries ................. 4 + Dynamic Twice NAT Entries ................ 0 + Dynamic Twice NAPT Entries ................ 0 + Total SNAT/SNAPT Entries ................ 9 + Total DNAT/DNAPT Entries ................ 9 + Total Entries ................ 14 + + Protocol Source Destination Translated Source Translated Destination + -------- --------- -------------- ----------------- ---------------------- + all 10.0.0.1 --- 65.55.42.2 --- + all --- 65.55.42.2 --- 10.0.0.1 + all 10.0.0.2 --- 65.55.42.3 --- + all --- 65.55.42.3 --- 10.0.0.2 + tcp 20.0.0.1:4500 --- 65.55.42.1:2000 --- + tcp --- 65.55.42.1:2000 --- 20.0.0.1:4500 + udp 20.0.0.1:4000 --- 65.55.42.1:1030 --- + udp --- 65.55.42.1:1030 --- 20.0.0.1:4000 + tcp 20.0.0.1:6000 --- 65.55.42.1:1024 --- + tcp --- 65.55.42.1:1024 --- 20.0.0.1:6000 + tcp 20.0.0.1:5000 65.55.42.1:2000 65.55.42.1:1025 20.0.0.1:4500 + tcp 20.0.0.1:4500 65.55.42.1:1025 65.55.42.1:2000 20.0.0.1:5000 + tcp 20.0.0.1:5500 65.55.42.1:2000 65.55.42.1:1026 20.0.0.1:4500 + tcp 20.0.0.1:4500 65.55.42.1:1026 65.55.42.1:2000 20.0.0.1:5500 + + admin@sonic:~$ show nat translations count + + Static NAT Entries ................. 4 + Static NAPT Entries ................. 2 + Dynamic NAT Entries ................. 0 + Dynamic NAPT Entries ................. 4 + Static Twice NAT Entries ................. 0 + Static Twice NAPT Entries ................. 4 + Dynamic Twice NAT Entries ................ 0 + Dynamic Twice NAPT Entries ................ 0 + Total SNAT/SNAPT Entries ................ 9 + Total DNAT/DNAPT Entries ................ 9 + Total Entries ................ 14 + ``` + +### NAT Config commands + +**config nat add static** + +This command is used to add a static NAT or NAPT entry. +When configuring the Static NAT entry, user has to specify the following fields with 'basic' keyword. + +1. Global IP address, +2. Local IP address, +3. NAT type (snat / dnat) to be applied on the Global IP address. Default value is dnat. This is optinoal argument. +4. Twice NAT Id. This is optional argument used in case of twice nat configuration. + +When configuring the Static NAPT entry, user has to specify the following fields. + +1. IP protocol type (tcp / udp) +2. Global IP address + Port +3. Local IP address + Port +4. NAT type (snat / dnat) to be applied on the Global IP address + Port. Default value is dnat. This is optional argument. +5. Twicw NAT Id. This is optional argument used in case of twice nat configuration. + +- Usage: + ``` + config nat add static {{basic (global-ip) (local-ip)} | {{tcp | udp} (global-ip) (global-port) (local-ip) (local-port)}} [-nat_type {snat | dnat}] [-twice_nat_id (value)] + ``` + +To delete a static NAT or NAPT entry, use the command below. Giving the all argument deletes all the configured static NAT and NAPT entries. +``` +config nat remove static {{basic (global-ip) (local-ip)} | {{tcp | udp} (global-ip) (global-port) (local-ip) (local-port)} | all} +``` +- Example: + ``` + admin@sonic:~$ sudo config nat add static basic 65.55.45.1 12.12.12.14 -nat_type dnat + admin@sonic:~$ sudo config nat add static tcp 65.55.45.2 100 12.12.12.15 200 -nat_type dnat + + admin@sonic:~$ show nat translations + + Static NAT Entries ................. 2 + Static NAPT Entries ................. 2 + Dynamic NAT Entries ................. 0 + Dynamic NAPT Entries ................. 0 + Static Twice NAT Entries ................. 0 + Static Twice NAPT Entries ................. 0 + Dynamic Twice NAT Entries ................ 0 + Dynamic Twice NAPT Entries ................ 0 + Total SNAT/SNAPT Entries ................ 2 + Total DNAT/DNAPT Entries ................ 2 + Total Entries ................ 4 + + Protocol Source Destination Translated Source Translated Destination + -------- --------- -------------- ----------------- ---------------------- + all 12.12.12.14 --- 65.55.42.1 --- + all --- 65.55.42.1 --- 12.12.12.14 + tcp 12.12.12.15:200 --- 65.55.42.2:100 --- + tcp --- 65.55.42.2:100 --- 12.12.12.15:200 + ``` + +**config nat add pool** + +This command is used to create a NAT pool used for dynamic Source NAT or NAPT translations. +Pool can be configured in one of the following combinations. + +1. Global IP address range (or) +2. Global IP address + L4 port range (or) +3. Global IP address range + L4 port range. + +- Usage: + ``` + config nat add pool (pool-name) (global-ip-range) (global-port-range) + ``` +To delete a NAT pool, use the command. Pool cannot be removed if it is referenced by a NAT binding. Giving the pools argument removes all the configured pools. +``` +config nat remove {pool (pool-name) | pools} +``` +- Example: + ``` + admin@sonic:~$ sudo config nat add pool pool1 65.55.45.2-65.55.45.10 + admin@sonic:~$ sudo config nat add pool pool2 65.55.45.3 100-1024 + + admin@sonic:~$ show nat config pool + + Pool Name Global IP Range Global Port Range + ----------- ---------------------- ------------------- + pool1 65.55.45.2-65.55.45.10 --- + pool2 65.55.45.3 100-1024 + ``` + +**config nat add binding** + +This command is used to create a NAT binding between a pool and an ACL. The following fields are needed for configuring the binding. + + 1. ACL is an optional argument. If ACL argument is not given, the NAT binding is applicable to match all traffic. + 2. NAT type is an optional argument. Only DNAT type is supoprted for binding. + 3. Twice NAT Id is an optional argument. This Id is used to form a twice nat grouping with the static NAT/NAPT entry configured with the same Id. + +- Usage: + ``` + config nat add binding (binding-name) [(pool-name)] [(acl-name)] [-nat_type {snat | dnat}] [-twice_nat_id (value)] + ``` +To delete a NAT binding, use the command below. Giving the bindings argument removes all the configured bindings. +``` +config nat remove {binding (binding-name) | bindings} +``` +- Example: + ``` + admin@sonic:~$ sudo config nat add binding bind1 pool1 acl1 + admin@sonic:~$ sudo config nat add binding bind2 pool2 + + admin@sonic:~$ show nat config bindings + + Binding Name Pool Name Access-List Nat Type Twice-NAT Id + -------------- ----------- ------------- ---------- -------------- + bind1 pool1 acl1 snat --- + bind2 pool2 snat --- + ``` + +**config nat add interface** + +This command is used to configure NAT zone on an L3 interface. Default value of NAT zone on an L3 interface is 0. Valid range of zone values is 0-3. + +- Usage: + ``` + config nat add interface (interface-name) -nat_zone (value) + ``` +To reset the NAT zone on an interface, use the command below. Giving the interfaces argument resets the NAT zone on all the L3 interfaces to 0. +``` +config nat remove {interface (interface-name) | interfaces} +``` +- Example: + ``` + admin@sonic:~$ sudo config nat add interface Ethernet28 -nat_zone 1 + + admin@sonic:~$ show nat config zones + + Port Zone + ---------- ------ + Ethernet0 0 + Ethernet28 1 + Ethernet22 0 + Vlan2091 0 + ``` + +**config nat set** + +This command is used to set the NAT timeout values. Different timeout values can be configured for the NAT entry timeout, NAPT TCP entry timeout, NAPT UDP entry timeout. +Range for Global NAT entry timeout is 300 sec to 432000 sec, default value is 600 sec. +Range for TCP NAT/NAPT entry timeout is 300 sec to 432000 sec, default value is 86400 sec. +Range for UDP NAT/NAPT entry timeout is 120 sec to 600 sec, default value is 300 sec. + +- Usage: + ``` + config nat set {tcp-timeout (value) | timeout (value) | udp-timeout (value)} + ``` +To reset the timeout values to the default values, use the command +``` +config nat reset {tcp-timeout | timeout | udp-timeout} +``` +- Example: + ``` + admin@sonic:~$ sudo config nat add set tcp-timeout 3600 + + admin@sonic:~$ show nat config globalvalues + + Admin Mode : enabled + Global Timeout : 600 secs + TCP Timeout : 600 secs + UDP Timeout : 300 secs + ``` + +**config nat feature** + +This command is used to enable or disable the NAT feature. + +- Usage: + ``` + config nat feature {enable | disable} + ``` + +- Example: + ``` + admin@sonic:~$ sudo config nat feature enable + admin@sonic:~$ sudo config nat feature disable + ``` + +### NAT Clear commands + +**sonic-clear nat translations** + +This command is used to clear the dynamic NAT and NAPT translation entries. + +- Usage: + ``` + sonic-clear nat translations + ``` + +**sonic-clear nat statistics** + +This command is used to clear the statistics of all the NAT and NAPT entries. + +- Usage: + ``` + sonic-clear nat statistics + ``` + +Go Back To [Beginning of the document](#) or [Beginning of this section](#nat) + + +## NTP + +### NTP show commands + +**show ntp** + +This command displays a list of NTP peers known to the server as well as a summary of their state. + +- Usage: + ``` + show ntp + ``` + +- Example: + ``` + admin@sonic:~$ show ntp + synchronised to NTP server (204.2.134.164) at stratum 3 + time correct to within 326797 ms + polling server every 1024 s + + remote refid st t when poll reach delay offset jitter + ============================================================================== + 23.92.29.245 .XFAC. 16 u - 1024 0 0.000 0.000 0.000 + *204.2.134.164 46.233.231.73 2 u 916 1024 377 3.079 0.394 0.128 + ``` + + +### NTP Config Commands + +This sub-section of commands is used to add or remove the configured NTP servers. + +**config ntp add** + +This command is used to add a NTP server IP address to the NTP server list. Note that more that one NTP server IP address can be added in the device. + +- Usage: + ``` + config ntp add + ``` + +- Example: + ``` + admin@sonic:~$ sudo config ntp add 9.9.9.9 + NTP server 9.9.9.9 added to configuration + Restarting ntp-config service... + ``` + +**config ntp delete** + +This command is used to delete a configured NTP server IP address. + +- Usage: + ``` + config ntp del + ``` + +- Example: + ``` + admin@sonic:~$ sudo config ntp del 9.9.9.9 + NTP server 9.9.9.9 removed from configuration + Restarting ntp-config service... + ``` + +Go Back To [Beginning of the document](#) or [Beginning of this section](#NTP) + +# PFC Watchdog Commands +Detailed description of the PFC Watchdog could be fount on the [this wiki page](https://github.com/Azure/SONiC/wiki/PFC-Watchdog) + +**config pfcwd start \** + +This command starts PFC Watchdog + +- Usage: + ``` + config pfcwd start --action drop all 400 --restoration-time 400 + config pfcwd start --action forward Ethernet0 Ethernet8 400 + ``` + +**config pfcwd stop** + +This command stops PFC Watchdog + +- Usage: + ``` + config pfcwd stop + ``` + +**config pfcwd interval \** + +This command sets PFC Watchdog counter polling interval (in ms) + +- Usage: + ``` + config pfcwd interval 200 + ``` + +**config pfcwd counter_poll \** + +This command enables or disables PFCWD related counters polling + +- Usage: + ``` + config pfcwd counter_poll disable + ``` + +**config pfcwd big_red_switch \** + +This command enables or disables PFCWD's "BIG RED SWITCH"(BRS). After enabling BRS PFC Watchdog will be activated on all ports/queues it is configured for no matter whether the storm was detected or not + +- Usage: + ``` + config pfcwd big_red_switch enable + ``` + +**config pfcwd start_default** + +This command starts PFC Watchdog with the default settings. + +- Usage: + ``` + config pfcwd start_default + ``` + +Default values are the following: + + - detection time - 200ms + - restoration time - 200ms + - polling interval - 200ms + - action - 'drop' + +Additionally if number of ports in the system exceeds 32, all times will be multiplied by roughly /32. + + +**show pfcwd config** + +This command shows current PFC Watchdog configuration + +- Usage: + ``` + show pfcwd config + ``` + +**show pfcwd stats** + +This command shows current PFC Watchdog statistics (storms detected, packets dropped, etc) + +- Usage: + ``` + show pfcwd stats + ``` + +Go Back To [Beginning of the document](#) or [Beginning of this section](#pfc-watchdog-commands) + +## Platform Component Firmware + +### Platform Component Firmware show commands + +**show platform firmware status** + +This command displays platform components firmware status information. + +- Usage: +```bash +show platform firmware status +``` + +- Example: +```bash +admin@sonic:~$ sudo show platform firmware status +Chassis Module Component Version Description +--------- -------- ----------- ----------------------- ---------------------------------------- +MSN3800 N/A ONIE 2020.11-5.2.0022-9600 ONIE - Open Network Install Environment + SSD 0202-000 SSD - Solid-State Drive + BIOS 0ACLH004_02.02.008_9600 BIOS - Basic Input/Output System + CPLD1 CPLD000120_REV0900 CPLD - Complex Programmable Logic Device + CPLD2 CPLD000165_REV0500 CPLD - Complex Programmable Logic Device + CPLD3 CPLD000166_REV0300 CPLD - Complex Programmable Logic Device + CPLD4 CPLD000167_REV0100 CPLD - Complex Programmable Logic Device +``` + +**show platform firmware updates** + +This command displays platform components firmware updates information. + +- Usage: +```bash +show platform firmware updates [-i|--image] +``` + +- Options: + - _-i|--image_: show updates using current/next SONiC image + + Valid values: + - current + - next + + Default: + - current + +- Example: +```bash +admin@sonic:~$ sudo show platform firmware updates +Chassis Module Component Firmware Version (Current/Available) Status +--------- -------- ----------- ------------------------------------------ ------------------------------------------------- ------------------ +MSN3800 N/A ONIE /usr/local/lib/firmware/mellanox/onie.bin 2020.11-5.2.0022-9600 / 2020.11-5.2.0024-9600 update is required + SSD /usr/local/lib/firmware/mellanox/ssd.bin 0202-000 / 0204-000 update is required + BIOS /usr/local/lib/firmware/mellanox/bios.bin 0ACLH004_02.02.008_9600 / 0ACLH004_02.02.010_9600 update is required + CPLD1 /usr/local/lib/firmware/mellanox/cpld.mpfa CPLD000120_REV0900 / CPLD000120_REV0900 up-to-date + CPLD2 /usr/local/lib/firmware/mellanox/cpld.mpfa CPLD000165_REV0500 / CPLD000165_REV0500 up-to-date + CPLD3 /usr/local/lib/firmware/mellanox/cpld.mpfa CPLD000166_REV0300 / CPLD000166_REV0300 up-to-date + CPLD4 /usr/local/lib/firmware/mellanox/cpld.mpfa CPLD000167_REV0100 / CPLD000167_REV0100 up-to-date +``` + +- Note: + - current/next values for _-i|--image_ are taken from `sonic-installer list` + ```bash + admin@sonic:~$ sudo sonic-installer list + Current: SONiC-OS-202012.0-fb89c28c9 + Next: SONiC-OS-201911.0-2bec3004e + Available: + SONiC-OS-202012.0-fb89c28c9 + SONiC-OS-201911.0-2bec3004e + ``` + +**show platform firmware version** + +This command displays platform components firmware utility version. + +- Usage: +```bash +show platform firmware version +``` + +- Example: +```bash +admin@sonic:~$ show platform firmware version +fwutil version 2.0.0.0 +``` + +### Platform Component Firmware config commands + +**config platform firmware install** + +This command is used to install a platform component firmware. +Both modular and non modular chassis platforms are supported. + +- Usage: +```bash +config platform firmware install chassis component fw [-y|--yes] +config platform firmware install module component fw [-y|--yes] +``` + +- Options: + - _-y|--yes_: automatic yes to prompts. Assume "yes" as answer to all prompts and run non-interactively + +- Example: +```bash +admin@sonic:~$ sudo config platform firmware install chassis component BIOS fw /usr/local/lib/firmware/mellanox/sn3800/chassis1/bios.bin +Warning: Immediate cold reboot is required to complete BIOS firmware update. +New firmware will be installed, continue? [y/N]: y +Installing firmware: + /usr/local/lib/firmware/mellanox/sn3800/chassis1/bios.bin + +admin@sonic:~$ sudo config platform firmware install module Module1 component BIOS fw https://www.mellanox.com/fw/sn3800/module1/bios.bin +Warning: Immediate cold reboot is required to complete BIOS firmware update. +New firmware will be installed, continue? [y/N]: y +Downloading firmware: + [##################################################] 100% +Installing firmware: + /tmp/bios.bin +``` + +- Note: + - can be absolute path or URL + +**config platform firmware update** + +This command is used to update a platform component firmware from current/next SONiC image. +Both modular and non modular chassis platforms are supported. + +FW update requires `platform_components.json` to be created and placed at: +sonic-buildimage/device///platform_components.json + +Example: +1. Non modular chassis platform +```json +{ + "chassis": { + "Chassis1": { + "component": { + "BIOS": { + "firmware": "/usr/local/lib/firmware///chassis1/bios.bin", + "version": "" + }, + "CPLD": { + "firmware": "/usr/local/lib/firmware///chassis1/cpld.bin", + "version": "" + }, + "FPGA": { + "firmware": "/usr/local/lib/firmware///chassis1/fpga.bin", + "version": "" + } + } + } + } +} +``` + +2. Modular chassis platform +```json +{ + "chassis": { + "Chassis1": { + "component": { + "BIOS": { + "firmware": "/usr/local/lib/firmware///chassis1/bios.bin", + "version": "" + }, + "CPLD": { + "firmware": "/usr/local/lib/firmware///chassis1/cpld.bin", + "version": "" + }, + "FPGA": { + "firmware": "/usr/local/lib/firmware///chassis1/fpga.bin", + "version": "" + } + } + } + }, + "module": { + "Module1": { + "component": { + "CPLD": { + "firmware": "/usr/local/lib/firmware///module1/cpld.bin", + "version": "" + }, + "FPGA": { + "firmware": "/usr/local/lib/firmware///module1/fpga.bin", + "version": "" + } + } + } + } +} +``` + +- Usage: +```bash +config platform firmware update chassis component fw [-y|--yes] [-f|--force] [-i|--image] +config platform firmware update module component fw [-y|--yes] [-f|--force] [-i|--image] +``` + +- Options: + - _-y|--yes_: automatic yes to prompts. Assume "yes" as answer to all prompts and run non-interactively + - _-f|--force_: update FW regardless the current version + - _-i|--image_: update FW using current/next SONiC image + + Valid values: + - current + - next + + Default: + - current + +- Example: +```bash +admin@sonic:~$ sudo config platform firmware update chassis component BIOS fw +Warning: Immediate cold reboot is required to complete BIOS firmware update. +New firmware will be installed, continue? [y/N]: y +Updating firmware: + /usr/local/lib/firmware/mellanox/x86_64-mlnx_msn3800-r0/chassis1/bios.bin + +admin@sonic:~$ sudo config platform firmware update module Module1 component BIOS fw +Warning: Immediate cold reboot is required to complete BIOS firmware update. +New firmware will be installed, continue? [y/N]: y +Updating firmware: + /usr/local/lib/firmware/mellanox/x86_64-mlnx_msn3800-r0/module1/bios.bin +``` + +- Note: + - FW update will be disabled if component definition is not provided (e.g., 'BIOS': { }) + - FW version will be read from image if `version` field is not provided + - current/next values for _-i|--image_ are taken from `sonic-installer list` + ```bash + admin@sonic:~$ sudo sonic-installer list + Current: SONiC-OS-202012.0-fb89c28c9 + Next: SONiC-OS-201911.0-2bec3004e + Available: + SONiC-OS-202012.0-fb89c28c9 + SONiC-OS-201911.0-2bec3004e + ``` + +### Platform Component Firmware vendor specific behaviour + +#### Mellanox + +**CPLD update** + +On Mellanox platforms CPLD update can be done either for single or for all components at once. +The second approach is preferred. In this case an aggregated `vme` binary is used and +CPLD component can be specified arbitrary. + +- Example: +```bash +root@sonic:/home/admin# show platform firmware +Chassis Module Component Version Description +---------------------- -------- ----------- ----------------------- ---------------------------------------- +x86_64-mlnx_msn3800-r0 N/A BIOS 0ACLH004_02.02.007_9600 BIOS - Basic Input/Output System + CPLD1 CPLD000000_REV0400 CPLD - Complex Programmable Logic Device + CPLD2 CPLD000000_REV0300 CPLD - Complex Programmable Logic Device + CPLD3 CPLD000000_REV0300 CPLD - Complex Programmable Logic Device + CPLD4 CPLD000000_REV0100 CPLD - Complex Programmable Logic Device + +root@sonic:/home/admin# BURN_VME="$(pwd)/FUI000091_Burn_SN3800_CPLD000120_REV0600_CPLD000165_REV0400_CPLD000166_REV0300_CPLD000167_REV0100.vme" +root@sonic:/home/admin# REFRESH_VME="$(pwd)/FUI000091_Refresh_SN3800_CPLD000120_REV0600_CPLD000165_REV0400_CPLD000166_REV0300_CPLD000167_REV0100.vme" + +root@sonic:/home/admin# config platform firmware install chassis component CPLD1 fw -y ${BURN_VME} +root@sonic:/home/admin# config platform firmware install chassis component CPLD1 fw -y ${REFRESH_VME} + +root@sonic:/home/admin# show platform firmware +Chassis Module Component Version Description +---------------------- -------- ----------- ----------------------- ---------------------------------------- +x86_64-mlnx_msn3800-r0 N/A BIOS 0ACLH004_02.02.007_9600 BIOS - Basic Input/Output System + CPLD1 CPLD000000_REV0600 CPLD - Complex Programmable Logic Device + CPLD2 CPLD000000_REV0400 CPLD - Complex Programmable Logic Device + CPLD3 CPLD000000_REV0300 CPLD - Complex Programmable Logic Device + CPLD4 CPLD000000_REV0100 CPLD - Complex Programmable Logic Device +``` + +Note: the update will have the same effect if any of CPLD1/CPLD2/CPLD3/CPLD4 will be used + +Go Back To [Beginning of the document](#) or [Beginning of this section](#platform-component-firmware) + + +## Platform Specific Commands + +### Mellanox Platform Specific Commands + +There are few commands that are platform specific. Mellanox has used this feature and implemented Mellanox specific commands as follows. + +**show platform mlnx sniffer** + +This command shows the SDK sniffer status + +- Usage: + ``` + show platform mlnx sniffer + ``` + +- Example: + ``` + admin@sonic:~$ show platform mlnx sniffer + sdk sniffer is disabled + ``` + +**show platform mlnx sniffer** + +Another show command available on ‘show platform mlnx’ which is the issu status. +This means if ISSU is enabled on this SKU or not. A warm boot command can be executed only when ISSU is enabled on the SKU. + +- Usage: + ``` + show platform mlnx issu + ``` + +- Example: + ``` + admin@sonic:~$ show platform mlnx issu + ISSU is enabled + ``` + +In the case ISSU is disabled and warm-boot is called, the user will get a notification message explaining that the command cannot be invoked. + +- Example: + ``` + admin@sonic:~$ sudo warm-reboot + ISSU is not enabled on this HWSKU + Warm reboot is not supported + ``` + +**config platform mlnx** + +This command is valid only on mellanox devices. The sub-commands for "config platform" gets populated only on mellanox platforms. +There are no other subcommands on non-Mellanox devices and hence this command appears empty and useless in other platforms. +The platform mellanox command currently includes a single sub command which is the SDK sniffer. +The SDK sniffer is a troubleshooting tool which records the RPC calls from the Mellanox SDK user API library to the sx_sdk task into a .pcap file. +This .pcap file can be replayed afterward to get the exact same configuration state on SDK and FW to reproduce and investigate issues. + +A new folder will be created to store the sniffer files: "/var/log/mellanox/sniffer/". The result file will be stored in a .pcap file, which includes a time stamp of the starting time in the file name, for example, "sx_sdk_sniffer_20180224081306.pcap" +In order to have a complete .pcap file with all the RPC calls, the user should disable the SDK sniffer. Swss service will be restarted and no capturing is taken place from that moment. +It is recommended to review the .pcap file while sniffing is disabled. +Once SDK sniffer is enabled/disabled, the user is requested to approve that swss service will be restarted. +For example: To change SDK sniffer status, swss service will be restarted, continue? [y/N]: +In order to avoid that confirmation the -y / --yes option should be used. + +- Usage: + ``` + config platform mlnx sniffer sdk [-y|--yes] + ``` + +- Example: + ``` + admin@sonic:~$ config platform mlnx sniffer sdk + To change SDK sniffer status, swss service will be restarted, continue? [y/N]: y + NOTE: In order to avoid that confirmation the -y / --yes option should be used. + ``` + +### Barefoot Platform Specific Commands + +**show platform barefoot profile** + +This command displays active P4 profile and lists available ones. + +- Usage: + ``` + show platform barefoot profile + ``` + +- Example: + ``` + admin@sonic:~$ show platform barefoot profile + Current profile: x1 + Available profile(s): + x1 + x2 + ``` + +**config platform barefoot profile** + +This command sets P4 profile. + +- Usage: + ``` + config platform barefoot profile [-y|--yes] + ``` + +- Example: + ``` + admin@sonic:~$ sudo config platform barefoot profile x1 + Swss service will be restarted, continue? [y/N]: y + ``` + +Go Back To [Beginning of the document](#) or [Beginning of this section](#platform-specific-commands) + + +## PortChannels + +### PortChannel Show commands + +**show interfaces portchannel** + +This command displays all the port channels that are configured in the device and its current status. + +- Usage: + ``` + show interfaces portchannel + ``` + +- Example: + ``` + admin@sonic:~$ show interfaces portchannel + Flags: A - active, I - inactive, Up - up, Dw - Down, N/A - not available, S - selected, D - deselected + No. Team Dev Protocol Ports + ----- ------------- ----------- --------------------------- + 24 PortChannel24 LACP(A)(Up) Ethernet28(S) Ethernet24(S) + 48 PortChannel48 LACP(A)(Up) Ethernet52(S) Ethernet48(S) + 40 PortChannel40 LACP(A)(Up) Ethernet44(S) Ethernet40(S) + 0 PortChannel0 LACP(A)(Up) Ethernet0(S) Ethernet4(S) + 8 PortChannel8 LACP(A)(Up) Ethernet8(S) Ethernet12(S) + ``` + + +### PortChannel Config commands + +This sub-section explains how to configure the portchannel and its member ports. + +**config portchannel** + +This command is used to add or delete the portchannel. +It is recommended to use portchannel names in the format "PortChannelxxxx", where "xxxx" is number of 1 to 4 digits. Ex: "PortChannel0002". + +NOTE: If users specify any other name like "pc99", command will succeed, but such names are not supported. Such names are not printed properly in the "show interface portchannel" command. It is recommended not to use such names. + +When any port is already member of any other portchannel and if user tries to add the same port in some other portchannel (without deleting it from the current portchannel), the command fails internally. But, it does not print any error message. In such cases, remove the member from current portchannel and then add it to new portchannel. + +Command takes two optional arguements given below. +1) min-links - minimum number of links required to bring up the portchannel +2) fallback - true/false. LACP fallback feature can be enabled / disabled. When it is set to true, only one member port will be selected as active per portchannel during fallback mode. Refer https://github.com/Azure/SONiC/blob/master/doc/lag/LACP%20Fallback%20Feature%20for%20SONiC_v0.5.md for more details about fallback feature. + +A port channel can be deleted only if it does not have any members or the members are already deleted. When a user tries to delete a port channel and the port channel still has one or more members that exist, the deletion of port channel is blocked. + +- Usage: + ``` + config portchannel (add | del) [--min-links ] [--fallback (true | false)] + ``` + +- Example (Create the portchannel with name "PortChannel0011"): + ``` + admin@sonic:~$ sudo config portchannel add PortChannel0011 + ``` + +**config portchannel member** + +This command adds or deletes a member port to/from the already created portchannel. + +- Usage: + ``` + config portchannel member (add | del) + ``` + +- Example (Add interface Ethernet4 as member of the portchannel "PortChannel0011"): + ``` + admin@sonic:~$ sudo config portchannel member add PortChannel0011 Ethernet4 + ``` + +Go Back To [Beginning of the document](#) or [Beginning of this section](#portchannels) + +## NVGRE + +This section explains the various show commands and configuration commands available for users. + +### NVGRE show commands + +This subsection explains how to display the NVGRE configuration. + +**show nvgre-tunnel** + +This command displays the NVGRE tunnel configuration. + +- Usage: +```bash +show nvgre-tunnel +``` + +- Example: +```bash +admin@sonic:~$ show nvgre-tunnel +TUNNEL NAME SRC IP +------------- -------- +tunnel_1 10.0.0.1 +``` + +**show nvgre-tunnel-map** + +This command displays the NVGRE tunnel map configuration. + +- Usage: +```bash +show nvgre-tunnel-map +``` + +- Example: +```bash +admin@sonic:~$ show nvgre-tunnel-map +TUNNEL NAME TUNNEL MAP NAME VLAN ID VSID +------------- ----------------- --------- ------ +tunnel_1 Vlan1000 1000 5000 +tunnel_1 Vlan2000 2000 6000 +``` + +### NVGRE config commands + +This subsection explains how to configure the NVGRE. + +**config nvgre-tunnel** + +This command is used to manage the NVGRE tunnel objects. +It supports add/delete operations. + +- Usage: +```bash +config nvgre-tunnel add --src-ip +config nvgre-tunnel delete +``` + +- Parameters: + - _tunnel-name_: the name of the NVGRE tunnel + - _src-ip_: source ip address + +- Examples: +```bash +config nvgre-tunnel add 'tunnel_1' --src-ip '10.0.0.1' +config nvgre-tunnel delete 'tunnel_1' +``` + +**config nvgre-tunnel-map** + +This command is used to manage the NVGRE tunnel map objects. +It supports add/delete operations. + +- Usage: +```bash +config nvgre-tunnel-map add --vlan-id --vsid +config nvgre-tunnel-map delete +``` + +- Parameters: + - _tunnel-name_: the name of the NVGRE tunnel + - _tunnel-map-name_: the name of the NVGRE tunnel map + - _vlan-id_: VLAN identifier + - _vsid_: Virtual Subnet Identifier + +- Examples: +```bash +config nvgre-tunnel-map add 'tunnel_1' 'Vlan2000' --vlan-id '2000' --vsid '6000' +config nvgre-tunnel-map delete 'tunnel_1' 'Vlan2000' +``` + +## PBH + +This section explains the various show commands and configuration commands available for users. + +### PBH show commands + +This subsection explains how to display PBH configuration and statistics. + +**show pbh table** + +This command displays PBH table configuration. + +- Usage: +```bash +show pbh table +``` + +- Example: +```bash +admin@sonic:~$ show pbh table +NAME INTERFACE DESCRIPTION +--------- --------------- --------------- +pbh_table Ethernet0 NVGRE and VxLAN + Ethernet4 + PortChannel0001 + PortChannel0002 +``` + +**show pbh rule** + +This command displays PBH rule configuration. + +- Usage: +```bash +show pbh rule +``` + +- Example: +```bash +admin@sonic:~$ show pbh rule +TABLE RULE PRIORITY MATCH HASH ACTION COUNTER +--------- ------ ---------- ------------------------------------ ------------- ------------- --------- +pbh_table nvgre 2 ether_type: 0x0800 inner_v6_hash SET_ECMP_HASH DISABLED + ip_protocol: 0x2f + gre_key: 0x2500/0xffffff00 + inner_ether_type: 0x86dd +pbh_table vxlan 1 ether_type: 0x0800 inner_v4_hash SET_LAG_HASH ENABLED + ip_protocol: 0x11 + l4_dst_port: 0x12b5 + inner_ether_type: 0x0800 +``` + +**show pbh hash** + +This command displays PBH hash configuration. + +- Usage: +```bash +show pbh hash +``` + +- Example: +```bash +admin@sonic:~$ show pbh hash +NAME HASH FIELD +------------- ----------------- +inner_v4_hash inner_ip_proto + inner_l4_dst_port + inner_l4_src_port + inner_dst_ipv4 + inner_src_ipv4 +inner_v6_hash inner_ip_proto + inner_l4_dst_port + inner_l4_src_port + inner_dst_ipv6 + inner_src_ipv6 +``` + +**show pbh hash-field** + +This command displays PBH hash field configuration. + +- Usage: +```bash +show pbh hash-field +``` + +- Example: +```bash +admin@sonic:~$ show pbh hash-field +NAME FIELD MASK SEQUENCE SYMMETRIC +----------------- ----------------- --------- ---------- ----------- +inner_ip_proto INNER_IP_PROTOCOL N/A 1 No +inner_l4_dst_port INNER_L4_DST_PORT N/A 2 Yes +inner_l4_src_port INNER_L4_SRC_PORT N/A 2 Yes +inner_dst_ipv4 INNER_DST_IPV4 255.0.0.0 3 Yes +inner_src_ipv4 INNER_SRC_IPV4 0.0.0.255 3 Yes +inner_dst_ipv6 INNER_DST_IPV6 ffff:: 4 Yes +inner_src_ipv6 INNER_SRC_IPV6 ::ffff 4 Yes +``` + +- Note: + - _SYMMETRIC_ is an artificial column and is only used to indicate fields symmetry + +**show pbh statistics** + +This command displays PBH statistics. + +- Usage: +```bash +show pbh statistics +``` + +- Example: +```bash +admin@sonic:~$ show pbh statistics +TABLE RULE RX PACKETS COUNT RX BYTES COUNT +--------- ------ ------------------ ---------------- +pbh_table nvgre 0 0 +pbh_table vxlan 0 0 +``` + +- Note: + - _RX PACKETS COUNT_ and _RX BYTES COUNT_ can be cleared by user: + ```bash + admin@sonic:~$ sonic-clear pbh statistics + ``` + +### PBH config commands + +This subsection explains how to configure PBH. + +**config pbh table** + +This command is used to manage PBH table objects. +It supports add/update/remove operations. + +- Usage: +```bash +config pbh table add --interface-list --description +config pbh table update [ --interface-list ] [ --description ] +config pbh table delete +``` + +- Parameters: + - _table_name_: the name of the PBH table + - _interface_list_: interfaces to which PBH table is applied + - _description_: the description of the PBH table + +- Examples: +```bash +config pbh table add 'pbh_table' \ +--interface-list 'Ethernet0,Ethernet4,PortChannel0001,PortChannel0002' \ +--description 'NVGRE and VxLAN' +config pbh table update 'pbh_table' \ +--interface-list 'Ethernet0' +config pbh table delete 'pbh_table' +``` + +**config pbh rule** + +This command is used to manage PBH rule objects. +It supports add/update/remove operations. + +- Usage: +```bash +config pbh rule add --priority \ +[ --gre-key ] [ --ether-type ] [ --ip-protocol ] \ +[ --ipv6-next-header ] [ --l4-dst-port ] [ --inner-ether-type ] \ +--hash [ --packet-action ] [ --flow-counter ] +config pbh rule update [ --priority ] \ +[ --gre-key ] [ --ether-type ] [ --ip-protocol ] \ +[ --ipv6-next-header ] [ --l4-dst-port ] [ --inner-ether-type ] \ +[ --hash ] [ --packet-action ] [ --flow-counter ] +config pbh rule delete +``` + +- Parameters: + - _table_name_: the name of the PBH table + - _rule_name_: the name of the PBH rule + - _priority_: the priority of the PBH rule + - _gre_key_: packet match for the PBH rule: GRE key (value/mask) + - _ether_type_: packet match for the PBH rule: EtherType (IANA Ethertypes) + - _ip_protocol_: packet match for the PBH rule: IP protocol (IANA Protocol Numbers) + - _ipv6_next_header_: packet match for the PBH rule: IPv6 Next header (IANA Protocol Numbers) + - _l4_dst_port_: packet match for the PBH rule: L4 destination port + - _inner_ether_type_: packet match for the PBH rule: inner EtherType (IANA Ethertypes) + - _hash_: _hash_ object to apply with the PBH rule + - _packet_action_: packet action for the PBH rule + + Valid values: + - SET_ECMP_HASH + - SET_LAG_HASH + + Default: + - SET_ECMP_HASH + + - _flow_counter_: packet/byte counter for the PBH rule + + Valid values: + - DISABLED + - ENABLED + + Default: + - DISABLED + +- Examples: +```bash +config pbh rule add 'pbh_table' 'nvgre' \ +--priority '2' \ +--ether-type '0x0800' \ +--ip-protocol '0x2f' \ +--gre-key '0x2500/0xffffff00' \ +--inner-ether-type '0x86dd' \ +--hash 'inner_v6_hash' \ +--packet-action 'SET_ECMP_HASH' \ +--flow-counter 'DISABLED' +config pbh rule update 'pbh_table' 'nvgre' \ +--flow-counter 'ENABLED' +config pbh rule delete 'pbh_table' 'nvgre' +``` + +**config pbh hash** + +This command is used to manage PBH hash objects. +It supports add/update/remove operations. + +- Usage: +```bash +config pbh hash add --hash-field-list +config pbh hash update [ --hash-field-list ] +config pbh hash delete +``` + +- Parameters: + - _hash_name_: the name of the PBH hash + - _hash_field_list_: list of _hash-field_ objects to apply with the PBH hash + +- Examples: +```bash +config pbh hash add 'inner_v6_hash' \ +--hash-field-list 'inner_ip_proto,inner_l4_dst_port,inner_l4_src_port,inner_dst_ipv6,inner_src_ipv6' +config pbh hash update 'inner_v6_hash' \ +--hash-field-list 'inner_ip_proto' +config pbh hash delete 'inner_v6_hash' +``` + +**config pbh hash-field** + +This command is used to manage PBH hash field objects. +It supports add/update/remove operations. + +- Usage: +```bash +config pbh hash-field add \ +--hash-field [ --ip-mask ] --sequence-id +config pbh hash-field update \ +[ --hash-field ] [ --ip-mask ] [ --sequence-id ] +config pbh hash-field delete +``` + +- Parameters: + - _hash_field_name_: the name of the PBH hash field + - _hash_field_: native hash field for the PBH hash field + + Valid values: + - INNER_IP_PROTOCOL + - INNER_L4_DST_PORT + - INNER_L4_SRC_PORT + - INNER_DST_IPV4 + - INNER_SRC_IPV4 + - INNER_DST_IPV6 + - INNER_SRC_IPV6 + + - _ip_mask_: IPv4/IPv6 address mask for the PBH hash field + + Valid only: _hash_field_ is: + - INNER_DST_IPV4 + - INNER_SRC_IPV4 + - INNER_DST_IPV6 + - INNER_SRC_IPV6 + + - _sequence_id_: the order in which fields are hashed + +- Examples: +```bash +config pbh hash-field add 'inner_dst_ipv6' \ +--hash-field 'INNER_DST_IPV6' \ +--ip-mask 'ffff::' \ +--sequence-id '4' +config pbh hash-field update 'inner_dst_ipv6' \ +--ip-mask 'ffff:ffff::' +config pbh hash-field delete 'inner_dst_ipv6' +``` + +Go Back To [Beginning of the document](#) or [Beginning of this section](#pbh) + +## QoS + +### QoS Show commands + +#### PFC + +**show pfc counters** + +This command displays the details of Rx & Tx priority-flow-control (pfc) for all ports. This command can be used to clear the counters using -c option. + +- Usage: + ``` + show pfc counters + ``` + +- Example: + ``` + admin@sonic:~$ show pfc counters + Port Rx PFC0 PFC1 PFC2 PFC3 PFC4 PFC5 PFC6 PFC7 + ----------- ------ ------ ------ ------ ------ ------ ------ ------ + Ethernet0 0 0 0 0 0 0 0 0 + Ethernet4 0 0 0 0 0 0 0 0 + Ethernet8 0 0 0 0 0 0 0 0 + Ethernet12 0 0 0 0 0 0 0 0 + + Port Tx PFC0 PFC1 PFC2 PFC3 PFC4 PFC5 PFC6 PFC7 + ----------- ------ ------ ------ ------ ------ ------ ------ ------ + Ethernet0 0 0 0 0 0 0 0 0 + Ethernet4 0 0 0 0 0 0 0 0 + Ethernet8 0 0 0 0 0 0 0 0 + Ethernet12 0 0 0 0 0 0 0 0 + + ... + ``` + + +- NOTE: PFC counters can be cleared by the user with the following command: + ``` + admin@sonic:~$ sonic-clear pfccounters + ``` + +**show pfc asymmetric** + +This command displays the status of asymmetric PFC for all interfaces or a given interface. + +- Usage: + ``` + show pfc asymmetric [] + ``` + +- Example: + ``` + admin@sonic:~$ show pfc asymmetric + + Interface Asymmetric + ----------- ------------ + Ethernet0 off + Ethernet2 off + Ethernet4 off + Ethernet6 off + Ethernet8 off + Ethernet10 off + Ethernet12 off + Ethernet14 off + + admin@sonic:~$ show pfc asymmetric Ethernet0 + + Interface Asymmetric + ----------- ------------ + Ethernet0 off + ``` + +**show pfc priority** + +This command displays the lossless priorities for all interfaces or a given interface. + +- Usage: + ``` + show pfc priority [] + ``` + +- Example: + ``` + admin@sonic:~$ show pfc priority + + Interface Lossless priorities + ----------- --------------------- + Ethernet0 3,4 + Ethernet2 3,4 + Ethernet8 3,4 + Ethernet10 3,4 + Ethernet16 3,4 + + admin@sonic:~$ show pfc priority Ethernet0 + + Interface Lossless priorities + ----------- --------------------- + Ethernet0 3,4 + ``` + +#### Queue And Priority-Group + +This sub-section explains the following queue parameters that can be displayed using "show queue" command. +1) queue counters +2) queue watermark +3) priority-group watermark +4) queue persistent-watermark + + +**show queue counters** + +This command displays packet and byte counters for all queues of all ports or one specific-port given as arguement. +This command can be used to clear the counters for all queues of all ports. Note that port specific clear is not supported. + +- Usage: + ``` + show queue counters [] + ``` + +- Example: + ``` + admin@sonic:~$ show queue counters + Port TxQ Counter/pkts Counter/bytes Drop/pkts Drop/bytes + --------- ----- -------------- --------------- ----------- ------------ + Ethernet0 UC0 0 0 0 0 + Ethernet0 UC1 0 0 0 0 + Ethernet0 UC2 0 0 0 0 + Ethernet0 UC3 0 0 0 0 + Ethernet0 UC4 0 0 0 0 + Ethernet0 UC5 0 0 0 0 + Ethernet0 UC6 0 0 0 0 + Ethernet0 UC7 0 0 0 0 + Ethernet0 UC8 0 0 0 0 + Ethernet0 UC9 0 0 0 0 + Ethernet0 MC0 0 0 0 0 + Ethernet0 MC1 0 0 0 0 + Ethernet0 MC2 0 0 0 0 + Ethernet0 MC3 0 0 0 0 + Ethernet0 MC4 0 0 0 0 + Ethernet0 MC5 0 0 0 0 + Ethernet0 MC6 0 0 0 0 + Ethernet0 MC7 0 0 0 0 + Ethernet0 MC8 0 0 0 0 + Ethernet0 MC9 0 0 0 0 + + Port TxQ Counter/pkts Counter/bytes Drop/pkts Drop/bytes + --------- ----- -------------- --------------- ----------- ------------ + Ethernet4 UC0 0 0 0 0 + Ethernet4 UC1 0 0 0 0 + Ethernet4 UC2 0 0 0 0 + Ethernet4 UC3 0 0 0 0 + Ethernet4 UC4 0 0 0 0 + Ethernet4 UC5 0 0 0 0 + Ethernet4 UC6 0 0 0 0 + Ethernet4 UC7 0 0 0 0 + Ethernet4 UC8 0 0 0 0 + Ethernet4 UC9 0 0 0 0 + Ethernet4 MC0 0 0 0 0 + Ethernet4 MC1 0 0 0 0 + Ethernet4 MC2 0 0 0 0 + Ethernet4 MC3 0 0 0 0 + Ethernet4 MC4 0 0 0 0 + Ethernet4 MC5 0 0 0 0 + Ethernet4 MC6 0 0 0 0 + Ethernet4 MC7 0 0 0 0 + Ethernet4 MC8 0 0 0 0 + Ethernet4 MC9 0 0 0 0 + + ... + ``` + +Optionally, you can specify an interface name in order to display only that particular interface + +- Example: + ``` + admin@sonic:~$ show queue counters Ethernet72 + ``` + +- NOTE: Queue counters can be cleared by the user with the following command: + ``` + admin@sonic:~$ sonic-clear queuecounters + ``` + +**show queue watermark** + +This command displays the user watermark for the queues (Egress shared pool occupancy per queue) for either the unicast queues or multicast queues for all ports + +- Usage: + ``` + show queue watermark (multicast | unicast) + ``` + +- Example: + ``` + admin@sonic:~$ show queue watermark unicast + Egress shared pool occupancy per unicast queue: + Port UC0 UC1 UC2 UC3 UC4 UC5 UC6 UC7 + ----------- ----- ----- ----- ----- ----- ----- ----- ----- + Ethernet0 0 0 0 0 0 0 0 0 + Ethernet4 0 0 0 0 0 0 0 0 + Ethernet8 0 0 0 0 0 0 0 0 + Ethernet12 0 0 0 0 0 0 0 0 + + admin@sonic:~$ show queue watermark multicast (Egress shared pool occupancy per multicast queue) + ``` + +**show priority-group** + +This command displays: +1) The user watermark or persistent-watermark for the Ingress "headroom" or "shared pool occupancy" per priority-group for all ports. +2) Dropped packets per priority-group for all ports + +- Usage: + ``` + show priority-group (watermark | persistent-watermark) (headroom | shared) + show priority-group drop counters + ``` + +- Example: + ``` + admin@sonic:~$ show priority-group watermark shared + Ingress shared pool occupancy per PG: + Port PG0 PG1 PG2 PG3 PG4 PG5 PG6 PG7 + ----------- ----- ----- ----- ----- ----- ----- ----- ----- + Ethernet0 0 0 0 0 0 0 0 0 + Ethernet4 0 0 0 0 0 0 0 0 + Ethernet8 0 0 0 0 0 0 0 0 + Ethernet12 0 0 0 0 0 0 0 0 + ``` + +- Example (Ingress headroom per PG): + ``` + admin@sonic:~$ show priority-group watermark headroom + ``` + +- Example (Ingress shared pool occupancy per PG): + ``` + admin@sonic:~$ show priority-group persistent-watermark shared + ``` + +- Example (Ingress headroom per PG): + ``` + admin@sonic:~$ show priority-group persistent-watermark headroom + ``` + +- Example (Ingress dropped packets per PG): + ``` + admin@sonic:~$ show priority-group drop counters + Ingress PG dropped packets: + Port PG0 PG1 PG2 PG3 PG4 PG5 PG6 PG7 + ----------- ----- ----- ----- ----- ----- ----- ----- ----- + Ethernet0 0 0 0 0 0 0 0 0 + Ethernet4 0 0 0 0 0 0 0 0 + Ethernet8 0 0 0 0 0 0 0 0 + Ethernet12 0 0 0 0 0 0 0 0 + ``` + +In addition to user watermark("show queue|priority-group watermark ..."), a persistent watermark is available. +It hold values independently of user watermark. This way user can use "user watermark" for debugging, clear it, etc, but the "persistent watermark" will not be affected. + +**show queue persistent-watermark** + +This command displays the user persistet-watermark for the queues (Egress shared pool occupancy per queue) for either the unicast queues or multicast queues for all ports + +- Usage: + ``` + show queue persistent-watermark (unicast | multicast) + ``` + +- Example: + ``` + admin@sonic:~$ show queue persistent-watermark unicast + Egress shared pool occupancy per unicast queue: + Port UC0 UC1 UC2 UC3 UC4 UC5 UC6 UC7 + ----------- ----- ----- ----- ----- ----- ----- ----- ----- + Ethernet0 N/A N/A N/A N/A N/A N/A N/A N/A + Ethernet4 N/A N/A N/A N/A N/A N/A N/A N/A + Ethernet8 N/A N/A N/A N/A N/A N/A N/A N/A + Ethernet12 N/A N/A N/A N/A N/A N/A N/A N/A + ``` + +- Example (Egress shared pool occupancy per multicast queue): + ``` + admin@sonic:~$ show queue persistent-watermark multicast + ``` + +- NOTE: "user watermark", "persistent watermark" and "ingress dropped packets" can be cleared by user: + + ``` + admin@sonic:~$ sonic-clear queue persistent-watermark unicast + + admin@sonic:~$ sonic-clear queue persistent-watermark multicast + + admin@sonic:~$ sonic-clear priority-group persistent-watermark shared + + admin@sonic:~$ sonic-clear priority-group persistent-watermark headroom + + admin@sonic:~$ sonic-clear priority-group drop counters + ``` + +#### Buffer Pool + +This sub-section explains the following buffer pool parameters that can be displayed using "show buffer_pool" command. +1) buffer pool watermark +2) buffer pool persistent-watermark + +**show buffer_pool watermark** + +This command displays the user watermark for all the buffer pools + +- Usage: + ``` + show buffer_pool watermark + ``` + +- Example: + ``` + admin@sonic:~$ show buffer_pool watermark + Shared pool maximum occupancy: + Pool Bytes + --------------------- ------- + ingress_lossless_pool 0 + lossy_pool 2464 + ``` + + +**show buffer_pool persistent-watermark** + +This command displays the user persistent-watermark for all the buffer pools + +- Usage: + ``` + show buffer_pool persistent-watermark + ``` + +- Example: + ``` + admin@sonic:~$ show buffer_pool persistent-watermark + Shared pool maximum occupancy: + Pool Bytes + --------------------- ------- + ingress_lossless_pool 0 + lossy_pool 2464 + ``` + + + +### QoS config commands + +**config qos clear** + +This command is used to clear all the QoS configuration from all the following QOS Tables in ConfigDB. + +1) TC_TO_PRIORITY_GROUP_MAP, +2) MAP_PFC_PRIORITY_TO_QUEUE, +3) TC_TO_QUEUE_MAP, +4) DSCP_TO_TC_MAP, +5) MPLS_TC_TO_TC_MAP, +6) SCHEDULER, +7) PFC_PRIORITY_TO_PRIORITY_GROUP_MAP, +8) PORT_QOS_MAP, +9) WRED_PROFILE, +10) QUEUE, +11) CABLE_LENGTH, +12) BUFFER_POOL, +13) BUFFER_PROFILE, +14) BUFFER_PG, +15) BUFFER_QUEUE + +- Usage: + ``` + config qos clear + ``` + +- Example: + ``` + admin@sonic:~$ sudo config qos clear + ``` + +**config qos reload** + +This command is used to reload the QoS configuration. +QoS configuration has got two sets of configurations. +1) Generic QOS Configuration - This gives complete list of all possible QOS configuration. Its given in the file /usr/share/sonic/templates/qos_config.j2 in the device. + Reference: https://github.com/Azure/sonic-buildimage/blob/master/files/build_templates/qos_config.j2 + Users have flexibility to have platform specific qos configuration by placing the qos_config.j2 file at /usr/share/sonic/device///. + If users want to modify any of this loaded QOS configuration, they can modify this file in the device and then issue the "config qos reload" command. + +2) Platform specific buffer configuration. Every platform has got platform specific and topology specific (T0 or T1 or T2) buffer configuration at /usr/share/sonic/device///buffers_defaults_tx.j2 + In addition to platform specific configuration file, a generic configuration file is also present at /usr/share/sonic/templates/buffers_config.j2. + Reference: https://github.com/Azure/sonic-buildimage/blob/master/files/build_templates/buffers_config.j2 + Users can either modify the platform specific configuration file, or the generic configuration file and then issue this "config qos reload" command. + +These configuration files are already loaded in the device as part of the reboot process. In case if users wants to modify any of these configurations, they need to modify the appropriate QOS tables and fields in these files and then use this reload command. +This command uses those modified buffers.json.j2 file & qos.json.j2 file and reloads the new QOS configuration. +If users have not made any changes in these configuration files, this command need not be executed. + +Some of the example QOS configurations that users can modify are given below. +1) TC_TO_PRIORITY_GROUP_MAP +2) MAP_PFC_PRIORITY_TO_QUEUE +3) TC_TO_QUEUE_MAP +4) DSCP_TO_TC_MAP +5) MPLS_TC_TO_TC_MAP +6) SCHEDULER +7) PFC_PRIORITY_TO_PRIORITY_GROUP_MAP +8) PORT_QOS_MAP +9) WRED_PROFILE +10) CABLE_LENGTH +11) BUFFER_QUEUE + +- Usage: + ``` + config qos reload + ``` + +- Example: + ``` + admin@sonic:~$ sudo config qos reload + Running command: /usr/local/bin/sonic-cfggen -d -t /usr/share/sonic/device/x86_64-dell_z9100_c2538-r0/Force10-Z9100-C32/buffers.json.j2 >/tmp/buffers.json + Running command: /usr/local/bin/sonic-cfggen -d -t /usr/share/sonic/device/x86_64-dell_z9100_c2538-r0/Force10-Z9100-C32/qos.json.j2 -y /etc/sonic/sonic_version.yml >/tmp/qos.json + Running command: /usr/local/bin/sonic-cfggen -j /tmp/buffers.json --write-to-db + Running command: /usr/local/bin/sonic-cfggen -j /tmp/qos.json --write-to-db + + In this example, it uses the buffers.json.j2 file and qos.json.j2 file from platform specific folders. + When there are no changes in the platform specific configutation files, they internally use the file "/usr/share/sonic/templates/buffers_config.j2" and "/usr/share/sonic/templates/qos_config.j2" to generate the configuration. + ``` + +**config qos reload --ports port_list** + +This command is used to reload the default QoS configuration on a group of ports. +Typically, the default QoS configuration is in the following tables. +1) PORT_QOS_MAP +2) QUEUE +3) BUFFER_PG +4) BUFFER_QUEUE +5) BUFFER_PORT_INGRESS_PROFILE_LIST +6) BUFFER_PORT_EGRESS_PROFILE_LIST +7) CABLE_LENGTH + +If there was QoS configuration in the above tables for the ports: + + - if `--force` option is provied, the existing QoS configuration will be replaced by the default QoS configuration, + - otherwise, the command will exit with nothing updated. + +- Usage: + ``` + config qos reload --ports [,port] + ``` + +- Example: + ``` + admin@sonic:~$ sudo config qos reload --ports Ethernet0,Ethernet4 + + In this example, it updates the QoS configuration on port Ethernet0 and Ethernet4 to default. + If there was QoS configuration on the ports, the command will clear the existing QoS configuration on the port and reload to default. + ``` + +Go Back To [Beginning of the document](#) or [Beginning of this section](#qos) + +## Radius + +### show radius commands + +This command displays the global radius configuration that includes the auth_type, retransmit, timeout and passkey. + +- Usage: + ``` + show radius + ``` +- Example: + + ``` + admin@sonic:~$ show radius + RADIUS global auth_type pap (default) + RADIUS global retransmit 3 (default) + RADIUS global timeout 5 (default) + RADIUS global passkey (default) + + ``` + +### Radius config commands + +This command is to config the radius server for various parameter listed. + + - Usage: + ``` + config radius + ``` +- Example: + ``` + admin@sonic:~$ config radius + + add Specify a RADIUS server + authtype Specify RADIUS server global auth_type [chap | pap | mschapv2] + default set its default configuration + delete Delete a RADIUS server + nasip Specify RADIUS server global NAS-IP|IPV6-Address + passkey Specify RADIUS server global passkey + retransmit Specify RADIUS server global retry attempts <0 - 10> + sourceip Specify RADIUS server global source ip + statistics Specify RADIUS server global statistics [enable | disable |... + timeout Specify RADIUS server global timeout <1 - 60> + + ``` +## sFlow + +### sFlow Show commands + +**show sflow** + +This command displays the global sFlow configuration that includes the admin state, collectors, the Agent ID and counter polling interval. + +- Usage: + ``` + show sflow + ``` + +- Example: + ``` + admin@sonic:~# show sflow + sFlow Global Information: + sFlow Admin State: up + sFlow Polling Interval: default + sFlow AgentID: lo + + 2 Collectors configured: + Name: collector_A IP addr: 10.11.46.2 UDP port: 6343 + Name: collector_lo IP addr: 127.0.0.1 UDP port: 6343 + ``` + + +**show sflow interface** + +This command displays the per-interface sflow admin status and the sampling rate. + +- Usage: + ``` + show sflow interface + ``` + +- Example: + ``` + admin@sonic:~# show sflow interface + + sFlow interface configurations + +-------------+---------------+-----------------+ + | Interface | Admin State | Sampling Rate | + +=============+===============+=================+ + | Ethernet0 | up | 4000 | + +-------------+---------------+-----------------+ + | Ethernet1 | up | 4000 | + +-------------+---------------+-----------------+ + ... + +-------------+---------------+-----------------+ + | Ethernet61 | up | 4000 | + +-------------+---------------+-----------------+ + | Ethernet62 | up | 4000 | + +-------------+---------------+-----------------+ + | Ethernet63 | up | 4000 | + +-------------+---------------+-----------------+ + + ``` + +### sFlow Config commands + +**config sflow collector add** + +This command is used to add a sFlow collector. Note that a maximum of 2 collectors is allowed. + +- Usage: + ``` + config sflow collector add [port ] + ``` + + - Parameters: + - collector-name: unique name of the sFlow collector + - ipv4-address : IP address of the collector in dotted decimal format for IPv4 + - ipv6-address : x: x: x: x::x format for IPv6 address of the collector (where :: notation specifies successive hexadecimal fields of zeros) + - port (OPTIONAL): specifies the UDP port of the collector (the range is from 0 to 65535. The default is 6343.) + +- Example: + ``` + admin@sonic:~# sudo config sflow collector add collector_A 10.11.46.2 + ``` + +**config sflow collector del** + +This command is used to delete a sFlow collector with the given name. + +- Usage: + ``` + config sflow collector del + ``` + + - Parameters: + - collector-name: unique name of the sFlow collector + +- Example: + ``` + admin@sonic:~# sudo config sflow collector del collector_A + ``` + +**config sflow agent-id** + +This command is used to add/delete the sFlow agent-id. This setting is global (applicable to both collectors) and optional. Only a single agent-id is allowed. If agent-id is not specified (with this CLI), an appropriate IP that belongs to the switch is used as the agent-id based on some simple heuristics. + +- Usage: + ``` + config sflow agent-id + ``` + + - Parameters: + - interface-name: specify the interface name whose ipv4 or ipv6 address will be used as the agent-id in sFlow datagrams. + +- Example: + ``` + admin@sonic:~# sudo config sflow agent-id add lo + ``` + +**config sflow** + +Globally, sFlow is disabled by default. When sFlow is enabled globally, the sflow deamon is started and sampling will start on all interfaces which have sFlow enabled at the interface level (see “config sflow interface…”). When sflow is disabled globally, sampling is stopped on all relevant interfaces and sflow daemon is stopped. + +- Usage: + ``` + config sflow + ``` +- Example: + ``` + admin@sonic:~# sudo config sflow enable + ``` +**config sflow interface** + +Enable/disable sflow at an interface level. By default, sflow is enabled on all interfaces at the interface level. Use this command to explicitly disable sFlow for a specific interface. An interface is sampled if sflow is enabled globally as well as at the interface level. Note that this configuration deals only with sFlow flow samples and not counter samples. + +- Usage: + ``` + config sflow interface + ``` + + - Parameters: + - interface-name: specify the interface for which sFlow flow samples have to be enabled/disabled. The “all” keyword is used as a convenience to enable/disable sflow at the interface level for all the interfaces. + +- Example: + ``` + admin@sonic:~# sudo config sflow interface disable Ethernet40 + ``` + +**config sflow interface sample-rate** + +Configure the sample-rate for a specific interface. + +The default sample rate for any interface is (ifSpeed / 1e6) where ifSpeed is in bits/sec. So, the default sample rate based on interface speed is: + + 1-in-1000 for a 1G link + 1-in-10,000 for a 10G link + 1-in-40,000 for a 40G link + 1-in-50,000 for a 50G link + 1-in-100,000 for a 100G link + +It is recommended not to change the defaults. This CLI is to be used only in case of exceptions (e.g., to set the sample-rate to the nearest power-of-2 if there are hardware restrictions in using the defaults) + +- Usage: + ``` + config sflow interface sample-rate + ``` + + - Parameters: + - interface-name: specify the interface for which the sampling rate value is to be set + - value: value is the average number of packets skipped before the sample is taken. "The sampling rate specifies random sampling probability as the ratio of packets observed to samples generated. For example a sampling rate of 256 specifies that, on average, 1 sample will be generated for every 256 packets observed." Valid range 256:8388608. + +- Example: + ``` + admin@sonic:~# sudo config sflow interface sample-rate Ethernet32 1000 + ``` +**config sflow polling-interval** + +This command is used to set the counter polling interval. Default is 20 seconds. + +- Usage: + ``` + config sflow polling-interval + ``` + + - Parameters: + - value: 0-300 seconds. Set polling-interval to 0 to disable counter polling + +- Example: + ``` + admin@sonic:~# sudo config sflow polling-interval 30 + ``` + + +Go Back To [Beginning of the document](#) or [Beginning of this section](#sflow) + +## SNMP + +### SNMP Show commands + +**show runningconfiguration snmp** + +This command displays the global SNMP configuration that includes the location, contact, community, and user settings. + +- Usage: + ``` + show runningconfiguration snmp + ``` + +- Example: + ``` + admin@sonic:~$ show runningconfiguration snmp + Location + ------------ + Emerald City + + + SNMP_CONTACT SNMP_CONTACT_EMAIL + -------------- -------------------- + joe joe@contoso.com + + + Community String Community Type + ------------------ ---------------- + Jack RW + + + User Permission Type Type Auth Type Auth Password Encryption Type Encryption Password + ------ ----------------- ------ ----------- --------------- ----------------- --------------------- + Travis RO Priv SHA TravisAuthPass AES TravisEncryptPass + ``` + +**show runningconfiguration snmp location** + +This command displays the SNMP location setting. + +- Usage: + ``` + show runningconfiguration snmp location + ``` + +- Example: + ``` + admin@sonic:~$ show runningconfiguration snmp location + Location + ------------ + Emerald City + ``` + +- Usage: + ``` + show runningconfiguration snmp location --json + ``` + +- Example: + ``` + admin@sonic:~$ show runningconfiguration snmp location --json + {'Location': 'Emerald City'} + ``` + +**show runningconfiguration snmp contact** + +This command displays the SNMP contact setting. + +- Usage: + ``` + show runningconfiguration snmp contact + ``` + +- Example: + ``` + admin@sonic:~$ show runningconfiguration snmp contact + Contact Contact Email + --------- --------------- + joe joe@contoso.com + ``` + +- Usage: + ``` + show runningconfiguration snmp contact --json + ``` + +- Example: + ``` + admin@sonic:~$ show runningconfiguration snmp contact --json + {'joe': 'joe@contoso.com'} + ``` + +**show runningconfiguration snmp community** + +This command display the SNMP community settings. + +- Usage: + ``` + show runningconfiguration snmp community + ``` + +- Example: + ``` + admin@sonic:~$ show runningconfiguration snmp community + Community String Community Type + ------------------ ---------------- + Jack RW + ``` + +- Usage: + ``` + show runningconfiguration snmp community --json + ``` + +- Example: + ``` + admin@sonic:~$ show runningconfiguration snmp community --json + {'Jack': {'TYPE': 'RW'}} + ``` + +**show runningconfiguration snmp user** + +This command display the SNMP user settings. + +- Usage: + ``` + show runningconfiguration snmp user + ``` + +- Example: + ``` + admin@sonic:~$ show runningconfiguration snmp user + User Permission Type Type Auth Type Auth Password Encryption Type Encryption Password + ------ ----------------- ------ ----------- --------------- ----------------- --------------------- + Travis RO Priv SHA TravisAuthPass AES TravisEncryptPass + ``` + +- Usage: + ``` + show runningconfiguration snmp user --json + ``` + +- Example: + ``` + admin@sonic:~$ show runningconfiguration snmp user --json + {'Travis': {'SNMP_USER_TYPE': 'Priv', 'SNMP_USER_PERMISSION': 'RO', 'SNMP_USER_AUTH_TYPE': 'SHA', 'SNMP_USER_AUTH_PASSWORD': 'TravisAuthPass', 'SNMP_USER_ENCRYPTION_TYPE': 'AES', 'SNMP_USER_ENCRYPTION_PASSWORD': 'TravisEncryptPass'}} + ``` + + +### SNMP Config commands + +This sub-section explains how to configure SNMP. + +**config snmp location add/del/modify** + +This command is used to add, delete, or modify the SNMP location. + +- Usage: + ``` + config snmp location (add | del | modify) + ``` + +- Example (Add new SNMP location "Emerald City" if it does not already exist): + ``` + admin@sonic:~$ sudo config snmp location add Emerald City + SNMP Location Emerald City has been added to configuration + Restarting SNMP service... + ``` + +- Example (Delete SNMP location "Emerald City" if it already exists): + ``` + admin@sonic:~$ sudo config snmp location del Emerald City + SNMP Location Emerald City removed from configuration + Restarting SNMP service... + ``` + +- Example (Modify SNMP location "Emerald City" to "Redmond"): + ``` + admin@sonic:~$ sudo config snmp location modify Redmond + SNMP location Redmond modified in configuration + Restarting SNMP service... + ``` + +**config snmp contact add/del/modify** + +This command is used to add, delete, or modify the SNMP contact. + +- Usage: + ``` + config snmp contact add + ``` + +- Example: + ``` + admin@sonic:~$ sudo config snmp contact add joe joe@contoso.com + Contact name joe and contact email joe@contoso.com have been added to configuration + Restarting SNMP service... + ``` + +- Usage: + ``` + config snmp contact del + ``` + +- Example: + ``` + admin@sonic:~$ sudo config snmp contact del joe + SNMP contact joe removed from configuration + Restarting SNMP service... + ``` + +- Usage: + ``` + config snmp contact modify + ``` + +- Example: + ``` + admin@sonic:~$ sudo config snmp contact modify test test@contoso.com + SNMP contact test and contact email test@contoso.com updated + Restarting SNMP service... + ``` + +**config snmp community add/del/replace** + +This command is used to add, delete, or replace the SNMP community. + +- Usage: + ``` + config snmp community add (RO | RW) + ``` + +- Example: + ``` + admin@sonic:~$ sudo config snmp community add testcomm ro + SNMP community testcomm added to configuration + Restarting SNMP service... + ``` + +- Usage: + ``` + config snmp community del + ``` + +- Example: + ``` + admin@sonic:~$ sudo config snmp community del testcomm + SNMP community testcomm removed from configuration + Restarting SNMP service... + ``` + +- Usage: + ``` + config snmp community replace + ``` + +- Example: + ``` + admin@sonic:~$ sudo config snmp community replace testcomm newtestcomm + SNMP community newtestcomm added to configuration + SNMP community newtestcomm replace community testcomm + Restarting SNMP service... + ``` + +**config snmp user add/del** + +This command is used to add or delete the SNMP user for SNMPv3. + +- Usage: + ``` + config snmp user add (noAuthNoPriv | AuthNoPriv | Priv) (RO | RW) [[(MD5 | SHA | MMAC-SHA-2) ] [(DES |AES) ]] + ``` + +- Example: + ``` + admin@sonic:~$ sudo config snmp user add testuser1 noauthnopriv ro + SNMP user testuser1 added to configuration + Restarting SNMP service... + ``` + +- Example: + ``` + admin@sonic:~$ sudo config snmp user add testuser2 authnopriv ro sha testuser2_auth_pass + SNMP user testuser2 added to configuration + Restarting SNMP service... + ``` + +- Example: + ``` + admin@sonic:~$ sudo config snmp user add testuser3 priv rw md5 testuser3_auth_pass aes testuser3_encrypt_pass + SNMP user testuser3 added to configuration + Restarting SNMP service... + ``` + +- Usage: + ``` + config snmp user del + ``` + +- Example: + ``` + admin@sonic:~$ sudo config snmp user del testuser1 + SNMP user testuser1 removed from configuration + Restarting SNMP service... + ``` + +## Startup & Running Configuration + +### Startup Configuration + +**show startupconfiguration bgp** + +This command is used to display the startup configuration for the BGP module. + +- Usage: + ``` + show startupconfiguration bgp + ``` + +- Example: + ``` + admin@sonic:~$ show startupconfiguration bgp + Routing-Stack is: quagga + ! + ! =========== Managed by sonic-cfggen DO NOT edit manually! ==================== + ! generated by templates/quagga/bgpd.conf.j2 with config DB data + ! file: bgpd.conf + ! + ! + hostname T1-2 + password zebra + log syslog informational + log facility local4 + ! enable password ! + ! + ! bgp multiple-instance + ! + route-map FROM_BGP_SPEAKER_V4 permit 10 + ! + route-map TO_BGP_SPEAKER_V4 deny 10 + ! + router bgp 65000 + bgp log-neighbor-changes + bgp bestpath as-path multipath-relax + no bgp default ipv4-unicast + bgp graceful-restart restart-time 180 + + + ``` + +### Running Configuration +This sub-section explains the show commands for displaying the running configuration for the following modules. +1) bgp +2) interfaces +3) ntp +4) snmp +5) all +6) acl +7) ports +8) syslog + +**show runningconfiguration all** + +This command displays the entire running configuration. + +- Usage: + ``` + show runningconfiguration all + ``` + +- Example: + ``` + admin@sonic:~$ show runningconfiguration all + ``` + +**show runningconfiguration bgp** + +This command displays the running configuration of the BGP module. + +- Usage: + ``` + show runningconfiguration bgp + ``` + +- Example: + ``` + admin@sonic:~$ show runningconfiguration bgp + ``` + +**show runningconfiguration interfaces** + +This command displays the running configuration for the "interfaces". + +- Usage: + ``` + show runningconfiguration interfaces + ``` + +- Example: + ``` + admin@sonic:~$ show runningconfiguration interfaces + ``` + +**show runningconfiguration ntp** + +This command displays the running configuration of the ntp module. + +- Usage: + ``` + show runningconfiguration ntp + ``` + +- Example: + ``` + admin@sonic:~$ show runningconfiguration ntp + NTP Servers + ------------- + 1.1.1.1 + 2.2.2.2 + ``` + +**show runningconfiguration syslog** + +This command displays the running configuration of the syslog module. + +- Usage: + ``` + show runningconfiguration syslog + ``` + +- Example: + ``` + admin@sonic:~$ show runningconfiguration syslog + Syslog Servers + ---------------- + 4.4.4.4 + 5.5.5.5 + ``` + + +**show runningconfiguration snmp** + +This command displays the running configuration of the snmp module. + +- Usage: + ``` + show runningconfiguration snmp + ``` + +- Example: + ``` + admin@sonic:~$ show runningconfiguration snmp + ``` + +**show runningconfiguration acl** + + This command displays the running configuration of the acls + +- Usage: + ``` + show runningconfiguration acl + ``` + +- Example: + ``` + admin@sonic:~$ show runningconfiguration acl + ``` + + **show runningconfiguration ports** + + This command displays the running configuration of the ports + +- Usage: + ``` + show runningconfiguration ports [] + ``` + +- Examples: + ``` + admin@sonic:~$ show runningconfiguration ports + ``` + + ``` + admin@sonic:~$ show runningconfiguration ports Ethernet0 + ``` + +Go Back To [Beginning of the document](#) or [Beginning of this section](#Startup--Running-Configuration) + + +## Static routing + +### Static routing Config Commands + +This sub-section explains of commands is used to add or remove the static route. + +**config route add** + +This command is used to add a static route. Note that prefix /nexthop vrf`s and interface name are optional. + +- Usage: + + ``` + config route add prefix [vrf ] nexthop [vrf ] dev + ``` + +- Example: + + ``` + admin@sonic:~$ config route add prefix 2.2.3.4/32 nexthop 30.0.0.9 + admin@sonic:~$ config route add prefix 4.0.0.0/24 nexthop dev Ethernet32.10 + ``` + +It also supports ECMP, and adding a new nexthop to the existing prefix will complement it and not overwrite them. + +- Example: + + ``` + admin@sonic:~$ sudo config route add prefix 2.2.3.4/32 nexthop vrf Vrf-RED 30.0.0.9 + admin@sonic:~$ sudo config route add prefix 2.2.3.4/32 nexthop vrf Vrf-BLUE 30.0.0.10 + ``` + +**config route del** + +This command is used to remove a static route. Note that prefix /nexthop vrf`s and interface name are optional. + +- Usage: + + ``` + config route del prefix [vrf ] nexthop [vrf ] dev + ``` + +- Example: + + ``` + admin@sonic:~$ sudo config route del prefix 2.2.3.4/32 nexthop vrf Vrf-RED 30.0.0.9 + admin@sonic:~$ sudo config route del prefix 2.2.3.4/32 nexthop vrf Vrf-BLUE 30.0.0.10 + ``` + +This sub-section explains of command is used to show current routes. + +**show ip route** + +- Usage: + + ``` + show ip route + ``` + +- Example: + + ``` + admin@sonic:~$ show ip route + Codes: K - kernel route, C - connected, S - static, R - RIP, + O - OSPF, I - IS-IS, B - BGP, E - EIGRP, N - NHRP, + T - Table, v - VNC, V - VNC-Direct, A - Babel, D - SHARP, + F - PBR, f - OpenFabric, + > - selected route, * - FIB route, q - queued, r - rejected, b - backup + + S>* 0.0.0.0/0 [200/0] via 192.168.111.3, eth0, weight 1, 3d03h58m + S> 1.2.3.4/32 [1/0] via 30.0.0.7, weight 1, 00:00:06 + C>* 10.0.0.18/31 is directly connected, Ethernet36, 3d03h57m + C>* 10.0.0.20/31 is directly connected, Ethernet40, 3d03h57m + ``` + +Go Back To [Beginning of the document](#) or [Beginning of this section](#static-routing) + +## Subinterfaces + +### Subinterfaces Show Commands + +**show subinterfaces status** + +This command displays all the subinterfaces that are configured on the device and its current status. + +- Usage: +``` +show subinterfaces status +``` + +- Example: +``` +admin@sonic:~$ show subinterfaces status +Sub port interface Speed MTU Vlan Admin Type +------------------ ------- ----- ------ ------- ------------------- + Eth64.10 100G 9100 100 up dot1q-encapsulation + Ethernet0.100 100G 9100 100 up dot1q-encapsulation +``` + +### Subinterfaces Config Commands + +This sub-section explains how to configure subinterfaces. + +**config subinterface** + +- Usage: +``` +config subinterface (add | del) [vlan <1-4094>] +``` + +- Example (Create the subinterfces with name "Ethernet0.100"): +``` +admin@sonic:~$ sudo config subinterface add Ethernet0.100 +``` + +- Example (Create the subinterfces with name "Eth64.100"): +``` +admin@sonic:~$ sudo config subinterface add Eth64.100 100 +``` + +- Example (Delete the subinterfces with name "Ethernet0.100"): +``` +admin@sonic:~$ sudo config subinterface del Ethernet0.100 +``` + +- Example (Delete the subinterfces with name "Eth64.100"): +``` +admin@sonic:~$ sudo config subinterface del Eth64.100 100 +``` + +Go Back To [Beginning of the document](#) or [Beginning of this section](#static-routing) + +## Syslog + +### Syslog Show Commands + +This subsection explains how to display configured syslog servers. + +**show syslog** + +This command displays configured syslog servers. + +- Usage: + ``` + show syslog + ``` + +- Example: + ``` + admin@sonic:~$ show syslog + SERVER IP SOURCE IP PORT VRF + ----------- ----------- ------ ------- + 2.2.2.2 1.1.1.1 514 default + ``` + +### Syslog Config Commands + +This subsection explains how to configure syslog servers. + +**config syslog add** + +This command is used to add a syslog server to the syslog server list. +Note that more that one syslog server can be added in the device. + +- Usage: + ``` + config syslog add + ``` + +- Parameters: + - _server_address_: syslog server IP address + - _source_: syslog source IP address + - _port_: syslog server UDP port + - _vrf_: syslog VRF device + +- Example: + ``` + admin@sonic:~$ sudo config syslog add 2.2.2.2 --source 1.1.1.1 --port 514 --vrf default + Running command: systemctl reset-failed rsyslog-config + Running command: systemctl restart rsyslog-config + ``` + +**config syslog del** + +This command is used to delete the configured syslog server. + +- Usage: + ``` + config syslog del + ``` + +- Parameters: + - _server_address_: syslog server IP address + +- Example: + ``` + admin@sonic:~$ sudo config syslog del 2.2.2.2 + Running command: systemctl reset-failed rsyslog-config + Running command: systemctl restart rsyslog-config + ``` + +Go Back To [Beginning of the document](#) or [Beginning of this section](#syslog) + +## System State + +### Processes + +This command is used to determine the CPU utilization. It also lists the active processes along with their corresponding process ID and other relevant parameters. + +This sub-section explains the various "processes" specific data that includes the following. +1) cpu Show processes CPU info +2) memory Show processes memory info +3) summary Show processes info + +“show processes” commands provide a wrapper over linux’s “top” command. “show process cpu” sorts the processes being displayed by cpu-utilization, whereas “show process memory” does it attending to processes’ memory-utilization. + +**show processes cpu** + +This command displays the current CPU usage by process. This command uses linux's "top -bn 1 -o %CPU" command to display the output. + +- Usage: + ``` + show processes cpu + ``` + +*TIP: Users can pipe the output to "head" to display only the "n" number of lines (e.g., `show processes cpu | head -n 10`)* + +- Example: + ``` + admin@sonic:~$ show processes cpu + top - 23:50:08 up 1:18, 1 user, load average: 0.25, 0.29, 0.25 + Tasks: 161 total, 1 running, 160 sleeping, 0 stopped, 0 zombie + %Cpu(s): 3.8 us, 1.0 sy, 0.0 ni, 95.1 id, 0.1 wa, 0.0 hi, 0.0 si, 0.0 st + KiB Mem: 8181216 total, 1161060 used, 7020156 free, 105656 buffers + KiB Swap: 0 total, 0 used, 0 free. 557560 cached Mem + + PID USER PR NI VIRT RES SHR S %CPU %MEM TIME+ COMMAND + 2047 root 20 0 683772 109288 39652 S 23.8 1.3 7:44.79 syncd + 1351 root 20 0 43360 5616 2844 S 11.9 0.1 1:41.56 redis-server + 10093 root 20 0 21944 2476 2088 R 5.9 0.0 0:00.03 top + 1 root 20 0 28992 5508 3236 S 0.0 0.1 0:06.42 systemd + 2 root 20 0 0 0 0 S 0.0 0.0 0:00.00 kthreadd + 3 root 20 0 0 0 0 S 0.0 0.0 0:00.56 ksoftirqd/0 + 5 root 0 -20 0 0 0 S 0.0 0.0 0:00.00 kworker/0:0H + ... + ``` + +*TIP: Advanced users can view individual processes using variations of the `ps` command (e.g., `ps -ax | grep `)* + +**show processes memory** + +This command displays the current memory usage by processes. This command uses linux's "top -bn 1 -o %MEM" command to display the output. + +- Usage: + ``` + show processes memory + ``` + +*NOTE that pipe option can be used using " | head -n" to display only the "n" number of lines* + +- Example: + ``` + admin@sonic:~$ show processes memory + top - 23:41:24 up 7 days, 39 min, 2 users, load average: 1.21, 1.19, 1.18 + Tasks: 191 total, 2 running, 189 sleeping, 0 stopped, 0 zombie + %Cpu(s): 2.8 us, 20.7 sy, 0.0 ni, 76.3 id, 0.0 wa, 0.0 hi, 0.2 si, 0.0 st + KiB Mem : 8162264 total, 5720412 free, 945516 used, 1496336 buff/cache + KiB Swap: 0 total, 0 free, 0 used. 6855632 avail Mem + + PID USER PR NI VIRT RES SHR S %CPU %MEM TIME+ COMMAND + 18051 root 20 0 851540 274784 8344 S 0.0 3.4 0:02.77 syncd + 17760 root 20 0 1293428 259212 58732 S 5.9 3.2 96:46.22 syncd + 508 root 20 0 725364 76244 38220 S 0.0 0.9 4:54.49 dockerd + 30853 root 20 0 96348 56824 7880 S 0.0 0.7 0:00.98 show + 17266 root 20 0 509876 49772 30640 S 0.0 0.6 0:06.36 docker + 24891 admin 20 0 515864 49560 30644 S 0.0 0.6 0:05.54 docker + 17643 admin 20 0 575668 49428 30628 S 0.0 0.6 0:06.29 docker + 23885 admin 20 0 369552 49344 30840 S 0.0 0.6 0:05.57 docker + 18055 root 20 0 509076 49260 30296 S 0.0 0.6 0:06.36 docker + 17268 root 20 0 371120 49052 30372 S 0.0 0.6 0:06.45 docker + 1227 root 20 0 443284 48640 30100 S 0.0 0.6 0:41.91 docker + 23785 admin 20 0 443796 48552 30128 S 0.0 0.6 0:05.58 docker + 17820 admin 20 0 435088 48144 29480 S 0.0 0.6 0:06.33 docker + 506 root 20 0 1151040 43140 23964 S 0.0 0.5 8:51.08 containerd + 18437 root 20 0 84852 26388 7380 S 0.0 0.3 65:59.76 python3.6 + ``` + + +**show processes summary** + +This command displays the current summary information about all the processes + +- Usage: + ``` + show processes summary + ``` + +- Example: + ``` + admin@sonic:~$ show processes summary + PID PPID CMD %MEM %CPU + 1 0 /sbin/init 0.0 0.0 + 2 0 [kthreadd] 0.0 0.0 + 3 2 [ksoftirqd/0] 0.0 0.0 + 5 2 [kworker/0:0H] 0.0 0.0 + ... + ``` + +Go Back To [Beginning of the document](#) or [Beginning of this section](#System-State) + +### Services & Memory + +These commands are used to know the services that are running and the memory that is utilized currently. + + +**show services** + +This command displays the state of all the SONiC processes running inside a docker container. This helps to identify the status of SONiC’s critical processes. + +- Usage: + ``` + show services + ``` + +- Example: + ``` + admin@sonic:~$ show services + dhcp_relay docker + --------------------------- + UID PID PPID C STIME TTY TIME CMD + root 1 0 0 05:26 ? 00:00:12 /usr/bin/python /usr/bin/supervi + root 24 1 0 05:26 ? 00:00:00 /usr/sbin/rsyslogd -n + + nat docker + --------------------------- + USER PID PPID C STIME TTY TIME CMD + root 1 0 0 05:26 ? 00:00:12 /usr/bin/python /usr/bin/supervisord + root 18 1 0 05:26 ? 00:00:00 /usr/sbin/rsyslogd -n + root 23 1 0 05:26 ? 00:00:01 /usr/bin/natmgrd + root 34 1 0 05:26 ? 00:00:00 /usr/bin/natsyncd + + snmp docker + --------------------------- + UID PID PPID C STIME TTY TIME CMD + root 1 0 0 05:26 ? 00:00:16 /usr/bin/python /usr/bin/supervi + root 24 1 0 05:26 ? 00:00:02 /usr/sbin/rsyslogd -n + Debian-+ 29 1 0 05:26 ? 00:00:04 /usr/sbin/snmpd -f -LS4d -u Debi + root 31 1 1 05:26 ? 00:15:10 python3.6 -m sonic_ax_impl + + syncd docker + --------------------------- + UID PID PPID C STIME TTY TIME CMD + root 1 0 0 05:26 ? 00:00:13 /usr/bin/python /usr/bin/supervi + root 12 1 0 05:26 ? 00:00:00 /usr/sbin/rsyslogd -n + root 17 1 0 05:26 ? 00:00:00 /usr/bin/dsserve /usr/bin/syncd + root 27 17 22 05:26 ? 04:09:30 /usr/bin/syncd --diag -p /usr/sh + root 51 27 0 05:26 ? 00:00:01 /usr/bin/syncd --diag -p /usr/sh + + swss docker + --------------------------- + UID PID PPID C STIME TTY TIME CMD + root 1 0 0 05:26 ? 00:00:29 /usr/bin/python /usr/bin/supervi + root 25 1 0 05:26 ? 00:00:00 /usr/sbin/rsyslogd -n + root 30 1 0 05:26 ? 00:00:13 /usr/bin/orchagent -d /var/log/s + root 42 1 1 05:26 ? 00:12:40 /usr/bin/portsyncd -p /usr/share + root 45 1 0 05:26 ? 00:00:00 /usr/bin/intfsyncd + root 48 1 0 05:26 ? 00:00:03 /usr/bin/neighsyncd + root 59 1 0 05:26 ? 00:00:01 /usr/bin/vlanmgrd + root 92 1 0 05:26 ? 00:00:01 /usr/bin/intfmgrd + root 3606 1 0 23:36 ? 00:00:00 bash -c /usr/bin/arp_update; sle + root 3621 3606 0 23:36 ? 00:00:00 sleep 300 + + ... + ``` + +**show system-memory** + +This command displays the system-wide memory utilization information – just a wrapper over linux native “free” command + +- Usage: + ``` + show system-memory + ``` + +- Example: + ``` + admin@sonic:~$ show system-memory + Command: free -m -h + total used free shared buffers cached + Mem: 3.9G 2.0G 1.8G 33M 324M 791M + -/+ buffers/cache: 951M 2.9G + Swap: 0B 0B 0B + ``` + +**show mmu** + +This command displays virtual address to the physical address translation status of the Memory Management Unit (MMU). + +- Usage: + ``` + show mmu + ``` + +- Example: + ``` + admin@sonic:~$ show mmu + Pool: ingress_lossless_pool + ---- -------- + xoff 4194112 + type ingress + mode dynamic + size 10875072 + ---- -------- + + Pool: egress_lossless_pool + ---- -------- + type egress + mode static + size 15982720 + ---- -------- + + Pool: egress_lossy_pool + ---- ------- + type egress + mode dynamic + size 9243812 + ---- ------- + + Profile: egress_lossy_profile + ---------- ------------------------------- + dynamic_th 3 + pool [BUFFER_POOL|egress_lossy_pool] + size 1518 + ---------- ------------------------------- + + Profile: pg_lossless_100000_300m_profile + ---------- ----------------------------------- + xon_offset 2288 + dynamic_th -3 + xon 2288 + xoff 268736 + pool [BUFFER_POOL|ingress_lossless_pool] + size 1248 + ---------- ----------------------------------- + + Profile: egress_lossless_profile + --------- ---------------------------------- + static_th 3995680 + pool [BUFFER_POOL|egress_lossless_pool] + size 1518 + --------- ---------------------------------- + + Profile: pg_lossless_100000_40m_profile + ---------- ----------------------------------- + xon_offset 2288 + dynamic_th -3 + xon 2288 + xoff 177632 + pool [BUFFER_POOL|ingress_lossless_pool] + size 1248 + ---------- ----------------------------------- + + Profile: ingress_lossy_profile + ---------- ----------------------------------- + dynamic_th 3 + pool [BUFFER_POOL|ingress_lossless_pool] + size 0 + ---------- ----------------------------------- + + Profile: pg_lossless_40000_40m_profile + ---------- ----------------------------------- + xon_offset 2288 + dynamic_th -3 + xon 2288 + xoff 71552 + pool [BUFFER_POOL|ingress_lossless_pool] + size 1248 + ---------- ----------------------------------- + ``` + +Go Back To [Beginning of the document](#) or [Beginning of this section](#System-State) + +Go Back To [Beginning of the document](#) or [Beginning of this section](#System-Health) + +### System-Health + +These commands are used to monitor the system current running services and hardware state. + +**show system-health summary** + +This command displays the current status of 'Services' and 'Hardware' under monitoring. +If any of the elements under each of these two sections is 'Not OK' a proper message will appear under the relevant section. + +- Usage: + ``` + show system-health summary + ``` + +- Example: + ``` + admin@sonic:~$ show system-health summary + System status summary + + System status LED red + Services: + Status: Not OK + Not Running: 'telemetry', 'sflowmgrd' + Hardware: + Status: OK + ``` + ``` + admin@sonic:~$ show system-health summary + System status summary + + System status LED green + Services: + Status: OK + Hardware: + Status: OK + ``` + +**show system-health monitor-list** + +This command displays a list of all current 'Services' and 'Hardware' being monitored, their status and type. + +- Usage: + ``` + show system-health monitor-list + ``` + +- Example: + ``` + admin@sonic:~$ show system-health monitor-list + System services and devices monitor list + + Name Status Type + -------------- -------- ---------- + telemetry Not OK Process + orchagent Not OK Process + neighsyncd OK Process + vrfmgrd OK Process + dialout_client OK Process + zebra OK Process + rsyslog OK Process + snmpd OK Process + redis_server OK Process + intfmgrd OK Process + vxlanmgrd OK Process + lldpd_monitor OK Process + portsyncd OK Process + var-log OK Filesystem + lldpmgrd OK Process + syncd OK Process + sonic OK System + buffermgrd OK Process + portmgrd OK Process + staticd OK Process + bgpd OK Process + lldp_syncd OK Process + bgpcfgd OK Process + snmp_subagent OK Process + root-overlay OK Filesystem + fpmsyncd OK Process + sflowmgrd OK Process + vlanmgrd OK Process + nbrmgrd OK Process + PSU 2 OK PSU + psu_1_fan_1 OK Fan + psu_2_fan_1 OK Fan + fan11 OK Fan + fan10 OK Fan + fan12 OK Fan + ASIC OK ASIC + fan1 OK Fan + PSU 1 OK PSU + fan3 OK Fan + fan2 OK Fan + fan5 OK Fan + fan4 OK Fan + fan7 OK Fan + fan6 OK Fan + fan9 OK Fan + fan8 OK Fan + ``` + +**show system-health detail** + +This command displays the current status of 'Services' and 'Hardware' under monitoring. +If any of the elements under each of these two sections is 'Not OK' a proper message will appear under the relevant section. +In addition, displays a list of all current 'Services' and 'Hardware' being monitored and a list of ignored elements. + +- Usage: + ``` + show system-health detail + ``` + +- Example: + ``` + admin@sonic:~$ show system-health detail + System status summary + + System status LED red + Services: + Status: Not OK + Not Running: 'telemetry', 'orchagent' + Hardware: + Status: OK + + System services and devices monitor list + + Name Status Type + -------------- -------- ---------- + telemetry Not OK Process + orchagent Not OK Process + neighsyncd OK Process + vrfmgrd OK Process + dialout_client OK Process + zebra OK Process + rsyslog OK Process + snmpd OK Process + redis_server OK Process + intfmgrd OK Process + vxlanmgrd OK Process + lldpd_monitor OK Process + portsyncd OK Process + var-log OK Filesystem + lldpmgrd OK Process + syncd OK Process + sonic OK System + buffermgrd OK Process + portmgrd OK Process + staticd OK Process + bgpd OK Process + lldp_syncd OK Process + bgpcfgd OK Process + snmp_subagent OK Process + root-overlay OK Filesystem + fpmsyncd OK Process + sflowmgrd OK Process + vlanmgrd OK Process + nbrmgrd OK Process + PSU 2 OK PSU + psu_1_fan_1 OK Fan + psu_2_fan_1 OK Fan + fan11 OK Fan + fan10 OK Fan + fan12 OK Fan + ASIC OK ASIC + fan1 OK Fan + PSU 1 OK PSU + fan3 OK Fan + fan2 OK Fan + fan5 OK Fan + fan4 OK Fan + fan7 OK Fan + fan6 OK Fan + fan9 OK Fan + fan8 OK Fan + + System services and devices ignore list + + Name Status Type + ----------- -------- ------ + psu.voltage Ignored Device + ``` +Go Back To [Beginning of the document](#) or [Beginning of this section](#System-Health) + +## VLAN & FDB + +### VLAN + +#### VLAN show commands + +**show vlan brief** + +This command displays brief information about all the vlans configured in the device. It displays the vlan ID, IP address (if configured for the vlan), list of vlan member ports, whether the port is tagged or in untagged mode, the DHCP Helper Address, and the proxy ARP status + +- Usage: + ``` + show vlan brief + ``` + +- Example: + ``` + admin@sonic:~$ show vlan brief + + +-----------+--------------+-----------+----------------+-----------------------+-------------+ + | VLAN ID | IP Address | Ports | Port Tagging | DHCP Helper Address | Proxy ARP | + +===========+==============+===========+================+=======================+=============+ + | 100 | 1.1.2.2/16 | Ethernet0 | tagged | 192.0.0.1 | disabled | + | | | Ethernet4 | tagged | 192.0.0.2 | | + | | | | | 192.0.0.3 | | + +-----------+--------------+-----------+----------------+-----------------------+-------------+ + ``` + +**show vlan config** + +This command displays all the vlan configuration. + +- Usage: + ``` + show vlan config + ``` + +- Example: + ``` + admin@sonic:~$ show vlan config + Name VID Member Mode + ------- ----- --------- ------ + Vlan100 100 Ethernet0 tagged + Vlan100 100 Ethernet4 tagged + ``` + + +#### VLAN Config commands + +This sub-section explains how to configure the vlan and its member ports. + +**config vlan add/del** + +This command is used to add or delete the vlan. + +- Usage: + ``` + config vlan (add | del) + ``` + +- Example (Create the VLAN "Vlan100" if it does not already exist): + ``` + admin@sonic:~$ sudo config vlan add 100 + ``` + +**config vlan member add/del** + +This command is to add or delete a member port into the already created vlan. + +- Usage: + ``` + config vlan member add/del [-u|--untagged] + ``` + +*NOTE: Adding the -u or --untagged flag will set the member in "untagged" mode* + + +- Example: + ``` + admin@sonic:~$ sudo config vlan member add 100 Ethernet0 + This command will add Ethernet0 as member of the vlan 100 + + admin@sonic:~$ sudo config vlan member add 100 Ethernet4 + This command will add Ethernet4 as member of the vlan 100. + ``` + +**config proxy_arp enabled/disabled** + +This command is used to enable or disable proxy ARP for a VLAN interface + +- Usage: + ``` + config vlan proxy_arp enabled/disabled + ``` + +- Example: + ``` + admin@sonic:~$ sudo config vlan proxy_arp 1000 enabled + This command will enable proxy ARP for the interface 'Vlan1000' + ``` + +Go Back To [Beginning of the document](#) or [Beginning of this section](#vlan--FDB) + +### FDB + +#### FDB show commands + +**show mac** + +This command displays the MAC (FDB) entries either in full or partial as given below. +1) show mac - displays the full table +2) show mac -v - displays the MACs learnt on the particular VLAN ID. +3) show mac -p - displays the MACs learnt on the particular port. +4) show mac -a - display the MACs that match a specific mac-address +5) show mac -t - display the MACs that match a specific type (static/dynamic) +6) show mac -c - display the count of MAC addresses + +To show the default MAC address aging time on the switch. + +- Usage: + ``` + show mac [-v ] [-p ] [-a ] [-t ] [-c] + ``` + +- Example: + ``` + admin@sonic:~$ show mac + No. Vlan MacAddress Port Type + ----- ------ ----------------- ----------- ------- + 1 1000 E2:8C:56:85:4A:CD Ethernet192 Dynamic + 2 1000 A0:1B:5E:47:C9:76 Ethernet192 Dynamic + 3 1000 AA:54:EF:2C:EE:30 Ethernet192 Dynamic + 4 1000 A4:3F:F2:17:A3:FC Ethernet192 Dynamic + 5 1000 0C:FC:01:72:29:91 Ethernet192 Dynamic + 6 1000 48:6D:01:7E:C9:FD Ethernet192 Dynamic + 7 1000 1C:6B:7E:34:5F:A6 Ethernet192 Dynamic + 8 1000 EE:81:D9:7B:93:A9 Ethernet192 Dynamic + 9 1000 CC:F8:8D:BB:85:E2 Ethernet192 Dynamic + 10 1000 0A:52:B3:9C:FB:6C Ethernet192 Dynamic + 11 1000 C6:E2:72:02:D1:23 Ethernet192 Dynamic + 12 1000 8A:C9:5C:25:E9:28 Ethernet192 Dynamic + 13 1000 5E:CD:34:E4:94:18 Ethernet192 Dynamic + 14 1000 7E:49:1F:B5:91:B5 Ethernet192 Dynamic + 15 1000 AE:DD:67:F3:09:5A Ethernet192 Dynamic + 16 1000 DC:2F:D1:08:4B:DE Ethernet192 Dynamic + 17 1000 50:96:23:AD:F1:65 Ethernet192 Static + 18 1000 C6:C9:5E:AE:24:42 Ethernet192 Static + Total number of entries 18 + ``` + +Optionally, you can specify a VLAN ID or interface name or type or mac-address in order to display only that particular entries + +- Examples: + ``` + admin@sonic:~$ show mac -v 1000 + No. Vlan MacAddress Port Type + ----- ------ ----------------- ----------- ------- + 1 1000 E2:8C:56:85:4A:CD Ethernet192 Dynamic + 2 1000 A0:1B:5E:47:C9:76 Ethernet192 Dynamic + 3 1000 AA:54:EF:2C:EE:30 Ethernet192 Dynamic + 4 1000 A4:3F:F2:17:A3:FC Ethernet192 Dynamic + 5 1000 0C:FC:01:72:29:91 Ethernet192 Dynamic + 6 1000 48:6D:01:7E:C9:FD Ethernet192 Dynamic + 7 1000 1C:6B:7E:34:5F:A6 Ethernet192 Dynamic + 8 1000 EE:81:D9:7B:93:A9 Ethernet192 Dynamic + 9 1000 CC:F8:8D:BB:85:E2 Ethernet192 Dynamic + 10 1000 0A:52:B3:9C:FB:6C Ethernet192 Dynamic + 11 1000 C6:E2:72:02:D1:23 Ethernet192 Dynamic + 12 1000 8A:C9:5C:25:E9:28 Ethernet192 Dynamic + 13 1000 5E:CD:34:E4:94:18 Ethernet192 Dynamic + 14 1000 7E:49:1F:B5:91:B5 Ethernet192 Dynamic + 15 1000 AE:DD:67:F3:09:5A Ethernet192 Dynamic + 16 1000 DC:2F:D1:08:4B:DE Ethernet192 Dynamic + 17 1000 50:96:23:AD:F1:65 Ethernet192 Static + 18 1000 C6:C9:5E:AE:24:42 Ethernet192 Static + Total number of entries 18 + ``` + ``` + admin@sonic:~$ show mac -p Ethernet192 + No. Vlan MacAddress Port Type + ----- ------ ----------------- ----------- ------- + 1 1000 E2:8C:56:85:4A:CD Ethernet192 Dynamic + 2 1000 A0:1B:5E:47:C9:76 Ethernet192 Dynamic + 3 1000 AA:54:EF:2C:EE:30 Ethernet192 Dynamic + 4 1000 A4:3F:F2:17:A3:FC Ethernet192 Dynamic + 5 1000 0C:FC:01:72:29:91 Ethernet192 Dynamic + 6 1000 48:6D:01:7E:C9:FD Ethernet192 Dynamic + 7 1000 1C:6B:7E:34:5F:A6 Ethernet192 Dynamic + 8 1000 EE:81:D9:7B:93:A9 Ethernet192 Dynamic + 9 1000 CC:F8:8D:BB:85:E2 Ethernet192 Dynamic + 10 1000 0A:52:B3:9C:FB:6C Ethernet192 Dynamic + 11 1000 C6:E2:72:02:D1:23 Ethernet192 Dynamic + 12 1000 8A:C9:5C:25:E9:28 Ethernet192 Dynamic + 13 1000 5E:CD:34:E4:94:18 Ethernet192 Dynamic + 14 1000 7E:49:1F:B5:91:B5 Ethernet192 Dynamic + 15 1000 AE:DD:67:F3:09:5A Ethernet192 Dynamic + 16 1000 DC:2F:D1:08:4B:DE Ethernet192 Dynamic + 17 1000 50:96:23:AD:F1:65 Ethernet192 Static + 18 1000 C6:C9:5E:AE:24:42 Ethernet192 Static + Total number of entries 18 + ``` + ``` + admin@sonic:~$ show mac -a E2:8C:56:85:4A:CD + No. Vlan MacAddress Port Type + ----- ------ ----------------- ----------- ------- + 1 1000 E2:8C:56:85:4A:CD Ethernet192 Dynamic + Total number of entries 1 + ``` + ``` + admin@sonic:~$ show mac -t Static + No. Vlan MacAddress Port Type + ----- ------ ----------------- ----------- ------- + 2 1000 50:96:23:AD:F1:65 Ethernet192 Static + 2 1000 C6:C9:5E:AE:24:42 Ethernet192 Static + Total number of entries 2 + ``` + ``` + admin@sonic:~$ show mac -c + Total number of entries 18 + ``` + +**show mac aging-time** + +This command displays the default mac aging time on the switch + + ``` + admin@sonic:~$ show mac aging-time + Aging time for switch is 600 seconds + ``` + +**sonic-clear fdb all** + +Clear the FDB table + +- Usage: + ``` + sonic-clear fdb all + ``` +- Example: + ``` + admin@sonic:~$ sonic-clear fdb all + FDB entries are cleared. + ``` + +Go Back To [Beginning of the document](#) or [Beginning of this section](#vlan--FDB) + +## VxLAN & Vnet + +### VxLAN + +#### VxLAN show commands + +**show vxlan tunnel** + +This command displays brief information about all the vxlans configured in the device. It displays the vxlan tunnel name, source IP address, destination IP address (if configured), tunnel map name and mapping. + +- Usage: + + ``` + show vxlan tunnel + ``` + +- Example: + + ``` + admin@sonic:~$ show vxlan tunnel + vxlan tunnel name source ip destination ip tunnel map name tunnel map mapping(vni -> vlan) + ------------------- ----------- ---------------- ----------------- --------------------------------- + tunnel1 10.10.10.10 + tunnel2 10.10.10.10 20.10.10.10 tmap1 1234 -> 100 + tunnel3 10.10.10.10 30.10.10.10 tmap2 1235 -> 200 + ``` + +**show vxlan name ** + +This command displays configuration. + +- Usage: + + ``` + show vxlan name + ``` + +- Example: + + ``` + admin@sonic:~$ show vxlan name tunnel3 + vxlan tunnel name source ip destination ip tunnel map name tunnel map mapping(vni -> vlan) + ------------------- ----------- ---------------- ----------------- --------------------------------- + tunnel3 10.10.10.10 30.10.10.10 tmap2 1235 -> 200 + ``` + +Go Back To [Beginning of the document](#) or [Beginning of this section](#vxlan--vnet) + +### Vnet + +#### Vnet show commands + +**show vnet brief** + +This command displays brief information about all the vnets configured in the device. It displays the vnet name, vxlan tunnel name, vni and peer list (if configured). + +- Usage: + + ``` + show vnet brief + ``` + +- Example: + + ``` + admin@sonic:~$ show vnet brief + vnet name vxlan tunnel vni peer list + ----------- -------------- ----- ------------------ + Vnet_2000 tunnel1 2000 + Vnet_3000 tunnel1 3000 Vnet_2000,Vnet4000 + ``` + +**show vnet name ** + +This command displays brief information about configured in the device. + +- Usage: + + ``` + show vnet name + ``` + +- Example: + + ``` + admin@sonic:~$ show vnet name Vnet_3000 + vnet name vxlan tunnel vni peer list + ----------- -------------- ----- ------------------ + Vnet_3000 tunnel1 3000 Vnet_2000,Vnet4000 + ``` + +**show vnet interfaces** + +This command displays vnet interfaces information about all the vnets configured in the device. + +- Usage: + + ``` + show vnet interfaces + ``` + +- Example: + + ``` + admin@sonic:~$ show vnet interfaces + vnet name interfaces + ----------- ------------ + Vnet_2000 Ethernet1 + Vnet_3000 Vlan2000 + ``` + +**show vnet neighbors** + +This command displays vnet neighbor information about all the vnets configured in the device. It displays the vnet name, neighbor IP address, neighbor mac address (if configured) and interface. + +- Usage: + + ``` + show vnet neighbors + ``` + +- Example: + + ``` + admin@sonic:~$ show vnet neighbors + Vnet_2000 neighbor mac_address interfaces + ----------- ----------- ------------- ------------ + 11.11.11.11 Ethernet1 + 11.11.11.12 Ethernet1 + + Vnet_3000 neighbor mac_address interfaces + ----------- ----------- ----------------- ------------ + 20.20.20.20 aa:bb:cc:dd:ee:ff Vlan2000 + ``` + +**show vnet routes all** + +This command displays all routes information about all the vnets configured in the device. + +- Usage: + + ``` + show vnet routes all + ``` + +- Example: + + ``` + admin@sonic:~$ show vnet routes all + vnet name prefix nexthop interface + ----------- -------------- --------- ----------- + Vnet_2000 100.100.3.0/24 Ethernet52 + Vnet_3000 100.100.4.0/24 Vlan2000 + + vnet name prefix endpoint mac address vni + ----------- -------------- ---------- ----------------- ----- + Vnet_2000 100.100.1.1/32 10.10.10.1 + Vnet_3000 100.100.2.1/32 10.10.10.2 00:00:00:00:03:04 + ``` + +**show vnet routes tunnel** + +This command displays tunnel routes information about all the vnets configured in the device. + +- Usage: + + ``` + show vnet routes tunnel + ``` + +- Example: + + ``` + admin@sonic:~$ show vnet routes tunnel + vnet name prefix endpoint mac address vni + ----------- -------------- ---------- ----------------- ----- + Vnet_2000 100.100.1.1/32 10.10.10.1 + Vnet_3000 100.100.2.1/32 10.10.10.2 00:00:00:00:03:04 + ``` + +Go Back To [Beginning of the document](#) or [Beginning of this section](#vxlan--vnet) + +## Warm Reboot + +warm-reboot command initiates a warm reboot of the device. + +warm-reboot command doesn't require setting warm restart configuration. The +command will setup everything needed to perform warm reboot. + +This command requires root privilege. + +- Usage: + ``` + warm-reboot [-h|-?|-v|-f|-r|-k|-x|-c |-s|-D] + ``` + +- Parameters: + ``` + -h,-? : get this help + -v : turn on verbose mode + -f : force execution + -r : reboot with /sbin/reboot + -k : reboot with /sbin/kexec -e [default] + -x : execute script with -x flag + -c : specify control plane assistant IP list + -s : strict mode: do not proceed without: + - control plane assistant IP list. + -D : detached mode - closing terminal will not cause stopping reboot + ``` + +- Example: + ``` + admin@sonic:~$ sudo warm-reboot -v + Tue Oct 22 23:20:53 UTC 2019 Pausing orchagent ... + Tue Oct 22 23:20:53 UTC 2019 Stopping radv ... + Tue Oct 22 23:20:54 UTC 2019 Stopping bgp ... + Tue Oct 22 23:20:54 UTC 2019 Stopped bgp ... + Tue Oct 22 23:20:57 UTC 2019 Initialize pre-shutdown ... + Tue Oct 22 23:20:58 UTC 2019 Requesting pre-shutdown ... + Tue Oct 22 23:20:58 UTC 2019 Waiting for pre-shutdown ... + Tue Oct 22 23:20:59 UTC 2019 Pre-shutdown succeeded ... + Tue Oct 22 23:20:59 UTC 2019 Backing up database ... + Tue Oct 22 23:21:00 UTC 2019 Stopping teamd ... + Tue Oct 22 23:21:00 UTC 2019 Stopped teamd ... + Tue Oct 22 23:21:00 UTC 2019 Stopping syncd ... + Tue Oct 22 23:21:11 UTC 2019 Stopped syncd ... + Tue Oct 22 23:21:11 UTC 2019 Stopping all remaining containers ... + Tue Oct 22 23:21:13 UTC 2019 Stopped all remaining containers ... + Tue Oct 22 23:21:15 UTC 2019 Rebooting with /sbin/kexec -e to SONiC-OS-20191021.01 ... + ``` + +Go Back To [Beginning of the document](#) or [Beginning of this section](#Warm-Reboot) + +## Warm Restart + +Besides device level warm reboot, SONiC also provides docker based warm restart. This feature is currently supported by following dockers: BGP, teamD, and SWSS. A user can manage to restart a particular docker, with no interruption on packet forwarding and no effect on other services. This helps to reduce operational costs as well as development efforts. For example, to fix a bug in BGP routing stack, only the BGP docker image needs to be built, tested and upgraded. + +To achieve uninterrupted packet forwarding during the restarting stage and database reconciliation at the post restarting stage, warm restart enabled dockers with adjacency state machine facilitate standardized protocols. For example, a BGP restarting switch must have BGP "Graceful Restart" enabled, and its BGP neighbors must be "Graceful Restart Helper Capable", as specified in [IETF RFC4724](https://tools.ietf.org/html/rfc4724). + +Before warm restart BGP docker, the following BGP commands should be enabled: + ``` + bgp graceful-restart + bgp graceful-restart preserve-fw-state + ``` +In current SONiC release, the above two commands are enabled by default. + +It should be aware that during a warm restart, certain BGP fast convergence feature and black hole avoidance feature should either be disabled or be set to a lower preference to avoid conflicts with BGP graceful restart. + +For example, BGP BFD could be disabled via: + + ``` + no neighbor bfd + ``` + +otherwise, the fast failure detection would cause packet drop during warm reboot. + +Another commonly deployed blackhole avoidance feature: dynamic route priority adjustment, could be disabled via: + + ``` + no bgp max-med on-peerup + ``` + +to avoid large routes churn during BGP restart. + + +### Warm Restart show commands + +**show warm_restart config** + +This command displays all the configuration related to warm_restart. + +- Usage: + ``` + show warm_restart config + ``` + +- Example: + ``` + admin@sonic:~$ show warm_restart config + name enable timer_name timer_duration + ------ -------- ---------------- ---------------- + bgp true bgp_timer 100 + teamd false teamsyncd_timer 300 + swss false neighsyncd_timer 200 + system true NULL NULL + ``` + +**show warm_restart state** + +This command displays the warm_restart state. + +- Usage: + ``` + show warm_restart state + ``` + +- Example: + ``` + admin@sonic:~$ show warm_restart state + name restore_count state + ---------- --------------- ---------- + orchagent 0 + vlanmgrd 0 + bgp 1 reconciled + portsyncd 0 + teammgrd 1 + neighsyncd 0 + teamsyncd 1 + syncd 0 + natsyncd 0 + ``` + +Go Back To [Beginning of the document](#) or [Beginning of this section](#warm-restart) + +### Warm Restart Config commands + +This sub-section explains the various configuration related to warm restart feature. Following parameters can be configured using this command. +1) bgp_timer +2) disable +3) enable +4) neighsyncd_timer +5) teamsyncd_timer +Each of these sub-commands are explained in the following section. + +Users can use an optional parameter "-s" to use the unix domain socket for communicating with the RedisDB which will be faster when compared to using the default network sockets. +All these commands have the following option. + +Options: + -s, --redis-unix-socket-path TEXT + unix socket path for redis connection + + +**config warm_restart bgp_timer** + +This command is used to set the bgp_timer value for warm_restart of BGP service. +bgp_timer holds the time interval utilized by fpmsyncd during warm-restart episodes. +During this interval fpmsyncd will recover all the routing state previously pushed to AppDB, as well as all the new state coming from zebra/bgpd. +Upon expiration of this timer, fpmsyncd will execute the reconciliation logic to eliminate all the stale entries from AppDB. +This timer should match the BGP-GR restart-timer configured within the elected routing-stack. +Supported range: 1-3600. + +- Usage: + ``` + config warm_restart [-s|--redis-unix-socket-path ] bgp_timer + ``` + + - Parameters: + - seconds: Range from 1 to 3600 + +- Example: + ``` + admin@sonic:~$ sudo config warm_restart bgp_timer 1000 + ``` + +**config warm_restart enable/disable** + +This command is used to enable or disable the warm_restart for a particular service that supports warm reboot. +Following four services support warm reboot. When user restarts the particular service using "systemctl restart ", this configured value will be checked for whether it is enabled or disabled. +If this configuration is enabled for that service, it will perform warm reboot for that service. Otherwise, it will do cold restart of the service. + +- Usage: + ``` + config warm_restart [-s|--redis-unix-socket-path ] enable [] + ``` + + - Parameters: + - module_name: Can be either system or swss or bgp or teamd. If "module_name" argument is not specified, it will enable "system" module. + +- Example (Set warm_restart as "enable" for the "system" service): + ``` + admin@sonic:~$ sudo config warm_restart enable + ``` + +- Example (Set warm_restart as "enable" for the "swss" service. When user does "systemctl restart swss", it will perform warm reboot instead of cold reboot) + ``` + admin@sonic:~$ sudo config warm_restart enable swss + ``` + +- Example (Set warm_restart as "enable" for the "teamd" service. When user does "systemctl restart teamd", it will perform warm reboot instead of cold reboot) + ``` + admin@sonic:~$ sudo config warm_restart enable teamd + ``` + + +**config warm_restart neighsyncd_timer** + +This command is used to set the neighsyncd_timer value for warm_restart of "swss" service. +neighsyncd_timer is the timer used for "swss" (neighsyncd) service during the warm restart. +Timer is started after the neighborTable is restored to internal data structures. +neighborsyncd then starts to read all Linux kernel entries and mark the entries in the data structures accordingly. +Once the timer is expired, reconciliation is done and the delta is pushed to appDB +Valid value is 1-9999. 0 is invalid. + +- Usage: + ``` + config warm_restart [-s|--redis-unix-socket-path ] neighsyncd_timer + ``` + + - Parameters: + - seconds: Range from 1 to 9999 + +- Example: + ``` + admin@sonic:~$ sudo config warm_restart neighsyncd_timer 2000 + ``` + + +**config warm_restart bgp_timer** + +This command is used to set the bgp_timer value for warm_restart of "bgp" service. +bgp_timer is the timer used for "bgp" service during the warm restart. +Timer is started after the BGP table is restored to internal data structures. +BGP services then start to read all Linux kernel entries and mark the entries in the data structures accordingly. +Once the timer is expired, reconciliation is done and the delta is pushed to appDB +Valid value is 1-9999. 0 is invalid. + +- Usage: + ``` + config warm_restart [-s|--redis-unix-socket-path ] bgp_timer + ``` + + - Parameters: + - seconds: Range from 1 to 9999 + +- Example: + ``` + admin@sonic:~$ sudo config warm_restart bgp_timer 2000 + ``` + +**config warm_restart teamsyncd_timer** + +This command is used to set the teamsyncd_timer value for warm_restart of teamd service. +teamsyncd_timer holds the time interval utilized by teamsyncd during warm-restart episodes. +The timer is started when teamsyncd starts. During the timer interval, teamsyncd will preserve all LAG interface changes, but it will not apply them. +The changes will only be applied when the timer expires. +When the changes are applied, the stale LAG entries will be removed, the new LAG entries will be created. +Supported range: 1-9999. 