Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

[Sonic yang models]: Added the sonic yang models for acl, port, portchannel, vlan, vrf, interface etc #4001

Closed
wants to merge 6 commits into from
Closed

[Sonic yang models]: Added the sonic yang models for acl, port, portchannel, vlan, vrf, interface etc #4001

Show file tree
Hide file tree
Changes from 5 commits
Commits
Show all changes
6 commits
Select commit Hold shift + click to select a range
905b198
Removing the libYang exports which were pointing to the wrong directory
anand-kumar-subramanian Jan 9, 2020
7c072fb
Merge pull request #1 from Azure/master
anand-kumar-subramanian Jan 23, 2020
1b84ebf
Adding the sonic yang models for acl, port, portchannel, vlan, vrf, i…
anand-kumar-subramanian Jan 23, 2020
1564008
Removed the ietf yang models
anand-kumar-subramanian Jan 24, 2020
5c75bc6
Uncommented the needed checks in acl yang
anand-kumar-subramanian Jan 24, 2020
7867e65
Added database service as requirement and removed swss. Also added da…
anand-kumar-subramanian May 6, 2020
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
2 changes: 0 additions & 2 deletions dockers/docker-sonic-mgmt-framework/rest-server.sh
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -46,7 +46,5 @@ echo "REST_SERVER_ARGS = $REST_SERVER_ARGS"


export CVL_SCHEMA_PATH=/usr/sbin/schema
export LIBYANG_EXTENSIONS_PLUGINS_DIR=/usr/lib/x86_64-linux-gnu/libyang/extensions
export LIBYANG_USER_TYPES_PLUGINS_DIR=/usr/lib/x86_64-linux-gnu/libyang/user_types

exec /usr/sbin/rest_server ${REST_SERVER_ARGS}
231 changes: 231 additions & 0 deletions src/sonic-yang-models/sonic-acl.yang
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,231 @@
module sonic-acl {
namespace "http://github.com/Azure/sonic-acl";
prefix sacl;
yang-version 1.1;

import ietf-inet-types {
prefix inet;
}

import sonic-common {
prefix cmn;
}

import sonic-extension {
prefix sonic-ext;
}

import sonic-port {
prefix prt;
}

import sonic-mirror-session {
prefix sms;
}

organization
"SONiC";

contact
"SONiC";

description
"SONIC ACL";

revision 2019-05-15 {
description
"Initial revision.";
}

container sonic-acl {

container ACL_TABLE {

list ACL_TABLE_LIST {
key "aclname";
max-elements 1024; // Max 1K ACL tables for all platforms
sonic-ext:custom-validation ValidateMaxAclTable;

leaf aclname {
type string {
pattern '[a-zA-Z0-9]{1}([-a-zA-Z0-9_]{0,71})';
length 1..72;
}
}

leaf policy_desc {
type string {
length 1..255 {
error-app-tag policy-desc-invalid-length;
}
}
}

leaf stage {
type enumeration {
enum INGRESS;
enum EGRESS;
}
}

leaf type {
type enumeration {
enum MIRROR;
enum L2;
enum L3;
enum L3V6;
}
}

leaf-list ports {
type leafref {
path "/prt:sonic-port/prt:PORT/prt:PORT_LIST/prt:ifname";
}
}
}
}

container ACL_RULE {

list ACL_RULE_LIST {
key "aclname rulename";
max-elements 65536; // Max 64K ACL rules for all platforms

leaf aclname {
type leafref {
path "../../../ACL_TABLE/ACL_TABLE_LIST/aclname";
}
must "(/cmn:operation/cmn:operation != 'DELETE') or " +
"count(current()/../../../ACL_TABLE/ACL_TABLE_LIST[aclname=current()]/ports) = 0" {
error-message "Ports are already bound to this rule.";
}
}

leaf rulename {
type string;
}

leaf PRIORITY {
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I feel, we can use all Capital letter or all small letter for all leaf names. As I know Backhand converts it to capital. So all capital is better.

Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Again this needs to be documented in the sonic yang guidelines.

Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Documenting is required. But that does not justify us to be random.
Let us follow a standard.
Agree with @praveen-li, let us go for all caps.
@anand-kumar-subramanian, please ensure new SONiC schema files in buzznic follows this.
Please update the doc too.

type uint16 {
range "1..65535"{
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Why strict priority to only 65535, can be anything till 999999. BCRM SDK accepts it.

Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Yes you can change that in your PR

error-message "Invalid ACL rule priority.";
}
}
}

leaf RULE_DESCRIPTION {
type string;
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I see the length restriction dropped (compared to PR #18.
Is this intentional?

