def test_p2p_subif_creation_1k(self):
"""create 1k of p2p subifs"""
self.logger.info("FFP_TEST_START_0001")
macs = []
clients = 1000
mac = int("dead00000000", 16)
for i in range(1, clients + 1):
try:
macs.append(':'.join(re.findall('..',
'{:02x}'.format(mac + i))))
self.vapi.create_p2pethernet_subif(self.pg2.sw_if_index,
mactobinary(macs[i - 1]), i)
except Exception:
print "Failed to create subif %d %s" % (i, macs[i - 1])
raise
intfs = self.vapi.cli("show interface").split("\n")
count = 0
for intf in intfs:
if intf.startswith('pg2.'):
count += 1
self.assertEqual(count, clients)
self.logger.info("FFP_TEST_FINISH_0001")
def __init__(self, test, sw_if_index, mac_addr, nbr_addr,
af=AF_INET, is_static=0):
self._test = test
self.sw_if_index = sw_if_index
self.mac_addr = mactobinary(mac_addr)
self.af = af
self.is_static = is_static
self.nbr_addr = inet_pton(af, nbr_addr)
def remove_vpp_config(self):
cip = socket.inet_pton(socket.AF_INET, self.client_ip)
cmac = mactobinary(self.client_mac)
self.unconfig()
self.test.vapi.pppoe_add_del_session(cip,
cmac,
session_id=self.session_id,
decap_vrf_id=self.decap_vrf_id,
is_add=0)
def __init__(self, test, sw_if_index, mac_addr, nbr_addr,
af=AF_INET, is_static=False, is_no_fib_entry=0):
self._test = test
self.sw_if_index = sw_if_index
self.mac_addr = mactobinary(mac_addr)
self.af = af
self.is_static = is_static
self.is_no_fib_entry = is_no_fib_entry
self.nbr_addr = nbr_addr
self.nbr_addr_n = inet_pton(af, nbr_addr)
def add_vpp_config(self):
cip = socket.inet_pton(socket.AF_INET, self.client_ip)
cmac = mactobinary(self.client_mac)
r = self.test.vapi.pppoe_add_del_session(
cip,
cmac,
session_id=self.session_id,
decap_vrf_id=self.decap_vrf_id)
self._sw_if_index = r.sw_if_index
self.generate_remote_hosts()
def setUp(self):
super(TestGBP, self).setUp()
self.create_pg_interfaces(range(9))
self.create_loopback_interfaces(range(9))
self.router_mac = "00:11:22:33:44:55"
for i in self.pg_interfaces:
i.admin_up()
for i in self.lo_interfaces:
i.admin_up()
self.vapi.sw_interface_set_mac_address(
i.sw_if_index, mactobinary(self.router_mac))
def test_gbp(self):
""" Group Based Policy """
nat_table = VppIpTable(self, 20)
nat_table.add_vpp_config()
nat_table = VppIpTable(self, 20, is_ip6=True)
nat_table.add_vpp_config()
#
# Bridge Domains
#
self.vapi.bridge_domain_add_del(1,
flood=1,
uu_flood=1,
forward=1,
learn=0,
arp_term=1,
is_add=1)
self.vapi.bridge_domain_add_del(2,
flood=1,
uu_flood=1,
forward=1,
learn=0,
arp_term=1,
is_add=1)
self.vapi.bridge_domain_add_del(20,
flood=1,
uu_flood=1,
forward=1,
learn=0,
arp_term=1,
is_add=1)
