def test_ip6_rx_p2p_subif(self):
"""receive ipv6 packet via p2p subinterface"""
self.logger.info("FFP_TEST_START_0002")
route_9001 = VppIpRoute(self,
"9001::",
64, [
VppRoutePath(self.pg1.remote_ip6,
self.pg1.sw_if_index,
proto=DpoProto.DPO_PROTO_IP6)
],
is_ip6=1)
route_9001.add_vpp_config()
self.packets.append(
self.create_stream(src_mac=self.pg0._remote_hosts[0].mac,
dst_mac=self.pg0.local_mac,
src_ip=self.p2p_sub_ifs[0].remote_ip6,
dst_ip="9001::100"))
self.send_packets(self.pg0, self.pg1, self.packets)
self.assert_packet_counter_equal('p2p-ethernet-input', 1)
route_9001.remove_vpp_config()
self.logger.info("FFP_TEST_FINISH_0002")
class QUICTestCase(VppTestCase):
""" QUIC Test Case """
def setUp(self):
super(QUICTestCase, self).setUp()
var = "VPP_BUILD_DIR"
self.build_dir = os.getenv(var, None)
if self.build_dir is None:
raise Exception("Environment variable `%s' not set" % var)
self.vppDebug = 'vpp_debug' in self.build_dir
self.timeout = 20
self.vapi.session_enable_disable(is_enabled=1)
self.pre_test_sleep = 0.3
self.post_test_sleep = 0.2
self.create_loopback_interfaces(2)
self.uri = "quic://%s/1234" % self.loop0.local_ip4
table_id = 1
for i in self.lo_interfaces:
i.admin_up()
if table_id != 0:
tbl = VppIpTable(self, table_id)
tbl.add_vpp_config()
i.set_table_ip4(table_id)
i.config_ip4()
table_id += 1
# Configure namespaces
self.vapi.app_namespace_add_del(namespace_id=b"server",
sw_if_index=self.loop0.sw_if_index)
self.vapi.app_namespace_add_del(namespace_id=b"client",
sw_if_index=self.loop1.sw_if_index)
# Add inter-table routes
self.ip_t01 = VppIpRoute(
self,
self.loop1.local_ip4,
32, [VppRoutePath("0.0.0.0", 0xffffffff, nh_table_id=2)],
table_id=1)
self.ip_t10 = VppIpRoute(
self,
self.loop0.local_ip4,
32, [VppRoutePath("0.0.0.0", 0xffffffff, nh_table_id=1)],
table_id=2)
self.ip_t01.add_vpp_config()
self.ip_t10.add_vpp_config()
self.logger.debug(self.vapi.cli("show ip fib"))
def tearDown(self):
self.vapi.session_enable_disable(is_enabled=0)
# Delete inter-table routes
self.ip_t01.remove_vpp_config()
self.ip_t10.remove_vpp_config()
for i in self.lo_interfaces:
i.unconfig_ip4()
i.set_table_ip4(0)
i.admin_down()
super(QUICTestCase, self).tearDown()
def test_gre_loop(self):
""" GRE tunnel loop Tests """
#
# Create an L3 GRE tunnel.
# - set it admin up
# - assign an IP Addres
#
gre_if = VppGreInterface(self,
self.pg0.local_ip4,
"1.1.1.2")
gre_if.add_vpp_config()
gre_if.admin_up()
gre_if.config_ip4()
#
# add a route to the tunnel's destination that points
# through the tunnel, hence forming a loop in the forwarding
# graph
#
route_dst = VppIpRoute(self, "1.1.1.2", 32,
[VppRoutePath("0.0.0.0",
gre_if.sw_if_index)])
route_dst.add_vpp_config()
#
# packets to the tunnels destination should be dropped
#
tx = self.create_stream_ip4(self.pg0, "1.1.1.1", "1.1.1.2")
self.send_and_assert_no_replies(self.pg2, tx)
self.logger.info(self.vapi.ppcli("sh adj 7"))
#
# break the loop
#
route_dst.modify([VppRoutePath(self.pg1.remote_ip4,
self.pg1.sw_if_index)])
route_dst.add_vpp_config()
rx = self.send_and_expect(self.pg0, tx, self.pg1)
#
# a good route throught the tunnel to check it restacked
#
route_via_tun_2 = VppIpRoute(self, "2.2.2.2", 32,
[VppRoutePath("0.0.0.0",
gre_if.sw_if_index)])
route_via_tun_2.add_vpp_config()
tx = self.create_stream_ip4(self.pg0, "2.2.2.3", "2.2.2.2")
rx = self.send_and_expect(self.pg0, tx, self.pg1)
self.verify_tunneled_4o4(self.pg1, rx, tx,
self.pg0.local_ip4, "1.1.1.2")
#
# cleanup
#
route_via_tun_2.remove_vpp_config()
gre_if.remove_vpp_config()
def test_ip6_rx_p2p_subif_route(self):
"""route rx ip6 packet not matching p2p subinterface"""
self.logger.info("FFP_TEST_START_0003")
self.pg0.config_ip6()
route_3 = VppIpRoute(self,
"9000::",
64, [
VppRoutePath(self.pg1._remote_hosts[0].ip6,
self.pg1.sw_if_index,
proto=DpoProto.DPO_PROTO_IP6)
],
is_ip6=1)
route_3.add_vpp_config()
self.packets.append(
self.create_stream(src_mac="02:03:00:00:ff:ff",
dst_mac=self.pg0.local_mac,
src_ip="a000::100",
dst_ip="9000::100"))
self.send_packets(self.pg0, self.pg1)
self.pg0.unconfig_ip6()
route_3.remove_vpp_config()
self.logger.info("FFP_TEST_FINISH_0003")
def test_ip6_rx_p2p_subif_route(self):
"""route rx ip6 packet not matching p2p subinterface"""
self.logger.info("FFP_TEST_START_0003")
self.pg0.config_ip6()
route_3 = VppIpRoute(self, "9000::", 64,
[VppRoutePath(self.pg1._remote_hosts[0].ip6,
self.pg1.sw_if_index,
proto=DpoProto.DPO_PROTO_IP6)],
is_ip6=1)
route_3.add_vpp_config()
self.packets.append(
self.create_stream(src_mac="02:03:00:00:ff:ff",
dst_mac=self.pg0.local_mac,
src_ip="a000::100",
dst_ip="9000::100"))
self.send_packets(self.pg0, self.pg1)
self.pg0.unconfig_ip6()
route_3.remove_vpp_config()
self.logger.info("FFP_TEST_FINISH_0003")
def test_gre_loop(self):
""" GRE tunnel loop Tests """
#
# Create an L3 GRE tunnel.
# - set it admin up
# - assign an IP Addres
#
gre_if = VppGreInterface(self,
self.pg0.local_ip4,
"1.1.1.2")
gre_if.add_vpp_config()
gre_if.admin_up()
gre_if.config_ip4()
#
# add a route to the tunnel's destination that points
# through the tunnel, hence forming a loop in the forwarding
# graph
#
route_dst = VppIpRoute(self, "1.1.1.2", 32,
[VppRoutePath("0.0.0.0",
gre_if.sw_if_index)])
route_dst.add_vpp_config()
#
# packets to the tunnels destination should be dropped
#
tx = self.create_stream_ip4(self.pg0, "1.1.1.1", "1.1.1.2")
self.send_and_assert_no_replies(self.pg2, tx)
self.logger.info(self.vapi.ppcli("sh adj 7"))
#
# break the loop
#
route_dst.modify([VppRoutePath(self.pg1.remote_ip4,
self.pg1.sw_if_index)])
route_dst.add_vpp_config()
rx = self.send_and_expect(self.pg0, tx, self.pg1)
#
# a good route throught the tunnel to check it restacked
#
route_via_tun_2 = VppIpRoute(self, "2.2.2.2", 32,
[VppRoutePath("0.0.0.0",
gre_if.sw_if_index)])
route_via_tun_2.add_vpp_config()
tx = self.create_stream_ip4(self.pg0, "2.2.2.3", "2.2.2.2")
rx = self.send_and_expect(self.pg0, tx, self.pg1)
self.verify_tunneled_4o4(self.pg1, rx, tx,
self.pg0.local_ip4, "1.1.1.2")
#
# cleanup
#
route_via_tun_2.remove_vpp_config()
gre_if.remove_vpp_config()
def test_tcp_transfer(self):
""" TCP echo client/server transfer """
# Add inter-table routes
ip_t01 = VppIpRoute(self, self.loop1.local_ip4, 32,
[VppRoutePath("0.0.0.0",
0xffffffff,
nh_table_id=1)])
ip_t10 = VppIpRoute(self, self.loop0.local_ip4, 32,
[VppRoutePath("0.0.0.0",
0xffffffff,
nh_table_id=0)], table_id=1)
ip_t01.add_vpp_config()
ip_t10.add_vpp_config()
# Start builtin server and client
uri = "tcp://" + self.loop0.local_ip4 + "/1234"
error = self.vapi.cli("test echo server appns 0 fifo-size 4 uri " +
uri)
if error:
self.logger.critical(error)
self.assertNotIn("failed", error)
error = self.vapi.cli("test echo client mbytes 10 appns 1 " +
"fifo-size 4 no-output test-bytes " +
"syn-timeout 2 uri " + uri)
if error:
self.logger.critical(error)
self.assertNotIn("failed", error)
# Delete inter-table routes
ip_t01.remove_vpp_config()
ip_t10.remove_vpp_config()
def test_sctp_transfer(self):
""" SCTP echo client/server transfer """
# Add inter-table routes
ip_t01 = VppIpRoute(
self, self.loop1.local_ip4, 32,
[VppRoutePath("0.0.0.0", 0xffffffff, nh_table_id=1)])
ip_t10 = VppIpRoute(
self,
self.loop0.local_ip4,
32, [VppRoutePath("0.0.0.0", 0xffffffff, nh_table_id=0)],
table_id=1)
ip_t01.add_vpp_config()
ip_t10.add_vpp_config()
# Start builtin server and client
uri = "sctp://" + self.loop0.local_ip4 + "/1234"
error = self.vapi.cli("test echo server appns 0 fifo-size 4 " +
"no-echo uri " + uri)
if error:
self.logger.critical(error)
self.assertNotIn("failed", error)
error = self.vapi.cli("test echo client mbytes 10 no-return " +
" appns 1" + " fifo-size 4" +
" no-output test-bytes syn-timeout 3" +
" test-timeout 30" + " uri " + uri)
if error:
self.logger.critical(error)
self.assertNotIn("failed", error)
# Delete inter-table routes
ip_t01.remove_vpp_config()
ip_t10.remove_vpp_config()
def test_quic_transfer(self):
""" QUIC echo client/server transfer """
# Add inter-table routes
ip_t01 = VppIpRoute(self, self.loop1.local_ip4, 32,
[VppRoutePath("0.0.0.0",
0xffffffff,
nh_table_id=2)], table_id=1)
ip_t10 = VppIpRoute(self, self.loop0.local_ip4, 32,
[VppRoutePath("0.0.0.0",
0xffffffff,
nh_table_id=1)], table_id=2)
ip_t01.add_vpp_config()
ip_t10.add_vpp_config()
self.logger.debug(self.vapi.cli("show ip fib"))
# Start builtin server and client
uri = "quic://%s/1234" % self.loop0.local_ip4
error = self.vapi.cli("test echo server appns 1 fifo-size 4 uri %s" %
uri)
if error:
self.logger.critical(error)
self.assertNotIn("failed", error)
error = self.vapi.cli("test echo client bytes 1024 appns 2 " +
"fifo-size 4 test-bytes no-output " +
"uri %s" % uri)
self.logger.critical(error)
if error:
self.logger.critical(error)
self.assertNotIn("failed", error)
# Delete inter-table routes
ip_t01.remove_vpp_config()
ip_t10.remove_vpp_config()
def test_ip4_rx_p2p_subif_route(self):
"""route rx packet not matching p2p subinterface"""
self.logger.info("FFP_TEST_START_0003")
route_9001 = VppIpRoute(
self,
"9.0.0.0",
24,
[VppRoutePath(self.pg1.remote_ip4, self.pg1.sw_if_index)],
)
route_9001.add_vpp_config()
self.packets.append(
self.create_stream(
src_mac="02:01:00:00:ff:ff",
dst_mac=self.pg0.local_mac,
src_ip="8.0.0.100",
dst_ip="9.0.0.100",
))
self.send_packets(self.pg0, self.pg1)
route_9001.remove_vpp_config()
self.logger.info("FFP_TEST_FINISH_0003")
def test_ip4_rx_p2p_subif(self):
"""receive ipv4 packet via p2p subinterface"""
self.logger.info("FFP_TEST_START_0002")
route_9000 = VppIpRoute(
self,
"9.0.0.0",
16,
[VppRoutePath(self.pg1.remote_ip4, self.pg1.sw_if_index)],
)
route_9000.add_vpp_config()
self.packets.append(
self.create_stream(
src_mac=self.pg0._remote_hosts[0].mac,
dst_mac=self.pg0.local_mac,
src_ip=self.p2p_sub_ifs[0].remote_ip4,
dst_ip="9.0.0.100",
))
self.send_packets(self.pg0, self.pg1, self.packets)
self.assert_packet_counter_equal("p2p-ethernet-input", 1)
route_9000.remove_vpp_config()
self.logger.info("FFP_TEST_FINISH_0002")
def test_udp_transfer(self):
""" UDP echo client/server transfer """
# Add inter-table routes
ip_t01 = VppIpRoute(