0 is invalid + +- Usage: + ``` + config warm_restart teamsyncd_timer + ``` + + - Parameters: + - seconds: Range from 1 to 9999 + +- Example: + ``` + admin@sonic:~$ sudo config warm_restart teamsyncd_timer 3000 + ``` + +Go Back To [Beginning of the document](#) or [Beginning of this section](#warm-restart) + + +## Watermark + +### Watermark Show commands + +**show watermark telemetry interval** + +This command displays the configured interval for the telemetry. + +- Usage: + ``` + show watermark telemetry interval + ``` + +- Example: + ``` + admin@sonic:~$ show watermark telemetry interval + + Telemetry interval 120 second(s) + ``` + +### Watermark Config commands + +**config watermark telemetry interval** + +This command is used to configure the interval for telemetry. +The default interval is 120 seconds. +There is no regulation on the valid range of values; it leverages linux timer. + +- Usage: + ``` + config watermark telemetry interval + ``` + +- Example: + ``` + admin@sonic:~$ sudo config watermark telemetry interval 999 + ``` + +Go Back To [Beginning of the document](#) or [Beginning of this section](#watermark) + + + +## Software Installation and Management + +SONiC images can be installed in one of two methods: +1. From within a running SONiC image using the `sonic-installer` utility +2. From the vendor's bootloader (E.g., ONIE, Aboot, etc.) + +SONiC packages are available as prebuilt Docker images and meant to be installed with the *sonic-package-manager* utility. + +### SONiC Package Manager + +The *sonic-package-manager* is a command line tool to manage (e.g. install, upgrade or uninstall) SONiC Packages. + +**sonic-package-manager list** + +This command lists all available SONiC packages, their desription, installed version and installation status. +SONiC package status can be *Installed*, *Not installed* or *Built-In*. "Built-In" status means that a feature is built-in to SONiC image and can't be upgraded or uninstalled. + +- Usage: + ``` + sonic-package-manager list + ``` + +- Example: + ``` + admin@sonic:~$ sonic-package-manager list + Name Repository Description Version Status + -------------- --------------------------- ---------------------------- --------- -------------- + cpu-report azure/cpu-report CPU report package N/A Not Installed + database docker-database SONiC database package 1.0.0 Built-In + dhcp-relay azure/docker-dhcp-relay SONiC dhcp-relay package 1.0.0 Installed + fpm-frr docker-fpm-frr SONiC fpm-frr package 1.0.0 Built-In + lldp docker-lldp SONiC lldp package 1.0.0 Built-In + macsec docker-macsec SONiC macsec package 1.0.0 Built-In + mgmt-framework docker-sonic-mgmt-framework SONiC mgmt-framework package 1.0.0 Built-In + nat docker-nat SONiC nat package 1.0.0 Built-In + pmon docker-platform-monitor SONiC pmon package 1.0.0 Built-In + radv docker-router-advertiser SONiC radv package 1.0.0 Built-In + sflow docker-sflow SONiC sflow package 1.0.0 Built-In + snmp docker-snmp SONiC snmp package 1.0.0 Built-In + swss docker-orchagent SONiC swss package 1.0.0 Built-In + syncd docker-syncd-mlnx SONiC syncd package 1.0.0 Built-In + teamd docker-teamd SONiC teamd package 1.0.0 Built-In + telemetry docker-sonic-telemetry SONiC telemetry package 1.0.0 Built-In + ``` + +**sonic-package-manager repository add** + +This command will add a new repository as source for SONiC packages to the database. *NOTE*: requires elevated (root) privileges to run + +- Usage: + ``` + Usage: sonic-package-manager repository add [OPTIONS] NAME REPOSITORY + + Add a new repository to database. + + NOTE: This command requires elevated (root) privileges to run. + + Options: + --default-reference TEXT Default installation reference. Can be a tag or + sha256 digest in repository. + --description TEXT Optional package entry description. + --help Show this message and exit. + ``` +- Example: + ``` + admin@sonic:~$ sudo sonic-package-manager repository add \ + cpu-report azure/sonic-cpu-report --default-reference 1.0.0 + ``` + +**sonic-package-manager repository remove** + +This command will remove a repository as source for SONiC packages from the database . The package has to be *Not Installed* in order to be removed from package database. *NOTE*: requires elevated (root) privileges to run + +- Usage: + ``` + Usage: sonic-package-manager repository remove [OPTIONS] NAME + + Remove repository from database. + + NOTE: This command requires elevated (root) privileges to run. + + Options: + --help Show this message and exit. + ``` +- Example: + ``` + admin@sonic:~$ sudo sonic-package-manager repository remove cpu-report + ``` + +**sonic-package-manager install** + +This command pulls and installs a package on SONiC host. *NOTE*: this command requires elevated (root) privileges to run + +- Usage: + ``` + Usage: sonic-package-manager install [OPTIONS] [PACKAGE_EXPR] + + Install/Upgrade package using [PACKAGE_EXPR] in format + "[=|@]". + + The repository to pull the package from is resolved by lookup in + package database, thus the package has to be added via "sonic- + package-manager repository add" command. + + In case when [PACKAGE_EXPR] is a package name "" this command + will install or upgrade to a version referenced by "default- + reference" in package database. + + NOTE: This command requires elevated (root) privileges to run. + + Options: + --enable Set the default state of the feature to enabled + and enable feature right after installation. NOTE: + user needs to execute "config save -y" to make + this setting persistent. + --set-owner [local|kube] Default owner configuration setting for a feature. + --from-repository TEXT Fetch package directly from image registry + repository. NOTE: This argument is mutually + exclusive with arguments: [package_expr, + from_tarball]. + --from-tarball FILE Fetch package from saved image tarball. NOTE: This + argument is mutually exclusive with arguments: + [package_expr, from_repository]. + -f, --force Force operation by ignoring package dependency + tree and package manifest validation failures. + -y, --yes Automatically answer yes on prompts. + -v, --verbosity LVL Either CRITICAL, ERROR, WARNING, INFO or DEBUG. + Default is INFO. + --skip-host-plugins Do not install host OS plugins provided by the + package (CLI, etc). NOTE: In case when package + host OS plugins are set as mandatory in package + manifest this option will fail the installation. + --allow-downgrade Allow package downgrade. By default an attempt to + downgrade the package will result in a failure + since downgrade might not be supported by the + package, thus requires explicit request from the + user. + --help Show this message and exit.. + ``` +- Example: + ``` + admin@sonic:~$ sudo sonic-package-manager install dhcp-relay=1.0.2 + ``` + ``` + admin@sonic:~$ sudo sonic-package-manager install dhcp-relay@latest + ``` + ``` + admin@sonic:~$ sudo sonic-package-manager install dhcp-relay@sha256:9780f6d83e45878749497a6297ed9906c19ee0cc48cc88dc63827564bb8768fd + ``` + ``` + admin@sonic:~$ sudo sonic-package-manager install --from-repository azure/sonic-cpu-report:latest + ``` + ``` + admin@sonic:~$ sudo sonic-package-manager install --from-tarball sonic-docker-image.gz + ``` + +**sonic-package-manager uninstall** + +This command uninstalls package from SONiC host. User needs to stop the feature prior to uninstalling it. +*NOTE*: this command requires elevated (root) privileges to run. + +- Usage: + ``` + Usage: sonic-package-manager uninstall [OPTIONS] NAME + + Uninstall package. + + NOTE: This command requires elevated (root) privileges to run. + + Options: + -f, --force Force operation by ignoring package dependency tree and + package manifest validation failures. + -y, --yes Automatically answer yes on prompts. + -v, --verbosity LVL Either CRITICAL, ERROR, WARNING, INFO or DEBUG. Default + is INFO. + --help Show this message and exit. + ``` +- Example: + ``` + admin@sonic:~$ sudo sonic-package-manager uninstall dhcp-relay + ``` + +**sonic-package-manager reset** + +This comamnd resets the package by reinstalling it to its default version. *NOTE*: this command requires elevated (root) privileges to run. + +- Usage: + ``` + Usage: sonic-package-manager reset [OPTIONS] NAME + + Reset package to the default version. + + NOTE: This command requires elevated (root) privileges to run. + + Options: + -f, --force Force operation by ignoring package dependency tree and + package manifest validation failures. + -y, --yes Automatically answer yes on prompts. + -v, --verbosity LVL Either CRITICAL, ERROR, WARNING, INFO or DEBUG. Default + is INFO. + --skip-host-plugins Do not install host OS plugins provided by the package + (CLI, etc). NOTE: In case when package host OS plugins + are set as mandatory in package manifest this option + will fail the installation. + --help Show this message and exit. + ``` +- Example: + ``` + admin@sonic:~$ sudo sonic-package-manager reset dhcp-relay + ``` + +**sonic-package-manager show package versions** + +This command will retrieve a list of all available versions for the given package from the configured upstream repository + +- Usage: + ``` + Usage: sonic-package-manager show package versions [OPTIONS] NAME + + Show available versions. + + Options: + --all Show all available tags in repository. + --plain Plain output. + --help Show this message and exit. + ``` +- Example: + ``` + admin@sonic:~$ sonic-package-manager show package versions dhcp-relay + • 1.0.0 + • 1.0.2 + • 2.0.0 + ``` + ``` + admin@sonic:~$ sonic-package-manager show package versions dhcp-relay --plain + 1.0.0 + 1.0.2 + 2.0.0 + ``` + ``` + admin@sonic:~$ sonic-package-manager show package versions dhcp-relay --all + • 1.0.0 + • 1.0.2 + • 2.0.0 + • latest + ``` + +**sonic-package-manager show package changelog** + +This command fetches the changelog from the package manifest and displays it. *NOTE*: package changelog can be retrieved from registry or read from image tarball without installing it. + +- Usage: + ``` + Usage: sonic-package-manager show package changelog [OPTIONS] [PACKAGE_EXPR] + + Show package changelog. + + Options: + --from-repository TEXT Fetch package directly from image registry + repository NOTE: This argument is mutually exclusive + with arguments: [from_tarball, package_expr]. + --from-tarball FILE Fetch package from saved image tarball NOTE: This + argument is mutually exclusive with arguments: + [package_expr, from_repository]. + --help Show this message and exit. + ``` +- Example: + ``` + admin@sonic:~$ sonic-package-manager show package changelog dhcp-relay + 1.0.0: + + • Initial release + + Author (author@email.com) Mon, 25 May 2020 12:25:00 +0300 + ``` + +**sonic-package-manager show package manifest** + +This command fetches the package manifest and displays it. *NOTE*: package manifest can be retrieved from registry or read from image tarball without installing it. + +- Usage: + ``` + Usage: sonic-package-manager show package manifest [OPTIONS] [PACKAGE_EXPR] + + Show package manifest. + + Options: + --from-repository TEXT Fetch package directly from image registry + repository NOTE: This argument is mutually exclusive + with arguments: [package_expr, from_tarball]. + --from-tarball FILE Fetch package from saved image tarball NOTE: This + argument is mutually exclusive with arguments: + [from_repository, package_expr]. + -v, --verbosity LVL Either CRITICAL, ERROR, WARNING, INFO or DEBUG + --help Show this message and exit. + ``` +- Example: + ``` + admin@sonic:~$ sonic-package-manager show package manifest dhcp-relay=2.0.0 + { + "version": "1.0.0", + "package": { + "version": "2.0.0", + "depends": [ + "database>=1.0.0,<2.0.0" + ] + }, + "service": { + "name": "dhcp_relay" + } + } + ``` + +### SONiC Installer +This is a command line tool available as part of the SONiC software; If the device is already running the SONiC software, this tool can be used to install an alternate image in the partition. +This tool has facility to install an alternate image, list the available images and to set the next reboot image. +This command requires elevated (root) privileges to run. + +**sonic-installer list** + +This command displays information about currently installed images. It displays a list of installed images, currently running image and image set to be loaded in next reboot. + +- Usage: + ``` + sonic-installer list + ``` + +- Example: + ``` + admin@sonic:~$ sudo sonic-installer list + Current: SONiC-OS-HEAD.XXXX + Next: SONiC-OS-HEAD.XXXX + Available: + SONiC-OS-HEAD.XXXX + SONiC-OS-HEAD.YYYY + ``` + +TIP: This output can be obtained without evelated privileges by running the `show boot` command. See [here](#show-system-status) for details. + +**sonic-installer install** + +This command is used to install a new image on the alternate image partition. This command takes a path to an installable SONiC image or URL and installs the image. + +- Usage: + ``` + sonic-installer install + ``` + +- Example: + ``` + admin@sonic:~$ sudo sonic-installer install https://sonic-jenkins.westus.cloudapp.azure.com/job/xxxx/job/buildimage-xxxx-all/xxx/artifact/target/sonic-xxxx.bin + New image will be installed, continue? [y/N]: y + Downloading image... + ...100%, 480 MB, 3357 KB/s, 146 seconds passed + Command: /tmp/sonic_image + Verifying image checksum ... OK. + Preparing image archive ... OK. + ONIE Installer: platform: XXXX + onie_platform: + Installing SONiC in SONiC + Installing SONiC to /host/image-xxxx + Directory /host/image-xxxx/ already exists. Cleaning up... + Archive: fs.zip + creating: /host/image-xxxx/boot/ + inflating: /host/image-xxxx/boot/vmlinuz-3.16.0-4-amd64 + inflating: /host/image-xxxx/boot/config-3.16.0-4-amd64 + inflating: /host/image-xxxx/boot/System.map-3.16.0-4-amd64 + inflating: /host/image-xxxx/boot/initrd.img-3.16.0-4-amd64 + creating: /host/image-xxxx/platform/ + extracting: /host/image-xxxx/platform/firsttime + inflating: /host/image-xxxx/fs.squashfs + inflating: /host/image-xxxx/dockerfs.tar.gz + Log file system already exists. Size: 4096MB + Installed SONiC base image SONiC-OS successfully + + Command: cp /etc/sonic/minigraph.xml /host/ + + Command: grub-set-default --boot-directory=/host 0 + + Done + ``` + +Installing a new image using the sonic-installer will keep using the packages installed on the currently running SONiC image and automatically migrate those. In order to perform clean SONiC installation use the *--skip-package-migration* option: + +- Example: + ``` + admin@sonic:~$ sudo sonic-installer install https://sonic-jenkins.westus.cloudapp.azure.com/job/xxxx/job/buildimage-xxxx-all/xxx/artifact/target/sonic-xxxx.bin --skip-package-migration + ``` + +**sonic-installer set_default** + +This command is be used to change the image which can be loaded by default in all the subsequent reboots. + +- Usage: + ``` + sonic-installer set_default + ``` + +- Example: + ``` + admin@sonic:~$ sudo sonic-installer set_default SONiC-OS-HEAD.XXXX + ``` + +**sonic-installer set_next_boot** + +This command is used to change the image that can be loaded in the *next* reboot only. Note that it will fallback to current image in all other subsequent reboots after the next reboot. + +- Usage: + ``` + sonic-installer set_next_boot + ``` + +- Example: + ``` + admin@sonic:~$ sudo sonic-installer set_next_boot SONiC-OS-HEAD.XXXX + ``` + +**sonic-installer remove** + +This command is used to remove the unused SONiC image from the disk. Note that it's *not* allowed to remove currently running image. + +- Usage: + ``` + sonic-installer remove [-y|--yes] + ``` + +- Example: + ``` + admin@sonic:~$ sudo sonic-installer remove SONiC-OS-HEAD.YYYY + Image will be removed, continue? [y/N]: y + Updating GRUB... + Done + Removing image root filesystem... + Done + Command: grub-set-default --boot-directory=/host 0 + + Image removed + ``` + +**sonic-installer cleanup** + +This command removes all unused images from the device, leaving only the currently active image and the image which will be booted into next (if different) installed. If there are no images which can be removed, the command will output `No image(s) to remove` + +- Usage: + ``` + sonic-installer cleanup [-y|--yes] + ``` + +- Example: + ``` + admin@sonic:~$ sudo sonic-installer cleanup + Remove images which are not current and next, continue? [y/N]: y + No image(s) to remove + ``` + +Go Back To [Beginning of the document](#) or [Beginning of this section](#software-installation-and-management) + + + +## Troubleshooting Commands + +For troubleshooting and debugging purposes, this command gathers pertinent information about the state of the device; information is as diverse as syslog entries, database state, routing-stack state, etc., It then compresses it into an archive file. This archive file can be sent to the SONiC development team for examination. +Resulting archive file is saved as `/var/dump/_YYYYMMDD_HHMMSS.tar.gz` + +- Usage: + ``` + show techsupport + ``` + +- Example: + ``` + admin@sonic:~$ show techsupport [--since=] + ``` + +If the SONiC system was running for quite some time `show techsupport` will produce a large dump file. To reduce the amount of syslog and core files gathered during system dump use `--since` option: + +- Examples: + ``` + admin@sonic:~$ show techsupport --since=yesterday # Will collect syslog and core files for the last 24 hours + ``` + ``` + admin@sonic:~$ show techsupport --since='hour ago' # Will collect syslog and core files for the last one hour + ``` + +### Debug Dumps + +In SONiC, there usually exists a set of tables related/relevant to a particular module. All of these might have to be looked at to confirm whether any configuration update is properly applied and propagated. This utility comes in handy because it prints a unified view of the redis-state for a given module + +- Usage: + ``` + Usage: dump state [OPTIONS] MODULE IDENTIFIER + Dump the redis-state of the identifier for the module specified + + Options: + -s, --show Display Modules Available + -d, --db TEXT Only dump from these Databases + -t, --table Print in tabular format [default: False] + -k, --key-map Only fetch the keys matched, don't extract field-value dumps [default: False] + -v, --verbose Prints any intermediate output to stdout useful for dev & troubleshooting [default: False] + -n, --namespace TEXT Dump the redis-state for this namespace. [default: DEFAULT_NAMESPACE] + --help Show this message and exit. + ``` + + +- Examples: + ``` + root@sonic# dump state --show + Module Identifier + -------- ------------ + port port_name + copp trap_id + ``` + + ``` + admin@sonic:~$ dump state copp arp_req --key-map --db ASIC_DB + { + "arp_req": { + "ASIC_DB": { + "keys": [ + "ASIC_STATE:SAI_OBJECT_TYPE_HOSTIF_TRAP:oid:0x22000000000c5b", + "ASIC_STATE:SAI_OBJECT_TYPE_HOSTIF_TRAP_GROUP:oid:0x11000000000c59", + "ASIC_STATE:SAI_OBJECT_TYPE_POLICER:oid:0x12000000000c5a", + "ASIC_STATE:SAI_OBJECT_TYPE_QUEUE:oid:0x15000000000626" + ], + "tables_not_found": [], + "vidtorid": { + "oid:0x22000000000c5b": "oid:0x200000000022", + "oid:0x11000000000c59": "oid:0x300000011", + "oid:0x12000000000c5a": "oid:0x200000012", + "oid:0x15000000000626": "oid:0x12e0000040015" + } + } + } + } + ``` + +### Event Driven Techsupport Invocation + +This feature/capability makes the techsupport invocation event-driven based on core dump generation. This feature is only applicable for the processes running in the containers. More detailed explanation can be found in the HLD https://github.com/Azure/SONiC/blob/master/doc/auto_techsupport_and_coredump_mgmt.md + +#### config auto-techsupport global commands + +**config auto-techsupport global state** + +- Usage: + ``` + config auto-techsupport global state + ``` + +- Example: + ``` + config auto-techsupport global state enabled + ``` + +**config auto-techsupport global rate-limit-interval ** + +- Usage: + ``` + config auto-techsupport global rate-limit-interval + ``` + - Parameters: + - rate-limit-interval: Minimum time in seconds to wait after the last techsupport creation time before invoking a new one. + +- Example: + ``` + config auto-techsupport global rate-limit-interval 200 + ``` + +**config auto-techsupport global max-techsupport-limit ** + +- Usage: + ``` + config auto-techsupport global max-techsupport-limit + ``` + - Parameters: + - max-techsupport-limit: A percentage value should be specified. This signifies maximum size to which /var/dump/ directory can be grown until. + +- Example: + ``` + config auto-techsupport global max-techsupport-limit 10.15 + ``` + +**config auto-techsupport global max-core-limit ** + +- Usage: + ``` + config auto-techsupport global max-core-limit + ``` + - Parameters: + - max-core-limit: A percentage value should be specified. This signifies maximum size to which /var/core/ directory can be grown until. + +- Example: + ``` + config auto-techsupport global max-core-limit 10.15 + ``` + +**config auto-techsupport global since** + +- Usage: + ``` + config auto-techsupport global since + ``` + - Parameters: + - since: This limits the auto-invoked techsupport to only collect the logs & core-dumps generated since the time provided. Any valid date string of the formats specified here can be used. (https://www.gnu.org/software/coreutils/manual/html_node/Date-input-formats.html). If this value is not explicitly configured or a non-valid string is provided, a default value of "2 days ago" is used. + +- Example: + ``` + config auto-techsupport global since + ``` + + +#### config auto-techsupport-feature commands + +**config auto-techsupport-feature add** + +- Usage: + ``` + config auto-techsupport-feature add --state --rate-limit-interval + ``` + - Parameters: + - state: enable/disable the capability for the specific feature/container. + - rate-limit-interval: Rate limit interval for the corresponding feature. Configure 0 to explicitly disable. For the techsupport to be generated by auto-techsupport, both the global and feature specific rate-limit-interval has to be passed + +- Example: + ``` + config auto-techsupport-feature add bgp --state enabled --rate-limit-interval 200 + ``` + + +**config auto-techsupport-feature delete** + +- Usage: + ``` + config auto-techsupport-feature delete + ``` + +- Example: + ``` + config auto-techsupport-feature delete swss + ``` + +**config auto-techsupport-feature update** + +- Usage: + ``` + config auto-techsupport-feature update --state + config auto-techsupport-feature update --rate-limit-interval + ``` + +- Example: + ``` + config auto-techsupport-feature update snmp --state enabled + config auto-techsupport-feature update swss --rate-limit-interval 200 + ``` + +#### Show CLI: + +**show auto-techsupport global** + +- Usage: + ``` + show auto-techsupport global + ``` + +- Example: + ``` + admin@sonic:~$ show auto-techsupport global + STATE RATE LIMIT INTERVAL (sec) MAX TECHSUPPORT LIMIT (%) MAX CORE LIMIT (%) SINCE + ------- --------------------------- -------------------------- ------------------ ---------- + enabled 180 10.0 5.0 2 days ago + ``` + +**show auto-techsupport-feature** + +- Usage: + ``` + show auto-techsupport-feature + ``` + +- Example: + ``` + admin@sonic:~$ show auto-techsupport-feature + FEATURE NAME STATE RATE LIMIT INTERVAL (sec) + -------------- -------- -------------------------- + bgp enabled 600 + database enabled 600 + dhcp_relay enabled 600 + lldp enabled 600 + swss disabled 800 + ``` + +**show auto-techsupport history** + +- Usage: + ``` + show auto-techsupport history + ``` + +- Example: + ``` + admin@sonic:~$ show auto-techsupport history + TECHSUPPORT DUMP TRIGGERED BY CORE DUMP + ---------------------------------------- -------------- ----------------------------- + sonic_dump_r-lionfish-16_20210901_221402 bgp bgpcfgd.1630534439.55.core.gz + sonic_dump_r-lionfish-16_20210901_203725 snmp python3.1630528642.23.core.gz + sonic_dump_r-lionfish-16_20210901_222408 teamd python3.1630535045.34.core.gz + ``` + +Go Back To [Beginning of the document](#) or [Beginning of this section](#troubleshooting-commands) + +## Routing Stack + +SONiC software is agnostic of the routing software that is being used in the device. For example, users can use either Quagga or FRR routing stack as per their requirement. +A separate shell (vtysh) is provided to configure such routing stacks. +Once if users go to "vtysh", they can use the routing stack specific commands as given in the following example. + +- Example (Quagga Routing Stack): + ``` + admin@sonic:~$ vtysh + + Hello, this is Quagga (version 0.99.24.1). + Copyright 1996-2005 Kunihiro Ishiguro, et al. + + sonic# show route-map (This command displays the route-map that is configured for the routing protocol.) + ZEBRA: + route-map RM_SET_SRC, permit, sequence 10 + Match clauses: + Set clauses: + src 10.12.0.102 + Call clause: + Action: + Exit routemap + ``` + +Refer the routing stack [Quagga Command Reference](https://www.quagga.net/docs/quagga.pdf) or [FRR Command Reference](https://buildmedia.readthedocs.org/media/pdf/frrouting/latest/frrouting.pdf) to know more about about the routing stack configuration. + + +Go Back To [Beginning of the document](#) or [Beginning of this section](#routing-stack) + + +## Quagga BGP Show Commands + +**show ip bgp summary** + +This command displays the summary of all IPv4 bgp neighbors that are configured and the corresponding states. + +- Usage: + ``` + show ip bgp summary + ``` + +- Example: + ``` + admin@sonic:~$ show ip bgp summary + BGP router identifier 1.2.3.4, local AS number 65061 + RIB entries 6124, using 670 KiB of memory + Peers 2, using 143 KiB of memory + + Neighbor V AS MsgRcvd MsgSent TblVer InQ OutQ Up/Down State/PfxRcd + 192.168.1.161 4 65501 88698 102781 0 0 0 08w5d14h 2 + 192.168.1.163 4 65502 88698 102780 0 0 0 08w5d14h 2 + + Total number of neighbors 2 + ``` + +**show ip bgp neighbors** + +This command displays all the details of IPv4 & IPv6 BGP neighbors when no optional argument is specified. + +When the optional argument IPv4_address is specified, it displays the detailed neighbor information about that specific IPv4 neighbor. + +Command has got additional optional arguments to display only the advertised routes, or the received routes, or all routes. + +In order to get details for an IPv6 neigbor, use "show ipv6 bgp neighbor " command. + +- Usage: + ``` + show ip bgp neighbors [ [advertised-routes | received-routes | routes]] + ``` + +- Example: + ``` + admin@sonic:~$ show ip bgp neighbors + BGP neighbor is 192.168.1.161, remote AS 65501, local AS 65061, external link + Description: ARISTA01T0 + BGP version 4, remote router ID 1.2.3.4 + BGP state = Established, up for 08w5d14h + Last read 00:00:46, hold time is 180, keepalive interval is 60 seconds + Neighbor capabilities: + 4 Byte AS: advertised and received + Dynamic: received + Route refresh: advertised and received(old & new) + Address family IPv4 Unicast: advertised and received + Graceful Restart Capabilty: advertised and received + Remote Restart timer is 120 seconds + Address families by peer: + IPv4 Unicast(not preserved) + Graceful restart informations: + End-of-RIB send: IPv4 Unicast + End-of-RIB received: IPv4 Unicast + Message statistics: + Inq depth is 0 + Outq depth is 0 + Sent Rcvd + Opens: 1 1 + Notifications: 0 0 + Updates: 14066 3 + Keepalives: 88718 88698 + Route Refresh: 0 0 + Capability: 0 0 + Total: 102785 88702 + Minimum time between advertisement runs is 30 seconds + + For address family: IPv4 Unicast + Community attribute sent to this neighbor(both) + 2 accepted prefixes + + Connections established 1; dropped 0 + Last reset never + Local host: 192.168.1.160, Local port: 32961 + Foreign host: 192.168.1.161, Foreign port: 179 + Nexthop: 192.168.1.160 + Nexthop global: fe80::f60f:1bff:fe89:bc00 + Nexthop local: :: + BGP connection: non shared network + Read thread: on Write thread: off + ``` + +Optionally, you can specify an IP address in order to display only that particular neighbor. In this mode, you can optionally specify whether you want to display all routes advertised to the specified neighbor, all routes received from the specified neighbor or all routes (received and accepted) from the specified neighbor. + + +- Examples: + ``` + admin@sonic:~$ show ip bgp neighbors 192.168.1.161 + + admin@sonic:~$ show ip bgp neighbors 192.168.1.161 advertised-routes + + admin@sonic:~$ show ip bgp neighbors 192.168.1.161 received-routes + + admin@sonic:~$ show ip bgp neighbors 192.168.1.161 routes + ``` + +**show ipv6 bgp summary** + +This command displays the summary of all IPv4 bgp neighbors that are configured and the corresponding states. + +- Usage: + ``` + show ipv6 bgp summary + ``` + +- Example: + ``` + admin@sonic:~$ show ipv6 bgp summary + BGP router identifier 10.1.0.32, local AS number 65100 + RIB entries 12809, using 1401 KiB of memory + Peers 8, using 36 KiB of memory + + Neighbor V AS MsgRcvd MsgSent TblVer InQ OutQ Up/Down State/PfxRcd + fc00::72 4 64600 12588 12591 0 0 0 06:51:17 6402 + fc00::76 4 64600 12587 6190 0 0 0 06:51:28 6402 + fc00::7a 4 64600 12587 9391 0 0 0 06:51:23 6402 + fc00::7e 4 64600 12589 12592 0 0 0 06:51:25 6402 + + Total number of neighbors 4 + ``` + +**show ipv6 bgp neighbors** + +This command displays all the details of one particular IPv6 Border Gateway Protocol (BGP) neighbor. Option is also available to display only the advertised routes, or the received routes, or all routes. + +- Usage: + ``` + show ipv6 bgp neighbors (advertised-routes | received-routes | routes) + ``` + +- Examples: + ``` + admin@sonic:~$ show ipv6 bgp neighbors fc00::72 advertised-routes + + admin@sonic:~$ show ipv6 bgp neighbors fc00::72 received-routes + + admin@sonic:~$ show ipv6 bgp neighbors fc00::72 routes + ``` + +**show route-map** + +This command displays the routing policy that takes precedence over the other route processes that are configured. + +- Usage: + ``` + show route-map + ``` + +- Example: + ``` + admin@sonic:~$ show route-map + ZEBRA: + route-map RM_SET_SRC, permit, sequence 10 + Match clauses: + Set clauses: + src 10.12.0.102 + Call clause: + Action: + Exit routemap + ZEBRA: + route-map RM_SET_SRC6, permit, sequence 10 + Match clauses: + Set clauses: + src fc00:1::102 + Call clause: + Action: + Exit routemap + BGP: + route-map FROM_BGP_SPEAKER_V4, permit, sequence 10 + Match clauses: + Set clauses: + Call clause: + Action: + Exit routemap + BGP: + route-map TO_BGP_SPEAKER_V4, deny, sequence 10 + Match clauses: + Set clauses: + Call clause: + Action: + Exit routemap + BGP: + route-map ISOLATE, permit, sequence 10 + Match clauses: + Set clauses: + as-path prepend 65000 + Call clause: + Action: + Exit routemap + ``` +Go Back To [Beginning of the document](#) or [Beginning of this section](#quagga-bgp-show-commands) + +# ZTP Configuration And Show Commands + +This section explains all the Zero Touch Provisioning commands that are supported in SONiC. + +## ZTP show commands + + +This command displays the current ZTP configuration of the switch. It also displays detailed information about current state of a ZTP session. It displays information related to all configuration sections as defined in the switch provisioning information discovered in a particular ZTP session. + +- Usage: + show ztp status + + show ztp status --verbose + +- Example: + +``` +root@B1-SP1-7712:/home/admin# show ztp status +ZTP Admin Mode : True +ZTP Service : Inactive +ZTP Status : SUCCESS +ZTP Source : dhcp-opt67 (eth0) +Runtime : 05m 31s +Timestamp : 2019-09-11 19:12:24 UTC + +ZTP Service is not running + +01-configdb-json: SUCCESS +02-connectivity-check: SUCCESS +``` +Use the verbose option to display more detailed information. + +``` +root@B1-SP1-7712:/home/admin# show ztp status --verbose +Command: ztp status --verbose +======================================== +ZTP +======================================== +ZTP Admin Mode : True +ZTP Service : Inactive +ZTP Status : SUCCESS +ZTP Source : dhcp-opt67 (eth0) +Runtime : 05m 31s +Timestamp : 2019-09-11 19:12:16 UTC +ZTP JSON Version : 1.0 + +ZTP Service is not running + +---------------------------------------- +01-configdb-json +---------------------------------------- +Status : SUCCESS +Runtime : 02m 48s +Timestamp : 2019-09-11 19:11:55 UTC +Exit Code : 0 +Ignore Result : False + +---------------------------------------- +02-connectivity-check +---------------------------------------- +Status : SUCCESS +Runtime : 04s +Timestamp : 2019-09-11 19:12:16 UTC +Exit Code : 0 +Ignore Result : False +``` + +- Description + + - **ZTP Admin Mode** - Displays if the ZTP feature is administratively enabled or disabled. Possible values are True or False. This value is configurable using "config ztp enabled" and "config ztp disable" commands. + - **ZTP Service** - Displays the ZTP service status. The following are possible values this field can display: + - *Active Discovery*: ZTP service is operational and is performing DHCP discovery to learn switch provisioning information + - *Processing*: ZTP service has discovered switch provisioning information and is processing it + - **ZTP Status** - Displays the current state and result of ZTP session. The following are possible values this field can display: + - *IN-PROGRESS*: ZTP session is currently in progress. ZTP service is processing switch provisioning information. + - *SUCCESS*: ZTP service has successfully processed the switch provisioning information. + - *FAILED*: ZTP service has failed to process the switch provisioning information. + - *Not Started*: ZTP service has not started processing the discovered switch provisioning information. + - **ZTP Source** - Displays the DHCP option and then interface name from which switch provisioning information has been discovered. + - **Runtime** - Displays the time taken for ZTP process to complete from start to finish. For individual configuration sections it indicates the time taken to process the associated configuration section. + - **Timestamp** - Displays the date/time stamp when the status field has last changed. + - **ZTP JSON Version** - Version of ZTP JSON file used for describing switch provisioning information. + - **Status** - Displays the current state and result of a configuration section. The following are possible values this field can display: + - *IN-PROGRESS*: Corresponding configuration section is currently being processed. + - *SUCCESS*: Corresponding configuration section was processed successfully. + - *FAILED*: Corresponding configuration section failed to execute successfully. + - *Not Started*: ZTP service has not started processing the corresponding configuration section. + - *DISABLED*: Corresponding configuration section has been marked as disabled and will not be processed. + - **Exit Code** - Displays the program exit code of the configuration section executed. Non-zero exit code indicates that the configuration section has failed to execute successfully. + - **Ignore Result** - If this value is True, the result of the corresponding configuration section is ignored and not used to evaluate the overall ZTP result. + - **Activity String** - In addition to above information an activity string is displayed indicating the current action being performed by the ZTP service and how much time it has been performing the mentioned activity. Below is an example. + - (04m 12s) Discovering provisioning data + +## ZTP configuration commands + +This sub-section explains the list of the configuration options available for ZTP. + + + +**config ztp enable** + +Use this command to enable ZTP administrative mode + +- Example: + +``` +root@sonic:/home/admin# config ztp enable +Running command: ztp enable +``` + + + +**config ztp disable** + +Use this command to disable ZTP administrative mode. This command can also be used to abort a current ZTP session and load the factory default switch configuration. + +- Usage: + config ztp disable + + config ztp disable -y + +- Example: + +``` +root@sonic:/home/admin# config ztp disable +Active ZTP session will be stopped and disabled, continue? [y/N]: y +Running command: ztp disable -y +``` + + +**config ztp run** + +Use this command to manually restart a new ZTP session. This command deletes the existing */etc/sonic/config_db.json* file and stats ZTP service. It also erases the previous ZTP session data. ZTP configuration is loaded on to the switch and ZTP discovery is performed. + +- Usage: + config ztp run + + config ztp run -y + +- Example: + +``` +root@sonic:/home/admin# config ztp run +ZTP will be restarted. You may lose switch data and connectivity, continue? [y/N]: y +Running command: ztp run -y +``` + +Go Back To [Beginning of the document](#SONiC-COMMAND-LINE-INTERFACE-GUIDE) or [Beginning of this section](#ztp-configuration-and-show-commands) \ No newline at end of file From feeac8471bf09b4d3e0286c75007e28f7f507127 Mon Sep 17 00:00:00 2001 From: Stepan Blyshchak <38952541+stepanblyschak@users.noreply.github.com> Date: Wed, 27 Jul 2022 12:12:30 +0300 Subject: [PATCH 03/47] [counters] Keep counters cache in a single directory (#2232) - What I did To fix Azure/sonic-buildimage#9817. Cache all counters in the same place. Created a UserCache helper class to access the cache directory. - How I did it Implemented UserCache class. Changed all stats commands to use new class. Adopted fast-reboot script. - How to verify it Run on the switch and verify counters stats command and clear commands work correctly. After config reload or cold/fast reboot counters cache is removed. Signed-off-by: Stepan Blyschak --- config/main.py | 5 ---- config/plugins/pbh.py | 10 ++++--- scripts/aclshow | 17 ++++++------ scripts/dropstat | 15 ++--------- scripts/fast-reboot | 21 +++++---------- scripts/flow_counters_stat | 8 +++--- scripts/intfstat | 55 +++++++++----------------------------- scripts/pfcstat | 33 +++++++---------------- scripts/pg-drop | 4 +-- scripts/portstat | 41 +++++----------------------- scripts/queuestat | 29 +++++--------------- scripts/tunnelstat | 47 +++++++------------------------- show/plugins/pbh.py | 11 +++++--- tests/aclshow_test.py | 4 +-- tests/config_test.py | 15 ++++------- tests/pbh_test.py | 6 ++--- tests/pfcstat_test.py | 17 +++--------- tests/pgdropstat_test.py | 20 +++----------- tests/portstat_test.py | 6 ++--- utilities_common/cli.py | 39 +++++++++++++++++++++++++++ 20 files changed, 140 insertions(+), 263 deletions(-) diff --git a/config/main.py b/config/main.py index 56aeddc673..45f3faa6b1 100644 --- a/config/main.py +++ b/config/main.py @@ -1517,11 +1517,6 @@ def reload(db, filename, yes, load_sysinfo, no_service_restart, disable_arp_cach if multi_asic.is_multi_asic() and file_format == 'config_db': num_cfg_file += num_asic - # Remove cached PG drop counters data - dropstat_dir_prefix = '/tmp/dropstat' - command = "rm -rf {}-*".format(dropstat_dir_prefix) - clicommon.run_command(command, display_cmd=True) - # If the user give the filename[s], extract the file names. if filename is not None: cfg_files = filename.split(',') diff --git a/config/plugins/pbh.py b/config/plugins/pbh.py index b6726aa154..ce9187a36d 100644 --- a/config/plugins/pbh.py +++ b/config/plugins/pbh.py @@ -6,13 +6,14 @@ CLI Auto-generation tool HLD - https://github.com/Azure/SONiC/pull/78 """ +import os import click import json import ipaddress import re import utilities_common.cli as clicommon -from show.plugins.pbh import deserialize_pbh_counters +from show.plugins.pbh import deserialize_pbh_counters, PBH_COUNTERS_CACHE_FILENAME GRE_KEY_RE = r"^(0x){1}[a-fA-F0-9]{1,8}/(0x){1}[a-fA-F0-9]{1,8}$" @@ -79,8 +80,6 @@ PBH_UPDATE = "UPDATE" PBH_REMOVE = "REMOVE" -PBH_COUNTERS_LOCATION = "/tmp/.pbh_counters.txt" - # # DB interface -------------------------------------------------------------------------------------------------------- # @@ -467,11 +466,14 @@ def serialize_pbh_counters(obj): obj: counters dict. """ + cache = clicommon.UserCache('pbh') + counters_cache_file = os.path.join(cache.get_directory(), PBH_COUNTERS_CACHE_FILENAME) + def remap_keys(obj): return [{'key': k, 'value': v} for k, v in obj.items()] try: - with open(PBH_COUNTERS_LOCATION, 'w') as f: + with open(counters_cache_file, 'w') as f: json.dump(remap_keys(obj), f) except IOError as err: pass diff --git a/scripts/aclshow b/scripts/aclshow index db0cc40ddf..db922a6cce 100755 --- a/scripts/aclshow +++ b/scripts/aclshow @@ -20,15 +20,13 @@ optional arguments: import argparse import json import os -from swsscommon.swsscommon import SonicV2Connector, ConfigDBConnector import sys +from swsscommon.swsscommon import SonicV2Connector, ConfigDBConnector +from utilities_common.cli import UserCache + from tabulate import tabulate -### temp file to save counter positions when doing clear counter action. -### if we could have a SAI command to clear counters will be better, so no need to maintain -### counters in temp loaction for clear conter action -COUNTER_POSITION = '/tmp/.counters_acl.p' COUNTERS = "COUNTERS" ACL_COUNTER_RULE_MAP = "ACL_COUNTER_RULE_MAP" @@ -38,6 +36,9 @@ ACL_HEADER = ["RULE NAME", "TABLE NAME", "PRIO", "PACKETS COUNT", "BYTES COUNT"] COUNTER_PACKETS_ATTR = "SAI_ACL_COUNTER_ATTR_PACKETS" COUNTER_BYTES_ATTR = "SAI_ACL_COUNTER_ATTR_BYTES" +USER_CACHE = UserCache() +COUNTERS_CACHE_DIR = USER_CACHE.get_directory() +COUNTERS_CACHE = os.path.join(COUNTERS_CACHE_DIR, 'aclstat') class AclStat(object): """ @@ -78,9 +79,9 @@ class AclStat(object): res[e['key'][0], e['key'][1]] = e['value'] return res - if os.path.isfile(COUNTER_POSITION): + if os.path.isfile(COUNTERS_CACHE): try: - with open(COUNTER_POSITION) as fp: + with open(COUNTERS_CACHE) as fp: self.saved_acl_counters = remap_keys(json.load(fp)) except Exception: pass @@ -207,7 +208,7 @@ class AclStat(object): def remap_keys(dict): return [{'key': k, 'value': v} for k, v in dict.items()] - with open(COUNTER_POSITION, 'w') as fp: + with open(COUNTERS_CACHE, 'w') as fp: json.dump(remap_keys(self.acl_counters), fp) def main(): diff --git a/scripts/dropstat b/scripts/dropstat index 6766d2a2c1..f98fc29197 100755 --- a/scripts/dropstat +++ b/scripts/dropstat @@ -35,6 +35,7 @@ except KeyError: pass from swsscommon.swsscommon import SonicV2Connector, ConfigDBConnector +from utilities_common.cli import UserCache # COUNTERS_DB Tables @@ -80,8 +81,7 @@ std_switch_description_header = ['DEVICE'] def get_dropstat_dir(): - dropstat_dir_prefix = '/tmp/dropstat' - return "{}-{}/".format(dropstat_dir_prefix, os.getuid()) + return UserCache().get_directory() class DropStat(object): @@ -411,18 +411,7 @@ Examples: group = args.group counter_type = args.type - dropstat_dir = get_dropstat_dir() - - # Create the directory to hold clear results - if not os.path.exists(dropstat_dir): - try: - os.makedirs(dropstat_dir) - except IOError as e: - print(e) - sys.exit(e.errno) - dcstat = DropStat() - if command == 'clear': dcstat.clear_drop_counts() elif command == 'show': diff --git a/scripts/fast-reboot b/scripts/fast-reboot index 2942c8ba23..cd3e8237c3 100755 --- a/scripts/fast-reboot +++ b/scripts/fast-reboot @@ -462,21 +462,14 @@ function unload_kernel() } function save_counters_folder() { - debug "Saving counters folder before warmboot..." + if [[ "$REBOOT_TYPE" = "warm-reboot" ]]; then + debug "Saving counters folder before warmboot..." - counters_folder="/host/counters" - if [[ ! -d $counters_folder ]]; then - mkdir $counters_folder - fi - if [[ "$REBOOT_TYPE" = "warm-reboot" || "$REBOOT_TYPE" = "fastfast-reboot" ]]; then - modules=("portstat-0" "dropstat" "pfcstat-0" "queuestat-0" "intfstat-0") - for module in ${modules[@]} - do - statfile="/tmp/$module" - if [[ -d $statfile ]]; then - cp -rf $statfile $counters_folder - fi - done + counters_folder="/host/counters" + if [[ ! -d $counters_folder ]]; then + mkdir $counters_folder + fi + cp -rf /tmp/cache $counters_folder fi } diff --git a/scripts/flow_counters_stat b/scripts/flow_counters_stat index 61c754e333..ac5ef94beb 100755 --- a/scripts/flow_counters_stat +++ b/scripts/flow_counters_stat @@ -27,6 +27,7 @@ import utilities_common.multi_asic as multi_asic_util from flow_counter_util.route import build_route_pattern, extract_route_pattern, exit_if_route_flow_counter_not_support, DEFAULT_VRF, COUNTERS_ROUTE_TO_PATTERN_MAP from utilities_common import constants from utilities_common.netstat import format_number_with_comma, table_as_json, ns_diff, format_prate +from utilities_common.cli import UserCache # Flow counter meta data, new type of flow counters can extend this dictinary to reuse existing logic flow_counter_meta = { @@ -57,9 +58,10 @@ class FlowCounterStats(object): meta_data = flow_counter_meta[args.type] self.name_map = meta_data['name_map'] self.headers = meta_data['headers'] - self.data_file = os.path.join('/tmp/{}-stats-{}'.format(args.type, os.getuid())) - if self.args.delete and os.path.exists(self.data_file): - os.remove(self.data_file) + self.cache = UserCache() + self.data_file = os.path.join(self.cache.get_directory(), "flow-counter-stats") + if self.args.delete: + self.cache.remove() self.data = {} def show(self): diff --git a/scripts/intfstat b/scripts/intfstat index 1d5da781b6..30cfbf084d 100755 --- a/scripts/intfstat +++ b/scripts/intfstat @@ -28,6 +28,7 @@ from collections import namedtuple, OrderedDict from natsort import natsorted from tabulate import tabulate from utilities_common.netstat import ns_diff, table_as_json, STATUS_NA, format_brate, format_prate +from utilities_common.cli import UserCache from swsscommon.swsscommon import SonicV2Connector nstat_fields = ( @@ -274,63 +275,34 @@ def main(): delete_saved_stats = args.delete delete_all_stats = args.delete_all use_json = args.json - tag_name = args.tag if args.tag else "" - uid = str(os.getuid()) + tag_name = args.tag wait_time_in_seconds = args.period interface_name = args.interface if args.interface else "" - # fancy filename with dashes: uid-tag / uid etc - filename_components = [uid, tag_name] + cnstat_file = "intfstat" - cnstat_file = "-".join(filter(None, filename_components)) + cache = UserCache(tag=tag_name) - cnstat_dir = "/tmp/intfstat-" + uid + cache_general = UserCache() + cnstat_dir = cache.get_directory() + cnstat_general_dir = cache_general.get_directory() + + cnstat_fqn_general_file = cnstat_general_dir + "/" + cnstat_file cnstat_fqn_file = cnstat_dir + "/" + cnstat_file if delete_all_stats: - # There is nothing to delete - if not os.path.isdir(cnstat_dir): - sys.exit(0) - - for file in os.listdir(cnstat_dir): - os.remove(cnstat_dir + "/" + file) - - try: - os.rmdir(cnstat_dir) - sys.exit(0) - except IOError as e: - print(e.errno, e) - sys.exit(e) + cache.remove_all() if delete_saved_stats: - try: - os.remove(cnstat_fqn_file) - except IOError as e: - if e.errno != ENOENT: - print(e.errno, e) - sys.exit(1) - finally: - if os.listdir(cnstat_dir) == []: - os.rmdir(cnstat_dir) - sys.exit(0) + cache.remove() intfstat = Intfstat() cnstat_dict, ratestat_dict = intfstat.get_cnstat(rif=interface_name) - # At this point, either we'll create a file or open an existing one. - if not os.path.exists(cnstat_dir): - try: - os.makedirs(cnstat_dir) - except IOError as e: - print(e.errno, e) - sys.exit(1) - if save_fresh_stats: try: # Add the information also to the general file - i.e. without the tag name - if tag_name != '' and tag_name in cnstat_fqn_file.split('/')[-1]: - gen_index = cnstat_fqn_file.rfind('/') - cnstat_fqn_general_file = cnstat_fqn_file[:gen_index] + cnstat_fqn_file[gen_index:].split('-')[0] + if tag_name is not None: if os.path.isfile(cnstat_fqn_general_file): try: general_data = pickle.load(open(cnstat_fqn_general_file, 'rb')) @@ -354,9 +326,6 @@ def main(): sys.exit(0) if wait_time_in_seconds == 0: - gen_index = cnstat_fqn_file.rfind('/') - cnstat_fqn_general_file = cnstat_fqn_file[:gen_index] + cnstat_fqn_file[gen_index:].split('-')[0] - if os.path.isfile(cnstat_fqn_file) or (os.path.isfile(cnstat_fqn_general_file)): try: cnstat_cached_dict = {} diff --git a/scripts/pfcstat b/scripts/pfcstat index 6d11361527..fb7e6018b6 100755 --- a/scripts/pfcstat +++ b/scripts/pfcstat @@ -18,9 +18,6 @@ from natsort import natsorted from tabulate import tabulate from sonic_py_common.multi_asic import get_external_ports -from utilities_common.netstat import ns_diff, STATUS_NA, format_number_with_comma -from utilities_common import multi_asic as multi_asic_util -from utilities_common import constants # mock the redis for unit test purposes # try: @@ -37,6 +34,12 @@ try: except KeyError: pass +from utilities_common.netstat import ns_diff, STATUS_NA, format_number_with_comma +from utilities_common import multi_asic as multi_asic_util +from utilities_common import constants +from utilities_common.cli import UserCache + + PStats = namedtuple("PStats", "pfc0, pfc1, pfc2, pfc3, pfc4, pfc5, pfc6, pfc7") header_Rx = ['Port Rx', 'PFC0', 'PFC1', 'PFC2', 'PFC3', 'PFC4', 'PFC5', 'PFC6', 'PFC7'] @@ -224,10 +227,10 @@ Examples: save_fresh_stats = args.clear delete_all_stats = args.delete - uid = str(os.getuid()) - cnstat_file = uid + cache = UserCache() + cnstat_file = 'pfcstat' - cnstat_dir = os.path.join(os.sep, "tmp", "pfcstat-{}".format(uid)) + cnstat_dir = cache.get_directory() cnstat_fqn_file_rx = os.path.join(cnstat_dir, "{}rx".format(cnstat_file)) cnstat_fqn_file_tx = os.path.join(cnstat_dir, "{}tx".format(cnstat_file)) @@ -239,15 +242,7 @@ Examples: pfcstat = Pfcstat(args.namespace, args.show) if delete_all_stats: - for file in os.listdir(cnstat_dir): - os.remove(os.path.join(cnstat_dir, file)) - - try: - os.rmdir(cnstat_dir) - sys.exit(0) - except IOError as e: - print(e.errno, e) - sys.exit(e) + cache.remove() """ Get the counters of pfc rx counter @@ -259,14 +254,6 @@ Examples: """ cnstat_dict_tx = deepcopy(pfcstat.get_cnstat(False)) - # At this point, either we'll create a file or open an existing one. - if not os.path.exists(cnstat_dir): - try: - os.makedirs(cnstat_dir) - except IOError as e: - print(e.errno, e) - sys.exit(1) - if save_fresh_stats: try: pickle.dump(cnstat_dict_rx, open(cnstat_fqn_file_rx, 'wb')) diff --git a/scripts/pg-drop b/scripts/pg-drop index b437e53bba..fee95124bd 100755 --- a/scripts/pg-drop +++ b/scripts/pg-drop @@ -26,6 +26,7 @@ try: except KeyError: pass +from utilities_common.cli import UserCache from swsscommon.swsscommon import ConfigDBConnector, SonicV2Connector STATUS_NA = 'N/A' @@ -38,8 +39,7 @@ COUNTERS_PG_PORT_MAP = "COUNTERS_PG_PORT_MAP" COUNTERS_PG_INDEX_MAP = "COUNTERS_PG_INDEX_MAP" def get_dropstat_dir(): - dropstat_dir_prefix = '/tmp/dropstat' - return "{}-{}/".format(dropstat_dir_prefix, os.getuid()) + return UserCache().get_directory() class PgDropStat(object): diff --git a/scripts/portstat b/scripts/portstat index abc1bc67aa..45490d29ef 100755 --- a/scripts/portstat +++ b/scripts/portstat @@ -39,6 +39,8 @@ from utilities_common.intf_filter import parse_interface_in_filter import utilities_common.multi_asic as multi_asic_util from utilities_common.netstat import ns_diff, table_as_json, format_brate, format_prate, format_util, format_number_with_comma +from utilities_common.cli import UserCache + """ The order and count of statistics mentioned below needs to be in sync with the values in portstat script So, any fields added/deleted in here should be reflected in portstat script also @@ -569,7 +571,6 @@ Examples: use_json = args.json raw_stats = args.raw tag_name = args.tag - uid = str(os.getuid()) wait_time_in_seconds = args.period print_all = args.all intf_fs = args.interface @@ -577,36 +578,17 @@ Examples: display_option = args.show detail = args.detail - if tag_name is not None: - cnstat_file = uid + "-" + tag_name - else: - cnstat_file = uid + cache = UserCache(tag=tag_name) - cnstat_dir = "/tmp/portstat-" + uid + cnstat_file = "portstat" + cnstat_dir = cache.get_directory() cnstat_fqn_file = cnstat_dir + "/" + cnstat_file if delete_all_stats: - for file in os.listdir(cnstat_dir): - os.remove(cnstat_dir + "/" + file) - - try: - os.rmdir(cnstat_dir) - sys.exit(0) - except IOError as e: - print(e.errno, e) - sys.exit(e) + cache.remove_all() if delete_saved_stats: - try: - os.remove(cnstat_fqn_file) - except IOError as e: - if e.errno != ENOENT: - print(e.errno, e) - sys.exit(1) - finally: - if os.listdir(cnstat_dir) == []: - os.rmdir(cnstat_dir) - sys.exit(0) + cache.remove() intf_list = parse_interface_in_filter(intf_fs) @@ -624,15 +606,6 @@ Examples: portstat.cnstat_print(cnstat_dict, ratestat_dict, intf_list, use_json, print_all, errors_only, rates_only) sys.exit(0) - # At this point, either we'll create a file or open an existing one. - if not os.path.exists(cnstat_dir): - try: - os.makedirs(cnstat_dir) - except IOError as e: - print(e.errno, e) - sys.exit(1) - - if save_fresh_stats: try: pickle.dump(cnstat_dict, open(cnstat_fqn_file, 'wb')) diff --git a/scripts/queuestat b/scripts/queuestat index 1455494701..bb6539bbb8 100755 --- a/scripts/queuestat +++ b/scripts/queuestat @@ -29,6 +29,7 @@ except KeyError: pass from swsscommon.swsscommon import SonicV2Connector +from utilities_common.cli import UserCache QueueStats = namedtuple("QueueStats", "queueindex, queuetype, totalpacket, totalbytes, droppacket, dropbytes") header = ['Port', 'TxQ', 'Counter/pkts', 'Counter/bytes', 'Drop/pkts', 'Drop/bytes'] @@ -313,13 +314,6 @@ class Queuestat(object): print(json_dump(json_output)) def save_fresh_stats(self): - if not os.path.exists(cnstat_dir): - try: - os.makedirs(cnstat_dir) - except IOError as e: - print(e.errno, e) - sys.exit(1) - # Get stat for each port and save for port in natsorted(self.counter_port_name_map): cnstat_dict = self.get_cnstat(self.port_queues_map[port]) @@ -354,28 +348,19 @@ Examples: args = parser.parse_args() save_fresh_stats = args.clear - delete_all_stats = args.delete + delete_stats = args.delete voq = args.voq json_opt = args.json_opt port_to_show_stats = args.port - uid = str(os.getuid()) - cnstat_file = uid - - cnstat_dir = "/tmp/queuestat-" + uid - cnstat_fqn_file = cnstat_dir + "/" + cnstat_file + cache = UserCache() - if delete_all_stats: - for file in os.listdir(cnstat_dir): - os.remove(cnstat_dir + "/" + file) + cnstat_dir = cache.get_directory() + cnstat_fqn_file = os.path.join(cnstat_dir, 'queuestat') - try: - os.rmdir(cnstat_dir) - sys.exit(0) - except IOError as e: - print(e.errno, e) - sys.exit(e) + if delete_stats: + cache.remove() queuestat = Queuestat( voq ) diff --git a/scripts/tunnelstat b/scripts/tunnelstat index 00aab5d832..8b045ec684 100755 --- a/scripts/tunnelstat +++ b/scripts/tunnelstat @@ -29,6 +29,7 @@ from collections import namedtuple, OrderedDict from natsort import natsorted from tabulate import tabulate from utilities_common.netstat import ns_diff, table_as_json, STATUS_NA, format_prate +from utilities_common.cli import UserCache from swsscommon.swsscommon import SonicV2Connector @@ -112,12 +113,12 @@ class Tunnelstat(object): if counter_tunnel_type_map is None: print("No %s in the DB!" % COUNTERS_TUNNEL_TYPE_MAP) - sys.exit(1) + sys.exit(1) if tun_type and tun_type not in counter_types: print("Unknown tunnel type %s" % tun_type) sys.exit(1) - + if tunnel and not tunnel in counter_tunnel_name_map: print("Interface %s missing from %s! Make sure it exists" % (tunnel, COUNTERS_TUNNEL_NAME_MAP)) sys.exit(2) @@ -250,56 +251,26 @@ def main(): delete_all_stats = args.delete_all use_json = args.json tag_name = args.tag if args.tag else "" - uid = str(os.getuid()) wait_time_in_seconds = args.period tunnel_name = args.tunnel if args.tunnel else "" tunnel_type = args.type if args.type else "" - # fancy filename with dashes: uid-tag-tunnel / uid-tunnel / uid-tag etc - filename_components = [uid, tag_name] - cnstat_file = "-".join(filter(None, filename_components)) + cache = UserCache(tag=tag_name) + + cnstat_file = "tunnelstat" - cnstat_dir = "/tmp/tunnelstat-" + uid + cnstat_dir = cache.get_directory() cnstat_fqn_file = cnstat_dir + "/" + cnstat_file if delete_all_stats: - # There is nothing to delete - if not os.path.isdir(cnstat_dir): - sys.exit(0) - - for file in os.listdir(cnstat_dir): - os.remove(cnstat_dir + "/" + file) - - try: - os.rmdir(cnstat_dir) - sys.exit(0) - except IOError as e: - print(e.errno, e) - sys.exit(e) + cache.remove_all() if delete_saved_stats: - try: - os.remove(cnstat_fqn_file) - except IOError as e: - if e.errno != ENOENT: - print(e.errno, e) - sys.exit(1) - finally: - if os.listdir(cnstat_dir) == []: - os.rmdir(cnstat_dir) - sys.exit(0) + cache.remove() tunnelstat = Tunnelstat() cnstat_dict,ratestat_dict = tunnelstat.get_cnstat(tunnel=tunnel_name, tun_type=tunnel_type) - # At this point, either we'll create a file or open an existing one. - if not os.path.exists(cnstat_dir): - try: - os.makedirs(cnstat_dir) - except IOError as e: - print(e.errno, e) - sys.exit(1) - if save_fresh_stats: try: pickle.dump(cnstat_dict, open(cnstat_fqn_file, 'wb')) diff --git a/show/plugins/pbh.py b/show/plugins/pbh.py index e50f6507a5..407c596163 100644 --- a/show/plugins/pbh.py +++ b/show/plugins/pbh.py @@ -14,14 +14,14 @@ import utilities_common.cli as clicommon from swsscommon.swsscommon import SonicV2Connector -PBH_COUNTERS_LOCATION = '/tmp/.pbh_counters.txt' - COUNTER_PACKETS_ATTR = "SAI_ACL_COUNTER_ATTR_PACKETS" COUNTER_BYTES_ATTR = "SAI_ACL_COUNTER_ATTR_BYTES" COUNTERS = "COUNTERS" ACL_COUNTER_RULE_MAP = "ACL_COUNTER_RULE_MAP" +PBH_COUNTERS_CACHE_FILENAME = "pbh-counters" + pbh_hash_field_tbl_name = 'PBH_HASH_FIELD' pbh_hash_tbl_name = 'PBH_HASH' pbh_table_tbl_name = 'PBH_TABLE' @@ -428,15 +428,18 @@ def deserialize_pbh_counters(): obj: counters dict. """ + cache = clicommon.UserCache('pbh') + counters_cache_file = os.path.join(cache.get_directory(), PBH_COUNTERS_CACHE_FILENAME) + def remap_keys(obj): res = {} for e in obj: res[e['key'][0], e['key'][1]] = e['value'] return res - if os.path.isfile(PBH_COUNTERS_LOCATION): + if os.path.isfile(counters_cache_file): try: - with open(PBH_COUNTERS_LOCATION, 'r') as f: + with open(counters_cache_file, 'r') as f: return remap_keys(json.load(f)) except Exception as err: pass diff --git a/tests/aclshow_test.py b/tests/aclshow_test.py index d0a92174f4..90fe46f683 100644 --- a/tests/aclshow_test.py +++ b/tests/aclshow_test.py @@ -192,8 +192,8 @@ def nullify_counters(self): This method is used to empty dumped counters if exist in /tmp/.counters_acl.p (by default). """ - if os.path.isfile(aclshow.COUNTER_POSITION): - with open(aclshow.COUNTER_POSITION, 'w') as fp: + if os.path.isfile(aclshow.COUNTERS_CACHE): + with open(aclshow.COUNTERS_CACHE, 'w') as fp: json.dump([], fp) def runTest(self): diff --git a/tests/config_test.py b/tests/config_test.py index e9dbae4194..98ff5a0c83 100644 --- a/tests/config_test.py +++ b/tests/config_test.py @@ -80,7 +80,6 @@ """ RELOAD_CONFIG_DB_OUTPUT = """\ -Running command: rm -rf /tmp/dropstat-* Stopping SONiC target ... Running command: /usr/local/bin/sonic-cfggen -j /tmp/config.json --write-to-db Restarting SONiC target ... @@ -88,7 +87,6 @@ """ RELOAD_YANG_CFG_OUTPUT = """\ -Running command: rm -rf /tmp/dropstat-* Stopping SONiC target ... Running command: /usr/local/bin/sonic-cfggen -Y /tmp/config.json --write-to-db Restarting SONiC target ... @@ -96,7 +94,6 @@ """ RELOAD_MASIC_CONFIG_DB_OUTPUT = """\ -Running command: rm -rf /tmp/dropstat-* Stopping SONiC target ... Running command: /usr/local/bin/sonic-cfggen -j /tmp/config.json --write-to-db Running command: /usr/local/bin/sonic-cfggen -j /tmp/config.json -n asic0 --write-to-db @@ -106,11 +103,9 @@ """ reload_config_with_sys_info_command_output="""\ -Running command: rm -rf /tmp/dropstat-* Running command: /usr/local/bin/sonic-cfggen -H -k Seastone-DX010-25-50 --write-to-db""" reload_config_with_disabled_service_output="""\ -Running command: rm -rf /tmp/dropstat-* Stopping SONiC target ... Running command: /usr/local/bin/sonic-cfggen -j /tmp/config.json --write-to-db Restarting SONiC target ... @@ -235,7 +230,7 @@ def test_config_reload(self, get_cmd_module, setup_single_broadcom_asic): assert result.exit_code == 0 - assert "\n".join([l.rstrip() for l in result.output.split('\n')][:2]) == reload_config_with_sys_info_command_output + assert "\n".join([l.rstrip() for l in result.output.split('\n')][:1]) == reload_config_with_sys_info_command_output def test_config_reload_untriggered_timer(self, get_cmd_module, setup_single_broadcom_asic): with mock.patch("utilities_common.cli.run_command", mock.MagicMock(side_effect=mock_run_command_side_effect_untriggered_timer)) as mock_run_command: @@ -293,9 +288,9 @@ def test_load_minigraph(self, get_cmd_module, setup_single_broadcom_asic): traceback.print_tb(result.exc_info[2]) assert result.exit_code == 0 assert "\n".join([l.rstrip() for l in result.output.split('\n')]) == load_minigraph_command_output - # Verify "systemctl reset-failed" is called for services under sonic.target + # Verify "systemctl reset-failed" is called for services under sonic.target mock_run_command.assert_any_call('systemctl reset-failed swss') - # Verify "systemctl reset-failed" is called for services under sonic-delayed.target + # Verify "systemctl reset-failed" is called for services under sonic-delayed.target mock_run_command.assert_any_call('systemctl reset-failed snmp') assert mock_run_command.call_count == 11 @@ -526,7 +521,7 @@ def test_reload_config_masic(self, get_cmd_module, setup_multi_broadcom_masic): runner = CliRunner() # 3 config files: 1 for host and 2 for asic cfg_files = "{},{},{}".format( - self.dummy_cfg_file, + self.dummy_cfg_file, self.dummy_cfg_file, self.dummy_cfg_file) result = runner.invoke( @@ -565,7 +560,7 @@ def teardown_class(cls): os.remove(cls.dummy_cfg_file) print("TEARDOWN") - + class TestConfigCbf(object): @classmethod def setup_class(cls): diff --git a/tests/pbh_test.py b/tests/pbh_test.py index 1972747782..7dddfea9ca 100644 --- a/tests/pbh_test.py +++ b/tests/pbh_test.py @@ -10,6 +10,7 @@ from .pbh_input import assert_show_output from utilities_common.db import Db +from utilities_common.cli import UserCache from click.testing import CliRunner from .mock_tables import dbconnector from .mock_tables import mock_single_asic @@ -876,10 +877,7 @@ def test_show_pbh_rule(self): def remove_pbh_counters_file(self): - SAVED_PBH_COUNTERS_FILE = '/tmp/.pbh_counters.txt' - if os.path.isfile(SAVED_PBH_COUNTERS_FILE): - os.remove(SAVED_PBH_COUNTERS_FILE) - + UserCache('pbh').remove_all() def test_show_pbh_statistics_on_empty_config(self): dbconnector.dedicated_dbs['CONFIG_DB'] = None diff --git a/tests/pfcstat_test.py b/tests/pfcstat_test.py index 955db3c23b..75f7ea6f59 100644 --- a/tests/pfcstat_test.py +++ b/tests/pfcstat_test.py @@ -8,6 +8,7 @@ import show.main as show from .utils import get_result_and_return_code +from utilities_common.cli import UserCache test_path = os.path.dirname(os.path.abspath(__file__)) modules_path = os.path.dirname(test_path) @@ -130,9 +131,8 @@ def del_cached_stats(): - uid = str(os.getuid()) - cnstat_dir = os.path.join(os.sep, "tmp", "pfcstat-{}".format(uid)) - shutil.rmtree(cnstat_dir, ignore_errors=True, onerror=None) + cache = UserCache("pfcstat") + cache.remove_all() def pfc_clear(expected_output): @@ -143,17 +143,6 @@ def pfc_clear(expected_output): 'pfcstat -c' ) - # verify that files are created with stats - uid = str(os.getuid()) - cnstat_dir = os.path.join(os.sep, "tmp", "pfcstat-{}".format(uid)) - cnstat_fqn_file_rx = "{}rx".format(uid) - cnstat_fqn_file_tx = "{}tx".format(uid) - file_list = [cnstat_fqn_file_tx, cnstat_fqn_file_rx] - file_list.sort() - files = os.listdir(cnstat_dir) - files.sort() - assert files == file_list - return_code, result = get_result_and_return_code( 'pfcstat -s all' ) diff --git a/tests/pgdropstat_test.py b/tests/pgdropstat_test.py index 3aea0f2959..a46a05b25b 100644 --- a/tests/pgdropstat_test.py +++ b/tests/pgdropstat_test.py @@ -9,6 +9,8 @@ from click.testing import CliRunner from shutil import copyfile +from utilities_common.cli import UserCache + test_path = os.path.dirname(os.path.abspath(__file__)) modules_path = os.path.dirname(test_path) scripts_path = os.path.join(modules_path, "scripts") @@ -88,25 +90,9 @@ def executor(self, clear_before_show): assert result.exit_code == 0 assert result.output == show_output - def test_show_pg_drop_config_reload(self): - runner = CliRunner() - self.test_show_pg_drop_clear() - - # simulate 'config reload' to provoke counters recalculation (remove backup from /tmp folder) - result = runner.invoke(config.config.commands["reload"], [ "--no_service_restart", "-y"]) - - print(result.exit_code) - print(result.output) - - assert result.exit_code == 0 - - self.test_show_pg_drop_show() - @classmethod def teardown_class(cls): os.environ["PATH"] = os.pathsep.join(os.environ["PATH"].split(os.pathsep)[:-1]) os.environ['UTILITIES_UNIT_TESTING'] = "0" - dropstat_dir_prefix = '/tmp/dropstat' - dir_path = "{}-{}/".format(dropstat_dir_prefix, os.getuid()) - os.system("rm -rf {}".format(dir_path)) + UserCache('pg-drop').remove_all() print("TEARDOWN") diff --git a/tests/portstat_test.py b/tests/portstat_test.py index b8dd055733..6429c4863a 100644 --- a/tests/portstat_test.py +++ b/tests/portstat_test.py @@ -6,6 +6,7 @@ import clear.main as clear import show.main as show from .utils import get_result_and_return_code +from utilities_common.cli import UserCache root_path = os.path.dirname(os.path.abspath(__file__)) modules_path = os.path.dirname(root_path) @@ -191,9 +192,8 @@ def remove_tmp_cnstat_file(): # remove the tmp portstat - uid = str(os.getuid()) - cnstat_dir = os.path.join(os.sep, "tmp", "portstat-{}".format(uid)) - shutil.rmtree(cnstat_dir, ignore_errors=True, onerror=None) + cache = UserCache("portstat") + cache.remove_all() def verify_after_clear(output, expected_out): diff --git a/utilities_common/cli.py b/utilities_common/cli.py index d6d8a111bf..6aaedcb209 100644 --- a/utilities_common/cli.py +++ b/utilities_common/cli.py @@ -4,6 +4,7 @@ import re import subprocess import sys +import shutil import click import json @@ -663,3 +664,41 @@ def query_yes_no(question, default="yes"): else: sys.stdout.write("Please respond with 'yes' or 'no' " "(or 'y' or 'n').