def test_ip6_rx_p2p_subif(self): """receive ipv6 packet via p2p subinterface""" self.logger.info("FFP_TEST_START_0002") route_9001 = VppIpRoute(self, "9001::", 64, [ VppRoutePath(self.pg1.remote_ip6, self.pg1.sw_if_index, proto=DpoProto.DPO_PROTO_IP6) ], is_ip6=1) route_9001.add_vpp_config() self.packets.append( self.create_stream(src_mac=self.pg0._remote_hosts[0].mac, dst_mac=self.pg0.local_mac, src_ip=self.p2p_sub_ifs[0].remote_ip6, dst_ip="9001::100")) self.send_packets(self.pg0, self.pg1, self.packets) self.assert_packet_counter_equal('p2p-ethernet-input', 1) route_9001.remove_vpp_config() self.logger.info("FFP_TEST_FINISH_0002")
class QUICTestCase(VppTestCase): """ QUIC Test Case """ def setUp(self): super(QUICTestCase, self).setUp() var = "VPP_BUILD_DIR" self.build_dir = os.getenv(var, None) if self.build_dir is None: raise Exception("Environment variable `%s' not set" % var) self.vppDebug = 'vpp_debug' in self.build_dir self.timeout = 20 self.vapi.session_enable_disable(is_enabled=1) self.pre_test_sleep = 0.3 self.post_test_sleep = 0.2 self.create_loopback_interfaces(2) self.uri = "quic://%s/1234" % self.loop0.local_ip4 table_id = 1 for i in self.lo_interfaces: i.admin_up() if table_id != 0: tbl = VppIpTable(self, table_id) tbl.add_vpp_config() i.set_table_ip4(table_id) i.config_ip4() table_id += 1 # Configure namespaces self.vapi.app_namespace_add_del(namespace_id=b"server", sw_if_index=self.loop0.sw_if_index) self.vapi.app_namespace_add_del(namespace_id=b"client", sw_if_index=self.loop1.sw_if_index) # Add inter-table routes self.ip_t01 = VppIpRoute( self, self.loop1.local_ip4, 32, [VppRoutePath("0.0.0.0", 0xffffffff, nh_table_id=2)], table_id=1) self.ip_t10 = VppIpRoute( self, self.loop0.local_ip4, 32, [VppRoutePath("0.0.0.0", 0xffffffff, nh_table_id=1)], table_id=2) self.ip_t01.add_vpp_config() self.ip_t10.add_vpp_config() self.logger.debug(self.vapi.cli("show ip fib")) def tearDown(self): self.vapi.session_enable_disable(is_enabled=0) # Delete inter-table routes self.ip_t01.remove_vpp_config() self.ip_t10.remove_vpp_config() for i in self.lo_interfaces: i.unconfig_ip4() i.set_table_ip4(0) i.admin_down() super(QUICTestCase, self).tearDown()
def test_gre_loop(self): """ GRE tunnel loop Tests """ # # Create an L3 GRE tunnel. # - set it admin up # - assign an IP Addres # gre_if = VppGreInterface(self, self.pg0.local_ip4, "1.1.1.2") gre_if.add_vpp_config() gre_if.admin_up() gre_if.config_ip4() # # add a route to the tunnel's destination that points # through the tunnel, hence forming a loop in the forwarding # graph # route_dst = VppIpRoute(self, "1.1.1.2", 32, [VppRoutePath("0.0.0.0", gre_if.sw_if_index)]) route_dst.add_vpp_config() # # packets to the tunnels destination should be dropped # tx = self.create_stream_ip4(self.pg0, "1.1.1.1", "1.1.1.2") self.send_and_assert_no_replies(self.pg2, tx) self.logger.info(self.vapi.ppcli("sh adj 7")) # # break the loop # route_dst.modify([VppRoutePath(self.pg1.remote_ip4, self.pg1.sw_if_index)]) route_dst.add_vpp_config() rx = self.send_and_expect(self.pg0, tx, self.pg1) # # a good route throught the tunnel to check it restacked # route_via_tun_2 = VppIpRoute(self, "2.2.2.2", 32, [VppRoutePath("0.0.0.0", gre_if.sw_if_index)]) route_via_tun_2.add_vpp_config() tx = self.create_stream_ip4(self.pg0, "2.2.2.3", "2.2.2.2") rx = self.send_and_expect(self.pg0, tx, self.pg1) self.verify_tunneled_4o4(self.pg1, rx, tx, self.pg0.local_ip4, "1.1.1.2") # # cleanup # route_via_tun_2.remove_vpp_config() gre_if.remove_vpp_config()
def test_ip6_rx_p2p_subif_route(self): """route rx ip6 packet not matching p2p subinterface""" self.logger.info("FFP_TEST_START_0003") self.pg0.config_ip6() route_3 = VppIpRoute(self, "9000::", 64, [ VppRoutePath(self.pg1._remote_hosts[0].ip6, self.pg1.sw_if_index, proto=DpoProto.DPO_PROTO_IP6) ], is_ip6=1) route_3.add_vpp_config() self.packets.append( self.create_stream(src_mac="02:03:00:00:ff:ff", dst_mac=self.pg0.local_mac, src_ip="a000::100", dst_ip="9000::100")) self.send_packets(self.pg0, self.pg1) self.pg0.unconfig_ip6() route_3.remove_vpp_config() self.logger.info("FFP_TEST_FINISH_0003")
def test_ip6_rx_p2p_subif_route(self): """route rx ip6 packet not matching p2p subinterface""" self.logger.info("FFP_TEST_START_0003") self.pg0.config_ip6() route_3 = VppIpRoute(self, "9000::", 64, [VppRoutePath(self.pg1._remote_hosts[0].ip6, self.pg1.sw_if_index, proto=DpoProto.DPO_PROTO_IP6)], is_ip6=1) route_3.add_vpp_config() self.packets.append( self.create_stream(src_mac="02:03:00:00:ff:ff", dst_mac=self.pg0.local_mac, src_ip="a000::100", dst_ip="9000::100")) self.send_packets(self.pg0, self.pg1) self.pg0.unconfig_ip6() route_3.remove_vpp_config() self.logger.info("FFP_TEST_FINISH_0003")
def test_tcp_transfer(self): """ TCP echo client/server transfer """ # Add inter-table routes ip_t01 = VppIpRoute(self, self.loop1.local_ip4, 32, [VppRoutePath("0.0.0.0", 0xffffffff, nh_table_id=1)]) ip_t10 = VppIpRoute(self, self.loop0.local_ip4, 32, [VppRoutePath("0.0.0.0", 0xffffffff, nh_table_id=0)], table_id=1) ip_t01.add_vpp_config() ip_t10.add_vpp_config() # Start builtin server and client uri = "tcp://" + self.loop0.local_ip4 + "/1234" error = self.vapi.cli("test echo server appns 0 fifo-size 4 uri " + uri) if error: self.logger.critical(error) self.assertNotIn("failed", error) error = self.vapi.cli("test echo client mbytes 10 appns 1 " + "fifo-size 4 no-output test-bytes " + "syn-timeout 2 uri " + uri) if error: self.logger.critical(error) self.assertNotIn("failed", error) # Delete inter-table routes ip_t01.remove_vpp_config() ip_t10.remove_vpp_config()
def test_sctp_transfer(self): """ SCTP echo client/server transfer """ # Add inter-table routes ip_t01 = VppIpRoute( self, self.loop1.local_ip4, 32, [VppRoutePath("0.0.0.0", 0xffffffff, nh_table_id=1)]) ip_t10 = VppIpRoute( self, self.loop0.local_ip4, 32, [VppRoutePath("0.0.0.0", 0xffffffff, nh_table_id=0)], table_id=1) ip_t01.add_vpp_config() ip_t10.add_vpp_config() # Start builtin server and client uri = "sctp://" + self.loop0.local_ip4 + "/1234" error = self.vapi.cli("test echo server appns 0 fifo-size 4 " + "no-echo uri " + uri) if error: self.logger.critical(error) self.assertNotIn("failed", error) error = self.vapi.cli("test echo client mbytes 10 no-return " + " appns 1" + " fifo-size 4" + " no-output test-bytes syn-timeout 3" + " test-timeout 30" + " uri " + uri) if error: self.logger.critical(error) self.assertNotIn("failed", error) # Delete inter-table routes ip_t01.remove_vpp_config() ip_t10.remove_vpp_config()
def test_quic_transfer(self): """ QUIC echo client/server transfer """ # Add inter-table routes ip_t01 = VppIpRoute(self, self.loop1.local_ip4, 32, [VppRoutePath("0.0.0.0", 0xffffffff, nh_table_id=2)], table_id=1) ip_t10 = VppIpRoute(self, self.loop0.local_ip4, 32, [VppRoutePath("0.0.0.0", 0xffffffff, nh_table_id=1)], table_id=2) ip_t01.add_vpp_config() ip_t10.add_vpp_config() self.logger.debug(self.vapi.cli("show ip fib")) # Start builtin server and client uri = "quic://%s/1234" % self.loop0.local_ip4 error = self.vapi.cli("test echo server appns 1 fifo-size 4 uri %s" % uri) if error: self.logger.critical(error) self.assertNotIn("failed", error) error = self.vapi.cli("test echo client bytes 1024 appns 2 " + "fifo-size 4 test-bytes no-output " + "uri %s" % uri) self.logger.critical(error) if error: self.logger.critical(error) self.assertNotIn("failed", error) # Delete inter-table routes ip_t01.remove_vpp_config() ip_t10.remove_vpp_config()
def test_ip4_rx_p2p_subif_route(self): """route rx packet not matching p2p subinterface""" self.logger.info("FFP_TEST_START_0003") route_9001 = VppIpRoute( self, "9.0.0.0", 24, [VppRoutePath(self.pg1.remote_ip4, self.pg1.sw_if_index)], ) route_9001.add_vpp_config() self.packets.append( self.create_stream( src_mac="02:01:00:00:ff:ff", dst_mac=self.pg0.local_mac, src_ip="8.0.0.100", dst_ip="9.0.0.100", )) self.send_packets(self.pg0, self.pg1) route_9001.remove_vpp_config() self.logger.info("FFP_TEST_FINISH_0003")
def test_ip4_rx_p2p_subif(self): """receive ipv4 packet via p2p subinterface""" self.logger.info("FFP_TEST_START_0002") route_9000 = VppIpRoute( self, "9.0.0.0", 16, [VppRoutePath(self.pg1.remote_ip4, self.pg1.sw_if_index)], ) route_9000.add_vpp_config() self.packets.append( self.create_stream( src_mac=self.pg0._remote_hosts[0].mac, dst_mac=self.pg0.local_mac, src_ip=self.p2p_sub_ifs[0].remote_ip4, dst_ip="9.0.0.100", )) self.send_packets(self.pg0, self.pg1, self.packets) self.assert_packet_counter_equal("p2p-ethernet-input", 1) route_9000.remove_vpp_config() self.logger.info("FFP_TEST_FINISH_0002")
def test_udp_transfer(self): """ UDP echo client/server transfer """ # Add inter-table routes ip_t01 = VppIpRoute( self, self.loop1.local_ip4, 32, [VppRoutePath("0.0.0.0", 0xffffffff, nh_table_id=1)]) ip_t10 = VppIpRoute( self, self.loop0.local_ip4, 32, [VppRoutePath("0.0.0.0", 0xffffffff, nh_table_id=0)], table_id=1) ip_t01.add_vpp_config() ip_t10.add_vpp_config() # Start builtin server and client uri = "udp://" + self.loop0.local_ip4 + "/1234" error = self.vapi.cli("test echo server appns 0 fifo-size 4 no-echo" + "uri " + uri) if error: self.logger.critical(error) self.assertEqual(error.find("failed"), -1) error = self.vapi.cli("test echo client mbytes 10 appns 1 " + "fifo-size 4 no-output test-bytes " + "syn-timeout 2 no-return uri " + uri) if error: self.logger.critical(error) self.assertEqual(error.find("failed"), -1) # Delete inter-table routes ip_t01.remove_vpp_config() ip_t10.remove_vpp_config()
def test_PPPoE_Encap(self): """ PPPoE Encap Test """ self.vapi.cli("clear trace") # # Add a route that resolves the server's destination # route_sever_dst = VppIpRoute( self, "100.1.1.100", 32, [VppRoutePath(self.pg1.remote_ip4, self.pg1.sw_if_index)]) route_sever_dst.add_vpp_config() # Send PPPoE Discovery tx0 = self.create_stream_pppoe_discovery(self.pg0, self.pg1, self.pg0.remote_mac) self.pg0.add_stream(tx0) self.pg_start() # Send PPPoE PPP LCP tx1 = self.create_stream_pppoe_lcp(self.pg0, self.pg1, self.pg0.remote_mac, self.session_id) self.pg0.add_stream(tx1) self.pg_start() # Create PPPoE session pppoe_if = VppPppoeInterface(self, self.pg0.remote_ip4, self.pg0.remote_mac, self.session_id) pppoe_if.add_vpp_config() # # Send a packet stream that is routed into the session # - packets are PPPoE encapped # self.vapi.cli("clear trace") tx2 = self.create_stream_ip4(self.pg1, self.pg0, self.pg0.remote_ip4, self.dst_ip, 65) self.pg1.add_stream(tx2) self.pg_enable_capture(self.pg_interfaces) self.pg_start() rx2 = self.pg0.get_capture(len(tx2)) self.verify_encaped_pppoe(self.pg1, rx2, tx2, self.session_id) self.logger.info(self.vapi.cli("show pppoe fib")) self.logger.info(self.vapi.cli("show pppoe session")) self.logger.info(self.vapi.cli("show ip fib")) self.logger.info(self.vapi.cli("show adj")) # # test case cleanup # # Delete PPPoE session pppoe_if.remove_vpp_config() # Delete a route that resolves the server's destination route_sever_dst.remove_vpp_config()
