Address fixes to make sure t2 topology deploy works with and without macsec enabled.#17530
Merged
judyjoseph merged 1 commit intosonic-net:masterfrom Mar 21, 2025
Merged
Conversation
…hout macsec_enabled
Collaborator
|
/azp run |
|
Azure Pipelines successfully started running 1 pipeline(s). |
BYGX-wcr
approved these changes
Mar 14, 2025
judyjoseph
added a commit
to judyjoseph/sonic-mgmt
that referenced
this pull request
Mar 14, 2025
Contributor
Author
|
/azp run |
|
Azure Pipelines successfully started running 1 pipeline(s). |
abdosi
approved these changes
Mar 17, 2025
Contributor
Author
|
/azp run |
|
Azure Pipelines successfully started running 1 pipeline(s). |
Contributor
Author
|
/azp run |
|
Azure Pipelines successfully started running 1 pipeline(s). |
11 tasks
Contributor
Author
|
/azp run |
|
Azure Pipelines successfully started running 1 pipeline(s). |
Contributor
Author
|
/azp run |
|
Azure Pipelines successfully started running 1 pipeline(s). |
amulyan7
pushed a commit
to amulyan7/sonic-mgmt
that referenced
this pull request
Mar 31, 2025
…hout macsec_enabled (sonic-net#17530)
OriTrabelsi
pushed a commit
to OriTrabelsi/sonic-mgmt
that referenced
this pull request
Apr 1, 2025
…hout macsec_enabled (sonic-net#17530)
judyjoseph
added a commit
that referenced
this pull request
May 15, 2025
…enabled topology. (#17087) * Fixes found during nightly run with macsec enabled topology * Ffix for copp pfc voq ptftests * Fix the port_number to port_id things again * Fixes for acl tests, changes in config reload to pass override option if macsec is anebled, introduce the force_reload option if we need to reload macsec config for a port * Fixes to get generate_golden_config work when this run for a non macsec case in t2 topo * Add macsec support in acstests and saitests * Loop for count of packets to be sent as we need to increment PN * We need to import macsec to override send_packet and dp_poll * Changes moved to a different PR : #17530 * Remove redundant macsec.py files - make it all point to ansible/roles/test/files/ptftests/macsec.py * Take care of T0 macsec tests as well, so that t0-sonic is fine * Additional fix to support multiple profile names given as input * Use the right command KEYS instead of HGET * Update comment, use macsec_card to set MacSecEnabled in DeviceMetadata * Skip ACL egress tests when run on macsec enabled toplogy with braodcom DNX
tjchadaga
added
Approved for msft-202503 Branch
and removed
Cherry Pick Conflict_msft-202503
labels
tjchadaga
added a commit
to Azure/sonic-mgmt.msft
that referenced
this pull request
Jun 5, 2025
… works both with and without macsec_enabled (#17530) (#361) manual cherry-pick of PR - sonic-net/sonic-mgmt#17530
auspham
pushed a commit
to auspham/sonic-mgmt
that referenced
this pull request
Jun 27, 2025
…hout macsec_enabled (sonic-net#17530)
opcoder0
pushed a commit
to opcoder0/sonic-mgmt
that referenced
this pull request
Dec 8, 2025
…hout macsec_enabled (sonic-net#17530) Signed-off-by: opcoder0 <[email protected]>
opcoder0
pushed a commit
to opcoder0/sonic-mgmt
that referenced
this pull request
Dec 8, 2025
…enabled topology. (sonic-net#17087) * Fixes found during nightly run with macsec enabled topology * Ffix for copp pfc voq ptftests * Fix the port_number to port_id things again * Fixes for acl tests, changes in config reload to pass override option if macsec is anebled, introduce the force_reload option if we need to reload macsec config for a port * Fixes to get generate_golden_config work when this run for a non macsec case in t2 topo * Add macsec support in acstests and saitests * Loop for count of packets to be sent as we need to increment PN * We need to import macsec to override send_packet and dp_poll * Changes moved to a different PR : sonic-net#17530 * Remove redundant macsec.py files - make it all point to ansible/roles/test/files/ptftests/macsec.py * Take care of T0 macsec tests as well, so that t0-sonic is fine * Additional fix to support multiple profile names given as input * Use the right command KEYS instead of HGET * Update comment, use macsec_card to set MacSecEnabled in DeviceMetadata * Skip ACL egress tests when run on macsec enabled toplogy with braodcom DNX Signed-off-by: opcoder0 <[email protected]>
AharonMalkin
pushed a commit
to AharonMalkin/sonic-mgmt
that referenced
this pull request
Dec 16, 2025
