def test_unicast_ip_incorrect_eth_dst(do_test, ptfadapter, duthost, setup, tx_dut_ports, pkt_fields, eth_dst, ports_info): """ @summary: Create packets with multicast/broadcast ethernet dst. """ if "vlan" in tx_dut_ports[ports_info["dut_iface"]].lower(): pytest.skip("Test case is not supported on VLAN interface") log_pkt_params(ports_info["dut_iface"], eth_dst, ports_info["src_mac"], pkt_fields["ipv4_dst"], pkt_fields["ipv4_src"]) pkt = testutils.simple_tcp_packet( eth_dst=eth_dst, # DUT port eth_src=ports_info["src_mac"], # PTF port ip_src=pkt_fields["ipv4_src"], # PTF source ip_dst=pkt_fields["ipv4_dst"], tcp_sport=pkt_fields["tcp_sport"], tcp_dport=pkt_fields["tcp_dport"] ) do_test("L3", pkt, ptfadapter, duthost, ports_info, setup["neighbor_sniff_ports"], tx_dut_ports)
def test_broken_ip_header(ptfadapter, duthost, setup, tx_dut_ports, pkt_fields, pkt_field, value, ports_info): """ @summary: Verify that packets with broken IP header are dropped and L3 drop counter incremented """ log_pkt_params(ports_info["dut_iface"], ports_info["dst_mac"], ports_info["src_mac"], pkt_fields["ipv4_dst"], pkt_fields["ipv4_src"]) pkt = testutils.simple_tcp_packet( eth_dst=ports_info["dst_mac"], # DUT port eth_src=ports_info["src_mac"], # PTF port ip_src=pkt_fields["ipv4_src"], # PTF source ip_dst=pkt_fields["ipv4_dst"], tcp_sport=pkt_fields["tcp_sport"], tcp_dport=pkt_fields["tcp_dport"]) setattr(pkt[testutils.scapy.scapy.all.IP], pkt_field, value) do_test("L3", pkt, ptfadapter, duthost, ports_info, setup["neighbor_sniff_ports"], tx_dut_ports)
def test_ip_pkt_with_expired_ttl(do_test, ptfadapter, setup, tx_dut_ports, pkt_fields, ports_info): """ @summary: Create an IP packet with TTL=0. """ log_pkt_params(ports_info["dut_iface"], ports_info["dst_mac"], ports_info["src_mac"], pkt_fields["ipv4_dst"], pkt_fields["ipv4_src"]) pkt = testutils.simple_tcp_packet( eth_dst=ports_info["dst_mac"], # DUT port eth_src=ports_info["src_mac"], # PTF port ip_src=pkt_fields["ipv4_src"], # PTF source ip_dst=pkt_fields["ipv4_dst"], # VM IP address tcp_sport=pkt_fields["tcp_sport"], tcp_dport=pkt_fields["tcp_dport"], ip_ttl=0) do_test("L3", pkt, ptfadapter, ports_info, setup["neighbor_sniff_ports"], tx_dut_ports)
def test_src_ip_is_class_e(do_test, ptfadapter, duthost, setup, tx_dut_ports, pkt_fields, ports_info): """ @summary: Create a packet with source IP address in class E. """ ip_list = ["240.0.0.1", "255.255.255.254"] for ip_class_e in ip_list: log_pkt_params(ports_info["dut_iface"], ports_info["dst_mac"], ports_info["src_mac"], pkt_fields["ipv4_dst"], ip_class_e) pkt = testutils.simple_tcp_packet( eth_dst=ports_info["dst_mac"], # DUT port eth_src=ports_info["src_mac"], # PTF port ip_src=ip_class_e, ip_dst=pkt_fields["ipv4_dst"], # VM source tcp_sport=pkt_fields["tcp_sport"], tcp_dport=pkt_fields["tcp_dport"]) do_test("L3", pkt, ptfadapter, duthost, ports_info, setup["neighbor_sniff_ports"], tx_dut_ports)
def test_src_ip_is_loopback_addr(do_test, ptfadapter, setup, tx_dut_ports, pkt_fields, ports_info): """ @summary: Create a packet with loopback source IP adress. """ ip_src = "127.0.0.1" log_pkt_params(ports_info["dut_iface"], ports_info["dst_mac"], ports_info["src_mac"], pkt_fields["ipv4_dst"], ip_src) pkt = testutils.simple_tcp_packet( eth_dst=ports_info["dst_mac"], # DUT port eth_src=ports_info["src_mac"], # PTF port ip_src=ip_src, # PTF source ip_dst=pkt_fields["ipv4_dst"], # VM source tcp_sport=pkt_fields["tcp_sport"], tcp_dport=pkt_fields["tcp_dport"]) do_test("L3", pkt, ptfadapter, ports_info, setup["neighbor_sniff_ports"], tx_dut_ports)