#
# 3 EPGs, 2 of which share a BD.
#
epgs = []
recircs = []
epgs.append(
VppGbpEndpointGroup(self, 220, 0, 1, self.pg4, self.loop0,
"10.0.0.128", "2001:10::128"))
recircs.append(VppGbpRecirc(self, epgs[0], self.loop3))
epgs.append(
VppGbpEndpointGroup(self, 221, 0, 1, self.pg5, self.loop0,
"10.0.1.128", "2001:10:1::128"))
recircs.append(VppGbpRecirc(self, epgs[1], self.loop4))
epgs.append(
VppGbpEndpointGroup(self, 222, 0, 2, self.pg6, self.loop1,
"10.0.2.128", "2001:10:2::128"))
recircs.append(VppGbpRecirc(self, epgs[2], self.loop5))
#
# 2 NAT EPGs, one for floating-IP subnets, the other for internet
#
epgs.append(
VppGbpEndpointGroup(self, 333, 20, 20, self.pg7, self.loop2,
"11.0.0.128", "3001::128"))
recircs.append(VppGbpRecirc(self, epgs[3], self.loop6, is_ext=True))
epgs.append(
VppGbpEndpointGroup(self, 444, 20, 20, self.pg8, self.loop2,
"11.0.0.129", "3001::129"))
recircs.append(VppGbpRecirc(self, epgs[4], self.loop8, is_ext=True))
epg_nat = epgs[3]
recirc_nat = recircs[3]
#
# 4 end-points, 2 in the same subnet, 3 in the same BD
#
eps = []
eps.append(
VppGbpEndpoint(self, self.pg0, epgs[0], recircs[0], "10.0.0.1",
"11.0.0.1"))
eps.append(
VppGbpEndpoint(self, self.pg1, epgs[0], recircs[0], "10.0.0.2",
"11.0.0.2"))
eps.append(
VppGbpEndpoint(self, self.pg2, epgs[1], recircs[1], "10.0.1.1",
"11.0.0.3"))
eps.append(
VppGbpEndpoint(self, self.pg3, epgs[2], recircs[2], "10.0.2.1",
"11.0.0.4"))
eps.append(
VppGbpEndpoint(self,
self.pg0,
epgs[0],
recircs[0],
"2001:10::1",
"3001::1",
is_ip6=True))
eps.append(
VppGbpEndpoint(self,
self.pg1,
epgs[0],
recircs[0],
"2001:10::2",
"3001::2",
is_ip6=True))
eps.append(
VppGbpEndpoint(self,
self.pg2,
epgs[1],
recircs[1],
"2001:10:1::1",
"3001::3",
is_ip6=True))
eps.append(
VppGbpEndpoint(self,
self.pg3,
epgs[2],
recircs[2],
"2001:10:2::1",
"3001::4",
is_ip6=True))
#
# Config related to each of the EPGs
#
for epg in epgs:
# IP config on the BVI interfaces
if epg != epgs[1] and epg != epgs[4]:
epg.bvi.set_table_ip4(epg.rd)
epg.bvi.set_table_ip6(epg.rd)
# The BVIs are NAT inside interfaces
self.vapi.nat44_interface_add_del_feature(epg.bvi.sw_if_index,
is_inside=1,
is_add=1)
self.vapi.nat66_add_del_interface(epg.bvi.sw_if_index,
is_inside=1,
is_add=1)
self.vapi.sw_interface_add_del_address(epg.bvi.sw_if_index,
epg.bvi_ip4_n, 32)
self.vapi.sw_interface_add_del_address(epg.bvi.sw_if_index,
epg.bvi_ip6_n,
128,
is_ipv6=True)
# EPG uplink interfaces in the BD
epg.uplink.set_table_ip4(epg.rd)
epg.uplink.set_table_ip6(epg.rd)
self.vapi.sw_interface_set_l2_bridge(epg.uplink.sw_if_index,
epg.bd)
# add the BD ARP termination entry for BVI IP
self.vapi.bd_ip_mac_add_del(bd_id=epg.bd,
mac=mactobinary(self.router_mac),
ip=epg.bvi_ip4_n,
is_ipv6=0,
is_add=1)
self.vapi.bd_ip_mac_add_del(bd_id=epg.bd,
mac=mactobinary(self.router_mac),
ip=epg.bvi_ip6_n,
is_ipv6=1,
is_add=1)
# epg[1] shares the same BVI to epg[0]
if epg != epgs[1] and epg != epgs[4]:
# BVI in BD
self.vapi.sw_interface_set_l2_bridge(epg.bvi.sw_if_index,
epg.bd,
bvi=1)
# BVI L2 FIB entry
self.vapi.l2fib_add_del(self.router_mac,
epg.bd,
epg.bvi.sw_if_index,
is_add=1,
bvi_mac=1)
# EPG in VPP
epg.add_vpp_config()
for recirc in recircs:
# EPG's ingress recirculation interface maps to its RD
recirc.recirc.set_table_ip4(recirc.epg.rd)
recirc.recirc.set_table_ip6(recirc.epg.rd)
# in the bridge to allow DVR. L2 emulation to punt to L3
self.vapi.sw_interface_set_l2_bridge(recirc.recirc.sw_if_index,
recirc.epg.bd)
self.vapi.sw_interface_set_l2_emulation(recirc.recirc.sw_if_index)
self.vapi.nat44_interface_add_del_feature(
recirc.recirc.sw_if_index, is_inside=0, is_add=1)
self.vapi.nat66_add_del_interface(recirc.recirc.sw_if_index,
is_inside=0,
is_add=1)
recirc.add_vpp_config()
ep_routes = []
ep_arps = []
for ep in eps:
self.pg_enable_capture(self.pg_interfaces)
self.pg_start()