self, self.loop1.local_ip4, 32,
[VppRoutePath("0.0.0.0", 0xffffffff, nh_table_id=1)])
ip_t10 = VppIpRoute(
self,
self.loop0.local_ip4,
32, [VppRoutePath("0.0.0.0", 0xffffffff, nh_table_id=0)],
table_id=1)
ip_t01.add_vpp_config()
ip_t10.add_vpp_config()
# Start builtin server and client
uri = "udp://" + self.loop0.local_ip4 + "/1234"
error = self.vapi.cli("test echo server appns 0 fifo-size 4 no-echo" +
"uri " + uri)
if error:
self.logger.critical(error)
self.assertEqual(error.find("failed"), -1)
error = self.vapi.cli("test echo client mbytes 10 appns 1 " +
"fifo-size 4 no-output test-bytes " +
"syn-timeout 2 no-return uri " + uri)
if error:
self.logger.critical(error)
self.assertEqual(error.find("failed"), -1)
# Delete inter-table routes
ip_t01.remove_vpp_config()
ip_t10.remove_vpp_config()
def test_PPPoE_Encap(self):
""" PPPoE Encap Test """
self.vapi.cli("clear trace")
#
# Add a route that resolves the server's destination
#
route_sever_dst = VppIpRoute(
self, "100.1.1.100", 32,
[VppRoutePath(self.pg1.remote_ip4, self.pg1.sw_if_index)])
route_sever_dst.add_vpp_config()
# Send PPPoE Discovery
tx0 = self.create_stream_pppoe_discovery(self.pg0, self.pg1,
self.pg0.remote_mac)
self.pg0.add_stream(tx0)
self.pg_start()
# Send PPPoE PPP LCP
tx1 = self.create_stream_pppoe_lcp(self.pg0, self.pg1,
self.pg0.remote_mac,
self.session_id)
self.pg0.add_stream(tx1)
self.pg_start()
# Create PPPoE session
pppoe_if = VppPppoeInterface(self, self.pg0.remote_ip4,
self.pg0.remote_mac, self.session_id)
pppoe_if.add_vpp_config()
#
# Send a packet stream that is routed into the session
# - packets are PPPoE encapped
#
self.vapi.cli("clear trace")
tx2 = self.create_stream_ip4(self.pg1, self.pg0, self.pg0.remote_ip4,
self.dst_ip, 65)
self.pg1.add_stream(tx2)
self.pg_enable_capture(self.pg_interfaces)
self.pg_start()
rx2 = self.pg0.get_capture(len(tx2))
self.verify_encaped_pppoe(self.pg1, rx2, tx2, self.session_id)
self.logger.info(self.vapi.cli("show pppoe fib"))
self.logger.info(self.vapi.cli("show pppoe session"))
self.logger.info(self.vapi.cli("show ip fib"))
self.logger.info(self.vapi.cli("show adj"))
#
# test case cleanup
#
# Delete PPPoE session
pppoe_if.remove_vpp_config()
# Delete a route that resolves the server's destination
route_sever_dst.remove_vpp_config()
def test_memif_ping(self):
"""Memif ping"""
memif = VppMemif(
self,
VppEnum.vl_api_memif_role_t.MEMIF_ROLE_API_SLAVE,
VppEnum.vl_api_memif_mode_t.MEMIF_MODE_API_ETHERNET,
)
remote_socket = VppSocketFilename(self.remote_test, 1,
"%s/memif.sock" % self.tempdir)
remote_socket.add_vpp_config()
remote_memif = VppMemif(
self.remote_test,
VppEnum.vl_api_memif_role_t.MEMIF_ROLE_API_MASTER,
VppEnum.vl_api_memif_mode_t.MEMIF_MODE_API_ETHERNET,
socket_id=1,
)
memif.add_vpp_config()
memif.config_ip4()
memif.admin_up()
remote_memif.add_vpp_config()
remote_memif.config_ip4()
remote_memif.admin_up()
self.assertTrue(memif.wait_for_link_up(5))
self.assertTrue(remote_memif.wait_for_link_up(5))
# add routing to remote vpp
route = VppIpRoute(
self.remote_test,
self.pg0._local_ip4_subnet,
24,
[VppRoutePath(memif.ip_prefix.network_address, 0xFFFFFFFF)],
register=False,
)
route.add_vpp_config()
# create ICMP echo-request from local pg to remote memif
packet_num = 10
pkts = self._create_icmp(self.pg0, remote_memif, packet_num)
self.pg0.add_stream(pkts)
self.pg_enable_capture(self.pg_interfaces)
self.pg_start()
capture = self.pg0.get_capture(packet_num, timeout=2)
seq = 0
for c in capture:
self._verify_icmp(self.pg0, remote_memif, c, seq)
seq += 1
route.remove_vpp_config()
def test_PPPoE_Add_Twice(self):
"""PPPoE Add Same Session Twice Test"""
self.vapi.cli("clear trace")
#
# Add a route that resolves the server's destination
#
route_sever_dst = VppIpRoute(
self,
"100.1.1.100",
32,
[VppRoutePath(self.pg1.remote_ip4, self.pg1.sw_if_index)],
)
route_sever_dst.add_vpp_config()
# Send PPPoE Discovery
tx0 = self.create_stream_pppoe_discovery(self.pg0, self.pg1,
self.pg0.remote_mac)
self.pg0.add_stream(tx0)
self.pg_start()
# Send PPPoE PPP LCP
tx1 = self.create_stream_pppoe_lcp(self.pg0, self.pg1,
self.pg0.remote_mac,
self.session_id)
self.pg0.add_stream(tx1)
self.pg_start()
# Create PPPoE session
pppoe_if = VppPppoeInterface(self, self.pg0.remote_ip4,
self.pg0.remote_mac, self.session_id)
pppoe_if.add_vpp_config()
pppoe_if.set_unnumbered(self.pg0.sw_if_index)
#
# The double create (create the same session twice) should fail,
# and we should still be able to use the original
#
try:
pppoe_if.add_vpp_config()
except Exception:
pass
else:
self.fail("Double GRE tunnel add does not fail")
#
# test case cleanup
#
# Delete PPPoE session
pppoe_if.remove_vpp_config()
# Delete a route that resolves the server's destination
route_sever_dst.remove_vpp_config()
def test_bind(self):
""" MPLS Local Label Binding test """
#
# Add a non-recursive route with a single out label
#
route_10_0_0_1 = VppIpRoute(self, "10.0.0.1", 32, [
VppRoutePath(
self.pg0.remote_ip4, self.pg0.sw_if_index, labels=[45])
])
route_10_0_0_1.add_vpp_config()
# bind a local label to the route
binding = VppMplsIpBind(self, 44, "10.0.0.1", 32)
binding.add_vpp_config()
# non-EOS stream
self.vapi.cli("clear trace")
tx = self.create_stream_labelled_ip4(self.pg0, [44, 99])
self.pg0.add_stream(tx)
self.pg_enable_capture(self.pg_interfaces)
self.pg_start()
rx = self.pg0.get_capture()
self.verify_capture_labelled(self.pg0, rx, tx, [45, 99])
# EOS stream
self.vapi.cli("clear trace")
tx = self.create_stream_labelled_ip4(self.pg0, [44])
self.pg0.add_stream(tx)
self.pg_enable_capture(self.pg_interfaces)
self.pg_start()
rx = self.pg0.get_capture()
self.verify_capture_labelled(self.pg0, rx, tx, [45])
# IP stream
self.vapi.cli("clear trace")
tx = self.create_stream_ip4(self.pg0, "10.0.0.1")
self.pg0.add_stream(tx)
self.pg_enable_capture(self.pg_interfaces)
self.pg_start()
rx = self.pg0.get_capture()
self.verify_capture_labelled_ip4(self.pg0, rx, tx, [45])
#
# cleanup
#
binding.remove_vpp_config()
route_10_0_0_1.remove_vpp_config()
def test_PPPoE_Del_Twice(self):
""" PPPoE Delete Same Session Twice Test """
self.vapi.cli("clear trace")
#
# Add a route that resolves the server's destination
#
route_sever_dst = VppIpRoute(self, "100.1.1.100", 32,
[VppRoutePath(self.pg1.remote_ip4,
self.pg1.sw_if_index)])
route_sever_dst.add_vpp_config()
# Send PPPoE Discovery
tx0 = self.create_stream_pppoe_discovery(self.pg0, self.pg1,
self.pg0.remote_mac)
self.pg0.add_stream(tx0)
self.pg_start()
# Send PPPoE PPP LCP
tx1 = self.create_stream_pppoe_lcp(self.pg0, self.pg1,
self.pg0.remote_mac,
self.session_id)
self.pg0.add_stream(tx1)
self.pg_start()
# Create PPPoE session
pppoe_if = VppPppoeInterface(self,
self.pg0.remote_ip4,
self.pg0.remote_mac,
self.session_id)
pppoe_if.add_vpp_config()
# Delete PPPoE session
pppoe_if.remove_vpp_config()
#
# The double del (del the same session twice) should fail,
# and we should still be able to use the original
#
try:
pppoe_if.remove_vpp_config()
except Exception:
pass
else:
self.fail("Double GRE tunnel del does not fail")
#
# test case cleanup
#
# Delete a route that resolves the server's destination
route_sever_dst.remove_vpp_config()
def test_6rd_bgp_tunnel(self):
""" 6rd BGP tunnel """
rv = self.vapi.ipip_6rd_add_tunnel(ip6_table_id=0,
ip4_table_id=0,
ip6_prefix='2002::/16',
ip4_prefix='0.0.0.0/0',
ip4_src=self.pg0.local_ip4,
security_check=False)
self.tunnel_index = rv.sw_if_index
default_route = VppIpRoute(
self,
"DEAD::",
16, [
VppRoutePath("2002:0808:0808::",
self.tunnel_index,
proto=DpoProto.DPO_PROTO_IP6)
],
is_ip6=1)
default_route.add_vpp_config()
ip4_route = VppIpRoute(self, "8.0.0.0", 8,
[VppRoutePath(self.pg1.remote_ip4, 0xFFFFFFFF)])
ip4_route.add_vpp_config()
# Via recursive route 6 -> 4
p = (Ether(src=self.pg0.remote_mac, dst=self.pg0.local_mac) /
IPv6(src="1::1", dst="DEAD:BEEF::1") /
UDP(sport=1234, dport=1234))
p_reply = (IP(src=self.pg0.local_ip4, dst="8.8.8.8", proto='ipv6') /
IPv6(src='1::1', dst='DEAD:BEEF::1', nh='UDP'))
rx = self.send_and_expect(self.pg0, p * 10, self.pg1)
for p in rx:
self.validate_6in4(p, p_reply)
# Via recursive route 4 -> 6 (Security check must be disabled)
p_ip6 = (IPv6(src="DEAD:BEEF::1", dst=self.pg1.remote_ip6) /
UDP(sport=1234, dport=1234))
p = (Ether(src=self.pg0.remote_mac, dst=self.pg0.local_mac) /
IP(src="8.8.8.8", dst=self.pg0.local_ip4) / p_ip6)
p_reply = p_ip6
rx = self.send_and_expect(self.pg0, p * 10, self.pg1)
for p in rx:
self.validate_4in6(p, p_reply)
ip4_route.remove_vpp_config()
default_route.remove_vpp_config()
self.vapi.ipip_6rd_del_tunnel(self.tunnel_index)
def test_acl_pbr(self):
""" IP PBR test
Test scenario for PBR with source IP
- Create IPv4 stream for pg0 -> pg3 interface.
- Configure PBR fib entry for packet forwarding.
- Send and verify received packets on pg3 interface.
"""
# PBR testing with source IP
pkts = self.create_stream(self.pg0, self.pg3, self.pg_if_packet_sizes)
self.pg0.add_stream(pkts)
key = 'pbr'
self.create_classify_table(key, self.build_ip_mask(src_ip='ffffffff'))
pbr_option = 1
# this will create the VRF/table in which we will insert the route
self.create_classify_session(
self.acl_tbl_idx.get(key),
self.build_ip_match(src_ip=self.pg0.remote_ip4), pbr_option,
self.pbr_vrfid)
self.assertTrue(self.verify_vrf(self.pbr_vrfid))
r = VppIpRoute(self,
self.pg3.local_ip4,
24, [VppRoutePath(self.pg3.remote_ip4, INVALID_INDEX)],
table_id=self.pbr_vrfid)
r.add_vpp_config()
self.input_acl_set_interface(self.pg0, self.acl_tbl_idx.get(key))
self.pg_enable_capture(self.pg_interfaces)
self.pg_start()
pkts = self.pg3.get_capture(len(pkts))
self.verify_capture(self.pg3, pkts)
self.input_acl_set_interface(self.pg0, self.acl_tbl_idx.get(key), 0)
self.pg0.assert_nothing_captured(remark="packets forwarded")
self.pg1.assert_nothing_captured(remark="packets forwarded")
self.pg2.assert_nothing_captured(remark="packets forwarded")
# remove the classify session and the route
r.remove_vpp_config()
self.create_classify_session(
self.acl_tbl_idx.get(key),
self.build_ip_match(src_ip=self.pg0.remote_ip4),
pbr_option,
self.pbr_vrfid,
is_add=0)