def test_ip_pkt_with_expired_ttl(ptfadapter, duthost, setup, tx_dut_ports, pkt_fields, ports_info): """ @summary: Verify that IP packet with TTL=0 is dropped and L3 drop counter incremented """ log_pkt_params(ports_info["dut_iface"], ports_info["dst_mac"], ports_info["src_mac"], pkt_fields["ipv4_dst"], pkt_fields["ipv4_src"]) pkt = testutils.simple_tcp_packet( eth_dst=ports_info["dst_mac"], # DUT port eth_src=ports_info["src_mac"], # PTF port ip_src=pkt_fields["ipv4_src"], # PTF source ip_dst=pkt_fields["ipv4_dst"], # VM IP address tcp_sport=pkt_fields["tcp_sport"], tcp_dport=pkt_fields["tcp_dport"], ip_ttl=0) do_test("L3", pkt, ptfadapter, duthost, ports_info, setup["neighbor_sniff_ports"], tx_dut_ports)
def test_broken_ip_header(do_test, ptfadapter, setup, tx_dut_ports, pkt_fields, pkt_field, value, ports_info): """ @summary: Create a packet with broken IP header. """ log_pkt_params(ports_info["dut_iface"], ports_info["dst_mac"], ports_info["src_mac"], pkt_fields["ipv4_dst"], pkt_fields["ipv4_src"]) pkt = testutils.simple_tcp_packet( eth_dst=ports_info["dst_mac"], # DUT port eth_src=ports_info["src_mac"], # PTF port ip_src=pkt_fields["ipv4_src"], # PTF source ip_dst=pkt_fields["ipv4_dst"], tcp_sport=pkt_fields["tcp_sport"], tcp_dport=pkt_fields["tcp_dport"]) setattr(pkt[testutils.scapy.scapy.all.IP], pkt_field, value) do_test("L3", pkt, ptfadapter, ports_info, setup["neighbor_sniff_ports"], tx_dut_ports)
def test_dst_ip_is_loopback_addr(ptfadapter, duthost, setup, pkt_fields, tx_dut_ports, ports_info): """ @summary: Verify that packet with loopback destination IP adress is dropped and L3 drop counter incremented """ ip_dst = "127.0.0.1" log_pkt_params(ports_info["dut_iface"], ports_info["dst_mac"], ports_info["src_mac"], ip_dst, pkt_fields["ipv4_src"]) pkt = testutils.simple_tcp_packet( eth_dst=ports_info["dst_mac"], # DUT port eth_src=ports_info["src_mac"], # PTF port ip_src=pkt_fields["ipv4_src"], # PTF source ip_dst=ip_dst, # VM source tcp_sport=pkt_fields["tcp_sport"], tcp_dport=pkt_fields["tcp_dport"]) do_test("L3", pkt, ptfadapter, duthost, ports_info, setup["neighbor_sniff_ports"], tx_dut_ports)
def test_dst_ip_absent(do_test, ptfadapter, duthosts, rand_one_dut_hostname, setup, tx_dut_ports, pkt_fields, ports_info): """ @summary: Create a packet with absent destination IP address. """ duthost = duthosts[rand_one_dut_hostname] log_pkt_params(ports_info["dut_iface"], ports_info["dst_mac"], ports_info["src_mac"], "", pkt_fields["ipv4_src"]) pkt = testutils.simple_tcp_packet( eth_dst=ports_info["dst_mac"], # DUT port eth_src=ports_info["src_mac"], # PTF port ip_src=pkt_fields["ipv4_src"], # PTF source ip_dst="", # VM source tcp_sport=pkt_fields["tcp_sport"], tcp_dport=pkt_fields["tcp_dport"]) do_test("L3", pkt, ptfadapter, duthost, ports_info, setup["neighbor_sniff_ports"], tx_dut_ports)
