def erspan_pre_config():
"""
Author: Lakshminarayana D ([email protected])
Using this pre config at module level. So, applicable for all test cases which includes in this module.
:return: None
"""
# IP address configuration on DUT-1
for port, ip_addr, in zip(data.port_list_d1, data.ip_list_d1):
ip.config_ip_addr_interface(vars.D1, port, ip_addr, data.subnet_mask)
# IP address configuration on DUT-2
for port, ip_addr in zip(data.port_list_d2, data.ip_list_d2):
ip.config_ip_addr_interface(vars.D2, port, ip_addr, data.subnet_mask)
# Create static route
_, network = ip.get_network_addr("{}/{}".format(data.ip_T1D2P1, data.subnet_mask))
ip.create_static_route(vars.D1, data.ip_D2D1P1, network)
_, network = ip.get_network_addr("{}/{}".format(data.ip_T1D1P1, data.subnet_mask))
ip.create_static_route(vars.D2, data.ip_D1D2P1, network)
# creation and verification of Monitor session
mirror.create_session(vars.D1, session_name=data.session_name, src_ip=data.ip_D1T1P1,
dst_ip=data.ip_T1D2P1, gre_type=data.gre_type, dscp=data.dscp,
ttl=data.ttl, queue=data.queue)
# creation and verification of ACL Policy
acl_dscp.config_policy_table(vars.D1, enable='create', policy_name=data.acl_table_name, policy_type=data.type)
acl_dscp.config_service_policy_table(vars.D1, policy_kind="bind", interface_name=vars.D1T1P1, stage='in',
service_policy_name=data.acl_table_name, policy_type=data.type)
acl_dscp.config_service_policy_table(vars.D1, policy_kind="bind", interface_name=vars.D1T1P2, stage='in',
policy_type=data.type, service_policy_name=data.acl_table_name)
acl.create_acl_table(vars.D1, name="L3_IPV6_INGRESS", stage=data.stage, type="L3V6",
description="L3_IPV6_INGRESS", ports=[vars.D1T1P1])
def ipv4_acl_config():
st.log('Creating IPv4 ACL in ACL table:')
acl_obj.create_acl_table(vars.D1,
name=data.acl_ipv4_table_name,
type=data.type,
description=data.description,
stage=data.stage)
st.log('Adding IPv4 ACL source_ip drop rule in ACL rule table:')
acl_obj.create_acl_rule(vars.D1,
table_name=data.acl_ipv4_table_name,
rule_name=data.acl_rule,
packet_action=data.packet_action,
priority=data.priority,
SRC_IP="{}/{}".format(data.src_ip, data.mask))
def create_ACLtable_scale(dut, **kwargs):
"""
Author:
create_ACLtable_scale(dut=dut1,max_acl=1,aclName='ACL',direction ='INGRESS', acl_type='L3')
"""
result = True
if 'max_acl' in kwargs:
max_acl = kwargs['max_acl']
else:
max_acl = 1
if 'aclName' in kwargs:
aclName = kwargs['aclName']
else:
st.log('Mandatory parameter aclName is not found')
return False
if 'direction' in kwargs:
direction = kwargs['direction']
else:
direction = 'INGRESS'
if 'acl_type' in kwargs:
acl_type = kwargs['acl_type']
else:
acl_type = 'L3'
st.log('creating ACL tables ')
for i in range(max_acl):
result = acl_obj.create_acl_table(dut=dut,
name=aclName + str(i),
stage=direction,
type=acl_type,
description="Testing acl scale")
return result
def ipv6_acl_config():
st.log('Creating IPv6 ACL in ACL table:')
acl_obj.create_acl_table(vars.D1,
name=data.acl_ipv6_table_name,
type=data.type_ipv6,
description=data.description,
stage=data.stage,
ports=[vars.D1T1P1])
st.log('Adding IPv4 ACL source_ip drop rule in ACL rule table:')
acl_obj.create_acl_rule(vars.D1,
table_name=data.acl_ipv6_table_name,
acl_type="ipv6",
rule_name=data.acl_rule_v6,
packet_action=data.packet_action,
priority=data.priority,
SRC_IPV6="{}/{}".format(data.src_ipv6,
data.mask_ipv6))
def nat_pre_config():
global vars
vars = st.ensure_min_topology("D1T1:2")
platform = basic_obj.get_hwsku(vars.D1)
common_constants = st.get_datastore(vars.D1, "constants", "default")
if platform.lower() in common_constants['TH3_PLATFORMS']:
st.error("NAT is not supported for this platform {}".format(platform))
st.report_unsupported('NAT_unsupported_platform',platform)
global tg_handler, tg1, tg2, tg_ph_1, tg_ph_2, dut1_rt_int_mac, tg_str_data, tg_rt_int_handle
tg_handler = util_tg_init(vars, [vars.T1D1P1, vars.T1D1P2])