def test_memif_ping(self): """Memif ping""" memif = VppMemif( self, VppEnum.vl_api_memif_role_t.MEMIF_ROLE_API_SLAVE, VppEnum.vl_api_memif_mode_t.MEMIF_MODE_API_ETHERNET, ) remote_socket = VppSocketFilename(self.remote_test, 1, "%s/memif.sock" % self.tempdir) remote_socket.add_vpp_config() remote_memif = VppMemif( self.remote_test, VppEnum.vl_api_memif_role_t.MEMIF_ROLE_API_MASTER, VppEnum.vl_api_memif_mode_t.MEMIF_MODE_API_ETHERNET, socket_id=1, ) memif.add_vpp_config() memif.config_ip4() memif.admin_up() remote_memif.add_vpp_config() remote_memif.config_ip4() remote_memif.admin_up() self.assertTrue(memif.wait_for_link_up(5)) self.assertTrue(remote_memif.wait_for_link_up(5)) # add routing to remote vpp route = VppIpRoute( self.remote_test, self.pg0._local_ip4_subnet, 24, [VppRoutePath(memif.ip_prefix.network_address, 0xFFFFFFFF)], register=False, ) route.add_vpp_config() # create ICMP echo-request from local pg to remote memif packet_num = 10 pkts = self._create_icmp(self.pg0, remote_memif, packet_num) self.pg0.add_stream(pkts) self.pg_enable_capture(self.pg_interfaces) self.pg_start() capture = self.pg0.get_capture(packet_num, timeout=2) seq = 0 for c in capture: self._verify_icmp(self.pg0, remote_memif, c, seq) seq += 1 route.remove_vpp_config()
def test_PPPoE_Add_Twice(self): """PPPoE Add Same Session Twice Test""" self.vapi.cli("clear trace") # # Add a route that resolves the server's destination # route_sever_dst = VppIpRoute( self, "100.1.1.100", 32, [VppRoutePath(self.pg1.remote_ip4, self.pg1.sw_if_index)], ) route_sever_dst.add_vpp_config() # Send PPPoE Discovery tx0 = self.create_stream_pppoe_discovery(self.pg0, self.pg1, self.pg0.remote_mac) self.pg0.add_stream(tx0) self.pg_start() # Send PPPoE PPP LCP tx1 = self.create_stream_pppoe_lcp(self.pg0, self.pg1, self.pg0.remote_mac, self.session_id) self.pg0.add_stream(tx1) self.pg_start() # Create PPPoE session pppoe_if = VppPppoeInterface(self, self.pg0.remote_ip4, self.pg0.remote_mac, self.session_id) pppoe_if.add_vpp_config() pppoe_if.set_unnumbered(self.pg0.sw_if_index) # # The double create (create the same session twice) should fail, # and we should still be able to use the original # try: pppoe_if.add_vpp_config() except Exception: pass else: self.fail("Double GRE tunnel add does not fail") # # test case cleanup # # Delete PPPoE session pppoe_if.remove_vpp_config() # Delete a route that resolves the server's destination route_sever_dst.remove_vpp_config()
def test_bind(self): """ MPLS Local Label Binding test """ # # Add a non-recursive route with a single out label # route_10_0_0_1 = VppIpRoute(self, "10.0.0.1", 32, [ VppRoutePath( self.pg0.remote_ip4, self.pg0.sw_if_index, labels=[45]) ]) route_10_0_0_1.add_vpp_config() # bind a local label to the route binding = VppMplsIpBind(self, 44, "10.0.0.1", 32) binding.add_vpp_config() # non-EOS stream self.vapi.cli("clear trace") tx = self.create_stream_labelled_ip4(self.pg0, [44, 99]) self.pg0.add_stream(tx) self.pg_enable_capture(self.pg_interfaces) self.pg_start() rx = self.pg0.get_capture() self.verify_capture_labelled(self.pg0, rx, tx, [45, 99]) # EOS stream self.vapi.cli("clear trace") tx = self.create_stream_labelled_ip4(self.pg0, [44]) self.pg0.add_stream(tx) self.pg_enable_capture(self.pg_interfaces) self.pg_start() rx = self.pg0.get_capture() self.verify_capture_labelled(self.pg0, rx, tx, [45]) # IP stream self.vapi.cli("clear trace") tx = self.create_stream_ip4(self.pg0, "10.0.0.1") self.pg0.add_stream(tx) self.pg_enable_capture(self.pg_interfaces) self.pg_start() rx = self.pg0.get_capture() self.verify_capture_labelled_ip4(self.pg0, rx, tx, [45]) # # cleanup # binding.remove_vpp_config() route_10_0_0_1.remove_vpp_config()
def test_PPPoE_Del_Twice(self): """ PPPoE Delete Same Session Twice Test """ self.vapi.cli("clear trace") # # Add a route that resolves the server's destination # route_sever_dst = VppIpRoute(self, "100.1.1.100", 32, [VppRoutePath(self.pg1.remote_ip4, self.pg1.sw_if_index)]) route_sever_dst.add_vpp_config() # Send PPPoE Discovery tx0 = self.create_stream_pppoe_discovery(self.pg0, self.pg1, self.pg0.remote_mac) self.pg0.add_stream(tx0) self.pg_start() # Send PPPoE PPP LCP tx1 = self.create_stream_pppoe_lcp(self.pg0, self.pg1, self.pg0.remote_mac, self.session_id) self.pg0.add_stream(tx1) self.pg_start() # Create PPPoE session pppoe_if = VppPppoeInterface(self, self.pg0.remote_ip4, self.pg0.remote_mac, self.session_id) pppoe_if.add_vpp_config() # Delete PPPoE session pppoe_if.remove_vpp_config() # # The double del (del the same session twice) should fail, # and we should still be able to use the original # try: pppoe_if.remove_vpp_config() except Exception: pass else: self.fail("Double GRE tunnel del does not fail") # # test case cleanup # # Delete a route that resolves the server's destination route_sever_dst.remove_vpp_config()
def test_6rd_bgp_tunnel(self): """ 6rd BGP tunnel """ rv = self.vapi.ipip_6rd_add_tunnel(ip6_table_id=0, ip4_table_id=0, ip6_prefix='2002::/16', ip4_prefix='0.0.0.0/0', ip4_src=self.pg0.local_ip4, security_check=False) self.tunnel_index = rv.sw_if_index default_route = VppIpRoute( self, "DEAD::", 16, [ VppRoutePath("2002:0808:0808::", self.tunnel_index, proto=DpoProto.DPO_PROTO_IP6) ], is_ip6=1) default_route.add_vpp_config() ip4_route = VppIpRoute(self, "8.0.0.0", 8, [VppRoutePath(self.pg1.remote_ip4, 0xFFFFFFFF)]) ip4_route.add_vpp_config() # Via recursive route 6 -> 4 p = (Ether(src=self.pg0.remote_mac, dst=self.pg0.local_mac) / IPv6(src="1::1", dst="DEAD:BEEF::1") / UDP(sport=1234, dport=1234)) p_reply = (IP(src=self.pg0.local_ip4, dst="8.8.8.8", proto='ipv6') / IPv6(src='1::1', dst='DEAD:BEEF::1', nh='UDP')) rx = self.send_and_expect(self.pg0, p * 10, self.pg1) for p in rx: self.validate_6in4(p, p_reply) # Via recursive route 4 -> 6 (Security check must be disabled) p_ip6 = (IPv6(src="DEAD:BEEF::1", dst=self.pg1.remote_ip6) / UDP(sport=1234, dport=1234)) p = (Ether(src=self.pg0.remote_mac, dst=self.pg0.local_mac) / IP(src="8.8.8.8", dst=self.pg0.local_ip4) / p_ip6) p_reply = p_ip6 rx = self.send_and_expect(self.pg0, p * 10, self.pg1) for p in rx: self.validate_4in6(p, p_reply) ip4_route.remove_vpp_config() default_route.remove_vpp_config() self.vapi.ipip_6rd_del_tunnel(self.tunnel_index)
def test_acl_pbr(self): """ IP PBR test Test scenario for PBR with source IP - Create IPv4 stream for pg0 -> pg3 interface. - Configure PBR fib entry for packet forwarding. - Send and verify received packets on pg3 interface. """ # PBR testing with source IP pkts = self.create_stream(self.pg0, self.pg3, self.pg_if_packet_sizes) self.pg0.add_stream(pkts) key = 'pbr' self.create_classify_table(key, self.build_ip_mask(src_ip='ffffffff')) pbr_option = 1 # this will create the VRF/table in which we will insert the route self.create_classify_session( self.acl_tbl_idx.get(key), self.build_ip_match(src_ip=self.pg0.remote_ip4), pbr_option, self.pbr_vrfid) self.assertTrue(self.verify_vrf(self.pbr_vrfid)) r = VppIpRoute(self, self.pg3.local_ip4, 24, [VppRoutePath(self.pg3.remote_ip4, INVALID_INDEX)], table_id=self.pbr_vrfid) r.add_vpp_config() self.input_acl_set_interface(self.pg0, self.acl_tbl_idx.get(key)) self.pg_enable_capture(self.pg_interfaces) self.pg_start() pkts = self.pg3.get_capture(len(pkts)) self.verify_capture(self.pg3, pkts) self.input_acl_set_interface(self.pg0, self.acl_tbl_idx.get(key), 0) self.pg0.assert_nothing_captured(remark="packets forwarded") self.pg1.assert_nothing_captured(remark="packets forwarded") self.pg2.assert_nothing_captured(remark="packets forwarded") # remove the classify session and the route r.remove_vpp_config() self.create_classify_session( self.acl_tbl_idx.get(key), self.build_ip_match(src_ip=self.pg0.remote_ip4), pbr_option, self.pbr_vrfid, is_add=0) # and the table should be gone. self.assertFalse(self.verify_vrf(self.pbr_vrfid))
def test_6rd_bgp_tunnel(self): """ 6rd BGP tunnel """ rv = self.vapi.ipip_6rd_add_tunnel(0, 0, inet_pton(AF_INET6, '2002::'), inet_pton(AF_INET, '0.0.0.0'), self.pg0.local_ip4n, 16, 0, False) self.tunnel_index = rv.sw_if_index default_route = VppIpRoute( self, "DEAD::", 16, [VppRoutePath("2002:0808:0808::", self.tunnel_index, proto=DpoProto.DPO_PROTO_IP6)], is_ip6=1) default_route.add_vpp_config() ip4_route = VppIpRoute(self, "8.0.0.0", 8, [VppRoutePath(self.pg1.remote_ip4, 0xFFFFFFFF)]) ip4_route.add_vpp_config() # Via recursive route 6 -> 4 p = (Ether(src=self.pg0.remote_mac, dst=self.pg0.local_mac) / IPv6(src="1::1", dst="DEAD:BEEF::1") / UDP(sport=1234, dport=1234)) p_reply = (IP(src=self.pg0.local_ip4, dst="8.8.8.8", proto='ipv6') / IPv6(src='1::1', dst='DEAD:BEEF::1', nh='UDP')) rx = self.send_and_expect(self.pg0, p * 10, self.pg1) for p in rx: self.validate_6in4(p, p_reply) # Via recursive route 4 -> 6 (Security check must be disabled) p_ip6 = (IPv6(src="DEAD:BEEF::1", dst=self.pg1.remote_ip6) / UDP(sport=1234, dport=1234)) p = (Ether(src=self.pg0.remote_mac, dst=self.pg0.local_mac) / IP(src="8.8.8.8", dst=self.pg0.local_ip4) / p_ip6) p_reply = p_ip6 rx = self.send_and_expect(self.pg0, p * 10, self.pg1) for p in rx: self.validate_4in6(p, p_reply) ip4_route.remove_vpp_config() default_route.remove_vpp_config() self.vapi.ipip_6rd_del_tunnel(self.tunnel_index)
def test_memif_ping(self): """ Memif ping """ memif = VppMemif(self, MEMIF_ROLE.SLAVE, MEMIF_MODE.ETHERNET) remote_socket = VppSocketFilename( self.remote_test, 1, b"%s/memif.sock" % six.ensure_binary(self.tempdir, encoding='utf-8')) remote_socket.add_vpp_config() remote_memif = VppMemif(self.remote_test, MEMIF_ROLE.MASTER, MEMIF_MODE.ETHERNET, socket_id=1) memif.add_vpp_config() memif.config_ip4() memif.admin_up() remote_memif.add_vpp_config() remote_memif.config_ip4() remote_memif.admin_up() self.assertTrue(memif.wait_for_link_up(5)) self.assertTrue(remote_memif.wait_for_link_up(5)) # add routing to remote vpp route = VppIpRoute(self.remote_test, self.pg0._local_ip4_subnet, 24, [VppRoutePath(memif.ip4_addr, 0xffffffff)], register=False) route.add_vpp_config() # create ICMP echo-request from local pg to remote memif packet_num = 10 pkts = self._create_icmp(self.pg0, remote_memif, packet_num) self.pg0.add_stream(pkts) self.pg_enable_capture(self.pg_interfaces) self.pg_start() capture = self.pg0.get_capture(packet_num, timeout=2) seq = 0 for c in capture: self._verify_icmp(self.pg0, remote_memif, c, seq) seq += 1 route.remove_vpp_config()
def test_segment_manager_alloc(self): """Session Segment Manager Multiple Segment Allocation""" # Add inter-table routes ip_t01 = VppIpRoute( self, self.loop1.local_ip4, 32, [VppRoutePath("0.0.0.0", 0xFFFFFFFF, nh_table_id=1)], ) ip_t10 = VppIpRoute( self, self.loop0.local_ip4, 32, [VppRoutePath("0.0.0.0", 0xFFFFFFFF, nh_table_id=0)], table_id=1, ) ip_t01.add_vpp_config() ip_t10.add_vpp_config() # Start builtin server and client with small private segments uri = "tcp://" + self.loop0.local_ip4 + "/1234" error = self.vapi.cli( "test echo server appns 0 fifo-size 64 " + "private-segment-size 1m uri " + uri ) if error: self.logger.critical(error) self.assertNotIn("failed", error) error = self.vapi.cli( "test echo client nclients 100 appns 1 " + "no-output fifo-size 64 syn-timeout 2 " + "private-segment-size 1m uri " + uri ) if error: self.logger.critical(error) self.assertNotIn("failed", error) if self.vpp_dead: self.assert_equal(0) # Delete inter-table routes ip_t01.remove_vpp_config() ip_t10.remove_vpp_config()
