![]() ![]() Does the design support ASIC SAI capability check for pkt hash fields? > Not in the scope of the design.Can the Design allow separate configuration for ECMP and LAG features ? > yes, It is supported.What if the user has changed the switch time stamp, what will happen to the stale ACL rules, which make the system inconsistent? how to handle this?.Is there a mechanism to optimize time stamp based ACL rules instead of walking through all the time based ACL rules?.Can this design decouple the ACL implementation without depending on the time synchronization (NTP) ?.How does the design manage if the device time is not synchronized with the management system?.Are there any SAI dependencies with this feature? > No new SAI attributes introduced as part of this feature.Community suggestion - All the new config tables must have Yang models defined.Why can't the design reuse the existing ACL rule table to implement time based ACLs?.Is the HLD supports periodic timestamp based ACL ? > It's in the roadmap.Community suggestion - it would support multiple time formats as well as user defined time formats.What are the timestamp formats supported by this HLD? > is it epoch? What other formats does it support?.What is the use case trying to solve by this HLD? > The HLD will address the following security concern - the ACL is always active until someone removed and sometimes mgmt plane down can't be removed from data plane.It seems all the ASIC may not have capability to switch off/on hash fields configured not available in the ASIC, Is is there any default behaviour to pick up the hash fields calculations?.How does it handle if ASIC supporters (more or less have SAI HASH fields )configured?.What is the plan for qualifying these features ? > Yes, part of the sonic-mgmt repo. ![]()
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |