[dash-p4] Add ENI mode and trusted vni stage#672
Conversation
|
/azp run |
|
Commenter does not have sufficient privileges for PR 672 in repo sonic-net/DASH |
|
/azp run |
|
Commenter does not have sufficient privileges for PR 672 in repo sonic-net/DASH |
|
/azp run |
|
Commenter does not have sufficient privileges for PR 672 in repo sonic-net/DASH |
|
/azp run |
|
Commenter does not have sufficient privileges for PR 672 in repo sonic-net/DASH |
| @@ -16,6 +16,10 @@ sai_apis: | |||
| name: SAI_DIRECTION_LOOKUP_ENTRY_ACTION_SET_OUTBOUND_DIRECTION | |||
There was a problem hiding this comment.
Will be great to update the title to cover all changes in this PR.
dash-pipeline/bmv2/dash_pipeline.p4
Outdated
| UPDATE_COUNTER(eni_miss_drop, 0); | ||
| } | ||
| else if (meta.eni_data.eni_mode == dash_eni_mode_t.FNIC) { | ||
| trusted_vni_stage.apply(hdr, meta); |
There was a problem hiding this comment.
this one should be in global, shared by all ENIs.
| } | ||
|
|
||
| @SaiTable[single_match_priority = "true", api = "dash_trusted_vni"] | ||
| table trusted_vni { |
| { | ||
| action permit() {} | ||
|
|
||
| action deny() { |
There was a problem hiding this comment.
iirc, we have a global deny function and maybe we can use that instead.
There was a problem hiding this comment.
Use global deny function
| return; | ||
| } | ||
|
|
||
| trusted_vni.apply(); |
There was a problem hiding this comment.
need counter to track the drops.
There was a problem hiding this comment.
Add counter eni_trusted_vni_entry_miss_drop
jimmyzhai
changed the title
|
/azp run |
|
Commenter does not have sufficient privileges for PR 672 in repo sonic-net/DASH |
|
/azp run |
|
Commenter does not have sufficient privileges for PR 672 in repo sonic-net/DASH |
| } | ||
| } | ||
|
|
||
| @SaiTable[single_match_priority = "true", api = "dash_trusted_vni"] |
| (meta.flow_sync_state == dash_flow_sync_state_t.FLOW_MISS && | ||
| hdr.packet_meta.packet_source == dash_packet_source_t.EXTERNAL)) | ||
| { | ||
| trusted_vni_stage.apply(hdr, meta); |
There was a problem hiding this comment.
maybe we missed the inbound routing table for the VNI matching, if we simply return it here.
There was a problem hiding this comment.
Add a TODO comment and will revisit it after inbound routing HLD done.
|
/azp run |
|
Commenter does not have sufficient privileges for PR 672 in repo sonic-net/DASH |
Signed-off-by: Junhua Zhai <junhua.zhai@outlook.com>
| return; | ||
| } | ||
|
|
||
| if (!eni_trusted_vni.apply().hit) { |
There was a problem hiding this comment.
better add a TODO comment to make sure the pipeline can capture the behavior right.
There was a problem hiding this comment.
Have added TODO comment before trusted_vni_stage.apply(hdr, meta).
|
/azp run |
|
Commenter does not have sufficient privileges for PR 672 in repo sonic-net/DASH |
|
/azp run |
|
Commenter does not have sufficient privileges for PR 672 in repo sonic-net/DASH |
4 participants
Referring to sonic-net/SONiC#1911 and #665, to support FNIC pipeline, this PR adds the followings:
eni_trusted_vni_entry_miss_dropset_inbound_directionis not defaultonly at tabledirection_lookupglobal_trusted_vniandeni_trusted_vni