def test_tls_transfer(self): """TLS qat echo client/server transfer""" # Add inter-table routes ip_t01 = VppIpRoute( self, self.loop1.local_ip4, 32, [VppRoutePath("0.0.0.0", 0xFFFFFFFF, nh_table_id=1)], ) ip_t10 = VppIpRoute( self, self.loop0.local_ip4, 32, [VppRoutePath("0.0.0.0", 0xFFFFFFFF, nh_table_id=0)], table_id=1, ) ip_t01.add_vpp_config() ip_t10.add_vpp_config() # Enable QAT engine and TLS async r = self.vapi.tls_openssl_set_engine(async_enable=1, engine="qat", algorithm="RSA,PKEY_CRYPTO", ciphers="RSA") self.assertIsNotNone(r, "No response msg ") # Start builtin server and client uri = "tls://" + self.loop0.local_ip4 + "/1234" error = self.vapi.cli( "test echo server appns 0 fifo-size 4 tls-engine 1 uri " + uri) if error: self.logger.critical(error) self.assertNotIn("failed", error) error = self.vapi.cli("test echo client mbytes 10 appns 1 " "fifo-size 4 no-output test-bytes " "tls-engine 1 " "syn-timeout 2 uri " + uri) if error: self.logger.critical(error) self.assertNotIn("failed", error) # Delete inter-table routes ip_t01.remove_vpp_config() ip_t10.remove_vpp_config()
def test_ip4_rx_p2p_subif_route(self): """route rx packet not matching p2p subinterface""" self.logger.info("FFP_TEST_START_0003") route_9001 = VppIpRoute(self, "9.0.0.0", 24, [VppRoutePath(self.pg1.remote_ip4, self.pg1.sw_if_index)]) route_9001.add_vpp_config() self.packets.append( self.create_stream(src_mac="02:01:00:00:ff:ff", dst_mac=self.pg0.local_mac, src_ip="8.0.0.100", dst_ip="9.0.0.100")) self.send_packets(self.pg0, self.pg1) route_9001.remove_vpp_config() self.logger.info("FFP_TEST_FINISH_0003")
def test_ip4_rx_p2p_subif(self): """receive ipv4 packet via p2p subinterface""" self.logger.info("FFP_TEST_START_0002") route_9000 = VppIpRoute(self, "9.0.0.0", 16, [VppRoutePath(self.pg1.remote_ip4, self.pg1.sw_if_index)]) route_9000.add_vpp_config() self.packets.append( self.create_stream(src_mac=self.pg0._remote_hosts[0].mac, dst_mac=self.pg0.local_mac, src_ip=self.p2p_sub_ifs[0].remote_ip4, dst_ip="9.0.0.100")) self.send_packets(self.pg0, self.pg1, self.packets) self.assert_packet_counter_equal('p2p-ethernet-input', 1) route_9000.remove_vpp_config() self.logger.info("FFP_TEST_FINISH_0002")
def test_ip6_tx_p2p_subif(self): """send packet via p2p subinterface""" self.logger.info("FFP_TEST_START_0005") route_8000 = VppIpRoute( self, "8000::", 64, [VppRoutePath(self.pg0.remote_ip6, self.pg0.sw_if_index)]) route_8000.add_vpp_config() route_8001 = VppIpRoute(self, "8001::", 64, [ VppRoutePath(self.p2p_sub_ifs[0].remote_ip6, self.p2p_sub_ifs[0].sw_if_index) ]) route_8001.add_vpp_config() route_8002 = VppIpRoute(self, "8002::", 64, [ VppRoutePath(self.p2p_sub_ifs[1].remote_ip6, self.p2p_sub_ifs[1].sw_if_index) ]) route_8002.add_vpp_config() for i in range(0, 3): self.packets.append( self.create_stream(src_mac=self.pg1.remote_mac, dst_mac=self.pg1.local_mac, src_ip=self.pg1.remote_ip6, dst_ip="800%d::100" % i)) self.send_packets(self.pg1, self.pg0, count=3) route_8000.remove_vpp_config() route_8001.remove_vpp_config() route_8002.remove_vpp_config() self.logger.info("FFP_TEST_FINISH_0005")
def test_ip4_tx_p2p_subif(self): """send ip4 packet via p2p subinterface""" self.logger.info("FFP_TEST_START_0005") route_9100 = VppIpRoute(self, "9.1.0.100", 24, [VppRoutePath(self.pg0.remote_ip4, self.pg0.sw_if_index, )]) route_9100.add_vpp_config() route_9200 = VppIpRoute(self, "9.2.0.100", 24, [VppRoutePath(self.p2p_sub_ifs[0].remote_ip4, self.p2p_sub_ifs[0].sw_if_index, )]) route_9200.add_vpp_config() route_9300 = VppIpRoute(self, "9.3.0.100", 24, [VppRoutePath(self.p2p_sub_ifs[1].remote_ip4, self.p2p_sub_ifs[1].sw_if_index )]) route_9300.add_vpp_config() for i in range(0, 3): self.packets.append( self.create_stream(src_mac=self.pg1.remote_mac, dst_mac=self.pg1.local_mac, src_ip=self.pg1.remote_ip4, dst_ip="9.%d.0.100" % (i+1))) self.send_packets(self.pg1, self.pg0) # route_7000.remove_vpp_config() route_9100.remove_vpp_config() route_9200.remove_vpp_config() route_9300.remove_vpp_config() self.logger.info("FFP_TEST_FINISH_0005")
def test_ip6_rx_p2p_subif(self): """receive ipv6 packet via p2p subinterface""" self.logger.info("FFP_TEST_START_0002") route_9001 = VppIpRoute(self, "9001::", 64, [VppRoutePath(self.pg1.remote_ip6, self.pg1.sw_if_index, proto=DpoProto.DPO_PROTO_IP6)], is_ip6=1) route_9001.add_vpp_config() self.packets.append( self.create_stream(src_mac=self.pg0._remote_hosts[0].mac, dst_mac=self.pg0.local_mac, src_ip=self.p2p_sub_ifs[0].remote_ip6, dst_ip="9001::100")) self.send_packets(self.pg0, self.pg1, self.packets) self.assert_packet_counter_equal('p2p-ethernet-input', 1) route_9001.remove_vpp_config() self.logger.info("FFP_TEST_FINISH_0002")
def test_quic_transfer(self): """ QUIC echo client/server transfer """ # Add inter-table routes ip_t01 = VppIpRoute( self, self.loop1.local_ip4, 32, [VppRoutePath("0.0.0.0", 0xffffffff, nh_table_id=2)], table_id=1) ip_t10 = VppIpRoute( self, self.loop0.local_ip4, 32, [VppRoutePath("0.0.0.0", 0xffffffff, nh_table_id=1)], table_id=2) ip_t01.add_vpp_config() ip_t10.add_vpp_config() self.logger.debug(self.vapi.cli("show ip fib")) # Start builtin server and client uri = "quic://%s/1234" % self.loop0.local_ip4 error = self.vapi.cli("test echo server appns 1 fifo-size 4 uri %s" % uri) if error: self.logger.critical(error) self.assertNotIn("failed", error) error = self.vapi.cli("test echo client bytes 1024 appns 2 " + "fifo-size 4 test-bytes no-output " + "uri %s" % uri) self.logger.critical(error) if error: self.logger.critical(error) self.assertNotIn("failed", error) # Delete inter-table routes ip_t01.remove_vpp_config() ip_t10.remove_vpp_config()
def test_segment_manager_alloc(self): """ Session Segment Manager Multiple Segment Allocation """ # Add inter-table routes ip_t01 = VppIpRoute(self, self.loop1.local_ip4, 32, [VppRoutePath("0.0.0.0", 0xffffffff, nh_table_id=1)]) ip_t10 = VppIpRoute(self, self.loop0.local_ip4, 32, [VppRoutePath("0.0.0.0", 0xffffffff, nh_table_id=0)], table_id=1) ip_t01.add_vpp_config() ip_t10.add_vpp_config() # Start builtin server and client with small private segments uri = "tcp://" + self.loop0.local_ip4 + "/1234" error = self.vapi.cli("test echo server appns 0 fifo-size 64 " + "private-segment-size 1m uri " + uri) if error: self.logger.critical(error) self.assertNotIn("failed", error) error = self.vapi.cli("test echo client nclients 100 appns 1 " + "no-output fifo-size 64 syn-timeout 2 " + "private-segment-size 1m uri " + uri) if error: self.logger.critical(error) self.assertNotIn("failed", error) if self.vpp_dead: self.assert_equal(0) # Delete inter-table routes ip_t01.remove_vpp_config() ip_t10.remove_vpp_config()
def test_ip6_tx_p2p_subif(self): """send packet via p2p subinterface""" self.logger.info("FFP_TEST_START_0005") route_8000 = VppIpRoute(self, "8000::", 64, [VppRoutePath(self.pg0.remote_ip6, self.pg0.sw_if_index, proto=DpoProto.DPO_PROTO_IP6)], is_ip6=1) route_8000.add_vpp_config() route_8001 = VppIpRoute(self, "8001::", 64, [VppRoutePath(self.p2p_sub_ifs[0].remote_ip6, self.p2p_sub_ifs[0].sw_if_index, proto=DpoProto.DPO_PROTO_IP6)], is_ip6=1) route_8001.add_vpp_config() route_8002 = VppIpRoute(self, "8002::", 64, [VppRoutePath(self.p2p_sub_ifs[1].remote_ip6, self.p2p_sub_ifs[1].sw_if_index, proto=DpoProto.DPO_PROTO_IP6)], is_ip6=1) route_8002.add_vpp_config() for i in range(0, 3): self.packets.append( self.create_stream(src_mac=self.pg1.remote_mac, dst_mac=self.pg1.local_mac, src_ip=self.pg1.remote_ip6, dst_ip="800%d::100" % i)) self.send_packets(self.pg1, self.pg0, count=3) route_8000.remove_vpp_config() route_8001.remove_vpp_config() route_8002.remove_vpp_config() self.logger.info("FFP_TEST_FINISH_0005")
def test_PPPoE_Decap_Multiple(self): """ PPPoE Decap Multiple Sessions Test """ self.vapi.cli("clear trace") # # Add a route that resolves the server's destination # route_sever_dst = VppIpRoute( self, "100.1.1.100", 32, [VppRoutePath(self.pg1.remote_ip4, self.pg1.sw_if_index)]) route_sever_dst.add_vpp_config() # Send PPPoE Discovery 1 tx0 = self.create_stream_pppoe_discovery(self.pg0, self.pg1, self.pg0.remote_mac) self.pg0.add_stream(tx0) self.pg_start() # Send PPPoE PPP LCP 1 tx1 = self.create_stream_pppoe_lcp(self.pg0, self.pg1, self.pg0.remote_mac, self.session_id) self.pg0.add_stream(tx1) self.pg_start() # Create PPPoE session 1 pppoe_if1 = VppPppoeInterface(self, self.pg0.remote_ip4, self.pg0.remote_mac, self.session_id) pppoe_if1.add_vpp_config() # Send PPPoE Discovery 2 tx3 = self.create_stream_pppoe_discovery(self.pg2, self.pg1, self.pg2.remote_mac) self.pg2.add_stream(tx3) self.pg_start() # Send PPPoE PPP LCP 2 tx4 = self.create_stream_pppoe_lcp(self.pg2, self.pg1, self.pg2.remote_mac, self.session_id + 1) self.pg2.add_stream(tx4) self.pg_start() # Create PPPoE session 2 pppoe_if2 = VppPppoeInterface(self, self.pg2.remote_ip4, self.pg2.remote_mac, self.session_id + 1) pppoe_if2.add_vpp_config() # # Send tunneled packets that match the created tunnel and # are decapped and forwarded # tx2 = self.create_stream_pppoe_ip4(self.pg0, self.pg1, self.pg0.remote_mac, self.session_id, self.pg0.remote_ip4) self.pg0.add_stream(tx2) self.pg_enable_capture(self.pg_interfaces) self.pg_start() rx2 = self.pg1.get_capture(len(tx2)) self.verify_decapped_pppoe(self.pg0, rx2, tx2) tx5 = self.create_stream_pppoe_ip4(self.pg2, self.pg1, self.pg2.remote_mac, self.session_id + 1, self.pg2.remote_ip4) self.pg2.add_stream(tx5) self.pg_enable_capture(self.pg_interfaces) self.pg_start() rx5 = self.pg1.get_capture(len(tx5)) self.verify_decapped_pppoe(self.pg2, rx5, tx5) self.logger.info(self.vapi.cli("show pppoe fib")) self.logger.info(self.vapi.cli("show pppoe session")) self.logger.info(self.vapi.cli("show ip fib")) # # test case cleanup # # Delete PPPoE session pppoe_if1.remove_vpp_config() pppoe_if2.remove_vpp_config() # Delete a route that resolves the server's destination route_sever_dst.remove_vpp_config()
