OSM_E2E CI test:

*.tar

*.tar.gz

local_results/

gnmic_lab/results/

# OSM End-to-End gNMI Lab

This folder contains an isolated Containerlab scenario and direct `gnmic`

helpers to validate cEOS OpenConfig behavior without involving TeraFlowSDN.

The objective is to determine which OpenConfig payloads correctly configure:

- untagged routed access ports

- tagged routed access ports

- inter-router L3 links

and to inspect the resulting EOS CLI configuration.

The current verified findings are tracked in [REPORT.md](./REPORT.md).

Typical workflow:

```bash

cd ~/tfs-ctrl

src/tests/osm_end2end/gnmic_lab/run-lab.sh deploy

src/tests/osm_end2end/gnmic_lab/run-lab.sh baseline

src/tests/osm_end2end/gnmic_lab/run-lab.sh experiment-tagged-subif125

src/tests/osm_end2end/gnmic_lab/run-lab.sh destroy

```

Results are written under `src/tests/osm_end2end/gnmic_lab/results/`.

Useful experiment actions:

- `experiment-untagged`

- `experiment-tagged-subif125`

- `experiment-tagged-subif0-and-125`

- `experiment-tagged-subif0-then-125`

- `experiment-tagged-subif0-vlan125`

- `experiment-tagged-cli-baseline-and-capture`

- `experiment-tagged-replace-inferred`

# gNMI Lab Report

This file tracks direct `gnmic` experiments against the isolated

`osm_end2end_gnmic` Containerlab scenario.

## Verified

- Untagged routed access works with parent interface type

  `iana-if-type:ethernetCsmacd` and IPv4 configured on `subinterface[0]`.

  Resulting EOS CLI on `Ethernet10` is:

  - `no switchport`

  - `ip address 172.16.x.1/24`

- Tagged access with parent interface type `iana-if-type:ethernetCsmacd` and

  IPv4 plus VLAN 125 configured on `subinterface[125]` is accepted by cEOS,

  but does not by itself turn the parent into `no switchport`.

  Resulting EOS CLI on `Ethernet11` is:

  - parent `Ethernet11` remains empty

  - child `Ethernet11.125` is created with `encapsulation dot1q vlan 125`

    and the correct IP address

  Functional result:

  - `dc3_tagged -> 172.17.1.1` fails with `Destination Host Unreachable`

  - the failure is at the first hop, before routed transit matters

- Tagged access with VLAN 125 configured on `subinterface[0]` is rejected by

  cEOS as invalid.

- When the parent `Ethernet11` is manually switched to routed mode with CLI

  `no switchport`, the exact same tagged `subinterface[125]` setup works.

  Functional result after also installing tagged transit routes on `r2`:

  - `dc3_tagged -> 172.17.1.1` succeeds

  - `dc3_tagged -> 172.17.3.10` succeeds end to end

- On a fresh lab, the tagged case also works end to end when `Ethernet11` is

  configured with a gNMI `REPLACE` of the full interface subtree containing:

  - parent `config.type = iana-if-type:ethernetCsmacd`

  - `subinterface[0]` with `ipv4.config.enabled = true`

  - `subinterface[125]` with VLAN 125 match and IPv4 address

  Functional result:

  - `dc3_tagged -> 172.17.1.1` succeeds

  - `dc3_tagged -> 172.17.3.10` succeeds end to end

- The working tagged state, read back over gNMI, looks like:

  - parent interface `config.type = iana-if-type:ethernetCsmacd`

  - `openconfig-if-ethernet:ethernet` subtree present on the parent

  - `subinterface[0]` present with IPv4 enabled

  - `subinterface[125]` present with VLAN 125 match and IPv4 address

## Current Conclusion

- The routed core and static routes are not the blocker for the tagged case.

- The tagged failure with the earlier direct gNMI tests is specifically that

  an `UPDATE` of only `subinterface[125]` does not cause cEOS to convert

  `Ethernet11` into a routed parent port.

- TFS should not try to model the parent as `l3ipvlan` on cEOS. The working

  parent type is still `iana-if-type:ethernetCsmacd`.