# and the table should be gone.
self.assertFalse(self.verify_vrf(self.pbr_vrfid))
def test_6rd_bgp_tunnel(self):
""" 6rd BGP tunnel """
rv = self.vapi.ipip_6rd_add_tunnel(0, 0, inet_pton(AF_INET6, '2002::'),
inet_pton(AF_INET, '0.0.0.0'),
self.pg0.local_ip4n, 16, 0, False)
self.tunnel_index = rv.sw_if_index
default_route = VppIpRoute(
self, "DEAD::", 16, [VppRoutePath("2002:0808:0808::",
self.tunnel_index,
proto=DpoProto.DPO_PROTO_IP6)],
is_ip6=1)
default_route.add_vpp_config()
ip4_route = VppIpRoute(self, "8.0.0.0", 8,
[VppRoutePath(self.pg1.remote_ip4, 0xFFFFFFFF)])
ip4_route.add_vpp_config()
# Via recursive route 6 -> 4
p = (Ether(src=self.pg0.remote_mac,
dst=self.pg0.local_mac) /
IPv6(src="1::1", dst="DEAD:BEEF::1") /
UDP(sport=1234, dport=1234))
p_reply = (IP(src=self.pg0.local_ip4, dst="8.8.8.8",
proto='ipv6') /
IPv6(src='1::1', dst='DEAD:BEEF::1', nh='UDP'))
rx = self.send_and_expect(self.pg0, p * 10, self.pg1)
for p in rx:
self.validate_6in4(p, p_reply)
# Via recursive route 4 -> 6 (Security check must be disabled)
p_ip6 = (IPv6(src="DEAD:BEEF::1", dst=self.pg1.remote_ip6) /
UDP(sport=1234, dport=1234))
p = (Ether(src=self.pg0.remote_mac,
dst=self.pg0.local_mac) /
IP(src="8.8.8.8", dst=self.pg0.local_ip4) /
p_ip6)
p_reply = p_ip6
rx = self.send_and_expect(self.pg0, p * 10, self.pg1)
for p in rx:
self.validate_4in6(p, p_reply)
ip4_route.remove_vpp_config()
default_route.remove_vpp_config()
self.vapi.ipip_6rd_del_tunnel(self.tunnel_index)
def test_memif_ping(self):
""" Memif ping """
memif = VppMemif(self, MEMIF_ROLE.SLAVE, MEMIF_MODE.ETHERNET)
remote_socket = VppSocketFilename(
self.remote_test, 1, b"%s/memif.sock" %
six.ensure_binary(self.tempdir, encoding='utf-8'))
remote_socket.add_vpp_config()
remote_memif = VppMemif(self.remote_test,
MEMIF_ROLE.MASTER,
MEMIF_MODE.ETHERNET,
socket_id=1)
memif.add_vpp_config()
memif.config_ip4()
memif.admin_up()
remote_memif.add_vpp_config()
remote_memif.config_ip4()
remote_memif.admin_up()
self.assertTrue(memif.wait_for_link_up(5))
self.assertTrue(remote_memif.wait_for_link_up(5))
# add routing to remote vpp
route = VppIpRoute(self.remote_test,
self.pg0._local_ip4_subnet,
24, [VppRoutePath(memif.ip4_addr, 0xffffffff)],
register=False)
route.add_vpp_config()
# create ICMP echo-request from local pg to remote memif
packet_num = 10
pkts = self._create_icmp(self.pg0, remote_memif, packet_num)
self.pg0.add_stream(pkts)
self.pg_enable_capture(self.pg_interfaces)
self.pg_start()
capture = self.pg0.get_capture(packet_num, timeout=2)
seq = 0
for c in capture:
self._verify_icmp(self.pg0, remote_memif, c, seq)
seq += 1
route.remove_vpp_config()
def test_segment_manager_alloc(self):
"""Session Segment Manager Multiple Segment Allocation"""
# Add inter-table routes
ip_t01 = VppIpRoute(
self,
self.loop1.local_ip4,
32,
[VppRoutePath("0.0.0.0", 0xFFFFFFFF, nh_table_id=1)],
)
ip_t10 = VppIpRoute(
self,
self.loop0.local_ip4,
32,
[VppRoutePath("0.0.0.0", 0xFFFFFFFF, nh_table_id=0)],
table_id=1,
)
ip_t01.add_vpp_config()
ip_t10.add_vpp_config()
# Start builtin server and client with small private segments
uri = "tcp://" + self.loop0.local_ip4 + "/1234"
error = self.vapi.cli(
"test echo server appns 0 fifo-size 64 "
+ "private-segment-size 1m uri "
+ uri
)
if error:
self.logger.critical(error)
self.assertNotIn("failed", error)
error = self.vapi.cli(
"test echo client nclients 100 appns 1 "
+ "no-output fifo-size 64 syn-timeout 2 "
+ "private-segment-size 1m uri "
+ uri
)
if error:
self.logger.critical(error)
self.assertNotIn("failed", error)
if self.vpp_dead:
self.assert_equal(0)
# Delete inter-table routes
ip_t01.remove_vpp_config()
ip_t10.remove_vpp_config()
def test_tls_transfer(self):
"""TLS qat echo client/server transfer"""
# Add inter-table routes
ip_t01 = VppIpRoute(
self,
self.loop1.local_ip4,
32,
[VppRoutePath("0.0.0.0", 0xFFFFFFFF, nh_table_id=1)],
)
ip_t10 = VppIpRoute(
self,
self.loop0.local_ip4,
32,
[VppRoutePath("0.0.0.0", 0xFFFFFFFF, nh_table_id=0)],
table_id=1,
)
ip_t01.add_vpp_config()
ip_t10.add_vpp_config()
# Enable QAT engine and TLS async
r = self.vapi.tls_openssl_set_engine(async_enable=1,
engine="qat",
algorithm="RSA,PKEY_CRYPTO",
ciphers="RSA")
self.assertIsNotNone(r, "No response msg ")
# Start builtin server and client
uri = "tls://" + self.loop0.local_ip4 + "/1234"
error = self.vapi.cli(
"test echo server appns 0 fifo-size 4 tls-engine 1 uri " + uri)
if error:
self.logger.critical(error)
self.assertNotIn("failed", error)
error = self.vapi.cli("test echo client mbytes 10 appns 1 "
"fifo-size 4 no-output test-bytes "
"tls-engine 1 "
"syn-timeout 2 uri " + uri)
if error:
self.logger.critical(error)
self.assertNotIn("failed", error)
# Delete inter-table routes
ip_t01.remove_vpp_config()
ip_t10.remove_vpp_config()
def test_ip4_rx_p2p_subif_route(self):
"""route rx packet not matching p2p subinterface"""
self.logger.info("FFP_TEST_START_0003")
route_9001 = VppIpRoute(self, "9.0.0.0", 24,
[VppRoutePath(self.pg1.remote_ip4,
self.pg1.sw_if_index)])
route_9001.add_vpp_config()
self.packets.append(
self.create_stream(src_mac="02:01:00:00:ff:ff",
dst_mac=self.pg0.local_mac,
src_ip="8.0.0.100",
dst_ip="9.0.0.100"))
self.send_packets(self.pg0, self.pg1)
route_9001.remove_vpp_config()
self.logger.info("FFP_TEST_FINISH_0003")
def test_ip4_rx_p2p_subif(self):
"""receive ipv4 packet via p2p subinterface"""
self.logger.info("FFP_TEST_START_0002")
route_9000 = VppIpRoute(self, "9.0.0.0", 16,
[VppRoutePath(self.pg1.remote_ip4,
self.pg1.sw_if_index)])
route_9000.add_vpp_config()
self.packets.append(
self.create_stream(src_mac=self.pg0._remote_hosts[0].mac,
dst_mac=self.pg0.local_mac,
src_ip=self.p2p_sub_ifs[0].remote_ip4,
dst_ip="9.0.0.100"))
self.send_packets(self.pg0, self.pg1, self.packets)
self.assert_packet_counter_equal('p2p-ethernet-input', 1)
route_9000.remove_vpp_config()
self.logger.info("FFP_TEST_FINISH_0002")
def test_ip6_tx_p2p_subif(self):
"""send packet via p2p subinterface"""
self.logger.info("FFP_TEST_START_0005")
route_8000 = VppIpRoute(
self, "8000::", 64,
[VppRoutePath(self.pg0.remote_ip6, self.pg0.sw_if_index)])
route_8000.add_vpp_config()
route_8001 = VppIpRoute(self, "8001::", 64, [
VppRoutePath(self.p2p_sub_ifs[0].remote_ip6,
self.p2p_sub_ifs[0].sw_if_index)
])
route_8001.add_vpp_config()
route_8002 = VppIpRoute(self, "8002::", 64, [
VppRoutePath(self.p2p_sub_ifs[1].remote_ip6,
self.p2p_sub_ifs[1].sw_if_index)
])
route_8002.add_vpp_config()
for i in range(0, 3):
self.packets.append(
self.create_stream(src_mac=self.pg1.remote_mac,
dst_mac=self.pg1.local_mac,
src_ip=self.pg1.remote_ip6,
dst_ip="800%d::100" % i))
self.send_packets(self.pg1, self.pg0, count=3)
route_8000.remove_vpp_config()
route_8001.remove_vpp_config()
route_8002.remove_vpp_config()
self.logger.info("FFP_TEST_FINISH_0005")
def test_ip4_tx_p2p_subif(self):
"""send ip4 packet via p2p subinterface"""
self.logger.info("FFP_TEST_START_0005")
route_9100 = VppIpRoute(self, "9.1.0.100", 24,
[VppRoutePath(self.pg0.remote_ip4,
self.pg0.sw_if_index,
)])
route_9100.add_vpp_config()
route_9200 = VppIpRoute(self, "9.2.0.100", 24,
[VppRoutePath(self.p2p_sub_ifs[0].remote_ip4,
self.p2p_sub_ifs[0].sw_if_index,
)])
route_9200.add_vpp_config()
route_9300 = VppIpRoute(self, "9.3.0.100", 24,
[VppRoutePath(self.p2p_sub_ifs[1].remote_ip4,
self.p2p_sub_ifs[1].sw_if_index
)])
route_9300.add_vpp_config()
for i in range(0, 3):
self.packets.append(
self.create_stream(src_mac=self.pg1.remote_mac,
dst_mac=self.pg1.local_mac,
src_ip=self.pg1.remote_ip4,
dst_ip="9.%d.0.100" % (i+1)))
self.send_packets(self.pg1, self.pg0)
# route_7000.remove_vpp_config()
route_9100.remove_vpp_config()
route_9200.remove_vpp_config()
route_9300.remove_vpp_config()
self.logger.info("FFP_TEST_FINISH_0005")
def test_ip4_tx_p2p_subif(self):
"""send ip4 packet via p2p subinterface"""
self.logger.info("FFP_TEST_START_0005")
route_9100 = VppIpRoute(self, "9.1.0.100", 24,
[VppRoutePath(self.pg0.remote_ip4,
self.pg0.sw_if_index,
)])
route_9100.add_vpp_config()
route_9200 = VppIpRoute(self, "9.2.0.100", 24,
[VppRoutePath(self.p2p_sub_ifs[0].remote_ip4,
self.p2p_sub_ifs[0].sw_if_index,
)])
route_9200.add_vpp_config()
route_9300 = VppIpRoute(self, "9.3.0.100", 24,
[VppRoutePath(self.p2p_sub_ifs[1].remote_ip4,
self.p2p_sub_ifs[1].sw_if_index
)])
route_9300.add_vpp_config()
for i in range(0, 3):
self.packets.append(
self.create_stream(src_mac=self.pg1.remote_mac,
dst_mac=self.pg1.local_mac,
src_ip=self.pg1.remote_ip4,
dst_ip="9.%d.0.100" % (i+1)))
self.send_packets(self.pg1, self.pg0)
# route_7000.remove_vpp_config()
route_9100.remove_vpp_config()
route_9200.remove_vpp_config()
route_9300.remove_vpp_config()
self.logger.info("FFP_TEST_FINISH_0005")
def test_ip6_rx_p2p_subif(self):
"""receive ipv6 packet via p2p subinterface"""
self.logger.info("FFP_TEST_START_0002")
route_9001 = VppIpRoute(self, "9001::", 64,
[VppRoutePath(self.pg1.remote_ip6,
self.pg1.sw_if_index,
proto=DpoProto.DPO_PROTO_IP6)],
is_ip6=1)
route_9001.add_vpp_config()
self.packets.append(
self.create_stream(src_mac=self.pg0._remote_hosts[0].mac,
dst_mac=self.pg0.local_mac,
src_ip=self.p2p_sub_ifs[0].remote_ip6,
dst_ip="9001::100"))
self.send_packets(self.pg0, self.pg1, self.packets)
self.assert_packet_counter_equal('p2p-ethernet-input', 1)
route_9001.remove_vpp_config()
self.logger.info("FFP_TEST_FINISH_0002")
def test_quic_transfer(self):
""" QUIC echo client/server transfer """
# Add inter-table routes
ip_t01 = VppIpRoute(
self,
self.loop1.local_ip4,
32, [VppRoutePath("0.0.0.0", 0xffffffff, nh_table_id=2)],
table_id=1)
ip_t10 = VppIpRoute(
self,
self.loop0.local_ip4,
32, [VppRoutePath("0.0.0.0", 0xffffffff, nh_table_id=1)],
table_id=2)
ip_t01.add_vpp_config()
ip_t10.add_vpp_config()
self.logger.debug(self.vapi.cli("show ip fib"))
# Start builtin server and client
uri = "quic://%s/1234" % self.loop0.local_ip4
error = self.vapi.cli("test echo server appns 1 fifo-size 4 uri %s" %
uri)
if error:
self.logger.critical(error)
self.assertNotIn("failed", error)
error = self.vapi.cli("test echo client bytes 1024 appns 2 " +
"fifo-size 4 test-bytes no-output " +
"uri %s" % uri)
self.logger.critical(error)
if error:
self.logger.critical(error)
self.assertNotIn("failed", error)
# Delete inter-table routes
ip_t01.remove_vpp_config()
ip_t10.remove_vpp_config()
def test_segment_manager_alloc(self):
""" Session Segment Manager Multiple Segment Allocation """
# Add inter-table routes
ip_t01 = VppIpRoute(self, self.loop1.local_ip4, 32,
[VppRoutePath("0.0.0.0",
0xffffffff,
nh_table_id=1)])
ip_t10 = VppIpRoute(self, self.loop0.local_ip4, 32,
[VppRoutePath("0.0.0.0",
0xffffffff,
nh_table_id=0)], table_id=1)
ip_t01.add_vpp_config()
ip_t10.add_vpp_config()
# Start builtin server and client with small private segments
uri = "tcp://" + self.loop0.local_ip4 + "/1234"
error = self.vapi.cli("test echo server appns 0 fifo-size 64 " +
"private-segment-size 1m uri " + uri)
if error:
self.logger.critical(error)
self.assertNotIn("failed", error)
error = self.vapi.cli("test echo client nclients 100 appns 1 " +
"no-output fifo-size 64 syn-timeout 2 " +
"private-segment-size 1m uri " + uri)
if error:
self.logger.critical(error)
self.assertNotIn("failed", error)
if self.vpp_dead:
self.assert_equal(0)
# Delete inter-table routes
ip_t01.remove_vpp_config()
ip_t10.remove_vpp_config()
def test_ip6_tx_p2p_subif(self):
"""send packet via p2p subinterface"""
self.logger.info("FFP_TEST_START_0005")
route_8000 = VppIpRoute(self, "8000::", 64,
[VppRoutePath(self.pg0.remote_ip6,
self.pg0.sw_if_index,
proto=DpoProto.DPO_PROTO_IP6)],
is_ip6=1)
route_8000.add_vpp_config()
route_8001 = VppIpRoute(self, "8001::", 64,
[VppRoutePath(self.p2p_sub_ifs[0].remote_ip6,
self.p2p_sub_ifs[0].sw_if_index,
proto=DpoProto.DPO_PROTO_IP6)],
is_ip6=1)
route_8001.add_vpp_config()
route_8002 = VppIpRoute(self, "8002::", 64,
[VppRoutePath(self.p2p_sub_ifs[1].remote_ip6,
self.p2p_sub_ifs[1].sw_if_index,
proto=DpoProto.DPO_PROTO_IP6)],
is_ip6=1)
route_8002.add_vpp_config()
for i in range(0, 3):
self.packets.append(
self.create_stream(src_mac=self.pg1.remote_mac,
dst_mac=self.pg1.local_mac,
src_ip=self.pg1.remote_ip6,
dst_ip="800%d::100" % i))
self.send_packets(self.pg1, self.pg0, count=3)
route_8000.remove_vpp_config()
route_8001.remove_vpp_config()
route_8002.remove_vpp_config()
self.logger.info("FFP_TEST_FINISH_0005")
def test_PPPoE_Decap_Multiple(self):
""" PPPoE Decap Multiple Sessions Test """
self.vapi.cli("clear trace")
#
# Add a route that resolves the server's destination
#
route_sever_dst = VppIpRoute(
self, "100.1.1.100", 32,
[VppRoutePath(self.pg1.remote_ip4, self.pg1.sw_if_index)])
route_sever_dst.add_vpp_config()
# Send PPPoE Discovery 1
tx0 = self.create_stream_pppoe_discovery(self.pg0, self.pg1,
self.pg0.remote_mac)
self.pg0.add_stream(tx0)
self.pg_start()
# Send PPPoE PPP LCP 1
tx1 = self.create_stream_pppoe_lcp(self.pg0, self.pg1,
self.pg0.remote_mac,
self.session_id)
self.pg0.add_stream(tx1)
self.pg_start()
# Create PPPoE session 1
pppoe_if1 = VppPppoeInterface(self, self.pg0.remote_ip4,
self.pg0.remote_mac, self.session_id)
pppoe_if1.add_vpp_config()
# Send PPPoE Discovery 2
tx3 = self.create_stream_pppoe_discovery(self.pg2, self.pg1,
self.pg2.remote_mac)
self.pg2.add_stream(tx3)
self.pg_start()
# Send PPPoE PPP LCP 2
tx4 = self.create_stream_pppoe_lcp(self.pg2, self.pg1,
self.pg2.remote_mac,
self.session_id + 1)
self.pg2.add_stream(tx4)
self.pg_start()
# Create PPPoE session 2
pppoe_if2 = VppPppoeInterface(self, self.pg2.remote_ip4,
self.pg2.remote_mac, self.session_id + 1)
pppoe_if2.add_vpp_config()
#
# Send tunneled packets that match the created tunnel and
# are decapped and forwarded
#
tx2 = self.create_stream_pppoe_ip4(self.pg0, self.pg1,
self.pg0.remote_mac,
self.session_id,
self.pg0.remote_ip4)
self.pg0.add_stream(tx2)
self.pg_enable_capture(self.pg_interfaces)
self.pg_start()
rx2 = self.pg1.get_capture(len(tx2))
self.verify_decapped_pppoe(self.pg0, rx2, tx2)
tx5 = self.create_stream_pppoe_ip4(self.pg2, self.pg1,
self.pg2.remote_mac,
self.session_id + 1,
self.pg2.remote_ip4)
self.pg2.add_stream(tx5)
self.pg_enable_capture(self.pg_interfaces)
self.pg_start()
rx5 = self.pg1.get_capture(len(tx5))
self.verify_decapped_pppoe(self.pg2, rx5, tx5)
self.logger.info(self.vapi.cli("show pppoe fib"))
self.logger.info(self.vapi.cli("show pppoe session"))
self.logger.info(self.vapi.cli("show ip fib"))
#
# test case cleanup
#
# Delete PPPoE session
pppoe_if1.remove_vpp_config()
pppoe_if2.remove_vpp_config()
# Delete a route that resolves the server's destination
route_sever_dst.remove_vpp_config()
def test_dvr(self):
""" Distributed Virtual Router """
#
# A packet destined to an IP address that is L2 bridged via
# a non-tag interface
#
ip_non_tag_bridged = "10.10.10.10"
ip_tag_bridged = "10.10.10.11"
any_src_addr = "1.1.1.1"
pkt_no_tag = (Ether(src=self.pg0.remote_mac,
dst=self.loop0.local_mac) /
IP(src=any_src_addr,
dst=ip_non_tag_bridged) /
UDP(sport=1234, dport=1234) /
Raw('\xa5' * 100))
pkt_tag = (Ether(src=self.pg0.remote_mac,
dst=self.loop0.local_mac) /
IP(src=any_src_addr,
dst=ip_tag_bridged) /
UDP(sport=1234, dport=1234) /
Raw('\xa5' * 100))
#
# Two sub-interfaces so we can test VLAN tag push/pop
#
sub_if_on_pg2 = VppDot1QSubint(self, self.pg2, 92)
sub_if_on_pg3 = VppDot1QSubint(self, self.pg3, 93)
sub_if_on_pg2.admin_up()
sub_if_on_pg3.admin_up()
#
# Put all the interfaces into a new bridge domain
#
self.vapi.sw_interface_set_l2_bridge(
rx_sw_if_index=self.pg0.sw_if_index, bd_id=1)
self.vapi.sw_interface_set_l2_bridge(
rx_sw_if_index=self.pg1.sw_if_index, bd_id=1)
self.vapi.sw_interface_set_l2_bridge(
rx_sw_if_index=sub_if_on_pg2.sw_if_index, bd_id=1)
self.vapi.sw_interface_set_l2_bridge(
rx_sw_if_index=sub_if_on_pg3.sw_if_index, bd_id=1)
self.vapi.sw_interface_set_l2_bridge(
rx_sw_if_index=self.loop0.sw_if_index, bd_id=1,
port_type=L2_PORT_TYPE.BVI)
self.vapi.l2_interface_vlan_tag_rewrite(
sw_if_index=sub_if_on_pg2.sw_if_index, vtr_op=L2_VTR_OP.L2_POP_1,
push_dot1q=92)
self.vapi.l2_interface_vlan_tag_rewrite(
sw_if_index=sub_if_on_pg3.sw_if_index, vtr_op=L2_VTR_OP.L2_POP_1,
push_dot1q=93)
#
# Add routes to bridge the traffic via a tagged an nontagged interface
#
route_no_tag = VppIpRoute(
self, ip_non_tag_bridged, 32,
[VppRoutePath("0.0.0.0",
self.pg1.sw_if_index,
is_dvr=1)])
route_no_tag.add_vpp_config()