#
# routes to the endpoints. We need these since there are no
# adj-fibs due to the fact the the BVI address has /32 and
# the subnet is not attached.
#
r = VppIpRoute(
self,
ep.ip,
ep.ip_len,
[VppRoutePath(ep.ip, ep.epg.bvi.sw_if_index, proto=ep.proto)],
is_ip6=ep.is_ip6)
r.add_vpp_config()
ep_routes.append(r)
#
# ARP entries for the endpoints
#
a = VppNeighbor(self,
ep.epg.bvi.sw_if_index,
ep.itf.remote_mac,
ep.ip,
af=ep.af)
a.add_vpp_config()
ep_arps.append(a)
# add each EP itf to the its BD
self.vapi.sw_interface_set_l2_bridge(ep.itf.sw_if_index, ep.epg.bd)
# add the BD ARP termination entry
self.vapi.bd_ip_mac_add_del(bd_id=ep.epg.bd,
mac=ep.bin_mac,
ip=ep.ip_n,
is_ipv6=0,
is_add=1)
# L2 FIB entry
self.vapi.l2fib_add_del(ep.mac,
ep.epg.bd,
ep.itf.sw_if_index,
is_add=1)
# Add static mappings for each EP from the 10/8 to 11/8 network
if ep.af == AF_INET:
self.vapi.nat44_add_del_static_mapping(ep.ip_n,
ep.floating_ip_n,
vrf_id=0,
addr_only=1)
else:
self.vapi.nat66_add_del_static_mapping(ep.ip_n,
ep.floating_ip_n,
vrf_id=0)
# VPP EP create ...
ep.add_vpp_config()
# ... results in a Gratuitous ARP/ND on the EPG's uplink
rx = ep.epg.uplink.get_capture(1, timeout=0.2)
if ep.is_ip6:
self.assertTrue(rx[0].haslayer(ICMPv6ND_NA))
self.assertEqual(rx[0][ICMPv6ND_NA].tgt, ep.ip)
else:
self.assertTrue(rx[0].haslayer(ARP))
self.assertEqual(rx[0][ARP].psrc, ep.ip)
self.assertEqual(rx[0][ARP].pdst, ep.ip)
# add the BD ARP termination entry for floating IP
self.vapi.bd_ip_mac_add_del(bd_id=epg_nat.bd,
mac=ep.bin_mac,
ip=ep.floating_ip_n,
is_ipv6=ep.is_ip6,
is_add=1)
# floating IPs route via EPG recirc
r = VppIpRoute(self,
ep.floating_ip,
ep.ip_len, [
VppRoutePath(ep.floating_ip,
ep.recirc.recirc.sw_if_index,
is_dvr=1,
proto=ep.proto)
],
table_id=20,
is_ip6=ep.is_ip6)
r.add_vpp_config()
ep_routes.append(r)
# L2 FIB entries in the NAT EPG BD to bridge the packets from
# the outside direct to the internal EPG
self.vapi.l2fib_add_del(ep.mac,
epg_nat.bd,
ep.recirc.recirc.sw_if_index,
is_add=1)
#
# ARP packets for unknown IP are flooded
#
pkt_arp = (Ether(dst="ff:ff:ff:ff:ff:ff", src=self.pg0.remote_mac) /
ARP(op="who-has",
hwdst="ff:ff:ff:ff:ff:ff",
hwsrc=self.pg0.remote_mac,
pdst=epgs[0].bvi_ip4,
psrc="10.0.0.88"))
self.send_and_expect(self.pg0, [pkt_arp], self.pg0)
#
# ARP/ND packets get a response
#
pkt_arp = (Ether(dst="ff:ff:ff:ff:ff:ff", src=self.pg0.remote_mac) /
ARP(op="who-has",
hwdst="ff:ff:ff:ff:ff:ff",
hwsrc=self.pg0.remote_mac,
pdst=epgs[0].bvi_ip4,
psrc=eps[0].ip))
self.send_and_expect(self.pg0, [pkt_arp], self.pg0)
nsma = in6_getnsma(inet_pton(AF_INET6, eps[4].ip))
d = inet_ntop(AF_INET6, nsma)
pkt_nd = (Ether(dst=in6_getnsmac(nsma)) / IPv6(dst=d, src=eps[4].ip) /
ICMPv6ND_NS(tgt=epgs[0].bvi_ip6) /
ICMPv6NDOptSrcLLAddr(lladdr=self.pg0.remote_mac))
self.send_and_expect(self.pg0, [pkt_nd], self.pg0)
#
# broadcast packets are flooded
#
pkt_bcast = (Ether(dst="ff:ff:ff:ff:ff:ff", src=self.pg0.remote_mac) /
IP(src=eps[0].ip, dst="232.1.1.1") /
UDP(sport=1234, dport=1234) / Raw('\xa5' * 100))
self.vapi.cli("clear trace")
self.pg0.add_stream(pkt_bcast)
self.pg_enable_capture(self.pg_interfaces)
self.pg_start()
rxd = eps[1].itf.get_capture(1)
self.assertEqual(rxd[0][Ether].dst, pkt_bcast[Ether].dst)
rxd = epgs[0].uplink.get_capture(1)
self.assertEqual(rxd[0][Ether].dst, pkt_bcast[Ether].dst)
#
# packets to non-local L3 destinations dropped
#
pkt_intra_epg_220_ip4 = (
Ether(src=self.pg0.remote_mac, dst=self.router_mac) /
IP(src=eps[0].ip, dst="10.0.0.99") / UDP(sport=1234, dport=1234) /
Raw('\xa5' * 100))
pkt_inter_epg_222_ip4 = (
Ether(src=self.pg0.remote_mac, dst=self.router_mac) /
IP(src=eps[0].ip, dst="10.0.1.99") / UDP(sport=1234, dport=1234) /
Raw('\xa5' * 100))
self.send_and_assert_no_replies(self.pg0, pkt_intra_epg_220_ip4 * 65)
pkt_inter_epg_222_ip6 = (
Ether(src=self.pg0.remote_mac, dst=self.router_mac) /
IPv6(src=eps[4].ip, dst="2001:10::99") /
