On 31 Oct 2024, at 17:42, Ilya Maximets wrote:
> On 10/31/24 12:46, Eelco Chaudron wrote: >> >> >> On 30 Oct 2024, at 14:50, Ilya Maximets wrote: >> >>> Expand the NxN test with the network connectivity check between all the >>> nodes. Unfortunately, we can't really run this test with Libreswan 4.x, >>> since, due to internal issues in these versions, we are getting into >>> states where everything is loaded and active, but no traffic can pass. >>> This is an internal issue in Libreswan that we can't workaround from >>> the outside. So, the fix is required in Libreswan itself. 4.5 and >>> earlier versions seem to not be affected by this problem, at least not >>> severely affected, but it's easier to just cut off all the 4.x versions >>> from the test. >>> >>> 3.32 version from Ubuntu 22.04 and Libreswna 5.1 work just fine with >>> this test. >>> >>> Test is relatively long, but it is very valuable, IMO. Besides >>> stressing ovs-monitor-ipsec with various failure and asynchronous >>> connection establishment conditions, which are important for OVS, it >>> also was used to reproduce and fix several bugs in Libreswan 4.x. >>> Unfortunately, not all the issues are understood and fixed yet. >> >> I do not like the fact that now the inclusion or not for the traffic test >> is not visible. I rather split up the test and get a “skipped” indication >> for the traffic part. >> >> WDYT? > > Yeah, I'm not a big fan of this either. We have a few options: > > 1. Copy the test and only test the configuration in one and > ping in the other. > > 2. Put the test into a macro and call it twice with and without > ping, so the one with ping can be skipped. > > 3. Add SKIP_IF() check in the middle of the test. > > The first option will cause some code duplication, which doesn't > sound great. The second one is OK, but it will obscure line numbers > when something inside the macro fails, which is not very friendly > while debugging the test. > > The third option will solve the code duplication and we'll also > not run the configuration check twice saving the time. We will > still run the configuration part with Libreswan 4, even if the > test will be skipped afterwards, so the test will fail if the > configuration fails. This is not very straightforward, but at > least the test will actually run on all systems and it will be > clear that it wasn't run in full on systems with libreswan 4, > so there will be no ambiguity. > > WDYT? Option 3 appears to be the most suitable choice for me. > Best regards, Ilya Maximets. _______________________________________________ dev mailing list [email protected] https://mail.openvswitch.org/mailman/listinfo/ovs-dev
