def test_arp_no_reply_src_out_range(common_setup_teardown, intfs_for_test,
enum_frontend_asic_index):
duthost, ptfhost, router_mac = common_setup_teardown
intf1, intf2, intf1_indice, intf2_indice = intfs_for_test
asichost = duthost.asic_instance(enum_frontend_asic_index)
params = {'acs_mac': router_mac, 'port': intf1_indice}
# Check DUT won't reply ARP and install ARP entry when src address is not in interface subnet range
clear_dut_arp_cache(duthost, asichost.cli_ns_option)
log_file = "/tmp/arptest.SrcOutRangeNoReply.{0}.log".format(
datetime.now().strftime("%Y-%m-%d-%H:%M:%S"))
ptf_runner(ptfhost,
'ptftests',
"arptest.SrcOutRangeNoReply",
'/root/ptftests',
params=params,
log_file=log_file)
switch_arptable = asichost.switch_arptable()['ansible_facts']
for ip in switch_arptable['arptable']['v4'].keys():
pytest_assert(ip != '10.10.1.22')
def garp_setup(duthosts, enum_rand_one_per_hwsku_frontend_hostname, config_facts):
duthost = duthosts[enum_rand_one_per_hwsku_frontend_hostname]
clear_dut_arp_cache(duthost)
vlan_intfs = config_facts['VLAN_INTERFACE'].keys()
garp_check_cmd = 'sonic-db-cli CONFIG_DB HGET "VLAN_INTERFACE|{}" grat_arp'
garp_enable_cmd = 'sonic-db-cli CONFIG_DB HSET "VLAN_INTERFACE|{}" grat_arp enabled'
cat_arp_accept_cmd = 'cat /proc/sys/net/ipv4/conf/{}/arp_accept'
arp_accept_vals = []
old_grat_arp_vals = {}
for vlan in vlan_intfs:
old_grat_arp_res = duthost.shell(garp_check_cmd.format(vlan))
old_grat_arp_vals[vlan] = old_grat_arp_res['stdout']
res = duthost.shell(garp_enable_cmd.format(vlan))
if res['rc'] != 0:
pytest.fail("Unable to enable GARP for {}".format(vlan))
else:
logger.info("Enabled GARP for {}".format(vlan))
# Get the `arp_accept` values for each VLAN interface and yield them
# to the caller, who can decide how to proceed
arp_accept_res = duthost.shell(cat_arp_accept_cmd.format(vlan))
arp_accept_vals.append(arp_accept_res['stdout'])
yield arp_accept_vals
garp_disable_cmd = 'sonic-db-cli CONFIG_DB HDEL "VLAN_INTERFACE|{}" grat_arp'
for vlan in vlan_intfs:
old_grat_arp_val = old_grat_arp_vals[vlan]
if 'enabled' not in old_grat_arp_val:
res = duthost.shell(garp_disable_cmd.format(vlan))
if res['rc'] != 0:
pytest.fail("Unable to disable GARP for {}".format(vlan))
else:
logger.info("GARP disabled for {}".format(vlan))
def test_arp_garp_enabled(rand_selected_dut, garp_enabled, ip_and_intf_info,
intfs_for_test, config_facts, ptfadapter):
"""
Send a gratuitous ARP (GARP) packet from the PTF to the DUT
The DUT should learn the (previously unseen) ARP info from the packet
"""
pytest_require(garp_enabled, 'Gratuitous ARP not enabled for this device')
duthost = rand_selected_dut
ptf_intf_ipv4_addr, _, _ = ip_and_intf_info
arp_request_ip = increment_ipv4_addr(ptf_intf_ipv4_addr)
arp_src_mac = '00:00:07:08:09:0a'
_, _, intf1_index, _, = intfs_for_test
pkt = testutils.simple_arp_packet(pktlen=60,
eth_dst='ff:ff:ff:ff:ff:ff',
eth_src=arp_src_mac,
vlan_pcp=0,
arp_op=2,
ip_snd=arp_request_ip,
ip_tgt=arp_request_ip,
hw_snd=arp_src_mac,
hw_tgt='ff:ff:ff:ff:ff:ff')
clear_dut_arp_cache(duthost)
logger.info("Sending GARP for target {} from PTF interface {}".format(
arp_request_ip, intf1_index))
testutils.send_packet(ptfadapter, intf1_index, pkt)
vlan_intfs = config_facts['VLAN_INTERFACE'].keys()
switch_arptable = duthost.switch_arptable()['ansible_facts']
pytest_assert(switch_arptable['arptable']['v4'][arp_request_ip]
['macaddress'].lower() == arp_src_mac.lower())
pytest_assert(switch_arptable['arptable']['v4'][arp_request_ip]
['interface'] in vlan_intfs)
def test_arp_expect_reply(common_setup_teardown):
duthost, ptfhost, int_facts, intf1, intf2, intf1_indice, intf2_indice = common_setup_teardown
params = {
'acs_mac': int_facts['ansible_interface_facts'][intf1]['macaddress'],
'port': intf1_indice
}
# Start PTF runner and send correct arp packets
clear_dut_arp_cache(duthost)
