Adding PF-1.26: Double GUEv1 Decapsulation for Overlay Probing

[ASHNA-AGGARWAL-KEYSIGHT]

Readme Location: https://github.com/openconfig/featureprofiles/blob/main/feature/policy_forwarding/otg_tests/double_gue_decap/README.md

Raised an issue for the test failing: https://partnerissuetracker.corp.google.com/issues/510599726

[gemini-code-assist]

Summary of Changes

Hello, I'm Gemini Code Assist¹! I'm currently reviewing this pull request and will post my feedback shortly. In the meantime, here's a summary to help you and other reviewers quickly get up to speed!

This pull request introduces a new test suite designed to verify Double GUEv1 Decapsulation, a key requirement for overlay probing. The changes include updates to configuration plugins and flow helper utilities to support the necessary packet encapsulation and device-specific CLI configurations, ensuring robust testing across the defined network topology.

Highlights

• New Test Suite: Added a comprehensive test suite for Double GUEv1 Decapsulation (PF-1.26) to validate overlay probing functionality.
• Configuration Updates: Refactored Arista CLI configuration logic for GUE decapsulation to improve flexibility and device compatibility.
• Utility Enhancements: Updated OTG flow helpers to support custom UDP checksum configuration, enabling more precise packet testing.
• Metadata Updates: Included platform-specific exceptions for Arista devices in the test metadata to handle known environment deviations.

Using Gemini Code Assist

The full guide for Gemini Code Assist can be found on our documentation page, here are some quick tips.

Invoking Gemini

You can request assistance from Gemini at any point by creating a comment using either /gemini <command> or @gemini-code-assist <command>. Below is a summary of the supported commands on the current page.

Feature	Command	Description
Code Review	/gemini review	Performs a code review for the current pull request in its current state.
Pull Request Summary	/gemini summary	Provides a summary of the current pull request in its current state.
Comment	@gemini-code-assist	Responds in comments when explicitly tagged, both in pull request comments and review comments.
Help	/gemini help	Displays a list of available commands.

Customization

To customize the Gemini Code Assist for GitHub experience, repository maintainers can create a configuration file and/or provide a custom code review style guide (such as PEP-8 for Python) by creating and adding files to a .gemini/ folder in the base of the repository. Detailed instructions can be found here.

Limitations & Feedback

Gemini Code Assist may make mistakes. Please leave feedback on any instances where its feedback is incorrect or counterproductive. You can react with 👍 and 👎 on @gemini-code-assist comments. If you're interested in giving your feedback about your experience with Gemini Code Assist for GitHub and other Google products, sign up here.

Footnotes

1. Review the Privacy Notices, Generative AI Prohibited Use Policy, Terms of Service, and learn how to configure Gemini Code Assist in GitHub here. Gemini can make mistakes, so double check it and use code with caution. ↩

[OpenConfigBot]

Pull Request Functional Test Report for #5472 / 5666acb

Virtual Devices

Device	Test	Test Documentation	Job	Raw Log
Arista cEOS		PF-1.26: Double GUEv1 Decapsulation for Overlay Probing
Cisco 8000E		PF-1.26: Double GUEv1 Decapsulation for Overlay Probing
Cisco XRd		PF-1.26: Double GUEv1 Decapsulation for Overlay Probing
Juniper ncPTX		PF-1.26: Double GUEv1 Decapsulation for Overlay Probing
Nokia SR Linux		PF-1.26: Double GUEv1 Decapsulation for Overlay Probing
Openconfig Lemming		PF-1.26: Double GUEv1 Decapsulation for Overlay Probing

Hardware Devices

Device	Test	Test Documentation	Raw Log
Arista 7808		PF-1.26: Double GUEv1 Decapsulation for Overlay Probing
Cisco 8808		PF-1.26: Double GUEv1 Decapsulation for Overlay Probing
Juniper PTX10008		PF-1.26: Double GUEv1 Decapsulation for Overlay Probing
Nokia 7250 IXR-10e		PF-1.26: Double GUEv1 Decapsulation for Overlay Probing

Help

[gemini-code-assist]

Code Review

This pull request introduces a new test suite for double GUE decapsulation, updates the Arista policy forwarding configuration plugin to support optional interface IDs, and extends OTG flow helpers with custom UDP checksum capabilities. The code review identified several critical issues, including incorrect logic for verifying expected traffic loss in negative test cases, a destination IP mismatch in IPv6 validation, and a protocol inconsistency in IPv4 packet validation. Additionally, feedback was provided to optimize gNMI transactions through better batching, correct a typo in static route error messages, and address the use of identical source and destination IP addresses in test constants.

[gemini-code-assist]

The logic for handling expected traffic loss in negative test cases is incorrect. If trafficloss is true and loss is detected (causing ValidateLossOnFlows to return an error), the test still calls t.Errorf, which will cause it to fail. Conversely, if no loss is detected when it was expected, the test currently passes. The logic should be updated to correctly handle both cases. Additionally, as a helper function that reports test errors, it should call t.Helper().

func verifyTrafficFlow(t *testing.T, ate *ondatra.ATEDevice, flowName string, trafficloss bool) {
	t.Helper()
	flowValidation.Flow.Name = flowName
	err := flowValidation.ValidateLossOnFlows(t, ate)
	if trafficloss {
		if err == nil {
			t.Errorf("Expected traffic loss on flow %q, but none was detected", flowName)
		} else {
			t.Logf("Traffic loss seen as expected: %v", err)
		}
		return
	}
	if err != nil {
		t.Errorf("Validation on flow %q failed: %v", flowName, err)
	}
}

References

1. Helper functions that report test errors should call t.Helper() as the first statement to ensure error logs point to the caller's location.

[gemini-code-assist]

The DstIP validation for the IPv6 inner payload is checking against the source host address (srcHostv6) instead of the destination host address (dstHostv6). This will cause the packet validation to fail.

Suggested change

	DstIP: srcHostv6,
	DstIP: dstHostv6,

[gemini-code-assist]

srcHostv4 and dstHostv4 are defined with the same IP address. This is likely a mistake, as it prevents testing traffic between different hosts and differs from the pattern used for IPv6 addresses where source and destination are distinct.

[gemini-code-assist]

Typo in the error message; it should refer to IPv6 static route configuration.

Suggested change

	t.Fatalf("Failed to configure IPv4 static route: %v", err)
	t.Fatalf("Failed to configure IPv6 static route: %v", err)

References

1. In tests, t.Fatalf is preferred over t.Errorf when a failure makes subsequent test steps meaningless, as this fails fast and reduces overall test execution time.

[gemini-code-assist]

The gnmi.SetBatch and b.Set(t, dut) calls are inside the loop. It is more efficient to create the batch outside the loop, add all configurations, and then call Set once to minimize gNMI transactions.

[gemini-code-assist]

The validation expects Protocol: 17 (UDP), but the innerParams for the flow (lines 367-369) only define an IPv4 header without a UDP layer. If double decapsulation is successful, the received packet should be the inner-most IPv4 packet. Please verify if the inner packet is intended to be UDP or if the validation protocol is incorrect.