def test_dvr(self): """ Distributed Virtual Router """ # # A packet destined to an IP address that is L2 bridged via # a non-tag interface # ip_non_tag_bridged = "10.10.10.10" ip_tag_bridged = "10.10.10.11" any_src_addr = "1.1.1.1" pkt_no_tag = (Ether(src=self.pg0.remote_mac, dst=self.loop0.local_mac) / IP(src=any_src_addr, dst=ip_non_tag_bridged) / UDP(sport=1234, dport=1234) / Raw('\xa5' * 100)) pkt_tag = (Ether(src=self.pg0.remote_mac, dst=self.loop0.local_mac) / IP(src=any_src_addr, dst=ip_tag_bridged) / UDP(sport=1234, dport=1234) / Raw('\xa5' * 100)) # # Two sub-interfaces so we can test VLAN tag push/pop # sub_if_on_pg2 = VppDot1QSubint(self, self.pg2, 92) sub_if_on_pg3 = VppDot1QSubint(self, self.pg3, 93) sub_if_on_pg2.admin_up() sub_if_on_pg3.admin_up() # # Put all the interfaces into a new bridge domain # self.vapi.sw_interface_set_l2_bridge( rx_sw_if_index=self.pg0.sw_if_index, bd_id=1) self.vapi.sw_interface_set_l2_bridge( rx_sw_if_index=self.pg1.sw_if_index, bd_id=1) self.vapi.sw_interface_set_l2_bridge( rx_sw_if_index=sub_if_on_pg2.sw_if_index, bd_id=1) self.vapi.sw_interface_set_l2_bridge( rx_sw_if_index=sub_if_on_pg3.sw_if_index, bd_id=1) self.vapi.sw_interface_set_l2_bridge( rx_sw_if_index=self.loop0.sw_if_index, bd_id=1, port_type=L2_PORT_TYPE.BVI) self.vapi.l2_interface_vlan_tag_rewrite( sw_if_index=sub_if_on_pg2.sw_if_index, vtr_op=L2_VTR_OP.L2_POP_1, push_dot1q=92) self.vapi.l2_interface_vlan_tag_rewrite( sw_if_index=sub_if_on_pg3.sw_if_index, vtr_op=L2_VTR_OP.L2_POP_1, push_dot1q=93) # # Add routes to bridge the traffic via a tagged an nontagged interface # route_no_tag = VppIpRoute( self, ip_non_tag_bridged, 32, [VppRoutePath("0.0.0.0", self.pg1.sw_if_index, is_dvr=1)]) route_no_tag.add_vpp_config() # # Inject the packet that arrives and leaves on a non-tagged interface # Since it's 'bridged' expect that the MAC headed is unchanged. # rx = self.send_and_expect(self.pg0, pkt_no_tag * 65, self.pg1) self.assert_same_mac_addr(pkt_no_tag, rx) self.assert_has_no_tag(rx) # # Add routes to bridge the traffic via a tagged interface # route_with_tag = VppIpRoute( self, ip_tag_bridged, 32, [VppRoutePath("0.0.0.0", sub_if_on_pg3.sw_if_index, is_dvr=1)]) route_with_tag.add_vpp_config() # # Inject the packet that arrives non-tag and leaves on a tagged # interface # rx = self.send_and_expect(self.pg0, pkt_tag * 65, self.pg3) self.assert_same_mac_addr(pkt_tag, rx) self.assert_has_vlan_tag(93, rx) # # Tag to tag # pkt_tag_to_tag = (Ether(src=self.pg2.remote_mac, dst=self.loop0.local_mac) / Dot1Q(vlan=92) / IP(src=any_src_addr, dst=ip_tag_bridged) / UDP(sport=1234, dport=1234) / Raw('\xa5' * 100)) rx = self.send_and_expect(self.pg2, pkt_tag_to_tag * 65, self.pg3) self.assert_same_mac_addr(pkt_tag_to_tag, rx) self.assert_has_vlan_tag(93, rx) # # Tag to non-Tag # pkt_tag_to_non_tag = (Ether(src=self.pg2.remote_mac, dst=self.loop0.local_mac) / Dot1Q(vlan=92) / IP(src=any_src_addr, dst=ip_non_tag_bridged) / UDP(sport=1234, dport=1234) / Raw('\xa5' * 100)) rx = self.send_and_expect(self.pg2, pkt_tag_to_non_tag * 65, self.pg1) self.assert_same_mac_addr(pkt_tag_to_tag, rx) self.assert_has_no_tag(rx) # # Add an output L3 ACL that will block the traffic # rule_1 = ({'is_permit': 0, 'is_ipv6': 0, 'proto': 17, 'srcport_or_icmptype_first': 1234, 'srcport_or_icmptype_last': 1234, 'src_ip_prefix_len': 32, 'src_ip_addr': inet_pton(AF_INET, any_src_addr), 'dstport_or_icmpcode_first': 1234, 'dstport_or_icmpcode_last': 1234, 'dst_ip_prefix_len': 32, 'dst_ip_addr': inet_pton(AF_INET, ip_non_tag_bridged)}) acl = self.vapi.acl_add_replace(acl_index=4294967295, r=[rule_1]) # # Apply the ACL on the output interface # self.vapi.acl_interface_set_acl_list(self.pg1.sw_if_index, 0, [acl.acl_index]) # # Send packet's that should match the ACL and be dropped # rx = self.send_and_assert_no_replies(self.pg2, pkt_tag_to_non_tag * 65) # # cleanup # self.vapi.acl_interface_set_acl_list(self.pg1.sw_if_index, 0, []) self.vapi.acl_del(acl.acl_index) self.vapi.sw_interface_set_l2_bridge( rx_sw_if_index=self.pg0.sw_if_index, bd_id=1, enable=0) self.vapi.sw_interface_set_l2_bridge( rx_sw_if_index=self.pg1.sw_if_index, bd_id=1, enable=0) self.vapi.sw_interface_set_l2_bridge( rx_sw_if_index=sub_if_on_pg2.sw_if_index, bd_id=1, enable=0) self.vapi.sw_interface_set_l2_bridge( rx_sw_if_index=sub_if_on_pg3.sw_if_index, bd_id=1, enable=0) self.vapi.sw_interface_set_l2_bridge( rx_sw_if_index=self.loop0.sw_if_index, bd_id=1, port_type=L2_PORT_TYPE.BVI, enable=0) # # Do a FIB dump to make sure the paths are correctly reported as DVR # routes = self.vapi.ip_fib_dump() for r in routes: if (inet_pton(AF_INET, ip_tag_bridged) == r.address): self.assertEqual(r.path[0].sw_if_index, sub_if_on_pg3.sw_if_index) self.assertEqual(r.path[0].is_dvr, 1) if (inet_pton(AF_INET, ip_non_tag_bridged) == r.address): self.assertEqual(r.path[0].sw_if_index, self.pg1.sw_if_index) self.assertEqual(r.path[0].is_dvr, 1) # # the explicit route delete is require so it happens before # the sbu-interface delete. subinterface delete is required # because that object type does not use the object registry # route_no_tag.remove_vpp_config() route_with_tag.remove_vpp_config() sub_if_on_pg3.remove_vpp_config() sub_if_on_pg2.remove_vpp_config()
def test_map_e(self): """ MAP-E """ # # Add a route to the MAP-BR # map_br_pfx = "2001::" map_br_pfx_len = 64 map_route = VppIpRoute(self, map_br_pfx, map_br_pfx_len, [VppRoutePath(self.pg1.remote_ip6, self.pg1.sw_if_index, proto=DpoProto.DPO_PROTO_IP6)], is_ip6=1) map_route.add_vpp_config() # # Add a domain that maps from pg0 to pg1 # map_dst = socket.inet_pton(socket.AF_INET6, map_br_pfx) map_src = "3001::1" map_src_n = socket.inet_pton(socket.AF_INET6, map_src) client_pfx = socket.inet_pton(socket.AF_INET, "192.168.0.0") self.vapi.map_add_domain(map_dst, map_br_pfx_len, map_src_n, 128, client_pfx, 16) # # Fire in a v4 packet that will be encapped to the BR # v4 = (Ether(dst=self.pg0.local_mac, src=self.pg0.remote_mac) / IP(src=self.pg0.remote_ip4, dst='192.168.1.1') / UDP(sport=20000, dport=10000) / Raw('\xa5' * 100)) self.send_and_assert_encapped(v4, map_src, "2001::c0a8:0:0") # # Fire in a V6 encapped packet. # expect a decapped packet on the inside ip4 link # p = (Ether(dst=self.pg1.local_mac, src=self.pg1.remote_mac) / IPv6(dst=map_src, src="2001::1") / IP(dst=self.pg0.remote_ip4, src='192.168.1.1') / UDP(sport=20000, dport=10000) / Raw('\xa5' * 100)) self.pg1.add_stream(p) self.pg_enable_capture(self.pg_interfaces) self.pg_start() rx = self.pg0.get_capture(1) rx = rx[0] self.assertFalse(rx.haslayer(IPv6)) self.assertEqual(rx[IP].src, p[IP].src) self.assertEqual(rx[IP].dst, p[IP].dst) # # Pre-resolve. No API for this!! # self.vapi.ppcli("map params pre-resolve ip6-nh 4001::1") self.send_and_assert_no_replies(self.pg0, v4, "resovled via default route") # # Add a route to 4001::1. Expect the encapped traffic to be # sent via that routes next-hop # pre_res_route = VppIpRoute( self, "4001::1", 128, [VppRoutePath(self.pg1.remote_hosts[2].ip6, self.pg1.sw_if_index, proto=DpoProto.DPO_PROTO_IP6)], is_ip6=1) pre_res_route.add_vpp_config() self.send_and_assert_encapped(v4, map_src, "2001::c0a8:0:0", dmac=self.pg1.remote_hosts[2].mac) # # change the route to the pre-solved next-hop # pre_res_route.modify([VppRoutePath(self.pg1.remote_hosts[3].ip6, self.pg1.sw_if_index, proto=DpoProto.DPO_PROTO_IP6)]) pre_res_route.add_vpp_config() self.send_and_assert_encapped(v4, map_src, "2001::c0a8:0:0", dmac=self.pg1.remote_hosts[3].mac) # # cleanup. The test infra's object registry will ensure # the route is really gone and thus that the unresolve worked. # pre_res_route.remove_vpp_config() self.vapi.ppcli("map params pre-resolve del ip6-nh 4001::1")
def test_PPPoE_Decap(self): """ PPPoE Decap Test """ self.vapi.cli("clear trace") # # Add a route that resolves the server's destination # route_sever_dst = VppIpRoute(self, "100.1.1.100", 32, [VppRoutePath(self.pg1.remote_ip4, self.pg1.sw_if_index)]) route_sever_dst.add_vpp_config() # Send PPPoE Discovery tx0 = self.create_stream_pppoe_discovery(self.pg0, self.pg1, self.pg0.remote_mac) self.pg0.add_stream(tx0) self.pg_start() # Send PPPoE PPP LCP tx1 = self.create_stream_pppoe_lcp(self.pg0, self.pg1, self.pg0.remote_mac, self.session_id) self.pg0.add_stream(tx1) self.pg_start() # Create PPPoE session pppoe_if = VppPppoeInterface(self, self.pg0.remote_ip4, self.pg0.remote_mac, self.session_id) pppoe_if.add_vpp_config() # # Send tunneled packets that match the created tunnel and # are decapped and forwarded # tx2 = self.create_stream_pppoe_ip4(self.pg0, self.pg1, self.pg0.remote_mac, self.session_id, self.pg0.remote_ip4) self.pg0.add_stream(tx2) self.pg_enable_capture(self.pg_interfaces) self.pg_start() rx2 = self.pg1.get_capture(len(tx2)) self.verify_decapped_pppoe(self.pg0, rx2, tx2) self.logger.info(self.vapi.cli("show pppoe fib")) self.logger.info(self.vapi.cli("show pppoe session")) self.logger.info(self.vapi.cli("show ip fib")) # # test case cleanup # # Delete PPPoE session pppoe_if.remove_vpp_config() # Delete a route that resolves the server's destination route_sever_dst.remove_vpp_config()
def test_dvr(self): """ Distributed Virtual Router """ # # A packet destined to an IP address that is L2 bridged via # a non-tag interface # ip_non_tag_bridged = "10.10.10.10" ip_tag_bridged = "10.10.10.11" any_src_addr = "1.1.1.1" pkt_no_tag = ( Ether(src=self.pg0.remote_mac, dst=self.loop0.local_mac) / IP(src=any_src_addr, dst=ip_non_tag_bridged) / UDP(sport=1234, dport=1234) / Raw('\xa5' * 100)) pkt_tag = (Ether(src=self.pg0.remote_mac, dst=self.loop0.local_mac) / IP(src=any_src_addr, dst=ip_tag_bridged) / UDP(sport=1234, dport=1234) / Raw('\xa5' * 100)) # # Two sub-interfaces so we can test VLAN tag push/pop # sub_if_on_pg2 = VppDot1QSubint(self, self.pg2, 92) sub_if_on_pg3 = VppDot1QSubint(self, self.pg3, 93) sub_if_on_pg2.admin_up() sub_if_on_pg3.admin_up() # # Put all the interfaces into a new bridge domain # self.vapi.sw_interface_set_l2_bridge(self.pg0.sw_if_index, 1) self.vapi.sw_interface_set_l2_bridge(self.pg1.sw_if_index, 1) self.vapi.sw_interface_set_l2_bridge(sub_if_on_pg2.sw_if_index, 1) self.vapi.sw_interface_set_l2_bridge(sub_if_on_pg3.sw_if_index, 1) self.vapi.sw_interface_set_l2_bridge(self.loop0.sw_if_index, 1, bvi=1) self.vapi.sw_interface_set_l2_tag_rewrite(sub_if_on_pg2.sw_if_index, L2_VTR_OP.L2_POP_1, 92) self.vapi.sw_interface_set_l2_tag_rewrite(sub_if_on_pg3.sw_if_index, L2_VTR_OP.L2_POP_1, 93) # # Add routes to bridge the traffic via a tagged an nontagged interface # route_no_tag = VppIpRoute( self, ip_non_tag_bridged, 32, [VppRoutePath("0.0.0.0", self.pg1.sw_if_index, is_dvr=1)]) route_no_tag.add_vpp_config() # # Inject the packet that arrives and leaves on a non-tagged interface # Since it's 'bridged' expect that the MAC headed is unchanged. # rx = self.send_and_expect(self.pg0, pkt_no_tag * 65, self.pg1) self.assert_same_mac_addr(pkt_no_tag, rx) self.assert_has_no_tag(rx) # # Add routes to bridge the traffic via a tagged interface # route_with_tag = VppIpRoute( self, ip_tag_bridged, 32, [VppRoutePath("0.0.0.0", sub_if_on_pg3.sw_if_index, is_dvr=1)]) route_with_tag.add_vpp_config() # # Inject the packet that arrives non-tag and leaves on a tagged # interface # rx = self.send_and_expect(self.pg0, pkt_tag * 65, self.pg3) self.assert_same_mac_addr(pkt_tag, rx) self.assert_has_vlan_tag(93, rx) # # Tag to tag # pkt_tag_to_tag = ( Ether(src=self.pg2.remote_mac, dst=self.loop0.local_mac) / Dot1Q(vlan=92) / IP(src=any_src_addr, dst=ip_tag_bridged) / UDP(sport=1234, dport=1234) / Raw('\xa5' * 100)) rx = self.send_and_expect(self.pg2, pkt_tag_to_tag * 65, self.pg3) self.assert_same_mac_addr(pkt_tag_to_tag, rx) self.assert_has_vlan_tag(93, rx) # # Tag to non-Tag # pkt_tag_to_non_tag = ( Ether(src=self.pg2.remote_mac, dst=self.loop0.local_mac) / Dot1Q(vlan=92) / IP(src=any_src_addr, dst=ip_non_tag_bridged) / UDP(sport=1234, dport=1234) / Raw('\xa5' * 