}

leaf PACKET_ACTION {
type enumeration {
enum FORWARD;
enum DROP;
enum REDIRECT;
enum INT_INSERT;
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

What are these new action types, "INT_INSERT" & "INT_DELETE"?

Does SONiC support today ?
Is this platform constrained?

enum INT_DELETE;
}
}

leaf MIRROR_ACTION {
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Is this a supported feature in SONiC ?

Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Yes

type leafref {
path "/sms:sonic-mirror-session/sms:MIRROR_SESSION/sms:MIRROR_SESSION_LIST/sms:name";
}
}

leaf IP_TYPE {
sonic-ext:custom-validation ValidateAclRuleIPAddress;
type enumeration {
enum ANY;
enum IP;
enum IPV4;
enum IPV4ANY;
enum NON_IPV4;
enum IPV6ANY;
enum NON_IPV6;
}
}

leaf IP_PROTOCOL {
type uint8 {
range "1|2|6|17|46|47|51|103|115";
}
}

leaf ETHER_TYPE {
type string {
pattern "(0x88CC)|(0x8100)|(0x8915)|(0x0806)|(0x0800)|(0x86DD)|(0x8847)" {
error-message "Invalid ACL Rule Ether Type";
error-app-tag ether-type-invalid;
}
}
}

choice ip_src_dst {
case ipv4_src_dst {
when "boolean(IP_TYPE[.='ANY' or .='IP' or .='IPV4' or .='IPV4ANY'])";
leaf SRC_IP {
mandatory true;
type inet:ipv4-prefix;
}
leaf DST_IP {
mandatory true;
type inet:ipv4-prefix;
}
}
case ipv6_src_dst {
when "boolean(IP_TYPE[.='ANY' or .='IP' or .='IPV6' or .='IPV6ANY'])";
leaf SRC_IPV6 {
mandatory true;
type inet:ipv6-prefix;
}
leaf DST_IPV6 {
mandatory true;
type inet:ipv6-prefix;
}
}
}

choice src_port {
case l4_src_port {
leaf L4_SRC_PORT {
type uint16;
}
}
case l4_src_port_range {
leaf L4_SRC_PORT_RANGE {
type string {
pattern "[0-9]{1,5}(-)[0-9]{1,5}";
}
}
}
}

choice dst_port {
case l4_dst_port {
leaf L4_DST_PORT {
type uint16;
}
}
case l4_dst_port_range {
leaf L4_DST_PORT_RANGE {
type string {
pattern "[0-9]{1,5}(-)[0-9]{1,5}";
}
}
}
}

leaf TCP_FLAGS {
type string {
pattern "0[xX][0-9a-fA-F]{2}[/]0[xX][0-9a-fA-F]{2}";
}
}

leaf DSCP {
type uint8;
}
}
}
}
}
50 changes: 50 additions & 0 deletions src/sonic-yang-models/sonic-common.yang
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,50 @@
module sonic-common {
namespace "http://github.com/Azure/sonic-common";
prefix scommon;

organization
"SONiC";

contact
"SONiC";

description
"SONIC Common";

revision 2019-05-15 {
description
"Initial revision.";
}

typedef tagging_mode {
type enumeration {
enum untagged;
enum tagged;
enum priority_tagged;
}
}

typedef admin-status {
type enumeration {
enum up;
enum down;
}
}

typedef oper-status {
type enumeration {
enum up;
enum down;
}
}

container operation {
leaf operation {
type enumeration {
enum CREATE;
enum UPDATE;
enum DELETE;
}
}
}
}
56 changes: 56 additions & 0 deletions src/sonic-yang-models/sonic-extension.yang
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,56 @@

module sonic-extension {
namespace "http://github.com/Azure/sonic-extension";
prefix sonic-ext;

organization
"SONiC";

contact
"SONiC";

description
"SONIC Extension";

revision 2019-09-18 {
description
"Initial revision.";
}

extension db-name {
description
"DB name, e.g. APPL_DB, CONFIG_DB";
argument "value";
}

extension key-delim {
description
"Key delimeter, e.g. - |, :";
argument "value";
}

extension key-pattern {
description
"Key pattern, e.g. - ACL_RULE|{aclname}|{rulename}";
argument "value";
}

extension map-list {
description
"If it is a map list";
argument "value";
}

extension map-leaf {
description
"Map leaf names";
argument "value";
}

extension custom-validation {
description
"Extension for custom validation.
Platform specific validation can be implemented using custom validation.";
argument "handler";
}
}
Loading