Change an UNI to a disabled interface may result on never releasing the VLAN #618
Description
Hi,
As we discussed on Slack regarding a problem we observed during the MW in Production, there is a corner case on Mef_eline in which changing a UNI to a disabled interface may result in the VLAN never being released.
Steps to reproduce:
- Run Mininet with single topology, 3 hosts (
mn --topo single,3 --controller=remote,ip=127.0.0.1) - Run Kytos from docker hub amlight/kytos:latest
- Enable only two interfaces and the switch:
curl -H 'Content-type: application/json' -X POST http://127.0.0.1:8181/api/kytos/topology/v3/switches/00:00:00:00:00:00:00:01/enable
curl -H 'Content-type: application/json' -X POST http://127.0.0.1:8181/api/kytos/topology/v3/interfaces/00:00:00:00:00:00:00:01:1/enable
curl -H 'Content-type: application/json' -X POST http://127.0.0.1:8181/api/kytos/topology/v3/interfaces/00:00:00:00:00:00:00:01:2/enable
- Create an EVC:
curl -H 'Content-type: application/json' -X POST http://127.0.0.1:8181/api/kytos/mef_eline/v2/evc/ -d '{"name": "my evc1", "dynamic_backup_path": true, "uni_z": {"tag": {"value": 26, "tag_type": 1}, "interface_id": "00:00:00:00:00:00:00:01:2"}, "uni_a": {"interface_id": "00:00:00:00:00:00:00:01:1"}}'
- Make an Interface to go DOWN (not sure if this step is really necessary, but I'm trying to reproduce the same scenario we saw in prod)
ip link set down s1-eth2
- Submit a PATCH to change the EVC to a disabled interface:
# curl -v -H 'Content-type: application/json' -X PATCH http://127.0.0.1:8181/api/kytos/mef_eline/v2/evc/d5e5d8f353d146 -d '{"uni_z": {"tag": {"value": 26, "tag_type": 1}, "interface_id": "00:00:00:00:00:00:00:01:3"}, "uni_a": {"interface_id": "00:00:00:00:00:00:00:01:1"}}'
* Trying 127.0.0.1:8181...
* Connected to 127.0.0.1 (127.0.0.1) port 8181 (#0)
> PATCH /api/kytos/mef_eline/v2/evc/d5e5d8f353d146 HTTP/1.1
> Host: 127.0.0.1:8181
> User-Agent: curl/7.88.1
> Accept: */*
> Content-type: application/json
> Content-Length: 149
>
< HTTP/1.1 409 Conflict
< date: Thu, 06 Feb 2025 17:19:28 GMT
< server: uvicorn
< content-length: 95
< content-type: application/json
<
* Connection #0 to host 127.0.0.1 left intact
{"description":"Path is not valid: Interface 00:00:00:00:00:00:00:01:3 is disabled","code":409}
- Enable the interface:
curl -H 'Content-type: application/json' -X POST http://127.0.0.1:8181/api/kytos/topology/v3/interfaces/00:00:00:00:00:00:00:01:3/enable
- try to submit the PATCH again:
# curl -v -H 'Content-type: application/json' -X PATCH http://127.0.0.1:8181/api/kytos/mef_eline/v2/evc/d5e5d8f353d146 -d '{"uni_z": {"tag": {"value": 26, "tag_type": 1}, "interface_id": "00:00:00:00:00:00:00:01:3"}, "uni_a": {"interface_id": "00:00:00:00:00:00:00:01:1"}}'
* Trying 127.0.0.1:8181...
* Connected to 127.0.0.1 (127.0.0.1) port 8181 (#0)
> PATCH /api/kytos/mef_eline/v2/evc/d5e5d8f353d146 HTTP/1.1
> Host: 127.0.0.1:8181
> User-Agent: curl/7.88.1
> Accept: */*
> Content-type: application/json
> Content-Length: 149
>
< HTTP/1.1 400 Bad Request
< date: Thu, 06 Feb 2025 17:20:39 GMT
< server: uvicorn
< content-length: 121
< content-type: application/json
<
* Connection #0 to host 127.0.0.1 left intact
{"description":"KytosTagsAreNotAvailable, The tags [[26, 26]] are not available in 00:00:00:00:00:00:00:01:3","code":400}
Expected behavior: now that the interface is enabled, we should see the EVC being modified to use the new UNI_Z.
- Check the EVC status:
# curl http://127.0.0.1:8181/api/kytos/mef_eline/v2/evc/d5e5d8f353d146
{"active":false,"archived":false,"backup_path":[],"bandwidth":0,"circuit_scheduler":[],"current_path":[],"dynamic_backup_path":true,"enabled":true,"failover_path":[],"id":"d5e5d8f353d146","metadata":{},"name":"my evc1","primary_path":[],"service_level":0,"uni_a":{"interface_id":"00:00:00:00:00:00:00:01:1"},"uni_z":{"tag":{"tag_type":"vlan","value":26},"interface_id":"00:00:00:00:00:00:00:01:2"},"sb_priority":null,"execution_rounds":0,"owner":null,"queue_id":-1,"primary_constraints":{},"secondary_constraints":{},"primary_links":[],"backup_links":[],"start_date":"2025-02-06T17:18:28","creation_time":"2025-02-06T17:18:28","request_time":"2025-02-06T17:18:28","end_date":null,"flow_removed_at":null,"updated_at":"2025-02-06T17:18:48"}
- Tag ranges on interface 3:
# curl -H 'Content-type: application/json' -X GET http://127.0.0.1:8181/api/kytos/topology/v3/interfaces/00:00:00:00:00:00:00:01:3/tag_ranges
{"00:00:00:00:00:00:00:01:3":{"available_tags":{"vlan":[[1,25],[27,3798],[3800,4095]]},"tag_ranges":{"vlan":[[1,4095]]},"special_tags":{"vlan":["untagged","any"]},"special_available_tags":{"vlan":["untagged","any"]}}}
It looks like the check_disabled_components() sanity check is being executed after one modification (sanity checks should run before any modification): https://github.com/kytos-ng/mef_eline/blob/master/models/evc.py#L246