100)) rx = self.send_and_expect(self.pg2, pkt_tag_to_non_tag * 65, self.pg1) self.assert_same_mac_addr(pkt_tag_to_tag, rx) self.assert_has_no_tag(rx) # # Add an output L3 ACL that will block the traffic # rule_1 = ({ 'is_permit': 0, 'is_ipv6': 0, 'proto': 17, 'srcport_or_icmptype_first': 1234, 'srcport_or_icmptype_last': 1234, 'src_ip_prefix_len': 32, 'src_ip_addr': inet_pton(AF_INET, any_src_addr), 'dstport_or_icmpcode_first': 1234, 'dstport_or_icmpcode_last': 1234, 'dst_ip_prefix_len': 32, 'dst_ip_addr': inet_pton(AF_INET, ip_non_tag_bridged) }) acl = self.vapi.acl_add_replace(acl_index=4294967295, r=[rule_1]) # # Apply the ACL on the output interface # self.vapi.acl_interface_set_acl_list(self.pg1.sw_if_index, 0, [acl.acl_index]) # # Send packet's that should match the ACL and be dropped # rx = self.send_and_assert_no_replies(self.pg2, pkt_tag_to_non_tag * 65) # # cleanup # self.vapi.acl_interface_set_acl_list(self.pg1.sw_if_index, 0, []) self.vapi.acl_del(acl.acl_index) self.vapi.sw_interface_set_l2_bridge(self.pg0.sw_if_index, 1, enable=0) self.vapi.sw_interface_set_l2_bridge(self.pg1.sw_if_index, 1, enable=0) self.vapi.sw_interface_set_l2_bridge(sub_if_on_pg2.sw_if_index, 1, enable=0) self.vapi.sw_interface_set_l2_bridge(sub_if_on_pg3.sw_if_index, 1, enable=0) self.vapi.sw_interface_set_l2_bridge(self.loop0.sw_if_index, 1, bvi=1, enable=0) # # Do a FIB dump to make sure the paths are correctly reported as DVR # routes = self.vapi.ip_fib_dump() for r in routes: if (inet_pton(AF_INET, ip_tag_bridged) == r.address): self.assertEqual(r.path[0].sw_if_index, sub_if_on_pg3.sw_if_index) self.assertEqual(r.path[0].is_dvr, 1) if (inet_pton(AF_INET, ip_non_tag_bridged) == r.address): self.assertEqual(r.path[0].sw_if_index, self.pg1.sw_if_index) self.assertEqual(r.path[0].is_dvr, 1) # # the explicit route delete is require so it happens before # the sbu-interface delete. subinterface delete is required # because that object type does not use the object registry # route_no_tag.remove_vpp_config() route_with_tag.remove_vpp_config() sub_if_on_pg3.remove_vpp_config() sub_if_on_pg2.remove_vpp_config()
def test_gre6(self): """ GRE IPv6 tunnel Tests """ self.pg1.config_ip6() self.pg1.resolve_ndp() # # Create an L3 GRE tunnel. # - set it admin up # - assign an IP Address # - Add a route via the tunnel # gre_if = VppGreInterface(self, self.pg2.local_ip6, "1002::1") gre_if.add_vpp_config() gre_if.admin_up() gre_if.config_ip6() route_via_tun = VppIpRoute(self, "4004::1", 128, [VppRoutePath("0::0", gre_if.sw_if_index)]) route_via_tun.add_vpp_config() # # Send a packet stream that is routed into the tunnel # - they are all dropped since the tunnel's destintation IP # is unresolved - or resolves via the default route - which # which is a drop. # tx = self.create_stream_ip6(self.pg2, "5005::1", "4004::1") self.send_and_assert_no_replies( self.pg2, tx, "GRE packets forwarded without DIP resolved") # # Add a route that resolves the tunnel's destination # route_tun_dst = VppIpRoute( self, "1002::1", 128, [VppRoutePath(self.pg2.remote_ip6, self.pg2.sw_if_index)]) route_tun_dst.add_vpp_config() # # Send a packet stream that is routed into the tunnel # - packets are GRE encapped # tx = self.create_stream_ip6(self.pg2, "5005::1", "4004::1") rx = self.send_and_expect(self.pg2, tx, self.pg2) self.verify_tunneled_6o6(self.pg2, rx, tx, self.pg2.local_ip6, "1002::1") # # Test decap. decapped packets go out pg1 # tx = self.create_tunnel_stream_6o6(self.pg2, "1002::1", self.pg2.local_ip6, "2001::1", self.pg1.remote_ip6) rx = self.send_and_expect(self.pg2, tx, self.pg1) # # RX'd packet is UDP over IPv6, test the GRE header is gone. # self.assertFalse(rx[0].haslayer(GRE)) self.assertEqual(rx[0][IPv6].dst, self.pg1.remote_ip6) # # Send v4 over v6 # route4_via_tun = VppIpRoute( self, "1.1.1.1", 32, [VppRoutePath("0.0.0.0", gre_if.sw_if_index)]) route4_via_tun.add_vpp_config() tx = self.create_stream_ip4(self.pg0, "1.1.1.2", "1.1.1.1") rx = self.send_and_expect(self.pg0, tx, self.pg2) self.verify_tunneled_4o6(self.pg0, rx, tx, self.pg2.local_ip6, "1002::1") # # test case cleanup # route_tun_dst.remove_vpp_config() route_via_tun.remove_vpp_config() route4_via_tun.remove_vpp_config() gre_if.remove_vpp_config() self.pg2.unconfig_ip6() self.pg1.unconfig_ip6()
def test_gre(self): """ GRE IPv4 tunnel Tests """ # # Create an L3 GRE tunnel. # - set it admin up # - assign an IP Addres # - Add a route via the tunnel # gre_if = VppGreInterface(self, self.pg0.local_ip4, "1.1.1.2") gre_if.add_vpp_config() # # The double create (create the same tunnel twice) should fail, # and we should still be able to use the original # try: gre_if.add_vpp_config() except Exception: pass else: self.fail("Double GRE tunnel add does not fail") gre_if.admin_up() gre_if.config_ip4() route_via_tun = VppIpRoute( self, "4.4.4.4", 32, [VppRoutePath("0.0.0.0", gre_if.sw_if_index)]) route_via_tun.add_vpp_config() # # Send a packet stream that is routed into the tunnel # - they are all dropped since the tunnel's destintation IP # is unresolved - or resolves via the default route - which # which is a drop. # tx = self.create_stream_ip4(self.pg0, "5.5.5.5", "4.4.4.4") self.send_and_assert_no_replies(self.pg0, tx) # # Add a route that resolves the tunnel's destination # route_tun_dst = VppIpRoute( self, "1.1.1.2", 32, [VppRoutePath(self.pg0.remote_ip4, self.pg0.sw_if_index)]) route_tun_dst.add_vpp_config() # # Send a packet stream that is routed into the tunnel # - packets are GRE encapped # tx = self.create_stream_ip4(self.pg0, "5.5.5.5", "4.4.4.4") rx = self.send_and_expect(self.pg0, tx, self.pg0) self.verify_tunneled_4o4(self.pg0, rx, tx, self.pg0.local_ip4, "1.1.1.2") # # Send tunneled packets that match the created tunnel and # are decapped and forwarded # tx = self.create_tunnel_stream_4o4(self.pg0, "1.1.1.2", self.pg0.local_ip4, self.pg0.local_ip4, self.pg0.remote_ip4) rx = self.send_and_expect(self.pg0, tx, self.pg0) self.verify_decapped_4o4(self.pg0, rx, tx) # # Send tunneled packets that do not match the tunnel's src # self.vapi.cli("clear trace") tx = self.create_tunnel_stream_4o4(self.pg0, "1.1.1.3", self.pg0.local_ip4, self.pg0.local_ip4, self.pg0.remote_ip4) self.send_and_assert_no_replies( self.pg0, tx, remark="GRE packets forwarded despite no SRC address match") # # Configure IPv6 on the PG interface so we can route IPv6 # packets # self.pg0.config_ip6() self.pg0.resolve_ndp() # # Send IPv6 tunnel encapslated packets # - dropped since IPv6 is not enabled on the tunnel # tx = self.create_tunnel_stream_6o4(self.pg0, "1.1.1.2", self.pg0.local_ip4, self.pg0.local_ip6, self.pg0.remote_ip6) self.send_and_assert_no_replies( self.pg0, tx, "IPv6 GRE packets forwarded " "despite IPv6 not enabled on tunnel") # # Enable IPv6 on the tunnel # gre_if.config_ip6() # # Send IPv6 tunnel encapslated packets # - forwarded since IPv6 is enabled on the tunnel # tx = self.create_tunnel_stream_6o4(self.pg0, "1.1.1.2", self.pg0.local_ip4, self.pg0.local_ip6, self.pg0.remote_ip6) rx = self.send_and_expect(self.pg0, tx, self.pg0) self.verify_decapped_6o4(self.pg0, rx, tx) # # Send v6 packets for v4 encap # route6_via_tun = VppIpRoute(self, "2001::1", 128, [ VppRoutePath( "::", gre_if.sw_if_index, proto=DpoProto.DPO_PROTO_IP6) ]) route6_via_tun.add_vpp_config() tx = self.create_stream_ip6(self.pg0, "2001::2", "2001::1") rx = self.send_and_expect(self.pg0, tx, self.pg0) self.verify_tunneled_6o4(self.pg0, rx, tx, self.pg0.local_ip4, "1.1.1.2") # # test case cleanup # route_tun_dst.remove_vpp_config() route_via_tun.remove_vpp_config() route6_via_tun.remove_vpp_config() gre_if.remove_vpp_config() self.pg0.unconfig_ip6()
def test_gre(self): """ GRE IPv4 tunnel Tests """ # # Create an L3 GRE tunnel. # - set it admin up # - assign an IP Addres # - Add a route via the tunnel # gre_if = VppGreInterface(self, self.pg0.local_ip4, "1.1.1.2") gre_if.add_vpp_config() # # The double create (create the same tunnel twice) should fail, # and we should still be able to use the original # try: gre_if.add_vpp_config() except Exception: pass else: self.fail("Double GRE tunnel add does not fail") gre_if.admin_up() gre_if.config_ip4() route_via_tun = VppIpRoute(self, "4.4.4.4", 32, [VppRoutePath("0.0.0.0", gre_if.sw_if_index)]) route_via_tun.add_vpp_config() # # Send a packet stream that is routed into the tunnel # - they are all dropped since the tunnel's destintation IP # is unresolved - or resolves via the default route - which # which is a drop. # tx = self.create_stream_ip4(self.pg0, "5.5.5.5", "4.4.4.4") self.send_and_assert_no_replies(self.pg0, tx) # # Add a route that resolves the tunnel's destination # route_tun_dst = VppIpRoute(self, "1.1.1.2", 32, [VppRoutePath(self.pg0.remote_ip4, self.pg0.sw_if_index)]) route_tun_dst.add_vpp_config() # # Send a packet stream that is routed into the tunnel # - packets are GRE encapped # tx = self.create_stream_ip4(self.pg0, "5.5.5.5", "4.4.4.4") rx = self.send_and_expect(self.pg0, tx, self.pg0) self.verify_tunneled_4o4(self.pg0, rx, tx, self.pg0.local_ip4, "1.1.1.2") # # Send tunneled packets that match the created tunnel and # are decapped and forwarded # tx = self.create_tunnel_stream_4o4(self.pg0, "1.1.1.2", self.pg0.local_ip4, self.pg0.local_ip4, self.pg0.remote_ip4) rx = self.send_and_expect(self.pg0, tx, self.pg0) self.verify_decapped_4o4(self.pg0, rx, tx) # # Send tunneled packets that do not match the tunnel's src # self.vapi.cli("clear trace") tx = self.create_tunnel_stream_4o4(self.pg0, "1.1.1.3", self.pg0.local_ip4, self.pg0.local_ip4, self.pg0.remote_ip4) self.send_and_assert_no_replies( self.pg0, tx, remark="GRE packets forwarded despite no SRC address match") # # Configure IPv6 on the PG interface so we can route IPv6 # packets # self.pg0.config_ip6() self.pg0.resolve_ndp() # # Send IPv6 tunnel encapslated packets # - dropped since IPv6 is not enabled on the tunnel # tx = self.create_tunnel_stream_6o4(self.pg0, "1.1.1.2", self.pg0.local_ip4, self.pg0.local_ip6, self.pg0.remote_ip6) self.send_and_assert_no_replies(self.pg0, tx, "IPv6 GRE packets forwarded " "despite IPv6 not enabled on tunnel") # # Enable IPv6 on the tunnel # gre_if.config_ip6() # # Send IPv6 tunnel encapslated packets # - forwarded since IPv6 is enabled on the tunnel # tx = self.create_tunnel_stream_6o4(self.pg0, "1.1.1.2", self.pg0.local_ip4, self.pg0.local_ip6, self.pg0.remote_ip6) rx = self.send_and_expect(self.pg0, tx, self.pg0) self.verify_decapped_6o4(self.pg0, rx, tx) # # Send v6 packets for v4 encap # route6_via_tun = VppIpRoute( self, "2001::1", 128, [VppRoutePath("::", gre_if.sw_if_index, proto=DpoProto.DPO_PROTO_IP6)], is_ip6=1) route6_via_tun.add_vpp_config() tx = self.create_stream_ip6(self.pg0, "2001::2", "2001::1") rx = self.send_and_expect(self.pg0, tx, self.pg0) self.verify_tunneled_6o4(self.pg0, rx, tx, self.pg0.local_ip4, "1.1.1.2") # # test case cleanup # route_tun_dst.remove_vpp_config() route_via_tun.remove_vpp_config() route6_via_tun.remove_vpp_config() gre_if.remove_vpp_config() self.pg0.unconfig_ip6()
