Merge pull request #60 from project-arlo/show-ip-arp-vrf

Updated HLD for show ip arp vrf support
project-arlo · May 5, 2020 · 560e8f8 · 560e8f8
2 parents 4885968 + 6d3e4b8
commit 560e8f8
Showing 1 changed file with 73 additions and 71 deletions.
diff --git a/doc/mgmt/SONiC_OC_ARP_NDP_get_support_HLD.md b/doc/mgmt/SONiC_OC_ARP_NDP_get_support_HLD.md
@@ -1,6 +1,6 @@
 # ARP/NDP get support
 
-Implement geti/clear support for ARP/NDP using CLI/REST/gNMI SONiC management framework interfaces.
+Implement show/clear support for ARP/NDP using CLI/REST/gNMI SONiC management framework interfaces.
 
 # High Level Design Document
 #### Rev 0.1
@@ -52,7 +52,8 @@ Provide a Management Framework based implementation of following commands:
 - clear ip arp
 - clear ipv6 neighbors
 
-The functionality should match the existing Click-based host interface provided by SONiC or IS-CLI (Industry Standard CLI)
+The functionality should match the existing Click-based host interface provided
+by SONiC or IS-CLI (Industry Standard CLI)
 
 ### 1.1.2 Configuration and Management Requirements
  - Implement ARP/NDP CLI show/clear commands
@@ -64,9 +65,15 @@ The functionality should match the existing Click-based host interface provided
 
 ## 1.2 Design Overview
 ### 1.2.1 Basic Approach
-In SONiC the neighbors' information is stored in NEIGH_TABLE of APPL_DB. The neighbor_sync process resolves mac address for neighbors using libnl and stores that information in NEIGH_TABLE. Also any static neighbor entry, made using Linux tools like "ip or arp", is also reflected in NEIGH_TABLE.
-The 'show' commands leverages NEIGH_TABLE to show ARP/NDP entries. For clearing ARP/NDP tables, we use linux tools like 'ip'. The neighbor sync process then eventually updates
-the NEIGH_TABLE and removes corresponding entries from it. The linux tool is invoked using RPC sent from the Northbound API  that clears the Linux neighbors cache using following commands:
+In SONiC the neighbors' information is stored in NEIGH_TABLE of APPL_DB. The
+neighbor_sync process resolves mac address for neighbors using libnl and stores
+that information in NEIGH_TABLE. Also any static neighbor entry, made using
+Linux tools like "ip or arp", is also reflected in NEIGH_TABLE.  The 'show'
+commands leverages NEIGH_TABLE to show ARP/NDP entries. For clearing ARP/NDP
+tables, we use linux tools like 'ip'. The neighbor sync process then eventually
+updates the NEIGH_TABLE and removes corresponding entries from it. The linux
+tool is invoked using RPC sent from the Northbound API  that clears the Linux
+neighbors cache using following commands:
 
 For ipv4:
 ```
@@ -85,11 +92,17 @@ All entries:
 Specific entry:
  sudo ip -6 neigh del <ip> dev <interface name>
 ```
-NOTE: To execute these commands, the docker image should be running in the **privileged** mode.
+NOTE: To execute these commands, the docker image should be running in the
+**privileged** mode.
 
-This triggers neighbor sync process of SONiC and eventually the corresponding entries in NEIGH_TABLE get deleted.
+This triggers neighbor sync process of SONiC and eventually the corresponding
+entries in NEIGH_TABLE get deleted.
 
-Without any argument both commands will show or flush the complete ARP/NDP table.  However, a user can specify interface, IP or MAC address (in case of show only) to show or clear corresponding neighbor entries only. Help information and syntax details are provided if the command is preceded with '?'.
+Without any argument both commands will show or flush the complete ARP/NDP
+table.  However, a user can specify interface, IP or MAC address (in case of
+show only) to show or clear corresponding neighbor entries only. Help
+information and syntax details are provided if the command is preceded with
+'?'.
 
