On 29 Mar 2023, at 13:42, Chris Mi wrote: > Add three sFlow offload test cases: > > 3: offloads - sflow with sampling=1 - offloads enabled ok > 4: offloads - sflow with sampling=2 - offloads enabled ok > 5: offloads - ping over vxlan tunnel with sflow - offloads enabled ok
See some comments inline. This concluded the v26 review... //Eelco > Signed-off-by: Chris Mi <c...@nvidia.com> > Reviewed-by: Roi Dayan <r...@nvidia.com> > Acked-by: Eelco Chaudron <echau...@redhat.com> > --- > tests/system-offloads-traffic.at | 125 +++++++++++++++++++++++++++++++ > 1 file changed, 125 insertions(+) > > diff --git a/tests/system-offloads-traffic.at > b/tests/system-offloads-traffic.at > index eb331d6ce..3a596eb19 100644 > --- a/tests/system-offloads-traffic.at > +++ b/tests/system-offloads-traffic.at > @@ -93,6 +93,131 @@ AT_CHECK([ovs-appctl upcall/show | grep -E "offloaded > flows : [[1-9]]"], [0], [i > OVS_TRAFFIC_VSWITCHD_STOP > AT_CLEANUP > > +AT_SETUP([offloads - sflow with sampling=1 - offloads enabled]) > +OVS_TRAFFIC_VSWITCHD_START([], [], [-- set Open_vSwitch . > other_config:hw-offload=true]) > + > +on_exit 'kill `cat test-sflow.pid`' > +AT_CHECK([ovstest test-sflow --log-file --detach --no-chdir --pidfile > 0:127.0.0.1 > sflow.log], [0], [], [ignore]) > +AT_CAPTURE_FILE([sflow.log]) > +PARSE_LISTENING_PORT([test-sflow.log], [SFLOW_PORT]) > + > +AT_CHECK([ovs-ofctl add-flow br0 "actions=normal"]) > + > +ADD_NAMESPACES(at_ns0, at_ns1) > +ADD_VETH(p0, at_ns0, br0, "10.1.1.1/24") > +ADD_VETH(p1, at_ns1, br0, "10.1.1.2/24") > + > +AT_CHECK([ovs-vsctl -- --id=@sflow create sflow agent=lo > target=\"127.0.0.1:$SFLOW_PORT\" header=128 sampling=1 polling=100 -- set > bridge br0 sflow=@sflow], [0], [ignore]) > +NS_CHECK_EXEC([at_ns0], [ping -q -c 1000 -i 0.01 -w 12 10.1.1.2 | > FORMAT_PING], [0], [dnl > +1000 packets transmitted, 1000 received, 0% packet loss, time 0ms > +]) > + > +P1_IFINDEX=$(cat /sys/class/net/ovs-p1/ifindex) > +m4_define([DUMP_SFLOW], [sed -e > "s/used:[[0-9]].[[0-9]]*s/used:0.001s/;s/eth(src=[[a-z0-9:]]*,dst=[[a-z0-9:]]*)/eth(macs)/;s/pid=[[0-9]]*/pid=1/;s/output=$P1_IFINDEX/output=1/"]) > +AT_CHECK([ovs-appctl dpctl/dump-flows type=tc,offloaded | grep "in_port(2)" > | grep "eth_type(0x0800)" | grep "actions:userspace" | grep "sFlow" | > DUMP_SFLOW], [0], [dnl > +recirc_id(0),in_port(2),eth(macs),eth_type(0x0800),ipv4(frag=no), > packets:999, bytes:83916, used:0.001s, > actions:userspace(pid=1,sFlow(vid=0,pcp=0,output=1),actions),3 > +]) > + > +P0_IFINDEX=$(cat /sys/class/net/ovs-p0/ifindex) > +m4_define([DUMP_SFLOW], [sed -e > "s/used:[[0-9]].