Skip to content

[vnetorch] Prevent route deletion in default VRF upon conflicting route creation in non default VNET #4029

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Open
anish-n wants to merge 8 commits into
base: master
Choose a base branch
from
Open

[vnetorch] Prevent route deletion in default VRF upon conflicting route creation in non default VNET #4029

anish-n wants to merge 8 commits into from
+99 −14

Conversation

@anish-n
Copy link
Contributor

@anish-n anish-n commented Dec 3, 2025

What I did
Modified vnetorch to not delete conflicting route space in default vrf if the vnet scope is non default

Why I did it
To support conflicting IP spaces

How I verified it
SWSS UT which shows that conflicting IP space is no longer deleted, and manual testing on device which shows this as well

Details if related
ASIC DB route deleteion issue can be seen below(which is fixed by this PR):
Route entry on switch:

B>*0.0.0.0/0 [20/0] via 10.0.0.57, PortChannel101, 03:33:15
  *                 via 10.0.0.59, PortChannel102, 03:33:15
  *                 via 10.0.0.61, PortChannel103, 03:33:15
  *                 via 10.0.0.63, PortChannel104, 03:33:15

Route entry in ASIC DB:

 127.0.0.1:6379[1]> hgetall "ASIC_STATE:SAI_OBJECT_TYPE_ROUTE_ENTRY:{\"dest\":\"0.0.0.0/0\",\"switch_id\":\"oid:0x21000000000000\",\"vr\":\"oid:0x3000000000026\"}"
1) "SAI_ROUTE_ENTRY_ATTR_PACKET_ACTION"
2) "SAI_PACKET_ACTION_FORWARD"
3) "SAI_ROUTE_ENTRY_ATTR_NEXT_HOP_ID"
4) "oid:0x5000000000677"

Add conflicting route entry in VNET:

vnet name    prefix         endpoint    mac address          vni  status
-----------  -------------  ----------  -----------------  -----  --------
Vnet1000     0.0.0.0/0      70.60.0.5   00:00:00:00:03:04  25000  active

Default route is deleted from default VRF:

127.0.0.1:6379[1]> hgetall "ASIC_STATE:SAI_OBJECT_TYPE_ROUTE_ENTRY:{\"dest\":\"0.0.0.0/0\",\"switch_id\":\"oid:0x21000000000000\",\"vr\":\"oid:0x3000000000026\"}"
1) "SAI_ROUTE_ENTRY_ATTR_PACKET_ACTION"
2) "SAI_PACKET_ACTION_DROP"
3) "SAI_ROUTE_ENTRY_ATTR_NEXT_HOP_ID"
4) "oid:0x0"

Copilot AI review requested due to automatic review settings December 3, 2025 01:12
@anish-n anish-n requested a review from prsunny as a code owner December 3, 2025 01:12
@mssonicbld
Copy link
Collaborator

mssonicbld commented Dec 3, 2025

/azp run

@azure-pipelines
Copy link

azure-pipelines bot commented Dec 3, 2025

Azure Pipelines successfully started running 1 pipeline(s).

github-advanced-security[bot]
github-advanced-security bot found potential problems Dec 3, 2025
View reviewed changes
Copilot finished reviewing on behalf of anish-n December 3, 2025 01:15
Copilot AI reviewed Dec 3, 2025
View reviewed changes
Copy link

Copilot AI left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Pull request overview

This PR fixes a bug where routes in the default VRF were incorrectly deleted when conflicting routes were created in non-default VNETs. The fix modifies isRouteExists() to check for route existence in a specific VRF rather than always checking the default VRF.

  • Modified isRouteExists() to accept a vrf_id parameter for VRF-specific route lookups
  • Fixed return value in isRouteExists() from true to false when route table doesn't exist
  • Updated all call sites in vnetorch to pass the appropriate VRF ID

Reviewed changes

Copilot reviewed 5 out of 5 changed files in this pull request and generated 5 comments.

Show a summary per file
File Description
orchagent/routeorch.h Updated function signature to accept VRF ID parameter
orchagent/routeorch.cpp Modified isRouteExists() to check routes in specified VRF and fixed return value when route table not found
orchagent/vnetorch.cpp Updated three call sites to pass VRF ID to isRouteExists()
tests/vnet_lib.py Added helper functions to verify default VRF routes and VNET route deletion, but contains bugs
tests/test_vnet2.py Added new test and updated existing tests to validate conflicting route behavior with non-default VNETs

💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.

prsunny
prsunny previously approved these changes Dec 3, 2025
View reviewed changes
@mssonicbld
Copy link
Collaborator

mssonicbld commented Dec 4, 2025

/azp run

@azure-pipelines
Copy link

azure-pipelines bot commented Dec 4, 2025

Azure Pipelines successfully started running 1 pipeline(s).

@anish-n anish-n force-pushed the vnetRtTunFixDfltVrfDel branch from be974c2 to 4e3d162 Compare December 4, 2025 00:48
@mssonicbld
Copy link
Collaborator

mssonicbld commented Dec 4, 2025

/azp run

@azure-pipelines
Copy link

azure-pipelines bot commented Dec 4, 2025

Azure Pipelines successfully started running 1 pipeline(s).

@mssonicbld
Copy link
Collaborator

mssonicbld commented Dec 4, 2025

/azp run

@azure-pipelines
Copy link

azure-pipelines bot commented Dec 4, 2025

Azure Pipelines successfully started running 1 pipeline(s).

@mssonicbld
Copy link
Collaborator

mssonicbld commented Dec 8, 2025

/azp run

@azure-pipelines
Copy link

azure-pipelines bot commented Dec 8, 2025

Azure Pipelines successfully started running 1 pipeline(s).

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

Copilot code review Copilot Copilot left review comments

@prsunny prsunny prsunny approved these changes

Assignees

No one assigned

Labels

Approved for 202511 Branch Bug 🐛 Request for 202511 Branch

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

3 participants

@anish-n @mssonicbld @prsunny