tg1 = tg_handler["tg"]
tg2 = tg_handler["tg"]
tg_ph_1 = tg_handler["tg_ph_1"]
tg_ph_2 = tg_handler["tg_ph_2"]
ip_obj.config_ip_addr_interface(vars.D1, vars.D1T1P1, data.in1_ip_addr, data.in1_ip_addr_mask, family=data.af_ipv4)
ip_obj.config_ip_addr_interface(vars.D1, vars.D1T1P2, data.out_ip_addr_l[0], data.out_ip_addr_mask, family=data.af_ipv4)
dut1_rt_int_mac = basic_obj.get_ifconfig_ether(vars.D1, vars.D1T1P1)
ip_obj.create_static_route(vars.D1, data.out_ip_addr_h,
"{}/{}".format(data.global_ip_addr_rt, data.global_ip_addr_mask),
shell=data.shell_vtysh, family=data.af_ipv4)
ip_obj.create_static_route(vars.D1, data.in1_ip_addr_h[0], "{}/{}".format(data.s_global_ip_rt, data.s_global_ip_mask))
tg_rt_int_handle = util_tg_routing_int_config(vars, tg1, tg2, tg_ph_1, tg_ph_2)
st.log("NAT Configuration")
nat_obj.config_nat_feature(vars.D1, 'enable')
util_nat_zone_config(vars, [vars.D1T1P1, vars.D1T1P2], [data.zone_1, data.zone_2], config=data.config_add)
nat_obj.config_nat_static(vars.D1, protocol=data.proto_all, global_ip=data.out_ip_addr_l[0],
local_ip=data.in1_ip_addr_h[0], config=data.config_add, nat_type=data.nat_type_dnat)
nat_obj.config_nat_static(vars.D1, protocol=data.proto_tcp, global_ip=data.out_ip_addr_l[1],
local_ip=data.in1_ip_addr_h[1],
local_port_id=data.tcp_src_local_port, global_port_id=data.tcp_src_global_port,
config=data.config_add, nat_type=data.nat_type_dnat)
nat_obj.config_nat_static(vars.D1, protocol=data.proto_udp, global_ip=data.in1_ip_addr_h[2],
local_ip=data.out_ip_addr_l[2],
local_port_id=data.udp_src_global_port, global_port_id=data.udp_src_local_port,
config=data.config_add, nat_type=data.nat_type_snat)
nat_obj.config_nat_static(vars.D1, protocol=data.proto_all, global_ip=data.s_global_ip, local_ip=data.s_local_ip,
config=data.config_add, nat_type=data.nat_type_snat)
nat_obj.config_nat_static(vars.D1,protocol=data.proto_all,global_ip=data.out_ip_addr_l[3],local_ip=data.in1_ip_addr_h[3],
config=data.config_add,nat_type=data.nat_type_dnat,twice_nat_id=data.twice_nat_id_1)
nat_obj.config_nat_static(vars.D1, protocol=data.proto_all, global_ip=data.global_ip_addr,
local_ip=data.test_ip_addr,
config=data.config_add, nat_type=data.nat_type_snat, twice_nat_id=data.twice_nat_id_1)
# dynamic NAT config
st.log("Creating NAT Pool-1")
nat_obj.config_nat_pool(vars.D1, pool_name=data.pool_name[0], global_ip_range=data.out_ip_range,
global_port_range= data.global_port_range, config=data.config_add)
nat_obj.config_nat_pool(vars.D1, pool_name="scale_pool", global_ip_range="125.56.90.23-125.56.90.30",
global_port_range="1001-8001", config=data.config_add)
st.log("Creating NAT Pool binding")
nat_obj.config_nat_pool_binding(vars.D1, binding_name=data.bind_name[0], pool_name=data.pool_name[0],
config=data.config_add)
st.log("Creating NAT Pool-2")
nat_obj.config_nat_pool(vars.D1, pool_name=data.pool_name[1], global_ip_range=data.out2_ip_range,
config=data.config_add)
st.log("Creating NAT Pool-2 binding")
nat_obj.config_nat_pool_binding(vars.D1, binding_name=data.bind_name[1], pool_name=data.pool_name[1],
config=data.config_add)
# nat acl for ingress traffic
acl_obj.create_acl_table(vars.D1, name=data.acl_table_in_nat_eg, stage="INGRESS", type=data.type,
description="ingress-acl", ports=[vars.D1T1P1])
acl_obj.create_acl_rule(vars.D1, table_name=data.acl_table_in_nat_eg, rule_name="rule-32", packet_action=data.packet_forward_action,
SRC_IP="{}/{}".format(data.in1_ip_addr_rt, data.in1_ip_addr_mask), priority='98', type=data.type, ip_protocol="4")
acl_obj.create_acl_rule(vars.D1, table_name=data.acl_table_in_nat_eg, rule_name="rule-33",
packet_action=data.packet_do_not_nat_action,
SRC_IP="{}/{}".format('14.1.0.1', data.mask), priority='97', type=data.type, ip_protocol="4")
# Checking arp table for debugging
arp_obj.show_arp(vars.D1)
ip_obj.show_ip_route(vars.D1)