 ### 1.2.2 Container
 This feature is implemented within the Management Framework container.
@@ -129,44 +142,6 @@ module: openconfig-if-ip
 -      |     |  +--rw link-layer-address    oc-yang:phys-address
        |     +--ro state
        |        +--ro ip?                   oc-inet:ipv4-address
-       |        +--ro link-layer-address    oc-yang:phys-address
--      |        +--ro origin?               neighbor-origin
-augment /oc-if:interfaces/oc-if:interface/oc-if:subinterfaces/oc-if:subinterface:
-    +--rw ipv6
-       +--rw neighbors
-       |  +--rw neighbor* [ip]
-       |     +--rw ip        -> ../config/ip
--      |     +--rw config
--      |     |  +--rw ip?                   oc-inet:ipv6-address
--      |     |  +--rw link-layer-address    oc-yang:phys-address
-       |     +--ro state
-       |        +--ro ip?                   oc-inet:ipv6-address
-       |        +--ro link-layer-address    oc-yang:phys-address
--      |        +--ro origin?               neighbor-origin
--      |        +--ro is-router?            empty
--      |        +--ro neighbor-state?       enumeration
-```
-Also sonic yang (sonic-neighbor.yang) is defined for fetching all entries from the NEIGH_TABLE and
-for the RPC for clearing ARP/NDP entries:
-```diff
-module: sonic-neighbor
-    +--rw sonic-neighbor
-       +--ro NEIGH_TABLE
-          +--ro NEIGH_TABLE_LIST* [ifname ip]
-             +--ro ifname    union
-             +--ro ip        inet:ip-prefix
-             +--ro neigh?    yang:mac-address
-             +--ro family?   enumeration
-
-  rpcs:
-    +---x clear-neighbors
-       +---w input
-       |  +---w force?    boolean
-       |  +---w family?   enumeration
-       |  +---w (option)?
-       |     +--:(all)
-       |     |  +---w all?      boolean
-       |     +--:(ip)
        |     |  +---w ip?       inet:ip-prefix
        |     +--:(ifname)
        |        +---w ifname?   union
@@ -180,7 +155,7 @@ module: sonic-neighbor
 Syntax:
 
 `
-clear ip arp [interface { Ethernet <port> | PortChannel <id> | Vlan <id> | Management <id> }] [<A.B.C.D>] [force]
+clear ip arp [vrf ``<vrf_name>``] [interface { Ethernet ``<port>`` | PortChannel ``<id>`` | Vlan ``<id>`` | Management ``<id>`` }] [``<A.B.C.D>``]
 `
 
 The command returns a non-empty string in case of any error; for e.g. if the interface is not found or the IP address is not available in ARP or NDP table.
@@ -189,10 +164,12 @@ Syntax Description:
 
 |    Keyword    | Description |
 |:-----------------:|:-----------:|
-| interface Ethernet/PortChannel/VLAN/Management*| This option clears the ARP entries matching the interface.
+| interface Ethernet/PortChannel/VLAN/Management*| This option clears the ARP entrie learnt on the given interface.
 | A.B.C.D | This options clears the ARP entries matching the particular IP
+| vrf | clear ARP entries belong to the given VRF name
 
-\*The Management interface translates to "eth" internally. For e.g. "clear ip arp inerface Management 0" will flush the entries learnt on interface "eth0".
+\*The Management interface translates to "eth" internally. For e.g. "clear ip
+arp inerface Management 0" will flush the entries learnt on interface "eth0".
 
