[dash] Add tests to cover PLNSG, FNIC, trusted VNI, return path ECMP (#19700)

Add test to cover DASH features PLNSG, floating NIC, trusted VNI, and return path ECMP

Signed-off-by: selldinesh <dinesh.sellappan@keysight.com>

Author: theasianpianist

tests/common/devices/multi_asic.py

@@ -98,6 +98,9 @@ def critical_services_tracking_list(self):
         if "dhcp_server" in config_facts["FEATURE"] and config_facts["FEATURE"]["dhcp_server"]["state"] == "enabled":
             service_list.append("dhcp_server")
 
+        if config_facts['DEVICE_METADATA']['localhost'].get('switch_type', '') == 'dpu' and 'snmp' in service_list:
+            service_list.remove('snmp')
+
         # Update the asic service based on feature table state and asic flag
         for service in list(self.sonichost.DEFAULT_ASIC_SERVICES):
             if service == 'teamd' and config_facts['DEVICE_METADATA']['localhost'].get('switch_type', '') == 'dpu':

tests/common/helpers/smartswitch_util.py

@@ -45,9 +45,16 @@ def correlate_dpu_info_with_dpuhost(dpuhosts, duthost):
         dpuhost.dpu_data_port_ip = dpu_ip_intf_facts[data_port_on_dpu]['ipv4'] if \
             data_port_on_dpu in dpu_ip_intf_facts else ''
 
-        dpuhost.data_port_on_npu = data_port_on_npu
+        dpuhost.npu_dataplane_port = data_port_on_npu
+        dpuhost.dpu_dataplane_port = data_port_on_dpu
+        dpuhost.npu_dataplane_mac = duthost.get_dut_iface_mac(data_port_on_npu)
+        dpuhost.dpu_dataplane_mac = dpuhost.get_dut_iface_mac(data_port_on_dpu)
+
         dpuhost.dataplane_mask_length = 31
         dpuhost.name = f"dpu{dpuhost.dpu_index}"
-        logger.info(f"dpuhost.data_port_on_npu: {dpuhost.data_port_on_npu}, "
-                    f"dpuhost.npu_data_port_ip:{dpuhost.npu_data_port_ip}, "
-                    f"dpuhost.dpu_data_port_ip:{dpuhost.dpu_data_port_ip}, ")
+        logger.info(f"dpuhost.data_port_on_npu: {dpuhost.npu_dataplane_port}, "
+                    f"dpuhost.npu_data_port_ip: {dpuhost.npu_data_port_ip}, "
+                    f"dpuhost.npu_dataplane_mac: {dpuhost.npu_dataplane_mac}, "
+                    f"dpuhost.data_port_on_dpu: {dpuhost.dpu_dataplane_port}, "
+                    f"dpuhost.dpu_data_port_ip: {dpuhost.dpu_data_port_ip}, "
+                    f"dpuhost.dpu_dataplane_mac: {dpuhost.dpu_dataplane_mac}")

tests/common/plugins/conditional_mark/tests_mark_conditions.yaml

@@ -446,6 +446,20 @@ bgp/test_traffic_shift_sup.py:
 #######################################
 #####            cacl             #####
 #######################################
+cacl/test_cacl_application.py:
+  skip:
+    reason: "skip test_cacl_application in PR test temporarily"
+    conditions:
+      - "asic_type in ['vs']"
+
+cacl/test_cacl_application.py::test_cacl_acl_loader_commands_internal:
+  skip:
+    reason: "test_cacl_acl_loader_commands_internal is only supported on t0/t1 testbed"
+    conditions_logical_operator: or
+    conditions:
+      - "topo_type not in ['t1', 't0']"
+      - "'dualtor' in topo_name"
+
 cacl/test_cacl_application.py::test_cacl_application_dualtor:
   skip:
     reason: "test_cacl_application_dualtor is only supported on dualtor topology"
@@ -584,15 +598,15 @@ dash/test_dash_privatelink.py:
     reason: "Currently dash tests are not supported on KVM or non-smartswitch T1s"
     conditions:
       - "asic_type in ['vs'] and https://github.com/sonic-net/sonic-mgmt/issues/16407"
-      - "hwsku not in ['Cisco-8102-28FH-DPU-O-T1', 'Mellanox-SN4280-O8C40']"
+      - "hwsku not in ['Cisco-8102-28FH-DPU-O-T1', 'Mellanox-SN4280-O8C40', 'Mellanox-SN4280-O28', 'Cisco-8102-28FH-DPU-O']"
 