\n") + + +class UserCache: + """ General purpose cache directory created per user """ + + CACHE_DIR = "/tmp/cache/" + + def __init__(self, app_name=None, tag=None): + """ Initialize UserCache and create a cache directory if it does not exist. + + Args: + tag (str): Tag the user cache. Different tags correspond to different cache directories even for the same user. + """ + self.uid = os.getuid() + self.app_name = os.path.basename(sys.argv[0]) if app_name is None else app_name + self.cache_directory_suffix = str(self.uid) if tag is None else f"{self.uid}-{tag}" + self.cache_directory_app = os.path.join(self.CACHE_DIR, self.app_name) + + prev_umask = os.umask(0) + try: + os.makedirs(self.cache_directory_app, exist_ok=True) + finally: + os.umask(prev_umask) + + self.cache_directory = os.path.join(self.cache_directory_app, self.cache_directory_suffix) + os.makedirs(self.cache_directory, exist_ok=True) + + def get_directory(self): + """ Return the cache directory path """ + return self.cache_directory + + def remove(self): + """ Remove the content of the cache directory """ + shutil.rmtree(self.cache_directory) + + def remove_all(self): + """ Remove the content of the cache for all users """ + shutil.rmtree(self.cache_directory_app) From ac2f55306e9f5f0f9fad60f814bcc777f685d2b4 Mon Sep 17 00:00:00 2001 From: Stephen Sun <5379172+stephenxs@users.noreply.github.com> Date: Fri, 29 Jul 2022 01:06:50 +0800 Subject: [PATCH 04/47] Improve the way to check port type of RJ45 port (#2249) * Update the presence state of RJ45 port Present/Not present => Link Up/Link Down Use the new platform API to test whether the port is an RJ45 port Signed-off-by: Stephen Sun * Use new platform API to check whether a port is RJ45 and represent present status accordingly Signed-off-by: Stephen Sun * Adjust sfputil and testcases Signed-off-by: Stephen Sun * Adjust sfpshow Signed-off-by: Stephen Sun * Exact is_rj45_port to a common module shared between sfpshow and intfutil Signed-off-by: Stephen Sun * Fall back to old way for checking RJ45 port Signed-off-by: Stephen Sun * Move RJ45 part to platform_sfputil_helper Signed-off-by: Stephen Sun * Remove fallback mechanism in is_rj45_port Signed-off-by: Stephen Sun * Remove get_child_ports which is not used Signed-off-by: Stephen Sun * Temporarily commit Signed-off-by: Stephen Sun * Update unit test Signed-off-by: stephens * Adjust unit test Signed-off-by: Stephen Sun * Commit missed files Signed-off-by: Stephen Sun * Add missing files Signed-off-by: stephens * Fix typo Signed-off-by: Stephen Sun * Remove code that was committed by mistake. Signed-off-by: Stephen Sun * Fix an issue: the ports should be in nature order in sfputil show presence Signed-off-by: Stephen Sun * Fix present state for RJ45: Link Up/Down => Port Up/Down Signed-off-by: Stephen Sun * LGTM warning supression Signed-off-by: Stephen Sun * LGTM warning supression Signed-off-by: Stephen Sun * Move present state part into another PR Signed-off-by: Stephen Sun * Fix review comments Signed-off-by: Stephen Sun Co-authored-by: stephens --- scripts/intfutil | 40 +++++----- scripts/sfpshow | 75 ++++++++++--------- sfputil/main.py | 71 ++++++++---------- .../mock_platform_sfputil.py | 41 ++++++++++ tests/mock_platform_sfputil/portmap.json | 8 ++ tests/sfp_test.py | 8 ++ tests/sfputil_test.py | 44 ++++------- utilities_common/platform_sfputil_helper.py | 45 ++++++++++- 8 files changed, 210 insertions(+), 122 deletions(-) create mode 100644 tests/mock_platform_sfputil/mock_platform_sfputil.py create mode 100644 tests/mock_platform_sfputil/portmap.json diff --git a/scripts/intfutil b/scripts/intfutil index e327d1a607..fb351687a8 100755 --- a/scripts/intfutil +++ b/scripts/intfutil @@ -5,13 +5,6 @@ import os import re import sys -from natsort import natsorted -from tabulate import tabulate -from utilities_common import constants -from utilities_common import multi_asic as multi_asic_util -from utilities_common.intf_filter import parse_interface_in_filter -from sonic_py_common.interface import get_intf_longname - # mock the redis for unit test purposes # try: if os.environ["UTILITIES_UNIT_TESTING"] == "2": @@ -20,6 +13,8 @@ try: sys.path.insert(0, modules_path) sys.path.insert(0, tests_path) import mock_tables.dbconnector + from mock_platform_sfputil.mock_platform_sfputil import mock_platform_sfputil_helper + mock_platform_sfputil_helper() if os.environ["UTILITIES_UNIT_TESTING_TOPOLOGY"] == "multi_asic": import mock_tables.mock_multi_asic mock_tables.dbconnector.load_namespace_config() @@ -27,6 +22,14 @@ try: except KeyError: pass +from natsort import natsorted +from tabulate import tabulate +from utilities_common import constants +from utilities_common import multi_asic as multi_asic_util +from utilities_common.intf_filter import parse_interface_in_filter +from utilities_common.platform_sfputil_helper import is_rj45_port, RJ45_PORT_TYPE +from sonic_py_common.interface import get_intf_longname + # ========================== Common interface-utils logic ========================== @@ -49,7 +52,7 @@ PORT_RMT_ADV_SPEEDS = 'rmt_adv_speeds' PORT_INTERFACE_TYPE = 'interface_type' PORT_ADV_INTERFACE_TYPES = 'adv_interface_types' PORT_TPID = "tpid" -OPTICS_TYPE_RJ45 = 'RJ45' +OPTICS_TYPE_RJ45 = RJ45_PORT_TYPE PORT_LINK_TRAINING = 'link_training' PORT_LINK_TRAINING_STATUS = 'link_training_status' @@ -161,10 +164,10 @@ def appl_db_port_status_get(appl_db, intf_name, status_type): if status is None: return "N/A" if status_type == PORT_SPEED and status != "N/A": - optics_type = state_db_port_optics_get(appl_db, intf_name, PORT_OPTICS_TYPE) + optics_type = port_optics_get(appl_db, intf_name, PORT_OPTICS_TYPE) status = port_speed_parse(status, optics_type) elif status_type == PORT_ADV_SPEEDS and status != "N/A" and status != "all": - optics_type = state_db_port_optics_get(appl_db, intf_name, PORT_OPTICS_TYPE) + optics_type = port_optics_get(appl_db, intf_name, PORT_OPTICS_TYPE) speed_list = status.split(',') new_speed_list = [] for s in natsorted(speed_list): @@ -181,7 +184,7 @@ def state_db_port_status_get(db, intf_name, field): if not status: return "N/A" if field in [PORT_RMT_ADV_SPEEDS] and status not in ["N/A", "all"]: - optics_type = state_db_port_optics_get(db, intf_name, PORT_OPTICS_TYPE) + optics_type = port_optics_get(db, intf_name, PORT_OPTICS_TYPE) speed_list = status.split(',') new_speed_list = [] for s in natsorted(speed_list): @@ -198,7 +201,7 @@ def port_oper_speed_get(db, intf_name): if oper_speed is None or oper_speed == "N/A" or oper_status != "up": return appl_db_port_status_get(db, intf_name, PORT_SPEED) else: - optics_type = state_db_port_optics_get(db, intf_name, PORT_OPTICS_TYPE) + optics_type = port_optics_get(db, intf_name, PORT_OPTICS_TYPE) return port_speed_parse(oper_speed, optics_type) def port_oper_speed_get_raw(db, intf_name): @@ -211,14 +214,17 @@ def port_oper_speed_get_raw(db, intf_name): speed = db.get(db.APPL_DB, PORT_STATUS_TABLE_PREFIX + intf_name, PORT_SPEED) return speed -def state_db_port_optics_get(state_db, intf_name, type): +def port_optics_get(state_db, intf_name, type): """ Get optic type info for port """ full_table_id = PORT_TRANSCEIVER_TABLE_PREFIX + intf_name optics_type = state_db.get(state_db.STATE_DB, full_table_id, type) if optics_type is None: - return "N/A" + if is_rj45_port(intf_name): + return OPTICS_TYPE_RJ45 + else: + return "N/A" return optics_type def merge_dicts(x,y): @@ -325,13 +331,13 @@ def po_speed_dict(po_int_dict, appl_db): # If no speed was returned, append None without format po_list.append(None) else: - optics_type = state_db_port_optics_get(appl_db, value[0], PORT_OPTICS_TYPE) + optics_type = port_optics_get(appl_db, value[0], PORT_OPTICS_TYPE) interface_speed = port_speed_parse(interface_speed, optics_type) po_list.append(interface_speed) elif len(value) > 1: for intf in value: temp_speed = port_oper_speed_get_raw(appl_db, intf) - optics_type = state_db_port_optics_get(appl_db, intf, PORT_OPTICS_TYPE) + optics_type = port_optics_get(appl_db, intf, PORT_OPTICS_TYPE) temp_speed = int(temp_speed) if temp_speed else 0 agg_speed_list.append(temp_speed) interface_speed = sum(agg_speed_list) @@ -477,7 +483,7 @@ class IntfStatus(object): config_db_vlan_port_keys_get(self.combined_int_to_vlan_po_dict, self.front_panel_ports_list, key), appl_db_port_status_get(self.db, key, PORT_OPER_STATUS), appl_db_port_status_get(self.db, key, PORT_ADMIN_STATUS), - state_db_port_optics_get(self.db, key, PORT_OPTICS_TYPE), + port_optics_get(self.db, key, PORT_OPTICS_TYPE), appl_db_port_status_get(self.db, key, PORT_PFC_ASYM_STATUS))) for po, value in self.portchannel_speed_dict.items(): diff --git a/scripts/sfpshow b/scripts/sfpshow index 3d71408202..d292dddb85 100755 --- a/scripts/sfpshow +++ b/scripts/sfpshow @@ -17,7 +17,6 @@ from natsort import natsorted from sonic_py_common.interface import front_panel_prefix, backplane_prefix, inband_prefix, recirc_prefix from sonic_py_common import multi_asic from tabulate import tabulate -from utilities_common import multi_asic as multi_asic_util # Mock the redis DB for unit test purposes try: @@ -27,12 +26,17 @@ try: sys.path.insert(0, modules_path) sys.path.insert(0, test_path) import mock_tables.dbconnector + from mock_platform_sfputil.mock_platform_sfputil import mock_platform_sfputil_helper + mock_platform_sfputil_helper() if os.environ["UTILITIES_UNIT_TESTING_TOPOLOGY"] == "multi_asic": import mock_tables.mock_multi_asic mock_tables.dbconnector.load_namespace_config() except KeyError: pass +from utilities_common import multi_asic as multi_asic_util +from utilities_common.platform_sfputil_helper import is_rj45_port, RJ45_PORT_TYPE + # TODO: We should share these maps and the formatting functions between sfputil and sfpshow QSFP_DATA_MAP = { 'model': 'Vendor PN', @@ -215,8 +219,6 @@ QSFP_DD_DOM_VALUE_UNIT_MAP = { 'voltage': 'Volts' } -RJ45_PORT_TYPE = 'RJ45' - def display_invalid_intf_eeprom(intf_name): output = intf_name + ': SFP EEPROM Not detected\n' @@ -231,7 +233,6 @@ def display_invalid_intf_presence(intf_name): class SFPShow(object): - def __init__(self, intf_name, namespace_option, dump_dom=False): super(SFPShow, self).__init__() self.db = None @@ -394,41 +395,47 @@ class SFPShow(object): output = '' sfp_info_dict = state_db.get_all(state_db.STATE_DB, 'TRANSCEIVER_INFO|{}'.format(interface_name)) - if sfp_info_dict['type'] == RJ45_PORT_TYPE: - output = 'SFP EEPROM is not applicable for RJ45 port\n' + if sfp_info_dict: + if sfp_info_dict['type'] == RJ45_PORT_TYPE: + output = 'SFP EEPROM is not applicable for RJ45 port\n' + else: + output = 'SFP EEPROM detected\n' + sfp_info_output = self.convert_sfp_info_to_output_string(sfp_info_dict) + output += sfp_info_output + + if dump_dom: + sfp_type = sfp_info_dict['type'] + dom_info_dict = state_db.get_all(state_db.STATE_DB, 'TRANSCEIVER_DOM_SENSOR|{}'.format(interface_name)) + dom_output = self.convert_dom_to_output_string(sfp_type, dom_info_dict) + output += dom_output else: - output = 'SFP EEPROM detected\n' - sfp_info_output = self.convert_sfp_info_to_output_string(sfp_info_dict) - output += sfp_info_output - - if dump_dom: - sfp_type = sfp_info_dict['type'] - dom_info_dict = state_db.get_all(state_db.STATE_DB, 'TRANSCEIVER_DOM_SENSOR|{}'.format(interface_name)) - dom_output = self.convert_dom_to_output_string(sfp_type, dom_info_dict) - output += dom_output + if is_rj45_port(interface_name): + output = 'SFP EEPROM is not applicable for RJ45 port\n' + else: + output = "SFP EEPROM Not detected\n" return output @multi_asic_util.run_on_multi_asic def get_eeprom(self): if self.intf_name is not None: - presence = self.db.exists(self.db.STATE_DB, 'TRANSCEIVER_INFO|{}'.format(self.intf_name)) - if presence: - self.intf_eeprom[self.intf_name] = self.convert_interface_sfp_info_to_cli_output_string( - self.db, self.intf_name, self.dump_dom) - else: - self.intf_eeprom[self.intf_name] = "SFP EEPROM Not detected\n" + self.intf_eeprom[self.intf_name] = self.convert_interface_sfp_info_to_cli_output_string( + self.db, self.intf_name, self.dump_dom) else: port_table_keys = self.db.keys(self.db.APPL_DB, "PORT_TABLE:*") for i in port_table_keys: interface = re.split(':', i, maxsplit=1)[-1].strip() if interface and interface.startswith(front_panel_prefix()) and not interface.startswith((backplane_prefix(), inband_prefix(), recirc_prefix())): - presence = self.db.exists(self.db.STATE_DB, 'TRANSCEIVER_INFO|{}'.format(interface)) - if presence: - self.intf_eeprom[interface] = self.convert_interface_sfp_info_to_cli_output_string( - self.db, interface, self.dump_dom) - else: - self.intf_eeprom[interface] = "SFP EEPROM Not detected\n" + self.intf_eeprom[interface] = self.convert_interface_sfp_info_to_cli_output_string( + self.db, interface, self.dump_dom) + + def convert_interface_sfp_presence_state_to_cli_output_string(self, state_db, interface_name): + sfp_info_dict = state_db.get_all(self.db.STATE_DB, 'TRANSCEIVER_INFO|{}'.format(interface_name)) + if sfp_info_dict: + output = 'Present' + else: + output = 'Not present' + return output @multi_asic_util.run_on_multi_asic @@ -436,21 +443,15 @@ class SFPShow(object): port_table = [] if self.intf_name is not None: - presence = self.db.exists(self.db.STATE_DB, 'TRANSCEIVER_INFO|{}'.format(self.intf_name)) - if presence: - port_table.append((self.intf_name, 'Present')) - else: - port_table.append((self.intf_name, 'Not present')) + presence_string = self.convert_interface_sfp_presence_state_to_cli_output_string(self.db, self.intf_name) + port_table.append((self.intf_name, presence_string)) else: port_table_keys = self.db.keys(self.db.APPL_DB, "PORT_TABLE:*") for i in port_table_keys: key = re.split(':', i, maxsplit=1)[-1].strip() if key and key.startswith(front_panel_prefix()) and not key.startswith((backplane_prefix(), inband_prefix(), recirc_prefix())): - presence = self.db.exists(self.db.STATE_DB, 'TRANSCEIVER_INFO|{}'.format(key)) - if presence: - port_table.append((key, 'Present')) - else: - port_table.append((key, 'Not present')) + presence_string = self.convert_interface_sfp_presence_state_to_cli_output_string(self.db, key) + port_table.append((key, presence_string)) self.table += port_table diff --git a/sfputil/main.py b/sfputil/main.py index d567f39a0d..96653bb622 100644 --- a/sfputil/main.py +++ b/sfputil/main.py @@ -16,6 +16,7 @@ import click import sonic_platform import sonic_platform_base.sonic_sfp.sfputilhelper +from sonic_platform_base.sfp_base import SfpBase from swsscommon.swsscommon import SonicV2Connector from natsort import natsorted from sonic_py_common import device_info, logger, multi_asic @@ -291,33 +292,16 @@ def is_sfp_present(port_name): return bool(presence) -# Below defined two flavors of functions to determin whether a port is a RJ45 port. -# They serve different types of SFP utilities. One type of SFP utility consume the -# info stored in the STATE_DB, these utilities shall call 'is_rj45_port_from_db' -# to judge the port type. Another type of utilities will call the platform API -# directly to access SFP, for them shall use 'is_rj45_port_from_api'. -def is_rj45_port_from_db(port_name, db): - intf_type = db.get(db.STATE_DB, 'TRANSCEIVER_INFO|{}'.format(port_name), 'type') - return intf_type == RJ45_PORT_TYPE - - -def is_rj45_port_from_api(port_name): +def is_port_type_rj45(port_name): physical_port = logical_port_to_physical_port_index(port_name) - sfp = platform_chassis.get_sfp(physical_port) try: - port_type = sfp.get_transceiver_info()['type'] + port_types = platform_chassis.get_port_or_cage_type(physical_port) + return SfpBase.SFP_PORT_TYPE_BIT_RJ45 == port_types except NotImplementedError: - click.echo("Not able to judge the port type due to get_transceiver_info not implemented!", err=True) - sys.exit(ERROR_NOT_IMPLEMENTED) + pass - return port_type == RJ45_PORT_TYPE - - -def skip_if_port_is_rj45(port_name): - if is_rj45_port_from_api(port_name): - click.echo("This functionality is not applicable for RJ45 port {}.".format(port_name)) - sys.exit(EXIT_FAIL) + return False # ========================== Methods for formatting output ========================== # Convert dict values to cli output string @@ -659,7 +643,7 @@ def eeprom(port, dump_dom, namespace): for physical_port in physical_port_list: port_name = get_physical_port_name(logical_port_name, i, ganged) - if is_rj45_port_from_api(port_name): + if is_port_type_rj45(port_name): output += "{}: SFP EEPROM is not applicable for RJ45 port\n".format(port_name) output += '\n' continue @@ -725,6 +709,7 @@ def presence(port): logical_port_list = [port] + logical_port_list = natsort.natsorted(logical_port_list) for logical_port_name in logical_port_list: ganged = False i = 1 @@ -817,7 +802,7 @@ def fetch_error_status_from_platform_api(port): physical_port_list = logical_port_name_to_physical_port_list(logical_port_name) port_name = get_physical_port_name(logical_port_name, 1, False) - if is_rj45_port_from_api(logical_port_name): + if is_port_type_rj45(logical_port_name): output.append([port_name, "N/A"]) else: output.append([port_name, output_dict.get(physical_port_list[0])]) @@ -843,7 +828,7 @@ def fetch_error_status_from_state_db(port, state_db): sorted_ports = natsort.natsorted(status) output = [] for port in sorted_ports: - if is_rj45_port_from_db(port, state_db): + if is_port_type_rj45(port): description = "N/A" else: statestring = status[port].get('status') @@ -919,7 +904,7 @@ def lpmode(port): click.echo("Error: No physical ports found for logical port '{}'".format(logical_port_name)) return - if is_rj45_port_from_api(logical_port_name): + if is_port_type_rj45(logical_port_name): output_table.append([logical_port_name, "N/A"]) else: if len(physical_port_list) > 1: @@ -962,7 +947,7 @@ def fwversion(port_name): physical_port = logical_port_to_physical_port_index(port_name) sfp = platform_chassis.get_sfp(physical_port) - if is_rj45_port_from_api(port_name): + if is_port_type_rj45(port_name): click.echo("Show firmware version is not applicable for RJ45 port {}.".format(port_name)) sys.exit(EXIT_FAIL) @@ -1001,7 +986,7 @@ def set_lpmode(logical_port, enable): click.echo("Error: No physical ports found for logical port '{}'".format(logical_port)) return - if is_rj45_port_from_api(logical_port): + if is_port_type_rj45(logical_port): click.echo("{} low-power mode is not applicable for RJ45 port {}.".format("Enabling" if enable else "Disabling", logical_port)) sys.exit(EXIT_FAIL) @@ -1061,7 +1046,7 @@ def reset(port_name): click.echo("Error: No physical ports found for logical port '{}'".format(port_name)) return - if is_rj45_port_from_api(port_name): + if is_port_type_rj45(port_name): click.echo("Reset is not applicable for RJ45 port {}.".format(port_name)) sys.exit(EXIT_FAIL) @@ -1226,12 +1211,14 @@ def download_firmware(port_name, filepath): def run(port_name, mode): """Run the firmware with default mode=1""" + if is_port_type_rj45(port_name): + click.echo("This functionality is not applicable for RJ45 port {}.".format(port_name)) + sys.exit(EXIT_FAIL) + if not is_sfp_present(port_name): click.echo("{}: SFP EEPROM not detected\n".format(port_name)) sys.exit(EXIT_FAIL) - skip_if_port_is_rj45(port_name) - status = run_firmware(port_name, int(mode)) if status != 1: click.echo('Failed to run firmware in mode={}! CDB status: {}'.format(mode, status)) @@ -1245,12 +1232,14 @@ def run(port_name, mode): def commit(port_name): """Commit the running firmware""" + if is_port_type_rj45(port_name): + click.echo("This functionality is not applicable for RJ45 port {}.".format(port_name)) + sys.exit(EXIT_FAIL) + if not is_sfp_present(port_name): click.echo("{}: SFP EEPROM not detected\n".format(port_name)) sys.exit(EXIT_FAIL) - skip_if_port_is_rj45(port_name) - status = commit_firmware(port_name) if status != 1: click.echo('Failed to commit firmware! CDB status: {}'.format(status)) @@ -1267,12 +1256,14 @@ def upgrade(port_name, filepath): physical_port = logical_port_to_physical_port_index(port_name) + if is_port_type_rj45(port_name): + click.echo("This functionality is not applicable for RJ45 port {}.".format(port_name)) + sys.exit(EXIT_FAIL) + if not is_sfp_present(port_name): click.echo("{}: SFP EEPROM not detected\n".format(port_name)) sys.exit(EXIT_FAIL) - skip_if_port_is_rj45(port_name) - show_firmware_version(physical_port) status = download_firmware(port_name, filepath) @@ -1303,12 +1294,14 @@ def upgrade(port_name, filepath): def download(port_name, filepath): """Download firmware on the transceiver""" + if is_port_type_rj45(port_name): + click.echo("This functionality is not applicable for RJ45 port {}.".format(port_name)) + sys.exit(EXIT_FAIL) + if not is_sfp_present(port_name): click.echo("{}: SFP EEPROM not detected\n".format(port_name)) sys.exit(EXIT_FAIL) - skip_if_port_is_rj45(port_name) - start = time.time() status = download_firmware(port_name, filepath) if status == 1: @@ -1329,7 +1322,9 @@ def unlock(port_name, password): physical_port = logical_port_to_physical_port_index(port_name) sfp = platform_chassis.get_sfp(physical_port) - skip_if_port_is_rj45(port_name) + if is_port_type_rj45(port_name): + click.echo("This functionality is not applicable for RJ45 port {}.".format(port_name)) + sys.exit(EXIT_FAIL) if not is_sfp_present(port_name): click.echo("{}: SFP EEPROM not detected\n".format(port_name)) diff --git a/tests/mock_platform_sfputil/mock_platform_sfputil.py b/tests/mock_platform_sfputil/mock_platform_sfputil.py new file mode 100644 index 0000000000..5c3ea2e248 --- /dev/null +++ b/tests/mock_platform_sfputil/mock_platform_sfputil.py @@ -0,0 +1,41 @@ +import json +import os +from sonic_platform_base.platform_base import PlatformBase +from sonic_platform_base.chassis_base import ChassisBase +from sonic_platform_base.sfp_base import SfpBase +import utilities_common.platform_sfputil_helper as platform_sfputil_helper + +portMap = None +RJ45Ports = None + +class mock_Chassis(ChassisBase): + def __init__(self): + ChassisBase.__init__(self) + + def get_port_or_cage_type(self, index): + if index in RJ45Ports: + return SfpBase.SFP_PORT_TYPE_BIT_RJ45 + else: + raise NotImplementedError + +def mock_logical_port_name_to_physical_port_list(port_name): + index = portMap.get(port_name) + if not index: + index = 0 + return [index] + +def mock_platform_sfputil_read_porttab_mappings(): + global portMap + global RJ45Ports + + with open(os.path.join(os.path.dirname(__file__), 'portmap.json')) as pm: + jsonobj = json.load(pm) + portMap = jsonobj['portMap'] + RJ45Ports = jsonobj['RJ45Ports'] + +def mock_platform_sfputil_helper(): + platform_sfputil_helper.platform_chassis = mock_Chassis() + platform_sfputil_helper.platform_sfputil = True + platform_sfputil_helper.platform_porttab_mapping_read = False + platform_sfputil_helper.platform_sfputil_read_porttab_mappings = mock_platform_sfputil_read_porttab_mappings + platform_sfputil_helper.logical_port_name_to_physical_port_list = mock_logical_port_name_to_physical_port_list diff --git a/tests/mock_platform_sfputil/portmap.json b/tests/mock_platform_sfputil/portmap.json new file mode 100644 index 0000000000..eec9a9f40d --- /dev/null +++ b/tests/mock_platform_sfputil/portmap.json @@ -0,0 +1,8 @@ +{ + "portMap": { + "Ethernet29": 1 + }, + "RJ45Ports": [ + 1 + ] +} diff --git a/tests/sfp_test.py b/tests/sfp_test.py index a69872ab76..b894b39469 100644 --- a/tests/sfp_test.py +++ b/tests/sfp_test.py @@ -364,6 +364,14 @@ def test_sfp_presence(self): assert result.exit_code == 0 assert result.output == expected + result = runner.invoke(show.cli.commands["interfaces"].commands["transceiver"].commands["presence"], ["Ethernet29"]) + expected = """Port Presence +---------- ----------- +Ethernet29 Not present +""" + assert result.exit_code == 0 + assert result.output == expected + result = runner.invoke(show.cli.commands["interfaces"].commands["transceiver"].commands["presence"], ["Ethernet36"]) expected = """Port Presence ---------- ---------- diff --git a/tests/sfputil_test.py b/tests/sfputil_test.py index a4d568d20e..1231ba67d7 100644 --- a/tests/sfputil_test.py +++ b/tests/sfputil_test.py @@ -268,15 +268,16 @@ def test_version(self): result = runner.invoke(sfputil.cli.commands['version'], []) assert result.output.rstrip() == 'sfputil version {}'.format(sfputil.VERSION) + @patch('sfputil.main.is_port_type_rj45', MagicMock(return_value=False)) def test_error_status_from_db(self): db = Db() expected_output = [['Ethernet0', 'Blocking Error|High temperature'], ['Ethernet4', 'OK'], ['Ethernet8', 'Unplugged'], ['Ethernet12', 'Unknown state: 255'], - ['Ethernet16', 'N/A'], - ['Ethernet28', 'N/A'], - ['Ethernet36', 'N/A']] + ['Ethernet16', 'Unplugged'], + ['Ethernet28', 'Unplugged'], + ['Ethernet36', 'Unknown']] output = sfputil.fetch_error_status_from_state_db(None, db.db) assert output == expected_output @@ -284,11 +285,7 @@ def test_error_status_from_db(self): output = sfputil.fetch_error_status_from_state_db('Ethernet0', db.db) assert output == expected_output_ethernet0 - expected_output_ethernet16 = expected_output[4:5] - output = sfputil.fetch_error_status_from_state_db('Ethernet16', db.db) - assert output == expected_output_ethernet16 - - @patch('sfputil.main.is_rj45_port_from_db', MagicMock(return_value=True)) + @patch('sfputil.main.is_port_type_rj45', MagicMock(return_value=True)) def test_error_status_from_db_RJ45(self): db = Db() expected_output = [['Ethernet0', 'N/A'], @@ -305,13 +302,9 @@ def test_error_status_from_db_RJ45(self): output = sfputil.fetch_error_status_from_state_db('Ethernet0', db.db) assert output == expected_output_ethernet0 - expected_output_ethernet16 = expected_output[4:5] - output = sfputil.fetch_error_status_from_state_db('Ethernet16', db.db) - assert output == expected_output_ethernet16 - @patch('sfputil.main.logical_port_name_to_physical_port_list', MagicMock(return_value=[1])) @patch('sfputil.main.logical_port_to_physical_port_index', MagicMock(return_value=1)) - @patch('sfputil.main.is_rj45_port_from_api', MagicMock(return_value=False)) + @patch('sfputil.main.is_port_type_rj45', MagicMock(return_value=False)) @patch('subprocess.check_output', MagicMock(return_value="['0:OK']")) def test_fetch_error_status_from_platform_api(self): output = sfputil.fetch_error_status_from_platform_api('Ethernet0') @@ -320,7 +313,7 @@ def test_fetch_error_status_from_platform_api(self): @patch('sfputil.main.logical_port_name_to_physical_port_list', MagicMock(return_value=[1])) @patch('sfputil.main.logical_port_to_physical_port_index', MagicMock(return_value=1)) @patch('subprocess.check_output', MagicMock(return_value="['0:OK']")) - @patch('sfputil.main.is_rj45_port_from_api', MagicMock(return_value=True)) + @patch('sfputil.main.is_port_type_rj45', MagicMock(return_value=True)) def test_fetch_error_status_from_platform_api_RJ45(self): output = sfputil.fetch_error_status_from_platform_api('Ethernet0') assert output == [['Ethernet0', 'N/A']] @@ -401,6 +394,7 @@ def test_show_lpmode(self, mock_chassis): mock_sfp.get_lpmode.return_value = False mock_sfp.get_transceiver_info = MagicMock(return_value={'type': sfputil.RJ45_PORT_TYPE}) + mock_chassis.get_port_or_cage_type = MagicMock(return_value=sfputil.SfpBase.SFP_PORT_TYPE_BIT_RJ45) result = runner.invoke(sfputil.cli.commands['show'].commands['lpmode'], ["-p", "Ethernet0"]) assert result.exit_code == 0 expected_output = """Port Low-power Mode @@ -413,7 +407,7 @@ def test_show_lpmode(self, mock_chassis): @patch('sfputil.main.logical_port_to_physical_port_index', MagicMock(return_value=1)) @patch('sfputil.main.logical_port_name_to_physical_port_list', MagicMock(return_value=[1])) @patch('sfputil.main.platform_sfputil', MagicMock(is_logical_port=MagicMock(return_value=1))) - @patch('sfputil.main.is_rj45_port_from_api', MagicMock(return_value=True)) + @patch('sfputil.main.is_port_type_rj45', MagicMock(return_value=True)) def test_show_eeprom_RJ45(self, mock_chassis): mock_sfp = MagicMock() mock_api = MagicMock() @@ -424,14 +418,8 @@ def test_show_eeprom_RJ45(self, mock_chassis): expected_output = "Ethernet16: SFP EEPROM is not applicable for RJ45 port\n\n\n" assert result.output == expected_output - @patch('sfputil.main.is_rj45_port_from_api', MagicMock(return_value=True)) - @patch('sys.exit', MagicMock(return_value=EXIT_FAIL)) - def test_skip_if_port_is_rj45(self): - result = sfputil.skip_if_port_is_rj45('Ethernet0') - assert result == None - @patch('sfputil.main.logical_port_name_to_physical_port_list', MagicMock(return_value=1)) - @patch('sfputil.main.is_rj45_port_from_api', MagicMock(return_value=True)) + @patch('sfputil.main.is_port_type_rj45', MagicMock(return_value=True)) @patch('sfputil.main.platform_sfputil', MagicMock(is_logical_port=MagicMock(return_value=1))) def test_lpmode_set(self): runner = CliRunner() @@ -440,7 +428,7 @@ def test_lpmode_set(self): assert result.exit_code == EXIT_FAIL @patch('sfputil.main.logical_port_name_to_physical_port_list', MagicMock(return_value=1)) - @patch('sfputil.main.is_rj45_port_from_api', MagicMock(return_value=True)) + @patch('sfputil.main.is_port_type_rj45', MagicMock(return_value=True)) @patch('sfputil.main.platform_sfputil', MagicMock(is_logical_port=MagicMock(return_value=1))) def test_reset_RJ45(self): runner = CliRunner() @@ -463,7 +451,7 @@ def test_unlock_firmware(self, mock_chassis): @patch('sfputil.main.platform_chassis') @patch('sfputil.main.logical_port_to_physical_port_index', MagicMock(return_value=1)) - @patch('sfputil.main.is_rj45_port_from_api', MagicMock(return_value=True)) + @patch('sfputil.main.is_port_type_rj45', MagicMock(return_value=True)) def test_show_fwversion_Rj45(self, mock_chassis): mock_sfp = MagicMock() mock_api = MagicMock() @@ -500,7 +488,7 @@ def test_commit_firmwre(self, mock_chassis): assert status == 1 @patch('sfputil.main.is_sfp_present', MagicMock(return_value=True)) - @patch('sfputil.main.is_rj45_port_from_api', MagicMock(return_value=True)) + @patch('sfputil.main.is_port_type_rj45', MagicMock(return_value=True)) def test_firmware_run_RJ45(self): runner = CliRunner() result = runner.invoke(sfputil.cli.commands['firmware'].commands['run'], ["--mode", "0", "Ethernet0"]) @@ -508,7 +496,7 @@ def test_firmware_run_RJ45(self): assert result.exit_code == EXIT_FAIL @patch('sfputil.main.is_sfp_present', MagicMock(return_value=True)) - @patch('sfputil.main.is_rj45_port_from_api', MagicMock(return_value=True)) + @patch('sfputil.main.is_port_type_rj45', MagicMock(return_value=True)) def test_firmware_commit_RJ45(self): runner = CliRunner() result = runner.invoke(sfputil.cli.commands['firmware'].commands['commit'], ["Ethernet0"]) @@ -516,7 +504,7 @@ def test_firmware_commit_RJ45(self): assert result.exit_code == EXIT_FAIL @patch('sfputil.main.logical_port_to_physical_port_index', MagicMock(return_value=1)) - @patch('sfputil.main.is_rj45_port_from_api', MagicMock(return_value=True)) + @patch('sfputil.main.is_port_type_rj45', MagicMock(return_value=True)) @patch('sfputil.main.is_sfp_present', MagicMock(return_value=1)) def test_firmware_upgrade_RJ45(self): runner = CliRunner() @@ -525,7 +513,7 @@ def test_firmware_upgrade_RJ45(self): assert result.exit_code == EXIT_FAIL @patch('sfputil.main.logical_port_to_physical_port_index', MagicMock(return_value=1)) - @patch('sfputil.main.is_rj45_port_from_api', MagicMock(return_value=True)) + @patch('sfputil.main.is_port_type_rj45', MagicMock(return_value=True)) @patch('sfputil.main.is_sfp_present', MagicMock(return_value=1)) def test_firmware_download_RJ45(self): runner = CliRunner() diff --git a/utilities_common/platform_sfputil_helper.py b/utilities_common/platform_sfputil_helper.py index a7f4477660..8b6afd5ef5 100644 --- a/utilities_common/platform_sfputil_helper.py +++ b/utilities_common/platform_sfputil_helper.py @@ -6,7 +6,11 @@ from sonic_py_common import multi_asic, device_info platform_sfputil = None +platform_chassis = None +platform_sfp_base = None +platform_porttab_mapping_read = False +RJ45_PORT_TYPE = 'RJ45' def load_platform_sfputil(): @@ -22,6 +26,10 @@ def load_platform_sfputil(): def platform_sfputil_read_porttab_mappings(): + global platform_porttab_mapping_read + + if platform_porttab_mapping_read: + return 0 try: @@ -35,6 +43,8 @@ def platform_sfputil_read_porttab_mappings(): # For single ASIC platforms we pass port_config_file_path and the asic_inst as 0 port_config_file_path = device_info.get_path_to_port_config_file() platform_sfputil.read_porttab_mappings(port_config_file_path, 0) + + platform_porttab_mapping_read = True except Exception as e: click.echo("Error reading port info (%s)" % str(e)) sys.exit(1) @@ -70,7 +80,7 @@ def get_physical_to_logical(): def get_interface_name(port, db): - if port is not "all" and port is not None: + if port != "all" and port is not None: alias = port iface_alias_converter = clicommon.InterfaceAliasConverter(db) if clicommon.get_interface_naming_mode() == "alias": @@ -83,7 +93,7 @@ def get_interface_name(port, db): def get_interface_alias(port, db): - if port is not "all" and port is not None: + if port != "all" and port is not None: alias = port iface_alias_converter = clicommon.InterfaceAliasConverter(db) if clicommon.get_interface_naming_mode() == "alias": @@ -93,3 +103,34 @@ def get_interface_alias(port, db): sys.exit(1) return port + + +def is_rj45_port(port_name): + global platform_sfputil + global platform_chassis + global platform_sfp_base + global platform_sfputil_loaded + + if not platform_chassis: + import sonic_platform + platform_chassis = sonic_platform.platform.Platform().get_chassis() + if not platform_sfp_base: + import sonic_platform_base + platform_sfp_base = sonic_platform_base.sfp_base.SfpBase + + if platform_chassis and platform_sfp_base: + if not platform_sfputil: + load_platform_sfputil() + + if not platform_porttab_mapping_read: + platform_sfputil_read_porttab_mappings() + + physical_port = logical_port_name_to_physical_port_list(port_name)[0] + try: + port_type = platform_chassis.get_port_or_cage_type(physical_port) + except NotImplementedError as e: + port_type = None + + return port_type == platform_sfp_base.SFP_PORT_TYPE_BIT_RJ45 + + return False From 6de18a1ded43a5bec02af5732fc4c64e551d8a42 Mon Sep 17 00:00:00 2001 From: Nazarii Hnydyn Date: Fri, 29 Jul 2022 00:38:38 +0300 Subject: [PATCH 05/47] [watermarkstat] Fix CLI script for unconfigured PG counters (#2239) Signed-off-by: Nazarii Hnydyn nazariig@nvidia.com Propagating #2220 with resolved review comments What I did Since PG counters are created only if they are configured in the switch, it is not enough to relay only on the first entry in the DB when building the output table of watermarkstat script. We need to go over all configured counters, check what is the max configured, and build the table accordingly. How I did it Iterate all configured PG buffers for all ports and find the max index. Build the output table according to the max index. How to verify it Run test "iface_namingmode/test_iface_namingmode.py" including this PR: Azure/sonic-swss#2143 and observe it passes. --- scripts/watermarkstat | 21 ++++++++++++++------- 1 file changed, 14 insertions(+), 7 deletions(-) diff --git a/scripts/watermarkstat b/scripts/watermarkstat index 025f87691d..745a82d674 100755 --- a/scripts/watermarkstat +++ b/scripts/watermarkstat @@ -208,16 +208,23 @@ class Watermarkstat(object): self.header_list = ['Port'] header_map = wm_type["obj_map"] - single_key = list(header_map.keys())[0] - header_len = len(header_map[single_key]) - min_idx = sys.maxsize - for name, counter_oid in header_map[single_key].items(): - curr_idx = int(wm_type["idx_func"](counter_oid)) - min_idx = min(min_idx, curr_idx) + max_idx = 0 + min_idx = sys.maxsize + for port in header_map.keys(): + for element in header_map[port].keys(): + element_idx = int(element.split(':')[1]) + if element_idx > max_idx: + max_idx = element_idx + if min_idx > element_idx: + min_idx = element_idx + + if min_idx == sys.maxsize: + print("Object map is empty!", file=sys.stderr) + sys.exit(1) self.min_idx = min_idx - self.header_list += ["{}{}".format(wm_type["header_prefix"], idx) for idx in range(self.min_idx, self.min_idx + header_len)] + self.header_list += ["{}{}".format(wm_type["header_prefix"], idx) for idx in range(self.min_idx, max_idx + 1)] def get_counters(self, table_prefix, port_obj, idx_func, watermark): """ From dab0d065500cbc69b540d07b4ffbc3e42b59d87c Mon Sep 17 00:00:00 2001 From: Liu Shilong Date: Mon, 1 Aug 2022 16:32:11 +0800 Subject: [PATCH 06/47] Transfer organization from Azure to sonic-net (#2284) --- azure-pipelines.yml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/azure-pipelines.yml b/azure-pipelines.yml index 6cbc9d4316..85f9171214 100644 --- a/azure-pipelines.yml +++ b/azure-pipelines.yml @@ -10,8 +10,8 @@ resources: repositories: - repository: sonic-swss type: github - name: Azure/sonic-swss - endpoint: build + name: sonic-net/sonic-swss + endpoint: sonic-net stages: - stage: Build From 92b889b79830cd005c6123a63d0fb32d3985f7fb Mon Sep 17 00:00:00 2001 From: Stephen Sun <5379172+stephenxs@users.noreply.github.com> Date: Tue, 2 Aug 2022 00:21:26 +0800 Subject: [PATCH 07/47] [intfutil] Check whether the FEC mode is supported on the platform before configuring it to CONFIG_DB (#2223) * Support FEC capability Signed-off-by: Stephen Sun * Fix review comments Signed-off-by: Stephen Sun * Adjust dump table test according to STATE_DB change Signed-off-by: Stephen Sun * Add missing field in the test Signed-off-by: Stephen Sun * Do not change dump state test Signed-off-by: Stephen Sun --- config/main.py | 2 -- scripts/portconfig | 31 +++++++++++++++++++++++++++++-- tests/config_an_test.py | 16 ++++++++++++++++ tests/mock_tables/state_db.json | 2 ++ 4 files changed, 47 insertions(+), 4 deletions(-) diff --git a/config/main.py b/config/main.py index 45f3faa6b1..cac1cc93e6 100644 --- a/config/main.py +++ b/config/main.py @@ -4192,8 +4192,6 @@ def fec(ctx, interface_name, interface_fec, verbose): # Get the config_db connector config_db = ctx.obj['config_db'] - if interface_fec not in ["rs", "fc", "none"]: - ctx.fail("'fec not in ['rs', 'fc', 'none']!") if clicommon.get_interface_naming_mode() == "alias": interface_name = interface_alias_to_name(config_db, interface_name) if interface_name is None: diff --git a/scripts/portconfig b/scripts/portconfig index 63bb463868..2bb2098cc9 100755 --- a/scripts/portconfig +++ b/scripts/portconfig @@ -65,7 +65,7 @@ SWITCH_CAPABILITY = "SWITCH_CAPABILITY|switch" # STATE_DB constants PORT_STATE_TABLE_NAME = "PORT_TABLE" PORT_STATE_SUPPORTED_SPEEDS = "supported_speeds" - +PORT_STATE_SUPPORTED_FECS = "supported_fecs" VALID_INTERFACE_TYPE_SET = set(['CR','CR2','CR4','CR8','SR','SR2','SR4','SR8', 'LR','LR4','LR8','KR','KR4','KR8','CAUI','GMII', @@ -131,6 +131,13 @@ class portconfig(object): def set_fec(self, port, fec): if self.verbose: print("Setting fec %s on port %s" % (fec, port)) + supported_fecs = self.get_supported_fecs(port) + if fec not in supported_fecs: + if supported_fecs: + print('fec {} is not in {}'.format(fec, supported_fecs)) + else: + print('Setting fec is not supported on port {}'.format(port)) + exit(1) self.db.mod_entry(PORT_TABLE_NAME, port, {PORT_FEC_CONFIG_FIELD_NAME: fec}) def set_mtu(self, port, mtu): @@ -226,6 +233,26 @@ class portconfig(object): state_db.connect(state_db.STATE_DB) return state_db.get(state_db.STATE_DB, '{}|{}'.format(PORT_STATE_TABLE_NAME, port), PORT_STATE_SUPPORTED_SPEEDS) + def get_supported_fecs(self, port): + # If there is supported_fecs exposed in STATE_DB, let's use it. + # Otherwise, take the default + if not self.namespace: + state_db = SonicV2Connector(host="127.0.0.1") + else: + state_db = SonicV2Connector(host="127.0.0.1", namespace=self.namespace, use_unix_socket_path=True) + state_db.connect(state_db.STATE_DB) + + supported_fecs_str = state_db.get(state_db.STATE_DB, '{}|{}'.format(PORT_STATE_TABLE_NAME, port), PORT_STATE_SUPPORTED_FECS) + if supported_fecs_str: + if supported_fecs_str != 'N/A': + supported_fecs_list = supported_fecs_str.split(',') + else: + supported_fecs_list = [] + else: + supported_fecs_list = ["rs", "fc", "none"] + + return supported_fecs_list + def set_tpid(self, port, tpid): if self.verbose: print("Setting tpid %s on port %s" % (tpid, port)) @@ -276,7 +303,7 @@ def main(): parser.add_argument('-p', '--port', type=str, help='port name (e.g. Ethernet0)', required=True, default=None) parser.add_argument('-l', '--list', action='store_true', help='list port parametars', default=False) parser.add_argument('-s', '--speed', type=int, help='port speed value in Mbit', default=None) - parser.add_argument('-f', '--fec', type=str, help='port fec mode value in (none, rs, fc)', default=None) + parser.add_argument('-f', '--fec', type=str, help='port fec mode value (default is: none, rs, fc)', default=None) parser.add_argument('-m', '--mtu', type=int, help='port mtu value in bytes', default=None) parser.add_argument('-tp', '--tpid', type=str, help='port TPID value in hex (e.g. 0x8100)', default=None) parser.add_argument('-v', '--version', action='version', version='%(prog)s 1.0') diff --git a/tests/config_an_test.py b/tests/config_an_test.py index 2da1879ebd..a888006354 100644 --- a/tests/config_an_test.py +++ b/tests/config_an_test.py @@ -84,6 +84,22 @@ def test_config_mtu(self, ctx): result = self.basic_check("mtu", ["PortChannel0001", "1514"], ctx, operator.ne) assert 'Invalid port PortChannel0001' in result.output + def test_config_fec(self, ctx): + # Set a fec mode which is in supported_fec list but not default + # on an interface with supported_fec + self.basic_check("fec", ["Ethernet0", "test"], ctx) + # Set a fec mode which is one of default values on an interface without supported_fecs + self.basic_check("fec", ["Ethernet4", "rs"], ctx) + # Negative case: Set a fec mode which is default but not in port's supported_fecs + result = self.basic_check("fec", ["Ethernet0", "fc"], ctx, operator.ne) + assert "fec fc is not in ['rs', 'none', 'test']" in result.output + # Negative case: set a fec mode which is not default on an interface without supported_fecs + result = self.basic_check("fec", ["Ethernet4", "test"], ctx, operator.ne) + assert "fec test is not in ['rs', 'fc', 'none']" in result.output + # Negative case: set a fec mode on a port where setting fec is not supported + result = self.basic_check("fec", ["Ethernet112", "test"], ctx, operator.ne) + assert "Setting fec is not supported" in result.output + def basic_check(self, command_name, para_list, ctx, op=operator.eq, expect_result=0): runner = CliRunner() result = runner.invoke(config.config.commands["interface"].commands[command_name], para_list, obj = ctx) diff --git a/tests/mock_tables/state_db.json b/tests/mock_tables/state_db.json index 06eba551c1..3465687919 100644 --- a/tests/mock_tables/state_db.json +++ b/tests/mock_tables/state_db.json @@ -698,6 +698,7 @@ "rmt_adv_speeds" : "10,100,1000", "speed" : "100000", "supported_speeds": "10000,25000,40000,100000", + "supported_fecs": "rs,none,test", "link_training_status": "not_trained" }, "PORT_TABLE|Ethernet32": { @@ -705,6 +706,7 @@ }, "PORT_TABLE|Ethernet112": { "speed": "40000", + "supported_fecs": "N/A", "link_training_status": "off" }, "PCIE_DEVICE|00:01.0": { From c6794b55f00d93e903b00dc93d41b77f5b8288c6 Mon Sep 17 00:00:00 2001 From: bingwang-ms <66248323+bingwang-ms@users.noreply.github.com> Date: Wed, 3 Aug 2022 08:34:49 +0800 Subject: [PATCH 08/47] Fix version in db_migrator for `PORT_QOS_MAP|global` (#2289) * Fix db_migrator version for PORT_QOS_MAP|global --- scripts/db_migrator.py | 39 ++++++++++++------- scripts/mellanox_buffer_migrator.py | 4 +- .../config_db/qos_map_table_expected.json | 32 +++++++-------- .../qos_map_table_global_expected.json | 2 +- .../config_db/qos_map_table_global_input.json | 2 +- .../config_db/qos_map_table_input.json | 32 +++++++-------- ...reclaiming-buffer-warmreboot-expected.json | 2 +- 7 files changed, 62 insertions(+), 51 deletions(-) diff --git a/scripts/db_migrator.py b/scripts/db_migrator.py index ddd1290767..04e0dbcb4b 100755 --- a/scripts/db_migrator.py +++ b/scripts/db_migrator.py @@ -44,7 +44,7 @@ def __init__(self, namespace, socket=None): none-zero values. build: sequentially increase within a minor version domain. """ - self.CURRENT_VERSION = 'version_3_0_6' + self.CURRENT_VERSION = 'version_3_0_5' self.TABLE_NAME = 'VERSIONS' self.TABLE_KEY = 'DATABASE' @@ -617,13 +617,13 @@ def version_1_0_6(self): abandon_method = self.mellanox_buffer_migrator.mlnx_abandon_pending_buffer_configuration append_method = self.mellanox_buffer_migrator.mlnx_append_item_on_pending_configuration_list - if self.mellanox_buffer_migrator.mlnx_migrate_buffer_pool_size('version_1_0_6', 'version_3_0_0') \ - and self.mellanox_buffer_migrator.mlnx_migrate_buffer_profile('version_1_0_6', 'version_3_0_0') \ + if self.mellanox_buffer_migrator.mlnx_migrate_buffer_pool_size('version_1_0_6', 'version_2_0_0') \ + and self.mellanox_buffer_migrator.mlnx_migrate_buffer_profile('version_1_0_6', 'version_2_0_0') \ and (not self.mellanox_buffer_migrator.mlnx_is_buffer_model_dynamic() or \ self.migrate_config_db_buffer_tables_for_dynamic_calculation(speed_list, cable_len_list, '0', abandon_method, append_method)) \ and self.mellanox_buffer_migrator.mlnx_flush_new_buffer_configuration() \ and self.prepare_dynamic_buffer_for_warm_reboot(buffer_pools, buffer_profiles, buffer_pgs): - self.set_version('version_3_0_0') + self.set_version('version_2_0_0') else: self.prepare_dynamic_buffer_for_warm_reboot() @@ -632,8 +632,26 @@ def version_1_0_6(self): self.configDB.set_entry('DEVICE_METADATA', 'localhost', metadata) log.log_notice('Setting buffer_model to traditional') - self.set_version('version_3_0_0') + self.set_version('version_2_0_0') + return 'version_2_0_0' + + def version_2_0_0(self): + """ + Version 2_0_0 + """ + log.log_info('Handling version_2_0_0') + self.migrate_port_qos_map_global() + self.set_version('version_2_0_1') + return 'version_2_0_1' + + def version_2_0_1(self): + """ + Version 2_0_1. + This is the latest version for 202012 branch + """ + log.log_info('Handling version_2_0_1') + self.set_version('version_3_0_0') return 'version_3_0_0' def version_3_0_0(self): @@ -694,21 +712,14 @@ def version_3_0_4(self): if 'pfc_enable' in v: v['pfcwd_sw_enable'] = v['pfc_enable'] self.configDB.set_entry('PORT_QOS_MAP', k, v) + self.set_version('version_3_0_5') return 'version_3_0_5' def version_3_0_5(self): - """ - Version 3_0_5 - """ - log.log_info('Handling version_3_0_5') - self.migrate_port_qos_map_global() - return 'version_3_0_6' - - def version_3_0_6(self): """ Current latest version. Nothing to do here. """ - log.log_info('Handling version_3_0_6') + log.log_info('Handling version_3_0_5') return None def get_version(self): diff --git a/scripts/mellanox_buffer_migrator.py b/scripts/mellanox_buffer_migrator.py index bc5c7cab16..6706969be1 100755 --- a/scripts/mellanox_buffer_migrator.py +++ b/scripts/mellanox_buffer_migrator.py @@ -480,8 +480,8 @@ def __init__(self, configDB, appDB, stateDB): "spc2_3800-d24c52_t1_pool_shp", "spc2_3800-d28c50_t1_pool_shp"], } }, - "version_3_0_0": { - # Version 3.0.0 is introduced for dynamic buffer calculation + "version_2_0_0": { + # Version 2.0.0 is introduced for dynamic buffer calculation # "pool_mapped_from_old_version": { "spc1_t0_pool": "spc1_pool", diff --git a/tests/db_migrator_input/config_db/qos_map_table_expected.json b/tests/db_migrator_input/config_db/qos_map_table_expected.json index e75740f02c..47381ec550 100644 --- a/tests/db_migrator_input/config_db/qos_map_table_expected.json +++ b/tests/db_migrator_input/config_db/qos_map_table_expected.json @@ -3,32 +3,32 @@ "VERSION": "version_3_0_5" }, "PORT_QOS_MAP|Ethernet0": { - "dscp_to_tc_map": "[DSCP_TO_TC_MAP|AZURE]", + "dscp_to_tc_map": "AZURE", "pfc_enable": "3,4", "pfcwd_sw_enable": "3,4", - "pfc_to_queue_map": "[MAP_PFC_PRIORITY_TO_QUEUE|AZURE]", - "tc_to_pg_map": "[TC_TO_PRIORITY_GROUP_MAP|AZURE]", - "tc_to_queue_map": "[TC_TO_QUEUE_MAP|AZURE]" + "pfc_to_queue_map": "AZURE", + "tc_to_pg_map": "AZURE", + "tc_to_queue_map": "AZURE" }, "PORT_QOS_MAP|Ethernet100": { - "dscp_to_tc_map": "[DSCP_TO_TC_MAP|AZURE]", + "dscp_to_tc_map": "AZURE", "pfc_enable": "3,4", "pfcwd_sw_enable": "3,4", - "pfc_to_queue_map": "[MAP_PFC_PRIORITY_TO_QUEUE|AZURE]", - "tc_to_pg_map": "[TC_TO_PRIORITY_GROUP_MAP|AZURE]", - "tc_to_queue_map": "[TC_TO_QUEUE_MAP|AZURE]" + "pfc_to_queue_map": "AZURE", + "tc_to_pg_map": "AZURE", + "tc_to_queue_map": "AZURE" }, "PORT_QOS_MAP|Ethernet92": { - "dscp_to_tc_map": "[DSCP_TO_TC_MAP|AZURE]", - "pfc_to_queue_map": "[MAP_PFC_PRIORITY_TO_QUEUE|AZURE]", - "tc_to_pg_map": "[TC_TO_PRIORITY_GROUP_MAP|AZURE]", - "tc_to_queue_map": "[TC_TO_QUEUE_MAP|AZURE]" + "dscp_to_tc_map": "AZURE", + "pfc_to_queue_map": "AZURE", + "tc_to_pg_map": "AZURE", + "tc_to_queue_map": "AZURE" }, "PORT_QOS_MAP|Ethernet96": { - "dscp_to_tc_map": "[DSCP_TO_TC_MAP|AZURE]", - "pfc_to_queue_map": "[MAP_PFC_PRIORITY_TO_QUEUE|AZURE]", - "tc_to_pg_map": "[TC_TO_PRIORITY_GROUP_MAP|AZURE]", - "tc_to_queue_map": "[TC_TO_QUEUE_MAP|AZURE]" + "dscp_to_tc_map": "AZURE", + "pfc_to_queue_map": "AZURE", + "tc_to_pg_map": "AZURE", + "tc_to_queue_map": "AZURE" } } diff --git a/tests/db_migrator_input/config_db/qos_map_table_global_expected.json b/tests/db_migrator_input/config_db/qos_map_table_global_expected.json index c7fea9c013..db2096144f 100644 --- a/tests/db_migrator_input/config_db/qos_map_table_global_expected.json +++ b/tests/db_migrator_input/config_db/qos_map_table_global_expected.json @@ -1,6 +1,6 @@ { "VERSIONS|DATABASE": { - "VERSION": "version_3_0_6" + "VERSION": "version_2_0_1" }, "DSCP_TO_TC_MAP|AZURE": { "0": "0", diff --git a/tests/db_migrator_input/config_db/qos_map_table_global_input.json b/tests/db_migrator_input/config_db/qos_map_table_global_input.json index 0ca51a4525..dd4b78bb0e 100644 --- a/tests/db_migrator_input/config_db/qos_map_table_global_input.json +++ b/tests/db_migrator_input/config_db/qos_map_table_global_input.json @@ -1,6 +1,6 @@ { "VERSIONS|DATABASE": { - "VERSION": "version_3_0_5" + "VERSION": "version_2_0_0" }, "DSCP_TO_TC_MAP|AZURE": { "0": "0", diff --git a/tests/db_migrator_input/config_db/qos_map_table_input.json b/tests/db_migrator_input/config_db/qos_map_table_input.json index 4bb237588a..c62e293daf 100644 --- a/tests/db_migrator_input/config_db/qos_map_table_input.json +++ b/tests/db_migrator_input/config_db/qos_map_table_input.json @@ -3,29 +3,29 @@ "VERSION": "version_3_0_4" }, "PORT_QOS_MAP|Ethernet0": { - "dscp_to_tc_map": "[DSCP_TO_TC_MAP|AZURE]", + "dscp_to_tc_map": "AZURE", "pfc_enable": "3,4", - "pfc_to_queue_map": "[MAP_PFC_PRIORITY_TO_QUEUE|AZURE]", - "tc_to_pg_map": "[TC_TO_PRIORITY_GROUP_MAP|AZURE]", - "tc_to_queue_map": "[TC_TO_QUEUE_MAP|AZURE]" + "pfc_to_queue_map": "AZURE", + "tc_to_pg_map": "AZURE", + "tc_to_queue_map": "AZURE" }, "PORT_QOS_MAP|Ethernet100": { - "dscp_to_tc_map": "[DSCP_TO_TC_MAP|AZURE]", + "dscp_to_tc_map": "AZURE", "pfc_enable": "3,4", - "pfc_to_queue_map": "[MAP_PFC_PRIORITY_TO_QUEUE|AZURE]", - "tc_to_pg_map": "[TC_TO_PRIORITY_GROUP_MAP|AZURE]", - "tc_to_queue_map": "[TC_TO_QUEUE_MAP|AZURE]" + "pfc_to_queue_map": "AZURE", + "tc_to_pg_map": "AZURE", + "tc_to_queue_map": "AZURE" }, "PORT_QOS_MAP|Ethernet92": { - "dscp_to_tc_map": "[DSCP_TO_TC_MAP|AZURE]", - "pfc_to_queue_map": "[MAP_PFC_PRIORITY_TO_QUEUE|AZURE]", - "tc_to_pg_map": "[TC_TO_PRIORITY_GROUP_MAP|AZURE]", - "tc_to_queue_map": "[TC_TO_QUEUE_MAP|AZURE]" + "dscp_to_tc_map": "AZURE", + "pfc_to_queue_map": "AZURE", + "tc_to_pg_map": "AZURE", + "tc_to_queue_map": "AZURE" }, "PORT_QOS_MAP|Ethernet96": { - "dscp_to_tc_map": "[DSCP_TO_TC_MAP|AZURE]", - "pfc_to_queue_map": "[MAP_PFC_PRIORITY_TO_QUEUE|AZURE]", - "tc_to_pg_map": "[TC_TO_PRIORITY_GROUP_MAP|AZURE]", - "tc_to_queue_map": "[TC_TO_QUEUE_MAP|AZURE]" + "dscp_to_tc_map": "AZURE", + "pfc_to_queue_map": "AZURE", + "tc_to_pg_map": "AZURE", + "tc_to_queue_map": "AZURE" } } diff --git a/tests/db_migrator_input/config_db/reclaiming-buffer-warmreboot-expected.json b/tests/db_migrator_input/config_db/reclaiming-buffer-warmreboot-expected.json index 5037644faf..ccedec4d9d 100644 --- a/tests/db_migrator_input/config_db/reclaiming-buffer-warmreboot-expected.json +++ b/tests/db_migrator_input/config_db/reclaiming-buffer-warmreboot-expected.json @@ -2043,6 +2043,6 @@ "admin_status": "up" }, "VERSIONS|DATABASE": { - "VERSION": "version_3_0_4" + "VERSION": "version_3_0_5" } } From e9ab523565a02b991e80028ca09a011ffd0b0d77 Mon Sep 17 00:00:00 2001 From: jingwenxie Date: Wed, 3 Aug 2022 15:42:14 +0800 Subject: [PATCH 09/47] Add override testcase to verify removal (#2288) What I did Add one override-config-table testcase to verify empty table removal. How I did it Add the testcase to verify the removal. How to verify it Unit test. --- .../empty_table_removal.json | 96 +++++++++++++++++++ tests/config_override_test.py | 10 ++ 2 files changed, 106 insertions(+) create mode 100644 tests/config_override_input/empty_table_removal.json diff --git a/tests/config_override_input/empty_table_removal.json b/tests/config_override_input/empty_table_removal.json new file mode 100644 index 0000000000..2230911ae6 --- /dev/null +++ b/tests/config_override_input/empty_table_removal.json @@ -0,0 +1,96 @@ +{ + "running_config": { + "ACL_TABLE": { + "DATAACL": { + "policy_desc": "DATAACL", + "ports": [ + "Ethernet4" + ], + "stage": "ingress", + "type": "L3" + }, + "NTP_ACL": { + "policy_desc": "NTP_ACL", + "services": [ + "NTP" + ], + "stage": "ingress", + "type": "CTRLPLANE" + } + }, + "AUTO_TECHSUPPORT_FEATURE": { + "bgp": { + "rate_limit_interval": "600", + "state": "enabled" + }, + "database": { + "rate_limit_interval": "600", + "state": "enabled" + } + }, + "PORT": { + "Ethernet4": { + "admin_status": "up", + "alias": "fortyGigE0/4", + "description": "Servers0:eth0", + "index": "1", + "lanes": "29,30,31,32", + "mtu": "9100", + "pfc_asym": "off", + "speed": "40000", + "tpid": "0x8100" + }, + "Ethernet8": { + "admin_status": "up", + "alias": "fortyGigE0/8", + "description": "Servers1:eth0", + "index": "2", + "lanes": "33,34,35,36", + "mtu": "9100", + "pfc_asym": "off", + "speed": "40000", + "tpid": "0x8100" + } + } + }, + "golden_config": { + "ACL_TABLE": { + } + }, + "expected_config": { + "AUTO_TECHSUPPORT_FEATURE": { + "bgp": { + "rate_limit_interval": "600", + "state": "enabled" + }, + "database": { + "rate_limit_interval": "600", + "state": "enabled" + } + }, + "PORT": { + "Ethernet4": { + "admin_status": "up", + "alias": "fortyGigE0/4", + "description": "Servers0:eth0", + "index": "1", + "lanes": "29,30,31,32", + "mtu": "9100", + "pfc_asym": "off", + "speed": "40000", + "tpid": "0x8100" + }, + "Ethernet8": { + "admin_status": "up", + "alias": "fortyGigE0/8", + "description": "Servers1:eth0", + "index": "2", + "lanes": "33,34,35,36", + "mtu": "9100", + "pfc_asym": "off", + "speed": "40000", + "tpid": "0x8100" + } + } + } +} diff --git a/tests/config_override_test.py b/tests/config_override_test.py index 37edcfa8d8..255e63989d 100644 --- a/tests/config_override_test.py +++ b/tests/config_override_test.py @@ -16,6 +16,7 @@ NEW_FEATURE_CONFIG = os.path.join(DATA_DIR, "new_feature_config.json") FULL_CONFIG_OVERRIDE = os.path.join(DATA_DIR, "full_config_override.json") PORT_CONFIG_OVERRIDE = os.path.join(DATA_DIR, "port_config_override.json") +EMPTY_TABLE_REMOVAL = os.path.join(DATA_DIR, "empty_table_removal.json") # Load sonic-cfggen from source since /usr/local/bin/sonic-cfggen does not have .py extension. sonic_cfggen = load_module_from_source('sonic_cfggen', '/usr/local/bin/sonic-cfggen') @@ -137,6 +138,15 @@ def test_golden_config_db_port_config(self): db, config, read_data['running_config'], read_data['golden_config'], read_data['expected_config']) + def test_golden_config_db_empty_table_removal(self): + """Golden Config empty table does table removal""" + db = Db() + with open(EMPTY_TABLE_REMOVAL, "r") as f: + read_data = json.load(f) + self.check_override_config_table( + db, config, read_data['running_config'], read_data['golden_config'], + read_data['expected_config']) + def check_override_config_table(self, db, config, running_config, golden_config, expected_config): def read_json_file_side_effect(filename): From ecb9136708b7aa7a5ad717a952b09bd41f0d32fa Mon Sep 17 00:00:00 2001 From: isabelmsft <67024108+isabelmsft@users.noreply.github.com> Date: Wed, 3 Aug 2022 15:16:10 -0700 Subject: [PATCH 10/47] Add CLI to configure YANG config validation (#2147) **- What I did** Add CLI to configure YANG config validation mode `config yang_config_validation ` **- How I did it** Add a CLI script that writes the configuration of YANG config validation enable/disable into CONFIG_DB --- config/main.py | 15 +++++++++++++ tests/yang_config_validation_test.py | 33 ++++++++++++++++++++++++++++ 2 files changed, 48 insertions(+) create mode 100644 tests/yang_config_validation_test.py diff --git a/config/main.py b/config/main.py index cac1cc93e6..0f1fcf28fd 100644 --- a/config/main.py +++ b/config/main.py @@ -1923,6 +1923,21 @@ def synchronous_mode(sync_mode): else: raise click.BadParameter("Error: Invalid argument %s, expect either enable or disable" % sync_mode) +# +# 'yang_config_validation' command ('config yang_config_validation ...') +# +@config.command('yang_config_validation') +@click.argument('yang_config_validation', metavar='', required=True) +def yang_config_validation(yang_config_validation): + # Enable or disable YANG validation on updates to ConfigDB + if yang_config_validation == 'enable' or yang_config_validation == 'disable': + config_db = ConfigDBConnector() + config_db.connect() + config_db.mod_entry('DEVICE_METADATA', 'localhost', {"yang_config_validation": yang_config_validation}) + click.echo("""Wrote %s yang config validation into CONFIG_DB""" % yang_config_validation) + else: + raise click.BadParameter("Error: Invalid argument %s, expect either enable or disable" % yang_config_validation) + # # 'portchannel' group ('config portchannel ...') # diff --git a/tests/yang_config_validation_test.py b/tests/yang_config_validation_test.py new file mode 100644 index 0000000000..37b9e448cc --- /dev/null +++ b/tests/yang_config_validation_test.py @@ -0,0 +1,33 @@ +from click.testing import CliRunner +import config.main as config + +class TestYangConfigValidation(object): + @classmethod + def setup_class(cls): + print("SETUP") + + def __check_result(self, result_msg, mode): + if mode == "enable" or mode == "disable": + expected_msg = """Wrote %s yang config validation into CONFIG_DB""" % mode + else: + expected_msg = "Error: Invalid argument %s, expect either enable or disable" % mode + + return expected_msg in result_msg + + def test_yang_config_validation(self): + runner = CliRunner() + + result = runner.invoke(config.config.commands["yang_config_validation"], ["enable"]) + print(result.output) + assert result.exit_code == 0 + assert self.