[[0-9]]*s/used:0.001s/;s/eth(src=[[a-z0-9:]]*,dst=[[a-z0-9:]]*)/eth(macs)/;s/pid=[[0-9]]*/pid=1/;s/output=$P0_IFINDEX/output=1/"]) > +AT_CHECK([ovs-appctl dpctl/dump-flows type=tc,offloaded | grep "in_port(3)" > | grep "eth_type(0x0800)" | grep "actions:userspace" | grep "sFlow" | > DUMP_SFLOW], [0], [dnl > +recirc_id(0),in_port(3),eth(macs),eth_type(0x0800),ipv4(frag=no), > packets:999, bytes:83916, used:0.001s, > actions:userspace(pid=1,sFlow(vid=0,pcp=0,output=1),actions),2 > +]) > + > +OVS_TRAFFIC_VSWITCHD_STOP > +OVS_APP_EXIT_AND_WAIT([test-sflow]) There is no check to verify the content of the sflow log? > +AT_CLEANUP > + > +AT_SETUP([offloads - sflow with sampling=2 - offloads enabled]) > +OVS_TRAFFIC_VSWITCHD_START([], [], [-- set Open_vSwitch . > other_config:hw-offload=true]) > + > +on_exit 'kill `cat test-sflow.pid`' > +AT_CHECK([ovstest test-sflow --log-file --detach --no-chdir --pidfile > 0:127.0.0.1 > sflow.log], [0], [], [ignore]) > +AT_CAPTURE_FILE([sflow.log]) > +PARSE_LISTENING_PORT([test-sflow.log], [SFLOW_PORT]) > + > +AT_CHECK([ovs-ofctl add-flow br0 "actions=normal"]) > + > +ADD_NAMESPACES(at_ns0, at_ns1) > +ADD_VETH(p0, at_ns0, br0, "10.1.1.1/24") > +ADD_VETH(p1, at_ns1, br0, "10.1.1.2/24") > +AT_CHECK([ovs-appctl dpctl/dump-flows], [0], [ignore]) Guess this dump can be removed? > + > +AT_CHECK([ovs-vsctl -- --id=@sflow create sflow agent=lo > target=\"127.0.0.1:$SFLOW_PORT\" header=128 sampling=2 polling=100 -- set > bridge br0 sflow=@sflow], [0], [ignore]) > +NS_CHECK_EXEC([at_ns0], [ping -q -c 1000 -i 0.01 -w 12 10.1.1.2 | > FORMAT_PING], [0], [dnl > +1000 packets transmitted, 1000 received, 0% packet loss, time 0ms > +]) > + > +P1_IFINDEX=$(cat /sys/class/net/ovs-p1/ifindex) > +m4_define([DUMP_SFLOW], [sed -e > "s/used:[[0-9]].[[0-9]]*s/used:0.001s/;s/eth(src=[[a-z0-9:]]*,dst=[[a-z0-9:]]*)/eth(macs)/;s/pid=[[0-9]]*/pid=1/;s/output=$P1_IFINDEX/output=1/"]) > +AT_CHECK([ovs-appctl dpctl/dump-flows type=tc,offloaded | grep "in_port(2)" > | grep "eth_type(0x0800)" | grep "actions:sample" | grep "sFlow" | > DUMP_SFLOW], [0], [dnl > +recirc_id(0),in_port(2),eth(macs),eth_type(0x0800),ipv4(frag=no), > packets:999, bytes:83916, used:0.001s, > actions:sample(sample=50.0%,actions(userspace(pid=1,sFlow(vid=0,pcp=0,output=1),actions))),3 > +]) > + > +P0_IFINDEX=$(cat /sys/class/net/ovs-p0/ifindex) > +m4_define([DUMP_SFLOW], [sed -e > "s/used:[[0-9]].[[0-9]]*s/used:0.001s/;s/eth(src=[[a-z0-9:]]*,dst=[[a-z0-9:]]*)/eth(macs)/;s/pid=[[0-9]]*/pid=1/;s/output=$P0_IFINDEX/output=1/"]) > +AT_CHECK([ovs-appctl dpctl/dump-flows type=tc,offloaded | grep "in_port(3)" > | grep "eth_type(0x0800)" | grep "actions:sample" | grep "sFlow" | > DUMP_SFLOW], [0], [dnl > +recirc_id(0),in_port(3),eth(macs),eth_type(0x0800),ipv4(frag=no), > packets:999, bytes:83916, used:0.001s, > actions:sample(sample=50.0%,actions(userspace(pid=1,sFlow(vid=0,pcp=0,output=1),actions))),2 > +]) > + > +OVS_TRAFFIC_VSWITCHD_STOP > +OVS_APP_EXIT_AND_WAIT([test-sflow]) > +count=`cat sflow.log | wc -l` > +AT_CHECK([[[[ $count -le 1100 && $count -ge 900 ]]]]) > +AT_CLEANUP > + > +AT_SETUP([offloads - ping over vxlan tunnel