You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
- Updated Connection tracking test plan
- ENI test plan update
- Vnet test plan: listed all new test cases, added tests description
- Updated requirements and underlay routing dependencies.
- Style minor updated
Signed-off-by: Yuriy Harhas <[email protected]>
| 7 | ICMP traffic for VNET Inbound routing. **to clarify** no session is expected? |`ConnTrackInboundSessionTest.`<br/> `connTrackInboundIcmpSessionTest`| Creates single ENI inbound configuration. Verifies connection tracking with bidirectional ICMP traffic (echo request & reply) and counters verification. |
57
+
| 8 | ICMP traffic for VNET Outbound routing. **to clarify**|`ConnTrackOutboundSessionTest.`<br/> `connTrackOutboundIcmpSessionTest`| Creates single ENI outbound configuration. Verifies connection tracking with bidirectional ICMP traffic (echo request & reply) and counters verification. |
58
+
| 9 | Same overlay MAC/IP but different ENI, Inbound Routing. |`ConnTrackInboundSameOverlayIpDiffEniTest.`<br/>`verifyEni0TcpSessionTest`<br/>`verifyEni0UdpSessionTest`<br/>`verifyEni1TcpSessionTest`<br/>`verifyEni1UdpSessionTest`| Creates two the same ENIs with same MAC addresses and different VNIs. Creates the same Inbound configuration for ENIs.<br/> Verifies connection tracking with bidirectional TCP & UDP traffic and counters verification. |
59
+
| 10 | Same overlay MAC/IP but different ENI, Outbound Routing. |`ConnTrackOutboundSameOverlayIpDiffEniTest.`<br/>`verifyEni0TcpSessionTest`<br/>`verifyEni0UdpSessionTest`<br/>`verifyEni1TcpSessionTest`<br/>`verifyEni1UdpSessionTest`| Creates two the same ENIs with same MAC addresses and different VNIs. Creates the same Outbound configuration for ENIs.<br/> Verifies connection tracking with bidirectional TCP & UDP traffic and counters verification. |
| 1 | Verify standard ageing (fully correct TCP session). |`ConnTrackInboundSessionAgeingTest.`<br/> `connTrackInboundTcpStandardAgeingTest`| Creates single ENI inbound configuration. Bidirectionally send TCP packets needed for standard TCP session start and termination.<br/> Send TCP inbound packet to verify session is terminated and packet is dropped immediately after last TCP termination packet. |
66
+
| 2 | -//- (but VNET Outbound Routing) |`ConnTrackOutboundSessionAgeingTest.`<br/> `connTrackOutboundTcpStandardAgeingTest`| Creates single ENI outbound configuration. Bidirectionally send TCP packets needed for standard TCP session start and termination.<br/> Immediately after last TCP termination packets sends TCP outbound packet to verify session is terminated and packet dropped. |
67
+
| 3 | Verify standard ageing (fully correct UDP session). |`ConnTrackInboundSessionAgeingTest.`<br/> `connTrackInboundUdpStandardAgeingTest`| Creates single ENI inbound configuration. Bidirectionally send UDP packets. Wait default ageing time for session termination.<br/> Send UDP packet to verify session is terminated and packet is dropped after default ageing time. |
68
+
| 4 | -//- (but VNET Outbound Routing) |`ConnTrackOutboundSessionAgeingTest.`<br/> `connTrackOutboundUdpStandardAgeingTest`| Creates single ENI outbound configuration. Bidirectionally send UDP packets. Wait default ageing time for session termination.<br/> Immediately after default ageing time sends UDP packet to verify session is terminated and packet dropped. |
| 7 | Verify open TCP session but no data and no FIN. |`ConnTrackInboundSessionAgeingTest.`<br/> `connTrackInboundTcpAgeingTest`| Creates single ENI inbound configuration. Bidirectionally send TCP packets needed only for TCP session start. Wait default ageing time for session termination.<br/> Immediately after default ageing time sends TCP packet to verify session is terminated and packet dropped. |
72
+
| 8 | -//- (but VNET Outbound Routing) |`ConnTrackOutboundSessionAgeingTest`.<br/> `connTrackOutboundTcpAgeingTest`| Creates single ENI outbound configuration. Bidirectionally send TCP packets needed only for TCP session start. Wait default ageing time for session termination.<br/> Immediately after default ageing time sends TCP packet to verify session is terminated and packet dropped. |