__check_result(result.output, "enable") + + result = runner.invoke(config.config.commands["yang_config_validation"], ["disable"]) + print(result.output) + assert result.exit_code == 0 + assert self.__check_result(result.output, "disable") + + result = runner.invoke(config.config.commands["yang_config_validation"], ["invalid-input"]) + print(result.output) + assert result.exit_code != 0 + assert self.__check_result(result.output, "invalid-input") From 7919077fada48916a4d6e7d050029e8ca3a6f946 Mon Sep 17 00:00:00 2001 From: Prince George <45705344+prgeor@users.noreply.github.com> Date: Thu, 4 Aug 2022 09:22:13 -0700 Subject: [PATCH 11/47] Add FEC correctable and uncorrectable port stats (#2027) * Add FEC correctable and uncorrectable port stats Signed-off-by: Prince George * fix pytest failures Signed-off-by: Prince George * fix pytest failure * Added separate command for fec stats * Fix test failure * Fix LGTM warning * Improve code coveraged --- scripts/portstat | 47 ++++++++++++++++++++++------ show/interfaces/__init__.py | 33 +++++++++++++++----- tests/mock_tables/counters_db.json | 15 +++++++-- tests/portstat_test.py | 50 ++++++++++++++++++++++++++++++ 4 files changed, 125 insertions(+), 20 deletions(-) diff --git a/scripts/portstat b/scripts/portstat index 45490d29ef..3c3c5117f3 100755 --- a/scripts/portstat +++ b/scripts/portstat @@ -51,12 +51,14 @@ NStats = namedtuple("NStats", "rx_ok, rx_err, rx_drop, rx_ovr, tx_ok,\ rx_uca, rx_mca, rx_bca, rx_all,\ tx_64, tx_65_127, tx_128_255, tx_256_511, tx_512_1023, tx_1024_1518, tx_1519_2047, tx_2048_4095, tx_4096_9216, tx_9217_16383,\ tx_uca, tx_mca, tx_bca, tx_all,\ - rx_jbr, rx_frag, rx_usize, rx_ovrrun") + rx_jbr, rx_frag, rx_usize, rx_ovrrun,\ + fec_corr, fec_uncorr, fec_symbol_err") header_all = ['IFACE', 'STATE', 'RX_OK', 'RX_BPS', 'RX_PPS', 'RX_UTIL', 'RX_ERR', 'RX_DRP', 'RX_OVR', 'TX_OK', 'TX_BPS', 'TX_PPS', 'TX_UTIL', 'TX_ERR', 'TX_DRP', 'TX_OVR'] header_std = ['IFACE', 'STATE', 'RX_OK', 'RX_BPS', 'RX_UTIL', 'RX_ERR', 'RX_DRP', 'RX_OVR', 'TX_OK', 'TX_BPS', 'TX_UTIL', 'TX_ERR', 'TX_DRP', 'TX_OVR'] header_errors_only = ['IFACE', 'STATE', 'RX_ERR', 'RX_DRP', 'RX_OVR', 'TX_ERR', 'TX_DRP', 'TX_OVR'] +header_fec_only = ['IFACE', 'STATE', 'FEC_CORR', 'FEC_UNCORR', 'FEC_SYMBOL_ERR'] header_rates_only = ['IFACE', 'STATE', 'RX_OK', 'RX_BPS', 'RX_PPS', 'RX_UTIL', 'TX_OK', 'TX_BPS', 'TX_PPS', 'TX_UTIL'] rates_key_list = [ 'RX_BPS', 'RX_PPS', 'RX_UTIL', 'TX_BPS', 'TX_PPS', 'TX_UTIL' ] @@ -67,7 +69,7 @@ RateStats = namedtuple("RateStats", ratestat_fields) The order and count of statistics mentioned below needs to be in sync with the values in portstat script So, any fields added/deleted in here should be reflected in portstat script also """ -BUCKET_NUM = 42 +BUCKET_NUM = 45 counter_bucket_dict = { 0:['SAI_PORT_STAT_IF_IN_UCAST_PKTS', 'SAI_PORT_STAT_IF_IN_NON_UCAST_PKTS'], 1:['SAI_PORT_STAT_IF_IN_ERRORS'], @@ -110,7 +112,10 @@ counter_bucket_dict = { 38:['SAI_PORT_STAT_ETHER_STATS_JABBERS'], 39:['SAI_PORT_STAT_ETHER_STATS_FRAGMENTS'], 40:['SAI_PORT_STAT_ETHER_STATS_UNDERSIZE_PKTS'], - 41:['SAI_PORT_STAT_IP_IN_RECEIVES'] + 41:['SAI_PORT_STAT_IP_IN_RECEIVES'], + 42:['SAI_PORT_STAT_IF_IN_FEC_CORRECTABLE_FRAMES'], + 43:['SAI_PORT_STAT_IF_IN_FEC_NOT_CORRECTABLE_FRAMES'], + 44:['SAI_PORT_STAT_IF_IN_FEC_SYMBOL_ERRORS'] } STATUS_NA = 'N/A' @@ -250,7 +255,7 @@ class Portstat(object): return STATUS_NA - def cnstat_print(self, cnstat_dict, ratestat_dict, intf_list, use_json, print_all, errors_only, rates_only, detail=False): + def cnstat_print(self, cnstat_dict, ratestat_dict, intf_list, use_json, print_all, errors_only, fec_stats_only, rates_only, detail=False): """ Print the cnstat. """ @@ -295,6 +300,12 @@ class Portstat(object): format_number_with_comma(data.tx_err), format_number_with_comma(data.tx_drop), format_number_with_comma(data.tx_ovr))) + elif fec_stats_only: + header = header_fec_only + table.append((key, self.get_port_state(key), + format_number_with_comma(data.fec_corr), + format_number_with_comma(data.fec_uncorr), + format_number_with_comma(data.fec_symbol_err))) elif rates_only: header = header_rates_only table.append((key, self.get_port_state(key), @@ -388,7 +399,10 @@ class Portstat(object): print("Time Since Counters Last Cleared............... " + str(cnstat_old_dict.get('time'))) - def cnstat_diff_print(self, cnstat_new_dict, cnstat_old_dict, ratestat_dict, intf_list, use_json, print_all, errors_only, rates_only, detail=False): + def cnstat_diff_print(self, cnstat_new_dict, cnstat_old_dict, + ratestat_dict, intf_list, use_json, + print_all, errors_only, fec_stats_only, + rates_only, detail=False): """ Print the difference between two cnstat results. """ @@ -465,6 +479,19 @@ class Portstat(object): format_number_with_comma(cntr.tx_err), format_number_with_comma(cntr.tx_drop), format_number_with_comma(cntr.tx_ovr))) + elif fec_stats_only: + header = header_fec_only + if old_cntr is not None: + table.append((key, self.get_port_state(key), + ns_diff(cntr.fec_corr, old_cntr.fec_corr), + ns_diff(cntr.fec_uncorr, old_cntr.fec_uncorr), + ns_diff(cntr.fec_symbol_err, old_cntr.fec_symbol_err))) + else: + table.append((key, self.get_port_state(key), + format_number_with_comma(cntr.fec_corr), + format_number_with_comma(cntr.fec_uncorr), + format_number_with_comma(cntr.fec_symbol_err))) + elif rates_only: header = header_rates_only if old_cntr is not None: @@ -551,6 +578,7 @@ Examples: parser.add_argument('-d', '--delete', action='store_true', help='Delete saved stats, either the uid or the specified tag') parser.add_argument('-D', '--delete-all', action='store_true', help='Delete all saved stats') parser.add_argument('-e', '--errors', action='store_true', help='Display interface errors') + parser.add_argument('-f', '--fec-stats', action='store_true', help='Display FEC related statistics') parser.add_argument('-j', '--json', action='store_true', help='Display in JSON format') parser.add_argument('-r', '--raw', action='store_true', help='Raw stats (unmodified output of netstat)') parser.add_argument('-R', '--rate', action='store_true', help='Display interface rates') @@ -567,6 +595,7 @@ Examples: delete_saved_stats = args.delete delete_all_stats = args.delete_all errors_only = args.errors + fec_stats_only = args.fec_stats rates_only = args.rate use_json = args.json raw_stats = args.raw @@ -603,7 +632,7 @@ Examples: # Now decide what information to display if raw_stats: - portstat.cnstat_print(cnstat_dict, ratestat_dict, intf_list, use_json, print_all, errors_only, rates_only) + portstat.cnstat_print(cnstat_dict, ratestat_dict, intf_list, use_json, print_all, errors_only, fec_stats_only, rates_only) sys.exit(0) if save_fresh_stats: @@ -622,7 +651,7 @@ Examples: cnstat_cached_dict = pickle.load(open(cnstat_fqn_file, 'rb')) if not detail: print("Last cached time was " + str(cnstat_cached_dict.get('time'))) - portstat.cnstat_diff_print(cnstat_dict, cnstat_cached_dict, ratestat_dict, intf_list, use_json, print_all, errors_only, rates_only, detail) + portstat.cnstat_diff_print(cnstat_dict, cnstat_cached_dict, ratestat_dict, intf_list, use_json, print_all, errors_only, fec_stats_only, rates_only, detail) except IOError as e: print(e.errno, e) else: @@ -630,13 +659,13 @@ Examples: print("\nFile '%s' does not exist" % cnstat_fqn_file) print("Did you run 'portstat -c -t %s' to record the counters via tag %s?\n" % (tag_name, tag_name)) else: - portstat.cnstat_print(cnstat_dict, ratestat_dict, intf_list, use_json, print_all, errors_only, rates_only, detail) + portstat.cnstat_print(cnstat_dict, ratestat_dict, intf_list, use_json, print_all, errors_only, fec_stats_only, rates_only, detail) else: #wait for the specified time and then gather the new stats and output the difference. time.sleep(wait_time_in_seconds) print("The rates are calculated within %s seconds period" % wait_time_in_seconds) cnstat_new_dict, ratestat_new_dict = portstat.get_cnstat_dict() - portstat.cnstat_diff_print(cnstat_new_dict, cnstat_dict, ratestat_new_dict, intf_list, use_json, print_all, errors_only, rates_only, detail) + portstat.cnstat_diff_print(cnstat_new_dict, cnstat_dict, ratestat_new_dict, intf_list, use_json, print_all, errors_only, fec_stats_only, rates_only, detail) if __name__ == "__main__": main() diff --git a/show/interfaces/__init__.py b/show/interfaces/__init__.py index 7f218f41db..25cfd045e0 100644 --- a/show/interfaces/__init__.py +++ b/show/interfaces/__init__.py @@ -338,7 +338,7 @@ def expected(db, interfacename): @click.pass_context def mpls(ctx, interfacename, namespace, display): """Show Interface MPLS status""" - + #Edge case: Force show frontend interfaces on single asic if not (multi_asic.is_multi_asic()): if (display == 'frontend' or display == 'all' or display is None): @@ -346,7 +346,7 @@ def mpls(ctx, interfacename, namespace, display): else: print("Error: Invalid display option command for single asic") return - + display = "all" if interfacename else display masic = multi_asic_util.MultiAsic(display_option=display, namespace_option=namespace) ns_list = masic.get_ns_list_based_on_options() @@ -372,13 +372,13 @@ def mpls(ctx, interfacename, namespace, display): if (interfacename is not None): if (interfacename != ifname): continue - + intf_found = True - + if (display != "all"): if ("Loopback" in ifname): continue - + if ifname.startswith("Ethernet") and multi_asic.is_port_internal(ifname, ns): continue @@ -391,11 +391,11 @@ def mpls(ctx, interfacename, namespace, display): if 'mpls' not in mpls_intf or mpls_intf['mpls'] == 'disable': intfs_data.update({ifname: 'disable'}) else: - intfs_data.update({ifname: mpls_intf['mpls']}) - + intfs_data.update({ifname: mpls_intf['mpls']}) + # Check if interface is valid if (interfacename is not None and not intf_found): - ctx.fail('interface {} doesn`t exist'.format(interfacename)) + ctx.fail('interface {} doesn`t exist'.format(interfacename)) header = ['Interface', 'MPLS State'] body = [] @@ -558,6 +558,23 @@ def errors(verbose, period, namespace, display): clicommon.run_command(cmd, display_cmd=verbose) +# 'fec-stats' subcommand ("show interfaces counters errors") +@counters.command('fec-stats') +@click.option('-p', '--period') +@multi_asic_util.multi_asic_click_options +@click.option('--verbose', is_flag=True, help="Enable verbose output") +def fec_stats(verbose, period, namespace, display): + """Show interface counters fec-stats""" + cmd = "portstat -f" + if period is not None: + cmd += " -p {}".format(period) + + cmd += " -s {}".format(display) + if namespace is not None: + cmd += " -n {}".format(namespace) + + clicommon.run_command(cmd, display_cmd=verbose) + # 'rates' subcommand ("show interfaces counters rates") @counters.command() @click.option('-p', '--period') diff --git a/tests/mock_tables/counters_db.json b/tests/mock_tables/counters_db.json index e12e3347fd..03b29cdded 100644 --- a/tests/mock_tables/counters_db.json +++ b/tests/mock_tables/counters_db.json @@ -855,7 +855,10 @@ "SAI_PORT_STAT_ETHER_OUT_PKTS_9217_TO_16383_OCTETS": "0", "SAI_PORT_STAT_ETHER_STATS_FRAGMENTS": "0", "SAI_PORT_STAT_ETHER_STATS_UNDERSIZE_PKTS": "0", - "SAI_PORT_STAT_ETHER_STATS_JABBERS": "0" + "SAI_PORT_STAT_ETHER_STATS_JABBERS": "0", + "SAI_PORT_STAT_IF_IN_FEC_CORRECTABLE_FRAMES": "130402", + "SAI_PORT_STAT_IF_IN_FEC_NOT_CORRECTABLE_FRAMES": "3", + "SAI_PORT_STAT_IF_IN_FEC_SYMBOL_ERRORS": "4" }, "COUNTERS:oid:0x1000000000013": { "SAI_PORT_STAT_IF_IN_UCAST_PKTS": "4", @@ -912,7 +915,10 @@ "SAI_PORT_STAT_ETHER_OUT_PKTS_9217_TO_16383_OCTETS": "0", "SAI_PORT_STAT_ETHER_STATS_FRAGMENTS": "0", "SAI_PORT_STAT_ETHER_STATS_UNDERSIZE_PKTS": "0", - "SAI_PORT_STAT_ETHER_STATS_JABBERS": "0" + "SAI_PORT_STAT_ETHER_STATS_JABBERS": "0", + "SAI_PORT_STAT_IF_IN_FEC_CORRECTABLE_FRAMES": "110412", + "SAI_PORT_STAT_IF_IN_FEC_NOT_CORRECTABLE_FRAMES": "1", + "SAI_PORT_STAT_IF_IN_FEC_SYMBOL_ERRORS": "0" }, "COUNTERS:oid:0x1000000000014": { "SAI_PORT_STAT_IF_IN_UCAST_PKTS": "6", @@ -969,7 +975,10 @@ "SAI_PORT_STAT_ETHER_OUT_PKTS_9217_TO_16383_OCTETS": "0", "SAI_PORT_STAT_ETHER_STATS_FRAGMENTS": "0", "SAI_PORT_STAT_ETHER_STATS_UNDERSIZE_PKTS": "0", - "SAI_PORT_STAT_ETHER_STATS_JABBERS": "0" + "SAI_PORT_STAT_ETHER_STATS_JABBERS": "0", + "SAI_PORT_STAT_IF_IN_FEC_CORRECTABLE_FRAMES": "100317", + "SAI_PORT_STAT_IF_IN_FEC_NOT_CORRECTABLE_FRAMES": "0", + "SAI_PORT_STAT_IF_IN_FEC_SYMBOL_ERRORS": "0" }, "COUNTERS:oid:0x21000000000000": { "SAI_SWITCH_STAT_OUT_DROP_REASON_RANGE_BASE": "1000", diff --git a/tests/portstat_test.py b/tests/portstat_test.py index 6429c4863a..2a70d0befc 100644 --- a/tests/portstat_test.py +++ b/tests/portstat_test.py @@ -34,6 +34,23 @@ Ethernet8 N/A 6 1350.00 KB/s 9000.00/s N/A 100 10 N/A 60 13.37 MB/s 9000.00/s N/A N/A N/A N/A """ +intf_fec_counters = """\ + IFACE STATE FEC_CORR FEC_UNCORR FEC_SYMBOL_ERR +--------- ------- ---------- ------------ ---------------- +Ethernet0 D 130,402 3 4 +Ethernet4 N/A 110,412 1 0 +Ethernet8 N/A 100,317 0 0 +""" + +intf_fec_counters_period = """\ +The rates are calculated within 3 seconds period + IFACE STATE FEC_CORR FEC_UNCORR FEC_SYMBOL_ERR +--------- ------- ---------- ------------ ---------------- +Ethernet0 D 0 0 0 +Ethernet4 N/A 0 0 0 +Ethernet8 N/A 0 0 0 +""" + intf_counters_period = """\ The rates are calculated within 3 seconds period IFACE STATE RX_OK RX_BPS RX_UTIL RX_ERR RX_DRP RX_OVR TX_OK TX_BPS TX_UTIL TX_ERR TX_DRP TX_OVR @@ -258,6 +275,39 @@ def test_show_intf_counters_all(self): assert return_code == 0 assert result == intf_counters_all + def test_show_intf_fec_counters(self): + runner = CliRunner() + result = runner.invoke( + show.cli.commands["interfaces"].commands["counters"].commands["fec-stats"], []) + print(result.exit_code) + print(result.output) + assert result.exit_code == 0 + assert result.output == intf_fec_counters + + return_code, result = get_result_and_return_code('portstat -f') + print("return_code: {}".format(return_code)) + print("result = {}".format(result)) + assert return_code == 0 + assert result == intf_fec_counters + + def test_show_intf_fec_counters_period(self): + runner = CliRunner() + result = runner.invoke(show.cli.commands["interfaces"].commands["counters"].commands["fec-stats"], + ["-p {}".format(TEST_PERIOD)]) + print(result.exit_code) + print(result.output) + assert result.exit_code == 0 + assert result.output == intf_fec_counters_period + + return_code, result = get_result_and_return_code( + 'portstat -f -p {}'.format(TEST_PERIOD)) + print("return_code: {}".format(return_code)) + print("result = {}".format(result)) + assert return_code == 0 + assert result == intf_fec_counters_period + + + def test_show_intf_counters_period(self): runner = CliRunner() result = runner.invoke(show.cli.commands["interfaces"].commands["counters"], [ From 142185c90a19bf6b732ad8e07f9759e74696fb05 Mon Sep 17 00:00:00 2001 From: Stephen Sun <5379172+stephenxs@users.noreply.github.com> Date: Mon, 8 Aug 2022 20:24:17 +0800 Subject: [PATCH 12/47] Fix the issue that sonic_platform is not installed on vs image (#2300) Method is_rj45_port references sonic_platform which has not been implemented on vs platform However, the method is referenced by show interface status which is widely used in kvm test in azure pipeline checkers - What I did - How I did it True is returned in is_rj45_port if sonic_platform can not be imported - How to verify it Run vs tests Signed-off-by: Stephen Sun --- tests/sfp_test.py | 7 +++++++ utilities_common/platform_sfputil_helper.py | 18 ++++++++++++------ 2 files changed, 19 insertions(+), 6 deletions(-) diff --git a/tests/sfp_test.py b/tests/sfp_test.py index b894b39469..d762b9f8ae 100644 --- a/tests/sfp_test.py +++ b/tests/sfp_test.py @@ -495,6 +495,13 @@ def test_sfp_eeprom_dom_all(self): assert result.exit_code == 0 assert "\n".join([ l.rstrip() for l in result.output.split('\n')]) == test_sfp_eeprom_dom_all_output + def test_is_rj45_port(self): + import utilities_common.platform_sfputil_helper as platform_sfputil_helper + platform_sfputil_helper.platform_chassis = None + if 'sonic_platform' in sys.modules: + sys.modules.pop('sonic_platform') + assert platform_sfputil_helper.is_rj45_port("Ethernet0") == False + @classmethod def teardown_class(cls): print("TEARDOWN") diff --git a/utilities_common/platform_sfputil_helper.py b/utilities_common/platform_sfputil_helper.py index 8b6afd5ef5..b4c819b4d8 100644 --- a/utilities_common/platform_sfputil_helper.py +++ b/utilities_common/platform_sfputil_helper.py @@ -111,12 +111,18 @@ def is_rj45_port(port_name): global platform_sfp_base global platform_sfputil_loaded - if not platform_chassis: - import sonic_platform - platform_chassis = sonic_platform.platform.Platform().get_chassis() - if not platform_sfp_base: - import sonic_platform_base - platform_sfp_base = sonic_platform_base.sfp_base.SfpBase + try: + if not platform_chassis: + import sonic_platform + platform_chassis = sonic_platform.platform.Platform().get_chassis() + if not platform_sfp_base: + import sonic_platform_base + platform_sfp_base = sonic_platform_base.sfp_base.SfpBase + except ModuleNotFoundError as e: + # This method is referenced by intfutil which is called on vs image + # However, there is no platform API supported on vs image + # So False is returned in such case + return False if platform_chassis and platform_sfp_base: if not platform_sfputil: From ca14133fd013548b9eb7fe40c53a7df99ed67c73 Mon Sep 17 00:00:00 2001 From: Andriy Yurkiv <70649192+ayurkiv-nvda@users.noreply.github.com> Date: Mon, 8 Aug 2022 15:26:06 +0300 Subject: [PATCH 13/47] [crm] add checking for CRM interval range (#2293) - What I did Add checking for range for CRM interval - How I did it Add attribute click.IntRange(1, 9999) and UT to verify it (according to CRM HLD) - How to verify it Run UT Manual testing: crm config polling interval 100000000 (receive error) - Previous command output (if the output of a command-line utility has changed) crm config polling interval 4566466 crm config polling interval --help Usage: crm config polling interval [OPTIONS] INTERVAL CRM polling interval configuration Options: --help Show this message and exit. - New command output (if the output of a command-line utility has changed) crm config polling interval 4566466 Usage: crm config polling interval [OPTIONS] INTERVAL Try "crm config polling interval --help" for help. Error: Invalid value for "INTERVAL": 4566466 is not in the valid range of 1 to 9999. crm config polling interval --help Usage: crm config polling interval [OPTIONS] INTERVAL CRM polling interval configuration in seconds (range: 1-9999) Options: --help Show this message and exit. Signed-off-by: Andriy Yurkiv --- crm/main.py | 4 ++-- tests/crm_test.py | 14 ++++++++++++++ 2 files changed, 16 insertions(+), 2 deletions(-) diff --git a/crm/main.py b/crm/main.py index f728f87dd9..9b0d06e89a 100644 --- a/crm/main.py +++ b/crm/main.py @@ -237,9 +237,9 @@ def polling(ctx): @polling.command() @click.pass_context -@click.argument('interval', type=click.INT) +@click.argument('interval', type=click.IntRange(1, 9999)) def interval(ctx, interval): - """CRM polling interval configuration""" + """CRM polling interval configuration in seconds (range: 1-9999)""" ctx.obj["crm"].config('polling_interval', interval) @config.group() diff --git a/tests/crm_test.py b/tests/crm_test.py index 24ced116ce..6b3f32ed9d 100644 --- a/tests/crm_test.py +++ b/tests/crm_test.py @@ -1033,6 +1033,8 @@ """ +crm_config_interval_too_big = "Error: Invalid value for \"INTERVAL\": 30000 is not in the valid range of 1 to 9999." + class TestCrm(object): @classmethod def setup_class(cls): @@ -1053,6 +1055,18 @@ def test_crm_show_summary(self): assert result.exit_code == 0 assert result.output == crm_new_show_summary + def test_crm_config_polling_interval(self): + runner = CliRunner() + db = Db() + result = runner.invoke(crm.cli, ['config', 'polling', 'interval', '10'], obj=db) + print(sys.stderr, result.output) + assert result.exit_code == 0 + result = runner.invoke(crm.cli, ['config', 'polling', 'interval', '30000'], obj=db) + print(sys.stderr, result.output) + assert result.exit_code == 2 + assert crm_config_interval_too_big in result.output + + def test_crm_show_thresholds_acl_group(self): runner = CliRunner() db = Db() From bcf36eb37b8c7eef84b4de70e840ecb7692e2c6c Mon Sep 17 00:00:00 2001 From: Junchao-Mellanox <57339448+Junchao-Mellanox@users.noreply.github.com> Date: Tue, 9 Aug 2022 00:54:28 +0800 Subject: [PATCH 14/47] Fix issues for sonic_installer upgrade-docker and sonic_installer rollback-docker (#2278) #### What I did Fix issues: 1. upgrade-docker shall not check STATE DB for those container which do not support warm mode 2. rollback-docker sometimes cannot really rollback the container because it cannot get the correct docker image tag #### How I did it 1. for containers do not support warm mode, ignore STATE_DB check 2. use another command to get docker image tag #### How to verify it Manual test. UT is not created for this change because there are many docker command running for these two CLIs, thus: 1. Mock so many docker command causes the test case very tricky. The case would be even more complicated than the CLIs. 2. UT cannot really test the command in case of so many docker command Instead, a new sonic-mgmt test case is on the way to cover these two CLI. Will create PR for the sonic-mgmt new test case later. --- sonic_installer/main.py | 40 ++++------- tests/installer_docker_test.py | 127 +++++++++++++++++++++++++++++++++ 2 files changed, 142 insertions(+), 25 deletions(-) create mode 100644 tests/installer_docker_test.py diff --git a/sonic_installer/main.py b/sonic_installer/main.py index 0056bb77e5..db3fe49827 100644 --- a/sonic_installer/main.py +++ b/sonic_installer/main.py @@ -134,7 +134,7 @@ def get_docker_tag_name(image): def echo_and_log(msg, priority=LOG_NOTICE, fg=None): - if priority >= LOG_ERR: + if priority == LOG_ERR: # Print to stderr if priority is error click.secho(msg, fg=fg, err=True) else: @@ -647,7 +647,7 @@ def set_fips(image, enable_fips): bootloader = get_bootloader() if not image: image = bootloader.get_next_image() - if image not in bootloader.get_installed_images(): + if image not in bootloader.get_installed_images(): echo_and_log('Error: Image does not exist', LOG_ERR) sys.exit(1) bootloader.set_fips(image, enable=enable_fips) @@ -743,7 +743,8 @@ def cleanup(): "swss", "syncd", "teamd", - "telemetry" + "telemetry", + "mgmt-framework" ] # Upgrade docker image @@ -786,16 +787,8 @@ def upgrade_docker(container_name, url, cleanup_image, skip_check, tag, warm): echo_and_log("Image file '{}' does not exist or is not a regular file. Aborting...".format(image_path), LOG_ERR) raise click.Abort() - warm_configured = False # warm restart enable/disable config is put in stateDB, not persistent across cold reboot, not saved to config_DB.json file - state_db = SonicV2Connector(host='127.0.0.1') - state_db.connect(state_db.STATE_DB, False) - TABLE_NAME_SEPARATOR = '|' - prefix = 'WARM_RESTART_ENABLE_TABLE' + TABLE_NAME_SEPARATOR - _hash = '{}{}'.format(prefix, container_name) - if state_db.get(state_db.STATE_DB, _hash, "enable") == "true": - warm_configured = True - state_db.close(state_db.STATE_DB) + warm_configured = hget_warm_restart_table('STATE_DB', 'WARM_RESTART_ENABLE_TABLE', container_name, 'enable') == "true" if container_name == "swss" or container_name == "bgp" or container_name == "teamd": if warm_configured is False and warm: @@ -866,23 +859,19 @@ def upgrade_docker(container_name, url, cleanup_image, skip_check, tag, warm): run_command("docker tag %s:latest %s:%s" % (image_name, image_name, tag)) run_command("systemctl restart %s" % container_name) - # All images id under the image name - image_id_all = get_container_image_id_all(image_name) - - # this is image_id for image with "latest" tag - image_id_latest = get_container_image_id(image_latest) - - for id in image_id_all: - if id != image_id_latest: - # Unless requested, the previoud docker image will be preserved - if not cleanup_image and id == image_id_previous: - continue - run_command("docker rmi -f %s" % id) + if cleanup_image: + # All images id under the image name + image_id_all = get_container_image_id_all(image_name) + # Unless requested, the previoud docker image will be preserved + for id in image_id_all: + if id == image_id_previous: + run_command("docker rmi -f %s" % id) + break exp_state = "reconciled" state = "" # post warm restart specific procssing for swss, bgp and teamd dockers, wait for reconciliation state. - if warm_configured is True or warm: + if warm_app_names and (warm_configured is True or warm): count = 0 for warm_app_name in warm_app_names: state = "" @@ -939,6 +928,7 @@ def rollback_docker(container_name): for id in image_id_all: if id != image_id_previous: version_tag = get_docker_tag_name(id) + break # make previous image as latest run_command("docker tag %s:%s %s:latest" % (image_name, version_tag, image_name)) diff --git a/tests/installer_docker_test.py b/tests/installer_docker_test.py new file mode 100644 index 0000000000..8897b8413f --- /dev/null +++ b/tests/installer_docker_test.py @@ -0,0 +1,127 @@ +import pytest +import sonic_installer.main as sonic_installer + +from click.testing import CliRunner +from unittest.mock import patch, MagicMock + +SUCCESS = 0 + + +@patch('sonic_installer.main.get_container_image_name', MagicMock(return_value='docker-fpm-frr')) +@patch('sonic_installer.main.get_container_image_id_all', MagicMock(return_value=['1', '2'])) +@patch('sonic_installer.main.get_container_image_id', MagicMock(return_value=['1'])) +@patch('sonic_installer.main.get_docker_tag_name', MagicMock(return_value='some_tag')) +@patch('sonic_installer.main.echo_and_log', MagicMock()) +@patch('sonic_installer.main.run_command') +def test_rollback_docker_basic(mock_run_cmd): + runner = CliRunner() + result = runner.invoke( + sonic_installer.sonic_installer.commands['rollback-docker'], ['-y', 'bgp'] + ) + + assert result.exit_code == SUCCESS + expect_docker_tag_command = 'docker tag docker-fpm-frr:some_tag docker-fpm-frr:latest' + mock_run_cmd.assert_called_with(expect_docker_tag_command) + + mock_run_cmd.reset() + result = runner.invoke( + sonic_installer.sonic_installer.commands['rollback-docker'], ['-y', 'snmp'] + ) + + assert result.exit_code == SUCCESS + mock_run_cmd.assert_any_call('systemctl restart snmp') + + +@patch('sonic_installer.main.get_container_image_name', MagicMock(return_value='docker-fpm-frr')) +@patch('sonic_installer.main.get_container_image_id_all', MagicMock(return_value=['1'])) +def test_rollback_docker_no_extra_image(): + runner = CliRunner() + result = runner.invoke( + sonic_installer.sonic_installer.commands['rollback-docker'], ['-y', 'bgp'] + ) + assert result.exit_code != SUCCESS + + +@pytest.mark.parametrize("container", ['bgp', 'swss', 'teamd', 'pmon']) +@patch('sonic_installer.main.get_container_image_name', MagicMock(return_value='docker-fpm-frr')) +@patch('sonic_installer.main.get_container_image_id', MagicMock(return_value='1')) +@patch('sonic_installer.main.get_container_image_id_all', MagicMock(return_value=['1', '2'])) +@patch('sonic_installer.main.validate_url_or_abort', MagicMock()) +@patch('sonic_installer.main.urlretrieve', MagicMock()) +@patch('os.path.isfile', MagicMock(return_value=True)) +@patch('sonic_installer.main.get_docker_tag_name', MagicMock(return_value='some_tag')) +@patch('sonic_installer.main.run_command', MagicMock()) +@patch("sonic_installer.main.subprocess.Popen") +@patch('sonic_installer.main.hget_warm_restart_table') +def test_upgrade_docker_basic(mock_hget, mock_popen, container): + def mock_hget_impl(db_name, table_name, warm_app_name, key): + if table_name == 'WARM_RESTART_ENABLE_TABLE': + return "false" + elif table_name == 'WARM_RESTART_TABLE': + return 'reconciled' + + mock_hget.side_effect = mock_hget_impl + mock_proc = MagicMock() + mock_proc.communicate = MagicMock(return_value=(None, None)) + mock_proc.returncode = 0 + mock_popen.return_value = mock_proc + + runner = CliRunner() + result = runner.invoke( + sonic_installer.sonic_installer.commands['upgrade-docker'], + ['-y', '--cleanup_image', '--warm', container, 'http://'] + ) + + print(result.output) + assert result.exit_code == SUCCESS + + +@patch('sonic_installer.main.get_container_image_name', MagicMock(return_value='docker-fpm-frr')) +@patch('sonic_installer.main.get_container_image_id', MagicMock(return_value=['1'])) +@patch('sonic_installer.main.validate_url_or_abort', MagicMock()) +@patch('sonic_installer.main.urlretrieve', MagicMock(side_effect=Exception('download failed'))) +def test_upgrade_docker_download_fail(): + runner = CliRunner() + result = runner.invoke( + sonic_installer.sonic_installer.commands['upgrade-docker'], + ['-y', '--cleanup_image', '--warm', 'bgp', 'http://'] + ) + assert 'download failed' in result.output + assert result.exit_code != SUCCESS + + +@patch('sonic_installer.main.get_container_image_name', MagicMock(return_value='docker-fpm-frr')) +@patch('sonic_installer.main.get_container_image_id', MagicMock(return_value=['1'])) +@patch('sonic_installer.main.validate_url_or_abort', MagicMock()) +@patch('sonic_installer.main.urlretrieve', MagicMock(side_effect=Exception('download failed'))) +def test_upgrade_docker_image_not_exist(): + runner = CliRunner() + result = runner.invoke( + sonic_installer.sonic_installer.commands['upgrade-docker'], + ['-y', '--cleanup_image', '--warm', 'bgp', 'invalid_url'] + ) + assert 'does not exist' in result.output + assert result.exit_code != SUCCESS + + +@patch('sonic_installer.main.get_container_image_name', MagicMock(return_value='docker-fpm-frr')) +@patch('sonic_installer.main.get_container_image_id', MagicMock(return_value=['1'])) +@patch('sonic_installer.main.validate_url_or_abort', MagicMock()) +@patch('sonic_installer.main.urlretrieve', MagicMock()) +@patch('os.path.isfile', MagicMock(return_value=True)) +@patch('sonic_installer.main.get_docker_tag_name', MagicMock(return_value='some_tag')) +@patch('sonic_installer.main.run_command', MagicMock()) +@patch('sonic_installer.main.hget_warm_restart_table', MagicMock(return_value='false')) +@patch("sonic_installer.main.subprocess.Popen") +def test_upgrade_docker_image_swss_check_failed(mock_popen): + mock_proc = MagicMock() + mock_proc.communicate = MagicMock(return_value=(None, None)) + mock_proc.returncode = 1 + mock_popen.return_value = mock_proc + runner = CliRunner() + result = runner.invoke( + sonic_installer.sonic_installer.commands['upgrade-docker'], + ['-y', '--cleanup_image', '--warm', 'swss', 'http://'] + ) + assert 'RESTARTCHECK failed' in result.output + assert result.exit_code != SUCCESS From be1866fd3f9d2555c4036e9f1a9b820ae6d5c889 Mon Sep 17 00:00:00 2001 From: jingwenxie Date: Tue, 9 Aug 2022 09:38:08 +0800 Subject: [PATCH 15/47] Fix GCU bug when backend service modifying config (#2295) What I did Fixes sonic-net/sonic-buildimage#11576 How I did it Add a workaround to only compare config without backend service impact. How to verify it Manual test on specific platform and check operation success. --- generic_config_updater/change_applier.py | 12 ++++++++++++ generic_config_updater/generic_updater.py | 2 ++ 2 files changed, 14 insertions(+) diff --git a/generic_config_updater/change_applier.py b/generic_config_updater/change_applier.py index 63ca98049c..9871e554b2 100644 --- a/generic_config_updater/change_applier.py +++ b/generic_config_updater/change_applier.py @@ -71,6 +71,11 @@ class ChangeApplier: def __init__(self): self.config_db = get_config_db() + self.backend_tables = [ + "BUFFER_PG", + "BUFFER_PROFILE", + "FLEX_COUNTER_TABLE" + ] if (not ChangeApplier.updater_conf) and os.path.exists(UPDATER_CONF_FILE): with open(UPDATER_CONF_FILE, "r") as s: ChangeApplier.updater_conf = json.load(s) @@ -142,6 +147,8 @@ def apply(self, change): ret = self._services_validate(run_data, upd_data, upd_keys) if not ret: run_data = self._get_running_config() + self.remove_backend_tables_from_config(upd_data) + self.remove_backend_tables_from_config(run_data) if upd_data != run_data: self._report_mismatch(run_data, upd_data) ret = -1 @@ -150,6 +157,11 @@ def apply(self, change): return ret + def remove_backend_tables_from_config(self, data): + for key in self.backend_tables: + data.pop(key, None) + + def _get_running_config(self): (_, fname) = tempfile.mkstemp(suffix="_changeApplier") os.system("sonic-cfggen -d --print-data > {}".format(fname)) diff --git a/generic_config_updater/generic_updater.py b/generic_config_updater/generic_updater.py index ee7af65620..56297039aa 100644 --- a/generic_config_updater/generic_updater.py +++ b/generic_config_updater/generic_updater.py @@ -77,6 +77,8 @@ def apply(self, patch): # Validate config updated successfully self.logger.log_notice("Verifying patch updates are reflected on ConfigDB.") new_config = self.config_wrapper.get_config_db_as_json() + self.changeapplier.remove_backend_tables_from_config(target_config) + self.changeapplier.remove_backend_tables_from_config(new_config) if not(self.patch_wrapper.verify_same_json(target_config, new_config)): raise GenericConfigUpdaterError(f"After applying patch to config, there are still some parts not updated") From 673f0fd0f78f42025a5d528ad5216fe748305555 Mon Sep 17 00:00:00 2001 From: vdahiya12 <67608553+vdahiya12@users.noreply.github.com> Date: Tue, 9 Aug 2022 13:15:03 -0700 Subject: [PATCH 16/47] [config][muxcable] add support to enable/disable ycable telemetry (#2297) This PR provides a capability to sonic-utilities CLI to enable/disable telemetry for ycabled. Basically there is a periodic loop for ycabled which posts telemetry data for that configured interval of time(currently 60 sec). This PR diables this data posting, and does not call platform API calls for ycable. This PR is required for the initiative of getting some failover/switchover not get interfered because of sonic-telemetry API calls. The CLI for enabling/disabling telemetry is config muxcable telemetry enable/disable What I did How I did it How to verify it Previous command output (if the output of a command-line utility has changed) New command output (if the output of a command-line utility has changed) Dependent on sonic-net/sonic-platform-daemons#279 and submodule update Signed-off-by: vaibhav-dahiya --- config/muxcable.py | 43 ++++++++++++++++++++++++++++++++++++++++++ tests/muxcable_test.py | 34 +++++++++++++++++++++++++++++++++ 2 files changed, 77 insertions(+) diff --git a/config/muxcable.py b/config/muxcable.py index fec0f16b3b..071f578a7a 100644 --- a/config/muxcable.py +++ b/config/muxcable.py @@ -1200,3 +1200,46 @@ def set_fec(db, port, target, mode): else: click.echo("ERR: Unable to set fec enable/disable port {} to {}".format(port, mode)) sys.exit(CONFIG_FAIL) + +def update_configdb_ycable_telemetry_data(config_db, key, val): + log_verbosity = get_value_for_key_in_config_tbl(config_db, key, "log_verbosity", "XCVRD_LOG") + + config_db.set_entry("XCVRD_LOG", key, {"log_verbosity": log_verbosity, + "disable_telemetry": val}) + return 0 + +@muxcable.command() +@click.argument('state', metavar='', required=True, type=click.Choice(["enable", "disable"])) +@clicommon.pass_db +def telemetry(db, state): + """Enable/Disable Telemetry for ycabled """ + + per_npu_configdb = {} + xcvrd_log_cfg_db_tbl = {} + + if state == 'enable': + val = 'False' + elif state == 'disable': + val = 'True' + + + # Getting all front asic namespace and correspding config and state DB connector + + namespaces = multi_asic.get_front_end_namespaces() + for namespace in namespaces: + asic_id = multi_asic.get_asic_index_from_namespace(namespace) + # replace these with correct macros + per_npu_configdb[asic_id] = ConfigDBConnector(use_unix_socket_path=True, namespace=namespace) + per_npu_configdb[asic_id].connect() + + xcvrd_log_cfg_db_tbl[asic_id] = per_npu_configdb[asic_id].get_table("XCVRD_LOG") + + asic_index = multi_asic.get_asic_index_from_namespace(EMPTY_NAMESPACE) + rc = update_configdb_ycable_telemetry_data(per_npu_configdb[asic_index], "Y_CABLE", val) + + + if rc == 0: + click.echo("Success in ycabled telemetry state to {}".format(state)) + else: + click.echo("ERR: Unable to set ycabled telemetry state to {}".format(state)) + sys.exit(CONFIG_FAIL) diff --git a/tests/muxcable_test.py b/tests/muxcable_test.py index 2b4d221171..965ae91ea8 100644 --- a/tests/muxcable_test.py +++ b/tests/muxcable_test.py @@ -2209,6 +2209,40 @@ def test_show_muxcable_tunnel_route_json_port(self): assert result.exit_code == 0 assert result.output == show_muxcable_tunnel_route_expected_output_port_json + @mock.patch('config.muxcable.swsscommon.DBConnector', mock.MagicMock(return_value=0)) + @mock.patch('config.muxcable.swsscommon.Table', mock.MagicMock(return_value=0)) + @mock.patch('config.muxcable.swsscommon.Select', mock.MagicMock(return_value=0)) + def test_config_muxcable_telemetry_enable_without_patch(self): + runner = CliRunner() + db = Db() + + result = runner.invoke(config.config.commands["muxcable"].commands["telemetry"], [ + "enable"], obj=db) + assert result.exit_code == 1 + + @mock.patch('config.muxcable.swsscommon.DBConnector', mock.MagicMock(return_value=0)) + @mock.patch('config.muxcable.swsscommon.Table', mock.MagicMock(return_value=0)) + @mock.patch('config.muxcable.swsscommon.Select', mock.MagicMock(return_value=0)) + def test_config_muxcable_telemetry_disable_without_patch(self): + runner = CliRunner() + db = Db() + + result = runner.invoke(config.config.commands["muxcable"].commands["telemetry"], [ + "disable"], obj=db) + assert result.exit_code == 1 + + @mock.patch('config.muxcable.swsscommon.DBConnector', mock.MagicMock(return_value=0)) + @mock.patch('config.muxcable.swsscommon.Table', mock.MagicMock(return_value=0)) + @mock.patch('config.muxcable.swsscommon.Select', mock.MagicMock(return_value=0)) + @mock.patch('config.muxcable.update_configdb_ycable_telemetry_data', mock.MagicMock(return_value=0)) + def test_config_muxcable_telemetry_enable(self): + runner = CliRunner() + db = Db() + + result = runner.invoke(config.config.commands["muxcable"].commands["telemetry"], [ + "enable"], obj=db) + assert result.exit_code == 0 + @classmethod def teardown_class(cls): os.environ['UTILITIES_UNIT_TESTING'] = "0" From 14c483f2fa3628f68b6e051142524b7ef825a8e4 Mon Sep 17 00:00:00 2001 From: Yevhen Fastiuk Date: Wed, 10 Aug 2022 18:14:28 +0300 Subject: [PATCH 17/47] [CLI] Move hostname, mgmt interface/vrf config to hostcfgd (#2173) - Why I did it To be able to configure the management interface and hostname standalone by changing database config at runtime. From the CLI perspective fo view, the following behavior is the same. But now you have two ways of configuring it: CLI, directly through the database. - How I did it Moved configuration part of the interface and hostname to "hostcfgd". - How to verify it Built an image Flash it to the switch Run CLI commands Signed-off-by: Yevhen Fastiuk --- config/main.py | 68 +++++--------------------------------------- tests/config_test.py | 34 ++++++++++++++++++++++ 2 files changed, 41 insertions(+), 61 deletions(-) diff --git a/config/main.py b/config/main.py index 0f1fcf28fd..cba02ad5db 100644 --- a/config/main.py +++ b/config/main.py @@ -22,6 +22,7 @@ from sonic_py_common import device_info, multi_asic from sonic_py_common.interface import get_interface_table_name, get_port_table_name, get_intf_longname from utilities_common import util_base +from swsscommon import swsscommon from swsscommon.swsscommon import SonicV2Connector, ConfigDBConnector from utilities_common.db import Db from utilities_common.intf_filter import parse_interface_in_filter @@ -1884,19 +1885,11 @@ def hostname(new_hostname): config_db = ConfigDBConnector() config_db.connect() - config_db.mod_entry('DEVICE_METADATA' , 'localhost', {"hostname" : new_hostname}) - try: - command = "service hostname-config restart" - clicommon.run_command(command, display_cmd=True) - except SystemExit as e: - click.echo("Restarting hostname-config service failed with error {}".format(e)) - raise + config_db.mod_entry(swsscommon.CFG_DEVICE_METADATA_TABLE_NAME, 'localhost', + {'hostname': new_hostname}) - # Reload Monit configuration to pick up new hostname in case it changed - click.echo("Reloading Monit configuration ...") - clicommon.run_command("sudo monit reload") - - click.echo("Please note loaded setting will be lost after system reboot. To preserve setting, run `config save`.") + click.echo('Please note loaded setting will be lost after system reboot. To' + ' preserve setting, run `config save`.') # # 'synchronous_mode' command ('config synchronous_mode ...') @@ -2837,22 +2830,6 @@ def warm_restart_bgp_eoiu(ctx, enable): db = ctx.obj['db'] db.mod_entry('WARM_RESTART', 'bgp', {'bgp_eoiu': enable}) -def mvrf_restart_services(): - """Restart interfaces-config service and NTP service when mvrf is changed""" - """ - When mvrf is enabled, eth0 should be moved to mvrf; when it is disabled, - move it back to default vrf. Restarting the "interfaces-config" service - will recreate the /etc/network/interfaces file and restart the - "networking" service that takes care of the eth0 movement. - NTP service should also be restarted to rerun the NTP service with or - without "cgexec" accordingly. - """ - cmd="service ntp stop" - os.system (cmd) - cmd="systemctl restart interfaces-config" - os.system (cmd) - cmd="service ntp start" - os.system (cmd) def vrf_add_management_vrf(config_db): """Enable management vrf in config DB""" @@ -2862,22 +2839,7 @@ def vrf_add_management_vrf(config_db): click.echo("ManagementVRF is already Enabled.") return None config_db.mod_entry('MGMT_VRF_CONFIG', "vrf_global", {"mgmtVrfEnabled": "true"}) - mvrf_restart_services() - """ - The regular expression for grep in below cmd is to match eth0 line in /proc/net/route, sample file: - $ cat /proc/net/route - Iface Destination Gateway Flags RefCnt Use Metric Mask MTU Window IRTT - eth0 00000000 01803B0A 0003 0 0 202 00000000 0 0 0 - """ - cmd = r"cat /proc/net/route | grep -E \"eth0\s+00000000\s+[0-9A-Z]+\s+[0-9]+\s+[0-9]+\s+[0-9]+\s+202\" | wc -l" - proc = subprocess.Popen(cmd, shell=True, stdout=subprocess.PIPE) - output = proc.communicate() - if int(output[0]) >= 1: - cmd="ip -4 route del default dev eth0 metric 202" - proc = subprocess.Popen(cmd, shell=True, stdout=subprocess.PIPE) - proc.communicate() - if proc.returncode != 0: - click.echo("Could not delete eth0 route") + def vrf_delete_management_vrf(config_db): """Disable management vrf in config DB""" @@ -2887,7 +2849,7 @@ def vrf_delete_management_vrf(config_db): click.echo("ManagementVRF is already Disabled.") return None config_db.mod_entry('MGMT_VRF_CONFIG', "vrf_global", {"mgmtVrfEnabled": "false"}) - mvrf_restart_services() + @config.group(cls=clicommon.AbbreviationGroup) @click.pass_context @@ -4123,20 +4085,6 @@ def _get_all_mgmtinterface_keys(): config_db.connect() return list(config_db.get_table('MGMT_INTERFACE').keys()) -def mgmt_ip_restart_services(): - """Restart the required services when mgmt inteface IP address is changed""" - """ - Whenever the eth0 IP address is changed, restart the "interfaces-config" - service which regenerates the /etc/network/interfaces file and restarts - the networking service to make the new/null IP address effective for eth0. - "ntp-config" service should also be restarted based on the new - eth0 IP address since the ntp.conf (generated from ntp.conf.j2) is - made to listen on that particular eth0 IP address or reset it back. - """ - cmd="systemctl restart interfaces-config" - os.system (cmd) - cmd="systemctl restart ntp-config" - os.system (cmd) # # 'mtu' subcommand @@ -4282,7 +4230,6 @@ def add(ctx, interface_name, ip_addr, gw): config_db.set_entry("MGMT_INTERFACE", (interface_name, str(ip_address)), {"NULL": "NULL"}) else: config_db.set_entry("MGMT_INTERFACE", (interface_name, str(ip_address)), {"gwaddr": gw}) - mgmt_ip_restart_services() return @@ -4322,7 +4269,6 @@ def remove(ctx, interface_name, ip_addr): if interface_name == 'eth0': config_db.set_entry("MGMT_INTERFACE", (interface_name, str(ip_address)), None) - mgmt_ip_restart_services() return table_name = get_interface_table_name(interface_name) diff --git a/tests/config_test.py b/tests/config_test.py index 98ff5a0c83..50c70f8fe2 100644 --- a/tests/config_test.py +++ b/tests/config_test.py @@ -1580,3 +1580,37 @@ def test_config_rate(self, get_cmd_module, setup_single_broadcom_asic): def teardown_class(cls): print("TEARDOWN") os.environ['UTILITIES_UNIT_TESTING'] = "0" + + +class TestConfigHostname(object): + @classmethod + def setup_class(cls): + print("SETUP") + import config.main + importlib.reload(config.main) + + @mock.patch('config.main.ConfigDBConnector') + def test_hostname_add(self, db_conn_patch, get_cmd_module): + db_conn_patch().mod_entry = mock.Mock() + (config, show) = get_cmd_module + + runner = CliRunner() + result = runner.invoke(config.config.commands["hostname"], + ["new_hostname"]) + + # Verify success + assert result.exit_code == 0 + + # Check was called + args_list = db_conn_patch().mod_entry.call_args_list + assert len(args_list) > 0 + + args, _ = args_list[0] + assert len(args) > 0 + + # Check new hostname was part of args + assert {'hostname': 'new_hostname'} in args + + @classmethod + def teardown_class(cls): + print("TEARDOWN") From 28b6ba5fc11f65abaf421c70159a605d233eda41 Mon Sep 17 00:00:00 2001 From: dbarashinvd <105214075+dbarashinvd@users.noreply.github.com> Date: Thu, 11 Aug 2022 09:19:44 +0300 Subject: [PATCH 18/47] Convert IPv6 addresses to lowercase in apply-patch (#2299) Fixes sonic-net/sonic-buildimage#11622 - What I did Convert IPv6 addresses to lowercase in apply-patch for remove op - How I did it python regex on 'remove' op in JSON patch input file - How to verify it Manual test of created bug, Unit test --- config/main.py | 14 ++++++++++++++ tests/ip_config_input/patch_ipv6.test | 6 ++++++ tests/ip_config_test.py | 21 +++++++++++++++++++++ 3 files changed, 41 insertions(+) create mode 100644 tests/ip_config_input/patch_ipv6.test diff --git a/config/main.py b/config/main.py index cba02ad5db..5c74ec9729 100644 --- a/config/main.py +++ b/config/main.py @@ -1362,6 +1362,20 @@ def apply_patch(ctx, patch_file_path, format, dry_run, ignore_non_yang_tables, i patch_as_json = json.loads(text) patch = jsonpatch.JsonPatch(patch_as_json) + # convert IPv6 addresses to lowercase + for patch_line in patch: + if 'remove' == patch_line['op']: + match = re.search(r"(?P/INTERFACE/\w+\|)(?P([a-fA-F0-9]{0,4}[:~]|::){1,7}[a-fA-F0-9]{0,4})" + "(?P.*)", str.format(patch_line['path'])) + if match: + prefix = match.group('prefix') + ipv6_address_str = match.group('ipv6_address') + suffix = match.group('suffix') + ipv6_address_str = ipv6_address_str.lower() + click.secho("converted ipv6 address to lowercase {} with prefix {} in value: {}" + .format(ipv6_address_str, prefix, patch_line['path'])) + patch_line['path'] = prefix + ipv6_address_str + suffix + config_format = ConfigFormat[format.upper()] GenericUpdater().apply_patch(patch, config_format, verbose, dry_run, ignore_non_yang_tables, ignore_path) diff --git a/tests/ip_config_input/patch_ipv6.test b/tests/ip_config_input/patch_ipv6.test new file mode 100644 index 0000000000..00b43fda4c --- /dev/null +++ b/tests/ip_config_input/patch_ipv6.test @@ -0,0 +1,6 @@ +[ + { + "path": "/INTERFACE/Ethernet12|FC00::1~1126", + "op": "remove" + } +] diff --git a/tests/ip_config_test.py b/tests/ip_config_test.py index 47f82fb959..85a765bd65 100644 --- a/tests/ip_config_test.py +++ b/tests/ip_config_test.py @@ -1,3 +1,5 @@ +import json +import jsonpatch import os import traceback from unittest import mock @@ -8,6 +10,9 @@ import show.main as show from utilities_common.db import Db +test_path = os.path.dirname(os.path.abspath(__file__)) +ip_config_input_path = os.path.join(test_path, "ip_config_input") + ERROR_MSG = "Error: IP address is not valid" class TestConfigIP(object): @@ -157,6 +162,22 @@ def test_add_del_interface_shortened_ipv6_with_leading_zeros(self): assert result.exit_code != 0 assert ('Ethernet68', '3000::1/64') not in db.cfgdb.get_table('INTERFACE') + def test_remove_interface_case_sensitive_mock_ipv6_w_apply_patch(self): + runner = CliRunner() + any_patch_as_json = [{"op": "remove", "path": "/INTERFACE/Ethernet12|FC00::1~1126"}] + any_patch = jsonpatch.JsonPatch(any_patch_as_json) + any_patch_as_text = json.dumps(any_patch_as_json) + ipv6_patch_file = os.path.join(ip_config_input_path, 'patch_ipv6.test') + + # config apply-patch patch + mock_generic_updater = mock.Mock() + with mock.patch('config.main.GenericUpdater', return_value=mock_generic_updater): + with mock.patch('builtins.open', mock.mock_open(read_data=any_patch_as_text)): + result = runner.invoke(config.config.commands["apply-patch"], [ipv6_patch_file], catch_exceptions=False) + print(result.exit_code, result.output) + assert "converted ipv6 address to lowercase fc00::1~1126 with prefix /INTERFACE/Ethernet12| in value: /INTERFACE/Ethernet12|FC00::1~1126" in result.output + + @classmethod def teardown_class(cls): os.environ['UTILITIES_UNIT_TESTING'] = "0" From 37eb2b389e2c46e9592b35c20edf01dc431cc576 Mon Sep 17 00:00:00 2001 From: "anton.novikau" Date: Sat, 13 Aug 2022 03:00:36 +0300 Subject: [PATCH 19/47] add lacp_rate to portchannel (#2036) #### What I did Make lacp_rate configurable for portchannel. ``` Option specifying the rate in which we'll ask our link partner to transmit LACPDU packets in 802.3ad mode. Possible values are: slow Request partner to transmit LACPDUs every 30 seconds fast Request partner to transmit LACPDUs every 1 second The default is slow. ``` #### Why I did it In case of slow lacp_rate configuration link down will be detected in 60-90 seconds, it may be to long (for example for MCLAG high availability), in case of using ` --fast-rate=true` link down will be detected in 2-3 seconds. #### How I did it * add optional argument to `config portchannel` command, default=slow for backward compatibility. (this PR) * parse argument in `teammgr` and forward it to `teamd` (other PR: https://github.com/Azure/sonic-swss/pull/2121) * update docs https://github.com/Azure/SONiC/pull/937 #### How to verify it Confgiure bond on other side, then configure portchannel and sniff the traffic from it. ``` config portchannel add PortChannel0001 --fast-rate=true config portchannel member add PortChannel0001 Ethernet0 config interface ip add PortChannel0001 192.168.1.2/24 tcpdump -ne ``` --- config/main.py | 14 ++++++++++---- doc/Command-Reference.md | 5 +++-- tests/portchannel_test.py | 28 +++++++++++++++++++++++++++- 3 files changed, 40 insertions(+), 7 deletions(-) diff --git a/config/main.py b/config/main.py index 5c74ec9729..49713d1cc7 100644 --- a/config/main.py +++ b/config/main.py @@ -1967,8 +1967,11 @@ def portchannel(db, ctx, namespace): @click.argument('portchannel_name', metavar='', required=True) @click.option('--min-links', default=1, type=click.IntRange(1,1024)) @click.option('--fallback', default='false') +@click.option('--fast-rate', default='false', + type=click.Choice(['true', 'false'], + case_sensitive=False)) @click.pass_context -def add_portchannel(ctx, portchannel_name, min_links, fallback): +def add_portchannel(ctx, portchannel_name, min_links, fallback, fast_rate): """Add port channel""" if is_portchannel_name_valid(portchannel_name) != True: ctx.fail("{} is invalid!, name should have prefix '{}' and suffix '{}'" @@ -1979,9 +1982,12 @@ def add_portchannel(ctx, portchannel_name, min_links, fallback): if is_portchannel_present_in_db(db, portchannel_name): ctx.fail("{} already exists!".format(portchannel_name)) - fvs = {'admin_status': 'up', - 'mtu': '9100', - 'lacp_key': 'auto'} + fvs = { + 'admin_status': 'up', + 'mtu': '9100', + 'lacp_key': 'auto', + 'fast_rate': fast_rate.lower(), + } if min_links != 0: fvs['min_links'] = str(min_links) if fallback != 'false': diff --git a/doc/Command-Reference.md b/doc/Command-Reference.md index f19c98751c..4d30c3b2b1 100644 --- a/doc/Command-Reference.md +++ b/doc/Command-Reference.md @@ -6925,12 +6925,13 @@ When any port is already member of any other portchannel and if user tries to ad Command takes two optional arguements given below. 