UDP(sport=1234, dport=1234) / Raw('\xa5' * 100))
self.send_and_assert_no_replies(self.pg0, pkt_inter_epg_222_ip6 * 65)
#
# Add the subnet routes
#
s41 = VppGbpSubnet(self, 0, "10.0.0.0", 24)
s42 = VppGbpSubnet(self, 0, "10.0.1.0", 24)
s43 = VppGbpSubnet(self, 0, "10.0.2.0", 24)
s41.add_vpp_config()
s42.add_vpp_config()
s43.add_vpp_config()
s61 = VppGbpSubnet(self, 0, "2001:10::1", 64, is_ip6=True)
s62 = VppGbpSubnet(self, 0, "2001:10:1::1", 64, is_ip6=True)
s63 = VppGbpSubnet(self, 0, "2001:10:2::1", 64, is_ip6=True)
s61.add_vpp_config()
s62.add_vpp_config()
s63.add_vpp_config()
self.send_and_expect_bridged(self.pg0, pkt_intra_epg_220_ip4 * 65,
self.pg4)
self.send_and_expect_bridged(self.pg3, pkt_inter_epg_222_ip4 * 65,
self.pg6)
self.send_and_expect_bridged6(self.pg3, pkt_inter_epg_222_ip6 * 65,
self.pg6)
self.logger.info(self.vapi.cli("sh ip fib 11.0.0.2"))
self.logger.info(self.vapi.cli("sh gbp endpoint-group"))
self.logger.info(self.vapi.cli("sh gbp endpoint"))
self.logger.info(self.vapi.cli("sh gbp recirc"))
self.logger.info(self.vapi.cli("sh int"))
self.logger.info(self.vapi.cli("sh int addr"))
self.logger.info(self.vapi.cli("sh int feat loop6"))
self.logger.info(self.vapi.cli("sh vlib graph ip4-gbp-src-classify"))
self.logger.info(self.vapi.cli("sh int feat loop3"))
#
# Packet destined to unknown unicast is sent on the epg uplink ...
#
pkt_intra_epg_220_to_uplink = (
Ether(src=self.pg0.remote_mac, dst="00:00:00:33:44:55") /
IP(src=eps[0].ip, dst="10.0.0.99") / UDP(sport=1234, dport=1234) /
Raw('\xa5' * 100))
self.send_and_expect_bridged(self.pg0,
pkt_intra_epg_220_to_uplink * 65,
self.pg4)
# ... and nowhere else
self.pg1.get_capture(0, timeout=0.1)
self.pg1.assert_nothing_captured(remark="Flood onto other VMS")
pkt_intra_epg_221_to_uplink = (
Ether(src=self.pg2.remote_mac, dst="00:00:00:33:44:66") /
IP(src=eps[0].ip, dst="10.0.0.99") / UDP(sport=1234, dport=1234) /
Raw('\xa5' * 100))
self.send_and_expect_bridged(self.pg2,
pkt_intra_epg_221_to_uplink * 65,
self.pg5)
#
# Packets from the uplink are forwarded in the absence of a contract
#
pkt_intra_epg_220_from_uplink = (
Ether(src="00:00:00:33:44:55", dst=self.pg0.remote_mac) /
IP(src=eps[0].ip, dst="10.0.0.99") / UDP(sport=1234, dport=1234) /
Raw('\xa5' * 100))
self.send_and_expect_bridged(self.pg4,
pkt_intra_epg_220_from_uplink * 65,
self.pg0)
#
# in the absence of policy, endpoints in the same EPG
# can communicate
#
pkt_intra_epg = (
Ether(src=self.pg0.remote_mac, dst=self.pg1.remote_mac) /
IP(src=eps[0].ip, dst=eps[1].ip) / UDP(sport=1234, dport=1234) /
Raw('\xa5' * 100))
self.send_and_expect_bridged(self.pg0, pkt_intra_epg * 65, self.pg1)
#
# in the abscense of policy, endpoints in the different EPG
# cannot communicate
#
pkt_inter_epg_220_to_221 = (
Ether(src=self.pg0.remote_mac, dst=self.pg2.remote_mac) /
IP(src=eps[0].ip, dst=eps[2].ip) / UDP(sport=1234, dport=1234) /
Raw('\xa5' * 100))
pkt_inter_epg_221_to_220 = (
Ether(src=self.pg2.remote_mac, dst=self.pg0.remote_mac) /
IP(src=eps[2].ip, dst=eps[0].ip) / UDP(sport=1234, dport=1234) /
Raw('\xa5' * 100))
pkt_inter_epg_220_to_222 = (
Ether(src=self.pg0.remote_mac, dst=self.router_mac) /
IP(src=eps[0].ip, dst=eps[3].ip) / UDP(sport=1234, dport=1234) /
Raw('\xa5' * 100))
self.send_and_assert_no_replies(self.pg0,
pkt_inter_epg_220_to_221 * 65)
self.send_and_assert_no_replies(self.pg0,
pkt_inter_epg_220_to_222 * 65)
#
# A uni-directional contract from EPG 220 -> 221
#
c1 = VppGbpContract(self, 220, 221, 0)
c1.add_vpp_config()
self.send_and_expect_bridged(self.pg0, pkt_inter_epg_220_to_221 * 65,
self.pg2)
self.send_and_assert_no_replies(self.pg0,
pkt_inter_epg_220_to_222 * 65)
#
# contract for the return direction
#
c2 = VppGbpContract(self, 221, 220, 0)
c2.add_vpp_config()
self.send_and_expect_bridged(self.pg0, pkt_inter_epg_220_to_221 * 65,
self.pg2)
self.send_and_expect_bridged(self.pg2, pkt_inter_epg_221_to_220 * 65,
self.pg0)