 dash/test_dash_smartswitch_vnet.py:
   skip:
     conditions_logical_operator: or
     reason: "Currently dash tests are not supported on KVM or non-smartswitch T1s"
     conditions:
       - "asic_type in ['vs'] and https://github.com/sonic-net/sonic-mgmt/issues/16407"
-      - "hwsku not in ['Cisco-8102-28FH-DPU-O-T1', 'Mellanox-SN4280-O8C40']"
+      - "hwsku not in ['Cisco-8102-28FH-DPU-O-T1', 'Mellanox-SN4280-O8C40', 'Mellanox-SN4280-O28']"
 
 dash/test_dash_vnet.py:
   skip:
@@ -602,6 +616,22 @@ dash/test_dash_vnet.py:
       - "asic_type in ['vs'] and https://github.com/sonic-net/sonic-mgmt/issues/16407"
       - "platform in ['x86_64-nvidia_sn4280-r0']"
 
+dash/test_fnic.py:
+  skip:
+    conditions_logical_operator: or
+    reason: "Currently dash tests are not supported on KVM or non-smartswitch T1s"
+    conditions:
+      - "asic_type in ['vs'] and https://github.com/sonic-net/sonic-mgmt/issues/16407"
+      - "hwsku not in ['Cisco-8102-28FH-DPU-O-T1', 'Mellanox-SN4280-O8C40', 'Mellanox-SN4280-O28', 'Cisco-8102-28FH-DPU-O']"
+
+dash/test_plnsg.py:
+  skip:
+    conditions_logical_operator: or
+    reason: "Currently dash tests are not supported on KVM or non-smartswitch T1s"
+    conditions:
+      - "asic_type in ['vs'] and https://github.com/sonic-net/sonic-mgmt/issues/16407"
+      - "hwsku not in ['Cisco-8102-28FH-DPU-O-T1', 'Mellanox-SN4280-O8C40', 'Mellanox-SN4280-O28', 'Cisco-8102-28FH-DPU-O']"
+
 dash/test_relaxed_match_negative.py:
   skip:
     reason: "Currently dash tests are not supported on KVM"
@@ -3492,18 +3522,6 @@ restapi/test_restapi.py:
     conditions:
       - "asic_type not in ['mellanox']"
 
-restapi/test_restapi.py::test_create_interface:
-  xfail:
-    reason: "Skipped due to community issue https://github.com/sonic-net/sonic-mgmt/issues/17997 on SN5 devices"
-    conditions:
-      - "https://github.com/sonic-net/sonic-mgmt/issues/17997 and 'SN5' in hwsku"
-
-restapi/test_restapi.py::test_create_interface_sad:
-  xfail:
-    reason: "Skipped due to community issue https://github.com/sonic-net/sonic-mgmt/issues/17997 on SN5 devices"
-    conditions:
-      - "https://github.com/sonic-net/sonic-mgmt/issues/17997 and 'SN5' in hwsku"
-
 restapi/test_restapi.py::test_create_vrf:
   skip:
     reason: "Only supported on Mellanox T1"

tests/dash/configs/privatelink_config.py

@@ -1,4 +1,4 @@
-from dash_api.eni_pb2 import State
+from dash_api.eni_pb2 import State, EniMode
 from dash_api.route_type_pb2 import ActionType, EncapType, RoutingType
 from dash_api.types_pb2 import IpVersion
 
@@ -24,11 +24,14 @@
 
 APPLIANCE_ID = "100"
 LOCAL_REGION_ID = "100"
-VM_VNI = "4321"
+VM_VNI = 4321
 ENCAP_VNI = 100
+NSG_OUTBOUND_VNI = 100
 VNET1 = "Vnet1"
+VNET2 = "Vnet2"
 VNET1_VNI = "2001"
 VNET1_GUID = "559c6ce8-26ab-4193-b946-ccc6e8f930b2"
+VNET2_GUID = "559c6ce8-26ab-4193-b946-ccc6e8f930b3"
 VM_MAC = "44:E3:9F:EF:C4:6E"
 ENI_MAC = "F4:93:9F:EF:C4:7E"
 ENI_MAC_STRING = ENI_MAC.replace(":", "")
@@ -41,6 +44,17 @@
 ROUTE_GROUP1_GUID = "48af6ce8-26cc-4293-bfa6-0126e8fcdeb2"
 ROUTE_GROUP2_GUID = "58cf62e0-22cc-4693-baa6-012358fcdec9"
 OUTBOUND_DIR_LOOKUP = "dst_mac"
+TUNNEL1 = "Tunnel1"
+ENI_ID2 = "497f23d7-f0ac-4c99-a98f-59b470e8c7bd"
+TUNNEL1_ENDPOINT_IP = "40.40.40.40"
+TUNNEL2 = "Tunnel2"
+TUNNEL1_ENDPOINT_IPS = [TUNNEL1_ENDPOINT_IP]
+TUNNEL2_ENDPOINT_IPS = ["60.60.60.60", "70.70.70.70"]
+TUNNEL3 = "Tunnel3"
+TUNNEL3_ENDPOINT_IPS = ["80.80.80.80"]
+TUNNEL4 = "Tunnel4"
+TUNNEL4_ENDPOINT_IPS = ["90.90.90.90", "10.10.10.10"]
+ENI_TRUSTED_VNI = "800"
 METER_POLICY_V4 = "MeterPolicyV4"
 METER_RULE_V4_PREFIX1 = "48.10.5.0/24"
 METER_RULE_V4_PREFIX2 = "92.6.0.0/16"
@@ -49,7 +63,18 @@
     f"DASH_APPLIANCE_TABLE:{APPLIANCE_ID}": {
         "sip": APPLIANCE_VIP,
         "vm_vni": VM_VNI,
-        "local_region_id": LOCAL_REGION_ID
+        "local_region_id": LOCAL_REGION_ID,
+        "trusted_vnis": [ENCAP_VNI, NSG_OUTBOUND_VNI],
+    }
+}
+
+APPLIANCE_FNIC_CONFIG = {
+    f"DASH_APPLIANCE_TABLE:{APPLIANCE_ID}": {
+        "sip": APPLIANCE_VIP,
+        "vm_vni": VM_VNI,
+        "outbound_direction_lookup": OUTBOUND_DIR_LOOKUP,
+        "local_region_id": LOCAL_REGION_ID,
+        "trusted_vnis": ENCAP_VNI
     }
 }
 
@@ -60,6 +85,27 @@
     }
 }
 
+VNET2_CONFIG = {
+    f"DASH_VNET_TABLE:{VNET2}": {
+        "vni": VM_VNI,
+        "guid": VNET2_GUID
+    }
+}
+
+ENI_FNIC_CONFIG = {
+    f"DASH_ENI_TABLE:{ENI_ID}": {
+        "vnet": VNET1,
+        "underlay_ip": VM1_PA,
+        "mac_address": ENI_MAC,
+        "eni_id": ENI_ID2,
+        "admin_state": State.STATE_ENABLED,
+        "pl_underlay_sip": APPLIANCE_VIP,
+        "pl_sip_encoding": f"{PL_ENCODING_IP}/{PL_ENCODING_MASK}",
+        "eni_mode": EniMode.MODE_FNIC,
+        "trusted_vnis": ENI_TRUSTED_VNI,
+    }
+}
+
 ENI_CONFIG = {
     f"DASH_ENI_TABLE:{ENI_ID}": {
         "vnet": VNET1,
@@ -70,6 +116,7 @@
         "pl_underlay_sip": APPLIANCE_VIP,
         "pl_sip_encoding": f"{PL_ENCODING_IP}/{PL_ENCODING_MASK}",
         "v4_meter_policy_id": METER_POLICY_V4,
+        "trusted_vnis": VM_VNI
     }
 }
 