 Command Mode: User EXEC
 Example:
@@ -205,24 +182,28 @@ sonic# clear ip arp 192.168.1.1
 
 sonic#
 
-sonic# clear ipv6 neighbors Ethernet 0
+sonic# clear ip arp Ethernet 0
+
+sonic#
+
+sonic# clear ip arp vrf Vrf_1
 
 sonic#
 ```
 
 ##### 3.6.2.1.2 `clear ipv6 neighbors`
 Syntax:
 
-`
-clear ipv6 neighbors [interface { Ethernet <port> | PortChannel <id> | Vlan <id> | Management <id> }] [<A::B>] [force]
-`
-
+```
+clear ipv6 neighbors [vrf <vrf_name>] [interface {Ethernet <port> | PortChannel <id> | Vlan <id> | Management <id>}] [<A::B>]
+```
 Syntax Description:
 
 |    Keyword    | Description |
 |:-----------------:|:-----------:|
-| interface Ethernet/PortChannel/VLAN/Management*| This option clears the neighbors' entries matching the interface.
+| interface Ethernet/PortChannel/VLAN/Management*| This option clears the neighbors' entries learnt on the interface.
 | A::B | This options clears the neighbors' entries matching the particular IPv6 address.
+| vrf | clear NDP entries belong to the given VRF name
 
 Command Mode: User EXEC
 
@@ -238,23 +219,32 @@ sonic#
 
 sonic# clear ipv6 neighbors Ethernet 0
 
+sonic#
+
+sonic# clear ipv6 neighbors vrf mgmt
+
 sonic#
 ```
 #### 3.6.2.2 Show Commands
-The following CLI commands dump the output of internal ARP/NDP entries from APP_DB with various options (filters), for example, filter based on L3 interface, no. of ARP/NDP entries present in the system (summary), filter based on IP address and MAC address..etc.
+The following CLI commands dump the output of internal ARP/NDP entries from
+APP_DB. The command supports various filters; for example,  filtering the results based on L3
+interface, IP or MAC address. Details of other options and filters are given below.
+
 ##### 3.6.2.2.1 show ip arp
 Syntax
 
-show ip arp [interface { Ethernet ``<port>`` [summary]  | PortChannel ``<id>`` [summary]  | Vlan ``<id>`` [summary] |Management ``<id>`` [summary]}]  [<A.B.C.D>] [mac-address ``<mac>``] [summary]
-
+```
+show ip arp [interface { Ethernet <port> [summary]  | PortChannel <id> [summary]  | Vlan <id> [summary] |Management <id> [summary]}]  [<A.B.C.D>] [mac-address <mac>] [summary] [vrf <vrf name>]
+```
 Syntax Description:
 
 |    Keyword    | Description |
 |:-----------------:|:-----------:|
 | interface Ethernet/PortChannel/VLAN/Management* | This option dumps the ARPs matching the particular interface and summary option provides the no. of ARP entries matching the particular interface.
 | A.B.C.D | This options dumps the ARP entry matching the particular IP
 | mac-address | This options dumps the ARP entry matching the particular MAC Address|
-| summary | This provides the count of ARP entries present in the system
+| summary | This provides the count of ARP entries present in the system|
+| vrf | show ARP entries belong to the given VRF name
 
 Command Mode: User EXEC
 
@@ -267,7 +257,7 @@ Address        Hardware address    Interface         Egress Interface
 20.0.0.2       90:b1:1c:f4:9d:ba   Vlan20            Ethernet0
 20.0.0.5       00:11:22:33:44:55   Vlan20            Ethernet0
 
-sonic# sonic# show ip arp interface Vlan 20
+sonic# show ip arp interface Vlan 20
 ------------------------------------------------------------------------
 Address        Hardware address    Interface         Egress Interface
 -------------------------------------------------------------------------
@@ -286,23 +276,33 @@ Address        Hardware address    Interface         Egress Interface
 ------------------------------------------------------------------------
 20.0.0.2       90:b1:1c:f4:9d:ba   Vlan20            Ethernet0
 