def generate_and_verify_traffic(duthost, ptfadapter, tbinfo, ip_dst, expected_ports, ipv6=False): if ipv6: pkt = testutils.simple_tcpv6_packet( eth_dst=duthost.facts["router_mac"], eth_src=ptfadapter.dataplane.get_mac(0, 0), ipv6_src='2001:db8:85a3::8a2e:370:7334', ipv6_dst=ip_dst, ipv6_hlim=64, tcp_sport=1234, tcp_dport=4321) else: pkt = testutils.simple_tcp_packet(eth_dst=duthost.facts["router_mac"], eth_src=ptfadapter.dataplane.get_mac( 0, 0), ip_src='1.1.1.1', ip_dst=ip_dst, ip_ttl=64, tcp_sport=1234, tcp_dport=4321) exp_pkt = pkt.copy() exp_pkt = mask.Mask(exp_pkt) exp_pkt.set_do_not_care_scapy(packet.Ether, 'dst') exp_pkt.set_do_not_care_scapy(packet.Ether, 'src') if ipv6: exp_pkt.set_do_not_care_scapy(packet.IPv6, 'hlim') exp_pkt.set_do_not_care_scapy(packet.IPv6, 'chksum') else: exp_pkt.set_do_not_care_scapy(packet.IP, 'ttl') exp_pkt.set_do_not_care_scapy(packet.IP, 'chksum') ptf_t1_intf = random.choice(get_t1_ptf_ports(duthost, tbinfo)) ptf_t1_intf_index = int(ptf_t1_intf.strip("eth")) ptfadapter.dataplane.flush() testutils.send(ptfadapter, ptf_t1_intf_index, pkt) testutils.verify_packet_any_port(ptfadapter, exp_pkt, ports=expected_ports)
def test_absent_ip_header(do_test, ptfadapter, duthost, setup, tx_dut_ports, pkt_fields, ports_info): """ @summary: Create packets with absent IP header. """ log_pkt_params(ports_info["dut_iface"], ports_info["dst_mac"], ports_info["src_mac"], pkt_fields["ipv4_dst"], pkt_fields["ipv4_src"]) pkt = testutils.simple_tcp_packet( eth_dst=ports_info["dst_mac"], # DUT port eth_src=ports_info["src_mac"], # PTF port ip_src=pkt_fields["ipv4_src"], # PTF source ip_dst=pkt_fields["ipv4_dst"], tcp_sport=pkt_fields["tcp_sport"], tcp_dport=pkt_fields["tcp_dport"] ) tcp = pkt[testutils.scapy.scapy.all.TCP] del pkt[testutils.scapy.scapy.all.IP] pkt.type = 0x800 pkt = pkt/tcp do_test("L3", pkt, ptfadapter, duthost, ports_info, setup["neighbor_sniff_ports"], tx_dut_ports)
def test_egress_drop_on_down_link(do_test, ptfadapter, duthost, setup, tx_dut_ports, pkt_fields, rif_port_down, ports_info): """ @summary: Verify that packets on ingress port are dropped when egress RIF link is down and check that L3 drop counter incremented """ ip_dst = rif_port_down log_pkt_params(ports_info["dut_iface"], ports_info["dst_mac"], ports_info["src_mac"], ip_dst, pkt_fields["ipv4_src"]) pkt = testutils.simple_tcp_packet( eth_dst=ports_info["dst_mac"], # DUT port eth_src=ports_info["src_mac"], # PTF port ip_src=pkt_fields["ipv4_src"], # PTF source ip_dst=ip_dst, tcp_sport=pkt_fields["tcp_sport"], tcp_dport=pkt_fields["tcp_dport"]) do_test("L3", pkt, ptfadapter, duthost, ports_info, setup["neighbor_sniff_ports"], tx_dut_ports)
def test_multicast_smac_drop(ptfadapter, duthost, setup, pkt_fields, ports_info): """ @summary: Verify that packet with multicast SMAC is dropped and L2 drop counter incremented """ multicast_smac = "01:00:5e:00:01:02" log_pkt_params(ports_info["dut_iface"], ports_info["dst_mac"], multicast_smac, pkt_fields["ipv4_dst"], pkt_fields["ipv4_src"]) pkt = testutils.simple_tcp_packet( eth_dst=ports_info["dst_mac"], # DUT port eth_src=multicast_smac, ip_src=pkt_fields["ipv4_src"], # PTF source ip_dst=pkt_fields["ipv4_dst"], # VM source tcp_sport=pkt_fields["tcp_sport"], tcp_dport=pkt_fields["tcp_dport"]) do_test("L2", pkt, ptfadapter, duthost, ports_info["ptf_tx_port_id"], ports_info["dut_iface"], setup["neighbor_sniff_ports"])
def test_dst_ip_link_local(do_test, ptfadapter, duthost, setup, tx_dut_ports, pkt_fields, ports_info): """ @summary: Create a packet with link-local address "169.254.0.0/16". """ link_local_ip = "169.254.10.125" pkt_params = { "eth_dst": ports_info["dst_mac"], # DUT port "eth_src": ports_info["src_mac"], # PTF port "tcp_sport": pkt_fields["tcp_sport"], "tcp_dport": pkt_fields["tcp_dport"] } pkt_params["ip_src"] = pkt_fields["ipv4_src"] # VM source pkt_params["ip_dst"] = link_local_ip pkt = testutils.simple_tcp_packet(**pkt_params) logger.info(pkt_params) do_test("L3", pkt, ptfadapter, duthost, ports_info, setup["neighbor_sniff_ports"], tx_dut_ports)