73
+
| 6 | Verify TCP session started from the middle (no SYN packet). | - | - |
65
74
66
75
## Integration
67
76
68
-
| # | Test case | Test Class.Method
69
-
|--- | --- | ---
70
-
| 1 | Inbound and outbound configuration in parallel | -
71
-
| 2 | Routes update during active session | -
72
-
| 3 | ACL update during active session | -
73
-
| 4 | Configuration removal during active session (Route, VNET, ENI removal) | -
77
+
| # | Test case purpose | Test Class.Method| Test description |
Copy file name to clipboardExpand all lines: test/docs/testplans/overlay.md
+24-25Lines changed: 24 additions & 25 deletions
Display the source diff
Display the rich diff
Original file line number
Diff line number
Diff line change
@@ -24,23 +24,22 @@ Two test frameworks are suggested for automation:
24
24
# Requirements
25
25
26
26
### Scaling
27
-
| Item | Expected value
28
-
|---|---
29
-
| VNETs | 1024
30
-
| ENI per card | 64
31
-
| Routes per ENI | 100k
32
-
| NSGs per ENI | 6
33
-
| ACLs per ENI | 6x100K prefixes
34
-
| ACLs per ENI | 6x10K SRC/DST ports
35
-
| CA-PA Mappings | 10M
36
-
| Active Connections/ENI | 1M (Bidirectional)
27
+
| Item |Expected value|
28
+
|------------------------|:--------------------:|
29
+
| VNETs |1024|
30
+
| ENI per card | 64 |
31
+
| Routes per ENI |100k|
32
+
| NSGs per ENI | 5in + 5out |
33
+
| ACLs per ENI | 10x100K prefixes|
34
+
| ACLs per ENI | 10x10K SRC/DST ports|
35
+
| CA-PA Mappings per ENI | 160k |
36
+
| Active Connections/ENI |1M (Bidirectional)|
37
37
38
38
### Performance
39
-
| Item | Expected value
40
-
|---|---
41
-
| CPS per card | 5M
42
-
| Flows per ENI | 1M
43
-
| Flows per card | 16M per 200G (**64M**)
39
+
| Item | Expected value |
40
+
|----------------|:----------------------:|
41
+
| CPS per card | 4M+ |
42
+
| Flows per ENI | 1M |
44
43
45
44
### Other
46
45
@@ -52,21 +51,21 @@ More requirements may be found in [DASH SONiC HLD](https://github.com/Azure/DASH
52
51
53
52
1.[ENI config](./eni.md)<br>
54
53
Verifies base CRUD operations and scaling for Elastic Network Interface (ENI),
55
-
1.[Connection tracking](./conntrack.md)<br>
54
+
2.[Connection tracking](./conntrack.md)<br>
56
55
Verifies the connection tracking mechanism, ageing, scaling and performance.
57
-
1. ACL
58
-
1.[VNET-to-VNET](./vnet.md)<br>
56
+
3. ACL
57
+
4.[VNET-to-VNET](./vnet.md)<br>
59
58
Verifies VM to VM communication in VNET, using an Appliance for rules and routing offload.
60
-
1. VNET Peering<br>
59
+
5. VNET Peering<br>
61
60
Virtual network peering connects two virtual networks seamlessly. Once peered, for connectivity purposes, the virtual networks appear as one. For background information, see Virtual network peering.
62
-
1. High Availability (HA)<br>
61
+
6. High Availability (HA)<br>
63
62
Useful for failure and failover events.
64
63
flow efficiently replicates to secondary card; Active/Passive (depending upon ENI policy) or can even have Active/Active; OR provision the same ENI over multiple devices w/o multiple SDN appliances – Primaries for a certain set of VMS can be on both
65
-
1. Load Balancer<br>
64
+
7. Load Balancer<br>
66
65
The feature that switches traffic from using VIP-to-VIP connectivity (which involves transiting SLB MUXes), into using a direct path between VMs (direct PA to PA path).
67
-
1. Service Tunnel & Private Link<br>
66
+
8. Service Tunnel & Private Link<br>
68
67
Service Tunnel prevents Internet access to specific services. Access is permitted only from a specific virtual network (VNET). The Service Tunnel feature provides this capability by encoding certain id's via packet transformation. Private Link feature is an extension to the Service Tunnel feature and enables customers to access public facing shared services via their private IP addresses within their VNET.
0 commit comments