+sonic# show ip arp vrf Vrf_1
+------------------------------------------------------------------------
+Address        Hardware address    Interface         Egress Interface
+------------------------------------------------------------------------
+20.0.0.2       90:b1:1c:f4:9d:ba   Vlan20            Ethernet0
+20.0.0.5       00:11:22:33:44:55   Vlan20            Ethernet0
+
+
 sonic# show ip arp summary
 ---------------
 Total Entries
 ---------------
      2
 ````
 ##### 3.6.2.2.2 show ipv6 neighbors
-show ipv6 neighbors [interface { Ethernet ``<port>`` [summary]  | PortChannel ``<id>`` [summary]  | Vlan ``<id>`` [summary] }]  [<A::B>] [mac-address ``<mac>``] [summary]
-
+```
+show ipv6 neighbors [interface { Ethernet <port> [summary]  | PortChannel <id> [summary]  | Vlan <id> [summary] }]  [<A::B>] [mac-address <mac>] [summary] [vrf <vrf name>]
+```
 Syntax Description:
 
 |    Keyword    | Description |
 |:-----------------:|:-----------:|
-| interface Ethernet/Port-channel/VLAN/Management* |This option dumps the neighbors matching the particular interface and summary option provides the no. of neighbor entries matching the particular interface.
+| interface Ethernet/PortChannel/VLAN/Management* |This option dumps the neighbors matching the particular interface and summary option provides the no. of neighbor entries matching the particular interface.
 | A::B |This options dumps the neighbor entry matching the particular IP
 | mac-address |This options dumps the neighbor entry matching the particular MAC Address|
-| summary |This provides the count of neighbor entries present in the system
+| summary |This provides the count of neighbor entries present in the system|
+| vrf | show NDP entries belong to the given VRF name
 
 Command Mode: User EXEC
 
@@ -335,8 +335,6 @@ Total Entries
      3
 ````
 
-
-
 #### 3.6.2.3 Debug Commands
 #### 3.6.2.4 IS-CLI Compliance
 The following table maps SONiC CLI commands to corresponding IS-CLI commands. The compliance column identifies how the command comply to the IS-CLI syntax:
@@ -397,6 +395,7 @@ The following table maps SONiC CLI commands to corresponding IS-CLI commands. Th
 
 # 9 Unit Test
 The following test cases will be tested using CLI/REST/gNMI management interfaces.
+
 #### ARP test cases:
 1) Verify whether "show ip arp" command dumps all the ARP entries
 
@@ -410,6 +409,8 @@ The following test cases will be tested using CLI/REST/gNMI management interface
 
 6) Verify whether "show ip arp mac-address" option provides the ARP entries matching the particular MAC.
 
+7) Verify whether "show ip arp vrf"  option provides the ARP entries matching the given VRF name.
+
 #### NDP test cases:
 1) Verify whether "show ipv6 neighbors" command dumps all the neighbor entries
 
@@ -423,16 +424,17 @@ The following test cases will be tested using CLI/REST/gNMI management interface
 
 6) Verify whether "show ipv6 neighbors mac-address" option provides the neighbor entries matching the particular MAC.
 
-#### ARP test cases:
+7) Verify whether "show ipv6 neighbors vrf"  option provides the NDP entries matching the given VRF name.
+
+#### clear test cases:
 1) Verify whether "clear ip arp" command clears all the ARP entries
 
 2) Verify whether "clear ip arp interface { ethernet/port-channel/vlan }" clears the ARPs learnt on the particular interface
 
 3) Verify whether "clear ip arp <A.B.C.D> " clears the ARP entry matching the particular IP.
 
-#### NDP test cases:
-1) Verify whether "clear ipv6 neighbors" command clears all the neighbors entries
+4) Verify whether "clear ipv6 neighbors" command clears all the neighbors entries
 
-2) Verify whether "clear ipv6 neighbors interface {Ethernet/PortChannel/Vlan/Management}" clears the neighbor's learnt on the particular interface
+5) Verify whether "clear ipv6 neighbors interface {Ethernet/PortChannel/Vlan/Management}" clears the neighbor's learnt on the particular interface
 
-3) Verify whether "clear ipv6 neighbors <A::B>" clears the neighbor entry matching the particular IP.
+6) Verify whether "clear ipv6 neighbors <A::B>" clears the neighbor entry matching the particular IP.