def generate_from_t1_to_server(self): """ @summary: Generate (not send) the packets to be sent from T1 to server """ eth_dst = self.dut_mac eth_src = self.ptfadapter.dataplane.get_mac(0, 0) ip_dst = DOWNSTREAM_DST_IP ip_ttl = 255 tcp_dport = TCP_DST_PORT if self.tor_port: self.from_tor_src_port = self.tor_port else: self.from_tor_src_port = random.choice(self.port_channel_ports) logger.info("-" * 20 + "T1 to server packet" + "-" * 20) logger.info("Ethernet address: dst: {} src: {}".format( eth_dst, eth_src)) logger.info("IP address: dst: {} src: random".format(ip_dst)) logger.info("TCP port: dst: {}".format(tcp_dport)) logger.info("DUT mac: {}".format(self.dut_mac)) logger.info("VLAN mac: {}".format(self.vlan_mac)) logger.info("-" * 50) self.packets_list = [] for i in range(self.packets_to_send): tcp_tx_packet = testutils.simple_tcp_packet( eth_dst=eth_dst, eth_src=eth_src, ip_dst=ip_dst, ip_src=self.random_host_ip(), ip_ttl=ip_ttl, tcp_dport=tcp_dport) payload = str(i) + 'X' * 60 packet = scapyall.Ether(str(tcp_tx_packet)) packet.load = payload self.packets_list.append((self.from_tor_src_port, str(packet))) self.sent_pkt_dst_mac = self.dut_mac self.received_pkt_src_mac = self.vlan_mac
def test_l2_trunk_to_trunk_vlan(npu, dataplane): """ Description: Check trunk to trunk VLAN members forwarding Test scenario: 1. Create a VLAN 10 2. Add two ports as tagged members to the VLAN 3. Setup static FDB entries for port 1 and port 2 4. Send a simple vlan tag (10) packet on port 1 and verify packet on port 2 5. Clean up configuration """ vlan_id = "10" macs = ['00:11:11:11:11:11', '00:22:22:22:22:22'] vlan_oid = npu.create(SaiObjType.VLAN, ["SAI_VLAN_ATTR_VLAN_ID", vlan_id]) vlan_member1 = npu.create_vlan_member(vlan_oid, npu.dot1q_bp_oids[0], "SAI_VLAN_TAGGING_MODE_TAGGED") vlan_member2 = npu.create_vlan_member(vlan_oid, npu.dot1q_bp_oids[1], "SAI_VLAN_TAGGING_MODE_TAGGED") npu.create_fdb(vlan_oid, macs[0], npu.dot1q_bp_oids[0]) npu.create_fdb(vlan_oid, macs[1], npu.dot1q_bp_oids[1]) try: if npu.run_traffic: pkt = simple_tcp_packet(eth_dst=macs[1], eth_src=macs[0], dl_vlan_enable=True, vlan_vid=10, ip_dst='10.0.0.1', ip_id=101, ip_ttl=64) send_packet(dataplane, 0, pkt) verify_packets(dataplane, pkt, [1]) finally: npu.flush_fdb_entries(["SAI_FDB_FLUSH_ATTR_BV_ID", vlan_oid]) npu.remove(vlan_member1) npu.remove(vlan_member2) npu.remove(vlan_oid)
def test_src_ip_is_multicast_addr(do_test, ptfadapter, duthosts, rand_one_dut_hostname, setup, tx_dut_ports, pkt_fields, ip_addr, ports_info): """ @summary: Create a packet with multicast source IP adress. """ duthost = duthosts[rand_one_dut_hostname] ip_src = None if ip_addr == "ipv4": ip_src = "224.0.0.5" pkt = testutils.simple_tcp_packet( eth_dst=ports_info["dst_mac"], # DUT port eth_src=ports_info["src_mac"], # PTF port ip_src=ip_src, ip_dst=pkt_fields["ipv4_dst"], # VM source tcp_sport=pkt_fields["tcp_sport"], tcp_dport=pkt_fields["tcp_dport"]) elif ip_addr == "ipv6": if not pkt_fields["ipv6_dst"]: pytest.skip("BGP neighbour with IPv6 addr was not found") ip_src = "FF02:AAAA:FEE5::1:3" pkt = testutils.simple_tcpv6_packet( eth_dst=ports_info["dst_mac"], # DUT port eth_src=ports_info["src_mac"], # PTF port ipv6_src=ip_src, ipv6_dst=pkt_fields["ipv6_dst"], # VM source tcp_sport=pkt_fields["tcp_sport"], tcp_dport=pkt_fields["tcp_dport"]) else: pytest.fail( "Incorrect value specified for 'ip_addr' test parameter. Supported parameters: 'ipv4' and 'ipv6'" ) log_pkt_params(ports_info["dut_iface"], ports_info["dst_mac"], ports_info["src_mac"], pkt_fields["ipv4_dst"], ip_src) do_test("L3", pkt, ptfadapter, duthost, ports_info, setup["neighbor_sniff_ports"], tx_dut_ports)