# Clearing all interface counters for debugging purpose
intf_obj.clear_interface_counters(vars.D1)
tg_str_data = util_tg_stream_config(tg1, tg2, tg_ph_1, tg_ph_2)
def test_fuctPBR_02():
global description
global descriptionv6
global vars
vars = st.get_testbed_vars()
final_result = True
description = 'IPv4_ACL_redirect_NH'
descriptionv6 = 'IPv6_ACL_redirect_NH'
st.log(
'This test covers StSoSeConf014 StSoSeConf015 StSoSeVer014 StSoSeVer015'
)
st.log('creating IPv4 static route')
ipfeature.create_static_route(dut1,
static_ip=srpIP,
next_hop=nextHop_ip,
shell='')
ipfeature.create_static_route(dut1,
static_ip=srpIPv6,
next_hop=nextHop_ipv6,
shell='',
family='ipv6')
st.log(
'creating IPv4 ACL table and binding to the ports in Ingress direction'
)
acl_obj.create_acl_table(dut1,
name=acl_table_name,
stage=stage,
type=type,
description=description,
ports=[r1_tg_ports1])
acl_obj.create_acl_table(dut1,
name=acl_table_namev6,
stage=stage,
type=typev6,
description=descriptionv6,
ports=[r1_tg_ports1])
st.log(
'Creating ACL rules with src_ip dst_ip port and action as forward drop'
)
acl_obj.create_acl_rule(dut1,
table_name=acl_table_name,
rule_name=rule_list[0],
priority=priority_list[0],
packet_action=pktAction + nextHop_ip + '|' +
r1_tg_ports2,
SRC_IP="{}/{}".format(srpIP, maskACL),
DST_IP="{}/{}".format(dstIP, maskACL))
acl_obj.create_acl_rule(dut1,
table_name=acl_table_name,
rule_name=rule_list[9],
priority=priority_list[9],
packet_action='drop',
IP_TYPE='ipv4any')
acl_obj.create_acl_rule(dut1,
table_name=acl_table_namev6,
rule_name=rule_list[0],
priority=priority_list[0],
packet_action=pktAction + nextHop_ipv6 + '|' +
r1_tg_ports2,
SRC_IPV6="{}/{}".format(srpIPv6, '128'),
DST_IPV6="{}/{}".format(dstIPv6, '128'))
acl_obj.create_acl_rule(dut1,
table_name=acl_table_namev6,
rule_name=rule_list[9],
priority=priority_list[9],
packet_action='drop',
IP_TYPE='ipv6any')
#acl_obj.create_acl_rule(dut1, table_name=acl_table_name, rule_name=rule_list[0],priority=priority_list[0], packet_action=pktAction+nextHop_ip+'|'+r1_tg_ports2, SRC_IP="{}/{}".format(srpIP, maskACL),DST_IP="{}/{}".format(dstIP, maskACL))
start_stop_traffic(tg1, tg2, tg_dut1_p1_handle, tg_dut1_p2_handle)
traffic_details = {
'1': {
'tx_ports': [vars.T1D1P1],
'tx_obj': [tg1],
'exp_ratio': [[1, 0, 1, 0]],
'rx_ports': [vars.T1D1P2],
'rx_obj': [tg2],
'stream_list': [[stream_id1, stream_id2, stream_id3, stream_id4]]
}
}
test1 = tgapi.validate_tgen_traffic(traffic_details=traffic_details,
mode='streamblock',
comp_type='packet_count')
if test1 is False:
st.error("Traffic Verification Failed")
final_result = False
t1 = acl_obj.verify_acl_stats(dut1,
table_name=acl_table_name,
rule_name=rule_list[0],
packet_count=expCount)
t2 = acl_obj.verify_acl_stats(dut1,
table_name=acl_table_name,
rule_name=rule_list[9],
packet_count=expCount)
t3 = acl_obj.verify_acl_stats(dut1,
table_name=acl_table_namev6,
rule_name=rule_list[0],
packet_count=expCount)
t4 = acl_obj.verify_acl_stats(dut1,
table_name=acl_table_namev6,
rule_name=rule_list[9],
packet_count=int(expCount) + 16)
if False in list(set([t1, t2, t3, t4])):
tc = [t1, t2, t3, t4].index(False)
print("TC failed for rule : " + str((tc + 1)))
st.error("ACL stats validation Failed")
final_result = False
else:
st.log('ACL stats validation Passed')
st.log('Deleting IPv4/v6 static route')
ipfeature.delete_static_route(dut1,
static_ip=srpIP,
next_hop=nextHop_ip,
shell='')
ipfeature.delete_static_route(dut1,
static_ip=srpIPv6,
next_hop=nextHop_ipv6,
shell='',
family='ipv6')
st.log('Removing the ACL table config')
acl_obj.delete_acl_table(dut=dut1, acl_table_name=acl_table_name)
acl_obj.delete_acl_table(dut=dut1, acl_table_name=acl_table_namev6)
if final_result:
st.log(
"PBR-Test:Validation of PBR REDIRECT_TO_Next-Hop interface Passed")
st.report_pass('test_case_passed')
else:
st.error(
"PBR-Test : Validation of PBR REDIRECT_TO_Next-Hop interface failed"
)
st.report_fail('test_case_failed')