#
# Inject the packet that arrives and leaves on a non-tagged interface
# Since it's 'bridged' expect that the MAC headed is unchanged.
#
rx = self.send_and_expect(self.pg0, pkt_no_tag * 65, self.pg1)
self.assert_same_mac_addr(pkt_no_tag, rx)
self.assert_has_no_tag(rx)
#
# Add routes to bridge the traffic via a tagged interface
#
route_with_tag = VppIpRoute(
self, ip_tag_bridged, 32,
[VppRoutePath("0.0.0.0",
sub_if_on_pg3.sw_if_index,
is_dvr=1)])
route_with_tag.add_vpp_config()
#
# Inject the packet that arrives non-tag and leaves on a tagged
# interface
#
rx = self.send_and_expect(self.pg0, pkt_tag * 65, self.pg3)
self.assert_same_mac_addr(pkt_tag, rx)
self.assert_has_vlan_tag(93, rx)
#
# Tag to tag
#
pkt_tag_to_tag = (Ether(src=self.pg2.remote_mac,
dst=self.loop0.local_mac) /
Dot1Q(vlan=92) /
IP(src=any_src_addr,
dst=ip_tag_bridged) /
UDP(sport=1234, dport=1234) /
Raw('\xa5' * 100))
rx = self.send_and_expect(self.pg2, pkt_tag_to_tag * 65, self.pg3)
self.assert_same_mac_addr(pkt_tag_to_tag, rx)
self.assert_has_vlan_tag(93, rx)
#
# Tag to non-Tag
#
pkt_tag_to_non_tag = (Ether(src=self.pg2.remote_mac,
dst=self.loop0.local_mac) /
Dot1Q(vlan=92) /
IP(src=any_src_addr,
dst=ip_non_tag_bridged) /
UDP(sport=1234, dport=1234) /
Raw('\xa5' * 100))
rx = self.send_and_expect(self.pg2, pkt_tag_to_non_tag * 65, self.pg1)
self.assert_same_mac_addr(pkt_tag_to_tag, rx)
self.assert_has_no_tag(rx)
#
# Add an output L3 ACL that will block the traffic
#
rule_1 = ({'is_permit': 0,
'is_ipv6': 0,
'proto': 17,
'srcport_or_icmptype_first': 1234,
'srcport_or_icmptype_last': 1234,
'src_ip_prefix_len': 32,
'src_ip_addr': inet_pton(AF_INET, any_src_addr),
'dstport_or_icmpcode_first': 1234,
'dstport_or_icmpcode_last': 1234,
'dst_ip_prefix_len': 32,
'dst_ip_addr': inet_pton(AF_INET, ip_non_tag_bridged)})
acl = self.vapi.acl_add_replace(acl_index=4294967295,
r=[rule_1])
#
# Apply the ACL on the output interface
#
self.vapi.acl_interface_set_acl_list(self.pg1.sw_if_index,
0,
[acl.acl_index])
#
# Send packet's that should match the ACL and be dropped
#
rx = self.send_and_assert_no_replies(self.pg2, pkt_tag_to_non_tag * 65)
#
# cleanup
#
self.vapi.acl_interface_set_acl_list(self.pg1.sw_if_index,
0, [])
self.vapi.acl_del(acl.acl_index)
self.vapi.sw_interface_set_l2_bridge(
rx_sw_if_index=self.pg0.sw_if_index, bd_id=1, enable=0)
self.vapi.sw_interface_set_l2_bridge(
rx_sw_if_index=self.pg1.sw_if_index, bd_id=1, enable=0)
self.vapi.sw_interface_set_l2_bridge(
rx_sw_if_index=sub_if_on_pg2.sw_if_index, bd_id=1, enable=0)
self.vapi.sw_interface_set_l2_bridge(
rx_sw_if_index=sub_if_on_pg3.sw_if_index, bd_id=1, enable=0)
self.vapi.sw_interface_set_l2_bridge(
rx_sw_if_index=self.loop0.sw_if_index, bd_id=1,
port_type=L2_PORT_TYPE.BVI, enable=0)
#
# Do a FIB dump to make sure the paths are correctly reported as DVR
#
routes = self.vapi.ip_fib_dump()
for r in routes:
if (inet_pton(AF_INET, ip_tag_bridged) == r.address):
self.assertEqual(r.path[0].sw_if_index,
sub_if_on_pg3.sw_if_index)
self.assertEqual(r.path[0].is_dvr, 1)
if (inet_pton(AF_INET, ip_non_tag_bridged) == r.address):
self.assertEqual(r.path[0].sw_if_index,
self.pg1.sw_if_index)
self.assertEqual(r.path[0].is_dvr, 1)
#
# the explicit route delete is require so it happens before
# the sbu-interface delete. subinterface delete is required
# because that object type does not use the object registry
#
route_no_tag.remove_vpp_config()
route_with_tag.remove_vpp_config()
sub_if_on_pg3.remove_vpp_config()
sub_if_on_pg2.remove_vpp_config()
def test_map_e(self):
""" MAP-E """
#
# Add a route to the MAP-BR
#
map_br_pfx = "2001::"
map_br_pfx_len = 64
map_route = VppIpRoute(self,
map_br_pfx,
map_br_pfx_len,
[VppRoutePath(self.pg1.remote_ip6,
self.pg1.sw_if_index,
proto=DpoProto.DPO_PROTO_IP6)],
is_ip6=1)
map_route.add_vpp_config()
#
# Add a domain that maps from pg0 to pg1
#
map_dst = socket.inet_pton(socket.AF_INET6, map_br_pfx)
map_src = "3001::1"
map_src_n = socket.inet_pton(socket.AF_INET6, map_src)
client_pfx = socket.inet_pton(socket.AF_INET, "192.168.0.0")
self.vapi.map_add_domain(map_dst,
map_br_pfx_len,
map_src_n,
128,
client_pfx,
16)
#
# Fire in a v4 packet that will be encapped to the BR
#
v4 = (Ether(dst=self.pg0.local_mac, src=self.pg0.remote_mac) /
IP(src=self.pg0.remote_ip4, dst='192.168.1.1') /
UDP(sport=20000, dport=10000) /
Raw('\xa5' * 100))
self.send_and_assert_encapped(v4, map_src, "2001::c0a8:0:0")
#
# Fire in a V6 encapped packet.
# expect a decapped packet on the inside ip4 link
#
p = (Ether(dst=self.pg1.local_mac, src=self.pg1.remote_mac) /
IPv6(dst=map_src, src="2001::1") /
IP(dst=self.pg0.remote_ip4, src='192.168.1.1') /
UDP(sport=20000, dport=10000) /
Raw('\xa5' * 100))
self.pg1.add_stream(p)
self.pg_enable_capture(self.pg_interfaces)
self.pg_start()
rx = self.pg0.get_capture(1)
rx = rx[0]
self.assertFalse(rx.haslayer(IPv6))
self.assertEqual(rx[IP].src, p[IP].src)
self.assertEqual(rx[IP].dst, p[IP].dst)
#
# Pre-resolve. No API for this!!
#
self.vapi.ppcli("map params pre-resolve ip6-nh 4001::1")
self.send_and_assert_no_replies(self.pg0, v4,
"resovled via default route")
#
# Add a route to 4001::1. Expect the encapped traffic to be
# sent via that routes next-hop
#
pre_res_route = VppIpRoute(
self, "4001::1", 128,
[VppRoutePath(self.pg1.remote_hosts[2].ip6,
self.pg1.sw_if_index,
proto=DpoProto.DPO_PROTO_IP6)],
is_ip6=1)
pre_res_route.add_vpp_config()
self.send_and_assert_encapped(v4, map_src,
"2001::c0a8:0:0",
dmac=self.pg1.remote_hosts[2].mac)
#
# change the route to the pre-solved next-hop
#
pre_res_route.modify([VppRoutePath(self.pg1.remote_hosts[3].ip6,
self.pg1.sw_if_index,
proto=DpoProto.DPO_PROTO_IP6)])
pre_res_route.add_vpp_config()
self.send_and_assert_encapped(v4, map_src,
"2001::c0a8:0:0",
dmac=self.pg1.remote_hosts[3].mac)
#
# cleanup. The test infra's object registry will ensure
# the route is really gone and thus that the unresolve worked.
#
pre_res_route.remove_vpp_config()
self.vapi.ppcli("map params pre-resolve del ip6-nh 4001::1")
def test_PPPoE_Decap(self):
""" PPPoE Decap Test """
self.vapi.cli("clear trace")
#
# Add a route that resolves the server's destination
#
route_sever_dst = VppIpRoute(self, "100.1.1.100", 32,
[VppRoutePath(self.pg1.remote_ip4,
self.pg1.sw_if_index)])
route_sever_dst.add_vpp_config()
# Send PPPoE Discovery
tx0 = self.create_stream_pppoe_discovery(self.pg0, self.pg1,
self.pg0.remote_mac)
self.pg0.add_stream(tx0)
self.pg_start()
# Send PPPoE PPP LCP
tx1 = self.create_stream_pppoe_lcp(self.pg0, self.pg1,
self.pg0.remote_mac,
self.session_id)
self.pg0.add_stream(tx1)
self.pg_start()
# Create PPPoE session
pppoe_if = VppPppoeInterface(self,
self.pg0.remote_ip4,
self.pg0.remote_mac,
self.session_id)
pppoe_if.add_vpp_config()
#
# Send tunneled packets that match the created tunnel and
# are decapped and forwarded
#
tx2 = self.create_stream_pppoe_ip4(self.pg0, self.pg1,
self.pg0.remote_mac,
self.session_id,
self.pg0.remote_ip4)
self.pg0.add_stream(tx2)
self.pg_enable_capture(self.pg_interfaces)
self.pg_start()
rx2 = self.pg1.get_capture(len(tx2))
self.verify_decapped_pppoe(self.pg0, rx2, tx2)
self.logger.info(self.vapi.cli("show pppoe fib"))
self.logger.info(self.vapi.cli("show pppoe session"))
self.logger.info(self.vapi.cli("show ip fib"))
#
# test case cleanup
#
# Delete PPPoE session
pppoe_if.remove_vpp_config()
# Delete a route that resolves the server's destination
route_sever_dst.remove_vpp_config()
def test_dvr(self):
""" Distributed Virtual Router """
#
# A packet destined to an IP address that is L2 bridged via
# a non-tag interface
#
ip_non_tag_bridged = "10.10.10.10"
ip_tag_bridged = "10.10.10.11"
any_src_addr = "1.1.1.1"
pkt_no_tag = (
Ether(src=self.pg0.remote_mac, dst=self.loop0.local_mac) /
IP(src=any_src_addr, dst=ip_non_tag_bridged) /
UDP(sport=1234, dport=1234) / Raw('\xa5' * 100))
pkt_tag = (Ether(src=self.pg0.remote_mac, dst=self.loop0.local_mac) /
IP(src=any_src_addr, dst=ip_tag_bridged) /
UDP(sport=1234, dport=1234) / Raw('\xa5' * 100))
#
# Two sub-interfaces so we can test VLAN tag push/pop
#
sub_if_on_pg2 = VppDot1QSubint(self, self.pg2, 92)
sub_if_on_pg3 = VppDot1QSubint(self, self.pg3, 93)
sub_if_on_pg2.admin_up()
sub_if_on_pg3.admin_up()
#
# Put all the interfaces into a new bridge domain
#
self.vapi.sw_interface_set_l2_bridge(self.pg0.sw_if_index, 1)
self.vapi.sw_interface_set_l2_bridge(self.pg1.sw_if_index, 1)
self.vapi.sw_interface_set_l2_bridge(sub_if_on_pg2.sw_if_index, 1)
self.vapi.sw_interface_set_l2_bridge(sub_if_on_pg3.sw_if_index, 1)
self.vapi.sw_interface_set_l2_bridge(self.loop0.sw_if_index, 1, bvi=1)
self.vapi.sw_interface_set_l2_tag_rewrite(sub_if_on_pg2.sw_if_index,
L2_VTR_OP.L2_POP_1, 92)
self.vapi.sw_interface_set_l2_tag_rewrite(sub_if_on_pg3.sw_if_index,
L2_VTR_OP.L2_POP_1, 93)
#
# Add routes to bridge the traffic via a tagged an nontagged interface
#
route_no_tag = VppIpRoute(
self, ip_non_tag_bridged, 32,
[VppRoutePath("0.0.0.0", self.pg1.sw_if_index, is_dvr=1)])
route_no_tag.add_vpp_config()