log_file = "/tmp/arptest.ExpectReply.{0}.log".format(
datetime.now().strftime("%Y-%m-%d-%H:%M:%S"))
ptf_runner(ptfhost,
'ptftests',
"arptest.ExpectReply",
'/root/ptftests',
params=params,
log_file=log_file)
switch_arptable = duthost.switch_arptable()['ansible_facts']
pytest_assert(switch_arptable['arptable']['v4']['10.10.1.3']['macaddress']
== '00:06:07:08:09:0a')
pytest_assert(
switch_arptable['arptable']['v4']['10.10.1.3']['interface'] == intf1)
def test_arp_expect_reply(common_setup_teardown, intfs_for_test,
enum_frontend_asic_index):
duthost, ptfhost, router_mac = common_setup_teardown
intf1, intf2, intf1_indice, intf2_indice = intfs_for_test
asichost = duthost.asic_instance(enum_frontend_asic_index)
params = {'acs_mac': router_mac, 'port': intf1_indice}
# Start PTF runner and send correct arp packets
clear_dut_arp_cache(duthost, asichost.cli_ns_option)
log_file = "/tmp/arptest.ExpectReply.{0}.log".format(
datetime.now().strftime("%Y-%m-%d-%H:%M:%S"))
ptf_runner(ptfhost,
'ptftests',
"arptest.ExpectReply",
'/root/ptftests',
params=params,
log_file=log_file)
switch_arptable = asichost.switch_arptable()['ansible_facts']
pytest_assert(switch_arptable['arptable']['v4']['10.10.1.3']['macaddress']
== '00:06:07:08:09:0a')
pytest_assert(
switch_arptable['arptable']['v4']['10.10.1.3']['interface'] == intf1)
def test_proxy_arp(duthosts, enum_rand_one_per_hwsku_frontend_hostname,
setup_ptf_arp, intfs_for_test, ptfhost, config_facts,
ip_version, tbinfo):
'''
Send an ARP request or neighbor solicitation (NS) to the DUT for an IP address within the subnet of the DUT's VLAN.
DUT should reply with an ARP reply or neighbor advertisement (NA) containing the DUT's own MAC
'''
duthost = duthosts[enum_rand_one_per_hwsku_frontend_hostname]
ptf_intf_ipv4_addr, ptf_intf_ipv6_addr, ptf_intf_name = setup_ptf_arp
pytest_require(duthost.has_config_subcommand('config vlan proxy_arp'),
"Proxy ARP command does not exist on device")
if ip_version == 'v4':
pytest_require(ptf_intf_ipv4_addr is not None,
'No IPv4 VLAN address configured on device')
elif ip_version == 'v6':
pytest_require(ptf_intf_ipv6_addr is not None,
'No IPv6 VLAN address configured on device')
proxy_arp_config_cmd = 'config vlan proxy_arp {} {}'
# We are leveraging the fact that ping will automatically send a neighbor solicitation/ARP request for us
# However, we expect the ping itself to always fail since no interface is configured with the pinged IP, so add '|| true' so we can continue
ping_cmd = 'ping {} -I {} -c 1 || true'
# Enable proxy ARP/NDP for the VLANs on the DUT
vlans = config_facts['VLAN']
vlan_ids = [vlans[vlan]['vlanid'] for vlan in vlans.keys()]
for vid in vlan_ids:
duthost.shell(proxy_arp_config_cmd.format(vid, 'enabled'))
time.sleep(3)
logger.info("Enabled proxy ARP for VLAN {}".format(vid))
clear_dut_arp_cache(ptfhost)
ping_addr = None
if ip_version == 'v4':
ping_addr = increment_ipv4_addr(ptf_intf_ipv4_addr)
elif ip_version == 'v6':
ping_addr = increment_ipv6_addr(ptf_intf_ipv6_addr)
logger.info("Pinging {} using PTF interface {}".format(
ping_addr, ptf_intf_name))
ptfhost.shell(ping_cmd.format(ping_addr, ptf_intf_name))
time.sleep(2)
neighbor_table = ptfhost.switch_arptable(
)['ansible_facts']['arptable'][ip_version]
topology = tbinfo['topo']['name']
if 'dualtor' in topology:
dut_macs = []
for vlan_details in vlans.values():
dut_macs.append(vlan_details['mac'])
else:
router_mac = duthost.shell(
'sonic-cfggen -d -v \'DEVICE_METADATA.localhost.mac\''
)["stdout_lines"][0].decode("utf-8")
dut_macs = [router_mac]
pytest_assert(ping_addr in neighbor_table.keys())
pytest_assert(neighbor_table[ping_addr]['macaddress'] in dut_macs)
pytest_assert(neighbor_table[ping_addr]['interface'] == ptf_intf_name)
pytest_assert(neighbor_table[ping_addr]['state'].lower() not in
['failed', 'incomplete'])