…enabled topology. (sonic-net#17087) * Fixes found during nightly run with macsec enabled topology * Ffix for copp pfc voq ptftests * Fix the port_number to port_id things again * Fixes for acl tests, changes in config reload to pass override option if macsec is anebled, introduce the force_reload option if we need to reload macsec config for a port * Fixes to get generate_golden_config work when this run for a non macsec case in t2 topo * Add macsec support in acstests and saitests * Loop for count of packets to be sent as we need to increment PN * We need to import macsec to override send_packet and dp_poll * Changes moved to a different PR : sonic-net#17530 * Remove redundant macsec.py files - make it all point to ansible/roles/test/files/ptftests/macsec.py * Take care of T0 macsec tests as well, so that t0-sonic is fine * Additional fix to support multiple profile names given as input * Use the right command KEYS instead of HGET * Update comment, use macsec_card to set MacSecEnabled in DeviceMetadata * Skip ACL egress tests when run on macsec enabled toplogy with braodcom DNX Signed-off-by: Aharon Malkin <[email protected]>
gshemesh2
pushed a commit
to gshemesh2/sonic-mgmt
that referenced
this pull request
Dec 21, 2025
…hout macsec_enabled (sonic-net#17530) Signed-off-by: Guy Shemesh <[email protected]>
gshemesh2
pushed a commit
to gshemesh2/sonic-mgmt
that referenced
this pull request
Dec 21, 2025
…enabled topology. (sonic-net#17087) * Fixes found during nightly run with macsec enabled topology * Ffix for copp pfc voq ptftests * Fix the port_number to port_id things again * Fixes for acl tests, changes in config reload to pass override option if macsec is anebled, introduce the force_reload option if we need to reload macsec config for a port * Fixes to get generate_golden_config work when this run for a non macsec case in t2 topo * Add macsec support in acstests and saitests * Loop for count of packets to be sent as we need to increment PN * We need to import macsec to override send_packet and dp_poll * Changes moved to a different PR : sonic-net#17530 * Remove redundant macsec.py files - make it all point to ansible/roles/test/files/ptftests/macsec.py * Take care of T0 macsec tests as well, so that t0-sonic is fine * Additional fix to support multiple profile names given as input * Use the right command KEYS instead of HGET * Update comment, use macsec_card to set MacSecEnabled in DeviceMetadata * Skip ACL egress tests when run on macsec enabled toplogy with braodcom DNX Signed-off-by: Guy Shemesh <[email protected]>
gshemesh2
pushed a commit
to gshemesh2/sonic-mgmt
that referenced
this pull request
Jan 26, 2026
…hout macsec_enabled (sonic-net#17530) Signed-off-by: Guy Shemesh <[email protected]>
gshemesh2
pushed a commit
to gshemesh2/sonic-mgmt
that referenced
this pull request
Jan 26, 2026
…enabled topology. (sonic-net#17087) * Fixes found during nightly run with macsec enabled topology * Ffix for copp pfc voq ptftests * Fix the port_number to port_id things again * Fixes for acl tests, changes in config reload to pass override option if macsec is anebled, introduce the force_reload option if we need to reload macsec config for a port * Fixes to get generate_golden_config work when this run for a non macsec case in t2 topo * Add macsec support in acstests and saitests * Loop for count of packets to be sent as we need to increment PN * We need to import macsec to override send_packet and dp_poll * Changes moved to a different PR : sonic-net#17530 * Remove redundant macsec.py files - make it all point to ansible/roles/test/files/ptftests/macsec.py * Take care of T0 macsec tests as well, so that t0-sonic is fine * Additional fix to support multiple profile names given as input * Use the right command KEYS instead of HGET * Update comment, use macsec_card to set MacSecEnabled in DeviceMetadata * Skip ACL egress tests when run on macsec enabled toplogy with braodcom DNX Signed-off-by: Guy Shemesh <[email protected]>
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
6 participants
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Description of PR
This PR is separating the code changes made in PR : #17087, to just take care of fixes to get the t2 toplogy deploy work with and without macsec_enabled.
Additional change is to support any cipher suite give in the arguments. In below eg: it uses MACSEC_PROFILE which is defined as GCM-AES-XPN-256 here https://github.com/sonic-net/sonic-mgmt/blob/master/tests/common/macsec/profile.json#L69
Summary:
Fixes # (issue)
Type of change
Back port request
Approach
What is the motivation for this PR?
How did you do it?
How did you verify/test it?
Any platform specific information?
Supported testbed topology if it's a new test case?
Documentation