From a05fbd89aba23e79793d3b6927b4b8b9f6c5f7ad Mon Sep 17 00:00:00 2001 From: Will Rideout Date: Mon, 15 Sep 2025 16:19:43 +0000 Subject: [PATCH 1/5] Support running acl tests without any IPv4 management configuration. Signed-off-by: Will Rideout --- tests/acl/test_acl.py | 4 +-- tests/common/fixtures/ptfhost_utils.py | 8 ++--- .../tests_mark_conditions.yaml | 6 ---- .../tests_mark_conditions_acl.yaml | 2 -- tests/scripts/garp_service.py | 35 +++++++++++-------- 5 files changed, 26 insertions(+), 29 deletions(-) diff --git a/tests/acl/test_acl.py b/tests/acl/test_acl.py index 431eb4e1805..fa6a05d47eb 100644 --- a/tests/acl/test_acl.py +++ b/tests/acl/test_acl.py @@ -535,8 +535,8 @@ def setup(duthosts, ptfhost, rand_selected_dut, rand_selected_front_end_dut, ran @pytest.fixture(scope="module", params=["ipv4", "ipv6"]) def ip_version(request, tbinfo, duthosts, rand_one_dut_hostname): - if tbinfo["topo"]["type"] in ["t0"] and request.param == "ipv6": - pytest.skip("IPV6 ACL test not currently supported on t0 testbeds") + if "isolated-v6" in tbinfo["topo"]["name"] and request.param == "ipv4": + pytest.skip("IPV4 ACL test not supported on isolated-v6 testbeds") return request.param diff --git a/tests/common/fixtures/ptfhost_utils.py b/tests/common/fixtures/ptfhost_utils.py index 43303c5eea5..caeb4aca396 100644 --- a/tests/common/fixtures/ptfhost_utils.py +++ b/tests/common/fixtures/ptfhost_utils.py @@ -477,8 +477,8 @@ def run_garp_service(duthost, ptfhost, tbinfo, change_mac_addresses, request): mux_cable_table = {} server_ipv4_base_addr, server_ipv6_base_addr = request.getfixturevalue('mock_server_base_ip_addr') for i, intf in enumerate(request.getfixturevalue('tor_mux_intfs')): - server_ipv4 = str(server_ipv4_base_addr + i) - server_ipv6 = str(server_ipv6_base_addr + i) + server_ipv4 = str(server_ipv4_base_addr + i) if server_ipv4_base_addr else '' + server_ipv6 = str(server_ipv6_base_addr + i) if server_ipv6_base_addr else '' mux_cable_table[intf] = {} mux_cable_table[intf]['server_ipv4'] = six.text_type(server_ipv4) # noqa: F821 mux_cable_table[intf]['server_ipv6'] = six.text_type(server_ipv6) # noqa: F821 @@ -490,8 +490,8 @@ def run_garp_service(duthost, ptfhost, tbinfo, change_mac_addresses, request): for vlan_intf, config in list(mux_cable_table.items()): ptf_port_index = ptf_indices[vlan_intf] - server_ip = ip_interface(config['server_ipv4']).ip - server_ipv6 = ip_interface(config['server_ipv6']).ip + server_ip = ip_interface(config['server_ipv4']).ip if config['server_ipv4'] else '' + server_ipv6 = ip_interface(config['server_ipv6']).ip if config['server_ipv6'] else '' garp_config[ptf_port_index] = { 'dut_mac': '{}'.format(dut_mac), diff --git a/tests/common/plugins/conditional_mark/tests_mark_conditions.yaml b/tests/common/plugins/conditional_mark/tests_mark_conditions.yaml index 819f514c0e0..a6081cf9c5d 100644 --- a/tests/common/plugins/conditional_mark/tests_mark_conditions.yaml +++ b/tests/common/plugins/conditional_mark/tests_mark_conditions.yaml @@ -65,12 +65,6 @@ acl/null_route/test_null_route_helper.py: - "'dualtor' in topo_name" - "'m1' in topo_type" -acl/test_acl.py: - skip: - reason: "Skip acl for isolated-v6 topology" - conditions: - - "'isolated-v6' in topo_name and https://github.com/sonic-net/sonic-mgmt/issues/18077" - acl/test_acl_outer_vlan.py: #Outer VLAN id match support is planned for future release with SONIC on Cisco 8000 #For the current release, will mark the related test cases as XFAIL diff --git a/tests/common/plugins/conditional_mark/tests_mark_conditions_acl.yaml b/tests/common/plugins/conditional_mark/tests_mark_conditions_acl.yaml index 73a8eb99cbc..f25b4c13b2d 100644 --- a/tests/common/plugins/conditional_mark/tests_mark_conditions_acl.yaml +++ b/tests/common/plugins/conditional_mark/tests_mark_conditions_acl.yaml @@ -253,10 +253,8 @@ acl/test_acl.py::TestAclWithPortToggle::test_udp_source_ip_match_dropped[ipv6-eg acl/test_acl.py::TestAclWithReboot: skip: reason: "Skip in t1-lag KVM test due to test time too long and t0 would cover this testbeds, or for isolated-v6 topology" - conditions_logical_operator: or conditions: - "topo_type in ['t1'] and asic_type in ['vs']" - - "'isolated-v6' in topo_name and https://github.com/sonic-net/sonic-mgmt/issues/18077" acl/test_acl.py::TestAclWithReboot::test_dest_ip_match_dropped[ipv6-egress-uplink->downlink-default-Vlan1000]: xfail: diff --git a/tests/scripts/garp_service.py b/tests/scripts/garp_service.py index b2d1eaf77c8..8c80776c186 100644 --- a/tests/scripts/garp_service.py +++ b/tests/scripts/garp_service.py @@ -32,23 +32,27 @@ def gen_garp_packets(self): source_ipv6_str = config['target_ipv6'] dut_mac = config['dut_mac'] dst_ipv6 = config['dst_ipv6'] - source_ip = str(ip_interface(source_ip_str).ip) - source_ipv6 = str(ip_interface(source_ipv6_str).ip) + source_ip = str(ip_interface(source_ip_str).ip) if source_ip_str else None + source_ipv6 = str(ip_interface(source_ipv6_str).ip) if source_ipv6_str else None # PTF uses Scapy to create packets, so this is ok to create # packets through PTF even though we are using Scapy to send the packets - garp_pkt = testutils.simple_arp_packet( - eth_src=source_mac, - hw_snd=source_mac, - ip_snd=source_ip, - # Re-use server IP as target IP, since it is within the subnet of the VLAN IP - ip_tgt=source_ip, - arp_op=2) - - na_pkt = Ether(src=source_mac, dst=dut_mac) \ - / IPv6(dst=dst_ipv6, src=source_ipv6) \ - / ICMPv6ND_NA(tgt=source_ipv6, S=1, R=0, O=0) \ - / ICMPv6NDOptSrcLLAddr(type=2, lladdr=source_mac) + garp_pkt = None + na_pkt = None + if source_ip: + garp_pkt = testutils.simple_arp_packet( + eth_src=source_mac, + hw_snd=source_mac, + ip_snd=source_ip, + # Re-use server IP as target IP, since it is within the subnet of the VLAN IP + ip_tgt=source_ip, + arp_op=2) + + if source_ipv6: + na_pkt = Ether(src=source_mac, dst=dut_mac) \ + / IPv6(dst=dst_ipv6, src=source_ipv6) \ + / ICMPv6ND_NA(tgt=source_ipv6, S=1, R=0, O=0) \ + / ICMPv6NDOptSrcLLAddr(type=2, lladdr=source_mac) self.packets[intf_name] = [garp_pkt, na_pkt] @@ -69,7 +73,8 @@ def send_garp_packets(self): while True: for socket, packet_list in list(sockets.items()): for packet in packet_list: - socket.send(packet) + if packet: + socket.send(packet) if self.interval is None: break From 1a58d4ac004b28f087e71b595f30f1e917a9ed8e Mon Sep 17 00:00:00 2001 From: Will Rideout Date: Mon, 15 Sep 2025 16:19:43 +0000 Subject: [PATCH 2/5] Support running acl tests without any IPv4 management configuration. Signed-off-by: Will Rideout --- .../tests_mark_conditions_acl.yaml | 28 +++++++++++++++++++ 1 file changed, 28 insertions(+) diff --git a/tests/common/plugins/conditional_mark/tests_mark_conditions_acl.yaml b/tests/common/plugins/conditional_mark/tests_mark_conditions_acl.yaml index f25b4c13b2d..81e45f804dc 100644 --- a/tests/common/plugins/conditional_mark/tests_mark_conditions_acl.yaml +++ b/tests/common/plugins/conditional_mark/tests_mark_conditions_acl.yaml @@ -40,6 +40,13 @@ acl/test_acl.py::TestAclWithPortToggle::test_icmp_match_forwarded[ipv6-egress-up - "platform in ['armhf-nokia_ixs7215_52x-r0']" - https://github.com/sonic-net/sonic-mgmt/issues/8639 +acl/test_acl.py::TestAclWithPortToggle::test_icmp_match_forwarded[ipv6-ingress-uplink->downlink-default-Vlan1000]: + xfail: + reason: "Test issue on isolated-v6 topos" + conditions: + - "'isolated-v6' in topo_name" + - https://github.com/sonic-net/sonic-mgmt/issues/18077 + acl/test_acl.py::TestAclWithPortToggle::test_icmp_source_ip_match_dropped[ipv6-egress-uplink->downlink-default-Vlan1000]: xfail: reason: "Egress issue in Nokia" @@ -322,6 +329,13 @@ acl/test_acl.py::TestAclWithReboot::test_icmp_match_forwarded[ipv6-egress-uplink conditions: - "topo_type in ['t1'] and asic_type in ['vs']" +acl/test_acl.py::TestAclWithReboot::test_icmp_match_forwarded[ipv6-ingress-uplink->downlink-default-Vlan1000]: + xfail: + reason: "Test issue on isolated-v6 topos" + conditions: + - "'isolated-v6' in topo_name" + - https://github.com/sonic-net/sonic-mgmt/issues/18077 + acl/test_acl.py::TestAclWithReboot::test_icmp_source_ip_match_dropped[ipv6-egress-uplink->downlink-default-Vlan1000]: xfail: reason: "Egress issue in Nokia" @@ -695,6 +709,13 @@ acl/test_acl.py::TestBasicAcl::test_icmp_match_forwarded[ipv6-egress-uplink->dow - "platform in ['armhf-nokia_ixs7215_52x-r0']" - https://github.com/sonic-net/sonic-mgmt/issues/8639 +acl/test_acl.py::TestBasicAcl::test_icmp_match_forwarded[ipv6-ingress-uplink->downlink-default-Vlan1000]: + xfail: + reason: "Test issue on isolated-v6 topos" + conditions: + - "'isolated-v6' in topo_name" + - https://github.com/sonic-net/sonic-mgmt/issues/18077 + acl/test_acl.py::TestBasicAcl::test_icmp_source_ip_match_dropped[ipv6-egress-uplink->downlink-default-Vlan1000]: xfail: reason: "Egress issue in Nokia" @@ -951,6 +972,13 @@ acl/test_acl.py::TestIncrementalAcl::test_icmp_match_forwarded[ipv6-egress-uplin - "platform in ['armhf-nokia_ixs7215_52x-r0']" - https://github.com/sonic-net/sonic-mgmt/issues/8639 +acl/test_acl.py::TestIncrementalAcl::test_icmp_match_forwarded[ipv6-ingress-uplink->downlink-default-Vlan1000]: + xfail: + reason: "Test issue on isolated-v6 topos" + conditions: + - "'isolated-v6' in topo_name" + - https://github.com/sonic-net/sonic-mgmt/issues/18077 + acl/test_acl.py::TestIncrementalAcl::test_icmp_source_ip_match_dropped[ipv6-egress-uplink->downlink-default-Vlan1000]: