Address review comments on Ether-type and IP-type

Ether-type and IP type is not enforced in SWSS. The underlying SAI platform handles the case when both of these fields are not provided.
sonic-net · Apr 30, 2023 · f744bab · f744bab
1 parent 384d843
commit f744bab
Showing 1 changed file with 4 additions and 1 deletion.
diff --git a/doc/acl/Extend-L3V6ACLs.md b/doc/acl/Extend-L3V6ACLs.md
@@ -277,7 +277,10 @@ New fields are added to the ACL capability in STATE_DB to help applications iden
 - L4_DST_PORT
 - TCP_FLAGS
 
-***Note**: Every ACL Rule, should include at least one of [*IP_TYPE*, *ETHER_TYPE*] in the matching criteria when matching of L3 header fields. This allows orchestrator to decide in which underlying SAI ACL table to place the rule in. If these fields are not provided in the ACL rule, the rule is placed in the SAI IPv4 ACL table and the behavior is dependent on the platform.
+***Note**: It is recommended that every ACL Rule should include at least one of [*IP_TYPE*, *ETHER_TYPE*] in the matching criteria when matching of L3 header fields. When we handle unsupported platforms by adding two ACL tables in SAI, this allows orchestrator to decide in which underlying SAI ACL table to place the rule in. In phase-1, if these fields are not provided in the ACL rule, the underlying SAI platform must do one of the following: 
+1) install a single rule if the hardware supports it, or
+2) make multiple rules (one rule per IP type), or
+3) throw error as unsupported.
 
 **Actions allowed in the table of the type L3V4V6**