#
# Inject the packet that arrives and leaves on a non-tagged interface
# Since it's 'bridged' expect that the MAC headed is unchanged.
#
rx = self.send_and_expect(self.pg0, pkt_no_tag * 65, self.pg1)
self.assert_same_mac_addr(pkt_no_tag, rx)
self.assert_has_no_tag(rx)
#
# Add routes to bridge the traffic via a tagged interface
#
route_with_tag = VppIpRoute(
self, ip_tag_bridged, 32,
[VppRoutePath("0.0.0.0", sub_if_on_pg3.sw_if_index, is_dvr=1)])
route_with_tag.add_vpp_config()
#
# Inject the packet that arrives non-tag and leaves on a tagged
# interface
#
rx = self.send_and_expect(self.pg0, pkt_tag * 65, self.pg3)
self.assert_same_mac_addr(pkt_tag, rx)
self.assert_has_vlan_tag(93, rx)
#
# Tag to tag
#
pkt_tag_to_tag = (
Ether(src=self.pg2.remote_mac, dst=self.loop0.local_mac) /
Dot1Q(vlan=92) / IP(src=any_src_addr, dst=ip_tag_bridged) /
UDP(sport=1234, dport=1234) / Raw('\xa5' * 100))
rx = self.send_and_expect(self.pg2, pkt_tag_to_tag * 65, self.pg3)
self.assert_same_mac_addr(pkt_tag_to_tag, rx)
self.assert_has_vlan_tag(93, rx)
#
# Tag to non-Tag
#
pkt_tag_to_non_tag = (
Ether(src=self.pg2.remote_mac, dst=self.loop0.local_mac) /
Dot1Q(vlan=92) / IP(src=any_src_addr, dst=ip_non_tag_bridged) /
UDP(sport=1234, dport=1234) / Raw('\xa5' * 100))
rx = self.send_and_expect(self.pg2, pkt_tag_to_non_tag * 65, self.pg1)
self.assert_same_mac_addr(pkt_tag_to_tag, rx)
self.assert_has_no_tag(rx)
#
# Add an output L3 ACL that will block the traffic
#
rule_1 = ({
'is_permit': 0,
'is_ipv6': 0,
'proto': 17,
'srcport_or_icmptype_first': 1234,
'srcport_or_icmptype_last': 1234,
'src_ip_prefix_len': 32,
'src_ip_addr': inet_pton(AF_INET, any_src_addr),
'dstport_or_icmpcode_first': 1234,
'dstport_or_icmpcode_last': 1234,
'dst_ip_prefix_len': 32,
'dst_ip_addr': inet_pton(AF_INET, ip_non_tag_bridged)
})
acl = self.vapi.acl_add_replace(acl_index=4294967295, r=[rule_1])
#
# Apply the ACL on the output interface
#
self.vapi.acl_interface_set_acl_list(self.pg1.sw_if_index, 0,
[acl.acl_index])
#
# Send packet's that should match the ACL and be dropped
#
rx = self.send_and_assert_no_replies(self.pg2, pkt_tag_to_non_tag * 65)
#
# cleanup
#
self.vapi.acl_interface_set_acl_list(self.pg1.sw_if_index, 0, [])
self.vapi.acl_del(acl.acl_index)
self.vapi.sw_interface_set_l2_bridge(self.pg0.sw_if_index, 1, enable=0)
self.vapi.sw_interface_set_l2_bridge(self.pg1.sw_if_index, 1, enable=0)
self.vapi.sw_interface_set_l2_bridge(sub_if_on_pg2.sw_if_index,
1,
enable=0)
self.vapi.sw_interface_set_l2_bridge(sub_if_on_pg3.sw_if_index,
1,
enable=0)
self.vapi.sw_interface_set_l2_bridge(self.loop0.sw_if_index,
1,
bvi=1,
enable=0)
#
# Do a FIB dump to make sure the paths are correctly reported as DVR
#
routes = self.vapi.ip_fib_dump()
for r in routes:
if (inet_pton(AF_INET, ip_tag_bridged) == r.address):
self.assertEqual(r.path[0].sw_if_index,
sub_if_on_pg3.sw_if_index)
self.assertEqual(r.path[0].is_dvr, 1)
if (inet_pton(AF_INET, ip_non_tag_bridged) == r.address):
self.assertEqual(r.path[0].sw_if_index, self.pg1.sw_if_index)
self.assertEqual(r.path[0].is_dvr, 1)
#
# the explicit route delete is require so it happens before
# the sbu-interface delete. subinterface delete is required
# because that object type does not use the object registry
#
route_no_tag.remove_vpp_config()
route_with_tag.remove_vpp_config()
sub_if_on_pg3.remove_vpp_config()
sub_if_on_pg2.remove_vpp_config()
def test_gre6(self):
""" GRE IPv6 tunnel Tests """
self.pg1.config_ip6()
self.pg1.resolve_ndp()
#
# Create an L3 GRE tunnel.
# - set it admin up
# - assign an IP Address
# - Add a route via the tunnel
#
gre_if = VppGreInterface(self, self.pg2.local_ip6, "1002::1")
gre_if.add_vpp_config()
gre_if.admin_up()
gre_if.config_ip6()
route_via_tun = VppIpRoute(self, "4004::1", 128,
[VppRoutePath("0::0", gre_if.sw_if_index)])
route_via_tun.add_vpp_config()
#
# Send a packet stream that is routed into the tunnel
# - they are all dropped since the tunnel's destintation IP
# is unresolved - or resolves via the default route - which
# which is a drop.
#
tx = self.create_stream_ip6(self.pg2, "5005::1", "4004::1")
self.send_and_assert_no_replies(
self.pg2, tx, "GRE packets forwarded without DIP resolved")
#
# Add a route that resolves the tunnel's destination
#
route_tun_dst = VppIpRoute(
self, "1002::1", 128,
[VppRoutePath(self.pg2.remote_ip6, self.pg2.sw_if_index)])
route_tun_dst.add_vpp_config()
#
# Send a packet stream that is routed into the tunnel
# - packets are GRE encapped
#
tx = self.create_stream_ip6(self.pg2, "5005::1", "4004::1")
rx = self.send_and_expect(self.pg2, tx, self.pg2)
self.verify_tunneled_6o6(self.pg2, rx, tx, self.pg2.local_ip6,
"1002::1")
#
# Test decap. decapped packets go out pg1
#
tx = self.create_tunnel_stream_6o6(self.pg2, "1002::1",
self.pg2.local_ip6, "2001::1",
self.pg1.remote_ip6)
rx = self.send_and_expect(self.pg2, tx, self.pg1)
#
# RX'd packet is UDP over IPv6, test the GRE header is gone.
#
self.assertFalse(rx[0].haslayer(GRE))
self.assertEqual(rx[0][IPv6].dst, self.pg1.remote_ip6)
#
# Send v4 over v6
#
route4_via_tun = VppIpRoute(
self, "1.1.1.1", 32, [VppRoutePath("0.0.0.0", gre_if.sw_if_index)])
route4_via_tun.add_vpp_config()
tx = self.create_stream_ip4(self.pg0, "1.1.1.2", "1.1.1.1")
rx = self.send_and_expect(self.pg0, tx, self.pg2)
self.verify_tunneled_4o6(self.pg0, rx, tx, self.pg2.local_ip6,
"1002::1")
#
# test case cleanup
#
route_tun_dst.remove_vpp_config()
route_via_tun.remove_vpp_config()
route4_via_tun.remove_vpp_config()
gre_if.remove_vpp_config()
self.pg2.unconfig_ip6()
self.pg1.unconfig_ip6()
def test_gre(self):
""" GRE IPv4 tunnel Tests """
#
# Create an L3 GRE tunnel.
# - set it admin up
# - assign an IP Addres
# - Add a route via the tunnel
#
gre_if = VppGreInterface(self, self.pg0.local_ip4, "1.1.1.2")
gre_if.add_vpp_config()
#
# The double create (create the same tunnel twice) should fail,
# and we should still be able to use the original
#
try:
gre_if.add_vpp_config()
except Exception:
pass
else:
self.fail("Double GRE tunnel add does not fail")
gre_if.admin_up()
gre_if.config_ip4()
route_via_tun = VppIpRoute(
self, "4.4.4.4", 32, [VppRoutePath("0.0.0.0", gre_if.sw_if_index)])
route_via_tun.add_vpp_config()
#
# Send a packet stream that is routed into the tunnel
# - they are all dropped since the tunnel's destintation IP
# is unresolved - or resolves via the default route - which
# which is a drop.
#
tx = self.create_stream_ip4(self.pg0, "5.5.5.5", "4.4.4.4")
self.send_and_assert_no_replies(self.pg0, tx)
#
# Add a route that resolves the tunnel's destination
#
route_tun_dst = VppIpRoute(
self, "1.1.1.2", 32,
[VppRoutePath(self.pg0.remote_ip4, self.pg0.sw_if_index)])
route_tun_dst.add_vpp_config()
#
# Send a packet stream that is routed into the tunnel
# - packets are GRE encapped
#
tx = self.create_stream_ip4(self.pg0, "5.5.5.5", "4.4.4.4")
rx = self.send_and_expect(self.pg0, tx, self.pg0)
self.verify_tunneled_4o4(self.pg0, rx, tx, self.pg0.local_ip4,
"1.1.1.2")
#
# Send tunneled packets that match the created tunnel and
# are decapped and forwarded
#
tx = self.create_tunnel_stream_4o4(self.pg0, "1.1.1.2",
self.pg0.local_ip4,
self.pg0.local_ip4,
self.pg0.remote_ip4)
rx = self.send_and_expect(self.pg0, tx, self.pg0)
self.verify_decapped_4o4(self.pg0, rx, tx)
#
# Send tunneled packets that do not match the tunnel's src
#
self.vapi.cli("clear trace")
tx = self.create_tunnel_stream_4o4(self.pg0, "1.1.1.3",
self.pg0.local_ip4,
self.pg0.local_ip4,
self.pg0.remote_ip4)
self.send_and_assert_no_replies(
self.pg0,
tx,
remark="GRE packets forwarded despite no SRC address match")
#
# Configure IPv6 on the PG interface so we can route IPv6
# packets
#
self.pg0.config_ip6()
self.pg0.resolve_ndp()
#
# Send IPv6 tunnel encapslated packets
# - dropped since IPv6 is not enabled on the tunnel
#
tx = self.create_tunnel_stream_6o4(self.pg0, "1.1.1.2",
self.pg0.local_ip4,
self.pg0.local_ip6,
self.pg0.remote_ip6)
self.send_and_assert_no_replies(
self.pg0, tx, "IPv6 GRE packets forwarded "
"despite IPv6 not enabled on tunnel")
#
# Enable IPv6 on the tunnel
#
gre_if.config_ip6()
#
# Send IPv6 tunnel encapslated packets
# - forwarded since IPv6 is enabled on the tunnel
#
tx = self.create_tunnel_stream_6o4(self.pg0, "1.1.1.2",
self.pg0.local_ip4,
self.pg0.local_ip6,
self.pg0.remote_ip6)
rx = self.send_and_expect(self.pg0, tx, self.pg0)
self.verify_decapped_6o4(self.pg0, rx, tx)
#
# Send v6 packets for v4 encap
#
route6_via_tun = VppIpRoute(self, "2001::1", 128, [
VppRoutePath(
"::", gre_if.sw_if_index, proto=DpoProto.DPO_PROTO_IP6)
])
route6_via_tun.add_vpp_config()
tx = self.create_stream_ip6(self.pg0, "2001::2", "2001::1")
rx = self.send_and_expect(self.pg0, tx, self.pg0)
self.verify_tunneled_6o4(self.pg0, rx, tx, self.pg0.local_ip4,
"1.1.1.2")
#
# test case cleanup
#
route_tun_dst.remove_vpp_config()
route_via_tun.remove_vpp_config()
route6_via_tun.remove_vpp_config()
gre_if.remove_vpp_config()
self.pg0.unconfig_ip6()
def test_gre(self):
""" GRE IPv4 tunnel Tests """
#
# Create an L3 GRE tunnel.
# - set it admin up
# - assign an IP Addres
# - Add a route via the tunnel
#
gre_if = VppGreInterface(self,
self.pg0.local_ip4,
"1.1.1.2")
gre_if.add_vpp_config()
#
# The double create (create the same tunnel twice) should fail,
# and we should still be able to use the original
#
try:
gre_if.add_vpp_config()
except Exception:
pass
else:
self.fail("Double GRE tunnel add does not fail")
gre_if.admin_up()
gre_if.config_ip4()
route_via_tun = VppIpRoute(self, "4.4.4.4", 32,
[VppRoutePath("0.0.0.0",
gre_if.sw_if_index)])
route_via_tun.add_vpp_config()