def test_not_expected_vlan_tag_drop(do_test, duthosts, rand_one_dut_hostname, ptfadapter, setup, pkt_fields, ports_info): """ @summary: Create a VLAN tagged packet which VLAN ID does not match ingress port VLAN ID. """ duthost = duthosts[rand_one_dut_hostname] if "mellanox" == duthost.facts["asic_type"]: pytest.SKIP_COUNTERS_FOR_MLNX = True start_vlan_id = 2 log_pkt_params(ports_info["dut_iface"], ports_info["dst_mac"], ports_info["src_mac"], pkt_fields["ipv4_dst"], pkt_fields["ipv4_src"]) max_vlan_id = 1000 upper_bound = max(setup["vlans"]) if setup["vlans"] else max_vlan_id for interim in range(start_vlan_id, upper_bound): if interim not in setup["vlans"]: vlan_id = interim break else: pytest.fail( "Unable to generate unique not yet existed VLAN ID. Already configured VLANs range {}-{}" .format(start_vlan_id, upper_bound)) pkt = testutils.simple_tcp_packet( eth_dst=ports_info["dst_mac"], # DUT port eth_src=ports_info["src_mac"], # PTF port ip_src=pkt_fields["ipv4_src"], # PTF source ip_dst=pkt_fields["ipv4_dst"], # VM source tcp_sport=pkt_fields["tcp_sport"], tcp_dport=pkt_fields["tcp_dport"], dl_vlan_enable=True, vlan_vid=vlan_id, ) group = "L2" # DNX platform DROP counters are not there yet if setup.get("platform_asic") == "broadcom-dnx": group = "NO_DROPS" do_test(group, pkt, ptfadapter, ports_info, setup["neighbor_sniff_ports"])
def generate_from_server_to_t1(self): """ @summary: Generate (not send) the packets to be sent from server to T1 """ eth_src = self.ptfadapter.dataplane.get_mac(0, 0) if self.tor_vlan_port: from_server_src_port = self.tor_vlan_port else: from_server_src_port = random.choice(self.vlan_ports.values()) self.from_server_src_addr = random.choice( self.vlan_host_map[from_server_src_port]) self.from_server_dst_addr = self.random_host_ip() tcp_dport = TCP_DST_PORT tcp_tx_packet = testutils.simple_tcp_packet( eth_dst=self.vlan_mac, eth_src=eth_src, ip_src=self.from_server_src_addr, ip_dst=self.from_server_dst_addr, tcp_dport=tcp_dport) logger.info("-" * 20 + "Server to T1 packet" + "-" * 20) logger.info("Source port: {}".format(from_server_src_port)) logger.info("Ethernet address: dst: {} src: {}".format( self.vlan_mac, eth_src)) logger.info("IP address: dst: {} src: {}".format( self.from_server_dst_addr, self.from_server_src_addr)) logger.info("TCP port: dst: {} src: 1234".format(tcp_dport)) logger.info("Active ToR MAC: {}, Standby ToR MAC: {}".format( self.active_mac, self.standby_mac)) logger.info("VLAN MAC: {}".format(self.vlan_mac)) logger.info("-" * 50) self.packets_list = [] for i in range(self.packets_to_send): payload = str(i) + 'X' * 60 packet = scapyall.Ether(str(tcp_tx_packet)) packet.load = payload self.packets_list.append((from_server_src_port, str(packet))) self.sent_pkt_dst_mac = self.vlan_mac self.received_pkt_src_mac = [self.active_mac, self.standby_mac]
