[MCLAG L2 Scenario] Interface Mac address update fails. system mac of active dut is not same as standby

[rajneeshaec]

Description

[MCLAG L2 Scenario] Interface Mac address update fails. system mac of active dut is not same as standby

Steps to reproduce the issue:

Active DUT:-

root@sonic:/home/admin# mclagdctl dump state The MCLAG's keepalive is: OK MCLAG info sync is: completed Domain id: 1 Local Ip: 192.168.10.1 Peer Ip: 192.168.10.2 Peer Link Interface: PortChannel0100 Keepalive time: 1 sesssion Timeout : 15 Peer Link Mac: 00:e0:4b:70:a5:d6 Role: Active MCLAG Interface: Loglevel: NOTICE

Standby-DUT:-

root@sonic:/home/admin# mclagdctl dump state The MCLAG's keepalive is: OK MCLAG info sync is: completed Domain id: 1 Local Ip: 192.168.10.2 Peer Ip: 192.168.10.1 Peer Link Interface: PortChannel0100 Keepalive time: 1 sesssion Timeout : 15 Peer Link Mac: 00:e0:4b:6b:cf:86 Role: Standby MCLAG Interface: Loglevel: NOTICE

Describe the results you received:

system mac of Active DUT and Standby DUT are not same

Describe the results you expected:

system mac on both DUT 's should be same

Logs:-

root@sonic:/var/log# cat syslog |grep 00:e0:4b:70:a5:d6 2024 Jul 18 10:02:07.731709 sonic NOTICE iccpd#mclagsyncd: :- mclagsyncdSendFdbEntries: MCLAGSYNCD STATE FDB updates key=Vlan10:00:e0:4b:70:a5:d6, operation=SET, type: 2, port: PortChannel0100 2024 Jul 18 10:02:07.732203 sonic NOTICE iccpd#mclagsyncd: :- mclagsyncdSendFdbEntries: MCLAGSYNCD STATE FDB updates key=Vlan100:00:e0:4b:70:a5:d6, operation=SET, type: 2, port: PortChannel0100 2024 Jul 18 10:02:08.455224 sonic NOTICE swss#orchagent: :- addNeighbor: Created neighbor ip 192.168.10.1, 00:e0:4b:70:a5:d6 on Vlan10 2024 Jul 18 10:02:08.503320 sonic NOTICE iccpd#mclagsyncd: :- mclagsyncdSetSystemId: Set mlag 1 system mac to 00:e0:4b:70:a5:d6 2024 Jul 18 10:02:08.558780 sonic NOTICE iccpd#mclagsyncd: :- setFdbEntry: add fdb entry into ASIC_DB:key =Vlan10:00:e0:4b:70:a5:d6, type =static 2024 Jul 18 10:02:08.560412 sonic NOTICE iccpd#mclagsyncd: :- mclagsyncdSendFdbEntries: MCLAGSYNCD STATE FDB updates key=Vlan10:00:e0:4b:70:a5:d6, operation=DEL, type: 0, port: 2024 Jul 18 10:02:08.560471 sonic NOTICE swss#orchagent: :- addFdbEntry: fdbEvent: AddFdbEntry: Add MCLAG MAC with state mclag remote fdb table Mac: 00:e0:4b:70:a5:d6 Vlan: 10 port:PortChannel0100 type:static 2024 Jul 18 10:02:08.560796 sonic NOTICE iccpd#mclagsyncd: :- setFdbEntry: add fdb entry into ASIC_DB:key =Vlan10:00:e0:4b:70:a5:d6, type =static 2024 Jul 18 10:02:08.599324 sonic NOTICE iccpd#iccpd: [ICCP_FSM.NOTICE] RX system_conf: systemID 00:e0:4b:70:a5:d6, priority 0, remote nodeID 253, nodeID 254

Output of show version:

root@sonic:/home/admin# show version

SONiC Software Version: SONiC.202405.0-dirty-20240711.181457 SONiC OS Version: 12 Distribution: Debian 12.6 Kernel: 6.1.0-11-2-amd64 Build commit: 32b1f77bd Build date: Thu Jul 11 18:15:43 UTC 2024

[judyjoseph]

@matiAlfaro @VladimirKuk looks like the PR you raised is closed ? Please share any findings

[VladimirKuk]

@matiAlfaro @VladimirKuk looks like the PR you raised is closed ? Please share any findings

that wasn't a correct fix. Apparently the issue is that iccpd docker doesn't have sufficient permissions for netlink operations, such as changing mac address. There is a PR #19324 that already adds "--cap-add=NET_ADMIN" to docker parameters.