#
# Send a packet stream that is routed into the tunnel
# - they are all dropped since the tunnel's destintation IP
# is unresolved - or resolves via the default route - which
# which is a drop.
#
tx = self.create_stream_ip4(self.pg0, "5.5.5.5", "4.4.4.4")
self.send_and_assert_no_replies(self.pg0, tx)
#
# Add a route that resolves the tunnel's destination
#
route_tun_dst = VppIpRoute(self, "1.1.1.2", 32,
[VppRoutePath(self.pg0.remote_ip4,
self.pg0.sw_if_index)])
route_tun_dst.add_vpp_config()
#
# Send a packet stream that is routed into the tunnel
# - packets are GRE encapped
#
tx = self.create_stream_ip4(self.pg0, "5.5.5.5", "4.4.4.4")
rx = self.send_and_expect(self.pg0, tx, self.pg0)
self.verify_tunneled_4o4(self.pg0, rx, tx,
self.pg0.local_ip4, "1.1.1.2")
#
# Send tunneled packets that match the created tunnel and
# are decapped and forwarded
#
tx = self.create_tunnel_stream_4o4(self.pg0,
"1.1.1.2",
self.pg0.local_ip4,
self.pg0.local_ip4,
self.pg0.remote_ip4)
rx = self.send_and_expect(self.pg0, tx, self.pg0)
self.verify_decapped_4o4(self.pg0, rx, tx)
#
# Send tunneled packets that do not match the tunnel's src
#
self.vapi.cli("clear trace")
tx = self.create_tunnel_stream_4o4(self.pg0,
"1.1.1.3",
self.pg0.local_ip4,
self.pg0.local_ip4,
self.pg0.remote_ip4)
self.send_and_assert_no_replies(
self.pg0, tx,
remark="GRE packets forwarded despite no SRC address match")
#
# Configure IPv6 on the PG interface so we can route IPv6
# packets
#
self.pg0.config_ip6()
self.pg0.resolve_ndp()
#
# Send IPv6 tunnel encapslated packets
# - dropped since IPv6 is not enabled on the tunnel
#
tx = self.create_tunnel_stream_6o4(self.pg0,
"1.1.1.2",
self.pg0.local_ip4,
self.pg0.local_ip6,
self.pg0.remote_ip6)
self.send_and_assert_no_replies(self.pg0, tx,
"IPv6 GRE packets forwarded "
"despite IPv6 not enabled on tunnel")
#
# Enable IPv6 on the tunnel
#
gre_if.config_ip6()
#
# Send IPv6 tunnel encapslated packets
# - forwarded since IPv6 is enabled on the tunnel
#
tx = self.create_tunnel_stream_6o4(self.pg0,
"1.1.1.2",
self.pg0.local_ip4,
self.pg0.local_ip6,
self.pg0.remote_ip6)
rx = self.send_and_expect(self.pg0, tx, self.pg0)
self.verify_decapped_6o4(self.pg0, rx, tx)
#
# Send v6 packets for v4 encap
#
route6_via_tun = VppIpRoute(
self, "2001::1", 128,
[VppRoutePath("::",
gre_if.sw_if_index,
proto=DpoProto.DPO_PROTO_IP6)],
is_ip6=1)
route6_via_tun.add_vpp_config()
tx = self.create_stream_ip6(self.pg0, "2001::2", "2001::1")
rx = self.send_and_expect(self.pg0, tx, self.pg0)
self.verify_tunneled_6o4(self.pg0, rx, tx,
self.pg0.local_ip4, "1.1.1.2")
#
# test case cleanup
#
route_tun_dst.remove_vpp_config()
route_via_tun.remove_vpp_config()
route6_via_tun.remove_vpp_config()
gre_if.remove_vpp_config()
self.pg0.unconfig_ip6()
def test_gre6(self):
""" GRE IPv6 tunnel Tests """
self.pg1.config_ip6()
self.pg1.resolve_ndp()
#
# Create an L3 GRE tunnel.
# - set it admin up
# - assign an IP Address
# - Add a route via the tunnel
#
gre_if = VppGreInterface(self,
self.pg2.local_ip6,
"1002::1")
gre_if.add_vpp_config()
gre_if.admin_up()
gre_if.config_ip6()
route_via_tun = VppIpRoute(
self, "4004::1", 128,
[VppRoutePath("0::0",
gre_if.sw_if_index,
proto=DpoProto.DPO_PROTO_IP6)],
is_ip6=1)
route_via_tun.add_vpp_config()
#
# Send a packet stream that is routed into the tunnel
# - they are all dropped since the tunnel's destintation IP
# is unresolved - or resolves via the default route - which
# which is a drop.
#
tx = self.create_stream_ip6(self.pg2, "5005::1", "4004::1")
self.send_and_assert_no_replies(
self.pg2, tx,
"GRE packets forwarded without DIP resolved")
#
# Add a route that resolves the tunnel's destination
#
route_tun_dst = VppIpRoute(
self, "1002::1", 128,
[VppRoutePath(self.pg2.remote_ip6,
self.pg2.sw_if_index,
proto=DpoProto.DPO_PROTO_IP6)],
is_ip6=1)
route_tun_dst.add_vpp_config()
#
# Send a packet stream that is routed into the tunnel
# - packets are GRE encapped
#
tx = self.create_stream_ip6(self.pg2, "5005::1", "4004::1")
rx = self.send_and_expect(self.pg2, tx, self.pg2)
self.verify_tunneled_6o6(self.pg2, rx, tx,
self.pg2.local_ip6, "1002::1")
#
# Test decap. decapped packets go out pg1
#
tx = self.create_tunnel_stream_6o6(self.pg2,
"1002::1",
self.pg2.local_ip6,
"2001::1",
self.pg1.remote_ip6)
rx = self.send_and_expect(self.pg2, tx, self.pg1)
#
# RX'd packet is UDP over IPv6, test the GRE header is gone.
#
self.assertFalse(rx[0].haslayer(GRE))
self.assertEqual(rx[0][IPv6].dst, self.pg1.remote_ip6)
#
# Send v4 over v6
#
route4_via_tun = VppIpRoute(self, "1.1.1.1", 32,
[VppRoutePath("0.0.0.0",
gre_if.sw_if_index)])
route4_via_tun.add_vpp_config()
tx = self.create_stream_ip4(self.pg0, "1.1.1.2", "1.1.1.1")
rx = self.send_and_expect(self.pg0, tx, self.pg2)
self.verify_tunneled_4o6(self.pg0, rx, tx,
self.pg2.local_ip6, "1002::1")
#
# test case cleanup
#
route_tun_dst.remove_vpp_config()
route_via_tun.remove_vpp_config()
route4_via_tun.remove_vpp_config()
gre_if.remove_vpp_config()
self.pg2.unconfig_ip6()
self.pg1.unconfig_ip6()
def test_l2_emulation(self):
""" L2 Emulation """
#
# non distinct L3 packets, in the tag/non-tag combos
#
pkt_no_tag = (Ether(src=self.pg0.remote_mac,
dst=self.pg1.remote_mac) /
IP(src="2.2.2.2",
dst="1.1.1.1") /
UDP(sport=1234, dport=1234) /
Raw('\xa5' * 100))
pkt_to_tag = (Ether(src=self.pg0.remote_mac,
dst=self.pg2.remote_mac) /
IP(src="2.2.2.2",
dst="1.1.1.2") /
UDP(sport=1234, dport=1234) /
Raw('\xa5' * 100))
pkt_from_tag = (Ether(src=self.pg3.remote_mac,
dst=self.pg2.remote_mac) /
Dot1Q(vlan=93) /
IP(src="2.2.2.2",
dst="1.1.1.1") /
UDP(sport=1234, dport=1234) /
Raw('\xa5' * 100))
pkt_from_to_tag = (Ether(src=self.pg3.remote_mac,
dst=self.pg2.remote_mac) /
Dot1Q(vlan=93) /
IP(src="2.2.2.2",
dst="1.1.1.2") /
UDP(sport=1234, dport=1234) /
Raw('\xa5' * 100))
pkt_bcast = (Ether(src=self.pg0.remote_mac,
dst="ff:ff:ff:ff:ff:ff") /
IP(src="2.2.2.2",
dst="255.255.255.255") /
UDP(sport=1234, dport=1234) /
Raw('\xa5' * 100))
#
# A couple of sub-interfaces for tags
#
sub_if_on_pg2 = VppDot1QSubint(self, self.pg2, 92)
sub_if_on_pg3 = VppDot1QSubint(self, self.pg3, 93)
sub_if_on_pg2.admin_up()
sub_if_on_pg3.admin_up()
#
# Put all the interfaces into a new bridge domain
#
self.vapi.sw_interface_set_l2_bridge(
rx_sw_if_index=self.pg0.sw_if_index, bd_id=1)
self.vapi.sw_interface_set_l2_bridge(
rx_sw_if_index=self.pg1.sw_if_index, bd_id=1)
self.vapi.sw_interface_set_l2_bridge(
rx_sw_if_index=sub_if_on_pg2.sw_if_index, bd_id=1)
self.vapi.sw_interface_set_l2_bridge(
rx_sw_if_index=sub_if_on_pg3.sw_if_index, bd_id=1)
self.vapi.l2_interface_vlan_tag_rewrite(
sw_if_index=sub_if_on_pg2.sw_if_index, vtr_op=L2_VTR_OP.L2_POP_1,
push_dot1q=92)
self.vapi.l2_interface_vlan_tag_rewrite(
sw_if_index=sub_if_on_pg3.sw_if_index, vtr_op=L2_VTR_OP.L2_POP_1,
push_dot1q=93)
#
# Disable UU flooding, learning and ARP termination. makes this test
# easier as unicast packets are dropped if not extracted.
#
self.vapi.bridge_flags(bd_id=1, is_set=0,
flags=(1 << 0) | (1 << 3) | (1 << 4))
#
# Add a DVR route to steer traffic at L3
#
route_1 = VppIpRoute(self, "1.1.1.1", 32,
[VppRoutePath("0.0.0.0",
self.pg1.sw_if_index,
is_dvr=1)])
route_2 = VppIpRoute(self, "1.1.1.2", 32,
[VppRoutePath("0.0.0.0",
sub_if_on_pg2.sw_if_index,
is_dvr=1)])
route_1.add_vpp_config()
route_2.add_vpp_config()
#
# packets are dropped because bridge does not flood unknown unicast
#
self.send_and_assert_no_replies(self.pg0, pkt_no_tag)
#
# Enable L3 extraction on pgs
#
self.vapi.l2_emulation(self.pg0.sw_if_index)
self.vapi.l2_emulation(self.pg1.sw_if_index)
self.vapi.l2_emulation(sub_if_on_pg2.sw_if_index)
self.vapi.l2_emulation(sub_if_on_pg3.sw_if_index)
#
# now we expect the packet forward according to the DVR route
#
rx = self.send_and_expect(self.pg0, pkt_no_tag * 65, self.pg1)
self.assert_same_mac_addr(pkt_no_tag, rx)
self.assert_has_no_tag(rx)
rx = self.send_and_expect(self.pg0, pkt_to_tag * 65, self.pg2)
self.assert_same_mac_addr(pkt_to_tag, rx)
self.assert_has_vlan_tag(92, rx)
rx = self.send_and_expect(self.pg3, pkt_from_tag * 65, self.pg1)
self.assert_same_mac_addr(pkt_from_tag, rx)
self.assert_has_no_tag(rx)
rx = self.send_and_expect(self.pg3, pkt_from_to_tag * 65, self.pg2)
self.assert_same_mac_addr(pkt_from_tag, rx)
self.assert_has_vlan_tag(92, rx)
#
# but broadcast packets are still flooded
#
self.send_and_expect(self.pg0, pkt_bcast * 33, self.pg2)
#
# cleanup
#
self.vapi.l2_emulation(self.pg0.sw_if_index,
enable=0)
self.vapi.l2_emulation(self.pg1.sw_if_index,
enable=0)
self.vapi.l2_emulation(sub_if_on_pg2.sw_if_index,
enable=0)
self.vapi.l2_emulation(sub_if_on_pg3.sw_if_index,
enable=0)
self.vapi.sw_interface_set_l2_bridge(
rx_sw_if_index=self.pg0.sw_if_index, bd_id=1, enable=0)
self.vapi.sw_interface_set_l2_bridge(
rx_sw_if_index=self.pg1.sw_if_index, bd_id=1, enable=0)
self.vapi.sw_interface_set_l2_bridge(
rx_sw_if_index=sub_if_on_pg2.sw_if_index, bd_id=1, enable=0)
self.vapi.sw_interface_set_l2_bridge(
rx_sw_if_index=sub_if_on_pg3.sw_if_index, bd_id=1, enable=0)
route_1.remove_vpp_config()
route_2.remove_vpp_config()
sub_if_on_pg3.remove_vpp_config()
sub_if_on_pg2.remove_vpp_config()
class QUICTestCase(VppTestCase):
""" QUIC Test Case """
@classmethod
def setUpClass(cls):
super(QUICTestCase, cls).setUpClass()
@classmethod
def tearDownClass(cls):
super(QUICTestCase, cls).tearDownClass()
def setUp(self):
var = "VPP_BUILD_DIR"
self.build_dir = os.getenv(var, None)
if self.build_dir is None:
raise Exception("Environment variable `%s' not set" % var)
self.vppDebug = 'vpp_debug' in self.build_dir
self.timeout = 20
self.pre_test_sleep = 0.3
self.post_test_sleep = 0.3
self.vapi.session_enable_disable(is_enabled=1)
def tearDown(self):
self.vapi.session_enable_disable(is_enabled=0)
def thru_host_stack_ipv4_setup(self):
super(QUICTestCase, self).setUp()
self.create_loopback_interfaces(2)
self.uri = "quic://%s/1234" % self.loop0.local_ip4
common_args = ["uri", self.uri, "fifo-size", "64"]
self.server_echo_test_args = common_args + ["appns", "server"]
self.client_echo_test_args = common_args + ["appns", "client",
"test-bytes"]
table_id = 1
for i in self.lo_interfaces:
i.admin_up()
if table_id != 0:
tbl = VppIpTable(self, table_id)
tbl.add_vpp_config()
i.set_table_ip4(table_id)
i.config_ip4()
table_id += 1
# Configure namespaces
self.vapi.app_namespace_add_del(namespace_id=b"server",
sw_if_index=self.loop0.sw_if_index)
self.vapi.app_namespace_add_del(namespace_id=b"client",
sw_if_index=self.loop1.sw_if_index)
# Add inter-table routes
self.ip_t01 = VppIpRoute(self, self.loop1.local_ip4, 32,
[VppRoutePath("0.0.0.0",
0xffffffff,
nh_table_id=2)], table_id=1)
self.ip_t10 = VppIpRoute(self, self.loop0.local_ip4, 32,
[VppRoutePath("0.0.0.0",
0xffffffff,
nh_table_id=1)], table_id=2)
self.ip_t01.add_vpp_config()
self.ip_t10.add_vpp_config()
self.logger.debug(self.vapi.cli("show ip fib"))
def thru_host_stack_ipv4_tear_down(self):
# Delete inter-table routes
self.ip_t01.remove_vpp_config()
self.ip_t10.remove_vpp_config()
for i in self.lo_interfaces:
i.unconfig_ip4()
i.set_table_ip4(0)
i.admin_down()
def start_internal_echo_server(self, args):
error = self.vapi.cli("test echo server %s" % ' '.join(args))
if error:
self.logger.critical(error)
self.assertNotIn("failed", error)
def start_internal_echo_client(self, args):
error = self.vapi.cli("test echo client %s" % ' '.join(args))
if error:
self.logger.critical(error)
self.assertNotIn("failed", error)
def internal_ipv4_transfer_test(self, server_args, client_args):
self.start_internal_echo_server(server_args)
self.start_internal_echo_client(client_args)
def start_external_echo_server(self, args):
self.worker_server = QUICAppWorker(self.build_dir, "quic_echo",
args, self.logger)
self.worker_server.start()
def start_external_echo_client(self, args):
self.client_echo_test_args += "use-svm-api"
self.worker_client = QUICAppWorker(self.build_dir, "quic_echo",
args, self.logger)
self.worker_client.start()
self.worker_client.join(self.timeout)
try:
self.validateExternalTestResults()
except Exception as error:
self.fail("Failed with %s" % error)
def external_ipv4_transfer_test(self, server_args, client_args):
self.start_external_echo_server(server_args)
self.sleep(self.pre_test_sleep)
self.start_external_echo_client(client_args)
self.sleep(self.post_test_sleep)
def validateExternalTestResults(self):
if os.path.isdir('/proc/{}'.format(self.worker_server.process.pid)):
self.logger.info("Killing server worker process (pid %d)" %
self.worker_server.process.pid)
os.killpg(os.getpgid(self.worker_server.process.pid),
signal.SIGTERM)
self.worker_server.join()
self.logger.info("Client worker result is `%s'" %
self.worker_client.result)
error = False
if self.worker_client.result is None:
try:
error = True
self.logger.error(
"Timeout: %ss! Killing client worker process (pid %d)" %
(self.timeout, self.worker_client.process.pid))
os.killpg(os.getpgid(self.worker_client.process.pid),
signal.SIGKILL)
self.worker_client.join()
except OSError:
self.logger.debug(
"Couldn't kill client worker process")
raise
if error:
raise Exception(
"Timeout! Client worker did not finish in %ss" % timeout)
self.assert_equal(self.worker_client.result, 0,
"Binary test return code")
def test_gre_vrf(self):
""" GRE tunnel VRF Tests """