def test_gre6(self): """ GRE IPv6 tunnel Tests """ self.pg1.config_ip6() self.pg1.resolve_ndp() # # Create an L3 GRE tunnel. # - set it admin up # - assign an IP Address # - Add a route via the tunnel # gre_if = VppGreInterface(self, self.pg2.local_ip6, "1002::1") gre_if.add_vpp_config() gre_if.admin_up() gre_if.config_ip6() route_via_tun = VppIpRoute( self, "4004::1", 128, [VppRoutePath("0::0", gre_if.sw_if_index, proto=DpoProto.DPO_PROTO_IP6)], is_ip6=1) route_via_tun.add_vpp_config() # # Send a packet stream that is routed into the tunnel # - they are all dropped since the tunnel's destintation IP # is unresolved - or resolves via the default route - which # which is a drop. # tx = self.create_stream_ip6(self.pg2, "5005::1", "4004::1") self.send_and_assert_no_replies( self.pg2, tx, "GRE packets forwarded without DIP resolved") # # Add a route that resolves the tunnel's destination # route_tun_dst = VppIpRoute( self, "1002::1", 128, [VppRoutePath(self.pg2.remote_ip6, self.pg2.sw_if_index, proto=DpoProto.DPO_PROTO_IP6)], is_ip6=1) route_tun_dst.add_vpp_config() # # Send a packet stream that is routed into the tunnel # - packets are GRE encapped # tx = self.create_stream_ip6(self.pg2, "5005::1", "4004::1") rx = self.send_and_expect(self.pg2, tx, self.pg2) self.verify_tunneled_6o6(self.pg2, rx, tx, self.pg2.local_ip6, "1002::1") # # Test decap. decapped packets go out pg1 # tx = self.create_tunnel_stream_6o6(self.pg2, "1002::1", self.pg2.local_ip6, "2001::1", self.pg1.remote_ip6) rx = self.send_and_expect(self.pg2, tx, self.pg1) # # RX'd packet is UDP over IPv6, test the GRE header is gone. # self.assertFalse(rx[0].haslayer(GRE)) self.assertEqual(rx[0][IPv6].dst, self.pg1.remote_ip6) # # Send v4 over v6 # route4_via_tun = VppIpRoute(self, "1.1.1.1", 32, [VppRoutePath("0.0.0.0", gre_if.sw_if_index)]) route4_via_tun.add_vpp_config() tx = self.create_stream_ip4(self.pg0, "1.1.1.2", "1.1.1.1") rx = self.send_and_expect(self.pg0, tx, self.pg2) self.verify_tunneled_4o6(self.pg0, rx, tx, self.pg2.local_ip6, "1002::1") # # test case cleanup # route_tun_dst.remove_vpp_config() route_via_tun.remove_vpp_config() route4_via_tun.remove_vpp_config() gre_if.remove_vpp_config() self.pg2.unconfig_ip6() self.pg1.unconfig_ip6()
def test_l2_emulation(self): """ L2 Emulation """ # # non distinct L3 packets, in the tag/non-tag combos # pkt_no_tag = (Ether(src=self.pg0.remote_mac, dst=self.pg1.remote_mac) / IP(src="2.2.2.2", dst="1.1.1.1") / UDP(sport=1234, dport=1234) / Raw('\xa5' * 100)) pkt_to_tag = (Ether(src=self.pg0.remote_mac, dst=self.pg2.remote_mac) / IP(src="2.2.2.2", dst="1.1.1.2") / UDP(sport=1234, dport=1234) / Raw('\xa5' * 100)) pkt_from_tag = (Ether(src=self.pg3.remote_mac, dst=self.pg2.remote_mac) / Dot1Q(vlan=93) / IP(src="2.2.2.2", dst="1.1.1.1") / UDP(sport=1234, dport=1234) / Raw('\xa5' * 100)) pkt_from_to_tag = (Ether(src=self.pg3.remote_mac, dst=self.pg2.remote_mac) / Dot1Q(vlan=93) / IP(src="2.2.2.2", dst="1.1.1.2") / UDP(sport=1234, dport=1234) / Raw('\xa5' * 100)) pkt_bcast = (Ether(src=self.pg0.remote_mac, dst="ff:ff:ff:ff:ff:ff") / IP(src="2.2.2.2", dst="255.255.255.255") / UDP(sport=1234, dport=1234) / Raw('\xa5' * 100)) # # A couple of sub-interfaces for tags # sub_if_on_pg2 = VppDot1QSubint(self, self.pg2, 92) sub_if_on_pg3 = VppDot1QSubint(self, self.pg3, 93) sub_if_on_pg2.admin_up() sub_if_on_pg3.admin_up() # # Put all the interfaces into a new bridge domain # self.vapi.sw_interface_set_l2_bridge( rx_sw_if_index=self.pg0.sw_if_index, bd_id=1) self.vapi.sw_interface_set_l2_bridge( rx_sw_if_index=self.pg1.sw_if_index, bd_id=1) self.vapi.sw_interface_set_l2_bridge( rx_sw_if_index=sub_if_on_pg2.sw_if_index, bd_id=1) self.vapi.sw_interface_set_l2_bridge( rx_sw_if_index=sub_if_on_pg3.sw_if_index, bd_id=1) self.vapi.l2_interface_vlan_tag_rewrite( sw_if_index=sub_if_on_pg2.sw_if_index, vtr_op=L2_VTR_OP.L2_POP_1, push_dot1q=92) self.vapi.l2_interface_vlan_tag_rewrite( sw_if_index=sub_if_on_pg3.sw_if_index, vtr_op=L2_VTR_OP.L2_POP_1, push_dot1q=93) # # Disable UU flooding, learning and ARP termination. makes this test # easier as unicast packets are dropped if not extracted. # self.vapi.bridge_flags(bd_id=1, is_set=0, flags=(1 << 0) | (1 << 3) | (1 << 4)) # # Add a DVR route to steer traffic at L3 # route_1 = VppIpRoute(self, "1.1.1.1", 32, [VppRoutePath("0.0.0.0", self.pg1.sw_if_index, is_dvr=1)]) route_2 = VppIpRoute(self, "1.1.1.2", 32, [VppRoutePath("0.0.0.0", sub_if_on_pg2.sw_if_index, is_dvr=1)]) route_1.add_vpp_config() route_2.add_vpp_config() # # packets are dropped because bridge does not flood unknown unicast # self.send_and_assert_no_replies(self.pg0, pkt_no_tag) # # Enable L3 extraction on pgs # self.vapi.l2_emulation(self.pg0.sw_if_index) self.vapi.l2_emulation(self.pg1.sw_if_index) self.vapi.l2_emulation(sub_if_on_pg2.sw_if_index) self.vapi.l2_emulation(sub_if_on_pg3.sw_if_index) # # now we expect the packet forward according to the DVR route # rx = self.send_and_expect(self.pg0, pkt_no_tag * 65, self.pg1) self.assert_same_mac_addr(pkt_no_tag, rx) self.assert_has_no_tag(rx) rx = self.send_and_expect(self.pg0, pkt_to_tag * 65, self.pg2) self.assert_same_mac_addr(pkt_to_tag, rx) self.assert_has_vlan_tag(92, rx) rx = self.send_and_expect(self.pg3, pkt_from_tag * 65, self.pg1) self.assert_same_mac_addr(pkt_from_tag, rx) self.assert_has_no_tag(rx) rx = self.send_and_expect(self.pg3, pkt_from_to_tag * 65, self.pg2) self.assert_same_mac_addr(pkt_from_tag, rx) self.assert_has_vlan_tag(92, rx) # # but broadcast packets are still flooded # self.send_and_expect(self.pg0, pkt_bcast * 33, self.pg2) # # cleanup # self.vapi.l2_emulation(self.pg0.sw_if_index, enable=0) self.vapi.l2_emulation(self.pg1.sw_if_index, enable=0) self.vapi.l2_emulation(sub_if_on_pg2.sw_if_index, enable=0) self.vapi.l2_emulation(sub_if_on_pg3.sw_if_index, enable=0) self.vapi.sw_interface_set_l2_bridge( rx_sw_if_index=self.pg0.sw_if_index, bd_id=1, enable=0) self.vapi.sw_interface_set_l2_bridge( rx_sw_if_index=self.pg1.sw_if_index, bd_id=1, enable=0) self.vapi.sw_interface_set_l2_bridge( rx_sw_if_index=sub_if_on_pg2.sw_if_index, bd_id=1, enable=0) self.vapi.sw_interface_set_l2_bridge( rx_sw_if_index=sub_if_on_pg3.sw_if_index, bd_id=1, enable=0) route_1.remove_vpp_config() route_2.remove_vpp_config() sub_if_on_pg3.remove_vpp_config() sub_if_on_pg2.remove_vpp_config()
class QUICTestCase(VppTestCase): """ QUIC Test Case """ @classmethod def setUpClass(cls): super(QUICTestCase, cls).setUpClass() @classmethod def tearDownClass(cls): super(QUICTestCase, cls).tearDownClass() def setUp(self): var = "VPP_BUILD_DIR" self.build_dir = os.getenv(var, None) if self.build_dir is None: raise Exception("Environment variable `%s' not set" % var) self.vppDebug = 'vpp_debug' in self.build_dir self.timeout = 20 self.pre_test_sleep = 0.3 self.post_test_sleep = 0.3 self.vapi.session_enable_disable(is_enabled=1) def tearDown(self): self.vapi.session_enable_disable(is_enabled=0) def thru_host_stack_ipv4_setup(self): super(QUICTestCase, self).setUp() self.create_loopback_interfaces(2) self.uri = "quic://%s/1234" % self.loop0.local_ip4 common_args = ["uri", self.uri, "fifo-size", "64"] self.server_echo_test_args = common_args + ["appns", "server"] self.client_echo_test_args = common_args + ["appns", "client", "test-bytes"] table_id = 1 for i in self.lo_interfaces: i.admin_up() if table_id != 0: tbl = VppIpTable(self, table_id) tbl.add_vpp_config() i.set_table_ip4(table_id) i.config_ip4() table_id += 1 # Configure namespaces self.vapi.app_namespace_add_del(namespace_id=b"server", sw_if_index=self.loop0.sw_if_index) self.vapi.app_namespace_add_del(namespace_id=b"client", sw_if_index=self.loop1.sw_if_index) # Add inter-table routes self.ip_t01 = VppIpRoute(self, self.loop1.local_ip4, 32, [VppRoutePath("0.0.0.0", 0xffffffff, nh_table_id=2)], table_id=1) self.ip_t10 = VppIpRoute(self, self.loop0.local_ip4, 32, [VppRoutePath("0.0.0.0", 0xffffffff, nh_table_id=1)], table_id=2) self.ip_t01.add_vpp_config() self.ip_t10.add_vpp_config() self.logger.debug(self.vapi.cli("show ip fib")) def thru_host_stack_ipv4_tear_down(self): # Delete inter-table routes self.ip_t01.remove_vpp_config() self.ip_t10.remove_vpp_config() for i in self.lo_interfaces: i.unconfig_ip4() i.set_table_ip4(0) i.admin_down() def start_internal_echo_server(self, args): error = self.vapi.cli("test echo server %s" % ' '.join(args)) if error: self.logger.critical(error) self.assertNotIn("failed", error) def start_internal_echo_client(self, args): error = self.vapi.cli("test echo client %s" % ' '.join(args)) if error: self.logger.critical(error) self.assertNotIn("failed", error) def internal_ipv4_transfer_test(self, server_args, client_args): self.start_internal_echo_server(server_args) self.start_internal_echo_client(client_args) def start_external_echo_server(self, args): self.worker_server = QUICAppWorker(self.build_dir, "quic_echo", args, self.logger) self.worker_server.start() def start_external_echo_client(self, args): self.client_echo_test_args += "use-svm-api" self.worker_client = QUICAppWorker(self.build_dir, "quic_echo", args, self.logger) self.worker_client.start() self.worker_client.join(self.timeout) try: self.validateExternalTestResults() except Exception as error: self.fail("Failed with %s" % error) def external_ipv4_transfer_test(self, server_args, client_args): self.start_external_echo_server(server_args) self.sleep(self.pre_test_sleep) self.start_external_echo_client(client_args) self.sleep(self.post_test_sleep) def validateExternalTestResults(self): if os.path.isdir('/proc/{}'.format(self.worker_server.process.pid)): self.logger.info("Killing server worker process (pid %d)" % self.worker_server.process.pid) os.killpg(os.getpgid(self.worker_server.process.pid), signal.SIGTERM) self.worker_server.join() self.logger.info("Client worker result is `%s'" % self.worker_client.result) error = False if self.worker_client.result is None: try: error = True self.logger.error( "Timeout: %ss! Killing client worker process (pid %d)" % (self.timeout, self.worker_client.process.pid)) os.killpg(os.getpgid(self.worker_client.process.pid), signal.SIGKILL) self.worker_client.join() except OSError: self.logger.debug( "Couldn't kill client worker process") raise if error: raise Exception( "Timeout! Client worker did not finish in %ss" % timeout) self.assert_equal(self.worker_client.result, 0, "Binary test return code")
