From 3b1566c55f5972b67a4aa729dddbaf9461825859 Mon Sep 17 00:00:00 2001
From: Kuralamudhan Ramakrishnan <kuralamudhan.ramakrishnan@intel.com>
Date: Wed, 23 Sep 2020 08:46:30 -0700
Subject: updating the demo/sfc-setup README.md

Signed-off-by: Kuralamudhan Ramakrishnan <kuralamudhan.ramakrishnan@intel.com>
Change-Id: Ic0235ddc6686637b0af5582810b426886204a6e6
---
 demo/sfc-setup/README.md | 17 +++++++++++++++++
 1 file changed, 17 insertions(+)

diff --git a/demo/sfc-setup/README.md b/demo/sfc-setup/README.md
index d2afd73..676fa88 100644
--- a/demo/sfc-setup/README.md
+++ b/demo/sfc-setup/README.md
@@ -92,18 +92,35 @@ Deploy the SFC as following
    $ kubectl apply -f demo/sfc-setup/deploy/slb-ngfw-sdewan-cnf-deployment.yaml
    $ kubectl apply -f demo/sfc-setup/deploy/ms1.yaml
 ```
+## Test Scenario - to comprehend multiple deployment variations
+![sfc-test-scenario-diagram](../../images/sfc-test-scenario-diagram.png)
+
+This show the test scenario we created in this demo.
+
 Pinging for goole.com or curl example.com should fail in both ms1 and TM1
 ```
    $ kubectl apply -f demo/sfc-setup/deploy/sfc.yaml
 ```
 Pinging for google.com or curl example.com should be successful in both ms1 and TM1
 
+## Traffic from external entities with sfc
+![sfc-test-scenario-tm1-to-internet](../../images/sfc-test-scenario-tm1-to-internet.png)
+
+## Traffic from pod within the cluster with sfc
+![sfc-test-scenario-ms1-to-internet](../../images/sfc-test-scenario-ms1-to-internet.png)
+
 Let try to apply icmp reject rule in SDEWAN cnf
 ```
    $ kubectl apply -f demo/sfc-setup/deploy/firewall-dyn-net-2.yaml
    $ kubectl apply -f demo/sfc-setup/deploy/firewall-right-pnetwork.yaml
    $ kubectl apply -f demo/sfc-setup/deploy/firewall-rule-reject-icmp-right-pnetwork.yaml
 ```
+## Traffic from external entities with sfc - SDEWAN icmp reject
+![sfc-test-scenario-tm1-icmp-blocked](../../images/sfc-test-scenario-tm1-icmp-blocked.png)
+
+## Traffic from pod within the cluster with sfc - SDEWAN icmp reject
+![sfc-test-scenario-ms1-icmp-blocked](../../images/sfc-test-scenario-ms1-icmp-blocked.png)
+
 Pinging for google.com will fail and curl example.com should be successful in both ms1 and TM1
 
 ## License
-- 
cgit 1.2.3-korg