def test_no_egress_drop_on_down_link(do_test, ptfadapter, duthosts, rand_one_dut_hostname, setup, tx_dut_ports, pkt_fields, rif_port_down, ports_info): """ @summary: Verify that packets on ingress port are not dropped when egress RIF link is down and check that drop counters not incremented """ duthost = duthosts[rand_one_dut_hostname] ip_dst = rif_port_down log_pkt_params(ports_info["dut_iface"], ports_info["dst_mac"], ports_info["src_mac"], ip_dst, pkt_fields["ipv4_src"]) arp_info = duthost.shell("show arp")["stdout"] pytest_assert(ip_dst not in arp_info.split(), "ARP entry is not cleared") pkt = testutils.simple_tcp_packet( eth_dst=ports_info["dst_mac"], # DUT port eth_src=ports_info["src_mac"], # PTF port ip_src=pkt_fields["ipv4_src"], # PTF source ip_dst=ip_dst, tcp_sport=pkt_fields["tcp_sport"], tcp_dport=pkt_fields["tcp_dport"] ) do_test("NO_DROPS", pkt, ptfadapter, duthost, ports_info, setup["neighbor_sniff_ports"], tx_dut_ports)
def test_reserved_dmac_drop(do_test, ptfadapter, duthosts, rand_one_dut_hostname, setup, fanouthost, pkt_fields, ports_info): """ @summary: Verify that packet with reserved DMAC is dropped and L2 drop counter incremented @used_mac_address: 01:80:C2:00:00:05 - reserved for future standardization 01:80:C2:00:00:08 - provider Bridge group address """ duthost = duthosts[rand_one_dut_hostname] if not fanouthost: pytest.skip("Test case requires explicit fanout support") reserved_mac_addr = ["01:80:C2:00:00:05", "01:80:C2:00:00:08"] for reserved_dmac in reserved_mac_addr: dst_mac = reserved_dmac if "mellanox" == duthost.facts["asic_type"]: pytest.skip("Currently not supported on Mellanox platform") dst_mac = "00:00:00:00:00:11" # Prepare openflow rule fanouthost.update_config(template_path=MELLANOX_MAC_UPDATE_SCRIPT, match_mac=dst_mac, set_mac=reserved_dmac, eth_field="eth_dst") log_pkt_params(ports_info["dut_iface"], ports_info["dst_mac"], reserved_dmac, pkt_fields["ipv4_dst"], pkt_fields["ipv4_src"]) pkt = testutils.simple_tcp_packet( eth_dst=dst_mac, # DUT port eth_src=ports_info["src_mac"], ip_src=pkt_fields["ipv4_src"], # PTF source ip_dst=pkt_fields["ipv4_dst"], # VM source tcp_sport=pkt_fields["tcp_sport"], tcp_dport=pkt_fields["tcp_dport"]) do_test("L2", pkt, ptfadapter, duthost, ports_info, setup["neighbor_sniff_ports"])
def test_src_ip_is_class_e(ptfadapter, duthost, setup, tx_dut_ports, pkt_fields, ports_info): """ @summary: Verify that packet with source IP address in class E is dropped and L3 drop counter incremented """ ip_list = ["240.0.0.1", "255.255.255.254"] for ip_class_e in ip_list: log_pkt_params(ports_info["dut_iface"], ports_info["dst_mac"], ports_info["src_mac"], pkt_fields["ipv4_dst"], ip_class_e) pkt = testutils.simple_tcp_packet( eth_dst=ports_info["dst_mac"], # DUT port eth_src=ports_info["src_mac"], # PTF port ip_src=ip_class_e, ip_dst=pkt_fields["ipv4_dst"], # VM source tcp_sport=pkt_fields["tcp_sport"], tcp_dport=pkt_fields["tcp_dport"]) do_test("L3", pkt, ptfadapter, duthost, ports_info["ptf_tx_port_id"], tx_dut_ports[ports_info["dut_iface"]], setup["neighbor_sniff_ports"])
def test_ip_pkt_with_exceeded_mtu(do_test, ptfadapter, duthosts, rand_one_dut_hostname, setup, tx_dut_ports, pkt_fields, mtu_config, ports_info): """ @summary: Verify that IP packet with exceeded MTU is dropped and L3 drop counter incremented """ duthost = duthosts[rand_one_dut_hostname] global L2_COL_KEY if "vlan" in tx_dut_ports[ports_info["dut_iface"]].lower(): pytest.skip("Test case is not supported on VLAN interface") tmp_port_mtu = 1500 log_pkt_params(ports_info["dut_iface"], ports_info["dst_mac"], ports_info["src_mac"], pkt_fields["ipv4_dst"], pkt_fields["ipv4_src"]) # Get