[dash] Add Privatelink traffic test #14757
Conversation
Signed-off-by: Prabhat Aravind <[email protected]>
Signed-off-by: Lawrence Lee <[email protected]>
Signed-off-by: Lawrence Lee <[email protected]>
|
@mukeshmv to review |
tests/dash/test_dash_privatelink.py
Outdated
|
|
||
| @pytest.fixture(scope="module") | ||
| def dpu_ip(duthost, dpu_index): | ||
| cmd = f"ip addr show | grep Ethernet-BP{dpu_index} | grep inet | awk '{{print $2}}'" |
There was a problem hiding this comment.
The interface is vendor-specific. It should be taken from platform.json file: https://github.com/sonic-net/SONiC/blob/master/doc/smart-switch/pmon/smartswitch-pmon.md#313-npu-to-dpu-data-port-mapping
There was a problem hiding this comment.
Here is an example of Nvidia platform:
sonic-net/sonic-buildimage#20358
Signed-off-by: Lawrence Lee <[email protected]>
Signed-off-by: Lawrence Lee <[email protected]>
tests/dash/packets.py
Outdated
| return str(ip_address(overlay_dip)) | ||
|
|
||
|
|
||
| def outbound_pl_packets(config, inner_packet_type='udp', vxlan_udp_dport=4789): |
There was a problem hiding this comment.
Do we have scenarios for inbound_pl_packets?
tests/dash/test_dash_privatelink.py
Outdated
|
|
||
| yield | ||
|
|
||
| duthost.shell(f"ip route del {pl.SIP}") |
There was a problem hiding this comment.
Before yield, it uses replace to change the static route, which means that a route related to pl.sip may exist. So, if we use del to remove the pl.sip route, it seems that it cannot restore to the original route status. Right?
There was a problem hiding this comment.
We expect no related routes to exist on the switch prior to the test, but use 'replace' here in case there are any routes that weren't cleaned up properly so that they will be overwritten
tests/dash/test_dash_vnet.py
Outdated
| @@ -65,7 +65,7 @@ def test_outbound_direct( | |||
| inner_packet_type, | |||
| acl_default_rule, | |||
| vxlan_udp_dport): | |||
| asic_db_checker(["SAI_OBJECT_TYPE_VNET", "SAI_OBJECT_TYPE_ENI"]) | |||
| # asic_db_checker(["SAI_OBJECT_TYPE_VNET", "SAI_OBJECT_TYPE_ENI"]) | |||
| PL_ENCODING_IP = "::56b2:0:ff71:0:0" | ||
| PL_ENCODING_MASK = "::ffff:ffff:ffff:0:0" | ||
| PL_UNDERLAY_SIP1 = "55.1.2.3" | ||
| PL_UNDERLAY_SIP2 = "55.2.3.4" |
There was a problem hiding this comment.
It seems that we don't use it
| INBOUND_UNDERLAY_IP = "25.1.1.1" | ||
| OUTBOUND_UNDERLAY_IP = "101.1.2.3" | ||
| VNET_MAP_IP1 = "10.1.1.5" | ||
| VNET_MAP_IP2 = "10.1.2.5" |
There was a problem hiding this comment.
It seems that we don't use it
tests/dash/packets.py
Outdated
| ip_dst=pl.SIP, | ||
| udp_dport=vxlan_udp_dport, | ||
| with_udp_chksum=False, | ||
| vxlan_vni=int(pl.VNET1_VNI), |
There was a problem hiding this comment.
This is outbound packet. VNI should be set to VM_VNI
tests/dash/packets.py
Outdated
| inner_packet = generate_inner_packet(inner_packet_type)( | ||
| eth_src=pl.ENI_MAC, | ||
| ip_src=config[LOCAL_CA_IP], | ||
| ip_dst=pl.VNET_MAP_IP1, |
There was a problem hiding this comment.
p1.VNET_MAP_IP1 is PE (private endpoint). Right?
|
@theasianpianist the test misses the data plane interface configuration for both the NPU and DPU sides. There is a static route that the test adds on the NPU side to send traffic to the DPU, but no IP address configuration on the interfaces. Therefore, the test won’t work without some manual pre-configuration. My assumption is that the test should be atomic and apply the full configuration needed to pass. The test should be extended to set the IP address on the NPU, and the IP address and VIP address on the DPU. |
|
|
||
| VNET_MAPPING_CONFIG = { | ||
| f"DASH_VNET_MAPPING_TABLE:{VNET1}:{VNET_MAP_IP1}": { | ||
| "mac_address": REMOTE_MAC_STRING, |
There was a problem hiding this comment.