- A pure OpenConfig solution does exist in this lab:

  - gNMI `REPLACE` the full `Ethernet11` subtree

  - include both `subinterface[0]` and `subinterface[125]`

- The practical TFS implication is that the EOS tagged-access path likely needs

  interface-subtree replacement semantics, not just incremental updates of the

  VLAN subinterface.

## Pending

- Confirm whether `UPDATE` of the full subtree with both `subinterface[0]` and

  `subinterface[125]` can also work, or whether `REPLACE` is strictly required

  on cEOS.

- Translate the successful `REPLACE` behavior into the TFS `gnmi_openconfig`

  driver or YANG handler logic for tagged routed access interfaces.

# Copyright 2022-2025 ETSI SDG TeraFlowSDN (TFS) (https://tfs.etsi.org/)

#

# Licensed under the Apache License, Version 2.0 (the "License");

# you may not use this file except in compliance with the License.

# You may obtain a copy of the License at

#

#      http://www.apache.org/licenses/LICENSE-2.0

#

# Unless required by applicable law or agreed to in writing, software

# distributed under the License is distributed on an "AS IS" BASIS,

# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.

# See the License for the specific language governing permissions and

# limitations under the License.

name: osm_end2end_gnmic

mgmt:

  network: mgmt-net

  ipv4-subnet: 172.20.30.0/24

topology:

  kinds:

    arista_ceos:

      kind: arista_ceos

      image: ceos:4.32.2F

    linux:

      kind: linux

      image: ghcr.io/hellt/network-multitool:latest

  nodes:

    r1:

      kind: arista_ceos

      mgmt-ipv4: 172.20.30.101

      startup-config: ../clab/r1-startup.cfg

    r2:

      kind: arista_ceos

      mgmt-ipv4: 172.20.30.102

      startup-config: ../clab/r2-startup.cfg

    r3:

      kind: arista_ceos

      mgmt-ipv4: 172.20.30.103

      startup-config: ../clab/r3-startup.cfg

    dc1_untagged:

      kind: linux

      mgmt-ipv4: 172.20.30.201

      exec:

        - ip link set address 00:c1:ab:00:01:0a dev eth1

        - ip link set eth1 up

        - ip address add 172.16.1.10/24 dev eth1

        - ip route add 172.16.3.0/24 via 172.16.1.1

    dc2_untagged:

      kind: linux

      mgmt-ipv4: 172.20.30.202

      exec:

        - ip link set address 00:c1:ab:00:02:0a dev eth1

        - ip link set eth1 up

        - ip address add 172.16.3.10/24 dev eth1

        - ip route add 172.16.1.0/24 via 172.16.3.1

    dc3_tagged:

      kind: linux

      mgmt-ipv4: 172.20.30.203

      exec:

        - ip link set address 00:c1:ab:00:03:0a dev eth1

        - ip link set eth1 up

        - ip link add link eth1 name eth1.125 type vlan id 125

        - ip address add 172.17.1.10/24 dev eth1.125

        - ip link set eth1.125 up

        - ip route add 172.17.3.0/24 via 172.17.1.1

    dc4_tagged:

      kind: linux

      mgmt-ipv4: 172.20.30.204

      exec:

        - ip link set address 00:c1:ab:00:04:0a dev eth1

        - ip link set eth1 up

        - ip link add link eth1 name eth1.125 type vlan id 125

        - ip address add 172.17.3.10/24 dev eth1.125

        - ip link set eth1.125 up

        - ip route add 172.17.1.0/24 via 172.17.3.1

  links:

    - endpoints: ["r1:eth2", "r2:eth1"]

    - endpoints: ["r2:eth3", "r3:eth2"]

    - endpoints: ["r1:eth10", "dc1_untagged:eth1"]

    - endpoints: ["r3:eth10", "dc2_untagged:eth1"]

    - endpoints: ["r1:eth11", "dc3_tagged:eth1"]

    - endpoints: ["r3:eth11", "dc4_tagged:eth1"]