@@ -83,11 +130,94 @@
     }
 }
 
-VM1_VNET_MAPPING_CONFIG = {
-    f"DASH_VNET_MAPPING_TABLE:{VNET1}:{VM1_CA}": {
-        "routing_type": RoutingType.ROUTING_TYPE_VNET,
-        "underlay_ip": VM1_PA,
-        "metering_class_or": "2",
+PE_PLNSG_SINGLE_ENDPOINT_VNET_MAPPING_CONFIG = {
+    f"DASH_VNET_MAPPING_TABLE:{VNET1}:{PE_CA}": {
+        "routing_type": RoutingType.ROUTING_TYPE_PRIVATELINK,
+        "underlay_ip": PE_PA,
+        "overlay_sip_prefix": f"{PL_OVERLAY_SIP}/{PL_OVERLAY_SIP_MASK}",
+        "overlay_dip_prefix": f"{PL_OVERLAY_DIP}/{PL_OVERLAY_DIP_MASK}",
+        "metering_class_or": "1586",
+        "tunnel": TUNNEL3,
+    }
+}
+
+PE_PLNSG_MULTI_ENDPOINT_VNET_MAPPING_CONFIG = {
+    f"DASH_VNET_MAPPING_TABLE:{VNET1}:{PE_CA}": {
+        "routing_type": RoutingType.ROUTING_TYPE_PRIVATELINK,
+        "underlay_ip": PE_PA,
+        "overlay_sip_prefix": f"{PL_OVERLAY_SIP}/{PL_OVERLAY_SIP_MASK}",
+        "overlay_dip_prefix": f"{PL_OVERLAY_DIP}/{PL_OVERLAY_DIP_MASK}",
+        "metering_class_or": "1586",
+        "tunnel": TUNNEL4,
+    }
+}
+
+TUNNEL1_CONFIG = {
+    f"DASH_TUNNEL_TABLE:{TUNNEL1}": {
+        "endpoints": TUNNEL1_ENDPOINT_IPS,
+        "vni": ENCAP_VNI,
+        "encap_type": EncapType.ENCAP_TYPE_VXLAN
+    }
+}
+
+TUNNEL2_CONFIG = {
+    f"DASH_TUNNEL_TABLE:{TUNNEL2}": {
+        "endpoints": TUNNEL2_ENDPOINT_IPS,
+        "encap_type": EncapType.ENCAP_TYPE_VXLAN,
+        "vni": ENCAP_VNI,
+    }
+}
+
+TUNNEL3_CONFIG = {
+    f"DASH_TUNNEL_TABLE:{TUNNEL3}": {
+        "endpoints": TUNNEL3_ENDPOINT_IPS,
+        "vni": NSG_OUTBOUND_VNI,
+        "encap_type": EncapType.ENCAP_TYPE_VXLAN,
+    }
+}
+
+TUNNEL4_CONFIG = {
+    f"DASH_TUNNEL_TABLE:{TUNNEL4}": {
+        "endpoints": TUNNEL4_ENDPOINT_IPS,
+        "vni": NSG_OUTBOUND_VNI,
+        "encap_type": EncapType.ENCAP_TYPE_VXLAN,
+    }
+}
+
+INBOUND_VNI_ROUTE_RULE_CONFIG = {
+    f"DASH_ROUTE_RULE_TABLE:{ENI_ID}:{ENCAP_VNI}:{PE_PA}/32": {
+        "action_type": ActionType.ACTION_TYPE_DECAP,
+        "priority": 1
+    }
+}
+
+# For floating NIC, outbound packet will pass through inbound pipeline first before going to the outbound pipeline
+# Need this route rule entry to prevent the packet from being dropped in the inbound pipeline
+TRUSTED_VNI_ROUTE_RULE_CONFIG = {
+    f"DASH_ROUTE_RULE_TABLE:{ENI_ID}:{ENI_TRUSTED_VNI}:{VM1_PA}/32": {
+        "action_type": ActionType.ACTION_TYPE_DECAP,
+        "priority": 1
+    }
+}
+
+VM_SUBNET_ROUTE_WITH_TUNNEL_MULTI_ENDPOINT = {
+    f"DASH_ROUTE_TABLE:{ROUTE_GROUP1}:{VM_CA_SUBNET}": {
+        "routing_type": RoutingType.ROUTING_TYPE_DIRECT,
+        "tunnel": TUNNEL2
+    }
+}
+
+VM_SUBNET_ROUTE_WITH_TUNNEL_SINGLE_ENDPOINT = {
+    f"DASH_ROUTE_TABLE:{ROUTE_GROUP1}:{VM_CA_SUBNET}": {
+        "routing_type": RoutingType.ROUTING_TYPE_DIRECT,
+        "tunnel": TUNNEL1
+    }
+}
+
+VM_VNI_ROUTE_RULE_CONFIG = {
+    f"DASH_ROUTE_RULE_TABLE:{ENI_ID}:{VM_VNI}:{VM1_PA}/32": {
+        "action_type": ActionType.ACTION_TYPE_DECAP,
+        "priority": 1
     }
 }