the asic_index asic_index = ports_info["asic_index"] # Set temporal MTU. This will be restored by 'mtu' fixture mtu_config.set_mtu(tmp_port_mtu, tx_dut_ports[ports_info["dut_iface"]], asic_index) pkt = testutils.simple_tcp_packet( pktlen=9100, eth_dst=ports_info["dst_mac"], # DUT port eth_src=ports_info["src_mac"], # PTF port ip_src=pkt_fields["ipv4_src"], # PTF source ip_dst=pkt_fields["ipv4_dst"], # VM IP address tcp_sport=pkt_fields["tcp_sport"], tcp_dport=pkt_fields["tcp_dport"]) L2_COL_KEY = RX_ERR try: do_test("L2", pkt, ptfadapter, duthost, ports_info, setup["neighbor_sniff_ports"]) finally: L2_COL_KEY = RX_DRP
def test_equal_smac_dmac_drop(ptfadapter, duthost, setup, fanouthost, pkt_fields, ports_info): """ @summary: Verify that packet with equal SMAC and DMAC is dropped and L2 drop counter incremented """ log_pkt_params(ports_info["dut_iface"], ports_info["dst_mac"], ports_info["dst_mac"], pkt_fields["ipv4_dst"], pkt_fields["ipv4_src"]) src_mac = ports_info["dst_mac"] if "mellanox" == duthost.facts["asic_type"]: pytest.skip("Currently not supported on Mellanox platform") src_mac = "00:00:00:00:00:11" # Prepare openflow rule fanouthost.update_config(template_path=MELLANOX_MAC_UPDATE_SCRIPT, match_mac=src_mac, set_mac=ports_info["dst_mac"], eth_field="eth_src") pkt = testutils.simple_tcp_packet( eth_dst=ports_info["dst_mac"], # DUT port eth_src=src_mac, # PTF port ip_src=pkt_fields["ipv4_src"], # PTF source ip_dst=pkt_fields["ipv4_dst"], # VM source tcp_sport=pkt_fields["tcp_sport"], tcp_dport=pkt_fields["tcp_dport"]) do_test("L2", pkt, ptfadapter, duthost, ports_info, setup["neighbor_sniff_ports"])
def test_src_ip_link_local(do_test, ptfadapter, duthosts, rand_one_dut_hostname, setup, tx_dut_ports, pkt_fields, ports_info): """ @summary: Verify that packet with link-local address "169.254.0.0/16" is dropped and L3 drop counter incremented """ duthost = duthosts[rand_one_dut_hostname] link_local_ip = "169.254.10.125" pkt_params = { "eth_dst": ports_info["dst_mac"], # DUT port "eth_src": ports_info["src_mac"], # PTF port "tcp_sport": pkt_fields["tcp_sport"], "tcp_dport": pkt_fields["tcp_dport"] } pkt_params["ip_src"] = link_local_ip pkt_params["ip_dst"] = pkt_fields["ipv4_dst"] # VM source pkt = testutils.simple_tcp_packet(**pkt_params) logger.info(pkt_params) do_test("L3", pkt, ptfadapter, duthost, ports_info, setup["neighbor_sniff_ports"], tx_dut_ports)
def test_netdev_pkt(npu, dataplane, sai_hostif_obj): if not npu.libsaivs: pytest.skip("valid for saivs only") hostifs = { "100": "Ethernet0" } hostif_dataplane = npu.hostif_dataplane_start(hostifs) assert hostif_dataplane is not None pkt = simple_tcp_packet(eth_dst='00:00:00:11:11:11', eth_src='00:00:00:22:22:22', ip_dst='10.0.0.1', ip_id=102, ip_ttl=64) send_packet(dataplane, 0, pkt) npu.hostif_pkt_listen() verify_packets(hostif_dataplane, pkt, [100]) npu.hostif_dataplane_stop()
def test_dst_ip_link_local(do_test, ptfadapter, duthosts, rand_one_dut_hostname, setup, tx_dut_ports, pkt_fields, ports_info): """ @summary: Create a packet with link-local address "169.254.0.0/16". """ duthost = duthosts[rand_one_dut_hostname] asic_type = duthost.facts["asic_type"] pytest_require("broadcom" not in asic_type, "BRCM does not drop DIP link local packets") link_local_ip = "169.254.10.125" pkt_params = { "eth_dst": ports_info["dst_mac"], # DUT port "eth_src": ports_info["src_mac"], # PTF port "tcp_sport": pkt_fields["tcp_sport"], "tcp_dport": pkt_fields["tcp_dport"] } pkt_params["ip_src"] = pkt_fields["ipv4_src"] # VM source pkt_params["ip_dst"] = link_local_ip pkt = testutils.simple_tcp_packet(**pkt_params) logger.info(pkt_params) do_test("L3", pkt, ptfadapter, duthost, ports_info, setup["neighbor_sniff_ports"], tx_dut_ports)