#
# Create an L3 GRE tunnel whose destination is in the non-default
# table. The underlay is thus non-default - the overlay is still
# the default.
# - set it admin up
# - assign an IP Addres
#
gre_if = VppGreInterface(self,
self.pg1.local_ip4,
"2.2.2.2",
outer_fib_id=1)
gre_if.add_vpp_config()
gre_if.admin_up()
gre_if.config_ip4()
#
# Add a route via the tunnel - in the overlay
#
route_via_tun = VppIpRoute(
self, "9.9.9.9", 32, [VppRoutePath("0.0.0.0", gre_if.sw_if_index)])
route_via_tun.add_vpp_config()
#
# Add a route that resolves the tunnel's destination - in the
# underlay table
#
route_tun_dst = VppIpRoute(
self,
"2.2.2.2",
32,
table_id=1,
paths=[VppRoutePath(self.pg1.remote_ip4, self.pg1.sw_if_index)])
route_tun_dst.add_vpp_config()
#
# Send a packet stream that is routed into the tunnel
# packets are sent in on pg0 which is in the default table
# - packets are GRE encapped
#
self.vapi.cli("clear trace")
tx = self.create_stream_ip4(self.pg0, "5.5.5.5", "9.9.9.9")
rx = self.send_and_expect(self.pg0, tx, self.pg1)
self.verify_tunneled_4o4(self.pg1, rx, tx, self.pg1.local_ip4,
"2.2.2.2")
#
# Send tunneled packets that match the created tunnel and
# are decapped and forwarded. This tests the decap lookup
# does not happen in the encap table
#
self.vapi.cli("clear trace")
tx = self.create_tunnel_stream_4o4(self.pg1, "2.2.2.2",
self.pg1.local_ip4,
self.pg0.local_ip4,
self.pg0.remote_ip4)
rx = self.send_and_expect(self.pg1, tx, self.pg0)
self.verify_decapped_4o4(self.pg0, rx, tx)
#
# Send tunneled packets that match the created tunnel
# but arrive on an interface that is not in the tunnel's
# encap VRF, these are dropped.
# IP enable the interface so they aren't dropped due to
# IP not being enabled.
#
self.pg2.config_ip4()
self.vapi.cli("clear trace")
tx = self.create_tunnel_stream_4o4(self.pg2, "2.2.2.2",
self.pg1.local_ip4,
self.pg0.local_ip4,
self.pg0.remote_ip4)
rx = self.send_and_assert_no_replies(self.pg2, tx,
"GRE decap packets in wrong VRF")
self.pg2.unconfig_ip4()
#
# test case cleanup
#
route_tun_dst.remove_vpp_config()
route_via_tun.remove_vpp_config()
gre_if.remove_vpp_config()
def test_l2_emulation(self):
""" L2 Emulation """
#
# non distinct L3 packets, in the tag/non-tag combos
#
pkt_no_tag = (Ether(src=self.pg0.remote_mac, dst=self.pg1.remote_mac) /
IP(src="2.2.2.2", dst="1.1.1.1") /
UDP(sport=1234, dport=1234) / Raw('\xa5' * 100))
pkt_to_tag = (Ether(src=self.pg0.remote_mac, dst=self.pg2.remote_mac) /
IP(src="2.2.2.2", dst="1.1.1.2") /
UDP(sport=1234, dport=1234) / Raw('\xa5' * 100))
pkt_from_tag = (
Ether(src=self.pg3.remote_mac, dst=self.pg2.remote_mac) /
Dot1Q(vlan=93) / IP(src="2.2.2.2", dst="1.1.1.1") /
UDP(sport=1234, dport=1234) / Raw('\xa5' * 100))
pkt_from_to_tag = (
Ether(src=self.pg3.remote_mac, dst=self.pg2.remote_mac) /
Dot1Q(vlan=93) / IP(src="2.2.2.2", dst="1.1.1.2") /
UDP(sport=1234, dport=1234) / Raw('\xa5' * 100))
pkt_bcast = (Ether(src=self.pg0.remote_mac, dst="ff:ff:ff:ff:ff:ff") /
IP(src="2.2.2.2", dst="255.255.255.255") /
UDP(sport=1234, dport=1234) / Raw('\xa5' * 100))
#
# A couple of sub-interfaces for tags
#
sub_if_on_pg2 = VppDot1QSubint(self, self.pg2, 92)
sub_if_on_pg3 = VppDot1QSubint(self, self.pg3, 93)
sub_if_on_pg2.admin_up()
sub_if_on_pg3.admin_up()
#
# Put all the interfaces into a new bridge domain
#
self.vapi.sw_interface_set_l2_bridge(self.pg0.sw_if_index, 1)
self.vapi.sw_interface_set_l2_bridge(self.pg1.sw_if_index, 1)
self.vapi.sw_interface_set_l2_bridge(sub_if_on_pg2.sw_if_index, 1)
self.vapi.sw_interface_set_l2_bridge(sub_if_on_pg3.sw_if_index, 1)
self.vapi.sw_interface_set_l2_tag_rewrite(sub_if_on_pg2.sw_if_index,
L2_VTR_OP.L2_POP_1, 92)
self.vapi.sw_interface_set_l2_tag_rewrite(sub_if_on_pg3.sw_if_index,
L2_VTR_OP.L2_POP_1, 93)
#
# Disable UU flooding, learning and ARP terminaation. makes this test
# easier as unicast packets are dropped if not extracted.
#
self.vapi.bridge_flags(1, 0, (1 << 0) | (1 << 3) | (1 << 4))
#
# Add a DVR route to steer traffic at L3
#
route_1 = VppIpRoute(
self, "1.1.1.1", 32,
[VppRoutePath("0.0.0.0", self.pg1.sw_if_index, is_dvr=1)])
route_2 = VppIpRoute(
self, "1.1.1.2", 32,
[VppRoutePath("0.0.0.0", sub_if_on_pg2.sw_if_index, is_dvr=1)])
route_1.add_vpp_config()
route_2.add_vpp_config()
#
# packets are dropped because bridge does not flood unkown unicast
#
self.send_and_assert_no_replies(self.pg0, pkt_no_tag)
#
# Enable L3 extraction on pgs
#
self.vapi.sw_interface_set_l2_emulation(self.pg0.sw_if_index)
self.vapi.sw_interface_set_l2_emulation(self.pg1.sw_if_index)
self.vapi.sw_interface_set_l2_emulation(sub_if_on_pg2.sw_if_index)
self.vapi.sw_interface_set_l2_emulation(sub_if_on_pg3.sw_if_index)
#
# now we expect the packet forward according to the DVR route
#
rx = self.send_and_expect(self.pg0, pkt_no_tag * 65, self.pg1)
self.assert_same_mac_addr(pkt_no_tag, rx)
self.assert_has_no_tag(rx)
rx = self.send_and_expect(self.pg0, pkt_to_tag * 65, self.pg2)
self.assert_same_mac_addr(pkt_to_tag, rx)
self.assert_has_vlan_tag(92, rx)
rx = self.send_and_expect(self.pg3, pkt_from_tag * 65, self.pg1)
self.assert_same_mac_addr(pkt_from_tag, rx)
self.assert_has_no_tag(rx)
rx = self.send_and_expect(self.pg3, pkt_from_to_tag * 65, self.pg2)
self.assert_same_mac_addr(pkt_from_tag, rx)
self.assert_has_vlan_tag(92, rx)
#
# but broadcast packets are still flooded
#
self.send_and_expect(self.pg0, pkt_bcast * 33, self.pg2)
#
# cleanup
#
self.vapi.sw_interface_set_l2_emulation(self.pg0.sw_if_index, enable=0)
self.vapi.sw_interface_set_l2_emulation(self.pg1.sw_if_index, enable=0)
self.vapi.sw_interface_set_l2_emulation(sub_if_on_pg2.sw_if_index,
enable=0)
self.vapi.sw_interface_set_l2_emulation(sub_if_on_pg3.sw_if_index,
enable=0)
self.vapi.sw_interface_set_l2_bridge(self.pg0.sw_if_index, 1, enable=0)
self.vapi.sw_interface_set_l2_bridge(self.pg1.sw_if_index, 1, enable=0)
self.vapi.sw_interface_set_l2_bridge(sub_if_on_pg2.sw_if_index,
1,
enable=0)
self.vapi.sw_interface_set_l2_bridge(sub_if_on_pg3.sw_if_index,
1,
enable=0)
route_1.remove_vpp_config()
route_2.remove_vpp_config()
sub_if_on_pg3.remove_vpp_config()
sub_if_on_pg2.remove_vpp_config()
class QUICTestCase(VppTestCase):
""" QUIC Test Case """
@classmethod
def setUpClass(cls):
super(QUICTestCase, cls).setUpClass()
@classmethod
def tearDownClass(cls):
super(QUICTestCase, cls).tearDownClass()
def setUp(self):
var = "VPP_BUILD_DIR"
self.build_dir = os.getenv(var, None)
if self.build_dir is None:
raise Exception("Environment variable `%s' not set" % var)
self.vppDebug = 'vpp_debug' in self.build_dir
self.timeout = 20
self.pre_test_sleep = 0.3
self.post_test_sleep = 0.3
self.vapi.session_enable_disable(is_enabled=1)
def tearDown(self):
self.vapi.session_enable_disable(is_enabled=0)
def thru_host_stack_ipv4_setup(self):
super(QUICTestCase, self).setUp()
self.create_loopback_interfaces(2)
self.uri = "quic://%s/1234" % self.loop0.local_ip4
common_args = ["uri", self.uri, "fifo-size", "64"]
self.server_echo_test_args = common_args + ["appns", "server"]
self.client_echo_test_args = common_args + [
"appns", "client", "test-bytes"
]
table_id = 1
for i in self.lo_interfaces:
i.admin_up()
if table_id != 0:
tbl = VppIpTable(self, table_id)
tbl.add_vpp_config()
i.set_table_ip4(table_id)
i.config_ip4()
table_id += 1
# Configure namespaces
self.vapi.app_namespace_add_del(namespace_id=b"server",
sw_if_index=self.loop0.sw_if_index)
self.vapi.app_namespace_add_del(namespace_id=b"client",
sw_if_index=self.loop1.sw_if_index)
# Add inter-table routes
self.ip_t01 = VppIpRoute(
self,
self.loop1.local_ip4,
32, [VppRoutePath("0.0.0.0", 0xffffffff, nh_table_id=2)],
table_id=1)
self.ip_t10 = VppIpRoute(
self,
self.loop0.local_ip4,
32, [VppRoutePath("0.0.0.0", 0xffffffff, nh_table_id=1)],
table_id=2)
self.ip_t01.add_vpp_config()
self.ip_t10.add_vpp_config()
self.logger.debug(self.vapi.cli("show ip fib"))
def thru_host_stack_ipv4_tear_down(self):
# Delete inter-table routes
self.ip_t01.remove_vpp_config()
self.ip_t10.remove_vpp_config()
for i in self.lo_interfaces:
i.unconfig_ip4()
i.set_table_ip4(0)
i.admin_down()
def start_internal_echo_server(self, args):
error = self.vapi.cli("test echo server %s" % ' '.join(args))
if error:
self.logger.critical(error)
self.assertNotIn("failed", error)
def start_internal_echo_client(self, args):
error = self.vapi.cli("test echo client %s" % ' '.join(args))
if error:
self.logger.critical(error)
self.assertNotIn("failed", error)
def internal_ipv4_transfer_test(self, server_args, client_args):
self.start_internal_echo_server(server_args)
self.start_internal_echo_client(client_args)
def start_external_echo_server(self, args):
self.worker_server = QUICAppWorker(self.build_dir, "quic_echo", args,
self.logger)
self.worker_server.start()
def start_external_echo_client(self, args):
self.client_echo_test_args += "use-svm-api"
self.worker_client = QUICAppWorker(self.build_dir, "quic_echo", args,
self.logger)
self.worker_client.start()
self.worker_client.join(self.timeout)
try:
self.validateExternalTestResults()
except Exception as error:
self.fail("Failed with %s" % error)
def external_ipv4_transfer_test(self, server_args, client_args):
self.start_external_echo_server(server_args)
self.sleep(self.pre_test_sleep)
self.start_external_echo_client(client_args)
self.sleep(self.post_test_sleep)
def validateExternalTestResults(self):
if os.path.isdir('/proc/{}'.format(self.worker_server.process.pid)):
self.logger.info("Killing server worker process (pid %d)" %
self.worker_server.process.pid)
os.killpg(os.getpgid(self.worker_server.process.pid),
signal.SIGTERM)
self.worker_server.join()
self.logger.info("Client worker result is `%s'" %
self.worker_client.result)
error = False
if self.worker_client.result is None:
try:
error = True
self.logger.error(
"Timeout: %ss! Killing client worker process (pid %d)" %
(self.timeout, self.worker_client.process.pid))
os.killpg(os.getpgid(self.worker_client.process.pid),
signal.SIGKILL)
self.worker_client.join()
except OSError:
self.logger.debug("Couldn't kill client worker process")
raise
if error:
raise Exception("Timeout! Client worker did not finish in %ss" %
self.timeout)
self.assert_equal(self.worker_client.result, 0,
"Binary test return code")
def test_map_e(self):
""" MAP-E """
#
# Add a route to the MAP-BR
#
map_br_pfx = "2001::"
map_br_pfx_len = 64
map_route = VppIpRoute(self,
map_br_pfx,
map_br_pfx_len,
[VppRoutePath(self.pg1.remote_ip6,
self.pg1.sw_if_index,
proto=DpoProto.DPO_PROTO_IP6)],
is_ip6=1)
map_route.add_vpp_config()
#
# Add a domain that maps from pg0 to pg1
#
map_dst = '2001::/64'
map_src = '3000::1/128'
client_pfx = '192.168.0.0/16'
self.vapi.map_add_domain(map_dst, client_pfx, map_src)
# Enable MAP on interface.
self.vapi.map_if_enable_disable(is_enable=1,
sw_if_index=self.pg0.sw_if_index,
is_translation=0)
# Ensure MAP doesn't steal all packets!
v4 = (Ether(dst=self.pg0.local_mac, src=self.pg0.remote_mac) /
IP(src=self.pg0.remote_ip4, dst=self.pg0.remote_ip4) /
UDP(sport=20000, dport=10000) /
Raw('\xa5' * 100))
rx = self.send_and_expect(self.pg0, v4*1, self.pg0)
v4_reply = v4[1]
v4_reply.ttl -= 1
for p in rx:
self.validate(p[1], v4_reply)
#
# Fire in a v4 packet that will be encapped to the BR
#
v4 = (Ether(dst=self.pg0.local_mac, src=self.pg0.remote_mac) /
IP(src=self.pg0.remote_ip4, dst='192.168.1.1') /
UDP(sport=20000, dport=10000) /
Raw('\xa5' * 100))
self.send_and_assert_encapped(v4, "3000::1", "2001::c0a8:0:0")
# Enable MAP on interface.
self.vapi.map_if_enable_disable(is_enable=1,
sw_if_index=self.pg1.sw_if_index,
is_translation=0)
# Ensure MAP doesn't steal all packets
v6 = (Ether(dst=self.pg1.local_mac, src=self.pg1.remote_mac) /
IPv6(src=self.pg1.remote_ip6, dst=self.pg1.remote_ip6) /
UDP(sport=20000, dport=10000) /
Raw('\xa5' * 100))
rx = self.send_and_expect(self.pg1, v6*1, self.pg1)
v6_reply = v6[1]
v6_reply.hlim -= 1
for p in rx:
self.validate(p[1], v6_reply)