#
# check that inter group is still disabled for the groups
# not in the contract.
#
self.send_and_assert_no_replies(self.pg0,
pkt_inter_epg_220_to_222 * 65)
#
# A uni-directional contract from EPG 220 -> 222 'L3 routed'
#
c3 = VppGbpContract(self, 220, 222, 0)
c3.add_vpp_config()
self.logger.info(self.vapi.cli("sh gbp contract"))
self.send_and_expect_routed(self.pg0, pkt_inter_epg_220_to_222 * 65,
self.pg3, self.router_mac)
#
# remove both contracts, traffic stops in both directions
#
c2.remove_vpp_config()
c1.remove_vpp_config()
c3.remove_vpp_config()
self.send_and_assert_no_replies(self.pg2,
pkt_inter_epg_221_to_220 * 65)
self.send_and_assert_no_replies(self.pg0,
pkt_inter_epg_220_to_221 * 65)
self.send_and_expect_bridged(self.pg0, pkt_intra_epg * 65, self.pg1)
#
# EPs to the outside world
#
# in the EP's RD an external subnet via the NAT EPG's recirc
se1 = VppGbpSubnet(self,
0,
"0.0.0.0",
0,
is_internal=False,
sw_if_index=recirc_nat.recirc.sw_if_index,
epg=epg_nat.epg)
se1.add_vpp_config()
se2 = VppGbpSubnet(self,
0,
"11.0.0.0",
8,
is_internal=False,
sw_if_index=recirc_nat.recirc.sw_if_index,
epg=epg_nat.epg)
se2.add_vpp_config()
se16 = VppGbpSubnet(self,
0,
"::",
0,
is_internal=False,
sw_if_index=recirc_nat.recirc.sw_if_index,
epg=epg_nat.epg,
is_ip6=True)
se16.add_vpp_config()
# in the NAT RD an external subnet via the NAT EPG's uplink
se3 = VppGbpSubnet(self,
20,
"0.0.0.0",
0,
is_internal=False,
sw_if_index=epg_nat.uplink.sw_if_index,
epg=epg_nat.epg)
se36 = VppGbpSubnet(self,
20,
"::",
0,
is_internal=False,
sw_if_index=epg_nat.uplink.sw_if_index,
epg=epg_nat.epg,
is_ip6=True)
se4 = VppGbpSubnet(self,
20,
"11.0.0.0",
8,
is_internal=False,
sw_if_index=epg_nat.uplink.sw_if_index,
epg=epg_nat.epg)
se3.add_vpp_config()
se36.add_vpp_config()
se4.add_vpp_config()
self.logger.info(self.vapi.cli("sh ip fib 0.0.0.0/0"))
self.logger.info(self.vapi.cli("sh ip fib 11.0.0.1"))
self.logger.info(self.vapi.cli("sh ip6 fib ::/0"))
self.logger.info(self.vapi.cli("sh ip6 fib %s" % eps[4].floating_ip))
#
# From an EP to an outside addess: IN2OUT
#
pkt_inter_epg_220_to_global = (
Ether(src=self.pg0.remote_mac, dst=self.router_mac) /
IP(src=eps[0].ip, dst="1.1.1.1") / UDP(sport=1234, dport=1234) /
Raw('\xa5' * 100))
# no policy yet
self.send_and_assert_no_replies(self.pg0,
pkt_inter_epg_220_to_global * 65)
c4 = VppGbpContract(self, 220, 333, 0)
c4.add_vpp_config()
self.send_and_expect_natted(self.pg0, pkt_inter_epg_220_to_global * 65,
self.pg7, eps[0].floating_ip)
pkt_inter_epg_220_to_global = (
Ether(src=self.pg0.remote_mac, dst=self.router_mac) /
IPv6(src=eps[4].ip, dst="6001::1") / UDP(sport=1234, dport=1234) /
Raw('\xa5' * 100))
self.send_and_expect_natted6(self.pg0,
pkt_inter_epg_220_to_global * 65,
self.pg7, eps[4].floating_ip)
#
# From a global address to an EP: OUT2IN
#
pkt_inter_epg_220_from_global = (
Ether(src=self.router_mac, dst=self.pg0.remote_mac) /
IP(dst=eps[0].floating_ip, src="1.1.1.1") /
UDP(sport=1234, dport=1234) / Raw('\xa5' * 100))
self.send_and_assert_no_replies(self.pg7,
pkt_inter_epg_220_from_global * 65)
c5 = VppGbpContract(self, 333, 220, 0)
c5.add_vpp_config()
self.send_and_expect_unnatted(self.pg7,
pkt_inter_epg_220_from_global * 65,
eps[0].itf, eps[0].ip)
pkt_inter_epg_220_from_global = (
Ether(src=self.router_mac, dst=self.pg0.remote_mac) /