with sflow - offloads enabled]) > +OVS_CHECK_TUNNEL_TSO() > +OVS_CHECK_VXLAN() > + > +OVS_TRAFFIC_VSWITCHD_START([], [], [-- set Open_vSwitch . > other_config:hw-offload=true]) > +ADD_BR([br-underlay]) > + > +AT_CHECK([ovs-ofctl add-flow br0 "actions=normal"]) > +AT_CHECK([ovs-ofctl add-flow br-underlay "actions=normal"]) > + > +ADD_NAMESPACES(at_ns0) > + > +dnl Set up underlay link from host into the namespace using veth pair. > +ADD_VETH(p0, at_ns0, br-underlay, "172.31.1.1/24") > +AT_CHECK([ip addr add dev br-underlay "172.31.1.100/24"]) > +AT_CHECK([ip link set dev br-underlay up]) > + > +dnl Set up tunnel endpoints on OVS outside the namespace and with a native > +dnl linux device inside the namespace. > +ADD_OVS_TUNNEL([vxlan], [br0], [at_vxlan0], [172.31.1.1], [10.1.1.100/24]) > +ADD_NATIVE_TUNNEL([vxlan], [at_vxlan1], [at_ns0], [172.31.1.100], > [10.1.1.1/24], > + [id 0 dstport 4789]) > + > +on_exit 'kill `cat test-sflow.pid`' > +AT_CHECK([ovstest test-sflow --log-file --detach --no-chdir --pidfile > 0:127.0.0.1 > sflow.log], [0], [], [ignore]) > +AT_CAPTURE_FILE([sflow.log]) > +PARSE_LISTENING_PORT([test-sflow.log], [SFLOW_PORT]) > +AT_CHECK([ovs-vsctl -- --id=@sflow create sflow agent=lo > target=\"127.0.0.1:$SFLOW_PORT\" header=128 sampling=1 polling=100 -- set > bridge br0 sflow=@sflow], [0], [ignore]) > + > +dnl First, check the underlay > +NS_CHECK_EXEC([at_ns0], [ping -q -c 3 -i 0.3 -w 2 172.31.1.100 | > FORMAT_PING], [0], [dnl > +3 packets transmitted, 3 received, 0% packet loss, time 0ms > +]) > + > +dnl Okay, now check the overlay with different packet sizes Guess this comment needs an update. > +NS_CHECK_EXEC([at_ns0], [ping -q -c 1000 -i 0.01 10.1.1.100 | FORMAT_PING], > [0], [dnl > +1000 packets transmitted, 1000 received, 0% packet loss, time 0ms > +]) > + Can we also add dpctl/dumpflows checking here (3x), as the tunnels stuff is complex? recirc_id(0),in_port(1),eth(src=06:9c:de:63:c9:40,dst=01:00:5e:00:00:fb),eth_type(0x0800),ipv4(tos=0/0x3,frag=no), packets:13, bytes:1883, used:5.700s, actions:userspace(pid=4294967295,sFlow(vid=0,pcp=0,output=20360),actions),set(tunnel(dst=172.31.1.1,ttl=64,tp_dst=4789,flags(0))),4 recirc_id(0),in_port(1),eth(src=06:9c:de:63:c9:40,dst=1e:51:4f:cd:c3:0e),eth_type(0x0800),ipv4(tos=0/0x3,frag=no), packets:999, bytes:97902, used:0.010s, actions:userspace(pid=4294967295,sFlow(vid=0,pcp=0,output=20360),actions),set(tunnel(dst=172.31.1.1,ttl=64,tp_dst=4789,flags(0))),4 recirc_id(0),tunnel(tun_id=0x0,src=172.31.1.1,dst=172.31.1.100,tp_dst=4789,flags(+key)),in_port(4),eth(src=1e:51:4f:cd:c3:0e,dst=06:9c:de:63:c9:40),eth_type(0x0800),ipv4(frag=no), packets:999, bytes:83916, used:0.010s, actions:userspace(pid=4294967295,sFlow(vid=0,pcp=0,output=20356),actions),1 I did notice a little difference between TC and Kernel, below is the kernel and it has flags as (df) where tc