search

sonic-net / sonic-mgmt

Configuration management examples for SONiC
Other
200 stars 732 forks source link

[nat/test_dynamic_nat.py] - Test Cases FAILED due to Unexpected iptables output for NAT table #10073

Open mithun2498 opened 1 year ago

mithun2498 commented 1 year ago

The test cases in test_dynamic_nat.py is failing due to "Unexpected iptables output for NAT table".

Steps to reproduce the issue:

  1. Deploy T0 topology in a physical testbed using VSONIC.
  2. Execute Dynamic NAT test case.

Describe the results you received: Few test cases failed due to Unexpected iptables output for NAT table.

Describe the results you expected: Expecting the test case to pass.

Test Result @pytest.mark.nat_dynamic def test_nat_dynamic_modify_bindings(self, ptfhost, tbinfo, duthost, ptfadapter, setup_test_env, protocol_type):

    interface_type, setup_info = setup_test_env
    setup_data = copy.deepcopy(setup_info)
    nat_type = 'dynamic'
    direction = 'host-tor'
    network_data = get_network_data(ptfadapter, setup_info, direction, interface_type, nat_type='dynamic')
    src_port, dst_port = get_l4_default_ports(protocol_type)

    # Configure default rules for Dynamic NAT
    configure_dynamic_nat_rule(duthost, ptfadapter, ptfhost, setup_data, interface_type,
                               protocol_type, default=True, handshake=True)

    # Check iptables
    portrange = "{}-{}".format(POOL_RANGE_START_PORT, POOL_RANGE_END_PORT)
    acl_subnet = setup_data[interface_type]["acl_subnet"]
    public_ip = setup_data[interface_type]["public_ip"]
    iptables_output = dut_nat_iptables_status(duthost)
    iptables_rules = {"prerouting": ['DNAT all -- 0.0.0.0/0 0.0.0.0/0 to:1.1.1.1'],
                      "postrouting": [
                          "SNAT tcp -- {} 0.0.0.0/0 mark match 0x2 to:{}:{}".format(acl_subnet, public_ip,
                                                                                    portrange),
                          "SNAT udp -- {} 0.0.0.0/0 mark match 0x2 to:{}:{}".format(acl_subnet, public_ip,
                                                                                    portrange),
                          "SNAT icmp -- {} 0.0.0.0/0 mark match 0x2 to:{}:{}".format(acl_subnet, public_ip,
                                                                                     portrange)]
                      }
    pytest_assert(iptables_rules == iptables_output,
                  "Unexpected iptables output for nat table. \n Got:\n{}\n Expected:\n{}"
                .format(iptables_output, iptables_rules))

E Failed: Unexpected iptables output for nat table.

test_dynamic_nat1_t0.txt

yxieca commented 1 year ago 
                .format(iptables_output, iptables_rules))

E Failed: Unexpected iptables output for nat table. E Got: E {'prerouting': [u'DNAT all -- 0.0.0.0/0 0.0.0.0/0 to:1.1.1.1', u'DNAT all -- 0.0.0.0/0 0.0.0.0/0 to:1.1.1.1', u'DNAT all -- 0.0.0.0/0 0.0.0.0/0 to:1.1.1.1'], 'postrouting': []} E Expected: E {'prerouting': ['DNAT all -- 0.0.0.0/0 0.0.0.0/0 to:1.1.1.1'], 'postrouting': []}

acl_subnet = '192.168.0.0/24' direction = 'host-tor' dst_port = 3700 duthost = inner_interface = 'Ethernet24' interface_type = 'loopback' iptables_output = {'postrouting': [], 'prerouting': ['DNAT all -- 0.0.0.0/0 0.0.0.0/0 to:1.1.1.1', 'DNAT all -- 0.0.0.0/0 0.0.0.0/0 to:1.1.1.1', 'DNAT all -- 0.0.0.0/0 0.0.0.0/0 to:1.1.1.1']} iptables_rules = {'postrouting': [], 'prerouting': ['DNAT all -- 0.0.0.0/0 0.0.0.0/0 to:1.1.1.1']}

yxieca commented 1 year ago

Seems that there are some duplicate entries in iptables_output? @mithun2498 are you able to debug further and see where the duplicate entries coming from? Is it an image issue or test issue?