fix for 498147479 PF-1.4 ip_guev1_static_decap_subnet_range

[mihaitomaro]

fix for 498147479 (Arista Failing FNT: feature/policy_forwarding/decapsulation/otg_tests/ip_guev1_static_decap_subnet_range)
PF-1.4
https://github.com/open-traffic-generator/featureprofiles/blob/fix498147479/feature/policy_forwarding/decapsulation/otg_tests/ip_guev1_static_decap_subnet_range/README.md

[gemini-code-assist]

Summary of Changes

Hello, I'm Gemini Code Assist¹! I'm currently reviewing this pull request and will post my feedback shortly. In the meantime, here's a summary to help you and other reviewers quickly get up to speed!

This pull request addresses a test failure in the GUE decapsulation suite by introducing logic to distinguish between expected decapsulation and pass-through behavior. It enhances the test coverage for PF-1.4 scenarios by adding a dedicated verification helper for pass-through packets and correcting an issue in how DSCP values were parsed during packet inspection.

Highlights

• Conditional Traffic Validation: Updated gueDecapInnerIpv4Traffic and gueDecapInnerIpv6Traffic to conditionally verify either decapsulated inner packets or pass-through outer packets based on the verifyCounters flag.
• New Verification Helper: Added verifyPassThroughGuePacket to validate that GUE packets are passed through unmodified when decapsulation is not expected.
• DSCP Calculation Fix: Corrected the DSCP value extraction in verifyCaptureDscpTtlValue by removing the bit shift, ensuring accurate matching against expected values.

Using Gemini Code Assist

The full guide for Gemini Code Assist can be found on our documentation page, here are some quick tips.

Invoking Gemini

You can request assistance from Gemini at any point by creating a comment using either /gemini <command> or @gemini-code-assist <command>. Below is a summary of the supported commands on the current page.

Feature	Command	Description
Code Review	/gemini review	Performs a code review for the current pull request in its current state.
Pull Request Summary	/gemini summary	Provides a summary of the current pull request in its current state.
Comment	@gemini-code-assist	Responds in comments when explicitly tagged, both in pull request comments and review comments.
Help	/gemini help	Displays a list of available commands.

Customization

To customize the Gemini Code Assist for GitHub experience, repository maintainers can create a configuration file and/or provide a custom code review style guide (such as PEP-8 for Python) by creating and adding files to a .gemini/ folder in the base of the repository. Detailed instructions can be found here.

Limitations & Feedback

Gemini Code Assist may make mistakes. Please leave feedback on any instances where its feedback is incorrect or counterproductive. You can react with 👍 and 👎 on @gemini-code-assist comments. If you're interested in giving your feedback about your experience with Gemini Code Assist for GitHub and other Google products, sign up here.

Footnotes

1. Review the Privacy Notices, Generative AI Prohibited Use Policy, Terms of Service, and learn how to configure Gemini Code Assist in GitHub here. Gemini can make mistakes, so double check it and use code with caution. ↩

[OpenConfigBot]

Pull Request Functional Test Report for #5437 / 85e7527

Virtual Devices

Device	Test	Test Documentation	Job	Raw Log
Arista cEOS		PF-1.4: GUEv1 Decapsulation rule using destination-address-prefix-set and TTL and DSCP behavior test
Cisco 8000E		PF-1.4: GUEv1 Decapsulation rule using destination-address-prefix-set and TTL and DSCP behavior test
Cisco XRd		PF-1.4: GUEv1 Decapsulation rule using destination-address-prefix-set and TTL and DSCP behavior test
Juniper ncPTX		PF-1.4: GUEv1 Decapsulation rule using destination-address-prefix-set and TTL and DSCP behavior test
Nokia SR Linux		PF-1.4: GUEv1 Decapsulation rule using destination-address-prefix-set and TTL and DSCP behavior test
Openconfig Lemming		PF-1.4: GUEv1 Decapsulation rule using destination-address-prefix-set and TTL and DSCP behavior test