1) min-links - minimum number of links required to bring up the portchannel 2) fallback - true/false. LACP fallback feature can be enabled / disabled. When it is set to true, only one member port will be selected as active per portchannel during fallback mode. Refer https://github.com/Azure/SONiC/blob/master/doc/lag/LACP%20Fallback%20Feature%20for%20SONiC_v0.5.md for more details about fallback feature. +3) fast-rate - true/false, default is false (slow). Option specifying the rate in which we'll ask our link partner to transmit LACPDU packets in 802.3ad mode. slow - request partner to transmit LACPDUs every 30 seconds, fast - request partner to transmit LACPDUs every 1 second. In slow mode 60-90 seconds needed to detect linkdown, in fast mode only 2-3 seconds. A port channel can be deleted only if it does not have any members or the members are already deleted. When a user tries to delete a port channel and the port channel still has one or more members that exist, the deletion of port channel is blocked. - Usage: ``` - config portchannel (add | del) [--min-links ] [--fallback (true | false)] + config portchannel (add | del) [--min-links ] [--fallback (true | false) [--fast-rate (true | false)] ``` - Example (Create the portchannel with name "PortChannel0011"): @@ -11020,4 +11021,4 @@ ZTP will be restarted. You may lose switch data and connectivity, continue? [y/N Running command: ztp run -y ``` -Go Back To [Beginning of the document](#SONiC-COMMAND-LINE-INTERFACE-GUIDE) or [Beginning of this section](#ztp-configuration-and-show-commands) \ No newline at end of file +Go Back To [Beginning of the document](#SONiC-COMMAND-LINE-INTERFACE-GUIDE) or [Beginning of this section](#ztp-configuration-and-show-commands) diff --git a/tests/portchannel_test.py b/tests/portchannel_test.py index 7c9a7b601c..9b187f13d5 100644 --- a/tests/portchannel_test.py +++ b/tests/portchannel_test.py @@ -1,4 +1,5 @@ import os +import pytest import traceback from click.testing import CliRunner @@ -60,7 +61,32 @@ def test_delete_non_existing_portchannel(self): print(result.output) assert result.exit_code != 0 assert "Error: PortChannel0005 is not present." in result.output - + + @pytest.mark.parametrize("fast_rate", ["False", "True", "false", "true"]) + def test_add_portchannel_with_fast_rate(self, fast_rate): + runner = CliRunner() + db = Db() + obj = {'db':db.cfgdb} + + # add a portchannel with fats rate + result = runner.invoke(config.config.commands["portchannel"].commands["add"], ["PortChannel0005", "--fast-rate", fast_rate], obj=obj) + print(result.exit_code) + print(result.output) + assert result.exit_code == 0 + + @pytest.mark.parametrize("fast_rate", ["Fls", "tru"]) + def test_add_portchannel_with_invalid_fast_rate(self, fast_rate): + runner = CliRunner() + db = Db() + obj = {'db':db.cfgdb} + + # add a portchannel with invalid fats rate + result = runner.invoke(config.config.commands["portchannel"].commands["add"], ["PortChannel0005", "--fast-rate", fast_rate], obj=obj) + print(result.exit_code) + print(result.output) + assert result.exit_code != 0 + assert 'Invalid value for "--fast-rate"' in result.output + def test_add_portchannel_member_with_invalid_name(self): runner = CliRunner() db = Db() From 9282e6c8848410e97fd3f2cd96a62edbf5ab6afe Mon Sep 17 00:00:00 2001 From: Hua Liu <58683130+liuh-80@users.noreply.github.com> Date: Mon, 15 Aug 2022 11:05:22 +0800 Subject: [PATCH 20/47] Fix vrf UT failed issue (#2309) #### What I did Fix VRF bind/unbind UT failed issue. #### How I did it Mock DBInterface.close() method. #### How to verify it Add new UT. Pass all UT. #### Previous command output (if the output of a command-line utility has changed) #### New command output (if the output of a command-line utility has changed) --- tests/ip_config_test.py | 12 ++++++++++++ tests/mock_tables/dbconnector.py | 3 +++ 2 files changed, 15 insertions(+) diff --git a/tests/ip_config_test.py b/tests/ip_config_test.py index 85a765bd65..7aed23deb9 100644 --- a/tests/ip_config_test.py +++ b/tests/ip_config_test.py @@ -177,6 +177,18 @@ def test_remove_interface_case_sensitive_mock_ipv6_w_apply_patch(self): print(result.exit_code, result.output) assert "converted ipv6 address to lowercase fc00::1~1126 with prefix /INTERFACE/Ethernet12| in value: /INTERFACE/Ethernet12|FC00::1~1126" in result.output + def test_intf_vrf_bind_unbind(self): + runner = CliRunner() + db = Db() + obj = {'config_db':db.cfgdb, 'namespace':db.db.namespace} + + result = runner.invoke(config.config.commands["interface"].commands["vrf"].commands["bind"], ["Ethernet64", "Vrf1"], obj=obj) + print(result.exit_code, result.output) + assert result.exit_code == 0 + + result = runner.invoke(config.config.commands["interface"].commands["vrf"].commands["unbind"], ["Ethernet64"], obj=obj) + print(result.exit_code, result.output) + assert result.exit_code == 0 @classmethod def teardown_class(cls): diff --git a/tests/mock_tables/dbconnector.py b/tests/mock_tables/dbconnector.py index f6db0d9794..4ccb392368 100644 --- a/tests/mock_tables/dbconnector.py +++ b/tests/mock_tables/dbconnector.py @@ -60,6 +60,8 @@ def connect_SonicV2Connector(self, db_name, retry_on=True): def _subscribe_keyspace_notification(self, db_name, client): pass +def mock_close(self, db_name): + pass def config_set(self, *args): pass @@ -201,6 +203,7 @@ def get(self, counter, name): swsssdk.interface.DBInterface._subscribe_keyspace_notification = _subscribe_keyspace_notification +swsssdk.interface.DBInterface.close = mock_close mockredis.MockRedis.config_set = config_set redis.StrictRedis = SwssSyncClient SonicV2Connector.connect = connect_SonicV2Connector From 20c6d18ac152333c39a8b186608cda341f2b99e7 Mon Sep 17 00:00:00 2001 From: byu343 Date: Tue, 16 Aug 2022 12:36:39 -0700 Subject: [PATCH 21/47] [decode-syseeprom] Fix setting use_db based on support_eeprom_db (#2270) What I did Set use_db after support_eeprom_db is determined. The issue was affecting platform Arista platforms, where db is not used for syseeprom. How to verify it Verified on dut by running "show platform syseeprom" and "decode-syseeprom -d" --- scripts/decode-syseeprom | 4 ++-- tests/decode_syseeprom_test.py | 9 +++++++++ 2 files changed, 11 insertions(+), 2 deletions(-) diff --git a/scripts/decode-syseeprom b/scripts/decode-syseeprom index eeb38306b0..3d0b8d1db9 100755 --- a/scripts/decode-syseeprom +++ b/scripts/decode-syseeprom @@ -228,8 +228,6 @@ def main(): (opts, args) = get_cmdline_opts() - use_db = opts.db and support_eeprom_db - # Get platform name platform = device_info.get_platform() @@ -238,6 +236,8 @@ def main(): if any(re.match(p, platform) for p in platforms_without_eeprom_db): support_eeprom_db = False + use_db = opts.db and support_eeprom_db + if opts.mgmtmac: print_mgmt_mac(use_db) elif opts.serial: diff --git a/tests/decode_syseeprom_test.py b/tests/decode_syseeprom_test.py index ae3801d369..50c7667453 100644 --- a/tests/decode_syseeprom_test.py +++ b/tests/decode_syseeprom_test.py @@ -192,3 +192,12 @@ def test_print_model(self, capsys): decode_syseeprom.print_model(True) captured = capsys.readouterr() assert captured.out == 'S6100-ON\n' + + @mock.patch('os.geteuid', lambda: 0) + @mock.patch('sonic_py_common.device_info.get_platform', lambda: 'arista') + @mock.patch('decode-syseeprom.read_and_print_eeprom') + @mock.patch('decode-syseeprom.read_eeprom_from_db') + def test_support_platforms_not_db_based(self, mockDbBased, mockNotDbBased): + decode_syseeprom.main() + assert mockNotDbBased.called + assert not mockDbBased.called From ece40494858f462b51ccedcda7ba5fd2bfd98f0d Mon Sep 17 00:00:00 2001 From: Petro Bratash Date: Wed, 17 Aug 2022 19:43:46 +0300 Subject: [PATCH 22/47] Fix bug with checking VRF's routes in route_check.py (#2301) * Create route_check.py compatible with VRF Signed-off-by: Petro Bratash --- scripts/route_check.py | 5 ++++- tests/route_check_test.py | 27 +++++++++++++++++++++++++++ 2 files changed, 31 insertions(+), 1 deletion(-) diff --git a/scripts/route_check.py b/scripts/route_check.py index fdbdd0a5f8..cc973e2e33 100755 --- a/scripts/route_check.py +++ b/scripts/route_check.py @@ -281,7 +281,10 @@ def get_routes(): valid_rt = [] for k in keys: - if not is_vrf(k) and not is_local(k): + if (is_vrf(k)): + k = k.split(":", 1)[1] + + if not is_local(k): valid_rt.append(add_prefix_ifnot(k.lower())) print_message(syslog.LOG_DEBUG, json.dumps({"ROUTE_TABLE": sorted(valid_rt)}, indent=4)) diff --git a/tests/route_check_test.py b/tests/route_check_test.py index b4fd3ce17d..63eaed1608 100644 --- a/tests/route_check_test.py +++ b/tests/route_check_test.py @@ -293,6 +293,33 @@ } } } + }, + "7": { + DESCR: "Good one with VRF routes", + ARGS: "route_check", + PRE: { + APPL_DB: { + ROUTE_TABLE: { + "Vrf1:0.0.0.0/0" : { "ifname": "portchannel0" }, + "Vrf1:10.10.196.12/31" : { "ifname": "portchannel0" }, + "Vrf1:10.10.196.20/31" : { "ifname": "portchannel0" } + }, + INTF_TABLE: { + "PortChannel1013:10.10.196.24/31": {}, + "PortChannel1023:2603:10b0:503:df4::5d/126": {}, + "PortChannel1024": {} + } + }, + ASIC_DB: { + RT_ENTRY_TABLE: { + RT_ENTRY_KEY_PREFIX + "10.10.196.12/31" + RT_ENTRY_KEY_SUFFIX: {}, + RT_ENTRY_KEY_PREFIX + "10.10.196.20/31" + RT_ENTRY_KEY_SUFFIX: {}, + RT_ENTRY_KEY_PREFIX + "10.10.196.24/32" + RT_ENTRY_KEY_SUFFIX: {}, + RT_ENTRY_KEY_PREFIX + "2603:10b0:503:df4::5d/128" + RT_ENTRY_KEY_SUFFIX: {}, + RT_ENTRY_KEY_PREFIX + "0.0.0.0/0" + RT_ENTRY_KEY_SUFFIX: {} + } + } + } } } From 6fc4f154ff4f43743b12c0ba439bcf193a7c8e85 Mon Sep 17 00:00:00 2001 From: anilkpan <64167306+anilkpan@users.noreply.github.com> Date: Wed, 17 Aug 2022 21:53:45 -0700 Subject: [PATCH 23/47] Delete .DS_Store (#2244) Co-authored-by: anilkpan <47642449+anilkpan@users.noreply.github.com> --- .DS_Store | Bin 8196 -> 0 bytes 1 file changed, 0 insertions(+), 0 deletions(-) delete mode 100644 .DS_Store diff --git a/.DS_Store b/.DS_Store deleted file mode 100644 index 086dfbd517c95b222012476f009e218fea570c3a..0000000000000000000000000000000000000000 GIT binary patch literal 0 HcmV?d00001 literal 8196 zcmeHMU2GIp6u#fIl^HwGp%y6UWVcoU%Mx0sRDyBw}Z?96U~ zidN%;ioEz>h!}q!jQV2KAYgnm{t$gI(ME!ai9Zh}{=8^JO-%IMxwC|}^o@$4FQm~JMIeg6yo>Licz|FI8y3h5#d*+L_{YIX24hpr76`=3B1g?J;v6(IKtEBNyAV zuCps=a(QpowezEnH>54jrtNIrPWxuFZFgBmP2yE}*_>eAkV z>0NVf22R{WlhJhoC5GT{0;N{xnOOFR=t4*#JsH-i4FNkq%vR=#;I?Z&p zo~77!Hq3Htf}LO|*~{!SJHyVhkJxAI0{fc%zaYQg z*oY>iumd~Mfk7BBaR4J2MFHbDf}?l@PvA)$$J2NQr|>*pz>9blZ{jVyjrZ^YKE%g3 zj|=z)KjJ6+jNfqyf8sBxR9Yx4k}9McsZLrWC8RAq-x~Xc((q-}6>((_=mR&}j0BI4ISK>W@ z__V|bARfSACOk#rsj(i)0rT)&`KK-5xhhZb)it-OF|CZUL`+w%qUjBkA!52F5sPUO zC8n6xH^fw}gwjq4bjuSlHN3oQld5W^lzu{Tk4{q-PMTZD2u~*YTEY4g_657hzGc4< ztp7nN6jY-ItFV?}yamk!T+z#G`mDfb|JH zi<5XR0QV~d?bq-+LHjh$;4IGJUA&J^F@=lxZU$(#PX{f&pAOnWSI)6r=KyhwFrTh4 zPi7^;&uU)(x6S?if1X4max;p+{EPrfQ(dVR@_nw|kk{IA>ciA| Date: Fri, 19 Aug 2022 00:44:06 +0800 Subject: [PATCH 24/47] Fix issue: exception in is_rj45_port in multi ASIC env (#2313) * Fix issue: exception in is_rj45_port in multi ASIC env Signed-off-by: Stephen Sun --- utilities_common/platform_sfputil_helper.py | 7 ++++--- 1 file changed, 4 insertions(+), 3 deletions(-) diff --git a/utilities_common/platform_sfputil_helper.py b/utilities_common/platform_sfputil_helper.py index b4c819b4d8..17a5bdcf1e 100644 --- a/utilities_common/platform_sfputil_helper.py +++ b/utilities_common/platform_sfputil_helper.py @@ -131,10 +131,11 @@ def is_rj45_port(port_name): if not platform_porttab_mapping_read: platform_sfputil_read_porttab_mappings() - physical_port = logical_port_name_to_physical_port_list(port_name)[0] try: - port_type = platform_chassis.get_port_or_cage_type(physical_port) - except NotImplementedError as e: + physical_port = logical_port_name_to_physical_port_list(port_name) + if physical_port: + port_type = platform_chassis.get_port_or_cage_type(physical_port[0]) + except Exception as e: port_type = None return port_type == platform_sfp_base.SFP_PORT_TYPE_BIT_RJ45 From e14f679148159d7dc3f10fa2662fb8f7b202c3fc Mon Sep 17 00:00:00 2001 From: Stephen Sun <5379172+stephenxs@users.noreply.github.com> Date: Sat, 20 Aug 2022 23:29:07 +0800 Subject: [PATCH 25/47] Fix issue: port_type is referenced before initialized (#2323) Signed-off-by: Stephen Sun --- utilities_common/platform_sfputil_helper.py | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/utilities_common/platform_sfputil_helper.py b/utilities_common/platform_sfputil_helper.py index 17a5bdcf1e..d73e9dd131 100644 --- a/utilities_common/platform_sfputil_helper.py +++ b/utilities_common/platform_sfputil_helper.py @@ -131,12 +131,13 @@ def is_rj45_port(port_name): if not platform_porttab_mapping_read: platform_sfputil_read_porttab_mappings() + port_type = None try: physical_port = logical_port_name_to_physical_port_list(port_name) if physical_port: port_type = platform_chassis.get_port_or_cage_type(physical_port[0]) except Exception as e: - port_type = None + pass return port_type == platform_sfp_base.SFP_PORT_TYPE_BIT_RJ45 From 7d409a00a49748fab289e65045632de2017b3175 Mon Sep 17 00:00:00 2001 From: Khubaib Ahmad Qureshy Date: Thu, 25 Aug 2022 00:07:16 +0500 Subject: [PATCH 26/47] Update VRF unbind command (#2331) *Update vrf unbind command in Command-References.md --- doc/Command-Reference.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/doc/Command-Reference.md b/doc/Command-Reference.md index 4d30c3b2b1..45109fcdb6 100644 --- a/doc/Command-Reference.md +++ b/doc/Command-Reference.md @@ -4484,7 +4484,7 @@ This will move the interface to default vrf. - Usage: ``` - config interface vrf unbind + config interface vrf unbind ``` ### Interface vrf binding show commands From d1a2d72270d4848ad92415b478828b72bc0a2bb6 Mon Sep 17 00:00:00 2001 From: Wei Liu <107450383+weiliu-ivy@users.noreply.github.com> Date: Thu, 25 Aug 2022 04:57:09 +0800 Subject: [PATCH 27/47] correct an error by changing "show bgp summary" to "show bfd summary" (#2324) * Update Command-Reference.md to correct an error by changing "show bgp summary" to "show bfd summary" --- doc/Command-Reference.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/doc/Command-Reference.md b/doc/Command-Reference.md index 45109fcdb6..de0b216347 100644 --- a/doc/Command-Reference.md +++ b/doc/Command-Reference.md @@ -1583,7 +1583,7 @@ This command displays the state and key parameters of all BFD sessions. - Usage: ``` - show bgp summary + show bfd summary ``` - Example: ``` From 42ed6d5d460cf9c4515ae3b80834daa26ece3804 Mon Sep 17 00:00:00 2001 From: Ze Gan Date: Thu, 25 Aug 2022 10:32:03 +0800 Subject: [PATCH 28/47] [service_mgmt]: Fix fetch MULTI_INST_DEPENDENT bug in service_mgmt.sh.j2 (#2319) What I did Fix an obvious script typo in service_mgmt.sh.j2 to fetch the MULTI_INST_DEPENDENT Signed-off-by: Ze Gan --- sonic-utilities-data/templates/service_mgmt.sh.j2 | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/sonic-utilities-data/templates/service_mgmt.sh.j2 b/sonic-utilities-data/templates/service_mgmt.sh.j2 index e46ba47380..d206049015 100644 --- a/sonic-utilities-data/templates/service_mgmt.sh.j2 +++ b/sonic-utilities-data/templates/service_mgmt.sh.j2 @@ -28,7 +28,7 @@ if [[ -f /etc/sonic/${SERVICE}_dependent ]]; then fi if [[ -f /etc/sonic/${SERVICE}_multi_inst_dependent ]]; then - MULTI_INST_DEPENDENT="${MULTI_INST_DEPENDENT} cat /etc/sonic/${SERVICE}_multi_inst_dependent" + MULTI_INST_DEPENDENT="${MULTI_INST_DEPENDENT} $(cat /etc/sonic/${SERVICE}_multi_inst_dependent)" fi function debug() From 52ac8ac09705ffe4464ffd36dd5060537f9b40ec Mon Sep 17 00:00:00 2001 From: Stephen Sun <5379172+stephenxs@users.noreply.github.com> Date: Fri, 26 Aug 2022 05:26:02 +0800 Subject: [PATCH 29/47] Handle non-front-panel ports in is_rj45_port (#2327) * Handle non-front-panel ports in is_rj45_port Handle the cases that a port is not a front-panel port in is_rj45_port Add mock test to cover the logic Signed-off-by: Stephen Sun * Use APIs in sonic_platform_base Signed-off-by: Stephen Sun Signed-off-by: Stephen Sun --- utilities_common/platform_sfputil_helper.py | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/utilities_common/platform_sfputil_helper.py b/utilities_common/platform_sfputil_helper.py index d73e9dd131..89ade3fc04 100644 --- a/utilities_common/platform_sfputil_helper.py +++ b/utilities_common/platform_sfputil_helper.py @@ -133,7 +133,7 @@ def is_rj45_port(port_name): port_type = None try: - physical_port = logical_port_name_to_physical_port_list(port_name) + physical_port = platform_sfputil.logical_port_name_to_physical_port_list(port_name) if physical_port: port_type = platform_chassis.get_port_or_cage_type(physical_port[0]) except Exception as e: From 666bdc0a1f84ba12056b3afae18603b0230e1398 Mon Sep 17 00:00:00 2001 From: Christian Svensson Date: Fri, 26 Aug 2022 23:04:39 +0200 Subject: [PATCH 30/47] [sonic-package-manager] Drop 'expires_in' (#2002) #### What I did The 'expires_in' attribute for tokens is defined as optional and some Docker repositories (notably ghcr.io) do not set it. #### How I did it Since 'expires_in' is not used anywhere in the code, we simply drop it. #### How to verify it Try to install a SONiC package from `ghcr.io`. E.g.: ``` sudo sonic-package-manager install --from-repository ghcr.io/kamelnetworks/sonic_exporter:main ``` #### Previous command output (if the output of a command-line utility has changed) ``` ghcr.io/kamelnetworks/sonic_exporter:main is going to be installed, continue? [y/N]: y Failed to install ghcr.io/kamelnetworks/sonic_exporter:main: 'expires_in' ``` #### New command output (if the output of a command-line utility has changed) Output as expected --- sonic_package_manager/registry.py | 3 +-- 1 file changed, 1 insertion(+), 2 deletions(-) diff --git a/sonic_package_manager/registry.py b/sonic_package_manager/registry.py index 5cac5469bf..7351323570 100644 --- a/sonic_package_manager/registry.py +++ b/sonic_package_manager/registry.py @@ -43,10 +43,9 @@ def get_token(bearer: Dict) -> str: content = json.loads(response.content) token = content['token'] - expires_in = content['expires_in'] log.debug(f'authentication token for bearer={bearer}: ' - f'token={token} expires_in={expires_in}') + f'token={token}') return token From f82835ed9607aec4c94526188122d165b1d45f3d Mon Sep 17 00:00:00 2001 From: Ze Gan Date: Sat, 27 Aug 2022 09:38:25 +0800 Subject: [PATCH 31/47] [doc]: Add MACsec CLI doc (#2334) What I did Add usage and example of MACsec CLI into doc. How I did it Add usage and example of MACsec CLI into doc. Signed-off-by: Ze Gan --- doc/Command-Reference.md | 253 +++++++++++++++++++++++++++++++++++++++ 1 file changed, 253 insertions(+) diff --git a/doc/Command-Reference.md b/doc/Command-Reference.md index de0b216347..36231e3e80 100644 --- a/doc/Command-Reference.md +++ b/doc/Command-Reference.md @@ -186,6 +186,11 @@ * [ZTP Configuration And Show Commands](#ztp-configuration-and-show-commands) * [ ZTP show commands](#ztp-show-commands) * [ZTP configuration commands](#ztp-configuration-commands) +* [MACsec Commands](#macsec-commands) + * [MACsec config command](#macsec-config-command) + * [MACsec show command](#macsec-show-command) + * [MACsec clear command](#macsec-clear-command) + ## Document History @@ -11022,3 +11027,251 @@ Running command: ztp run -y ``` Go Back To [Beginning of the document](#SONiC-COMMAND-LINE-INTERFACE-GUIDE) or [Beginning of this section](#ztp-configuration-and-show-commands) + +# MACsec Commands + +This sub-section explains the list of the configuration options available for MACsec. MACsec feature is as a plugin to SONiC, So please install MACsec package before using MACsec commands. + +## MACsec config command + +- Add MACsec profile +``` +admin@sonic:~$ sudo config macsec profile add --help +Usage: config macsec profile add [OPTIONS] + + Add MACsec profile + +Options: + --priority For Key server election. In 0-255 range with + 0 being the highest priority. [default: + 255] + --cipher_suite The cipher suite for MACsec. [default: GCM- + AES-128] + --primary_cak Primary Connectivity Association Key. + [required] + --primary_ckn Primary CAK Name. [required] + --policy MACsec policy. INTEGRITY_ONLY: All traffic, + except EAPOL, will be converted to MACsec + packets without encryption. SECURITY: All + traffic, except EAPOL, will be encrypted by + SecY. [default: security] + --enable_replay_protect / --disable_replay_protect + Whether enable replay protect. [default: + False] + --replay_window + Replay window size that is the number of + packets that could be out of order. This + field works only if ENABLE_REPLAY_PROTECT is + true. [default: 0] + --send_sci / --no_send_sci Send SCI in SecTAG field of MACsec header. + [default: True] + --rekey_period The period of proactively refresh (Unit + second). [default: 0] + -?, -h, --help Show this message and exit. +``` + +- Delete MACsec profile +``` +admin@sonic:~$ sudo config macsec profile del --help +Usage: config macsec profile del [OPTIONS] + + Delete MACsec profile + +Options: + -?, -h, --help Show this message and exit. +``` + +- Enable MACsec on the port +``` +admin@sonic:~$ sudo config macsec port add --help +Usage: config macsec port add [OPTIONS] + + Add MACsec port + +Options: + -?, -h, --help Show this message and exit. +``` + + +- Disable MACsec on the port +``` +admin@sonic:~$ sudo config macsec port del --help +Usage: config macsec port del [OPTIONS] + + Delete MACsec port + +Options: + -?, -h, --help Show this message and exit. + +``` + + +## MACsec show command + +- Show MACsec + +``` +admin@vlab-02:~$ show macsec --help +Usage: show macsec [OPTIONS] [INTERFACE_NAME] + +Options: + -d, --display [all] Show internal interfaces [default: all] + -n, --namespace [] Namespace name or all + -h, -?, --help Show this message and exit. + +``` + +``` +admin@vlab-02:~$ show macsec +MACsec port(Ethernet0) +--------------------- ----------- +cipher_suite GCM-AES-256 +enable true +enable_encrypt true +enable_protect true +enable_replay_protect false +replay_window 0 +send_sci true +--------------------- ----------- + MACsec Egress SC (5254008f4f1c0001) + ----------- - + encoding_an 2 + ----------- - + MACsec Egress SA (1) + ------------------------------------- ---------------------------------------------------------------- + auth_key 849B69D363E2B0AA154BEBBD7C1D9487 + next_pn 1 + sak AE8C9BB36EA44B60375E84BC8E778596289E79240FDFA6D7BA33D3518E705A5E + salt 000000000000000000000000 + ssci 0 + SAI_MACSEC_SA_ATTR_CURRENT_XPN 179 + SAI_MACSEC_SA_STAT_OCTETS_ENCRYPTED 0 + SAI_MACSEC_SA_STAT_OCTETS_PROTECTED 0 + SAI_MACSEC_SA_STAT_OUT_PKTS_ENCRYPTED 0 + SAI_MACSEC_SA_STAT_OUT_PKTS_PROTECTED 0 + ------------------------------------- ---------------------------------------------------------------- + MACsec Egress SA (2) + ------------------------------------- ---------------------------------------------------------------- + auth_key 5A8B8912139551D3678B43DD0F10FFA5 + next_pn 1 + sak 7F2651140F12C434F782EF9AD7791EE2CFE2BF315A568A48785E35FC803C9DB6 + salt 000000000000000000000000 + ssci 0 + SAI_MACSEC_SA_ATTR_CURRENT_XPN 87185 + SAI_MACSEC_SA_STAT_OCTETS_ENCRYPTED 0 + SAI_MACSEC_SA_STAT_OCTETS_PROTECTED 0 + SAI_MACSEC_SA_STAT_OUT_PKTS_ENCRYPTED 0 + SAI_MACSEC_SA_STAT_OUT_PKTS_PROTECTED 0 + ------------------------------------- ---------------------------------------------------------------- + MACsec Ingress SC (525400edac5b0001) + MACsec Ingress SA (1) + --------------------------------------- ---------------------------------------------------------------- + active true + auth_key 849B69D363E2B0AA154BEBBD7C1D9487 + lowest_acceptable_pn 1 + sak AE8C9BB36EA44B60375E84BC8E778596289E79240FDFA6D7BA33D3518E705A5E + salt 000000000000000000000000 + ssci 0 + SAI_MACSEC_SA_ATTR_CURRENT_XPN 103 + SAI_MACSEC_SA_STAT_IN_PKTS_DELAYED 0 + SAI_MACSEC_SA_STAT_IN_PKTS_INVALID 0 + SAI_MACSEC_SA_STAT_IN_PKTS_LATE 0 + SAI_MACSEC_SA_STAT_IN_PKTS_NOT_USING_SA 0 + SAI_MACSEC_SA_STAT_IN_PKTS_NOT_VALID 0 + SAI_MACSEC_SA_STAT_IN_PKTS_OK 0 + SAI_MACSEC_SA_STAT_IN_PKTS_UNCHECKED 0 + SAI_MACSEC_SA_STAT_IN_PKTS_UNUSED_SA 0 + SAI_MACSEC_SA_STAT_OCTETS_ENCRYPTED 0 + SAI_MACSEC_SA_STAT_OCTETS_PROTECTED 0 + --------------------------------------- ---------------------------------------------------------------- + MACsec Ingress SA (2) + --------------------------------------- ---------------------------------------------------------------- + active true + auth_key 5A8B8912139551D3678B43DD0F10FFA5 + lowest_acceptable_pn 1 + sak 7F2651140F12C434F782EF9AD7791EE2CFE2BF315A568A48785E35FC803C9DB6 + salt 000000000000000000000000 + ssci 0 + SAI_MACSEC_SA_ATTR_CURRENT_XPN 91824 + SAI_MACSEC_SA_STAT_IN_PKTS_DELAYED 0 + SAI_MACSEC_SA_STAT_IN_PKTS_INVALID 0 + SAI_MACSEC_SA_STAT_IN_PKTS_LATE 0 + SAI_MACSEC_SA_STAT_IN_PKTS_NOT_USING_SA 0 + SAI_MACSEC_SA_STAT_IN_PKTS_NOT_VALID 0 + SAI_MACSEC_SA_STAT_IN_PKTS_OK 0 + SAI_MACSEC_SA_STAT_IN_PKTS_UNCHECKED 0 + SAI_MACSEC_SA_STAT_IN_PKTS_UNUSED_SA 0 + SAI_MACSEC_SA_STAT_OCTETS_ENCRYPTED 0 + SAI_MACSEC_SA_STAT_OCTETS_PROTECTED 0 + --------------------------------------- ---------------------------------------------------------------- +MACsec port(Ethernet1) +--------------------- ----------- +cipher_suite GCM-AES-256 +enable true +enable_encrypt true +enable_protect true +enable_replay_protect false +replay_window 0 +send_sci true +--------------------- ----------- + MACsec Egress SC (5254008f4f1c0001) + ----------- - + encoding_an 1 + ----------- - + MACsec Egress SA (1) + ------------------------------------- ---------------------------------------------------------------- + auth_key 35FC8F2C81BCA28A95845A4D2A1EE6EF + next_pn 1 + sak 1EC8572B75A840BA6B3833DC550C620D2C65BBDDAD372D27A1DFEB0CD786671B + salt 000000000000000000000000 + ssci 0 + SAI_MACSEC_SA_ATTR_CURRENT_XPN 4809 + SAI_MACSEC_SA_STAT_OCTETS_ENCRYPTED 0 + SAI_MACSEC_SA_STAT_OCTETS_PROTECTED 0 + SAI_MACSEC_SA_STAT_OUT_PKTS_ENCRYPTED 0 + SAI_MACSEC_SA_STAT_OUT_PKTS_PROTECTED 0 + ------------------------------------- ---------------------------------------------------------------- + MACsec Ingress SC (525400edac5b0001) + MACsec Ingress SA (1) + --------------------------------------- ---------------------------------------------------------------- + active true + auth_key 35FC8F2C81BCA28A95845A4D2A1EE6EF + lowest_acceptable_pn 1 + sak 1EC8572B75A840BA6B3833DC550C620D2C65BBDDAD372D27A1DFEB0CD786671B + salt 000000000000000000000000 + ssci 0 + SAI_MACSEC_SA_ATTR_CURRENT_XPN 5033 + SAI_MACSEC_SA_STAT_IN_PKTS_DELAYED 0 + SAI_MACSEC_SA_STAT_IN_PKTS_INVALID 0 + SAI_MACSEC_SA_STAT_IN_PKTS_LATE 0 + SAI_MACSEC_SA_STAT_IN_PKTS_NOT_USING_SA 0 + SAI_MACSEC_SA_STAT_IN_PKTS_NOT_VALID 0 + SAI_MACSEC_SA_STAT_IN_PKTS_OK 0 + SAI_MACSEC_SA_STAT_IN_PKTS_UNCHECKED 0 + SAI_MACSEC_SA_STAT_IN_PKTS_UNUSED_SA 0 + SAI_MACSEC_SA_STAT_OCTETS_ENCRYPTED 0 + SAI_MACSEC_SA_STAT_OCTETS_PROTECTED 0 + --------------------------------------- ---------------------------------------------------------------- +``` + +## MACsec clear command + +Clear MACsec counters which is to reset all MACsec counters to ZERO. + +``` +admin@sonic:~$ sonic-clear macsec --help +Usage: sonic-clear macsec [OPTIONS] + + Clear MACsec counts. This clear command will generated a cache for next + show commands which will base on this cache as the zero baseline to show + the increment of counters. + +Options: + --clean-cache BOOLEAN If the option of clean cache is true, next show + commands will show the raw counters which based on + the service booted instead of the last clear command. + -h, -?, --help Show this message and exit. +``` + + + From e45b47a2d177f37956d7a74e5215be058704f077 Mon Sep 17 00:00:00 2001 From: Sudharsan Dhamal Gopalarathnam Date: Mon, 29 Aug 2022 06:26:23 -0700 Subject: [PATCH 32/47] [VRF]Adding CLI checks to ensure Vrf is valid in interface bind and static route commands (#2333) - What I did Added CLI checks to verify if Vrf is created and valid when used in interface bind and static route commands - How I did it Check for presence of Vrf in VRF table or in case if it is mgmt vrf, verify if mgmt vrf is enabled/ - How to verify it Added UT to verify it. --- config/main.py | 21 +++++++++++++++++++++ tests/ip_config_test.py | 35 +++++++++++++++++++++++++++++++++++ tests/static_routes_test.py | 13 +++++++++++++ 3 files changed, 69 insertions(+) diff --git a/config/main.py b/config/main.py index 49713d1cc7..c11b6132ce 100644 --- a/config/main.py +++ b/config/main.py @@ -369,6 +369,19 @@ def get_interface_ipaddresses(config_db, interface_name): return ipaddresses +def is_vrf_exists(config_db, vrf_name): + """Check if VRF exists + """ + keys = config_db.get_keys("VRF") + if vrf_name in keys: + return True + elif vrf_name == "mgmt": + entry = config_db.get_entry("MGMT_VRF_CONFIG", "vrf_global") + if entry and entry.get("mgmtVrfEnabled") == "true": + return True + + return False + def is_interface_bind_to_vrf(config_db, interface_name): """Get interface if bind to vrf or not """ @@ -986,6 +999,7 @@ def cli_sroute_to_config(ctx, command_str, strict_nh = True): nexthop_str = None config_entry = {} vrf_name = "" + config_db = ctx.obj['config_db'] if "nexthop" in command_str: idx = command_str.index("nexthop") @@ -998,6 +1012,8 @@ def cli_sroute_to_config(ctx, command_str, strict_nh = True): if 'prefix' in prefix_str and 'vrf' in prefix_str: # prefix_str: ['prefix', 'vrf', Vrf-name, ip] vrf_name = prefix_str[2] + if not is_vrf_exists(config_db, vrf_name): + ctx.fail("VRF %s does not exist!"%(vrf_name)) ip_prefix = prefix_str[3] elif 'prefix' in prefix_str: # prefix_str: ['prefix', ip] @@ -1009,6 +1025,8 @@ def cli_sroute_to_config(ctx, command_str, strict_nh = True): if 'nexthop' in nexthop_str and 'vrf' in nexthop_str: # nexthop_str: ['nexthop', 'vrf', Vrf-name, ip] config_entry["nexthop"] = nexthop_str[3] + if not is_vrf_exists(config_db, nexthop_str[2]): + ctx.fail("VRF %s does not exist!"%(nexthop_str[2])) config_entry["nexthop-vrf"] = nexthop_str[2] elif 'nexthop' in nexthop_str and 'dev' in nexthop_str: # nexthop_str: ['nexthop', 'dev', ifname] @@ -4883,6 +4901,9 @@ def bind(ctx, interface_name, vrf_name): if interface_name is None: ctx.fail("'interface_name' is None!") + if not is_vrf_exists(config_db, vrf_name): + ctx.fail("VRF %s does not exist!"%(vrf_name)) + table_name = get_interface_table_name(interface_name) if table_name == "": ctx.fail("'interface_name' is not valid. Valid names [Ethernet/PortChannel/Vlan/Loopback]") diff --git a/tests/ip_config_test.py b/tests/ip_config_test.py index 7aed23deb9..17b49b2a8e 100644 --- a/tests/ip_config_test.py +++ b/tests/ip_config_test.py @@ -15,6 +15,20 @@ ERROR_MSG = "Error: IP address is not valid" +INVALID_VRF_MSG ="""\ +Usage: bind [OPTIONS] +Try "bind --help" for help. + +Error: VRF Vrf2 does not exist! +""" + +INVALID_MGMT_VRF_MSG ="""\ +Usage: bind [OPTIONS] +Try "bind --help" for help. + +Error: VRF mgmt does not exist! +""" + class TestConfigIP(object): @classmethod def setup_class(cls): @@ -190,6 +204,27 @@ def test_intf_vrf_bind_unbind(self): print(result.exit_code, result.output) assert result.exit_code == 0 + def test_intf_unknown_vrf_bind(self): + runner = CliRunner() + db = Db() + obj = {'config_db':db.cfgdb, 'namespace':db.db.namespace} + + result = runner.invoke(config.config.commands["interface"].commands["vrf"].commands["bind"], ["Ethernet64", "Vrf2"], obj=obj) + print(result.exit_code, result.output) + assert result.exit_code != 0 + assert result.output == INVALID_VRF_MSG + + result = runner.invoke(config.config.commands["interface"].commands["vrf"].commands["bind"], ["Ethernet64", "mgmt"], obj=obj) + print(result.exit_code, result.output) + assert result.exit_code != 0 + assert result.output == INVALID_MGMT_VRF_MSG + + result = runner.invoke(config.config.commands["vrf"].commands["add"], ["mgmt"], obj=obj) + print(result.exit_code, result.output) + result = runner.invoke(config.config.commands["interface"].commands["vrf"].commands["bind"], ["Ethernet64", "mgmt"], obj=obj) + print(result.exit_code, result.output) + assert result.exit_code == 0 + @classmethod def teardown_class(cls): os.environ['UTILITIES_UNIT_TESTING'] = "0" diff --git a/tests/static_routes_test.py b/tests/static_routes_test.py index 4d60c3ef0c..fc7371b344 100644 --- a/tests/static_routes_test.py +++ b/tests/static_routes_test.py @@ -93,6 +93,8 @@ def test_vrf_static_route(self): obj = {'config_db':db.cfgdb} # config route add prefix vrf Vrf-BLUE 2.2.3.4/32 nexthop 30.0.0.6 + result = runner.invoke(config.config.commands["vrf"].commands["add"], ["Vrf-BLUE"], obj=obj) + print(result.exit_code, result.output) result = runner.invoke(config.config.commands["route"].commands["add"], \ ["prefix", "vrf", "Vrf-BLUE", "2.2.3.4/32", "nexthop", "30.0.0.6"], obj=obj) print(result.exit_code, result.output) @@ -111,9 +113,12 @@ def test_dest_vrf_static_route(self): obj = {'config_db':db.cfgdb} # config route add prefix 3.2.3.4/32 nexthop vrf Vrf-RED 30.0.0.6 + result = runner.invoke(config.config.commands["vrf"].commands["add"], ["Vrf-RED"], obj=obj) + print(result.exit_code, result.output) result = runner.invoke(config.config.commands["route"].commands["add"], \ ["prefix", "3.2.3.4/32", "nexthop", "vrf", "Vrf-RED", "30.0.0.6"], obj=obj) print(result.exit_code, result.output) + print(db.cfgdb.get_table('STATIC_ROUTE')) assert ('3.2.3.4/32') in db.cfgdb.get_table('STATIC_ROUTE') assert db.cfgdb.get_entry('STATIC_ROUTE', '3.2.3.4/32') == {'nexthop': '30.0.0.6', 'nexthop-vrf': 'Vrf-RED', 'blackhole': 'false', 'distance': '0', 'ifname': ''} @@ -129,6 +134,8 @@ def test_multiple_nexthops_with_vrf_static_route(self): obj = {'config_db':db.cfgdb} ''' Add ''' + result = runner.invoke(config.config.commands["vrf"].commands["add"], ["Vrf-RED"], obj=obj) + print(result.exit_code, result.output) # config route add prefix 6.2.3.4/32 nexthop vrf Vrf-RED "30.0.0.6,30.0.0.7" result = runner.invoke(config.config.commands["route"].commands["add"], \ ["prefix", "6.2.3.4/32", "nexthop", "vrf", "Vrf-RED", "30.0.0.6,30.0.0.7"], obj=obj) @@ -251,6 +258,8 @@ def test_static_route_ECMP_nexthop_with_vrf(self): obj = {'config_db':db.cfgdb} ''' Add ''' + result = runner.invoke(config.config.commands["vrf"].commands["add"], ["Vrf-RED"], obj=obj) + print(result.exit_code, result.output) # config route add prefix 11.2.3.4/32 nexthop vrf Vrf-RED 30.0.0.5 result = runner.invoke(config.config.commands["route"].commands["add"], \ ["prefix", "11.2.3.4/32", "nexthop", "vrf", "Vrf-RED", "30.0.0.5"], obj=obj) @@ -258,6 +267,8 @@ def test_static_route_ECMP_nexthop_with_vrf(self): assert ('11.2.3.4/32') in db.cfgdb.get_table('STATIC_ROUTE') assert db.cfgdb.get_entry('STATIC_ROUTE', '11.2.3.4/32') == {'nexthop': '30.0.0.5', 'nexthop-vrf': 'Vrf-RED', 'blackhole': 'false', 'distance': '0', 'ifname': ''} + result = runner.invoke(config.config.commands["vrf"].commands["add"], ["Vrf-BLUE"], obj=obj) + print(result.exit_code, result.output) # config route add prefix 11.2.3.4/32 nexthop vrf Vrf-BLUE 30.0.0.6 result = runner.invoke(config.config.commands["route"].commands["add"], \ ["prefix", "11.2.3.4/32", "nexthop", "vrf", "Vrf-BLUE", "30.0.0.6"], obj=obj) @@ -292,6 +303,8 @@ def test_static_route_ECMP_mixed_nextfop(self): assert ('12.2.3.4/32') in db.cfgdb.get_table('STATIC_ROUTE') assert db.cfgdb.get_entry('STATIC_ROUTE', '12.2.3.4/32') == {'nexthop': '30.0.0.6', 'blackhole': 'false', 'distance': '0', 'ifname': '', 'nexthop-vrf': ''} + result = runner.invoke(config.config.commands["vrf"].commands["add"], ["Vrf-RED"], obj=obj) + print(result.exit_code, result.output) # config route add prefix 12.2.3.4/32 nexthop vrf Vrf-RED 30.0.0.7 result = runner.invoke(config.config.commands["route"].commands["add"], \ ["prefix", "12.2.3.4/32", "nexthop", "vrf", "Vrf-RED", "30.0.0.7"], obj=obj) From 899ba12d9e1326403109a17eaa47f72aef648430 Mon Sep 17 00:00:00 2001 From: Preetham <51771885+preetham-singh@users.noreply.github.com> Date: Tue, 30 Aug 2022 03:38:08 +0530 Subject: [PATCH 33/47] Subinterface vrf bind issue fix (#2211) * Add support to configure routed subinterface in short name and long name format * Update "show subniterface status" to reflect subinterface in user configured long name and short name format. --- config/main.py | 31 ++++- tests/intfutil_test.py | 18 ++- tests/ip_config_test.py | 44 +++++++ tests/mock_tables/appl_db.json | 26 ++++ tests/mock_tables/config_db.json | 15 +++ tests/show_vrf_test.py | 87 +++++++++++++ tests/subintf_test.py | 210 +++++++++++++++++++++++++++++++ tests/vrf_input/config_db.json | 5 + 8 files changed, 433 insertions(+), 3 deletions(-) create mode 100644 tests/subintf_test.py diff --git a/config/main.py b/config/main.py index c11b6132ce..53180cf519 100644 --- a/config/main.py +++ b/config/main.py @@ -4914,6 +4914,11 @@ def bind(ctx, interface_name, vrf_name): interface_addresses = get_interface_ipaddresses(config_db, interface_name) for ipaddress in interface_addresses: remove_router_interface_ip_address(config_db, interface_name, ipaddress) + if table_name == "VLAN_SUB_INTERFACE": + subintf_entry = config_db.get_entry(table_name, interface_name) + if 'vrf_name' in subintf_entry: + subintf_entry.pop('vrf_name') + config_db.set_entry(table_name, interface_name, None) # When config_db del entry and then add entry with same key, the DEL will lost. if ctx.obj['namespace'] is DEFAULT_NAMESPACE: @@ -4925,7 +4930,11 @@ def bind(ctx, interface_name, vrf_name): while state_db.exists(state_db.STATE_DB, _hash): time.sleep(0.01) state_db.close(state_db.STATE_DB) - config_db.set_entry(table_name, interface_name, {"vrf_name": vrf_name}) + if table_name == "VLAN_SUB_INTERFACE": + subintf_entry['vrf_name'] = vrf_name + config_db.set_entry(table_name, interface_name, subintf_entry) + else: + config_db.set_entry(table_name, interface_name, {"vrf_name": vrf_name}) # # 'unbind' subcommand @@ -4947,12 +4956,21 @@ def unbind(ctx, interface_name): table_name = get_interface_table_name(interface_name) if table_name == "": ctx.fail("'interface_name' is not valid. Valid names [Ethernet/PortChannel/Vlan/Loopback]") + if is_interface_bind_to_vrf(config_db, interface_name) is False: return + if table_name == "VLAN_SUB_INTERFACE": + subintf_entry = config_db.get_entry(table_name, interface_name) + if 'vrf_name' in subintf_entry: + subintf_entry.pop('vrf_name') + interface_ipaddresses = get_interface_ipaddresses(config_db, interface_name) for ipaddress in interface_ipaddresses: remove_router_interface_ip_address(config_db, interface_name, ipaddress) - config_db.set_entry(table_name, interface_name, None) + if table_name == "VLAN_SUB_INTERFACE": + config_db.set_entry(table_name, interface_name, subintf_entry) + else: + config_db.set_entry(table_name, interface_name, None) # # 'ipv6' subgroup ('config interface ipv6 ...') @@ -6677,6 +6695,13 @@ def subintf_vlan_check(config_db, parent_intf, vlan): return True return False +def is_subintf_shortname(intf): + if VLAN_SUB_INTERFACE_SEPARATOR in intf: + if intf.startswith("Ethernet") or intf.startswith("PortChannel"): + return False + return True + return False + @subinterface.command('add') @click.argument('subinterface_name', metavar='', required=True) @click.argument('vid', metavar='', required=False, type=click.IntRange(1,4094)) @@ -6722,6 +6747,8 @@ def add_subinterface(ctx, subinterface_name, vid): subintf_dict = {} if vid is not None: subintf_dict.update({"vlan" : vid}) + elif is_subintf_shortname(subinterface_name): + ctx.fail("{} Encap vlan is mandatory for short name subinterfaces".format(subinterface_name)) if subintf_vlan_check(config_db, get_intf_longname(interface_alias), vid) is True: ctx.fail("Vlan {} encap already configured on other subinterface on {}".format(vid, interface_alias)) diff --git a/tests/intfutil_test.py b/tests/intfutil_test.py index 82075b1352..081246a488 100644 --- a/tests/intfutil_test.py +++ b/tests/intfutil_test.py @@ -210,7 +210,8 @@ def test_subintf_status(self): "Sub port interface Speed MTU Vlan Admin Type\n" "-------------------- ------- ----- ------ ------- --------------------\n" " Eth32.10 40G 9100 100 up 802.1q-encapsulation\n" - " Ethernet0.10 25G 9100 10 up 802.1q-encapsulation" + " Ethernet0.10 25G 9100 10 up 802.1q-encapsulation\n" + " Po0001.10 40G 9100 100 up 802.1q-encapsulation" ) self.assertEqual(result.output.strip(), expected_output) @@ -254,6 +255,16 @@ def test_single_subintf_status(self): print(output, file=sys.stderr) self.assertEqual(output.strip(), expected_output) + expected_output = ( + "Sub port interface Speed MTU Vlan Admin Type\n" + "-------------------- ------- ----- ------ ------- --------------------\n" + " Po0001.10 40G 9100 100 up 802.1q-encapsulation" + ) + # Test 'intfutil status Po0001.10' + output = subprocess.check_output('intfutil -c status -i Po0001.10', stderr=subprocess.STDOUT, shell=True, text=True) + print(output, file=sys.stderr) + self.assertEqual(output.strip(), expected_output) + # Test '--verbose' status of single sub interface def test_single_subintf_status_verbose(self): result = self.runner.invoke(show.cli.commands["subinterfaces"].commands["status"], ["Ethernet0.10", "--verbose"]) @@ -266,6 +277,11 @@ def test_single_subintf_status_verbose(self): expected_output = "Command: intfutil -c status -i Eth32.10" self.assertEqual(result.output.split('\n')[0], expected_output) + result = self.runner.invoke(show.cli.commands["subinterfaces"].commands["status"], ["Po0001.10", "--verbose"]) + print(result.output, file=sys.stderr) + expected_output = "Command: intfutil -c status -i Po0001.10" + self.assertEqual(result.output.split('\n')[0], expected_output) + # Test status of single sub interface in alias naming mode def test_single_subintf_status_alias_mode(self): os.environ["SONIC_CLI_IFACE_MODE"] = "alias" diff --git a/tests/ip_config_test.py b/tests/ip_config_test.py index 17b49b2a8e..c56b226c74 100644 --- a/tests/ip_config_test.py +++ b/tests/ip_config_test.py @@ -48,12 +48,36 @@ def test_add_del_interface_valid_ipv4(self): assert result.exit_code == 0 assert ('Ethernet64', '10.10.10.1/24') in db.cfgdb.get_table('INTERFACE') + # config int ip add Ethernet0.10 10.11.10.1/24 + result = runner.invoke(config.config.commands["interface"].commands["ip"].commands["add"], ["Ethernet0.10", "10.11.10.1/24"], obj=obj) + print(result.exit_code, result.output) + assert result.exit_code == 0 + assert ('Ethernet0.10', '10.11.10.1/24') in db.cfgdb.get_table('VLAN_SUB_INTERFACE') + + # config int ip add Eth32.10 32.11.10.1/24 + result = runner.invoke(config.config.commands["interface"].commands["ip"].commands["add"], ["Eth32.10", "32.11.10.1/24"], obj=obj) + print(result.exit_code, result.output) + assert result.exit_code == 0 + assert ('Eth32.10', '32.11.10.1/24') in db.cfgdb.get_table('VLAN_SUB_INTERFACE') + # config int ip remove Ethernet64 10.10.10.1/24 result = runner.invoke(config.config.commands["interface"].commands["ip"].commands["remove"], ["Ethernet64", "10.10.10.1/24"], obj=obj) print(result.exit_code, result.output) assert result.exit_code != 0 assert ('Ethernet64', '10.10.10.1/24') not in db.cfgdb.get_table('INTERFACE') + # config int ip remove Ethernet0.10 10.11.10.1/24 + result = runner.invoke(config.config.commands["interface"].commands["ip"].commands["remove"], ["Ethernet0.10", "10.11.10.1/24"], obj=obj) + print(result.exit_code, result.output) + assert result.exit_code != 0 + assert ('Ethernet0.10', '10.11.10.1/24') not in db.cfgdb.get_table('VLAN_SUB_INTERFACE') + + # config int ip remove Eth32.10 32.11.10.1/24 + result = runner.invoke(config.config.commands["interface"].commands["ip"].commands["remove"], ["Eth32.10", "32.11.10.1/24"], obj=obj) + print(result.exit_code, result.output) + assert result.exit_code != 0 + assert ('Eth32.10', '32.11.10.1/24') not in db.cfgdb.get_table('VLAN_SUB_INTERFACE') + def test_add_interface_invalid_ipv4(self): db = Db() runner = CliRunner() @@ -100,12 +124,32 @@ def test_add_del_interface_valid_ipv6(self): assert result.exit_code == 0 assert ('Ethernet72', '2001:1db8:11a3:19d7:1f34:8a2e:17a0:765d/34') in db.cfgdb.get_table('INTERFACE') + result = runner.invoke(config.config.commands["interface"].commands["ip"].commands["add"], ["Ethernet0.10", "1010:1db8:11a3:19d7:1f34:8a2e:17a0:765d/34"], obj=obj) + print(result.exit_code, result.output) + assert result.exit_code == 0 + assert ('Ethernet0.10', '1010:1db8:11a3:19d7:1f34:8a2e:17a0:765d/34') in db.cfgdb.get_table('VLAN_SUB_INTERFACE') + + result = runner.invoke(config.config.commands["interface"].commands["ip"].commands["add"], ["Eth32.10", "3210:1db8:11a3:19d7:1f34:8a2e:17a0:765d/34"], obj=obj) + print(result.exit_code, result.output) + assert result.exit_code == 0 + assert ('Eth32.10', '3210:1db8:11a3:19d7:1f34:8a2e:17a0:765d/34') in db.cfgdb.get_table('VLAN_SUB_INTERFACE') + # config int ip remove Ethernet72 2001:1db8:11a3:19d7:1f34:8a2e:17a0:765d/34 result = runner.invoke(config.config.commands["interface"].commands["ip"].commands["remove"], ["Ethernet72", "2001:1db8:11a3:19d7:1f34:8a2e:17a0:765d/34"], obj=obj) print(result.exit_code, result.output) assert result.exit_code != 0 assert ('Ethernet72', '2001:1db8:11a3:19d7:1f34:8a2e:17a0:765d/34') not in db.cfgdb.get_table('INTERFACE') + result = runner.invoke(config.config.commands["interface"].commands["ip"].commands["remove"], ["Ethernet0.10", "1010:1db8:11a3:19d7:1f34:8a2e:17a0:765d/34"], obj=obj) + print(result.exit_code, result.output) + assert result.exit_code != 0 + assert ('Ethernet0.10', '1010:1db8:11a3:19d7:1f34:8a2e:17a0:765d/34') not in db.cfgdb.get_table('VLAN_SUB_INTERFACE') + + result = runner.invoke(config.config.commands["interface"].commands["ip"].commands["remove"], ["Eth32.10", "3210:1db8:11a3:19d7:1f34:8a2e:17a0:765d/34"], obj=obj) + print(result.exit_code, result.output) + assert result.exit_code != 0 + assert ('Eth32.10', '3210:1db8:11a3:19d7:1f34:8a2e:17a0:765d/34') not in db.cfgdb.get_table('VLAN_SUB_INTERFACE') + def test_del_interface_case_sensitive_ipv6(self): db = Db() runner = CliRunner() diff --git a/tests/mock_tables/appl_db.json b/tests/mock_tables/appl_db.json index 29e161c9ca..cd00408b49 100644 --- a/tests/mock_tables/appl_db.json +++ b/tests/mock_tables/appl_db.json @@ -190,8 +190,34 @@ }, "INTF_TABLE:Eth32.10": { "admin_status": "up", + "vrf_name": "Vrf1", "vlan": "100" }, + "INTF_TABLE:Po0001.10": { + "admin_status": "up", + "vrf_name": "Vrf1", + "vlan": "100" + }, + "INTF_TABLE:Ethernet0.10|10.11.12.13/24": { + "family": "IPv4", + "scope": "global" + }, + "INTF_TABLE:Eth32.10|32.10.11.12/24": { + "family": "IPv4", + "scope": "global" + }, + "INTF_TABLE:Po0001.10|10.10.11.12/24": { + "family": "IPv4", + "scope": "global" + }, + "INTF_TABLE:Eth32.10|3210::12/126": { + "family": "IPv6", + "scope": "global" + }, + "INTF_TABLE:Po0001.10|1010::12/126": { + "family": "IPv6", + "scope": "global" + }, "_GEARBOX_TABLE:phy:1": { "name": "sesto-1", "phy_id": "1", diff --git a/tests/mock_tables/config_db.json b/tests/mock_tables/config_db.json index 060115d8a9..67cafd1458 100644 --- a/tests/mock_tables/config_db.json +++ b/tests/mock_tables/config_db.json @@ -379,11 +379,26 @@ "VLAN_SUB_INTERFACE|Eth32.10": { "admin_status": "up", "loopback_action": "drop", + "vrf_name": "Vrf1", "vlan": "100" }, "VLAN_SUB_INTERFACE|Eth32.10|32.10.11.12/24": { "NULL" : "NULL" }, + "VLAN_SUB_INTERFACE|Eth32.10|3210::12/126": { + "NULL" : "NULL" + }, + "VLAN_SUB_INTERFACE|Po0001.10": { + "admin_status": "up", + "vrf_name": "Vrf1", + "vlan": "100" + }, + "VLAN_SUB_INTERFACE|Po0001.10|10.10.11.12/24": { + "NULL" : "NULL" + }, + "VLAN_SUB_INTERFACE|Po0001.10|1010::12/126": { + "NULL" : "NULL" + }, "ACL_RULE|NULL_ROUTE_V4|DEFAULT_RULE": { "PACKET_ACTION": "DROP", "PRIORITY": "1" diff --git a/tests/show_vrf_test.py b/tests/show_vrf_test.py index 3c6d1c5b36..457b3587f6 100644 --- a/tests/show_vrf_test.py +++ b/tests/show_vrf_test.py @@ -4,6 +4,7 @@ from swsscommon.swsscommon import SonicV2Connector from utilities_common.db import Db +import config.main as config import show.main as show test_path = os.path.dirname(os.path.abspath(__file__)) @@ -31,6 +32,92 @@ def test_vrf_show(self): Eth32.10 Vrf103 Ethernet4 Loopback0 + Po0002.101 +""" + + result = runner.invoke(show.cli.commands['vrf'], [], obj=db) + dbconnector.dedicated_dbs = {} + assert result.exit_code == 0 + assert result.output == expected_output + + def test_vrf_bind_unbind(self): + from .mock_tables import dbconnector + jsonfile_config = os.path.join(mock_db_path, "config_db") + dbconnector.dedicated_dbs['CONFIG_DB'] = jsonfile_config + runner = CliRunner() + db = Db() + expected_output = """\ +VRF Interfaces +------ --------------- +Vrf1 +Vrf101 Ethernet0.10 +Vrf102 PortChannel0002 + Vlan40 + Eth32.10 +Vrf103 Ethernet4 + Loopback0 + Po0002.101 +""" + + result = runner.invoke(show.cli.commands['vrf'], [], obj=db) + dbconnector.dedicated_dbs = {} + assert result.exit_code == 0 + assert result.output == expected_output + + obj = {'config_db':db.cfgdb} + + result = runner.invoke(config.config.commands["interface"].commands["vrf"].commands["unbind"], ["Ethernet4"], obj=obj) + print(result.exit_code, result.output) + assert result.exit_code == 0 + assert 'Ethernet4' not in db.cfgdb.get_table('INTERFACE') + + result = runner.invoke(config.config.commands["interface"].commands["vrf"].commands["unbind"], ["Loopback0"], obj=obj) + print(result.exit_code, result.output) + assert result.exit_code == 0 + assert 'Loopback0' not in db.cfgdb.get_table('LOOPBACK_INTERFACE') + + result = runner.invoke(config.config.commands["interface"].commands["vrf"].commands["unbind"], ["Vlan40"], obj=obj) + print(result.exit_code, result.output) + assert result.exit_code == 0 + assert 'Vlan40' not in db.cfgdb.get_table('VLAN_INTERFACE') + + result = runner.invoke(config.config.commands["interface"].commands["vrf"].commands["unbind"], ["PortChannel0002"], obj=obj) + print(result.exit_code, result.output) + assert result.exit_code == 0 + assert 'PortChannel002' not in db.cfgdb.get_table('PORTCHANNEL_INTERFACE') + + result = runner.invoke(config.config.commands["interface"].commands["vrf"].commands["unbind"], ["Eth32.10"], obj=obj) + print(result.exit_code, result.output) + assert result.exit_code == 0 + assert ('vrf_name', 'Vrf102') not in db.cfgdb.get_table('VLAN_SUB_INTERFACE')['Eth32.10'] + + result = runner.invoke(config.config.commands["interface"].commands["vrf"].commands["unbind"], ["Ethernet0.10"], obj=obj) + print(result.exit_code, result.output) + assert result.exit_code == 0 + assert ('vrf_name', 'Vrf101') not in db.cfgdb.get_table('VLAN_SUB_INTERFACE')['Ethernet0.10'] + + result = runner.invoke(config.config.commands["interface"].commands["vrf"].commands["unbind"], ["Po0002.101"], obj=obj) + print(result.exit_code, result.output) + assert result.exit_code == 0 + assert ('vrf_name', 'Vrf103') not in db.cfgdb.get_table('VLAN_SUB_INTERFACE')['Po0002.101'] + + + #Bind click CLI cannot be tested as it tries to connecte to statedb + #for verification of all IP address delete before applying new vrf configuration + jsonfile_config = os.path.join(mock_db_path, "config_db") + dbconnector.dedicated_dbs['CONFIG_DB'] = jsonfile_config + + expected_output = """\ +VRF Interfaces +------ --------------- +Vrf1 +Vrf101 Ethernet0.10 +Vrf102 PortChannel0002 + Vlan40 + Eth32.10 +Vrf103 Ethernet4 + Loopback0 + Po0002.101 """ result = runner.invoke(show.cli.commands['vrf'], [], obj=db) diff --git a/tests/subintf_test.py b/tests/subintf_test.py new file mode 100644 index 0000000000..581ea49ce5 --- /dev/null +++ b/tests/subintf_test.py @@ -0,0 +1,210 @@ +import os +import traceback + +from click.testing import CliRunner + +import config.main as config +import show.main as show +from utilities_common.db import Db + + +class TestSubinterface(object): + @classmethod + def setup_class(cls): + os.environ['UTILITIES_UNIT_TESTING'] = "1" + print("SETUP") + + def test_add_del_subintf_short_name(self): + runner = CliRunner() + db = Db() + obj = {'db':db.cfgdb} + + result = runner.invoke(config.config.commands["subinterface"].commands["add"], ["Eth0.102", "1002"], obj=obj) + print(result.exit_code, result.output) + assert result.exit_code == 0 + assert ('Eth0.102') in db.cfgdb.get_table('VLAN_SUB_INTERFACE') + assert db.cfgdb.get_table('VLAN_SUB_INTERFACE')['Eth0.102']['vlan'] == '1002' + assert db.cfgdb.get_table('VLAN_SUB_INTERFACE')['Eth0.102']['admin_status'] == 'up' + + result = runner.invoke(config.config.commands["subinterface"].commands["add"], ["Po0004.104", "1004"], obj=obj) + print(result.exit_code, result.output) + assert result.exit_code == 0 + assert ('Po0004.104') in db.cfgdb.get_table('VLAN_SUB_INTERFACE') + assert db.cfgdb.get_table('VLAN_SUB_INTERFACE')['Po0004.104']['vlan'] == '1004' + assert db.cfgdb.get_table('VLAN_SUB_INTERFACE')['Po0004.104']['admin_status'] == 'up' + + result = runner.invoke(config.config.commands["subinterface"].commands["del"], ["Eth0.102"], obj=obj) + print(result.exit_code, result.output) + assert result.exit_code == 0 + assert ('Eth0.102') not in db.cfgdb.get_table('VLAN_SUB_INTERFACE') + + result = runner.invoke(config.config.commands["subinterface"].commands["del"], ["Po0004.104"], obj=obj) + print(result.exit_code, result.output) + assert result.exit_code == 0 + assert ('Po0004.104') not in db.cfgdb.get_table('VLAN_SUB_INTERFACE') + + def test_add_del_subintf_with_long_name(self): + runner = CliRunner() + db = Db() + obj = {'db':db.cfgdb} + + result = runner.invoke(config.config.commands["subinterface"].commands["add"], ["Ethernet0.102"], obj=obj) + print(result.exit_code, result.output) + assert result.exit_code == 0 + assert ('Ethernet0.102') in db.cfgdb.get_table('VLAN_SUB_INTERFACE') + assert db.cfgdb.get_table('VLAN_SUB_INTERFACE')['Ethernet0.102']['admin_status'] == 'up' + + result = runner.invoke(config.config.commands["subinterface"].commands["add"], ["PortChannel0004.104"], obj=obj) + print(result.exit_code, result.output) + assert result.exit_code == 0 + assert ('PortChannel0004.104') in db.cfgdb.get_table('VLAN_SUB_INTERFACE') + assert db.cfgdb.get_table('VLAN_SUB_INTERFACE')['PortChannel0004.104']['admin_status'] == 'up' + + result = runner.invoke(config.config.commands["subinterface"].commands["del"], ["Ethernet0.102"], obj=obj) + print(result.exit_code, result.output) + assert result.exit_code == 0 + assert ('Ethernet0.102') not in db.cfgdb.get_table('VLAN_SUB_INTERFACE') + + result = runner.invoke(config.config.commands["subinterface"].commands["del"], ["PortChannel0004.104"], obj=obj) + print(result.exit_code, result.output) + assert result.exit_code == 0 + assert ('PortChannel0004.104') not in db.cfgdb.get_table('VLAN_SUB_INTERFACE') + + + def test_add_existing_subintf_again(self): + runner = CliRunner() + db = Db() + obj = {'db':db.cfgdb} + + result = runner.invoke(config.config.commands["subinterface"].commands["add"], ["Ethernet0.102"], obj=obj) + print(result.exit_code, result.output) + assert result.exit_code == 0 + assert ('Ethernet0.102') in db.cfgdb.get_table('VLAN_SUB_INTERFACE') + assert db.cfgdb.get_table('VLAN_SUB_INTERFACE')['Ethernet0.102']['admin_status'] == 'up' + + #Check if same long format subintf creation is rejected + result = runner.invoke(config.config.commands["subinterface"].commands["add"], ["Ethernet0.102"], obj=obj) + print(result.exit_code, result.output) + assert result.exit_code != 0 + + #Check if same short format subintf creation with same encap vlan is rejected + result = runner.invoke(config.config.commands["subinterface"].commands["add"], ["Eth0.1002", "102"], obj=obj) + print(result.exit_code, result.output) + assert result.exit_code != 0 + assert ('Eth0.1002') not in db.cfgdb.get_table('VLAN_SUB_INTERFACE') + + + def test_delete_non_existing_subintf(self): + runner = CliRunner() + db = Db() + obj = {'db':db.cfgdb} + + result = runner.invoke(config.config.commands["subinterface"].commands["del"], ["Ethernet0.102"], obj=obj) + print(result.exit_code, result.output) + assert result.exit_code != 0 + + result = runner.invoke(config.config.commands["subinterface"].commands["del"], ["Eth0.102"], obj=obj) + print(result.exit_code, result.output) + assert result.exit_code != 0 + + result = runner.invoke(config.config.commands["subinterface"].commands["del"], ["PortChannel0004.104"], obj=obj) + print(result.exit_code, result.output) + assert result.exit_code != 0 + + result = runner.invoke(config.config.commands["subinterface"].commands["del"], ["Po0004.104"], obj=obj) + print(result.exit_code, result.output) + assert result.exit_code != 0 + + def test_invalid_subintf_creation(self): + runner = CliRunner() + db = Db() + obj = {'db':db.cfgdb} + + result = runner.invoke(config.config.commands["subinterface"].commands["add"], ["Ethernet1000.102"], obj=obj) + print(result.exit_code, result.output) + assert result.exit_code != 0 + + result = runner.invoke(config.config.commands["subinterface"].commands["add"], ["PortChannel0008.102"], obj=obj) + print(result.exit_code, result.output) + assert result.exit_code != 0 + + result = runner.invoke(config.config.commands["subinterface"].commands["add"], ["Ethe0.102"], obj=obj) + print(result.exit_code, result.output) + assert result.exit_code != 0 + + #Short format subintf without encap vlan should be rejected + result = runner.invoke(config.config.commands["subinterface"].commands["add"], ["Eth0.102"], obj=obj) + print(result.exit_code, result.output) + assert result.exit_code != 0 + + result = runner.invoke(config.config.commands["subinterface"].commands["add"], ["Po0004.102"], obj=obj) + print(result.exit_code, result.output) + assert result.exit_code != 0 + + def test_subintf_vrf_bind_unbind(self): + runner = CliRunner() + db = Db() + obj = {'db':db.cfgdb} + + result = runner.invoke(config.config.commands["subinterface"].commands["add"], ["Ethernet0.102"], obj=obj) + print(result.exit_code, result.output) + assert result.exit_code == 0 + assert ('Ethernet0.102') in db.cfgdb.get_table('VLAN_SUB_INTERFACE') + assert db.cfgdb.get_table('VLAN_SUB_INTERFACE')['Ethernet0.102']['admin_status'] == 'up' + + vrf_obj = {'config_db':db.cfgdb, 'namespace':db.db.namespace} + result = runner.invoke(config.config.commands["interface"].commands["vrf"].commands["bind"], ["Ethernet0.102", "Vrf1"], obj=vrf_obj) + assert result.exit_code == 0 + assert ('Vrf1') in db.cfgdb.get_table('VLAN_SUB_INTERFACE')['Ethernet0.102']['vrf_name'] + + result = runner.invoke(config.config.commands["interface"].commands["vrf"].commands["unbind"], ["Ethernet0.102"], obj=vrf_obj) + assert result.exit_code == 0 + assert ('vrf_name') not in db.cfgdb.get_table('VLAN_SUB_INTERFACE')['Ethernet0.102'] + + result = runner.invoke(config.config.commands["subinterface"].commands["del"], ["Ethernet0.102"], obj=obj) + print(result.exit_code, result.output) + assert result.exit_code == 0 + assert ('Ethernet0.102') not in db.cfgdb.get_table('VLAN_SUB_INTERFACE') + + #shut name subintf vrf bind unbind check + result = runner.invoke(config.config.commands["subinterface"].commands["add"], ["Eth0.1002", "2002"], obj=obj) + print(result.exit_code, result.output) + assert result.exit_code == 0 + assert ('Eth0.1002') in db.cfgdb.get_table('VLAN_SUB_INTERFACE') + + result = runner.invoke(config.config.commands["interface"].commands["vrf"].commands["bind"], ["Eth0.1002", "Vrf1"], obj=vrf_obj) + assert result.exit_code == 0 + assert ('Vrf1') in db.cfgdb.get_table('VLAN_SUB_INTERFACE')['Eth0.1002']['vrf_name'] + + result = runner.invoke(config.config.commands["interface"].commands["vrf"].commands["unbind"], ["Eth0.1002"], obj=vrf_obj) + assert result.exit_code == 0 + assert ('vrf_name') not in db.cfgdb.get_table('VLAN_SUB_INTERFACE')['Eth0.1002'] + + result = runner.invoke(config.config.commands["subinterface"].commands["del"], ["Eth0.1002"], obj=obj) + print(result.exit_code, result.output) + assert result.exit_code == 0 + assert ('Eth0.1002') not in db.cfgdb.get_table('VLAN_SUB_INTERFACE') + + #Po subintf vrf bind unbind check + result = runner.invoke(config.config.commands["subinterface"].commands["add"], ["Po0004.1004", "2004"], obj=obj) + print(result.exit_code, result.output) + assert result.exit_code == 0 + assert ('Po0004.1004') in db.cfgdb.get_table('VLAN_SUB_INTERFACE') + + result = runner.invoke(config.config.commands["interface"].commands["vrf"].commands["bind"], ["Po0004.1004", "Vrf1"], obj=vrf_obj) + assert result.exit_code == 0 + assert ('Vrf1') in db.cfgdb.get_table('VLAN_SUB_INTERFACE')['Po0004.1004']['vrf_name'] + + result = runner.invoke(config.config.commands["interface"].commands["vrf"].commands["unbind"], ["Po0004.1004"], obj=vrf_obj) + assert result.exit_code == 0 + assert ('vrf_name') not in db.cfgdb.get_table('VLAN_SUB_INTERFACE')['Po0004.1004'] + + result = runner.invoke(config.config.commands["subinterface"].commands["del"], ["Po0004.1004"], obj=obj) + print(result.exit_code, result.output) + assert result.exit_code == 0 + assert ('Po0004.1004') not in db.cfgdb.get_table('VLAN_SUB_INTERFACE') + + @classmethod + def teardown_class(cls): + os.environ['UTILITIES_UNIT_TESTING'] = "0" + print("TEARDOWN") diff --git a/tests/vrf_input/config_db.json b/tests/vrf_input/config_db.json index 6d646f2f2b..fe1cb2eb25 100644 --- a/tests/vrf_input/config_db.json +++ b/tests/vrf_input/config_db.json @@ -8,6 +8,11 @@ "admin_status": "up", "vlan": "100" }, + "VLAN_SUB_INTERFACE|Po0002.101": { + "vrf_name": "Vrf103", + "admin_status": "up", + "vlan": "1001" + }, "VLAN_INTERFACE|Vlan40": { "vrf_name": "Vrf102" }, From 3af8ba4acc2bbc77d17be0d67943703021c7d1e1 Mon Sep 17 00:00:00 2001 From: Zhaohui Sun <94606222+ZhaohuiS@users.noreply.github.com> Date: Tue, 30 Aug 2022 10:07:31 +0800 Subject: [PATCH 34/47] Replace cmp in acl_loader with operator.eq (#2328) cmp is deprecated in python3. Use operator.eq instead Signed-off-by: Zhaohui Sun --- acl_loader/main.py | 3 ++- tests/acl_input/incremental_1.json | 32 ++++++++++++++++++++++++++++++ tests/acl_input/incremental_2.json | 32 ++++++++++++++++++++++++++++++ tests/acl_loader_test.py | 17 ++++++++++++++++ 4 files changed, 83 insertions(+), 1 deletion(-) create mode 100644 tests/acl_input/incremental_1.json create mode 100644 tests/acl_input/incremental_2.json diff --git a/acl_loader/main.py b/acl_loader/main.py index ada7162154..dedaf0eb3e 100644 --- a/acl_loader/main.py +++ b/acl_loader/main.py @@ -4,6 +4,7 @@ import ipaddress import json import syslog +import operator import openconfig_acl import tabulate @@ -758,7 +759,7 @@ def incremental_update(self): namespace_configdb.mod_entry(self.ACL_RULE, key, None) for key in existing_controlplane_rules: - if cmp(self.rules_info[key], self.rules_db_info[key]) != 0: + if not operator.eq(self.rules_info[key], self.rules_db_info[key]): self.configdb.set_entry(self.ACL_RULE, key, self.rules_info[key]) # Program for per-asic namespace corresponding to front asic also if present. # For control plane ACL it's not needed but to keep all db in sync program everywhere diff --git a/tests/acl_input/incremental_1.json b/tests/acl_input/incremental_1.json new file mode 100644 index 0000000000..57ede08bf7 --- /dev/null +++ b/tests/acl_input/incremental_1.json @@ -0,0 +1,32 @@ +{ + "acl": { + "acl-sets": { + "acl-set": { + "ntp-acl": { + "acl-entries": { + "acl-entry": { + "1": { + "ip": { + "config": { + "source-ip-address": "20.0.0.12/32" + } + }, + "config": { + "sequence-id": 1 + }, + "actions": { + "config": { + "forwarding-action": "ACCEPT" + } + } + } + } + }, + "config": { + "name": "ntp-acl" + } + } + } + } + } +} \ No newline at end of file diff --git a/tests/acl_input/incremental_2.json b/tests/acl_input/incremental_2.json new file mode 100644 index 0000000000..b7de6edbac --- /dev/null +++ b/tests/acl_input/incremental_2.json @@ -0,0 +1,32 @@ +{ + "acl": { + "acl-sets": { + "acl-set": { + "ntp-acl": { + "acl-entries": { + "acl-entry": { + "1": { + "ip": { + "config": { + "source-ip-address": "20.0.0.12/32" + } + }, + "config": { + "sequence-id": 1 + }, + "actions": { + "config": { + "forwarding-action": "DROP" + } + } + } + } + }, + "config": { + "name": "ntp-acl" + } + } + } + } + } +} \ No newline at end of file diff --git a/tests/acl_loader_test.py b/tests/acl_loader_test.py index bae24de9a4..20b7283319 100644 --- a/tests/acl_loader_test.py +++ b/tests/acl_loader_test.py @@ -1,6 +1,7 @@ import sys import os import pytest +from unittest import mock test_path = os.path.dirname(os.path.abspath(__file__)) modules_path = os.path.dirname(test_path) @@ -200,3 +201,19 @@ def test_icmp_fields_with_non_tcp_protocol(self, acl_loader): acl_loader.rules_info = {} acl_loader.load_rules_from_file(os.path.join(test_path, 'acl_input/tcp_bad_protocol_number.json')) assert not acl_loader.rules_info.get("RULE_1") + + def test_incremental_update(self, acl_loader): + acl_loader.rules_info = {} + acl_loader.tables_db_info['NTP_ACL'] = { + "stage": "INGRESS", + "type": "CTRLPLANE" + } + acl_loader.load_rules_from_file(os.path.join(test_path, 'acl_input/incremental_1.json')) + acl_loader.rules_db_info = acl_loader.rules_info + assert acl_loader.rules_info[(('NTP_ACL', 'RULE_1'))]["PACKET_ACTION"] == "ACCEPT" + acl_loader.per_npu_configdb = None + acl_loader.configdb.mod_entry = mock.MagicMock(return_value=True) + acl_loader.configdb.set_entry = mock.MagicMock(return_value=True) + acl_loader.load_rules_from_file(os.path.join(test_path, 'acl_input/incremental_2.json')) + acl_loader.incremental_update() + assert acl_loader.rules_info[(('NTP_ACL', 'RULE_1'))]["PACKET_ACTION"] == "DROP" From f0ce58635e045adcf7d68912eeac968bc697828c Mon Sep 17 00:00:00 2001 From: Lawrence Lee Date: Tue, 30 Aug 2022 14:45:58 -0700 Subject: [PATCH 35/47] [route_check]: Ignore standalone tunnel routes (#2325) When checking for route entry mismatches, ignore mismatched routes where an APPL_DB neighbor entry with a zero MAC is present. These routes are introduced by this change in SWSS and are expected: sonic-net/sonic-swss#2137 Signed-off-by: Lawrence Lee --- scripts/route_check.py | 40 ++++++++++++++++++++++++++++++++ scripts/route_check_test.sh | 32 ++++++++++++++++++------- tests/config_test.py | 10 ++++---- tests/mock_tables/config_db.json | 3 ++- tests/route_check_test.py | 22 ++++++++++++++++++ 5 files changed, 92 insertions(+), 15 deletions(-) diff --git a/scripts/route_check.py b/scripts/route_check.py index cc973e2e33..90bdc7ea5c 100755 --- a/scripts/route_check.py +++ b/scripts/route_check.py @@ -450,6 +450,45 @@ def filter_out_vnet_routes(routes): return updated_routes +def filter_out_standalone_tunnel_routes(routes): + config_db = swsscommon.ConfigDBConnector() + config_db.connect() + device_metadata = config_db.get_table('DEVICE_METADATA') + subtype = device_metadata['localhost'].get('subtype', '') + + if subtype.lower() != 'dualtor': + return routes + + app_db = swsscommon.DBConnector('APPL_DB', 0) + neigh_table = swsscommon.Table(app_db, 'NEIGH_TABLE') + neigh_keys = neigh_table.getKeys() + standalone_tunnel_route_ips = [] + updated_routes = [] + + for neigh in neigh_keys: + _, mac = neigh_table.hget(neigh, 'neigh') + if mac == '00:00:00:00:00:00': + # remove preceding 'VlanXXXX' to get just the neighbor IP + neigh_ip = ':'.join(neigh.split(':')[1:]) + standalone_tunnel_route_ips.append(neigh_ip) + + if not standalone_tunnel_route_ips: + return routes + + for route in routes: + ip, subnet = route.split('/') + ip_version = ipaddress.ip_address(ip).version + + # we want to keep the route if it is not a standalone tunnel route. + # if the route subnet contains more than one address, it is not a + # standalone tunnel route + if (ip not in standalone_tunnel_route_ips) or \ + ((ip_version == 6 and subnet != '128') or (ip_version == 4 and subnet != '32')): + updated_routes.append(route) + + return updated_routes + + def check_routes(): """ The heart of this script which runs the checks. @@ -486,6 +525,7 @@ def check_routes(): _, rt_asic_miss = diff_sorted_lists(intf_appl, rt_asic_miss) rt_asic_miss = filter_out_default_routes(rt_asic_miss) rt_asic_miss = filter_out_vnet_routes(rt_asic_miss) + rt_asic_miss = filter_out_standalone_tunnel_routes(rt_asic_miss) # Check APPL-DB INTF_TABLE with ASIC table route entries intf_appl_miss, _ = diff_sorted_lists(intf_appl, rt_asic) diff --git a/scripts/route_check_test.sh b/scripts/route_check_test.sh index 505253863e..989cbfae0b 100755 --- a/scripts/route_check_test.sh +++ b/scripts/route_check_test.sh @@ -2,22 +2,36 @@ # add a route, interface & route-entry to simulate error # -sonic-db-cli APPL_DB hmset "ROUTE_TABLE:20c0:d9b8:99:80::/64" "nexthop" "fc00::72,fc00::76,fc00::7a,fc00::7e" "ifname" "PortChannel01,PortChannel02,PortChannel03,PortChannel04" +sonic-db-cli APPL_DB hmset "ROUTE_TABLE:20c0:d9b8:99:80::/64" "nexthop" "fc00::72,fc00::76,fc00::7a,fc00::7e" "ifname" "PortChannel01,PortChannel02,PortChannel03,PortChannel04" > /dev/null +sonic-db-cli ASIC_DB hmset "ASIC_STATE:SAI_OBJECT_TYPE_ROUTE_ENTRY:{\"dest\":\"192.193.120.255/25\",\"switch_id\":\"oid:0x21000000000000\",\"vr\":\"oid:0x3000000000022\"}" "SAI_ROUTE_ENTRY_ATTR_NEXT_HOP_ID" "oid:0x5000000000614" > /dev/null +sonic-db-cli APPL_DB hmset "INTF_TABLE:PortChannel01:10.0.0.99/31" "scope" "global" "family" "IPv4" > /dev/null +echo "------" +echo "expect errors!" +echo "Running Route Check..." +./route_check.py +echo "return value: $?" -sonic-db-cli ASIC_DB hmset "ASIC_STATE:SAI_OBJECT_TYPE_ROUTE_ENTRY:{\"dest\":\"192.193.120.255/25\",\"switch_id\":\"oid:0x21000000000000\",\"vr\":\"oid:0x3000000000022\"}" "SAI_ROUTE_ENTRY_ATTR_NEXT_HOP_ID" "oid:0x5000000000614" +sonic-db-cli APPL_DB del "ROUTE_TABLE:20c0:d9b8:99:80::/64" > /dev/null +sonic-db-cli ASIC_DB del "ASIC_STATE:SAI_OBJECT_TYPE_ROUTE_ENTRY:{\"dest\":\"192.193.120.255/25\",\"switch_id\":\"oid:0x21000000000000\",\"vr\":\"oid:0x3000000000022\"}" > /dev/null +sonic-db-cli APPL_DB del "INTF_TABLE:PortChannel01:10.0.0.99/31" > /dev/null -sonic-db-cli APPL_DB hmset "INTF_TABLE:PortChannel01:10.0.0.99/31" "scope" "global" "family" "IPv4" +# add standalone tunnel route to simulate unreachable neighbor scenario on dual ToR +# in this scenario, we expect the route mismatch to be ignored +sonic-db-cli APPL_DB hmset "NEIGH_TABLE:Vlan1000:fc02:1000::99" "neigh" "00:00:00:00:00:00" "family" "IPv6" > /dev/null +sonic-db-cli ASIC_DB hmset 'ASIC_STATE:SAI_OBJECT_TYPE_ROUTE_ENTRY:{"dest":"fc02:1000::99/128","switch_id":"oid:0x21000000000000","vr":"oid:0x300000000007c"}' "SAI_ROUTE_ENTRY_ATTR_NEXT_HOP_ID" "oid:0x400000000167d" "SAI_ROUTE_ENTRY_ATTR_PACKET_ACTION" "SAI_PACKET_ACTION_FORWARD" > /dev/null -echo "expect errors!\n------\nRunning Route Check...\n" +echo "------" +echo "expect success on dualtor, expect error on all other devices!" +echo "Running Route Check..." ./route_check.py echo "return value: $?" -sonic-db-cli APPL_DB del "ROUTE_TABLE:20c0:d9b8:99:80::/64" -sonic-db-cli ASIC_DB del "ASIC_STATE:SAI_OBJECT_TYPE_ROUTE_ENTRY:{\"dest\":\"192.193.120.255/25\",\"switch_id\":\"oid:0x21000000000000\",\"vr\":\"oid:0x3000000000022\"}" -sonic-db-cli APPL_DB del "INTF_TABLE:PortChannel01:10.0.0.99/31" - +sonic-db-cli APPL_DB del "NEIGH_TABLE:Vlan1000:fc02:1000::99" > /dev/null +sonic-db-cli ASIC_DB del 'ASIC_STATE:SAI_OBJECT_TYPE_ROUTE_ENTRY:{"dest":"fc02:1000::99/128","switch_id":"oid:0x21000000000000","vr":"oid:0x300000000007c"}' > /dev/null -echo "expect success!\n------\nRunning Route Check...\n" +echo "------" +echo "expect success!" +echo "Running Route Check..." ./route_check.py echo "return value: $?" diff --git a/tests/config_test.py b/tests/config_test.py index 50c70f8fe2..a9f4982548 100644 --- a/tests/config_test.py +++ b/tests/config_test.py @@ -222,7 +222,7 @@ def test_config_reload(self, get_cmd_module, setup_single_broadcom_asic): obj = {'config_db': db.cfgdb} # simulate 'config reload' to provoke load_sys_info option - result = runner.invoke(config.config.commands["reload"], ["-l", "-n", "-y"], obj=obj) + result = runner.invoke(config.config.commands["reload"], ["-l", "-n", "-y", "--disable_arp_cache"], obj=obj) print(result.exit_code) print(result.output) @@ -484,7 +484,7 @@ def test_reload_config(self, get_cmd_module, setup_single_broadcom_asic): result = runner.invoke( config.config.commands["reload"], - [self.dummy_cfg_file, '-y', '-f']) + [self.dummy_cfg_file, '-y', '-f', "--disable_arp_cache"]) print(result.exit_code) print(result.output) @@ -501,7 +501,7 @@ def test_config_reload_disabled_service(self, get_cmd_module, setup_single_broad (config, show) = get_cmd_module runner = CliRunner() - result = runner.invoke(config.config.commands["reload"], [self.dummy_cfg_file, "-y"]) + result = runner.invoke(config.config.commands["reload"], [self.dummy_cfg_file, "-y", "--disable_arp_cache"]) print(result.exit_code) print(result.output) @@ -526,7 +526,7 @@ def test_reload_config_masic(self, get_cmd_module, setup_multi_broadcom_masic): self.dummy_cfg_file) result = runner.invoke( config.config.commands["reload"], - [cfg_files, '-y', '-f']) + [cfg_files, '-y', '-f', "--disable_arp_cache"]) print(result.exit_code) print(result.output) @@ -545,7 +545,7 @@ def test_reload_yang_config(self, get_cmd_module, runner = CliRunner() result = runner.invoke(config.config.commands["reload"], - [self.dummy_cfg_file, '-y','-f' ,'-t', 'config_yang']) + [self.dummy_cfg_file, "--disable_arp_cache", '-y', '-f', '-t', 'config_yang']) print(result.exit_code) print(result.output) diff --git a/tests/mock_tables/config_db.json b/tests/mock_tables/config_db.json index 67cafd1458..1fb2321756 100644 --- a/tests/mock_tables/config_db.json +++ b/tests/mock_tables/config_db.json @@ -828,7 +828,8 @@ "mac": "1d:34:db:16:a6:00", "platform": "x86_64-mlnx_msn3800-r0", "peer_switch": "sonic-switch", - "type": "ToRRouter" + "type": "ToRRouter", + "subtype": "DualToR" }, "SNMP_COMMUNITY|msft": { "TYPE": "RO" diff --git a/tests/route_check_test.py b/tests/route_check_test.py index 63eaed1608..746e09c7f8 100644 --- a/tests/route_check_test.py +++ b/tests/route_check_test.py @@ -24,6 +24,7 @@ OP_SET = "SET" OP_DEL = "DEL" +NEIGH_TABLE = 'NEIGH_TABLE' ROUTE_TABLE = 'ROUTE_TABLE' VNET_ROUTE_TABLE = 'VNET_ROUTE_TABLE' INTF_TABLE = 'INTF_TABLE' @@ -295,6 +296,22 @@ } }, "7": { + DESCR: "dualtor standalone tunnel route case", + ARGS: "route_check", + PRE: { + APPL_DB: { + NEIGH_TABLE: { + "Vlan1000:fc02:1000::99": { "neigh": "00:00:00:00:00:00", "family": "IPv6"} + } + }, + ASIC_DB: { + RT_ENTRY_TABLE: { + RT_ENTRY_KEY_PREFIX + "fc02:1000::99/128" + RT_ENTRY_KEY_SUFFIX: {}, + } + } + } + }, + "8": { DESCR: "Good one with VRF routes", ARGS: "route_check", PRE: { @@ -403,6 +420,11 @@ def get(self, key): return (True, ret) + def hget(self, key, field): + ret = copy.deepcopy(self.data.get(key, {}).get(field, {})) + return True, ret + + db_conns = {"APPL_DB": APPL_DB, "ASIC_DB": ASIC_DB} def conn_side_effect(arg, _): return db_conns[arg] From a91a4922fba9eca9f791f97c719b1c48c582f69b Mon Sep 17 00:00:00 2001 From: Xichen Lin Date: Wed, 17 Aug 2022 10:55:12 +0000 Subject: [PATCH 36/47] consider swap checking memory in installer Signed-off-by: Xichen Lin --- sonic_installer/main.py | 6 ++++-- 1 file changed, 4 insertions(+), 2 deletions(-) diff --git a/sonic_installer/main.py b/sonic_installer/main.py index db3fe49827..9b75db6add 100644 --- a/sonic_installer/main.py +++ b/sonic_installer/main.py @@ -460,8 +460,10 @@ def __enter__(self): meminfo = self.read_from_meminfo() mem_total_in_bytes = meminfo["MemTotal"] * SWAPAllocator.KiB_TO_BYTES_FACTOR mem_avail_in_bytes = meminfo["MemAvailable"] * SWAPAllocator.KiB_TO_BYTES_FACTOR - if (mem_total_in_bytes < self.total_mem_threshold * SWAPAllocator.MiB_TO_BYTES_FACTOR - or mem_avail_in_bytes < self.available_mem_threshold * SWAPAllocator.MiB_TO_BYTES_FACTOR): + swap_total_in_bytes = meminfo["SwapTotal"] * SWAPAllocator.KiB_TO_BYTES_FACTOR + swap_free_in_bytes = meminfo["SwapFree"] * SWAPAllocator.KiB_TO_BYTES_FACTOR + if (mem_total_in_bytes + swap_total_in_bytes < self.total_mem_threshold * SWAPAllocator.MiB_TO_BYTES_FACTOR + or mem_avail_in_bytes + swap_free_in_bytes < self.available_mem_threshold * SWAPAllocator.MiB_TO_BYTES_FACTOR): echo_and_log("Setup SWAP memory") swapfile = SWAPAllocator.SWAP_FILE_PATH if os.path.exists(swapfile): From 414e239ea94c7d52b2ccfd6b6b7798263680f697 Mon Sep 17 00:00:00 2001 From: Xichen Lin Date: Thu, 18 Aug 2022 04:48:09 +0000 Subject: [PATCH 37/47] update unit tests for swap allocator Signed-off-by: Xichen Lin --- tests/swap_allocator_test.py | 64 ++++++++++++++++++++++++++++++++++++ 1 file changed, 64 insertions(+) diff --git a/tests/swap_allocator_test.py b/tests/swap_allocator_test.py index 033b215dd2..960d4e8caf 100644 --- a/tests/swap_allocator_test.py +++ b/tests/swap_allocator_test.py @@ -17,6 +17,8 @@ def test_read_from_meminfo(self): proc_meminfo_lines = [ "MemTotal: 32859496 kB", "MemFree: 16275512 kB", + "SwapTotal: 2000000 kB", + "SwapFree: 1000000 kB", "HugePages_Total: 0", "HugePages_Free: 0", ] @@ -24,6 +26,8 @@ def test_read_from_meminfo(self): read_meminfo_expected_return = { "MemTotal": 32859496, "MemFree": 16275512, + "SwapTotal": 2000000, + "SwapFree": 1000000, "HugePages_Total": 0, "HugePages_Free": 0 } @@ -113,6 +117,8 @@ def test_swap_allocator_context_enter_allocate_true_insufficient_total_memory(se mock_meminfo.return_value = { "MemTotal": 2000000, "MemAvailable": 1900000, + "SwapTotal": 0, + "SwapFree": 0, } mock_exists.return_value = False @@ -135,6 +141,56 @@ def test_swap_allocator_context_enter_allocate_true_insufficient_available_memor mock_meminfo.return_value = { "MemTotal": 3000000, "MemAvailable": 1000000, + "SwapTotal": 0, + "SwapFree": 0, + } + mock_exists.return_value = False + + swap_allocator = SWAPAllocator(allocate=True) + try: + swap_allocator.__enter__() + except Exception as detail: + pytest.fail("SWAPAllocator context manager should not raise exception %s" % repr(detail)) + mock_setup.assert_called_once() + mock_remove.assert_not_called() + assert swap_allocator.is_allocated is True + + def test_swap_allocator_context_enter_allocate_true_insufficient_total_memory_plus_swap(self): + with mock.patch("sonic_installer.main.SWAPAllocator.get_disk_freespace") as mock_disk_free, \ + mock.patch("sonic_installer.main.SWAPAllocator.read_from_meminfo") as mock_meminfo, \ + mock.patch("sonic_installer.main.SWAPAllocator.setup_swapmem") as mock_setup, \ + mock.patch("sonic_installer.main.SWAPAllocator.remove_swapmem") as mock_remove, \ + mock.patch("os.path.exists") as mock_exists: + mock_disk_free.return_value = 10 * 1024 * 1024 * 1024 + mock_meminfo.return_value = { + "MemTotal": 1000000, + "MemAvailable": 900000, + "SwapTotal": 1000000, + "SwapFree": 1000000, + } + mock_exists.return_value = False + + swap_allocator = SWAPAllocator(allocate=True) + try: + swap_allocator.__enter__() + except Exception as detail: + pytest.fail("SWAPAllocator context manager should not raise exception %s" % repr(detail)) + mock_setup.assert_called_once() + mock_remove.assert_not_called() + assert swap_allocator.is_allocated is True + + def test_swap_allocator_context_enter_allocate_true_insufficient_available_memory_plus_swap(self): + with mock.patch("sonic_installer.main.SWAPAllocator.get_disk_freespace") as mock_disk_free, \ + mock.patch("sonic_installer.main.SWAPAllocator.read_from_meminfo") as mock_meminfo, \ + mock.patch("sonic_installer.main.SWAPAllocator.setup_swapmem") as mock_setup, \ + mock.patch("sonic_installer.main.SWAPAllocator.remove_swapmem") as mock_remove, \ + mock.patch("os.path.exists") as mock_exists: + mock_disk_free.return_value = 10 * 1024 * 1024 * 1024 + mock_meminfo.return_value = { + "MemTotal": 2000000, + "MemAvailable": 500000, + "SwapTotal": 1000000, + "SwapFree": 500000, } mock_exists.return_value = False @@ -157,6 +213,8 @@ def test_swap_allocator_context_enter_allocate_true_insufficient_disk_space(self mock_meminfo.return_value = { "MemTotal": 32859496, "MemAvailable": 16275512, + "SwapTotal": 0, + "SwapFree": 0, } mock_exists.return_value = False @@ -179,6 +237,8 @@ def test_swap_allocator_context_enter_allocate_true_swapfile_present(self): mock_meminfo.return_value = { "MemTotal": 32859496, "MemAvailable": 1000000, + "SwapTotal": 0, + "SwapFree": 0, } mock_exists.return_value = True @@ -201,6 +261,8 @@ def test_swap_allocator_context_enter_setup_error(self): mock_meminfo.return_value = { "MemTotal": 32859496, "MemAvailable": 1000000, + "SwapTotal": 0, + "SwapFree": 0, } mock_exists.return_value = False expected_err_str = "Pseudo Error" @@ -225,6 +287,8 @@ def test_swap_allocator_context_enter_allocate_false(self): mock_meminfo.return_value = { "MemTotal": 32859496, "MemAvailable": 1000000, + "SwapTotal": 0, + "SwapFree": 0, } mock_exists.return_value = False From 48997c266a68141caee4b2859657d1e94d2fbcce Mon Sep 17 00:00:00 2001 From: davidpil2002 <91657985+davidpil2002@users.noreply.github.com> Date: Sun, 4 Sep 2022 11:11:14 +0300 Subject: [PATCH 38/47] Add Password Hardening CLI support (#2338) - What I did Add Password Hardening CLI - How I did it created the CLI by using YANG model generator, the YANG model can be found in the password hardening HLD https://github.com/Azure/SONiC/blob/master/doc/passw_hardening/hld_password_hardening.md#TestPlan and also in sonic-buildimage will be merged in the path: src/sonic-yang-models/yang-models/sonic-passwh.yang - How to verify it Manually: you can use configurations command like"config passw-hardening policies " or "show passw-hardening policies" (more examples in the HLD.) Auto: 1.There are unitest of each policy including good & bad flow in this commit, that should pass. 2.There are tests in sonic-mgmt repo in the path: sonic-mgmt/tests/passw_hardening/ the test are end to end test and the are testing the config/show CLI commands as well. --- config/plugins/sonic-passwh_yang.py | 380 ++++++++++++++++++ show/plugins/sonic-passwh_yang.py | 126 ++++++ .../assert_show_output.py | 40 ++ .../default_config_db.json | 14 + tests/passw_hardening_test.py | 222 ++++++++++ 5 files changed, 782 insertions(+) create mode 100644 config/plugins/sonic-passwh_yang.py create mode 100644 show/plugins/sonic-passwh_yang.py create mode 100644 tests/passw_hardening_input/assert_show_output.py create mode 100644 tests/passw_hardening_input/default_config_db.json create mode 100644 tests/passw_hardening_test.py diff --git a/config/plugins/sonic-passwh_yang.py b/config/plugins/sonic-passwh_yang.py new file mode 100644 index 0000000000..6cfe2acafe --- /dev/null +++ b/config/plugins/sonic-passwh_yang.py @@ -0,0 +1,380 @@ +import copy +import click +import utilities_common.cli as clicommon +import utilities_common.general as general +from config import config_mgmt + + +# Load sonic-cfggen from source since /usr/local/bin/sonic-cfggen does not have .py extension. +sonic_cfggen = general.load_module_from_source('sonic_cfggen', '/usr/local/bin/sonic-cfggen') + + +def exit_with_error(*args, **kwargs): + """ Print a message with click.secho and abort CLI. + + Args: + args: Positional arguments to pass to click.secho + kwargs: Keyword arguments to pass to click.secho + """ + + click.secho(*args, **kwargs) + raise click.Abort() + + +def validate_config_or_raise(cfg): + """ Validate config db data using ConfigMgmt. + + Args: + cfg (Dict): Config DB data to validate. + Raises: + Exception: when cfg does not satisfy YANG schema. + """ + + try: + cfg = sonic_cfggen.FormatConverter.to_serialized(copy.deepcopy(cfg)) + config_mgmt.ConfigMgmt().loadData(cfg) + except Exception as err: + raise Exception('Failed to validate configuration: {}'.format(err)) + + +def update_entry_validated(db, table, key, data, create_if_not_exists=False): + """ Update entry in table and validate configuration. + If attribute value in data is None, the attribute is deleted. + + Args: + db (swsscommon.ConfigDBConnector): Config DB connector obect. + table (str): Table name to add new entry to. + key (Union[str, Tuple]): Key name in the table. + data (Dict): Entry data. + create_if_not_exists (bool): + In case entry does not exists already a new entry + is not created if this flag is set to False and + creates a new entry if flag is set to True. + Raises: + Exception: when cfg does not satisfy YANG schema. + """ + + cfg = db.get_config() + cfg.setdefault(table, {}) + + if not data: + raise Exception(f"No field/values to update {key}") + + if create_if_not_exists: + cfg[table].setdefault(key, {}) + + if key not in cfg[table]: + raise Exception(f"{key} does not exist") + + entry_changed = False + for attr, value in data.items(): + if value == cfg[table][key].get(attr): + continue + entry_changed = True + if value is None: + cfg[table][key].pop(attr, None) + else: + cfg[table][key][attr] = value + + if not entry_changed: + return + + validate_config_or_raise(cfg) + db.set_entry(table, key, cfg[table][key]) + + +@click.group(name="passw-hardening", + cls=clicommon.AliasedGroup) +def PASSW_HARDENING(): + """ PASSWORD HARDENING part of config_db.json """ + + pass + + + + +@PASSW_HARDENING.group(name="policies", + cls=clicommon.AliasedGroup) +@clicommon.pass_db +def PASSW_HARDENING_POLICIES(db): + """ """ + + pass + + + + +@PASSW_HARDENING_POLICIES.command(name="state") + +@click.argument( + "state", + nargs=1, + required=True, +) +@clicommon.pass_db +def PASSW_HARDENING_POLICIES_state(db, state): + """ state of the feature """ + + table = "PASSW_HARDENING" + key = "POLICIES" + data = { + "state": state, + } + try: + update_entry_validated(db.cfgdb, table, key, data, create_if_not_exists=True) + except Exception as err: + exit_with_error(f"Error: {err}", fg="red") + + + +@PASSW_HARDENING_POLICIES.command(name="expiration") + +@click.argument( + "expiration", + nargs=1, + required=True, +) +@clicommon.pass_db +def PASSW_HARDENING_POLICIES_expiration(db, expiration): + """ expiration time (days unit) """ + + table = "PASSW_HARDENING" + key = "POLICIES" + data = { + "expiration": expiration, + } + try: + update_entry_validated(db.cfgdb, table, key, data, create_if_not_exists=True) + except Exception as err: + exit_with_error(f"Error: {err}", fg="red") + + + +@PASSW_HARDENING_POLICIES.command(name="expiration-warning") + +@click.argument( + "expiration-warning", + nargs=1, + required=True, +) +@clicommon.pass_db +def PASSW_HARDENING_POLICIES_expiration_warning(db, expiration_warning): + """ expiration warning time (days unit) """ + + table = "PASSW_HARDENING" + key = "POLICIES" + data = { + "expiration_warning": expiration_warning, + } + try: + update_entry_validated(db.cfgdb, table, key, data, create_if_not_exists=True) + except Exception as err: + exit_with_error(f"Error: {err}", fg="red") + + + +@PASSW_HARDENING_POLICIES.command(name="history-cnt") + +@click.argument( + "history-cnt", + nargs=1, + required=True, +) +@clicommon.pass_db +def PASSW_HARDENING_POLICIES_history_cnt(db, history_cnt): + """ num of old password that the system will recorded """ + + table = "PASSW_HARDENING" + key = "POLICIES" + data = { + "history_cnt": history_cnt, + } + try: + update_entry_validated(db.cfgdb, table, key, data, create_if_not_exists=True) + except Exception as err: + exit_with_error(f"Error: {err}", fg="red") + + + +@PASSW_HARDENING_POLICIES.command(name="len-min") + +@click.argument( + "len-min", + nargs=1, + required=True, +) +@clicommon.pass_db +def PASSW_HARDENING_POLICIES_len_min(db, len_min): + """ password min length """ + + table = "PASSW_HARDENING" + key = "POLICIES" + data = { + "len_min": len_min, + } + try: + update_entry_validated(db.cfgdb, table, key, data, create_if_not_exists=True) + except Exception as err: + exit_with_error(f"Error: {err}", fg="red") + + + +@PASSW_HARDENING_POLICIES.command(name="reject-user-passw-match") + +@click.argument( + "reject-user-passw-match", + nargs=1, + required=True, +) +@clicommon.pass_db +def PASSW_HARDENING_POLICIES_reject_user_passw_match(db, reject_user_passw_match): + """ username password match """ + + table = "PASSW_HARDENING" + key = "POLICIES" + data = { + "reject_user_passw_match": reject_user_passw_match, + } + try: + update_entry_validated(db.cfgdb, table, key, data, create_if_not_exists=True) + except Exception as err: + exit_with_error(f"Error: {err}", fg="red") + + + +@PASSW_HARDENING_POLICIES.command(name="lower-class") + +@click.argument( + "lower-class", + nargs=1, + required=True, +) +@clicommon.pass_db +def PASSW_HARDENING_POLICIES_lower_class(db, lower_class): + """ password lower chars policy """ + + table = "PASSW_HARDENING" + key = "POLICIES" + data = { + "lower_class": lower_class, + } + try: + update_entry_validated(db.cfgdb, table, key, data, create_if_not_exists=True) + except Exception as err: + exit_with_error(f"Error: {err}", fg="red") + + + +@PASSW_HARDENING_POLICIES.command(name="upper-class") + +@click.argument( + "upper-class", + nargs=1, + required=True, +) +@clicommon.pass_db +def PASSW_HARDENING_POLICIES_upper_class(db, upper_class): + """ password upper chars policy """ + + table = "PASSW_HARDENING" + key = "POLICIES" + data = { + "upper_class": upper_class, + } + try: + update_entry_validated(db.cfgdb, table, key, data, create_if_not_exists=True) + except Exception as err: + exit_with_error(f"Error: {err}", fg="red") + + + +@PASSW_HARDENING_POLICIES.command(name="digits-class") + +@click.argument( + "digits-class", + nargs=1, + required=True, +) +@clicommon.pass_db +def PASSW_HARDENING_POLICIES_digits_class(db, digits_class): + """ password digits chars policy """ + + table = "PASSW_HARDENING" + key = "POLICIES" + data = { + "digits_class": digits_class, + } + try: + update_entry_validated(db.cfgdb, table, key, data, create_if_not_exists=True) + except Exception as err: + exit_with_error(f"Error: {err}", fg="red") + + + +@PASSW_HARDENING_POLICIES.command(name="special-class") + +@click.argument( + "special-class", + nargs=1, + required=True, +) +@clicommon.pass_db +def PASSW_HARDENING_POLICIES_special_class(db, special_class): + """ password special chars policy """ + + table = "PASSW_HARDENING" + key = "POLICIES" + data = { + "special_class": special_class, + } + try: + update_entry_validated(db.cfgdb, table, key, data, create_if_not_exists=True) + except Exception as err: + exit_with_error(f"Error: {err}", fg="red") + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +def register(cli): + """ Register new CLI nodes in root CLI. + + Args: + cli: Root CLI node. + Raises: + Exception: when root CLI already has a command + we are trying to register. + """ + cli_node = PASSW_HARDENING + if cli_node.name in cli.commands: + raise Exception(f"{cli_node.name} already exists in CLI") + cli.add_command(PASSW_HARDENING) diff --git a/show/plugins/sonic-passwh_yang.py b/show/plugins/sonic-passwh_yang.py new file mode 100644 index 0000000000..04f56877a0 --- /dev/null +++ b/show/plugins/sonic-passwh_yang.py @@ -0,0 +1,126 @@ +""" +Auto-generated show CLI plugin. + + +""" + +import click +import tabulate +import utilities_common.cli as clicommon + + + + + +def format_attr_value(entry, attr): + """ Helper that formats attribute to be presented in the table output. + + Args: + entry (Dict[str, str]): CONFIG DB entry configuration. + attr (Dict): Attribute metadata. + + Returns: + str: fomatted attribute value. + """ + + if attr["is-leaf-list"]: + return "\n".join(entry.get(attr["name"], [])) + return entry.get(attr["name"], "N/A") + + +@click.group(name="passw-hardening", + cls=clicommon.AliasedGroup) +def PASSW_HARDENING(): + """ PASSWORD HARDENING part of config_db.json """ + + pass + + + +@PASSW_HARDENING.command(name="policies") +@clicommon.pass_db +def PASSW_HARDENING_POLICIES(db): + """ """ + + header = [ + +"STATE", +"EXPIRATION", +"EXPIRATION WARNING", +"HISTORY CNT", +"LEN MIN", +"REJECT USER PASSW MATCH", +"LOWER CLASS", +"UPPER CLASS", +"DIGITS CLASS", +"SPECIAL CLASS", + +] + + body = [] + + table = db.cfgdb.get_table("PASSW_HARDENING") + entry = table.get("POLICIES", {}) + row = [ + format_attr_value( + entry, + {'name': 'state', 'description': 'state of the feature', 'is-leaf-list': False, 'is-mandatory': False, 'group': ''} + ), + format_attr_value( + entry, + {'name': 'expiration', 'description': 'expiration time (days unit)', 'is-leaf-list': False, 'is-mandatory': False, 'group': ''} + ), + format_attr_value( + entry, + {'name': 'expiration_warning', 'description': 'expiration warning time (days unit)', 'is-leaf-list': False, 'is-mandatory': False, 'group': ''} + ), + format_attr_value( + entry, + {'name': 'history_cnt', 'description': 'num of old password that the system will recorded', 'is-leaf-list': False, 'is-mandatory': False, 'group': ''} + ), + format_attr_value( + entry, + {'name': 'len_min', 'description': 'password min length', 'is-leaf-list': False, 'is-mandatory': False, 'group': ''} + ), + format_attr_value( + entry, + {'name': 'reject_user_passw_match', 'description': 'username password match', 'is-leaf-list': False, 'is-mandatory': False, 'group': ''} + ), + format_attr_value( + entry, + {'name': 'lower_class', 'description': 'password lower chars policy', 'is-leaf-list': False, 'is-mandatory': False, 'group': ''} + ), + format_attr_value( + entry, + {'name': 'upper_class', 'description': 'password upper chars policy', 'is-leaf-list': False, 'is-mandatory': False, 'group': ''} + ), + format_attr_value( + entry, + {'name': 'digits_class', 'description': 'password digits chars policy', 'is-leaf-list': False, 'is-mandatory': False, 'group': ''} + ), + format_attr_value( + entry, + {'name': 'special_class', 'description': 'password special chars policy', 'is-leaf-list': False, 'is-mandatory': False, 'group': ''} + ), +] + + body.append(row) + click.echo(tabulate.tabulate(body, header)) + + + + + +def register(cli): + """ Register new CLI nodes in root CLI. + + Args: + cli (click.core.Command): Root CLI node. + Raises: + Exception: when root CLI already has a command + we are trying to register. + """ + cli_node = PASSW_HARDENING + if cli_node.name in cli.commands: + raise Exception(f"{cli_node.name} already exists in CLI") + cli.add_command(PASSW_HARDENING) diff --git a/tests/passw_hardening_input/assert_show_output.py b/tests/passw_hardening_input/assert_show_output.py new file mode 100644 index 0000000000..9500c98be4 --- /dev/null +++ b/tests/passw_hardening_input/assert_show_output.py @@ -0,0 +1,40 @@ +""" +Module holding the correct values for show CLI command outputs for the passw_hardening_test.py +""" + +show_passw_hardening_policies_default="""\ +STATE EXPIRATION EXPIRATION WARNING HISTORY CNT LEN MIN REJECT USER PASSW MATCH LOWER CLASS UPPER CLASS DIGITS CLASS SPECIAL CLASS +-------- ------------ -------------------- ------------- --------- ------------------------- ------------- ------------- -------------- --------------- +disabled 180 15 10 8 true true true true true +""" + +show_passw_hardening_policies_classes_disabled="""\ +STATE EXPIRATION EXPIRATION WARNING HISTORY CNT LEN MIN REJECT USER PASSW MATCH LOWER CLASS UPPER CLASS DIGITS CLASS SPECIAL CLASS +-------- ------------ -------------------- ------------- --------- ------------------------- ------------- ------------- -------------- --------------- +disabled 180 15 10 8 false false false false false +""" + +show_passw_hardening_policies_enabled="""\ +STATE EXPIRATION EXPIRATION WARNING HISTORY CNT LEN MIN REJECT USER PASSW MATCH LOWER CLASS UPPER CLASS DIGITS CLASS SPECIAL CLASS +------- ------------ -------------------- ------------- --------- ------------------------- ------------- ------------- -------------- --------------- +enabled 180 15 10 8 true true true true true +""" + + +show_passw_hardening_policies_expiration="""\ +STATE EXPIRATION EXPIRATION WARNING HISTORY CNT LEN MIN REJECT USER PASSW MATCH LOWER CLASS UPPER CLASS DIGITS CLASS SPECIAL CLASS +------- ------------ -------------------- ------------- --------- ------------------------- ------------- ------------- -------------- --------------- +enabled 100 15 10 8 true true true true true +""" + +show_passw_hardening_policies_history_cnt="""\ +STATE EXPIRATION EXPIRATION WARNING HISTORY CNT LEN MIN REJECT USER PASSW MATCH LOWER CLASS UPPER CLASS DIGITS CLASS SPECIAL CLASS +-------- ------------ -------------------- ------------- --------- ------------------------- ------------- ------------- -------------- --------------- +disabled 180 15 40 8 true true true true true +""" + +show_passw_hardening_policies_len_min="""\ +STATE EXPIRATION EXPIRATION WARNING HISTORY CNT LEN MIN REJECT USER PASSW MATCH LOWER CLASS UPPER CLASS DIGITS CLASS SPECIAL CLASS +-------- ------------ -------------------- ------------- --------- ------------------------- ------------- ------------- -------------- --------------- +disabled 180 15 10 30 true true true true true +""" \ No newline at end of file diff --git a/tests/passw_hardening_input/default_config_db.json b/tests/passw_hardening_input/default_config_db.json new file mode 100644 index 0000000000..0eb363eb41 --- /dev/null +++ b/tests/passw_hardening_input/default_config_db.json @@ -0,0 +1,14 @@ +{ + "PASSW_HARDENING|POLICIES": { + "state": "disabled", + "expiration": "180", + "expiration_warning": "15", + "history_cnt": "10", + "len_min": "8", + "reject_user_passw_match": "true", + "digits_class": "true", + "lower_class": "true", + "special_class": "true", + "upper_class": "true" + } +} diff --git a/tests/passw_hardening_test.py b/tests/passw_hardening_test.py new file mode 100644 index 0000000000..e57fdfd0c8 --- /dev/null +++ b/tests/passw_hardening_test.py @@ -0,0 +1,222 @@ +#!/usr/bin/env python + +import os +import logging +import show.main as show +import config.main as config + +from .passw_hardening_input import assert_show_output +from utilities_common.db import Db +from click.testing import CliRunner +from .mock_tables import dbconnector + +logger = logging.getLogger(__name__) +test_path = os.path.dirname(os.path.abspath(__file__)) +mock_db_path = os.path.join(test_path, "passw_hardening_input") + +SUCCESS = 0 +ERROR = 1 +INVALID_VALUE = 'INVALID' +EXP_GOOD_FLOW = 1 +EXP_BAD_FLOW = 0 + +class TestPasswHardening: + @classmethod + def setup_class(cls): + logger.info("SETUP") + os.environ['UTILITIES_UNIT_TESTING'] = "2" + + + @classmethod + def teardown_class(cls): + logger.info("TEARDOWN") + os.environ['UTILITIES_UNIT_TESTING'] = "0" + os.environ["UTILITIES_UNIT_TESTING_TOPOLOGY"] = "" + dbconnector.dedicated_dbs['CONFIG_DB'] = None + + def verify_passw_policies_output(self, db, runner, output, expected=EXP_GOOD_FLOW): + result = runner.invoke(show.cli.commands["passw-hardening"].commands["policies"], [], obj=db) + logger.debug("\n" + result.output) + logger.debug(result.exit_code) + + if expected: # good flow expected (default) + assert result.exit_code == SUCCESS + assert result.output == output + else: # bad flow expected + assert result.exit_code == ERROR + + def passw_hardening_set_policy(self, runner, db, attr, value, expected=EXP_GOOD_FLOW): + result = runner.invoke( + config.config.commands["passw-hardening"].commands["policies"].commands[attr], + [value], obj=db + ) + + if expected: # good flow expected (default) + logger.debug("\n" + result.output) + logger.debug(result.exit_code) + assert result.exit_code == SUCCESS + else: # bad flow expected + assert result.exit_code == ERROR + + + ######### PASSW-HARDENING ######### + + def test_passw_hardening_default(self): + dbconnector.dedicated_dbs['CONFIG_DB'] = os.path.join(mock_db_path, 'default_config_db') + db = Db() + runner = CliRunner() + + self.verify_passw_policies_output(db, runner, assert_show_output.show_passw_hardening_policies_default) + + def test_passw_hardening_feature_enabled(self): + dbconnector.dedicated_dbs['CONFIG_DB'] = os.path.join(mock_db_path, 'default_config_db') + db = Db() + runner = CliRunner() + + self.passw_hardening_set_policy(runner, db, "state", "enabled") + + self.verify_passw_policies_output(db, runner, assert_show_output.show_passw_hardening_policies_enabled) + + def test_passw_hardening_feature_disabled(self): + dbconnector.dedicated_dbs['CONFIG_DB'] = os.path.join(mock_db_path, 'default_config_db') + db = Db() + runner = CliRunner() + + self.passw_hardening_set_policy(runner, db, "state", "enabled") + self.passw_hardening_set_policy(runner, db, "state", "disabled") + + self.verify_passw_policies_output(db, runner, assert_show_output.show_passw_hardening_policies_default) + + def test_passw_hardening_policies_classes_disabled(self): + """Disable passw hardening classes & reject user passw match policies""" + + dbconnector.dedicated_dbs['CONFIG_DB'] = os.path.join(mock_db_path, 'default_config_db') + db = Db() + runner = CliRunner() + + passw_classes = { "reject-user-passw-match": "false", + "digits-class": "false", + "lower-class": "false", + "special-class": "false", + "upper-class": "false" + } + + for k, v in passw_classes.items(): + self.passw_hardening_set_policy(runner, db, k, v) + + self.verify_passw_policies_output(db, runner, assert_show_output.show_passw_hardening_policies_classes_disabled) + + def test_passw_hardening_policies_exp_time(self): + dbconnector.dedicated_dbs['CONFIG_DB'] = os.path.join(mock_db_path, 'default_config_db') + db = Db() + runner = CliRunner() + + self.passw_hardening_set_policy(runner, db, "state", "enabled") + self.passw_hardening_set_policy(runner, db, "expiration", "100") + self.passw_hardening_set_policy(runner, db, "expiration-warning", "15") + + self.verify_passw_policies_output(db, runner, assert_show_output.show_passw_hardening_policies_expiration) + + def test_passw_hardening_policies_history(self): + dbconnector.dedicated_dbs['CONFIG_DB'] = os.path.join(mock_db_path, 'default_config_db') + db = Db() + runner = CliRunner() + + self.passw_hardening_set_policy(runner, db, "history-cnt", "40") + + self.verify_passw_policies_output(db, runner, assert_show_output.show_passw_hardening_policies_history_cnt) + + def test_passw_hardening_policies_len_min(self): + dbconnector.dedicated_dbs['CONFIG_DB'] = os.path.join(mock_db_path, 'default_config_db') + db = Db() + runner = CliRunner() + + self.passw_hardening_set_policy(runner, db, "len-min", "30") + + self.verify_passw_policies_output(db, runner, assert_show_output.show_passw_hardening_policies_len_min) + + def test_passw_hardening_bad_flow_len_min(self): + dbconnector.dedicated_dbs['CONFIG_DB'] = os.path.join(mock_db_path, 'default_config_db') + db = Db() + runner = CliRunner() + + self.passw_hardening_set_policy(runner, db, "state", "enabled") + self.passw_hardening_set_policy(runner, db, "len-min", "10000", EXP_BAD_FLOW) + + def test_passw_hardening_bad_flow_history_cnt(self): + dbconnector.dedicated_dbs['CONFIG_DB'] = os.path.join(mock_db_path, 'default_config_db') + db = Db() + runner = CliRunner() + + self.passw_hardening_set_policy(runner, db, "state", "enabled") + self.passw_hardening_set_policy(runner, db, "history-cnt", "100000", EXP_BAD_FLOW) + + def test_passw_hardening_bad_flow_state(self): + dbconnector.dedicated_dbs['CONFIG_DB'] = os.path.join(mock_db_path, 'default_config_db') + db = Db() + runner = CliRunner() + + self.passw_hardening_set_policy(runner, db, "state", "0", EXP_BAD_FLOW) + + def test_passw_hardening_bad_flow_expiration(self): + dbconnector.dedicated_dbs['CONFIG_DB'] = os.path.join(mock_db_path, 'default_config_db') + db = Db() + runner = CliRunner() + + self.passw_hardening_set_policy(runner, db, "expiration", "####", EXP_BAD_FLOW) + + def test_passw_hardening_bad_flow_expiration_warning(self): + dbconnector.dedicated_dbs['CONFIG_DB'] = os.path.join(mock_db_path, 'default_config_db') + db = Db() + runner = CliRunner() + + self.passw_hardening_set_policy(runner, db, "expiration-warning", "4000", EXP_BAD_FLOW) + + def test_passw_hardening_bad_flow_upper_class(self): + dbconnector.dedicated_dbs['CONFIG_DB'] = os.path.join(mock_db_path, 'default_config_db') + db = Db() + runner = CliRunner() + + self.passw_hardening_set_policy(runner, db, "upper-class", "1", EXP_BAD_FLOW) + + def test_passw_hardening_bad_flow_lower_class(self): + dbconnector.dedicated_dbs['CONFIG_DB'] = os.path.join(mock_db_path, 'default_config_db') + db = Db() + runner = CliRunner() + + self.passw_hardening_set_policy(runner, db, "lower-class", "1", EXP_BAD_FLOW) + + def test_passw_hardening_bad_flow_special_class(self): + dbconnector.dedicated_dbs['CONFIG_DB'] = os.path.join(mock_db_path, 'default_config_db') + db = Db() + runner = CliRunner() + + self.passw_hardening_set_policy(runner, db, "special-class", "1", EXP_BAD_FLOW) + + def test_passw_hardening_bad_flow_digits_class(self): + dbconnector.dedicated_dbs['CONFIG_DB'] = os.path.join(mock_db_path, 'default_config_db') + db = Db() + runner = CliRunner() + + self.passw_hardening_set_policy(runner, db, "digits-class", "1", EXP_BAD_FLOW) + + def test_passw_hardening_bad_flow_reject_user_passw_match(self): + dbconnector.dedicated_dbs['CONFIG_DB'] = os.path.join(mock_db_path, 'default_config_db') + db = Db() + runner = CliRunner() + + self.passw_hardening_set_policy(runner, db, "reject-user-passw-match", "1", EXP_BAD_FLOW) + + def test_passw_hardening_bad_flow_policy(self): + dbconnector.dedicated_dbs['CONFIG_DB'] = os.path.join(mock_db_path, 'default_config_db') + db = Db() + runner = CliRunner() + try: + self.passw_hardening_set_policy(runner, db, "no-exist-command", "1", EXP_BAD_FLOW) + except Exception as e: + # import pdb;pdb.set_trace() + if 'no-exist-command' in str(e): + pass + else: + raise e + From 676c31bd0e230e6aa613ca3a76008b8ffade9123 Mon Sep 17 00:00:00 2001 From: jingwenxie Date: Mon, 5 Sep 2022 11:02:24 +0800 Subject: [PATCH 39/47] Add verification for override (#2305) What I did Add Yang verification for config override-config-table How I did it Make 3 step verification: running config, golden input, final config How to verify it Run unit test. --- config/main.py | 78 ++++++++++++---- .../final_config_yang_failure.json | 71 +++++++++++++++ .../golden_input_yang_failure.json | 89 +++++++++++++++++++ .../running_config_yang_failure.json | 89 +++++++++++++++++++ tests/config_override_test.py | 89 +++++++++++++++++++ 5 files changed, 397 insertions(+), 19 deletions(-) create mode 100644 tests/config_override_input/final_config_yang_failure.json create mode 100644 tests/config_override_input/golden_input_yang_failure.json create mode 100644 tests/config_override_input/running_config_yang_failure.json diff --git a/config/main.py b/config/main.py index 53180cf519..bbcfc5d84f 100644 --- a/config/main.py +++ b/config/main.py @@ -12,6 +12,7 @@ import sys import time import itertools +import copy from collections import OrderedDict from generic_config_updater.generic_updater import GenericUpdater, ConfigFormat @@ -46,7 +47,7 @@ from . import vlan from . import vxlan from . import plugins -from .config_mgmt import ConfigMgmtDPB +from .config_mgmt import ConfigMgmtDPB, ConfigMgmt from . import mclag from . import syslog @@ -1885,27 +1886,66 @@ def override_config_table(db, input_config_db, dry_run): config_db = db.cfgdb + # Read config from configDB + current_config = config_db.get_config() + # Serialize to the same format as json input + sonic_cfggen.FormatConverter.to_serialized(current_config) + + updated_config = update_config(current_config, config_input) + + yang_enabled = device_info.is_yang_config_validation_enabled(config_db) + if yang_enabled: + # The ConfigMgmt will load YANG and running + # config during initialization. + try: + cm = ConfigMgmt() + cm.validateConfigData() + except Exception as ex: + click.secho("Failed to validate running config. Error: {}".format(ex), fg="magenta") + sys.exit(1) + + # Validate input config + validate_config_by_cm(cm, config_input, "config_input") + # Validate updated whole config + validate_config_by_cm(cm, updated_config, "updated_config") + if dry_run: - # Read config from configDB - current_config = config_db.get_config() - # Serialize to the same format as json input - sonic_cfggen.FormatConverter.to_serialized(current_config) - # Override current config with golden config - for table in config_input: - current_config[table] = config_input[table] - print(json.dumps(current_config, sort_keys=True, + print(json.dumps(updated_config, sort_keys=True, indent=4, cls=minigraph_encoder)) else: - # Deserialized golden config to DB recognized format - sonic_cfggen.FormatConverter.to_deserialized(config_input) - # Delete table from DB then mod_config to apply golden config - click.echo("Removing configDB overriden table first ...") - for table in config_input: - config_db.delete_table(table) - click.echo("Overriding input config to configDB ...") - data = sonic_cfggen.FormatConverter.output_to_db(config_input) - config_db.mod_config(data) - click.echo("Overriding completed. No service is restarted.") + override_config_db(config_db, config_input) + + +def validate_config_by_cm(cm, config_json, jname): + tmp_config_json = copy.deepcopy(config_json) + try: + cm.loadData(tmp_config_json) + cm.validateConfigData() + except Exception as ex: + click.secho("Failed to validate {}. Error: {}".format(jname, ex), fg="magenta") + sys.exit(1) + + +def update_config(current_config, config_input): + updated_config = copy.deepcopy(current_config) + # Override current config with golden config + for table in config_input: + updated_config[table] = config_input[table] + return updated_config + + +def override_config_db(config_db, config_input): + # Deserialized golden config to DB recognized format + sonic_cfggen.FormatConverter.to_deserialized(config_input) + # Delete table from DB then mod_config to apply golden config + click.echo("Removing configDB overriden table first ...") + for table in config_input: + config_db.delete_table(table) + click.echo("Overriding input config to configDB ...") + data = sonic_cfggen.FormatConverter.output_to_db(config_input) + config_db.mod_config(data) + click.echo("Overriding completed. No service is restarted.") + # # 'hostname' command diff --git a/tests/config_override_input/final_config_yang_failure.json b/tests/config_override_input/final_config_yang_failure.json new file mode 100644 index 0000000000..51e5e40098 --- /dev/null +++ b/tests/config_override_input/final_config_yang_failure.json @@ -0,0 +1,71 @@ +{ + "running_config": { + "ACL_TABLE": { + "DATAACL": { + "policy_desc": "DATAACL", + "ports": [ + "Ethernet4" + ], + "stage": "ingress", + "type": "L3" + }, + "NTP_ACL": { + "policy_desc": "NTP_ACL", + "services": [ + "NTP" + ], + "stage": "ingress", + "type": "CTRLPLANE" + } + }, + "AUTO_TECHSUPPORT_FEATURE": { + "bgp": { + "rate_limit_interval": "600", + "state": "enabled" + }, + "database": { + "rate_limit_interval": "600", + "state": "enabled" + } + }, + "PORT": { + "Ethernet4": { + "admin_status": "up", + "alias": "fortyGigE0/4", + "description": "Servers0:eth0", + "index": "1", + "lanes": "29,30,31,32", + "mtu": "9100", + "pfc_asym": "off", + "speed": "40000", + "tpid": "0x8100" + }, + "Ethernet8": { + "admin_status": "up", + "alias": "fortyGigE0/8", + "description": "Servers1:eth0", + "index": "2", + "lanes": "33,34,35,36", + "mtu": "9100", + "pfc_asym": "off", + "speed": "40000", + "tpid": "0x8100" + } + } + }, + "golden_config": { + "PORT": { + "Ethernet12": { + "admin_status": "up", + "alias": "fortyGigE0/12", + "description": "Servers2:eth0", + "index": "3", + "lanes": "37,38,39,40", + "mtu": "9100", + "pfc_asym": "off", + "speed": "40000", + "tpid": "0x8100" + } + } + } +} diff --git a/tests/config_override_input/golden_input_yang_failure.json b/tests/config_override_input/golden_input_yang_failure.json new file mode 100644 index 0000000000..4b533e1598 --- /dev/null +++ b/tests/config_override_input/golden_input_yang_failure.json @@ -0,0 +1,89 @@ +{ + "running_config": { + "ACL_TABLE": { + "DATAACL": { + "policy_desc": "DATAACL", + "ports": [ + "Ethernet4" + ], + "stage": "ingress", + "type": "L3" + }, + "NTP_ACL": { + "policy_desc": "NTP_ACL", + "services": [ + "NTP" + ], + "stage": "ingress", + "type": "CTRLPLANE" + } + }, + "AUTO_TECHSUPPORT_FEATURE": { + "bgp": { + "rate_limit_interval": "600", + "state": "enabled" + }, + "database": { + "rate_limit_interval": "600", + "state": "enabled" + } + }, + "PORT": { + "Ethernet4": { + "admin_status": "up", + "alias": "fortyGigE0/4", + "description": "Servers0:eth0", + "index": "1", + "lanes": "29,30,31,32", + "mtu": "9100", + "pfc_asym": "off", + "speed": "40000", + "tpid": "0x8100" + }, + "Ethernet8": { + "admin_status": "up", + "alias": "fortyGigE0/8", + "description": "Servers1:eth0", + "index": "2", + "lanes": "33,34,35,36", + "mtu": "9100", + "pfc_asym": "off", + "speed": "40000", + "tpid": "0x8100" + } + } + }, + "golden_config": { + "ACL_TABLE": { + "EVERFLOWV6": { + "policy_desc": "EVERFLOWV6", + "ports": [ + "Ethernet0" + ], + "stage": "ingress", + "type": "MIRRORV6" + } + }, + "AUTO_TECHSUPPORT_FEATURE": { + "bgp": { + "state": "disabled" + }, + "database": { + "state": "disabled" + } + }, + "PORT": { + "Ethernet12": { + "admin_status": "up", + "alias": "fortyGigE0/12", + "description": "Servers2:eth0", + "index": "3", + "lanes": "37,38,39,40", + "mtu": "9100", + "pfc_asym": "off", + "speed": "40000", + "tpid": "0x8100" + } + } + } +} diff --git a/tests/config_override_input/running_config_yang_failure.json b/tests/config_override_input/running_config_yang_failure.json new file mode 100644 index 0000000000..7060dd4d22 --- /dev/null +++ b/tests/config_override_input/running_config_yang_failure.json @@ -0,0 +1,89 @@ +{ + "running_config": { + "ACL_TABLE": { + "DATAACL": { + "policy_desc": "DATAACL", + "ports": [ + "Ethernet0" + ], + "stage": "ingress", + "type": "L3" + }, + "NTP_ACL": { + "policy_desc": "NTP_ACL", + "services": [ + "NTP" + ], + "stage": "ingress", + "type": "CTRLPLANE" + } + }, + "AUTO_TECHSUPPORT_FEATURE": { + "bgp": { + "rate_limit_interval": "600", + "state": "enabled" + }, + "database": { + "rate_limit_interval": "600", + "state": "enabled" + } + }, + "PORT": { + "Ethernet4": { + "admin_status": "up", + "alias": "fortyGigE0/4", + "description": "Servers0:eth0", + "index": "1", + "lanes": "29,30,31,32", + "mtu": "9100", + "pfc_asym": "off", + "speed": "40000", + "tpid": "0x8100" + }, + "Ethernet8": { + "admin_status": "up", + "alias": "fortyGigE0/8", + "description": "Servers1:eth0", + "index": "2", + "lanes": "33,34,35,36", + "mtu": "9100", + "pfc_asym": "off", + "speed": "40000", + "tpid": "0x8100" + } + } + }, + "golden_config": { + "ACL_TABLE": { + "EVERFLOWV6": { + "policy_desc": "EVERFLOWV6", + "ports": [ + "Ethernet12" + ], + "stage": "ingress", + "type": "MIRRORV6" + } + }, + "AUTO_TECHSUPPORT_FEATURE": { + "bgp": { + "state": "disabled" + }, + "database": { + "state": "disabled" + } + }, + "PORT": { + "Ethernet12": { + "admin_status": "up", + "alias": "fortyGigE0/12", + "description": "Servers2:eth0", + "index": "3", + "lanes": "37,38,39,40", + "mtu": "9100", + "pfc_asym": "off", + "speed": "40000", + "tpid": "0x8100" + } + } + } +} diff --git a/tests/config_override_test.py b/tests/config_override_test.py index 255e63989d..1b058ace13 100644 --- a/tests/config_override_test.py +++ b/tests/config_override_test.py @@ -17,10 +17,16 @@ FULL_CONFIG_OVERRIDE = os.path.join(DATA_DIR, "full_config_override.json") PORT_CONFIG_OVERRIDE = os.path.join(DATA_DIR, "port_config_override.json") EMPTY_TABLE_REMOVAL = os.path.join(DATA_DIR, "empty_table_removal.json") +RUNNING_CONFIG_YANG_FAILURE = os.path.join(DATA_DIR, "running_config_yang_failure.json") +GOLDEN_INPUT_YANG_FAILURE = os.path.join(DATA_DIR, "golden_input_yang_failure.json") +FINAL_CONFIG_YANG_FAILURE = os.path.join(DATA_DIR, "final_config_yang_failure.json") # Load sonic-cfggen from source since /usr/local/bin/sonic-cfggen does not have .py extension. sonic_cfggen = load_module_from_source('sonic_cfggen', '/usr/local/bin/sonic-cfggen') +config_mgmt_py_path = os.path.join(os.path.dirname(__file__), '..', 'config', 'config_mgmt.py') +config_mgmt = load_module_from_source('config_mgmt', config_mgmt_py_path) + def write_init_config_db(cfgdb, config): tables = cfgdb.get_config() @@ -163,6 +169,89 @@ def read_json_file_side_effect(filename): assert result.exit_code == 0 assert current_config == expected_config + def test_yang_verification_enabled(self): + def is_yang_config_validation_enabled_side_effect(filename): + return True + + def config_mgmt_side_effect(): + return config_mgmt.ConfigMgmt(source=CONFIG_DB_JSON_FILE) + + db = Db() + with open(FULL_CONFIG_OVERRIDE, "r") as f: + read_data = json.load(f) + + # ConfigMgmt will call ConfigDBConnector to load default config_db.json. + # Here I modify the ConfigMgmt initialization and make it initiated with + # a source file which share the same as what we write to cfgdb. + CONFIG_DB_JSON_FILE = "startConfigDb.json" + write_config_to_file(read_data['running_config'], CONFIG_DB_JSON_FILE) + with mock.patch('config.main.device_info.is_yang_config_validation_enabled', + mock.MagicMock(side_effect=is_yang_config_validation_enabled_side_effect)), \ + mock.patch('config.main.ConfigMgmt', + mock.MagicMock(side_effect=config_mgmt_side_effect)): + self.check_override_config_table( + db, config, read_data['running_config'], read_data['golden_config'], + read_data['expected_config']) + + + def test_running_config_yang_failure(self): + def is_yang_config_validation_enabled_side_effect(filename): + return True + db = Db() + with open(RUNNING_CONFIG_YANG_FAILURE, "r") as f: + read_data = json.load(f) + with mock.patch('config.main.device_info.is_yang_config_validation_enabled', + mock.MagicMock(side_effect=is_yang_config_validation_enabled_side_effect)): + self.check_yang_verification_failure( + db, config, read_data['running_config'], read_data['golden_config'], "running config") + + def test_golden_input_yang_failure(self): + def is_yang_config_validation_enabled_side_effect(filename): + return True + db = Db() + with open(GOLDEN_INPUT_YANG_FAILURE, "r") as f: + read_data = json.load(f) + with mock.patch('config.main.device_info.is_yang_config_validation_enabled', + mock.MagicMock(side_effect=is_yang_config_validation_enabled_side_effect)): + self.check_yang_verification_failure( + db, config, read_data['running_config'], read_data['golden_config'], "config_input") + + def test_final_config_yang_failure(self): + def is_yang_config_validation_enabled_side_effect(filename): + return True + db = Db() + with open(FINAL_CONFIG_YANG_FAILURE, "r") as f: + read_data = json.load(f) + with mock.patch('config.main.device_info.is_yang_config_validation_enabled', + mock.MagicMock(side_effect=is_yang_config_validation_enabled_side_effect)): + self.check_yang_verification_failure( + db, config, read_data['running_config'], read_data['golden_config'], "updated_config") + + def check_yang_verification_failure(self, db, config, running_config, + golden_config, jname): + def read_json_file_side_effect(filename): + return golden_config + + def config_mgmt_side_effect(): + return config_mgmt.ConfigMgmt(source=CONFIG_DB_JSON_FILE) + + # ConfigMgmt will call ConfigDBConnector to load default config_db.json. + # Here I modify the ConfigMgmt initialization and make it initiated with + # a source file which share the same as what we write to cfgdb. + CONFIG_DB_JSON_FILE = "startConfigDb.json" + write_config_to_file(running_config, CONFIG_DB_JSON_FILE) + with mock.patch('config.main.read_json_file', + mock.MagicMock(side_effect=read_json_file_side_effect)), \ + mock.patch('config.main.ConfigMgmt', + mock.MagicMock(side_effect=config_mgmt_side_effect)): + write_init_config_db(db.cfgdb, running_config) + + runner = CliRunner() + result = runner.invoke(config.config.commands["override-config-table"], + ['golden_config_db.json'], obj=db) + assert result.exit_code == 1 + assert "Failed to validate {}. Error:".format(jname) in result.output + @classmethod def teardown_class(cls): print("TEARDOWN") From 0e1b0cf20228972c246086bfccf96448530bfcec Mon Sep 17 00:00:00 2001 From: jingwenxie Date: Mon, 5 Sep 2022 11:02:49 +0800 Subject: [PATCH 40/47] [GCU] Fix missing backend in dry run (#2347) What I did Fix sonic-net/sonic-buildimage#11912 How I did it Add the missing 'remove_backend_tables_from_config' in dry run. How to verify it Run unit test and manual test locally. --- generic_config_updater/change_applier.py | 4 ++++ tests/generic_config_updater/change_applier_test.py | 1 + 2 files changed, 5 insertions(+) diff --git a/generic_config_updater/change_applier.py b/generic_config_updater/change_applier.py index 9871e554b2..f5a365d59f 100644 --- a/generic_config_updater/change_applier.py +++ b/generic_config_updater/change_applier.py @@ -65,6 +65,10 @@ def apply(self, change): self.config_wrapper.apply_change_to_config_db(change) + def remove_backend_tables_from_config(self, data): + return data + + class ChangeApplier: updater_conf = None diff --git a/tests/generic_config_updater/change_applier_test.py b/tests/generic_config_updater/change_applier_test.py index 63944b2571..afe166b008 100644 --- a/tests/generic_config_updater/change_applier_test.py +++ b/tests/generic_config_updater/change_applier_test.py @@ -281,6 +281,7 @@ def test_apply__calls_apply_change_to_config_db(self): # Act applier.apply(change) + applier.remove_backend_tables_from_config(change) # Assert applier.config_wrapper.apply_change_to_config_db.assert_has_calls([call(change)]) From 3be2ad7deea5f00fe20f1e54589a738f066d9ca2 Mon Sep 17 00:00:00 2001 From: Sudharsan Dhamal Gopalarathnam Date: Tue, 6 Sep 2022 17:44:43 -0700 Subject: [PATCH 41/47] [fast-reboot]Avoid stopping masked services during fast-reboot (#2335) #### What I did During fast-reboot there were warnings for few services sudo fast-reboot Warning: The unit file, source configuration file or drop-ins of mux.service changed on disk. Run 'systemctl daemon-reload' to reload units. Dumping conntrack entries failed Warning: The unit file, source configuration file or drop-ins of nat.service changed on disk. Run 'systemctl daemon-reload' to reload units. Warning: The unit file, source configuration file or drop-ins of sflow.service changed on disk. Run 'systemctl daemon-reload' to reload units. Warning: Stopping docker.service, but it can still be activated by: docker.socket Watchdog armed for 180 seconds This is due to the fact that the services are masked and trying to stop them will throw warning systemctl is-enabled sflow.service masked systemctl stop sflow.service Warning: The unit file, source configuration file or drop-ins of sflow.service changed on disk. Run 'systemctl daemon-reload' to reload units. #### How I did it Added check to skip stopping the services in fast-reboot if the services are masked. #### How to verify it Execute fast-reboot with the fix and verify. --- scripts/fast-reboot | 6 ++++++ 1 file changed, 6 insertions(+) diff --git a/scripts/fast-reboot b/scripts/fast-reboot index cd3e8237c3..ac96726281 100755 --- a/scripts/fast-reboot +++ b/scripts/fast-reboot @@ -689,6 +689,12 @@ else fi for service in ${SERVICES_TO_STOP}; do + # Skip the masked services + state=$(systemctl is-enabled ${service}) + if [[ $state == "masked" ]]; then + continue + fi + debug "Stopping ${service} ..." # TODO: These exceptions for nat, sflow, lldp From 6830e01ec1464a60ba5035e5ff525ef035fb6eb0 Mon Sep 17 00:00:00 2001 From: Sudharsan Dhamal Gopalarathnam Date: Wed, 7 Sep 2022 03:43:20 -0700 Subject: [PATCH 42/47] [counterpoll]Fixing counterpoll show for tunnel and acl stats (#2355) - What I did Fixing counterpoll show for tunnel and acl stats. - How I did it Corrected the copy paste errors. - How to verify it Updated test config and UT to verify it. --- counterpoll/main.py | 4 ++-- tests/counterpoll_test.py | 3 ++- tests/mock_tables/config_db.json | 6 +++++- 3 files changed, 9 insertions(+), 4 deletions(-) diff --git a/counterpoll/main.py b/counterpoll/main.py index f3befe1311..ad15c8c248 100644 --- a/counterpoll/main.py +++ b/counterpoll/main.py @@ -419,9 +419,9 @@ def show(): if buffer_pool_wm_info: data.append(["BUFFER_POOL_WATERMARK_STAT", buffer_pool_wm_info.get("POLL_INTERVAL", DEFLT_60_SEC), buffer_pool_wm_info.get("FLEX_COUNTER_STATUS", DISABLE)]) if acl_info: - data.append([ACL, pg_drop_info.get("POLL_INTERVAL", DEFLT_10_SEC), acl_info.get("FLEX_COUNTER_STATUS", DISABLE)]) + data.append([ACL, acl_info.get("POLL_INTERVAL", DEFLT_10_SEC), acl_info.get("FLEX_COUNTER_STATUS", DISABLE)]) if tunnel_info: - data.append(["TUNNEL_STAT", rif_info.get("POLL_INTERVAL", DEFLT_10_SEC), rif_info.get("FLEX_COUNTER_STATUS", DISABLE)]) + data.append(["TUNNEL_STAT", tunnel_info.get("POLL_INTERVAL", DEFLT_10_SEC), tunnel_info.get("FLEX_COUNTER_STATUS", DISABLE)]) if trap_info: data.append(["FLOW_CNT_TRAP_STAT", trap_info.get("POLL_INTERVAL", DEFLT_10_SEC), trap_info.get("FLEX_COUNTER_STATUS", DISABLE)]) if route_info: diff --git a/tests/counterpoll_test.py b/tests/counterpoll_test.py index 7a8171825a..4a4da07ee9 100644 --- a/tests/counterpoll_test.py +++ b/tests/counterpoll_test.py @@ -25,7 +25,8 @@ QUEUE_WATERMARK_STAT default (60000) enable PG_WATERMARK_STAT default (60000) enable PG_DROP_STAT 10000 enable -ACL 10000 enable +ACL 5000 enable +TUNNEL_STAT 3000 enable FLOW_CNT_TRAP_STAT 10000 enable FLOW_CNT_ROUTE_STAT 10000 enable """ diff --git a/tests/mock_tables/config_db.json b/tests/mock_tables/config_db.json index 1fb2321756..699ef155e0 100644 --- a/tests/mock_tables/config_db.json +++ b/tests/mock_tables/config_db.json @@ -1664,7 +1664,11 @@ "FLEX_COUNTER_STATUS": "enable" }, "FLEX_COUNTER_TABLE|ACL": { - "POLL_INTERVAL": "10000", + "POLL_INTERVAL": "5000", + "FLEX_COUNTER_STATUS": "enable" + }, + "FLEX_COUNTER_TABLE|TUNNEL": { + "POLL_INTERVAL": "3000", "FLEX_COUNTER_STATUS": "enable" }, "FLEX_COUNTER_TABLE|FLOW_CNT_TRAP": { From 491d3d38040cbc8318bb63ce2b7a85ec182ef892 Mon Sep 17 00:00:00 2001 From: Sudharsan Dhamal Gopalarathnam Date: Wed, 7 Sep 2022 08:26:58 -0700 Subject: [PATCH 43/47] [generate dump]Added error message when saisdkdump fails (#2356) - What I did Added error message when saisdkdump fails and cont to gather the rest. This is done to provide more readable information to the user when it cannot be avaialble (syncd for example is not running, during restart, etc). - How I did it Checked error code and print log - How to verify it Simulate saisdkdump error and verify the console output. --- scripts/generate_dump | 4 ++++ 1 file changed, 4 insertions(+) diff --git a/scripts/generate_dump b/scripts/generate_dump index 62a5a75f17..c9e165c82e 100755 --- a/scripts/generate_dump +++ b/scripts/generate_dump @@ -885,6 +885,10 @@ collect_mellanox() { ${CMD_PREFIX}docker exec syncd mkdir -p $sai_dump_folder ${CMD_PREFIX}docker exec syncd saisdkdump -f $sai_dump_filename + if [ $? != 0 ]; then + echo "Failed to collect saisdkdump." + fi + copy_from_docker syncd $sai_dump_folder $sai_dump_folder echo "$sai_dump_folder" for file in `ls $sai_dump_folder`; do From 3fd537b0a439bbb2887c8810907fbb7756cdfd7d Mon Sep 17 00:00:00 2001 From: xumia <59720581+xumia@users.noreply.github.com> Date: Thu, 8 Sep 2022 10:34:37 +0800 Subject: [PATCH 44/47] Support the bandit check by GitHub Action (#2358) What I did Support the bandit check by GitHub Action to find out the potential security issues in the python code. How I did it Add the bandit check action in GitHub workflow --- .bandit | 0 .github/workflows/bandit.yml | 20 ++++++++++++++++++++ 2 files changed, 20 insertions(+) create mode 100644 .bandit create mode 100644 .github/workflows/bandit.yml diff --git a/.bandit b/.bandit new file mode 100644 index 0000000000..e69de29bb2 diff --git a/.github/workflows/bandit.yml b/.github/workflows/bandit.yml new file mode 100644 index 0000000000..954292cc27 --- /dev/null +++ b/.github/workflows/bandit.yml @@ -0,0 +1,20 @@ +# This workflow is to do the bandit check +# + +name: bandit +on: + pull_request: + types: + - opened + - reopened + - synchronize + +jobs: + bendit: + runs-on: ubuntu-latest + steps: + - uses: actions/checkout@v3 + - name: bandit + uses: jpetrucciani/bandit-check@master + with: + path: '.' From bbcdf2ed7b47d6e2f452a5d20f68cc9b71ddf574 Mon Sep 17 00:00:00 2001 From: Renuka Manavalan <47282725+renukamanavalan@users.noreply.github.com> Date: Thu, 8 Sep 2022 15:30:34 -0700 Subject: [PATCH 45/47] disk_check: Publish event for RO state (#2320) Added disk_check failure as event. --- scripts/disk_check.py | 22 +++++++++++++++++++++- 1 file changed, 21 insertions(+), 1 deletion(-) diff --git a/scripts/disk_check.py b/scripts/disk_check.py index 4fa8d69746..0f5f882400 100644 --- a/scripts/disk_check.py +++ b/scripts/disk_check.py @@ -33,11 +33,17 @@ import sys import syslog import subprocess +from swsscommon.swsscommon import events_init_publisher, events_deinit_publisher, event_publish +from swsscommon.swsscommon import FieldValueMap UPPER_DIR = "/run/mount/upper" WORK_DIR = "/run/mount/work" MOUNTS_FILE = "/proc/mounts" +EVENTS_PUBLISHER_SOURCE = "sonic-events-host" +EVENTS_PUBLISHER_TAG = "event-disk" +events_handle = None + chk_log_level = syslog.LOG_ERR def _log_msg(lvl, pfx, msg): @@ -45,6 +51,7 @@ def _log_msg(lvl, pfx, msg): print("{}: {}".format(pfx, msg)) syslog.syslog(lvl, msg) + def log_err(m): _log_msg(syslog.LOG_ERR, "Err", m) @@ -57,11 +64,18 @@ def log_debug(m): _log_msg(syslog.LOG_DEBUG, "Debug", m) +def event_pub(): + param_dict = FieldValueMap() + param_dict["fail_type"] = "read_only" + event_publish(events_handle, EVENTS_PUBLISHER_TAG, param_dict) + + def test_writable(dirs): for d in dirs: rw = os.access(d, os.W_OK) if not rw: log_err("{} is not read-write".format(d)) + event_pub() return False else: log_debug("{} is Read-Write".format(d)) @@ -145,12 +159,13 @@ def do_check(skip_mount, dirs): # Check if mounted if (not ret) and is_mounted(dirs): log_err("READ-ONLY: Mounted {} to make Read-Write".format(dirs)) + event_pub() return ret def main(): - global chk_log_level + global chk_log_level, events_handle parser=argparse.ArgumentParser( description="check disk for Read-Write and mount etc & home as Read-Write") @@ -163,7 +178,12 @@ def main(): args = parser.parse_args() chk_log_level = args.loglvl + + events_handle = events_init_publisher(EVENTS_PUBLISHER_SOURCE) + ret = do_check(args.skip_mount, args.dirs.split(",")) + + events_deinit_publisher(events_handle) return ret From 4d377a6203ced173a155f5e1848ec66ed3fdf33e Mon Sep 17 00:00:00 2001 From: Sudharsan Dhamal Gopalarathnam Date: Mon, 12 Sep 2022 18:47:06 -0700 Subject: [PATCH 46/47] [subinterface]Added additional checks in portchannel and subinterface commands (#2345) *Added additional checks in subinterface and portchannel commands so they don't conflict. Without the checks, a subinterface could be created on a portchannel member and vice versa which will lead to SAI failure followed by orchagent crash. --- config/main.py | 19 ++++++++++++++----- tests/intfutil_test.py | 12 ++++++------ tests/ip_config_test.py | 20 ++++++++++---------- tests/loopback_action_test.py | 2 +- tests/mock_tables/appl_db.json | 6 +++--- tests/mock_tables/config_db.json | 6 +++--- tests/portchannel_test.py | 13 +++++++++++++ tests/show_vrf_test.py | 10 +++++----- tests/static_routes_test.py | 10 +++++----- tests/subintf_test.py | 21 +++++++++++++++++++++ tests/vrf_input/config_db.json | 2 +- 11 files changed, 82 insertions(+), 39 deletions(-) diff --git a/config/main.py b/config/main.py index bbcfc5d84f..9bb403284d 100644 --- a/config/main.py +++ b/config/main.py @@ -2113,6 +2113,14 @@ def add_portchannel_member(ctx, portchannel_name, port_name): ctx.fail(" {} has ip address configured".format(port_name)) return + for key in db.get_keys('VLAN_SUB_INTERFACE'): + if type(key) == tuple: + continue + intf = key.split(VLAN_SUB_INTERFACE_SEPARATOR)[0] + parent_intf = get_intf_longname(intf) + if parent_intf == port_name: + ctx.fail(" {} has subinterfaces configured".format(port_name)) + # Dont allow a port to be member of port channel if it is configured as a VLAN member for k,v in db.get_table('VLAN_MEMBER'): if v == port_name: @@ -6762,23 +6770,24 @@ def add_subinterface(ctx, subinterface_name, vid): config_db = ctx.obj['db'] port_dict = config_db.get_table(intf_table_name) + parent_intf = get_intf_longname(interface_alias) if interface_alias is not None: if not port_dict: ctx.fail("{} parent interface not found. {} table none".format(interface_alias, intf_table_name)) - if get_intf_longname(interface_alias) not in port_dict.keys(): + if parent_intf not in port_dict.keys(): ctx.fail("{} parent interface not found".format(subinterface_name)) # Validate if parent is portchannel member portchannel_member_table = config_db.get_table('PORTCHANNEL_MEMBER') - if interface_is_in_portchannel(portchannel_member_table, interface_alias): + if interface_is_in_portchannel(portchannel_member_table, parent_intf): ctx.fail("{} is configured as a member of portchannel. Cannot configure subinterface" - .format(interface_alias)) + .format(parent_intf)) # Validate if parent is vlan member vlan_member_table = config_db.get_table('VLAN_MEMBER') - if interface_is_in_vlan(vlan_member_table, interface_alias): + if interface_is_in_vlan(vlan_member_table, parent_intf): ctx.fail("{} is configured as a member of vlan. Cannot configure subinterface" - .format(interface_alias)) + .format(parent_intf)) sub_intfs = [k for k,v in config_db.get_table('VLAN_SUB_INTERFACE').items() if type(k) != tuple] if subinterface_name in sub_intfs: diff --git a/tests/intfutil_test.py b/tests/intfutil_test.py index 081246a488..2a13075919 100644 --- a/tests/intfutil_test.py +++ b/tests/intfutil_test.py @@ -209,7 +209,7 @@ def test_subintf_status(self): expected_output = ( "Sub port interface Speed MTU Vlan Admin Type\n" "-------------------- ------- ----- ------ ------- --------------------\n" - " Eth32.10 40G 9100 100 up 802.1q-encapsulation\n" + " Eth36.10 10M 9100 100 up 802.1q-encapsulation\n" " Ethernet0.10 25G 9100 10 up 802.1q-encapsulation\n" " Po0001.10 40G 9100 100 up 802.1q-encapsulation" ) @@ -248,10 +248,10 @@ def test_single_subintf_status(self): expected_output = ( "Sub port interface Speed MTU Vlan Admin Type\n" "-------------------- ------- ----- ------ ------- --------------------\n" - " Eth32.10 40G 9100 100 up 802.1q-encapsulation" + " Eth36.10 10M 9100 100 up 802.1q-encapsulation" ) - # Test 'intfutil status Eth32.10' - output = subprocess.check_output('intfutil -c status -i Eth32.10', stderr=subprocess.STDOUT, shell=True, text=True) + # Test 'intfutil status Eth36.10' + output = subprocess.check_output('intfutil -c status -i Eth36.10', stderr=subprocess.STDOUT, shell=True, text=True) print(output, file=sys.stderr) self.assertEqual(output.strip(), expected_output) @@ -272,9 +272,9 @@ def test_single_subintf_status_verbose(self): expected_output = "Command: intfutil -c status -i Ethernet0.10" self.assertEqual(result.output.split('\n')[0], expected_output) - result = self.runner.invoke(show.cli.commands["subinterfaces"].commands["status"], ["Eth32.10", "--verbose"]) + result = self.runner.invoke(show.cli.commands["subinterfaces"].commands["status"], ["Eth36.10", "--verbose"]) print(result.output, file=sys.stderr) - expected_output = "Command: intfutil -c status -i Eth32.10" + expected_output = "Command: intfutil -c status -i Eth36.10" self.assertEqual(result.output.split('\n')[0], expected_output) result = self.runner.invoke(show.cli.commands["subinterfaces"].commands["status"], ["Po0001.10", "--verbose"]) diff --git a/tests/ip_config_test.py b/tests/ip_config_test.py index c56b226c74..fd6b4feb9f 100644 --- a/tests/ip_config_test.py +++ b/tests/ip_config_test.py @@ -54,11 +54,11 @@ def test_add_del_interface_valid_ipv4(self): assert result.exit_code == 0 assert ('Ethernet0.10', '10.11.10.1/24') in db.cfgdb.get_table('VLAN_SUB_INTERFACE') - # config int ip add Eth32.10 32.11.10.1/24 - result = runner.invoke(config.config.commands["interface"].commands["ip"].commands["add"], ["Eth32.10", "32.11.10.1/24"], obj=obj) + # config int ip add Eth36.10 32.11.10.1/24 + result = runner.invoke(config.config.commands["interface"].commands["ip"].commands["add"], ["Eth36.10", "32.11.10.1/24"], obj=obj) print(result.exit_code, result.output) assert result.exit_code == 0 - assert ('Eth32.10', '32.11.10.1/24') in db.cfgdb.get_table('VLAN_SUB_INTERFACE') + assert ('Eth36.10', '32.11.10.1/24') in db.cfgdb.get_table('VLAN_SUB_INTERFACE') # config int ip remove Ethernet64 10.10.10.1/24 result = runner.invoke(config.config.commands["interface"].commands["ip"].commands["remove"], ["Ethernet64", "10.10.10.1/24"], obj=obj) @@ -72,11 +72,11 @@ def test_add_del_interface_valid_ipv4(self): assert result.exit_code != 0 assert ('Ethernet0.10', '10.11.10.1/24') not in db.cfgdb.get_table('VLAN_SUB_INTERFACE') - # config int ip remove Eth32.10 32.11.10.1/24 - result = runner.invoke(config.config.commands["interface"].commands["ip"].commands["remove"], ["Eth32.10", "32.11.10.1/24"], obj=obj) + # config int ip remove Eth36.10 32.11.10.1/24 + result = runner.invoke(config.config.commands["interface"].commands["ip"].commands["remove"], ["Eth36.10", "32.11.10.1/24"], obj=obj) print(result.exit_code, result.output) assert result.exit_code != 0 - assert ('Eth32.10', '32.11.10.1/24') not in db.cfgdb.get_table('VLAN_SUB_INTERFACE') + assert ('Eth36.10', '32.11.10.1/24') not in db.cfgdb.get_table('VLAN_SUB_INTERFACE') def test_add_interface_invalid_ipv4(self): db = Db() @@ -129,10 +129,10 @@ def test_add_del_interface_valid_ipv6(self): assert result.exit_code == 0 assert ('Ethernet0.10', '1010:1db8:11a3:19d7:1f34:8a2e:17a0:765d/34') in db.cfgdb.get_table('VLAN_SUB_INTERFACE') - result = runner.invoke(config.config.commands["interface"].commands["ip"].commands["add"], ["Eth32.10", "3210:1db8:11a3:19d7:1f34:8a2e:17a0:765d/34"], obj=obj) + result = runner.invoke(config.config.commands["interface"].commands["ip"].commands["add"], ["Eth36.10", "3210:1db8:11a3:19d7:1f34:8a2e:17a0:765d/34"], obj=obj) print(result.exit_code, result.output) assert result.exit_code == 0 - assert ('Eth32.10', '3210:1db8:11a3:19d7:1f34:8a2e:17a0:765d/34') in db.cfgdb.get_table('VLAN_SUB_INTERFACE') + assert ('Eth36.10', '3210:1db8:11a3:19d7:1f34:8a2e:17a0:765d/34') in db.cfgdb.get_table('VLAN_SUB_INTERFACE') # config int ip remove Ethernet72 2001:1db8:11a3:19d7:1f34:8a2e:17a0:765d/34 result = runner.invoke(config.config.commands["interface"].commands["ip"].commands["remove"], ["Ethernet72", "2001:1db8:11a3:19d7:1f34:8a2e:17a0:765d/34"], obj=obj) @@ -145,10 +145,10 @@ def test_add_del_interface_valid_ipv6(self): assert result.exit_code != 0 assert ('Ethernet0.10', '1010:1db8:11a3:19d7:1f34:8a2e:17a0:765d/34') not in db.cfgdb.get_table('VLAN_SUB_INTERFACE') - result = runner.invoke(config.config.commands["interface"].commands["ip"].commands["remove"], ["Eth32.10", "3210:1db8:11a3:19d7:1f34:8a2e:17a0:765d/34"], obj=obj) + result = runner.invoke(config.config.commands["interface"].commands["ip"].commands["remove"], ["Eth36.10", "3210:1db8:11a3:19d7:1f34:8a2e:17a0:765d/34"], obj=obj) print(result.exit_code, result.output) assert result.exit_code != 0 - assert ('Eth32.10', '3210:1db8:11a3:19d7:1f34:8a2e:17a0:765d/34') not in db.cfgdb.get_table('VLAN_SUB_INTERFACE') + assert ('Eth36.10', '3210:1db8:11a3:19d7:1f34:8a2e:17a0:765d/34') not in db.cfgdb.get_table('VLAN_SUB_INTERFACE') def test_del_interface_case_sensitive_ipv6(self): db = Db() diff --git a/tests/loopback_action_test.py b/tests/loopback_action_test.py index 58942b0c4b..b88d36973d 100644 --- a/tests/loopback_action_test.py +++ b/tests/loopback_action_test.py @@ -7,7 +7,7 @@ show_ip_interfaces_loopback_action_output="""\ Interface Action --------------- -------- -Eth32.10 drop +Eth36.10 drop Ethernet0 forward PortChannel0001 drop Vlan3000 forward diff --git a/tests/mock_tables/appl_db.json b/tests/mock_tables/appl_db.json index cd00408b49..ab4e31282f 100644 --- a/tests/mock_tables/appl_db.json +++ b/tests/mock_tables/appl_db.json @@ -188,7 +188,7 @@ "admin_status": "up", "vlan": "10" }, - "INTF_TABLE:Eth32.10": { + "INTF_TABLE:Eth36.10": { "admin_status": "up", "vrf_name": "Vrf1", "vlan": "100" @@ -202,7 +202,7 @@ "family": "IPv4", "scope": "global" }, - "INTF_TABLE:Eth32.10|32.10.11.12/24": { + "INTF_TABLE:Eth36.10|32.10.11.12/24": { "family": "IPv4", "scope": "global" }, @@ -210,7 +210,7 @@ "family": "IPv4", "scope": "global" }, - "INTF_TABLE:Eth32.10|3210::12/126": { + "INTF_TABLE:Eth36.10|3210::12/126": { "family": "IPv6", "scope": "global" }, diff --git a/tests/mock_tables/config_db.json b/tests/mock_tables/config_db.json index 699ef155e0..fcb16e8f2d 100644 --- a/tests/mock_tables/config_db.json +++ b/tests/mock_tables/config_db.json @@ -376,16 +376,16 @@ "VLAN_SUB_INTERFACE|Ethernet0.10|10.11.12.13/24": { "NULL" : "NULL" }, - "VLAN_SUB_INTERFACE|Eth32.10": { + "VLAN_SUB_INTERFACE|Eth36.10": { "admin_status": "up", "loopback_action": "drop", "vrf_name": "Vrf1", "vlan": "100" }, - "VLAN_SUB_INTERFACE|Eth32.10|32.10.11.12/24": { + "VLAN_SUB_INTERFACE|Eth36.10|32.10.11.12/24": { "NULL" : "NULL" }, - "VLAN_SUB_INTERFACE|Eth32.10|3210::12/126": { + "VLAN_SUB_INTERFACE|Eth36.10|3210::12/126": { "NULL" : "NULL" }, "VLAN_SUB_INTERFACE|Po0001.10": { diff --git a/tests/portchannel_test.py b/tests/portchannel_test.py index 9b187f13d5..bd30c73649 100644 --- a/tests/portchannel_test.py +++ b/tests/portchannel_test.py @@ -147,6 +147,19 @@ def test_add_portchannel_member_which_has_ipaddress(self): assert result.exit_code != 0 assert "Error: Ethernet0 has ip address configured" in result.output + def test_add_portchannel_member_which_has_subintf(self): + runner = CliRunner() + db = Db() + obj = {'db':db.cfgdb} + + # add a portchannel member with port which has ip-address + result = runner.invoke(config.config.commands["portchannel"].commands["member"].commands["add"], ["PortChannel1001", "Ethernet36"], obj=obj) + print(result.exit_code) + print(result.output) + assert result.exit_code != 0 + print(result.output) + assert "Error: Ethernet36 has subinterfaces configured" in result.output + def test_add_portchannel_member_which_is_member_of_vlan(self): runner = CliRunner() db = Db() diff --git a/tests/show_vrf_test.py b/tests/show_vrf_test.py index 457b3587f6..269a968477 100644 --- a/tests/show_vrf_test.py +++ b/tests/show_vrf_test.py @@ -29,7 +29,7 @@ def test_vrf_show(self): Vrf101 Ethernet0.10 Vrf102 PortChannel0002 Vlan40 - Eth32.10 + Eth36.10 Vrf103 Ethernet4 Loopback0 Po0002.101 @@ -53,7 +53,7 @@ def test_vrf_bind_unbind(self): Vrf101 Ethernet0.10 Vrf102 PortChannel0002 Vlan40 - Eth32.10 + Eth36.10 Vrf103 Ethernet4 Loopback0 Po0002.101 @@ -86,10 +86,10 @@ def test_vrf_bind_unbind(self): assert result.exit_code == 0 assert 'PortChannel002' not in db.cfgdb.get_table('PORTCHANNEL_INTERFACE') - result = runner.invoke(config.config.commands["interface"].commands["vrf"].commands["unbind"], ["Eth32.10"], obj=obj) + result = runner.invoke(config.config.commands["interface"].commands["vrf"].commands["unbind"], ["Eth36.10"], obj=obj) print(result.exit_code, result.output) assert result.exit_code == 0 - assert ('vrf_name', 'Vrf102') not in db.cfgdb.get_table('VLAN_SUB_INTERFACE')['Eth32.10'] + assert ('vrf_name', 'Vrf102') not in db.cfgdb.get_table('VLAN_SUB_INTERFACE')['Eth36.10'] result = runner.invoke(config.config.commands["interface"].commands["vrf"].commands["unbind"], ["Ethernet0.10"], obj=obj) print(result.exit_code, result.output) @@ -114,7 +114,7 @@ def test_vrf_bind_unbind(self): Vrf101 Ethernet0.10 Vrf102 PortChannel0002 Vlan40 - Eth32.10 + Eth36.10 Vrf103 Ethernet4 Loopback0 Po0002.101 diff --git a/tests/static_routes_test.py b/tests/static_routes_test.py index fc7371b344..3fce727ee2 100644 --- a/tests/static_routes_test.py +++ b/tests/static_routes_test.py @@ -403,16 +403,16 @@ def test_static_route_nexthop_subinterface(self): print(result.exit_code, result.output) assert not ('2.2.3.5/32') in db.cfgdb.get_table('STATIC_ROUTE') - # config route add prefix 2.2.3.5/32 nexthop dev Eth32.10 + # config route add prefix 2.2.3.5/32 nexthop dev Eth36.10 result = runner.invoke(config.config.commands["route"].commands["add"], \ - ["prefix", "2.2.3.5/32", "nexthop", "dev", "Eth32.10"], obj=obj) + ["prefix", "2.2.3.5/32", "nexthop", "dev", "Eth36.10"], obj=obj) print(result.exit_code, result.output) assert ('2.2.3.5/32') in db.cfgdb.get_table('STATIC_ROUTE') - assert db.cfgdb.get_entry('STATIC_ROUTE', '2.2.3.5/32') == {'nexthop': '', 'blackhole': 'false', 'distance': '0', 'ifname': 'Eth32.10', 'nexthop-vrf': ''} + assert db.cfgdb.get_entry('STATIC_ROUTE', '2.2.3.5/32') == {'nexthop': '', 'blackhole': 'false', 'distance': '0', 'ifname': 'Eth36.10', 'nexthop-vrf': ''} - # config route del prefix 2.2.3.5/32 nexthop dev Eth32.10 + # config route del prefix 2.2.3.5/32 nexthop dev Eth36.10 result = runner.invoke(config.config.commands["route"].commands["del"], \ - ["prefix", "2.2.3.5/32", "nexthop", "dev", "Eth32.10"], obj=obj) + ["prefix", "2.2.3.5/32", "nexthop", "dev", "Eth36.10"], obj=obj) print(result.exit_code, result.output) assert not ('2.2.3.5/32') in db.cfgdb.get_table('STATIC_ROUTE') diff --git a/tests/subintf_test.py b/tests/subintf_test.py index 581ea49ce5..c69d87572e 100644 --- a/tests/subintf_test.py +++ b/tests/subintf_test.py @@ -7,6 +7,12 @@ import show.main as show from utilities_common.db import Db +SUB_INTF_ON_LAG_MEMBER_ERR="""\ +Usage: add [OPTIONS] +Try "add --help" for help. + +Error: Ethernet32 is configured as a member of portchannel. Cannot configure subinterface +""" class TestSubinterface(object): @classmethod @@ -141,6 +147,21 @@ def test_invalid_subintf_creation(self): print(result.exit_code, result.output) assert result.exit_code != 0 + def test_subintf_creation_on_lag_member(self): + runner = CliRunner() + db = Db() + obj = {'db':db.cfgdb} + + result = runner.invoke(config.config.commands["subinterface"].commands["add"], ["Ethernet32.10"], obj=obj) + print(result.exit_code, result.output) + assert result.exit_code != 0 + assert(result.output == SUB_INTF_ON_LAG_MEMBER_ERR) + + result = runner.invoke(config.config.commands["subinterface"].commands["add"], ["Eth32.20"], obj=obj) + print(result.exit_code, result.output) + assert result.exit_code != 0 + assert(result.output == SUB_INTF_ON_LAG_MEMBER_ERR) + def test_subintf_vrf_bind_unbind(self): runner = CliRunner() db = Db() diff --git a/tests/vrf_input/config_db.json b/tests/vrf_input/config_db.json index fe1cb2eb25..1746c14c4f 100644 --- a/tests/vrf_input/config_db.json +++ b/tests/vrf_input/config_db.json @@ -3,7 +3,7 @@ "vrf_name": "Vrf101", "admin_status": "up" }, - "VLAN_SUB_INTERFACE|Eth32.10": { + "VLAN_SUB_INTERFACE|Eth36.10": { "vrf_name": "Vrf102", "admin_status": "up", "vlan": "100" From 1ac584bb3d30ab6dac0396b8998ea12883acde87 Mon Sep 17 00:00:00 2001 From: Sumukha Tumkur Vani Date: Wed, 14 Sep 2022 14:30:29 -0700 Subject: [PATCH 47/47] Use 'default' VRF when VRF name is not provided (#2368) While adding static routes, if VRF name is not present, use default VRF --- config/main.py | 5 +- tests/static_routes_test.py | 106 ++++++++++++++++++------------------ 2 files changed, 56 insertions(+), 55 deletions(-) diff --git a/config/main.py b/config/main.py index 9bb403284d..b6290e6a45 100644 --- a/config/main.py +++ b/config/main.py @@ -1019,6 +1019,7 @@ def cli_sroute_to_config(ctx, command_str, strict_nh = True): elif 'prefix' in prefix_str: # prefix_str: ['prefix', ip] ip_prefix = prefix_str[1] + vrf_name = "default" else: ctx.fail("prefix is not in pattern!") @@ -5314,7 +5315,7 @@ def add_route(ctx, command_str): # Check if exist entry with key keys = config_db.get_keys('STATIC_ROUTE') - if key in keys: + if tuple(key.split("|")) in keys: # If exist update current entry current_entry = config_db.get_entry('STATIC_ROUTE', key) @@ -5339,7 +5340,7 @@ def del_route(ctx, command_str): key, route = cli_sroute_to_config(ctx, command_str, strict_nh=False) keys = config_db.get_keys('STATIC_ROUTE') prefix_tuple = tuple(key.split('|')) - if not key in keys and not prefix_tuple in keys: + if not tuple(key.split("|")) in keys and not prefix_tuple in keys: ctx.fail('Route {} doesnt exist'.format(key)) else: # If not defined nexthop or intf name remove entire route diff --git a/tests/static_routes_test.py b/tests/static_routes_test.py index 3fce727ee2..da8a4ea97b 100644 --- a/tests/static_routes_test.py +++ b/tests/static_routes_test.py @@ -45,8 +45,8 @@ def test_simple_static_route(self): result = runner.invoke(config.config.commands["route"].commands["add"], \ ["prefix", "1.2.3.4/32", "nexthop", "30.0.0.5"], obj=obj) print(result.exit_code, result.output) - assert ('1.2.3.4/32') in db.cfgdb.get_table('STATIC_ROUTE') - assert db.cfgdb.get_entry('STATIC_ROUTE', '1.2.3.4/32') == {'nexthop': '30.0.0.5', 'blackhole': 'false', 'distance': '0', 'ifname': '', 'nexthop-vrf': ''} + assert ('default', '1.2.3.4/32') in db.cfgdb.get_table('STATIC_ROUTE') + assert db.cfgdb.get_entry('STATIC_ROUTE', 'default|1.2.3.4/32') == {'nexthop': '30.0.0.5', 'blackhole': 'false', 'distance': '0', 'ifname': '', 'nexthop-vrf': ''} # config route del prefix 1.2.3.4/32 nexthop 30.0.0.5 result = runner.invoke(config.config.commands["route"].commands["del"], \ @@ -119,8 +119,8 @@ def test_dest_vrf_static_route(self): ["prefix", "3.2.3.4/32", "nexthop", "vrf", "Vrf-RED", "30.0.0.6"], obj=obj) print(result.exit_code, result.output) print(db.cfgdb.get_table('STATIC_ROUTE')) - assert ('3.2.3.4/32') in db.cfgdb.get_table('STATIC_ROUTE') - assert db.cfgdb.get_entry('STATIC_ROUTE', '3.2.3.4/32') == {'nexthop': '30.0.0.6', 'nexthop-vrf': 'Vrf-RED', 'blackhole': 'false', 'distance': '0', 'ifname': ''} + assert ('default', '3.2.3.4/32') in db.cfgdb.get_table('STATIC_ROUTE') + assert db.cfgdb.get_entry('STATIC_ROUTE', 'default|3.2.3.4/32') == {'nexthop': '30.0.0.6', 'nexthop-vrf': 'Vrf-RED', 'blackhole': 'false', 'distance': '0', 'ifname': ''} # config route del prefix 3.2.3.4/32 nexthop vrf Vrf-RED 30.0.0.6 result = runner.invoke(config.config.commands["route"].commands["del"], \ @@ -140,22 +140,22 @@ def test_multiple_nexthops_with_vrf_static_route(self): result = runner.invoke(config.config.commands["route"].commands["add"], \ ["prefix", "6.2.3.4/32", "nexthop", "vrf", "Vrf-RED", "30.0.0.6,30.0.0.7"], obj=obj) print(result.exit_code, result.output) - assert ('6.2.3.4/32') in db.cfgdb.get_table('STATIC_ROUTE') - assert db.cfgdb.get_entry('STATIC_ROUTE', '6.2.3.4/32') == {'nexthop': '30.0.0.6,30.0.0.7', 'blackhole': 'false,false', 'distance': '0,0', 'ifname': ',', 'nexthop-vrf': 'Vrf-RED,Vrf-RED'} + assert ('default', '6.2.3.4/32') in db.cfgdb.get_table('STATIC_ROUTE') + assert db.cfgdb.get_entry('STATIC_ROUTE', 'default|6.2.3.4/32') == {'nexthop': '30.0.0.6,30.0.0.7', 'blackhole': 'false,false', 'distance': '0,0', 'ifname': ',', 'nexthop-vrf': 'Vrf-RED,Vrf-RED'} ''' Del ''' # config route del prefix 6.2.3.4/32 nexthop vrf Vrf-RED 30.0.0.7 result = runner.invoke(config.config.commands["route"].commands["del"], \ ["prefix", "6.2.3.4/32", "nexthop", "vrf", "Vrf-RED", "30.0.0.7"], obj=obj) print(result.exit_code, result.output) - assert ('6.2.3.4/32') in db.cfgdb.get_table('STATIC_ROUTE') - assert db.cfgdb.get_entry('STATIC_ROUTE', '6.2.3.4/32') == {'nexthop': '30.0.0.6', 'blackhole': 'false', 'distance': '0', 'ifname': '', 'nexthop-vrf': 'Vrf-RED'} + assert ('default', '6.2.3.4/32') in db.cfgdb.get_table('STATIC_ROUTE') + assert db.cfgdb.get_entry('STATIC_ROUTE', 'default|6.2.3.4/32') == {'nexthop': '30.0.0.6', 'blackhole': 'false', 'distance': '0', 'ifname': '', 'nexthop-vrf': 'Vrf-RED'} # config route del prefix 6.2.3.4/32 nexthop vrf Vrf-RED 30.0.0.6 result = runner.invoke(config.config.commands["route"].commands["del"], \ ["prefix", "6.2.3.4/32", "nexthop", "vrf", "Vrf-RED", "30.0.0.6"], obj=obj) print(result.exit_code, result.output) - assert not ('6.2.3.4/32') in db.cfgdb.get_table('STATIC_ROUTE') + assert not ('default', '6.2.3.4/32') in db.cfgdb.get_table('STATIC_ROUTE') def test_multiple_nexthops_static_route(self): db = Db() @@ -167,30 +167,30 @@ def test_multiple_nexthops_static_route(self): result = runner.invoke(config.config.commands["route"].commands["add"], \ ["prefix", "6.2.3.4/32", "nexthop", "30.0.0.6,30.0.0.7"], obj=obj) print(result.exit_code, result.output) - assert ('6.2.3.4/32') in db.cfgdb.get_table('STATIC_ROUTE') - assert db.cfgdb.get_entry('STATIC_ROUTE', '6.2.3.4/32') == {'nexthop': '30.0.0.6,30.0.0.7', 'blackhole': 'false,false', 'distance': '0,0', 'ifname': ',', 'nexthop-vrf': ','} + assert ('default', '6.2.3.4/32') in db.cfgdb.get_table('STATIC_ROUTE') + assert db.cfgdb.get_entry('STATIC_ROUTE', 'default|6.2.3.4/32') == {'nexthop': '30.0.0.6,30.0.0.7', 'blackhole': 'false,false', 'distance': '0,0', 'ifname': ',', 'nexthop-vrf': ','} # config route add prefix 6.2.3.4/32 nexthop 30.0.0.8 result = runner.invoke(config.config.commands["route"].commands["add"], \ ["prefix", "6.2.3.4/32", "nexthop", "30.0.0.8"], obj=obj) print(result.exit_code, result.output) - assert ('6.2.3.4/32') in db.cfgdb.get_table('STATIC_ROUTE') - assert db.cfgdb.get_entry('STATIC_ROUTE', '6.2.3.4/32') == {'nexthop': '30.0.0.6,30.0.0.7,30.0.0.8', 'blackhole': 'false,false,false', 'distance': '0,0,0', 'ifname': ',,', 'nexthop-vrf': ',,'} + assert ('default', '6.2.3.4/32') in db.cfgdb.get_table('STATIC_ROUTE') + assert db.cfgdb.get_entry('STATIC_ROUTE', 'default|6.2.3.4/32') == {'nexthop': '30.0.0.6,30.0.0.7,30.0.0.8', 'blackhole': 'false,false,false', 'distance': '0,0,0', 'ifname': ',,', 'nexthop-vrf': ',,'} ''' Del ''' # config route del prefix 6.2.3.4/32 nexthop 30.0.0.8 result = runner.invoke(config.config.commands["route"].commands["del"], \ ["prefix", "6.2.3.4/32", "nexthop", "30.0.0.8"], obj=obj) print(result.exit_code, result.output) - assert ('6.2.3.4/32') in db.cfgdb.get_table('STATIC_ROUTE') - assert db.cfgdb.get_entry('STATIC_ROUTE', '6.2.3.4/32') == {"nexthop": '30.0.0.6,30.0.0.7', 'blackhole': 'false,false', 'distance': '0,0', 'ifname': ',', 'nexthop-vrf': ','} + assert ('default', '6.2.3.4/32') in db.cfgdb.get_table('STATIC_ROUTE') + assert db.cfgdb.get_entry('STATIC_ROUTE', 'default|6.2.3.4/32') == {"nexthop": '30.0.0.6,30.0.0.7', 'blackhole': 'false,false', 'distance': '0,0', 'ifname': ',', 'nexthop-vrf': ','} # config route del prefix 6.2.3.4/32 nexthop 30.0.0.7 result = runner.invoke(config.config.commands["route"].commands["del"], \ ["prefix", "6.2.3.4/32", "nexthop", "30.0.0.7"], obj=obj) print(result.exit_code, result.output) - assert ('6.2.3.4/32') in db.cfgdb.get_table('STATIC_ROUTE') - assert db.cfgdb.get_entry('STATIC_ROUTE', '6.2.3.4/32') == {'nexthop': '30.0.0.6', 'blackhole': 'false', 'distance': '0', 'ifname': '', 'nexthop-vrf': ''} + assert ('default', '6.2.3.4/32') in db.cfgdb.get_table('STATIC_ROUTE') + assert db.cfgdb.get_entry('STATIC_ROUTE', 'default|6.2.3.4/32') == {'nexthop': '30.0.0.6', 'blackhole': 'false', 'distance': '0', 'ifname': '', 'nexthop-vrf': ''} # config route del prefix 6.2.3.4/32 nexthop 30.0.0.6 result = runner.invoke(config.config.commands["route"].commands["del"], \ @@ -228,23 +228,23 @@ def test_static_route_ECMP_nexthop(self): result = runner.invoke(config.config.commands["route"].commands["add"], \ ["prefix", "10.2.3.4/32", "nexthop", "30.0.0.5"], obj=obj) print(result.exit_code, result.output) - assert ('10.2.3.4/32') in db.cfgdb.get_table('STATIC_ROUTE') - assert db.cfgdb.get_entry('STATIC_ROUTE', '10.2.3.4/32') == {'nexthop': '30.0.0.5', 'blackhole': 'false', 'distance': '0', 'ifname': '', 'nexthop-vrf': ''} + assert ('default', '10.2.3.4/32') in db.cfgdb.get_table('STATIC_ROUTE') + assert db.cfgdb.get_entry('STATIC_ROUTE', 'default|10.2.3.4/32') == {'nexthop': '30.0.0.5', 'blackhole': 'false', 'distance': '0', 'ifname': '', 'nexthop-vrf': ''} # config route add prefix 10.2.3.4/32 nexthop 30.0.0.6 result = runner.invoke(config.config.commands["route"].commands["add"], \ ["prefix", "10.2.3.4/32", "nexthop", "30.0.0.6"], obj=obj) print(result.exit_code, result.output) - assert ('10.2.3.4/32') in db.cfgdb.get_table('STATIC_ROUTE') - assert db.cfgdb.get_entry('STATIC_ROUTE', '10.2.3.4/32') == {'nexthop': '30.0.0.5,30.0.0.6', 'blackhole': 'false,false', 'distance': '0,0', 'ifname': ',', 'nexthop-vrf': ','} + assert ('default', '10.2.3.4/32') in db.cfgdb.get_table('STATIC_ROUTE') + assert db.cfgdb.get_entry('STATIC_ROUTE', 'default|10.2.3.4/32') == {'nexthop': '30.0.0.5,30.0.0.6', 'blackhole': 'false,false', 'distance': '0,0', 'ifname': ',', 'nexthop-vrf': ','} ''' Del ''' # config route del prefix 10.2.3.4/32 nexthop 30.0.0.5 result = runner.invoke(config.config.commands["route"].commands["del"], \ ["prefix", "10.2.3.4/32", "nexthop", "30.0.0.5"], obj=obj) print(result.exit_code, result.output) - assert ('10.2.3.4/32') in db.cfgdb.get_table('STATIC_ROUTE') - assert db.cfgdb.get_entry('STATIC_ROUTE', '10.2.3.4/32') == {'nexthop': '30.0.0.6', 'blackhole': 'false', 'distance': '0', 'ifname': '', 'nexthop-vrf': ''} + assert ('default', '10.2.3.4/32') in db.cfgdb.get_table('STATIC_ROUTE') + assert db.cfgdb.get_entry('STATIC_ROUTE', 'default|10.2.3.4/32') == {'nexthop': '30.0.0.6', 'blackhole': 'false', 'distance': '0', 'ifname': '', 'nexthop-vrf': ''} # config route del prefix 1.2.3.4/32 nexthop 30.0.0.6 result = runner.invoke(config.config.commands["route"].commands["del"], \ @@ -264,8 +264,8 @@ def test_static_route_ECMP_nexthop_with_vrf(self): result = runner.invoke(config.config.commands["route"].commands["add"], \ ["prefix", "11.2.3.4/32", "nexthop", "vrf", "Vrf-RED", "30.0.0.5"], obj=obj) print(result.exit_code, result.output) - assert ('11.2.3.4/32') in db.cfgdb.get_table('STATIC_ROUTE') - assert db.cfgdb.get_entry('STATIC_ROUTE', '11.2.3.4/32') == {'nexthop': '30.0.0.5', 'nexthop-vrf': 'Vrf-RED', 'blackhole': 'false', 'distance': '0', 'ifname': ''} + assert ('default', '11.2.3.4/32') in db.cfgdb.get_table('STATIC_ROUTE') + assert db.cfgdb.get_entry('STATIC_ROUTE', 'default|11.2.3.4/32') == {'nexthop': '30.0.0.5', 'nexthop-vrf': 'Vrf-RED', 'blackhole': 'false', 'distance': '0', 'ifname': ''} result = runner.invoke(config.config.commands["vrf"].commands["add"], ["Vrf-BLUE"], obj=obj) print(result.exit_code, result.output) @@ -273,22 +273,22 @@ def test_static_route_ECMP_nexthop_with_vrf(self): result = runner.invoke(config.config.commands["route"].commands["add"], \ ["prefix", "11.2.3.4/32", "nexthop", "vrf", "Vrf-BLUE", "30.0.0.6"], obj=obj) print(result.exit_code, result.output) - assert ('11.2.3.4/32') in db.cfgdb.get_table('STATIC_ROUTE') - assert db.cfgdb.get_entry('STATIC_ROUTE', '11.2.3.4/32') == {"nexthop": "30.0.0.5,30.0.0.6", "nexthop-vrf": "Vrf-RED,Vrf-BLUE", 'blackhole': 'false,false', 'distance': '0,0', 'ifname': ','} + assert ('default', '11.2.3.4/32') in db.cfgdb.get_table('STATIC_ROUTE') + assert db.cfgdb.get_entry('STATIC_ROUTE', 'default|11.2.3.4/32') == {"nexthop": "30.0.0.5,30.0.0.6", "nexthop-vrf": "Vrf-RED,Vrf-BLUE", 'blackhole': 'false,false', 'distance': '0,0', 'ifname': ','} ''' Del ''' # config route del prefix 11.2.3.4/32 nexthop vrf Vrf-RED 30.0.0.5 result = runner.invoke(config.config.commands["route"].commands["del"], \ ["prefix", "11.2.3.4/32", "nexthop", "vrf", "Vrf-RED", "30.0.0.5"], obj=obj) print(result.exit_code, result.output) - assert ('11.2.3.4/32') in db.cfgdb.get_table('STATIC_ROUTE') - assert db.cfgdb.get_entry('STATIC_ROUTE', '11.2.3.4/32') == {"nexthop": "30.0.0.6", "nexthop-vrf": "Vrf-BLUE", 'blackhole': 'false', 'distance': '0', 'ifname': ''} + assert ('default', '11.2.3.4/32') in db.cfgdb.get_table('STATIC_ROUTE') + assert db.cfgdb.get_entry('STATIC_ROUTE', 'default|11.2.3.4/32') == {"nexthop": "30.0.0.6", "nexthop-vrf": "Vrf-BLUE", 'blackhole': 'false', 'distance': '0', 'ifname': ''} # config route del prefix 11.2.3.4/32 nexthop vrf Vrf-BLUE 30.0.0.6 result = runner.invoke(config.config.commands["route"].commands["del"], \ ["prefix", "11.2.3.4/32", "nexthop", "vrf", "Vrf-BLUE", "30.0.0.6"], obj=obj) print(result.exit_code, result.output) - assert not ('11.2.3.4/32') in db.cfgdb.get_table('STATIC_ROUTE') + assert not ('default', '11.2.3.4/32') in db.cfgdb.get_table('STATIC_ROUTE') def test_static_route_ECMP_mixed_nextfop(self): db = Db() @@ -300,8 +300,8 @@ def test_static_route_ECMP_mixed_nextfop(self): result = runner.invoke(config.config.commands["route"].commands["add"], \ ["prefix", "12.2.3.4/32", "nexthop", "30.0.0.6"], obj=obj) print(result.exit_code, result.output) - assert ('12.2.3.4/32') in db.cfgdb.get_table('STATIC_ROUTE') - assert db.cfgdb.get_entry('STATIC_ROUTE', '12.2.3.4/32') == {'nexthop': '30.0.0.6', 'blackhole': 'false', 'distance': '0', 'ifname': '', 'nexthop-vrf': ''} + assert ('default', '12.2.3.4/32') in db.cfgdb.get_table('STATIC_ROUTE') + assert db.cfgdb.get_entry('STATIC_ROUTE', 'default|12.2.3.4/32') == {'nexthop': '30.0.0.6', 'blackhole': 'false', 'distance': '0', 'ifname': '', 'nexthop-vrf': ''} result = runner.invoke(config.config.commands["vrf"].commands["add"], ["Vrf-RED"], obj=obj) print(result.exit_code, result.output) @@ -309,22 +309,22 @@ def test_static_route_ECMP_mixed_nextfop(self): result = runner.invoke(config.config.commands["route"].commands["add"], \ ["prefix", "12.2.3.4/32", "nexthop", "vrf", "Vrf-RED", "30.0.0.7"], obj=obj) print(result.exit_code, result.output) - assert ('12.2.3.4/32') in db.cfgdb.get_table('STATIC_ROUTE') - assert db.cfgdb.get_entry('STATIC_ROUTE', '12.2.3.4/32') == {'nexthop': '30.0.0.6,30.0.0.7', 'nexthop-vrf': ',Vrf-RED', 'blackhole': 'false,false', 'distance': '0,0', 'ifname': ','} + assert ('default', '12.2.3.4/32') in db.cfgdb.get_table('STATIC_ROUTE') + assert db.cfgdb.get_entry('STATIC_ROUTE', 'default|12.2.3.4/32') == {'nexthop': '30.0.0.6,30.0.0.7', 'nexthop-vrf': ',Vrf-RED', 'blackhole': 'false,false', 'distance': '0,0', 'ifname': ','} ''' Del ''' # config route del prefix 12.2.3.4/32 nexthop vrf Vrf-Red 30.0.0.7 result = runner.invoke(config.config.commands["route"].commands["del"], \ ["prefix", "12.2.3.4/32", "nexthop", "vrf", "Vrf-RED", "30.0.0.7"], obj=obj) print(result.exit_code, result.output) - assert ('12.2.3.4/32') in db.cfgdb.get_table('STATIC_ROUTE') - assert db.cfgdb.get_entry('STATIC_ROUTE', '12.2.3.4/32') == {'nexthop': '30.0.0.6', 'nexthop-vrf': '', 'ifname': '', 'blackhole': 'false', 'distance': '0'} + assert ('default', '12.2.3.4/32') in db.cfgdb.get_table('STATIC_ROUTE') + assert db.cfgdb.get_entry('STATIC_ROUTE', 'default|12.2.3.4/32') == {'nexthop': '30.0.0.6', 'nexthop-vrf': '', 'ifname': '', 'blackhole': 'false', 'distance': '0'} # config route del prefix 12.2.3.4/32 nexthop 30.0.0.6 result = runner.invoke(config.config.commands["route"].commands["del"], \ ["prefix", "12.2.3.4/32", "nexthop", "30.0.0.6"], obj=obj) print(result.exit_code, result.output) - assert not ('12.2.3.4/32') in db.cfgdb.get_table('STATIC_ROUTE') + assert not ('default', '12.2.3.4/32') in db.cfgdb.get_table('STATIC_ROUTE') def test_del_nonexist_key_static_route(self): db = Db() @@ -335,7 +335,7 @@ def test_del_nonexist_key_static_route(self): result = runner.invoke(config.config.commands["route"].commands["del"], \ ["prefix", "17.2.3.4/32", "nexthop", "30.0.0.6"], obj=obj) print(result.exit_code, result.output) - assert ERROR_DEL_NONEXIST_KEY_STR.format("17.2.3.4/32") in result.output + assert ERROR_DEL_NONEXIST_KEY_STR.format("default|17.2.3.4/32") in result.output def test_del_nonexist_entry_static_route(self): db = Db() @@ -346,20 +346,20 @@ def test_del_nonexist_entry_static_route(self): result = runner.invoke(config.config.commands["route"].commands["add"], \ ["prefix", "13.2.3.4/32", "nexthop", "30.0.0.5"], obj=obj) print(result.exit_code, result.output) - assert ('13.2.3.4/32') in db.cfgdb.get_table('STATIC_ROUTE') - assert db.cfgdb.get_entry('STATIC_ROUTE', '13.2.3.4/32') == {'nexthop': '30.0.0.5', 'blackhole': 'false', 'distance': '0', 'ifname': '', 'nexthop-vrf': ''} + assert ('default', '13.2.3.4/32') in db.cfgdb.get_table('STATIC_ROUTE') + assert db.cfgdb.get_entry('STATIC_ROUTE', 'default|13.2.3.4/32') == {'nexthop': '30.0.0.5', 'blackhole': 'false', 'distance': '0', 'ifname': '', 'nexthop-vrf': ''} # config route del prefix 13.2.3.4/32 nexthop 30.0.0.6 <- nh ip that doesnt exist result = runner.invoke(config.config.commands["route"].commands["del"], \ ["prefix", "13.2.3.4/32", "nexthop", "30.0.0.6"], obj=obj) print(result.exit_code, result.output) - assert ERROR_DEL_NONEXIST_ENTRY_STR.format(('30.0.0.6', '', ''), "13.2.3.4/32") in result.output + assert ERROR_DEL_NONEXIST_ENTRY_STR.format(('30.0.0.6', '', ''), "default|13.2.3.4/32") in result.output # config route del prefix 13.2.3.4/32 nexthop 30.0.0.5 result = runner.invoke(config.config.commands["route"].commands["del"], \ ["prefix", "13.2.3.4/32", "nexthop", "30.0.0.5"], obj=obj) print(result.exit_code, result.output) - assert not '13.2.3.4/32' in db.cfgdb.get_table('STATIC_ROUTE') + assert not ('default', '13.2.3.4/32') in db.cfgdb.get_table('STATIC_ROUTE') def test_del_entire_ECMP_static_route(self): db = Db() @@ -370,20 +370,20 @@ def test_del_entire_ECMP_static_route(self): result = runner.invoke(config.config.commands["route"].commands["add"], \ ["prefix", "14.2.3.4/32", "nexthop", "30.0.0.5"], obj=obj) print(result.exit_code, result.output) - assert ('14.2.3.4/32') in db.cfgdb.get_table('STATIC_ROUTE') - assert db.cfgdb.get_entry('STATIC_ROUTE', '14.2.3.4/32') == {'nexthop': '30.0.0.5', 'blackhole': 'false', 'distance': '0', 'ifname': '', 'nexthop-vrf': ''} + assert ('default', '14.2.3.4/32') in db.cfgdb.get_table('STATIC_ROUTE') + assert db.cfgdb.get_entry('STATIC_ROUTE', 'default|14.2.3.4/32') == {'nexthop': '30.0.0.5', 'blackhole': 'false', 'distance': '0', 'ifname': '', 'nexthop-vrf': ''} # config route add prefix 14.2.3.4/32 nexthop 30.0.0.6 result = runner.invoke(config.config.commands["route"].commands["add"], \ ["prefix", "14.2.3.4/32", "nexthop", "30.0.0.6"], obj=obj) print(result.exit_code, result.output) - assert ('14.2.3.4/32') in db.cfgdb.get_table('STATIC_ROUTE') - assert db.cfgdb.get_entry('STATIC_ROUTE', '14.2.3.4/32') == {'nexthop': '30.0.0.5,30.0.0.6', 'nexthop-vrf': ',', 'ifname': ',', 'blackhole': 'false,false', 'distance': '0,0'} + assert ('default', '14.2.3.4/32') in db.cfgdb.get_table('STATIC_ROUTE') + assert db.cfgdb.get_entry('STATIC_ROUTE', 'default|14.2.3.4/32') == {'nexthop': '30.0.0.5,30.0.0.6', 'nexthop-vrf': ',', 'ifname': ',', 'blackhole': 'false,false', 'distance': '0,0'} # config route del prefix 14.2.3.4/32 result = runner.invoke(config.config.commands["route"].commands["del"], ["prefix", "14.2.3.4/32"], obj=obj) print(result.exit_code, result.output) - assert not '14.2.3.4/32' in db.cfgdb.get_table('STATIC_ROUTE') + assert not ('default', '14.2.3.4/32') in db.cfgdb.get_table('STATIC_ROUTE') def test_static_route_nexthop_subinterface(self): db = Db() @@ -394,27 +394,27 @@ def test_static_route_nexthop_subinterface(self): result = runner.invoke(config.config.commands["route"].commands["add"], \ ["prefix", "2.2.3.5/32", "nexthop", "dev", "Ethernet0.10"], obj=obj) print(result.exit_code, result.output) - assert ('2.2.3.5/32') in db.cfgdb.get_table('STATIC_ROUTE') - assert db.cfgdb.get_entry('STATIC_ROUTE', '2.2.3.5/32') == {'nexthop': '', 'blackhole': 'false', 'distance': '0', 'ifname': 'Ethernet0.10', 'nexthop-vrf': ''} + assert ('default', '2.2.3.5/32') in db.cfgdb.get_table('STATIC_ROUTE') + assert db.cfgdb.get_entry('STATIC_ROUTE', 'default|2.2.3.5/32') == {'nexthop': '', 'blackhole': 'false', 'distance': '0', 'ifname': 'Ethernet0.10', 'nexthop-vrf': ''} # config route del prefix 2.2.3.5/32 nexthop dev Ethernet0.10 result = runner.invoke(config.config.commands["route"].commands["del"], \ ["prefix", "2.2.3.5/32", "nexthop", "dev", "Ethernet0.10"], obj=obj) print(result.exit_code, result.output) - assert not ('2.2.3.5/32') in db.cfgdb.get_table('STATIC_ROUTE') + assert not ('default', '2.2.3.5/32') in db.cfgdb.get_table('STATIC_ROUTE') # config route add prefix 2.2.3.5/32 nexthop dev Eth36.10 result = runner.invoke(config.config.commands["route"].commands["add"], \ ["prefix", "2.2.3.5/32", "nexthop", "dev", "Eth36.10"], obj=obj) print(result.exit_code, result.output) - assert ('2.2.3.5/32') in db.cfgdb.get_table('STATIC_ROUTE') - assert db.cfgdb.get_entry('STATIC_ROUTE', '2.2.3.5/32') == {'nexthop': '', 'blackhole': 'false', 'distance': '0', 'ifname': 'Eth36.10', 'nexthop-vrf': ''} + assert ('default', '2.2.3.5/32') in db.cfgdb.get_table('STATIC_ROUTE') + assert db.cfgdb.get_entry('STATIC_ROUTE', 'default|2.2.3.5/32') == {'nexthop': '', 'blackhole': 'false', 'distance': '0', 'ifname': 'Eth36.10', 'nexthop-vrf': ''} # config route del prefix 2.2.3.5/32 nexthop dev Eth36.10 result = runner.invoke(config.config.commands["route"].commands["del"], \ ["prefix", "2.2.3.5/32", "nexthop", "dev", "Eth36.10"], obj=obj) print(result.exit_code, result.output) - assert not ('2.2.3.5/32') in db.cfgdb.get_table('STATIC_ROUTE') + assert not ('default', '2.2.3.5/32') in db.cfgdb.get_table('STATIC_ROUTE') @classmethod def teardown_class(cls):