def test_gre_vrf(self): """ GRE tunnel VRF Tests """ # # Create an L3 GRE tunnel whose destination is in the non-default # table. The underlay is thus non-default - the overlay is still # the default. # - set it admin up # - assign an IP Addres # gre_if = VppGreInterface(self, self.pg1.local_ip4, "2.2.2.2", outer_fib_id=1) gre_if.add_vpp_config() gre_if.admin_up() gre_if.config_ip4() # # Add a route via the tunnel - in the overlay # route_via_tun = VppIpRoute( self, "9.9.9.9", 32, [VppRoutePath("0.0.0.0", gre_if.sw_if_index)]) route_via_tun.add_vpp_config() # # Add a route that resolves the tunnel's destination - in the # underlay table # route_tun_dst = VppIpRoute( self, "2.2.2.2", 32, table_id=1, paths=[VppRoutePath(self.pg1.remote_ip4, self.pg1.sw_if_index)]) route_tun_dst.add_vpp_config() # # Send a packet stream that is routed into the tunnel # packets are sent in on pg0 which is in the default table # - packets are GRE encapped # self.vapi.cli("clear trace") tx = self.create_stream_ip4(self.pg0, "5.5.5.5", "9.9.9.9") rx = self.send_and_expect(self.pg0, tx, self.pg1) self.verify_tunneled_4o4(self.pg1, rx, tx, self.pg1.local_ip4, "2.2.2.2") # # Send tunneled packets that match the created tunnel and # are decapped and forwarded. This tests the decap lookup # does not happen in the encap table # self.vapi.cli("clear trace") tx = self.create_tunnel_stream_4o4(self.pg1, "2.2.2.2", self.pg1.local_ip4, self.pg0.local_ip4, self.pg0.remote_ip4) rx = self.send_and_expect(self.pg1, tx, self.pg0) self.verify_decapped_4o4(self.pg0, rx, tx) # # Send tunneled packets that match the created tunnel # but arrive on an interface that is not in the tunnel's # encap VRF, these are dropped. # IP enable the interface so they aren't dropped due to # IP not being enabled. # self.pg2.config_ip4() self.vapi.cli("clear trace") tx = self.create_tunnel_stream_4o4(self.pg2, "2.2.2.2", self.pg1.local_ip4, self.pg0.local_ip4, self.pg0.remote_ip4) rx = self.send_and_assert_no_replies(self.pg2, tx, "GRE decap packets in wrong VRF") self.pg2.unconfig_ip4() # # test case cleanup # route_tun_dst.remove_vpp_config() route_via_tun.remove_vpp_config() gre_if.remove_vpp_config()
def test_l2_emulation(self): """ L2 Emulation """ # # non distinct L3 packets, in the tag/non-tag combos # pkt_no_tag = (Ether(src=self.pg0.remote_mac, dst=self.pg1.remote_mac) / IP(src="2.2.2.2", dst="1.1.1.1") / UDP(sport=1234, dport=1234) / Raw('\xa5' * 100)) pkt_to_tag = (Ether(src=self.pg0.remote_mac, dst=self.pg2.remote_mac) / IP(src="2.2.2.2", dst="1.1.1.2") / UDP(sport=1234, dport=1234) / Raw('\xa5' * 100)) pkt_from_tag = ( Ether(src=self.pg3.remote_mac, dst=self.pg2.remote_mac) / Dot1Q(vlan=93) / IP(src="2.2.2.2", dst="1.1.1.1") / UDP(sport=1234, dport=1234) / Raw('\xa5' * 100)) pkt_from_to_tag = ( Ether(src=self.pg3.remote_mac, dst=self.pg2.remote_mac) / Dot1Q(vlan=93) / IP(src="2.2.2.2", dst="1.1.1.2") / UDP(sport=1234, dport=1234) / Raw('\xa5' * 100)) pkt_bcast = (Ether(src=self.pg0.remote_mac, dst="ff:ff:ff:ff:ff:ff") / IP(src="2.2.2.2", dst="255.255.255.255") / UDP(sport=1234, dport=1234) / Raw('\xa5' * 100)) # # A couple of sub-interfaces for tags # sub_if_on_pg2 = VppDot1QSubint(self, self.pg2, 92) sub_if_on_pg3 = VppDot1QSubint(self, self.pg3, 93) sub_if_on_pg2.admin_up() sub_if_on_pg3.admin_up() # # Put all the interfaces into a new bridge domain # self.vapi.sw_interface_set_l2_bridge(self.pg0.sw_if_index, 1) self.vapi.sw_interface_set_l2_bridge(self.pg1.sw_if_index, 1) self.vapi.sw_interface_set_l2_bridge(sub_if_on_pg2.sw_if_index, 1) self.vapi.sw_interface_set_l2_bridge(sub_if_on_pg3.sw_if_index, 1) self.vapi.sw_interface_set_l2_tag_rewrite(sub_if_on_pg2.sw_if_index, L2_VTR_OP.L2_POP_1, 92) self.vapi.sw_interface_set_l2_tag_rewrite(sub_if_on_pg3.sw_if_index, L2_VTR_OP.L2_POP_1, 93) # # Disable UU flooding, learning and ARP terminaation. makes this test # easier as unicast packets are dropped if not extracted. # self.vapi.bridge_flags(1, 0, (1 << 0) | (1 << 3) | (1 << 4)) # # Add a DVR route to steer traffic at L3 # route_1 = VppIpRoute( self, "1.1.1.1", 32, [VppRoutePath("0.0.0.0", self.pg1.sw_if_index, is_dvr=1)]) route_2 = VppIpRoute( self, "1.1.1.2", 32, [VppRoutePath("0.0.0.0", sub_if_on_pg2.sw_if_index, is_dvr=1)]) route_1.add_vpp_config() route_2.add_vpp_config() # # packets are dropped because bridge does not flood unkown unicast # self.send_and_assert_no_replies(self.pg0, pkt_no_tag) # # Enable L3 extraction on pgs # self.vapi.sw_interface_set_l2_emulation(self.pg0.sw_if_index) self.vapi.sw_interface_set_l2_emulation(self.pg1.sw_if_index) self.vapi.sw_interface_set_l2_emulation(sub_if_on_pg2.sw_if_index) self.vapi.sw_interface_set_l2_emulation(sub_if_on_pg3.sw_if_index) # # now we expect the packet forward according to the DVR route # rx = self.send_and_expect(self.pg0, pkt_no_tag * 65, self.pg1) self.assert_same_mac_addr(pkt_no_tag, rx) self.assert_has_no_tag(rx) rx = self.send_and_expect(self.pg0, pkt_to_tag * 65, self.pg2) self.assert_same_mac_addr(pkt_to_tag, rx) self.assert_has_vlan_tag(92, rx) rx = self.send_and_expect(self.pg3, pkt_from_tag * 65, self.pg1) self.assert_same_mac_addr(pkt_from_tag, rx) self.assert_has_no_tag(rx) rx = self.send_and_expect(self.pg3, pkt_from_to_tag * 65, self.pg2) self.assert_same_mac_addr(pkt_from_tag, rx) self.assert_has_vlan_tag(92, rx) # # but broadcast packets are still flooded # self.send_and_expect(self.pg0, pkt_bcast * 33, self.pg2) # # cleanup # self.vapi.sw_interface_set_l2_emulation(self.pg0.sw_if_index, enable=0) self.vapi.sw_interface_set_l2_emulation(self.pg1.sw_if_index, enable=0) self.vapi.sw_interface_set_l2_emulation(sub_if_on_pg2.sw_if_index, enable=0) self.vapi.sw_interface_set_l2_emulation(sub_if_on_pg3.sw_if_index, enable=0) self.vapi.sw_interface_set_l2_bridge(self.pg0.sw_if_index, 1, enable=0) self.vapi.sw_interface_set_l2_bridge(self.pg1.sw_if_index, 1, enable=0) self.vapi.sw_interface_set_l2_bridge(sub_if_on_pg2.sw_if_index, 1, enable=0) self.vapi.sw_interface_set_l2_bridge(sub_if_on_pg3.sw_if_index, 1, enable=0) route_1.remove_vpp_config() route_2.remove_vpp_config() sub_if_on_pg3.remove_vpp_config() sub_if_on_pg2.remove_vpp_config()
class QUICTestCase(VppTestCase): """ QUIC Test Case """ @classmethod def setUpClass(cls): super(QUICTestCase, cls).setUpClass() @classmethod def tearDownClass(cls): super(QUICTestCase, cls).tearDownClass() def setUp(self): var = "VPP_BUILD_DIR" self.build_dir = os.getenv(var, None) if self.build_dir is None: raise Exception("Environment variable `%s' not set" % var) self.vppDebug = 'vpp_debug' in self.build_dir self.timeout = 20 self.pre_test_sleep = 0.3 self.post_test_sleep = 0.3 self.vapi.session_enable_disable(is_enabled=1) def tearDown(self): self.vapi.session_enable_disable(is_enabled=0) def thru_host_stack_ipv4_setup(self): super(QUICTestCase, self).setUp() self.create_loopback_interfaces(2) self.uri = "quic://%s/1234" % self.loop0.local_ip4 common_args = ["uri", self.uri, "fifo-size", "64"] self.server_echo_test_args = common_args + ["appns", "server"] self.client_echo_test_args = common_args + [ "appns", "client", "test-bytes" ] table_id = 1 for i in self.lo_interfaces: i.admin_up() if table_id != 0: tbl = VppIpTable(self, table_id) tbl.add_vpp_config() i.set_table_ip4(table_id) i.config_ip4() table_id += 1 # Configure namespaces self.vapi.app_namespace_add_del(namespace_id=b"server", sw_if_index=self.loop0.sw_if_index) self.vapi.app_namespace_add_del(namespace_id=b"client", sw_if_index=self.loop1.sw_if_index) # Add inter-table routes self.ip_t01 = VppIpRoute( self, self.loop1.local_ip4, 32, [VppRoutePath("0.0.0.0", 0xffffffff, nh_table_id=2)], table_id=1) self.ip_t10 = VppIpRoute( self, self.loop0.local_ip4, 32, [VppRoutePath("0.0.0.0", 0xffffffff, nh_table_id=1)], table_id=2) self.ip_t01.add_vpp_config() self.ip_t10.add_vpp_config() self.logger.debug(self.vapi.cli("show ip fib")) def thru_host_stack_ipv4_tear_down(self): # Delete inter-table routes self.ip_t01.remove_vpp_config() self.ip_t10.remove_vpp_config() for i in self.lo_interfaces: i.unconfig_ip4() i.set_table_ip4(0) i.admin_down() def start_internal_echo_server(self, args): error = self.vapi.cli("test echo server %s" % ' '.join(args)) if error: self.logger.critical(error) self.assertNotIn("failed", error) def start_internal_echo_client(self, args): error = self.vapi.cli("test echo client %s" % ' '.join(args)) if error: self.logger.critical(error) self.assertNotIn("failed", error) def internal_ipv4_transfer_test(self, server_args, client_args): self.start_internal_echo_server(server_args) self.start_internal_echo_client(client_args) def start_external_echo_server(self, args): self.worker_server = QUICAppWorker(self.build_dir, "quic_echo", args, self.logger) self.worker_server.start() def start_external_echo_client(self, args): self.client_echo_test_args += "use-svm-api" self.worker_client = QUICAppWorker(self.build_dir, "quic_echo", args, self.logger) self.worker_client.start() self.worker_client.join(self.timeout) try: self.validateExternalTestResults() except Exception as error: self.fail("Failed with %s" % error) def external_ipv4_transfer_test(self, server_args, client_args): self.start_external_echo_server(server_args) self.sleep(self.pre_test_sleep) self.start_external_echo_client(client_args) self.sleep(self.post_test_sleep) def validateExternalTestResults(self): if os.path.isdir('/proc/{}'.format(self.worker_server.process.pid)): self.logger.info("Killing server worker process (pid %d)" % self.worker_server.process.pid) os.killpg(os.getpgid(self.worker_server.process.pid), signal.SIGTERM) self.worker_server.join() self.logger.info("Client worker result is `%s'" % self.worker_client.result) error = False if self.worker_client.result is None: try: error = True self.logger.error( "Timeout: %ss! Killing client worker process (pid %d)" % (self.timeout, self.worker_client.process.pid)) os.killpg(os.getpgid(self.worker_client.process.pid), signal.SIGKILL) self.worker_client.join() except OSError: self.logger.debug("Couldn't kill client worker process") raise if error: raise Exception("Timeout! Client worker did not finish in %ss" % self.timeout) self.assert_equal(self.worker_client.result, 0, "Binary test return code")