Hardware Devices

Device	Test	Test Documentation	Raw Log
Arista 7808		PF-1.4: GUEv1 Decapsulation rule using destination-address-prefix-set and TTL and DSCP behavior test
Cisco 8808		PF-1.4: GUEv1 Decapsulation rule using destination-address-prefix-set and TTL and DSCP behavior test
Juniper PTX10008		PF-1.4: GUEv1 Decapsulation rule using destination-address-prefix-set and TTL and DSCP behavior test
Nokia 7250 IXR-10e		PF-1.4: GUEv1 Decapsulation rule using destination-address-prefix-set and TTL and DSCP behavior test

Help

[gemini-code-assist]

Code Review

This pull request introduces GUE pass-through verification logic to the OTG tests, allowing the test suite to validate that outer packets remain unmodified (except for TTL decrement) when decapsulation is not performed. The review feedback identifies a regression in IPv6 DSCP verification where a necessary bit shift was removed, and suggests refactoring the new verification helper to include UDP port validation and improved parsing efficiency by moving IP parsing outside the packet loop.

[gemini-code-assist]

Pass the expected UDP port to verifyPassThroughGuePacket to ensure more robust verification of the GUE packet. This aligns with the practice of using parameterized functions to improve code maintainability and reuse.

Suggested change

	verifyPassThroughGuePacket(t, ate, "port2")
	verifyPassThroughGuePacket(t, ate, "port2", ateUdpPort)

References

1. Refactor functions to use parameterized versions to reduce code duplication.

[gemini-code-assist]

Pass the expected UDP port to verifyPassThroughGuePacket to ensure more robust verification of the GUE packet. This aligns with the practice of using parameterized functions to improve code maintainability and reuse.

Suggested change

	verifyPassThroughGuePacket(t, ate, "port2")
	verifyPassThroughGuePacket(t, ate, "port2", ateUdpPort)

References

1. Refactor functions to use parameterized versions to reduce code duplication.

[gemini-code-assist]

The removal of the bit shift (>> 2) for the IPv6 Traffic Class creates an inconsistency with the IPv4 verification logic (line 615) and deviates from the standard definition of DSCP (the 6 most significant bits). This change likely masks an issue in configureIPv6Traffic (line 593) where the raw Traffic Class byte is set instead of the DSCP value. It is recommended to update configureIPv6Traffic to use the DSCP setter (e.g., .Dscp().Phb().SetValue(innerDscpValue)) and revert this change to maintain consistent and correct DSCP verification.

[gemini-code-assist]

Refactor verifyPassThroughGuePacket to include UDP port verification and improve efficiency by parsing the IP address outside the loop. Using parameters for values like the expected port improves the function's maintainability.

func verifyPassThroughGuePacket(t *testing.T, ate *ondatra.ATEDevice, port string, expectedPort int) {
	pcapfilename := processCapture(t, ate, port)
	handle, err := pcap.OpenOffline(pcapfilename)
	if err != nil {
		t.Fatal(err)
	}
	defer handle.Close()
	packetSource := gopacket.NewPacketSource(handle, handle.LinkType())
	srcIP := net.ParseIP(atePort1.IPv6)
	for packet := range packetSource.Packets() {
		if ip6Layer := packet.Layer(layers.LayerTypeIPv6); ip6Layer != nil {
			ip6, _ := ip6Layer.(*layers.IPv6)
			if ip6.SrcIP.Equal(srcIP) {
				if udpLayer := packet.Layer(layers.LayerTypeUDP); udpLayer != nil {
					udp, _ := udpLayer.(*layers.UDP)
					if int(udp.DstPort) == expectedPort {
						expectedTTL := uint8(outerTTL - 1)
						if ip6.HopLimit == expectedTTL {
							t.Logf("PASS: GUE pass-through packet verified: outer src=%s, port=%d, TTL=%d (decremented by 1)", atePort1.IPv6, expectedPort, ip6.HopLimit)
							return
						}
						t.Fatalf("ERROR: Outer TTL mismatch in pass-through. Expected: %d, Got: %d", expectedTTL, ip6.HopLimit)
					}
				}
			}
		}
	}
	t.Fatalf("ERROR: Could not find GUE pass-through packet with outer src IP (%s) and UDP port (%d) in capture", atePort1.IPv6, expectedPort)
}

References

1. Refactor functions to use parameterized versions to reduce code duplication.