This attribute is not suppored by the PL features:
sonic-net/sonic-swss#3319
Instead of setting this attribute as a part of the configuration, the test should use REMOTE_MAC as a destination inner MAC in the original VXLAN packet sent by PTF
tests/dash/packets.py
Outdated
|
|
||
| def outbound_pl_packets(config, inner_packet_type='udp', vxlan_udp_dport=4789): | ||
| inner_packet = generate_inner_packet(inner_packet_type)( | ||
| eth_src=pl.ENI_MAC, |
There was a problem hiding this comment.
The eth_dst should be set to the actual destination MAC address:
eth_dst=pl.REMOTE_MAC,
tests/dash/gnmi_utils.py
Outdated
| ptfhost, | ||
| messages, | ||
| dpu_index, | ||
| set=True, |
There was a problem hiding this comment.
'set' is a Python built-in name, better to use another name.
tests/dash/gnmi_utils.py
Outdated
| file.write(message.SerializeToString()) | ||
| update_list.append(path) | ||
| else: | ||
| path = f"/APPL_DB/dpu{dpu_index}/{filename}" |
There was a problem hiding this comment.
should be gnmi_key instead of filename
tests/dash/test_dash_privatelink.py
Outdated
| logger.info(messages) | ||
| apply_messages(localhost, duthost, ptfhost, messages, dpu_index) | ||
|
|
||
| return |
There was a problem hiding this comment.
There is no clean up of the dash configurations.
|
/azp run Azure.sonic-mgmt |
|
Azure Pipelines successfully started running 1 pipeline(s). |
|
/azp run Azure.sonic-mgmt |
|
Azure Pipelines successfully started running 1 pipeline(s). |
tests/dash/packets.py
Outdated
| gre_key=pl.ENCAP_VNI << 8, | ||
| inner_frame=exp_inner_packet, | ||
| ip_id=0, | ||
| ip_ttl=63, |
There was a problem hiding this comment.
Expected TTL should be changed to 254 based on sonic-net/DASH#636 PR
| "mac_address": ENI_MAC, | ||
| "eni_id": ENI_ID, | ||
| "admin_state": State.STATE_ENABLED, | ||
| "pl_underlay_sip": PL_UNDERLAY_SIP1, |
There was a problem hiding this comment.
pl_underlay_sip in the ENI table should be equal to the SIP address.
| if proto_utils.ENABLE_PROTO: | ||
| path = f"/APPL_DB/dpu{dpu_index}/{gnmi_key}:$/root/{filename}" | ||
| else: | ||
| path = f"/APPL_DB/dpu{dpu_index}/{gnmi_key}:@/root/{filename}" |
There was a problem hiding this comment.
For the path assignment, the else seems to be the same as the if.
| else: | ||
| path = "/APPL_DB/localhost/%s:@/root/%s" % (k, filename) | ||
| path = "/APPL_DB/dpu1/%s:@/root/%s" % (k, filename) |
Signed-off-by: Lawrence Lee <[email protected]>
|
/azp run |
|
Azure Pipelines successfully started running 1 pipeline(s). |
Signed-off-by: Lawrence Lee <[email protected]>
|
/azp run |
|
Azure Pipelines successfully started running 1 pipeline(s). |
theasianpianist
changed the title
Signed-off-by: Lawrence Lee <[email protected]>
|
/azp run |
|
Azure Pipelines successfully started running 1 pipeline(s). |
|
|
||
|
|
||
| """ | ||
| Test prerequisites: |
There was a problem hiding this comment.
Since we have the dpuhosts fixture(#15695), can we also automate the logic for adding the dpu baisc config? So, we can automate the PL case fully.
There was a problem hiding this comment.
Yes, I'll be adding this soon!
Signed-off-by: Lawrence Lee <[email protected]>
|
/azp run |
|
Azure Pipelines successfully started running 1 pipeline(s). |
|
/azp run |
|
Azure Pipelines successfully started running 1 pipeline(s). |
Signed-off-by: Lawrence Lee <[email protected]>
|
/azp run |
|
Azure Pipelines successfully started running 1 pipeline(s). |
Description of PR
Summary:
Fixes #14613
Adds outbound and inbound traffic tests for Privatelink
Type of change
Back port request
Approach
What is the motivation for this PR?
How did you do it?
How did you verify/test it?
Any platform specific information?
Supported testbed topology if it's a new test case?
Smartswitch testbed only
Documentation