xfail: reason: "Egress issue in Nokia" From 413d9394cea1a177d8a786379047827e2c5f4703 Mon Sep 17 00:00:00 2001 From: Will Rideout Date: Mon, 15 Sep 2025 16:19:43 +0000 Subject: [PATCH 3/5] Support running acl tests without any IPv4 management configuration. Signed-off-by: Will Rideout --- tests/acl/test_acl.py | 7 +++++++ 1 file changed, 7 insertions(+) diff --git a/tests/acl/test_acl.py b/tests/acl/test_acl.py index d870d085fbf..9d788c38967 100644 --- a/tests/acl/test_acl.py +++ b/tests/acl/test_acl.py @@ -539,6 +539,13 @@ def setup(duthosts, ptfhost, rand_selected_dut, rand_selected_front_end_dut, ran def ip_version(request, tbinfo, duthosts, rand_one_dut_hostname): if "isolated-v6" in tbinfo["topo"]["name"] and request.param == "ipv4": pytest.skip("IPV4 ACL test not supported on isolated-v6 testbeds") + v6topo = "isolated-v6" in tbinfo["topo"]["name"] + if request.param == "ipv4": + if v6topo: + pytest.skip("IPV4 ACL test not supported on isolated-v6 testbeds") + else: # ipv6 + if tbinfo["topo"]["type"] in ["t0"] and not v6topo: + pytest.skip("IPV6 ACL test not currently supported on t0 testbeds") return request.param From fa1dbe0669031108bf13116eb831a490147e2baa Mon Sep 17 00:00:00 2001 From: Will Rideout Date: Mon, 15 Sep 2025 16:19:43 +0000 Subject: [PATCH 4/5] Support running acl tests without any IPv4 management configuration. Signed-off-by: Will Rideout --- tests/acl/test_acl.py | 2 -- 1 file changed, 2 deletions(-) diff --git a/tests/acl/test_acl.py b/tests/acl/test_acl.py index 9d788c38967..39d8921e9fc 100644 --- a/tests/acl/test_acl.py +++ b/tests/acl/test_acl.py @@ -537,8 +537,6 @@ def setup(duthosts, ptfhost, rand_selected_dut, rand_selected_front_end_dut, ran @pytest.fixture(scope="module", params=["ipv4", "ipv6"]) def ip_version(request, tbinfo, duthosts, rand_one_dut_hostname): - if "isolated-v6" in tbinfo["topo"]["name"] and request.param == "ipv4": - pytest.skip("IPV4 ACL test not supported on isolated-v6 testbeds") v6topo = "isolated-v6" in tbinfo["topo"]["name"] if request.param == "ipv4": if v6topo: From 8edc65ff021cb10df5aa41d5ab459bd20dca0af6 Mon Sep 17 00:00:00 2001 From: Will Rideout Date: Wed, 17 Dec 2025 17:07:30 +0000 Subject: [PATCH 5/5] Support running acl tests without any IPv4 management configuration Restore skip, on broadcom chips. Signed-off-by: Will Rideout --- .../plugins/conditional_mark/tests_mark_conditions.yaml | 5 +++++ 1 file changed, 5 insertions(+) diff --git a/tests/common/plugins/conditional_mark/tests_mark_conditions.yaml b/tests/common/plugins/conditional_mark/tests_mark_conditions.yaml index 59635c1ca5b..344500546bc 100644 --- a/tests/common/plugins/conditional_mark/tests_mark_conditions.yaml +++ b/tests/common/plugins/conditional_mark/tests_mark_conditions.yaml @@ -68,6 +68,11 @@ acl/null_route/test_null_route_helper.py: - "'m1' in topo_type" acl/test_acl.py: + skip: + reason: "Skip acl for isolated-v6 topology" + conditions: + - "'isolated-v6' in topo_name and https://github.com/sonic-net/sonic-mgmt/issues/18077" + - "asic_type in ['broadcom']" xfail: reason: "Test case has issue on the t0-isolated-d256u256s2 topo." conditions: