Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

[201811][Cherry-pick] [acl mirror action] Mirror session ref count fix at acl rule attachment #1898

Merged
merged 2 commits into from
Sep 6, 2021
Merged
Show file tree
Hide file tree
Changes from all commits
Commits
File filter

Filter by extension

Filter by extension

Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
12 changes: 5 additions & 7 deletions orchagent/aclorch.cpp
Original file line number Diff line number Diff line change
Expand Up @@ -1089,13 +1089,6 @@ bool AclRuleMirror::create()
throw runtime_error("Failed to get mirror session state");
}

// Increase session reference count regardless of state to deny
// attempt to remove mirror session with attached ACL rules.
if (!m_pMirrorOrch->increaseRefCount(m_sessionName))
{
throw runtime_error("Failed to increase mirror session reference count");
}

if (!state)
{
return true;
Expand All @@ -1118,6 +1111,11 @@ bool AclRuleMirror::create()
return false;
}

if (!m_pMirrorOrch->increaseRefCount(m_sessionName))
{
throw runtime_error("Failed to increase mirror session reference count for session");
}

m_state = true;

return true;
Expand Down
43 changes: 33 additions & 10 deletions tests/test_mirror.py
Original file line number Diff line number Diff line change
Expand Up @@ -132,7 +132,7 @@ def test_MirrorAddRemove(self, dvs, testlog):
# add route to mirror destination via 10.0.0.1
self.add_route(dvs, "2.2.2.2", "10.0.0.1")
assert self.get_mirror_session_state(session)["status"] == "active"
assert self.get_mirror_session_state(session)["monitor_port"] == dvs.asicdb.portnamemap["Ethernet16"]
assert self.get_mirror_session_state(session)["monitor_port"] == "Ethernet16"
assert self.get_mirror_session_state(session)["dst_mac"] == "02:04:06:08:10:12"
assert self.get_mirror_session_state(session)["route_prefix"] == "2.2.2.2/32"

Expand Down Expand Up @@ -707,12 +707,11 @@ def remove_mirror_acl_dscp_rule(self, table, rule):
time.sleep(1)


def test_AclBindMirror(self, dvs, testlog):
def _test_AclBindMirror(self, dvs, testlog, create_seq_test=False):
"""
This test tests ACL associated with mirror session with DSCP value
The DSCP value is tested on both with mask and without mask
"""
self.setup_db(dvs)

session = "MIRROR_SESSION"
acl_table = "MIRROR_TABLE"
Expand All @@ -722,27 +721,44 @@ def test_AclBindMirror(self, dvs, testlog):
self.set_interface_status("Ethernet32", "up")
self.add_ip_address("Ethernet32", "20.0.0.0/31")
self.add_neighbor("Ethernet32", "20.0.0.1", "02:04:06:08:10:12")
self.add_route(dvs, "4.4.4.4", "20.0.0.1")
if create_seq_test == False:
self.add_route(dvs, "4.4.4.4", "20.0.0.1")

# create mirror session
self.create_mirror_session(session, "3.3.3.3", "4.4.4.4", "0x6558", "8", "100", "0")
assert self.get_mirror_session_state(session)["status"] == "active"
assert self.get_mirror_session_state(session)["status"] == ("active" if create_seq_test == False else "inactive")

# assert mirror session in asic database
# check mirror session in asic database
tbl = swsscommon.Table(self.adb, "ASIC_STATE:SAI_OBJECT_TYPE_MIRROR_SESSION")
assert len(tbl.getKeys()) == 1
mirror_session_oid = tbl.getKeys()[0]
assert len(tbl.getKeys()) == (1 if create_seq_test == False else 0)
if create_seq_test == False:
mirror_session_oid = tbl.getKeys()[0]

# create acl table
self.create_acl_table(acl_table, ["Ethernet0", "Ethernet4"])

# create acl rule with dscp value 48
self.create_mirror_acl_dscp_rule(acl_table, acl_rule, "48", session)

# assert acl rule is created
# acl rule creation check
tbl = swsscommon.Table(self.adb, "ASIC_STATE:SAI_OBJECT_TYPE_ACL_ENTRY")
rule_entries = [k for k in tbl.getKeys() if k not in dvs.asicdb.default_acl_entries]
assert len(rule_entries) == 1
assert len(rule_entries) == (1 if create_seq_test == False else 0)

if create_seq_test == True:
self.add_route(dvs, "4.4.4.4", "20.0.0.1")

assert self.get_mirror_session_state(session)["status"] == "active"

# assert mirror session in asic database
tbl = swsscommon.Table(self.adb, "ASIC_STATE:SAI_OBJECT_TYPE_MIRROR_SESSION")
assert len(tbl.getKeys()) == 1
mirror_session_oid = tbl.getKeys()[0]

# assert acl rule is created
tbl = swsscommon.Table(self.adb, "ASIC_STATE:SAI_OBJECT_TYPE_ACL_ENTRY")
rule_entries = [k for k in tbl.getKeys() if k not in dvs.asicdb.default_acl_entries]
assert len(rule_entries) == 1

(status, fvs) = tbl.get(rule_entries[0])
assert status == True
Expand Down Expand Up @@ -789,3 +805,10 @@ def test_AclBindMirror(self, dvs, testlog):
self.remove_neighbor("Ethernet32", "20.0.0.1")
self.remove_ip_address("Ethernet32", "20.0.0.0/31")
self.set_interface_status("Ethernet32", "down")

def test_AclBindMirror(self, dvs, testlog):
self.setup_db(dvs)

self._test_AclBindMirror(dvs, testlog)
self._test_AclBindMirror(dvs, testlog, create_seq_test=True)