IPv6(dst=eps[4].floating_ip, src="6001::1") /
UDP(sport=1234, dport=1234) / Raw('\xa5' * 100))
self.send_and_expect_unnatted6(self.pg7,
pkt_inter_epg_220_from_global * 65,
eps[4].itf, eps[4].ip)
#
# From a local VM to another local VM using resp. public addresses:
# IN2OUT2IN
#
pkt_intra_epg_220_global = (
Ether(src=self.pg0.remote_mac, dst=self.router_mac) /
IP(src=eps[0].ip, dst=eps[1].floating_ip) /
UDP(sport=1234, dport=1234) / Raw('\xa5' * 100))
self.send_and_expect_double_natted(eps[0].itf,
pkt_intra_epg_220_global * 65,
eps[1].itf, eps[0].floating_ip,
eps[1].ip)
pkt_intra_epg_220_global = (
Ether(src=self.pg4.remote_mac, dst=self.router_mac) /
IPv6(src=eps[4].ip, dst=eps[5].floating_ip) /
UDP(sport=1234, dport=1234) / Raw('\xa5' * 100))
self.send_and_expect_double_natted6(eps[4].itf,
pkt_intra_epg_220_global * 65,
eps[5].itf, eps[4].floating_ip,
eps[5].ip)
#
# cleanup
#
for ep in eps:
# del static mappings for each EP from the 10/8 to 11/8 network
if ep.af == AF_INET:
self.vapi.nat44_add_del_static_mapping(ep.ip_n,
ep.floating_ip_n,
vrf_id=0,
addr_only=1,
is_add=0)
else:
self.vapi.nat66_add_del_static_mapping(ep.ip_n,
ep.floating_ip_n,
vrf_id=0,
is_add=0)
for epg in epgs:
# IP config on the BVI interfaces
self.vapi.sw_interface_add_del_address(epg.bvi.sw_if_index,
epg.bvi_ip4_n,
32,
is_add=0)
self.vapi.sw_interface_add_del_address(epg.bvi.sw_if_index,
epg.bvi_ip6_n,
128,
is_add=0,
is_ipv6=True)
self.logger.info(self.vapi.cli("sh int addr"))
epg.uplink.set_table_ip4(0)
epg.uplink.set_table_ip6(0)
if epg != epgs[0] and epg != epgs[3]:
epg.bvi.set_table_ip4(0)
epg.bvi.set_table_ip6(0)
self.vapi.nat44_interface_add_del_feature(epg.bvi.sw_if_index,
is_inside=1,
is_add=0)
self.vapi.nat66_add_del_interface(epg.bvi.sw_if_index,
is_inside=1,
is_add=0)
for recirc in recircs:
recirc.recirc.set_table_ip4(0)
recirc.recirc.set_table_ip6(0)
self.vapi.nat44_interface_add_del_feature(
recirc.recirc.sw_if_index, is_inside=0, is_add=0)
self.vapi.nat66_add_del_interface(recirc.recirc.sw_if_index,
is_inside=0,
is_add=0)
def bin_mac(self):
return mactobinary(self.itf.remote_mac)
def create_p2p_ethernet(self, parent_if, sub_id, remote_mac):
p2p = VppP2PSubint(self, parent_if, sub_id, mactobinary(remote_mac))
p2p.admin_up()
p2p.config_ip4()
return p2p
def delete_p2p_ethernet(self, parent_if, remote_mac):
self.vapi.delete_p2pethernet_subif(parent_if.sw_if_index,
mactobinary(remote_mac))
def create_p2p_ethernet(self, parent_if, sub_id, remote_mac):
p2p = VppP2PSubint(self, parent_if, sub_id, mactobinary(remote_mac))
self.p2p_sub_ifs.append(p2p)
def bytes(self):
return mactobinary(self.address)
def set_mac(self, mac):
self._local_mac = mac
self._local_ip6_ll = mk_ll_addr(mac)
self.test.vapi.sw_interface_set_mac_address(
self.sw_if_index,
mactobinary(self._local_mac))
def create_p2p_ethernet(self, parent_if, sub_id, remote_mac):
p2p = VppP2PSubint(self, parent_if, sub_id, mactobinary(remote_mac))
p2p.admin_up()
p2p.config_ip6()
p2p.disable_ipv6_ra()
self.p2p_sub_ifs.append(p2p)
def test_bond_traffic(self):
""" Bond traffic test """
# topology
#
# RX-> TX->
#
# pg2 ------+ +------pg0 (slave)
# | |
# BondEthernet0 (10.10.10.1)
# | |
# pg3 ------+ +------pg1 (slave)
#
# create interface (BondEthernet0)
# self.logger.info("create bond")
bond0_mac = "02:fe:38:30:59:3c"
mac = mactobinary(bond0_mac)