def test_map_e(self): """ MAP-E """ # # Add a route to the MAP-BR # map_br_pfx = "2001::" map_br_pfx_len = 64 map_route = VppIpRoute(self, map_br_pfx, map_br_pfx_len, [VppRoutePath(self.pg1.remote_ip6, self.pg1.sw_if_index, proto=DpoProto.DPO_PROTO_IP6)], is_ip6=1) map_route.add_vpp_config() # # Add a domain that maps from pg0 to pg1 # map_dst = '2001::/64' map_src = '3000::1/128' client_pfx = '192.168.0.0/16' self.vapi.map_add_domain(map_dst, client_pfx, map_src) # Enable MAP on interface. self.vapi.map_if_enable_disable(is_enable=1, sw_if_index=self.pg0.sw_if_index, is_translation=0) # Ensure MAP doesn't steal all packets! v4 = (Ether(dst=self.pg0.local_mac, src=self.pg0.remote_mac) / IP(src=self.pg0.remote_ip4, dst=self.pg0.remote_ip4) / UDP(sport=20000, dport=10000) / Raw('\xa5' * 100)) rx = self.send_and_expect(self.pg0, v4*1, self.pg0) v4_reply = v4[1] v4_reply.ttl -= 1 for p in rx: self.validate(p[1], v4_reply) # # Fire in a v4 packet that will be encapped to the BR # v4 = (Ether(dst=self.pg0.local_mac, src=self.pg0.remote_mac) / IP(src=self.pg0.remote_ip4, dst='192.168.1.1') / UDP(sport=20000, dport=10000) / Raw('\xa5' * 100)) self.send_and_assert_encapped(v4, "3000::1", "2001::c0a8:0:0") # Enable MAP on interface. self.vapi.map_if_enable_disable(is_enable=1, sw_if_index=self.pg1.sw_if_index, is_translation=0) # Ensure MAP doesn't steal all packets v6 = (Ether(dst=self.pg1.local_mac, src=self.pg1.remote_mac) / IPv6(src=self.pg1.remote_ip6, dst=self.pg1.remote_ip6) / UDP(sport=20000, dport=10000) / Raw('\xa5' * 100)) rx = self.send_and_expect(self.pg1, v6*1, self.pg1) v6_reply = v6[1] v6_reply.hlim -= 1 for p in rx: self.validate(p[1], v6_reply) # # Fire in a V6 encapped packet. # expect a decapped packet on the inside ip4 link # p = (Ether(dst=self.pg1.local_mac, src=self.pg1.remote_mac) / IPv6(dst='3000::1', src="2001::1") / IP(dst=self.pg0.remote_ip4, src='192.168.1.1') / UDP(sport=20000, dport=10000) / Raw('\xa5' * 100)) self.pg1.add_stream(p) self.pg_enable_capture(self.pg_interfaces) self.pg_start() rx = self.pg0.get_capture(1) rx = rx[0] self.assertFalse(rx.haslayer(IPv6)) self.assertEqual(rx[IP].src, p[IP].src) self.assertEqual(rx[IP].dst, p[IP].dst) # # Pre-resolve. No API for this!! # self.vapi.ppcli("map params pre-resolve ip6-nh 4001::1") self.send_and_assert_no_replies(self.pg0, v4, "resovled via default route") # # Add a route to 4001::1. Expect the encapped traffic to be # sent via that routes next-hop # pre_res_route = VppIpRoute( self, "4001::1", 128, [VppRoutePath(self.pg1.remote_hosts[2].ip6, self.pg1.sw_if_index, proto=DpoProto.DPO_PROTO_IP6)], is_ip6=1) pre_res_route.add_vpp_config() self.send_and_assert_encapped(v4, "3000::1", "2001::c0a8:0:0", dmac=self.pg1.remote_hosts[2].mac) # # change the route to the pre-solved next-hop # pre_res_route.modify([VppRoutePath(self.pg1.remote_hosts[3].ip6, self.pg1.sw_if_index, proto=DpoProto.DPO_PROTO_IP6)]) pre_res_route.add_vpp_config() self.send_and_assert_encapped(v4, "3000::1", "2001::c0a8:0:0", dmac=self.pg1.remote_hosts[3].mac) # # cleanup. The test infra's object registry will ensure # the route is really gone and thus that the unresolve worked. # pre_res_route.remove_vpp_config() self.vapi.ppcli("map params pre-resolve del ip6-nh 4001::1")
def test_gre_vrf(self): """ GRE tunnel VRF Tests """ # # Create an L3 GRE tunnel whose destination is in the non-default # table. The underlay is thus non-default - the overlay is still # the default. # - set it admin up # - assign an IP Addres # gre_if = VppGreInterface(self, self.pg1.local_ip4, "2.2.2.2", outer_fib_id=1) gre_if.add_vpp_config() gre_if.admin_up() gre_if.config_ip4() # # Add a route via the tunnel - in the overlay # route_via_tun = VppIpRoute(self, "9.9.9.9", 32, [VppRoutePath("0.0.0.0", gre_if.sw_if_index)]) route_via_tun.add_vpp_config() # # Add a route that resolves the tunnel's destination - in the # underlay table # route_tun_dst = VppIpRoute(self, "2.2.2.2", 32, table_id=1, paths=[VppRoutePath(self.pg1.remote_ip4, self.pg1.sw_if_index)]) route_tun_dst.add_vpp_config() # # Send a packet stream that is routed into the tunnel # packets are sent in on pg0 which is in the default table # - packets are GRE encapped # self.vapi.cli("clear trace") tx = self.create_stream_ip4(self.pg0, "5.5.5.5", "9.9.9.9") rx = self.send_and_expect(self.pg0, tx, self.pg1) self.verify_tunneled_4o4(self.pg1, rx, tx, self.pg1.local_ip4, "2.2.2.2") # # Send tunneled packets that match the created tunnel and # are decapped and forwarded. This tests the decap lookup # does not happen in the encap table # self.vapi.cli("clear trace") tx = self.create_tunnel_stream_4o4(self.pg1, "2.2.2.2", self.pg1.local_ip4, self.pg0.local_ip4, self.pg0.remote_ip4) rx = self.send_and_expect(self.pg1, tx, self.pg0) self.verify_decapped_4o4(self.pg0, rx, tx) # # Send tunneled packets that match the created tunnel # but arrive on an interface that is not in the tunnel's # encap VRF, these are dropped. # IP enable the interface so they aren't dropped due to # IP not being enabled. # self.pg2.config_ip4() self.vapi.cli("clear trace") tx = self.create_tunnel_stream_4o4(self.pg2, "2.2.2.2", self.pg1.local_ip4, self.pg0.local_ip4, self.pg0.remote_ip4) rx = self.send_and_assert_no_replies( self.pg2, tx, "GRE decap packets in wrong VRF") self.pg2.unconfig_ip4() # # test case cleanup # route_tun_dst.remove_vpp_config() route_via_tun.remove_vpp_config() gre_if.remove_vpp_config()
def test_map_e(self): """ MAP-E """ # # Add a route to the MAP-BR # map_br_pfx = "2001::" map_br_pfx_len = 32 map_route = VppIpRoute( self, map_br_pfx, map_br_pfx_len, [VppRoutePath(self.pg1.remote_ip6, self.pg1.sw_if_index)]) map_route.add_vpp_config() # # Add a domain that maps from pg0 to pg1 # map_dst = '2001::/32' map_src = '3000::1/128' client_pfx = '192.168.0.0/16' map_translated_addr = '2001:0:101:7000:0:c0a8:101:7' tag = 'MAP-E tag.' self.vapi.map_add_domain(ip4_prefix=client_pfx, ip6_prefix=map_dst, ip6_src=map_src, ea_bits_len=20, psid_offset=4, psid_length=4, tag=tag) self.vapi.map_param_set_security_check(enable=1, fragments=1) # Enable MAP on interface. self.vapi.map_if_enable_disable(is_enable=1, sw_if_index=self.pg0.sw_if_index, is_translation=0) # Ensure MAP doesn't steal all packets! v4 = (Ether(dst=self.pg0.local_mac, src=self.pg0.remote_mac) / IP(src=self.pg0.remote_ip4, dst=self.pg0.remote_ip4) / UDP(sport=20000, dport=10000) / Raw(b'\xa5' * 100)) rx = self.send_and_expect(self.pg0, v4 * 1, self.pg0) v4_reply = v4[1] v4_reply.ttl -= 1 for p in rx: self.validate(p[1], v4_reply) # # Fire in a v4 packet that will be encapped to the BR # v4 = (Ether(dst=self.pg0.local_mac, src=self.pg0.remote_mac) / IP(src=self.pg0.remote_ip4, dst='192.168.1.1') / UDP(sport=20000, dport=10000) / Raw(b'\xa5' * 100)) self.send_and_assert_encapped_one(v4, "3000::1", map_translated_addr) # # Verify reordered fragments are able to pass as well # v4 = (Ether(dst=self.pg0.local_mac, src=self.pg0.remote_mac) / IP(id=1, src=self.pg0.remote_ip4, dst='192.168.1.1') / UDP(sport=20000, dport=10000) / Raw(b'\xa5' * 1000)) frags = fragment_rfc791(v4, 400) frags.reverse() self.send_and_assert_encapped(frags, "3000::1", map_translated_addr) # Enable MAP on interface. self.vapi.map_if_enable_disable(is_enable=1, sw_if_index=self.pg1.sw_if_index, is_translation=0) # Ensure MAP doesn't steal all packets v6 = (Ether(dst=self.pg1.local_mac, src=self.pg1.remote_mac) / IPv6(src=self.pg1.remote_ip6, dst=self.pg1.remote_ip6) / UDP(sport=20000, dport=10000) / Raw(b'\xa5' * 100)) rx = self.send_and_expect(self.pg1, v6 * 1, self.pg1) v6_reply = v6[1] v6_reply.hlim -= 1 for p in rx: self.validate(p[1], v6_reply) # # Fire in a V6 encapped packet. # expect a decapped packet on the inside ip4 link # p = (Ether(dst=self.pg1.local_mac, src=self.pg1.remote_mac) / IPv6(dst='3000::1', src=map_translated_addr) / IP(dst=self.pg0.remote_ip4, src='192.168.1.1') / UDP(sport=10000, dport=20000) / Raw(b'\xa5' * 100)) self.pg1.add_stream(p) self.pg_enable_capture(self.pg_interfaces) self.pg_start() rx = self.pg0.get_capture(1) rx = rx[0] self.assertFalse(rx.haslayer(IPv6)) self.assertEqual(rx[IP].src, p[IP].src) self.assertEqual(rx[IP].dst, p[IP].dst) # # Verify encapped reordered fragments pass as well # p = (IP(id=1, dst=self.pg0.remote_ip4, src='192.168.1.1') / UDP(sport=10000, dport=20000) / Raw(b'\xa5' * 1500)) frags = fragment_rfc791(p, 400) frags.reverse() stream = (Ether(dst=self.pg1.local_mac, src=self.pg1.remote_mac) / IPv6(dst='3000::1', src=map_translated_addr) / x for x in frags) self.pg1.add_stream(stream) self.pg_enable_capture(self.pg_interfaces) self.pg_start() rx = self.pg0.get_capture(len(frags)) for r in rx: self.assertFalse(r.haslayer(IPv6)) self.assertEqual(r[IP].src, p[IP].src) self.assertEqual(r[IP].dst, p[IP].dst) # Verify that fragments pass even if ipv6 layer is fragmented stream = (IPv6(dst='3000::1', src=map_translated_addr) / x for x in frags) v6_stream = [ Ether(dst=self.pg1.local_mac, src=self.pg1.remote_mac) / x for i in range(len(frags)) for x in fragment_rfc8200( IPv6(dst='3000::1', src=map_translated_addr) / frags[i], i, 200) ] self.pg1.add_stream(v6_stream) self.pg_enable_capture(self.pg_interfaces) self.pg_start() rx = self.pg0.get_capture(len(frags)) for r in rx: self.assertFalse(r.haslayer(IPv6)) self.assertEqual(r[IP].src, p[IP].src) self.assertEqual(r[IP].dst, p[IP].dst) # # Pre-resolve. No API for this!! # self.vapi.ppcli("map params pre-resolve ip6-nh 4001::1") self.send_and_assert_no_replies(self.pg0, v4, "resolved via default route") # # Add a route to 4001::1. Expect the encapped traffic to be # sent via that routes next-hop # pre_res_route = VppIpRoute( self, "4001::1", 128, [VppRoutePath(self.pg1.remote_hosts[2].ip6, self.pg1.sw_if_index)]) pre_res_route.add_vpp_config() self.send_and_assert_encapped_one(v4, "3000::1", map_translated_addr, dmac=self.pg1.remote_hosts[2].mac) # # change the route to the pre-solved next-hop # pre_res_route.modify( [VppRoutePath(self.pg1.remote_hosts[3].ip6, self.pg1.sw_if_index)]) pre_res_route.add_vpp_config() self.send_and_assert_encapped_one(v4, "3000::1", map_translated_addr, dmac=self.pg1.remote_hosts[3].mac) # # cleanup. The test infra's object registry will ensure # the route is really gone and thus that the unresolve worked. # pre_res_route.remove_vpp_config() self.vapi.ppcli("map params pre-resolve del ip6-nh 4001::1")
def test_PPPoE_Encap_Multiple(self): """ PPPoE Encap Multiple Sessions Test """ self.vapi.cli("clear trace") # # Add a route that resolves the server's destination # route_sever_dst = VppIpRoute(self, "100.1.1.100", 32, [VppRoutePath(self.pg1.remote_ip4, self.pg1.sw_if_index)]) route_sever_dst.add_vpp_config() # Send PPPoE Discovery 1 tx0 = self.create_stream_pppoe_discovery(self.pg0, self.pg1, self.pg0.remote_mac) self.pg0.add_stream(tx0) self.pg_start() # Send PPPoE PPP LCP 1 tx1 = self.create_stream_pppoe_lcp(self.pg0, self.pg1, self.pg0.remote_mac, self.session_id) self.pg0.add_stream(tx1) self.pg_start() # Create PPPoE session 1 pppoe_if1 = VppPppoeInterface(self, self.pg0.remote_ip4, self.pg0.remote_mac, self.session_id) pppoe_if1.add_vpp_config() # Send PPPoE Discovery 2 tx3 = self.create_stream_pppoe_discovery(self.pg2, self.pg1, self.pg2.remote_mac) self.pg2.add_stream(tx3) self.pg_start() # Send PPPoE PPP LCP 2 tx4 = self.create_stream_pppoe_lcp(self.pg2, self.pg1, self.pg2.remote_mac, self.session_id + 1) self.pg2.add_stream(tx4) self.pg_start() # Create PPPoE session 2 pppoe_if2 = VppPppoeInterface(self, self.pg2.remote_ip4, self.pg2.remote_mac, self.session_id + 1) pppoe_if2.add_vpp_config() # # Send a packet stream that is routed into the session # - packets are PPPoE encapped # self.vapi.cli("clear trace") tx2 = self.create_stream_ip4(self.pg1, self.pg0, self.pg0.remote_ip4, self.dst_ip) self.pg1.add_stream(tx2) self.pg_enable_capture(self.pg_interfaces) self.pg_start() rx2 = self.pg0.get_capture(len(tx2)) self.verify_encaped_pppoe(self.pg1, rx2, tx2, self.session_id) tx5 = self.create_stream_ip4(self.pg1, self.pg2, self.pg2.remote_ip4, self.dst_ip) self.pg1.add_stream(tx5) self.pg_enable_capture(self.pg_interfaces) self.pg_start() rx5 = self.pg2.get_capture(len(tx5)) self.verify_encaped_pppoe(self.pg1, rx5, tx5, self.session_id + 1) self.logger.info(self.vapi.cli("show pppoe fib")) self.logger.info(self.vapi.cli("show pppoe session")) self.logger.info(self.vapi.cli("show ip fib")) # # test case cleanup # # Delete PPPoE session pppoe_if1.remove_vpp_config() pppoe_if2.remove_vpp_config() # Delete a route that resolves the server's destination route_sever_dst.remove_vpp_config()