does not have this. Is this a bug in tc? recirc_id(0),in_port(1),eth(src=52:3c:6f:15:be:40,dst=01:00:5e:00:00:fb),eth_type(0x0800),ipv4(tos=0/0x3,frag=no), packets:13, bytes:1883, used:5.324s, actions:userspace(pid=4294967295,sFlow(vid=0,pcp=0,output=20369),actions),set(tunnel(dst=172.31.1.1,ttl=64,tp_dst=4789,flags(df))),4 recirc_id(0),in_port(1),eth(src=52:3c:6f:15:be:40,dst=0a:54:8d:56:5f:e0),eth_type(0x0800),ipv4(tos=0/0x3,frag=no), packets:999, bytes:97902, used:0.017s, actions:userspace(pid=4294967295,sFlow(vid=0,pcp=0,output=20369),actions),set(tunnel(dst=172.31.1.1,ttl=64,tp_dst=4789,flags(df))),4 recirc_id(0),tunnel(tun_id=0x0,src=172.31.1.1,dst=172.31.1.100,flags(-df+csum+key)),in_port(4),eth(src=0a:54:8d:56:5f:e0,dst=52:3c:6f:15:be:40),eth_type(0x0800),ipv4(frag=no), packets:999, bytes:97902, used:0.017s, actions:userspace(pid=4294967295,sFlow(vid=0,pcp=0,output=20365),actions),1 > +dnl Vni is 0, test-sflow doesn't show it > +out_tunnel_hdr="tunnel4_out_protocol=17 tunnel4_out_src=0.0.0.0 > tunnel4_out_dst=172.31.1.1 tunnel4_out_src_port=0 tunnel4_out_dst_port=46354" > +out_count=`grep "$out_tunnel_hdr" sflow.log | wc -l` > +AT_CHECK([[[[ $out_count -ge 999 ]]]]) > + > +in_tunnel_hdr="tunnel4_in_protocol=17 tunnel4_in_src=172.31.1.1 > tunnel4_in_dst=172.31.1.100" > +in_count=`grep "$in_tunnel_hdr" sflow.log | wc -l` > +AT_CHECK([[[[ $in_count -ge 999 ]]]]) Note there seems to be a bug in tc, as it's missing the in ifindex. TC: HEADER dgramSeqNo=345 ds=127.0.0.1>2:1000 fsSeqNo=2025 tunnel4_out_length=0 tunnel4_out_protocol=17 \ tunnel4_out_src=0.0.0.0 tunnel4_out_dst=172.31.1.1 tunnel4_out_src_port=0 tunnel4_out_dst_port=46354 \ tunnel4_out_tcp_flags=0 tunnel4_out_tos=0 in_vlan=0 in_priority=0 out_vlan=0 out_priority=0 meanSkip=1 \ samplePool=2025 dropEvents=0 in_ifindex=0 in_format=0 out_ifindex=20351 out_format=0 hdr_prot=1 pkt_len=102... ^^^^^^^^^^^^ Kernel: HEADER dgramSeqNo=348 ds=127.0.0.1>2:1000 fsSeqNo=2027 tunnel4_out_length=0 tunnel4_out_protocol=17 \ tunnel4_out_src=0.0.0.0 tunnel4_out_dst=172.31.1.1 tunnel4_out_src_port=0 tunnel4_out_dst_port=46354 \ tunnel4_out_tcp_flags=0 tunnel4_out_tos=0 in_vlan=0 in_priority=0 out_vlan=0 out_priority=0 meanSkip=1 \ samplePool=2027 dropEvents=0 in_ifindex=20365 in_format=0 out_ifindex=20369 out_format=0 hdr_prot=1 pkt_len=102... ^^^^^^^^^^^^^^^^ Guess this needs to be fixed, and we should also add a check to make sure no in_ifindex=0 or out_ifindex=0 exists. > + > +OVS_TRAFFIC_VSWITCHD_STOP > +OVS_APP_EXIT_AND_WAIT([test-sflow]) > +AT_CLEANUP > + > AT_SETUP([offloads - set ingress_policing_rate and ingress_policing_burst - > offloads disabled]) > AT_KEYWORDS([ingress_policing]) > AT_SKIP_IF([test $HAVE_TC = "no"]) > -- > 2.26.3 _______________________________________________ dev mailing list d...@openvswitch.org https://mail.openvswitch.org/mailman/listinfo/ovs-dev