bond0 = VppBondInterface(self,
mode=3,
lb=1,
use_custom_mac=1,
mac_address=mac)
bond0.add_vpp_config()
bond0.admin_up()
bond0_addr = socket.inet_pton(socket.AF_INET, "10.10.10.1")
self.vapi.sw_interface_add_del_address(bond0.sw_if_index, bond0_addr,
24)
self.pg2.config_ip4()
self.pg2.resolve_arp()
self.pg3.config_ip4()
self.pg3.resolve_arp()
self.logger.info(self.vapi.cli("show interface"))
self.logger.info(self.vapi.cli("show interface address"))
self.logger.info(self.vapi.cli("show ip arp"))
# enslave pg0 and pg1 to BondEthernet0
self.logger.info("bond enslave interface pg0 to BondEthernet0")
bond0.enslave_vpp_bond_interface(sw_if_index=self.pg0.sw_if_index,
is_passive=0,
is_long_timeout=0)
self.logger.info("bond enslave interface pg1 to BondEthernet0")
bond0.enslave_vpp_bond_interface(sw_if_index=self.pg1.sw_if_index,
is_passive=0,
is_long_timeout=0)
# verify both slaves in BondEthernet0
if_dump = self.vapi.sw_interface_slave_dump(bond0.sw_if_index)
self.assertTrue(self.pg0.is_interface_config_in_dump(if_dump))
self.assertTrue(self.pg1.is_interface_config_in_dump(if_dump))
# generate a packet from pg2 -> BondEthernet0 -> pg1
# BondEthernet0 TX hashes this packet to pg1
p2 = (Ether(src=bond0_mac, dst=self.pg2.local_mac) /
IP(src=self.pg2.local_ip4, dst="10.10.10.12") /
UDP(sport=1235, dport=1235) / Raw('\xa5' * 100))
self.pg2.add_stream(p2)
# generate a packet from pg3 -> BondEthernet0 -> pg0
# BondEthernet0 TX hashes this packet to pg0
# notice the ip address and ports are different than p2 packet
p3 = (Ether(src=bond0_mac, dst=self.pg3.local_mac) /
IP(src=self.pg3.local_ip4, dst="10.10.10.11") /
UDP(sport=1234, dport=1234) / Raw('\xa5' * 100))
self.pg3.add_stream(p3)
self.pg_enable_capture(self.pg_interfaces)
# set up the static arp entries pointing to the BondEthernet0 interface
# so that it does not try to resolve the ip address
self.logger.info(
self.vapi.cli(
"set ip arp static BondEthernet0 10.10.10.12 abcd.abcd.0002"))
self.logger.info(
self.vapi.cli(
"set ip arp static BondEthernet0 10.10.10.11 abcd.abcd.0004"))
# clear the interface counters
self.logger.info(self.vapi.cli("clear interfaces"))
self.pg_start()
self.logger.info("check the interface counters")
# verify counters
# BondEthernet0 tx bytes = 284
intfs = self.vapi.cli("show interface BondEthernet0").split("\n")
found = 0
for intf in intfs:
if "tx bytes" in intf and "284" in intf:
found = 1
self.assertEqual(found, 1)
# BondEthernet0 tx bytes = 284
intfs = self.vapi.cli("show interface BondEthernet0").split("\n")
found = 0
for intf in intfs:
if "tx bytes" in intf and "284" in intf:
found = 1
self.assertEqual(found, 1)
# pg2 rx bytes = 142
intfs = self.vapi.cli("show interface pg2").split("\n")
found = 0
for intf in intfs:
if "rx bytes" in intf and "142" in intf:
found = 1
self.assertEqual(found, 1)
# pg3 rx bytes = 142
intfs = self.vapi.cli("show interface pg3").split("\n")
found = 0
for intf in intfs:
if "rx bytes" in intf and "142" in intf:
found = 1
self.assertEqual(found, 1)
bond0.remove_vpp_config()
def test_dhcp_client(self):
""" DHCP Client"""
hostname = 'universal-dp'
self.pg_enable_capture(self.pg_interfaces)
#
# Configure DHCP client on PG2 and capture the discover sent
#
self.vapi.dhcp_client(self.pg2.sw_if_index, hostname)
rx = self.pg2.get_capture(1)