#
# Fire in a V6 encapped packet.
# expect a decapped packet on the inside ip4 link
#
p = (Ether(dst=self.pg1.local_mac, src=self.pg1.remote_mac) /
IPv6(dst='3000::1', src="2001::1") /
IP(dst=self.pg0.remote_ip4, src='192.168.1.1') /
UDP(sport=20000, dport=10000) /
Raw('\xa5' * 100))
self.pg1.add_stream(p)
self.pg_enable_capture(self.pg_interfaces)
self.pg_start()
rx = self.pg0.get_capture(1)
rx = rx[0]
self.assertFalse(rx.haslayer(IPv6))
self.assertEqual(rx[IP].src, p[IP].src)
self.assertEqual(rx[IP].dst, p[IP].dst)
#
# Pre-resolve. No API for this!!
#
self.vapi.ppcli("map params pre-resolve ip6-nh 4001::1")
self.send_and_assert_no_replies(self.pg0, v4,
"resovled via default route")
#
# Add a route to 4001::1. Expect the encapped traffic to be
# sent via that routes next-hop
#
pre_res_route = VppIpRoute(
self, "4001::1", 128,
[VppRoutePath(self.pg1.remote_hosts[2].ip6,
self.pg1.sw_if_index,
proto=DpoProto.DPO_PROTO_IP6)],
is_ip6=1)
pre_res_route.add_vpp_config()
self.send_and_assert_encapped(v4, "3000::1",
"2001::c0a8:0:0",
dmac=self.pg1.remote_hosts[2].mac)
#
# change the route to the pre-solved next-hop
#
pre_res_route.modify([VppRoutePath(self.pg1.remote_hosts[3].ip6,
self.pg1.sw_if_index,
proto=DpoProto.DPO_PROTO_IP6)])
pre_res_route.add_vpp_config()
self.send_and_assert_encapped(v4, "3000::1",
"2001::c0a8:0:0",
dmac=self.pg1.remote_hosts[3].mac)
#
# cleanup. The test infra's object registry will ensure
# the route is really gone and thus that the unresolve worked.
#
pre_res_route.remove_vpp_config()
self.vapi.ppcli("map params pre-resolve del ip6-nh 4001::1")
def test_gre_vrf(self):
""" GRE tunnel VRF Tests """
#
# Create an L3 GRE tunnel whose destination is in the non-default
# table. The underlay is thus non-default - the overlay is still
# the default.
# - set it admin up
# - assign an IP Addres
#
gre_if = VppGreInterface(self, self.pg1.local_ip4,
"2.2.2.2",
outer_fib_id=1)
gre_if.add_vpp_config()
gre_if.admin_up()
gre_if.config_ip4()
#
# Add a route via the tunnel - in the overlay
#
route_via_tun = VppIpRoute(self, "9.9.9.9", 32,
[VppRoutePath("0.0.0.0",
gre_if.sw_if_index)])
route_via_tun.add_vpp_config()
#
# Add a route that resolves the tunnel's destination - in the
# underlay table
#
route_tun_dst = VppIpRoute(self, "2.2.2.2", 32, table_id=1,
paths=[VppRoutePath(self.pg1.remote_ip4,
self.pg1.sw_if_index)])
route_tun_dst.add_vpp_config()
#
# Send a packet stream that is routed into the tunnel
# packets are sent in on pg0 which is in the default table
# - packets are GRE encapped
#
self.vapi.cli("clear trace")
tx = self.create_stream_ip4(self.pg0, "5.5.5.5", "9.9.9.9")
rx = self.send_and_expect(self.pg0, tx, self.pg1)
self.verify_tunneled_4o4(self.pg1, rx, tx,
self.pg1.local_ip4, "2.2.2.2")
#
# Send tunneled packets that match the created tunnel and
# are decapped and forwarded. This tests the decap lookup
# does not happen in the encap table
#
self.vapi.cli("clear trace")
tx = self.create_tunnel_stream_4o4(self.pg1,
"2.2.2.2",
self.pg1.local_ip4,
self.pg0.local_ip4,
self.pg0.remote_ip4)
rx = self.send_and_expect(self.pg1, tx, self.pg0)
self.verify_decapped_4o4(self.pg0, rx, tx)
#
# Send tunneled packets that match the created tunnel
# but arrive on an interface that is not in the tunnel's
# encap VRF, these are dropped.
# IP enable the interface so they aren't dropped due to
# IP not being enabled.
#
self.pg2.config_ip4()
self.vapi.cli("clear trace")
tx = self.create_tunnel_stream_4o4(self.pg2,
"2.2.2.2",
self.pg1.local_ip4,
self.pg0.local_ip4,
self.pg0.remote_ip4)
rx = self.send_and_assert_no_replies(
self.pg2, tx,
"GRE decap packets in wrong VRF")
self.pg2.unconfig_ip4()
#
# test case cleanup
#
route_tun_dst.remove_vpp_config()
route_via_tun.remove_vpp_config()
gre_if.remove_vpp_config()
def test_map_e(self):
""" MAP-E """
#
# Add a route to the MAP-BR
#
map_br_pfx = "2001::"
map_br_pfx_len = 32
map_route = VppIpRoute(
self, map_br_pfx, map_br_pfx_len,
[VppRoutePath(self.pg1.remote_ip6, self.pg1.sw_if_index)])
map_route.add_vpp_config()
#
# Add a domain that maps from pg0 to pg1
#
map_dst = '2001::/32'
map_src = '3000::1/128'
client_pfx = '192.168.0.0/16'
map_translated_addr = '2001:0:101:7000:0:c0a8:101:7'
tag = 'MAP-E tag.'
self.vapi.map_add_domain(ip4_prefix=client_pfx,
ip6_prefix=map_dst,
ip6_src=map_src,
ea_bits_len=20,
psid_offset=4,
psid_length=4,
tag=tag)
self.vapi.map_param_set_security_check(enable=1, fragments=1)
# Enable MAP on interface.
self.vapi.map_if_enable_disable(is_enable=1,
sw_if_index=self.pg0.sw_if_index,
is_translation=0)
# Ensure MAP doesn't steal all packets!
v4 = (Ether(dst=self.pg0.local_mac, src=self.pg0.remote_mac) /
IP(src=self.pg0.remote_ip4, dst=self.pg0.remote_ip4) /
UDP(sport=20000, dport=10000) / Raw(b'\xa5' * 100))
rx = self.send_and_expect(self.pg0, v4 * 1, self.pg0)
v4_reply = v4[1]
v4_reply.ttl -= 1
for p in rx:
self.validate(p[1], v4_reply)
#
# Fire in a v4 packet that will be encapped to the BR
#
v4 = (Ether(dst=self.pg0.local_mac, src=self.pg0.remote_mac) /
IP(src=self.pg0.remote_ip4, dst='192.168.1.1') /
UDP(sport=20000, dport=10000) / Raw(b'\xa5' * 100))
self.send_and_assert_encapped_one(v4, "3000::1", map_translated_addr)
#
# Verify reordered fragments are able to pass as well
#
v4 = (Ether(dst=self.pg0.local_mac, src=self.pg0.remote_mac) /
IP(id=1, src=self.pg0.remote_ip4, dst='192.168.1.1') /
UDP(sport=20000, dport=10000) / Raw(b'\xa5' * 1000))
frags = fragment_rfc791(v4, 400)
frags.reverse()
self.send_and_assert_encapped(frags, "3000::1", map_translated_addr)
# Enable MAP on interface.
self.vapi.map_if_enable_disable(is_enable=1,
sw_if_index=self.pg1.sw_if_index,
is_translation=0)
# Ensure MAP doesn't steal all packets
v6 = (Ether(dst=self.pg1.local_mac, src=self.pg1.remote_mac) /
IPv6(src=self.pg1.remote_ip6, dst=self.pg1.remote_ip6) /
UDP(sport=20000, dport=10000) / Raw(b'\xa5' * 100))
rx = self.send_and_expect(self.pg1, v6 * 1, self.pg1)
v6_reply = v6[1]
v6_reply.hlim -= 1
for p in rx:
self.validate(p[1], v6_reply)
#
# Fire in a V6 encapped packet.
# expect a decapped packet on the inside ip4 link
#
p = (Ether(dst=self.pg1.local_mac, src=self.pg1.remote_mac) /
IPv6(dst='3000::1', src=map_translated_addr) /
IP(dst=self.pg0.remote_ip4, src='192.168.1.1') /
UDP(sport=10000, dport=20000) / Raw(b'\xa5' * 100))
self.pg1.add_stream(p)
self.pg_enable_capture(self.pg_interfaces)
self.pg_start()
rx = self.pg0.get_capture(1)
rx = rx[0]
self.assertFalse(rx.haslayer(IPv6))
self.assertEqual(rx[IP].src, p[IP].src)
self.assertEqual(rx[IP].dst, p[IP].dst)
#
# Verify encapped reordered fragments pass as well
#
p = (IP(id=1, dst=self.pg0.remote_ip4, src='192.168.1.1') /
UDP(sport=10000, dport=20000) / Raw(b'\xa5' * 1500))
frags = fragment_rfc791(p, 400)
frags.reverse()
stream = (Ether(dst=self.pg1.local_mac, src=self.pg1.remote_mac) /
IPv6(dst='3000::1', src=map_translated_addr) / x
for x in frags)
self.pg1.add_stream(stream)
self.pg_enable_capture(self.pg_interfaces)
self.pg_start()
rx = self.pg0.get_capture(len(frags))
for r in rx:
self.assertFalse(r.haslayer(IPv6))
self.assertEqual(r[IP].src, p[IP].src)
self.assertEqual(r[IP].dst, p[IP].dst)
# Verify that fragments pass even if ipv6 layer is fragmented
stream = (IPv6(dst='3000::1', src=map_translated_addr) / x
for x in frags)
v6_stream = [
Ether(dst=self.pg1.local_mac, src=self.pg1.remote_mac) / x
for i in range(len(frags)) for x in fragment_rfc8200(
IPv6(dst='3000::1', src=map_translated_addr) /
frags[i], i, 200)
]
self.pg1.add_stream(v6_stream)
self.pg_enable_capture(self.pg_interfaces)
self.pg_start()
rx = self.pg0.get_capture(len(frags))
for r in rx:
self.assertFalse(r.haslayer(IPv6))
self.assertEqual(r[IP].src, p[IP].src)
self.assertEqual(r[IP].dst, p[IP].dst)
#
# Pre-resolve. No API for this!!
#
self.vapi.ppcli("map params pre-resolve ip6-nh 4001::1")
self.send_and_assert_no_replies(self.pg0, v4,
"resolved via default route")
#
# Add a route to 4001::1. Expect the encapped traffic to be
# sent via that routes next-hop
#
pre_res_route = VppIpRoute(
self, "4001::1", 128,
[VppRoutePath(self.pg1.remote_hosts[2].ip6, self.pg1.sw_if_index)])
pre_res_route.add_vpp_config()
self.send_and_assert_encapped_one(v4,
"3000::1",
map_translated_addr,
dmac=self.pg1.remote_hosts[2].mac)
#
# change the route to the pre-solved next-hop
#
pre_res_route.modify(
[VppRoutePath(self.pg1.remote_hosts[3].ip6, self.pg1.sw_if_index)])
pre_res_route.add_vpp_config()
self.send_and_assert_encapped_one(v4,
"3000::1",
map_translated_addr,
dmac=self.pg1.remote_hosts[3].mac)
#
# cleanup. The test infra's object registry will ensure
# the route is really gone and thus that the unresolve worked.
#
pre_res_route.remove_vpp_config()
self.vapi.ppcli("map params pre-resolve del ip6-nh 4001::1")
def test_PPPoE_Encap_Multiple(self):
""" PPPoE Encap Multiple Sessions Test """
self.vapi.cli("clear trace")
#
# Add a route that resolves the server's destination
#
route_sever_dst = VppIpRoute(self, "100.1.1.100", 32,
[VppRoutePath(self.pg1.remote_ip4,
self.pg1.sw_if_index)])
route_sever_dst.add_vpp_config()
# Send PPPoE Discovery 1
tx0 = self.create_stream_pppoe_discovery(self.pg0, self.pg1,
self.pg0.remote_mac)
self.pg0.add_stream(tx0)
self.pg_start()
# Send PPPoE PPP LCP 1
tx1 = self.create_stream_pppoe_lcp(self.pg0, self.pg1,
self.pg0.remote_mac,
self.session_id)
self.pg0.add_stream(tx1)
self.pg_start()
# Create PPPoE session 1
pppoe_if1 = VppPppoeInterface(self,
self.pg0.remote_ip4,
self.pg0.remote_mac,
self.session_id)
pppoe_if1.add_vpp_config()
# Send PPPoE Discovery 2
tx3 = self.create_stream_pppoe_discovery(self.pg2, self.pg1,
self.pg2.remote_mac)
self.pg2.add_stream(tx3)
self.pg_start()
# Send PPPoE PPP LCP 2
tx4 = self.create_stream_pppoe_lcp(self.pg2, self.pg1,
self.pg2.remote_mac,
self.session_id + 1)
self.pg2.add_stream(tx4)
self.pg_start()
# Create PPPoE session 2
pppoe_if2 = VppPppoeInterface(self,
self.pg2.remote_ip4,
self.pg2.remote_mac,
self.session_id + 1)
pppoe_if2.add_vpp_config()
#
# Send a packet stream that is routed into the session
# - packets are PPPoE encapped
#
self.vapi.cli("clear trace")
tx2 = self.create_stream_ip4(self.pg1, self.pg0,
self.pg0.remote_ip4, self.dst_ip)
self.pg1.add_stream(tx2)
self.pg_enable_capture(self.pg_interfaces)
self.pg_start()
rx2 = self.pg0.get_capture(len(tx2))
self.verify_encaped_pppoe(self.pg1, rx2, tx2, self.session_id)
tx5 = self.create_stream_ip4(self.pg1, self.pg2,
self.pg2.remote_ip4, self.dst_ip)
self.pg1.add_stream(tx5)
self.pg_enable_capture(self.pg_interfaces)
self.pg_start()
rx5 = self.pg2.get_capture(len(tx5))
self.verify_encaped_pppoe(self.pg1, rx5, tx5, self.session_id + 1)
self.logger.info(self.vapi.cli("show pppoe fib"))
self.logger.info(self.vapi.cli("show pppoe session"))
self.logger.info(self.vapi.cli("show ip fib"))
#
# test case cleanup
#
# Delete PPPoE session
pppoe_if1.remove_vpp_config()
pppoe_if2.remove_vpp_config()
# Delete a route that resolves the server's destination
route_sever_dst.remove_vpp_config()