def test_acl_drop(do_test, ptfadapter, duthosts, rand_one_dut_hostname, setup, tx_dut_ports, pkt_fields, acl_setup, ports_info): """ @summary: Verify that DUT drops packet with SRC IP 20.0.0.0/24 matched by ingress ACL and ACL drop counter incremented """ duthost = duthosts[rand_one_dut_hostname] acl_facts = duthost.acl_facts()["ansible_facts"]["ansible_acl_facts"] if 'DATAACL' not in acl_facts.keys(): pytest.skip( "Skipping test since DATAACL table is not supported on this platform" ) if tx_dut_ports[ ports_info["dut_iface"]] not in acl_facts["DATAACL"]["ports"]: pytest.skip("RX DUT port absent in 'DATAACL' table") ip_src = "20.0.0.5" log_pkt_params(ports_info["dut_iface"], ports_info["dst_mac"], ports_info["src_mac"], pkt_fields["ipv4_dst"], ip_src) pkt = testutils.simple_tcp_packet( eth_dst=ports_info["dst_mac"], # DUT port eth_src=ports_info["src_mac"], # PTF port ip_src=ip_src, ip_dst=pkt_fields["ipv4_dst"], tcp_sport=pkt_fields["tcp_sport"], tcp_dport=pkt_fields["tcp_dport"]) asic_index = ports_info["asic_index"] base_verification("ACL", pkt, ptfadapter, duthosts, asic_index, ports_info, tx_dut_ports) # Verify packets were not egresed the DUT exp_pkt = expected_packet_mask(pkt) exp_pkt.set_do_not_care_scapy(packet.IP, 'ip_src') testutils.verify_no_packet_any(ptfadapter, exp_pkt, ports=setup["neighbor_sniff_ports"])
def test_src_ip_is_class_e(do_test, ptfadapter, duthosts, rand_one_dut_hostname, setup, tx_dut_ports, pkt_fields, ports_info): """ @summary: Create a packet with source IP address in class E. """ duthost = duthosts[rand_one_dut_hostname] asic_type = duthost.facts["asic_type"] pytest_require("broadcom" not in asic_type, "BRCM does not drop SIP class E packets") ip_list = ["240.0.0.1", "255.255.255.254"] for ip_class_e in ip_list: log_pkt_params(ports_info["dut_iface"], ports_info["dst_mac"], ports_info["src_mac"], pkt_fields["ipv4_dst"], ip_class_e) pkt = testutils.simple_tcp_packet( eth_dst=ports_info["dst_mac"], # DUT port eth_src=ports_info["src_mac"], # PTF port ip_src=ip_class_e, ip_dst=pkt_fields["ipv4_dst"], # VM source tcp_sport=pkt_fields["tcp_sport"], tcp_dport=pkt_fields["tcp_dport"]) do_test("L3", pkt, ptfadapter, duthost, ports_info, setup["neighbor_sniff_ports"], tx_dut_ports)
def test_absent_ip_header(ptfadapter, duthost, setup, tx_dut_ports, pkt_fields, ports_info): """ @summary: Verify that packets with absent IP header are dropped and L3 drop counter incremented """ log_pkt_params(ports_info["dut_iface"], ports_info["dst_mac"], ports_info["src_mac"], pkt_fields["ipv4_dst"], pkt_fields["ipv4_src"]) pkt = testutils.simple_tcp_packet( eth_dst=ports_info["dst_mac"], # DUT port eth_src=ports_info["src_mac"], # PTF port ip_src=pkt_fields["ipv4_src"], # PTF source ip_dst=pkt_fields["ipv4_dst"], tcp_sport=pkt_fields["tcp_sport"], tcp_dport=pkt_fields["tcp_dport"]) tcp = pkt[testutils.scapy.scapy.all.TCP] del pkt[testutils.scapy.scapy.all.IP] pkt.type = 0x800 pkt = pkt / tcp do_test("L3", pkt, ptfadapter, duthost, ports_info["ptf_tx_port_id"], tx_dut_ports[ports_info["dut_iface"]], setup["neighbor_sniff_ports"])