self.verify_orig_dhcp_discover(rx[0], self.pg2, hostname)
#
# Sned back on offer, expect the request
#
p_offer = (Ether(dst=self.pg2.local_mac, src=self.pg2.remote_mac) /
IP(src=self.pg2.remote_ip4, dst="255.255.255.255") /
UDP(sport=DHCP4_SERVER_PORT, dport=DHCP4_CLIENT_PORT) /
BOOTP(op=1, yiaddr=self.pg2.local_ip4) /
DHCP(options=[('message-type', 'offer'),
('server_id', self.pg2.remote_ip4), ('end')]))
self.pg2.add_stream(p_offer)
self.pg_enable_capture(self.pg_interfaces)
self.pg_start()
rx = self.pg2.get_capture(1)
self.verify_orig_dhcp_request(rx[0], self.pg2, hostname,
self.pg2.local_ip4)
#
# Send an acknowloedgement
#
p_ack = (Ether(dst=self.pg2.local_mac, src=self.pg2.remote_mac) /
IP(src=self.pg2.remote_ip4, dst="255.255.255.255") /
UDP(sport=DHCP4_SERVER_PORT, dport=DHCP4_CLIENT_PORT) /
BOOTP(op=1, yiaddr=self.pg2.local_ip4) /
DHCP(options=[('message-type',
'ack'), ('subnet_mask', "255.255.255.0"),
('router', self.pg2.remote_ip4),
('server_id', self.pg2.remote_ip4),
('lease_time', 43200), ('end')]))
self.pg2.add_stream(p_ack)
self.pg_enable_capture(self.pg_interfaces)
self.pg_start()
#
# We'll get an ARP request for the router address
#
rx = self.pg2.get_capture(1)
self.assertEqual(rx[0][ARP].pdst, self.pg2.remote_ip4)
self.pg_enable_capture(self.pg_interfaces)
#
# At the end of this procedure there should be a connected route
# in the FIB
#
self.assertTrue(find_route(self, self.pg2.local_ip4, 24))
self.assertTrue(find_route(self, self.pg2.local_ip4, 32))
# remove the left over ARP entry
self.vapi.ip_neighbor_add_del(self.pg2.sw_if_index,
mactobinary(self.pg2.remote_mac),
self.pg2.remote_ip4,
is_add=0)
#
# remove the DHCP config
#
self.vapi.dhcp_client(self.pg2.sw_if_index, hostname, is_add=0)
#
# and now the route should be gone
#
self.assertFalse(find_route(self, self.pg2.local_ip4, 32))
self.assertFalse(find_route(self, self.pg2.local_ip4, 24))
#
# Start the procedure again. this time have VPP send the client-ID
#
self.pg2.admin_down()
self.sleep(1)
self.pg2.admin_up()
self.vapi.dhcp_client(self.pg2.sw_if_index,
hostname,
client_id=self.pg2.local_mac)
rx = self.pg2.get_capture(1)
self.verify_orig_dhcp_discover(rx[0], self.pg2, hostname,
self.pg2.local_mac)
self.pg2.add_stream(p_offer)
self.pg_enable_capture(self.pg_interfaces)
self.pg_start()
rx = self.pg2.get_capture(1)
self.verify_orig_dhcp_request(rx[0], self.pg2, hostname,
self.pg2.local_ip4)
#
# unicast the ack to the offered address
#
p_ack = (Ether(dst=self.pg2.local_mac, src=self.pg2.remote_mac) /
IP(src=self.pg2.remote_ip4, dst=self.pg2.local_ip4) /
UDP(sport=DHCP4_SERVER_PORT, dport=DHCP4_CLIENT_PORT) /
BOOTP(op=1, yiaddr=self.pg2.local_ip4) /
DHCP(options=[('message-type',
'ack'), ('subnet_mask', "255.255.255.0"),
('router', self.pg2.remote_ip4),
('server_id', self.pg2.remote_ip4),
('lease_time', 43200), ('end')]))
self.pg2.add_stream(p_ack)
self.pg_enable_capture(self.pg_interfaces)
self.pg_start()
#
# At the end of this procedure there should be a connected route
# in the FIB
#
self.assertTrue(find_route(self, self.pg2.local_ip4, 32))
self.assertTrue(find_route(self, self.pg2.local_ip4, 24))
#
# remove the DHCP config
#
self.vapi.dhcp_client(self.pg2.sw_if_index, hostname, is_add=0)
self.assertFalse(find_route(self, self.pg2.local_ip4, 32))
self.assertFalse(find_route(self, self.pg2.local_ip4, 24))