def port_mirror_config():
mirror.create_session(vars.D1,
session_name=data.session_name_port,
mirror_type=data.mirror_type,
destination_ifname=data.mirror_interface,
source_ifname=data.source_interface,
rx_tx=data.direction_list)
def erspan_pre_config():
"""
Author: Lakshminarayana D ([email protected])
Using this pre config at module level. So, applicable for all test cases which includes in this module.
:return: None
"""
# IP address configuration on DUT-1
for port, ip_addr, in zip(data.port_list_d1, data.ip_list_d1):
ip.config_ip_addr_interface(vars.D1, port, ip_addr, data.subnet_mask)
# IP address configuration on DUT-2
for port, ip_addr in zip(data.port_list_d2, data.ip_list_d2):
ip.config_ip_addr_interface(vars.D2, port, ip_addr, data.subnet_mask)
# Create static route
_, network = ip.get_network_addr("{}/{}".format(data.ip_T1D2P1, data.subnet_mask))
ip.create_static_route(vars.D1, data.ip_D2D1P1, network)
_, network = ip.get_network_addr("{}/{}".format(data.ip_T1D1P1, data.subnet_mask))
ip.create_static_route(vars.D2, data.ip_D1D2P1, network)
# creation and verification of Monitor session
mirror.create_session(vars.D1, session_name=data.session_name, src_ip=data.ip_D1T1P1,
dst_ip=data.ip_T1D2P1, gre_type=data.gre_type, dscp=data.dscp,
ttl=data.ttl, queue=data.queue)
# creation and verification of ACL Policy
acl_dscp.config_policy_table(vars.D1, enable='create', policy_name=data.acl_table_name, policy_type=data.type)
acl_dscp.config_service_policy_table(vars.D1, policy_kind="bind", interface_name=vars.D1T1P1, stage='in',
service_policy_name=data.acl_table_name, policy_type=data.type)
acl_dscp.config_service_policy_table(vars.D1, policy_kind="bind", interface_name=vars.D1T1P2, stage='in',
policy_type=data.type, service_policy_name=data.acl_table_name)
acl.create_acl_table(vars.D1, name="L3_IPV6_INGRESS", stage=data.stage, type="L3V6",
description="L3_IPV6_INGRESS", ports=[vars.D1T1P1])
def test_ft_erspan_portchannel_shut_noshut():
"""
Author: Kanala Ramprakash Reddy ( [email protected])
TC1 FtOpSoSyErspanFn020: Verify that ERSPAN is working as expected after portchannel shut/no shut.
:return:
"""
st.log("############### Test started to check ERSPAN status between multiple link flaps###############")
st.log("Creating mirror session")
mirror.create_session(vars.D1, session_name=data.mirror_session, gre_type=data.gre_type, dscp=data.dscp,
ttl=data.ttl, queue=data.queue, src_ip=data.ip_T1D1P2, dst_ip=data.ip_T1D2P1)
st.log("Creating ACL Policy")
acl_dscp.config_classifier_table(vars.D1, enable='create', match_type="fields", class_name=data.acl_rule)
acl_dscp.config_classifier_table(vars.D1, enable='yes', class_criteria="--src-ip", class_name=data.acl_rule,
criteria_value=data.src_ip_mask, match_type="fields")
acl_dscp.config_flow_update_table(vars.D1, policy_name=data.acl_table_name, flow='add', policy_type=data.type,
class_name=data.acl_rule, priority_value=data.priority,
description=data.description)
acl_dscp.config_flow_update_table(vars.D1, policy_name=data.acl_table_name, flow='update', policy_type=data.type,
class_name=data.acl_rule, priority_option='--mirror-session',
priority_value=data.mirror_action)
stream = data.tg1.tg_traffic_config(port_handle=data.tg_ph_1, mode='create', transmit_mode='continuous', length_mode='fixed',
rate_pps=data.rate_pps, l2_encap='ethernet_ii', mac_src='00:0a:01:00:00:01',
mac_dst=dut_mac, l3_protocol="ipv4", ip_src_addr=data.ip_T1D1P1,
ip_dst_addr=data.ip_T1D1P2)['stream_id']
intf_obj.clear_interface_counters(vars.D1)
st.log("Starting the traffic")
data.tg1.tg_traffic_control(action='run', stream_handle=stream)
for _ in range(5):
intf_obj.interface_shutdown(vars.D1, [vars.D1D2P1], skip_verify=True)
if not poll_wait(mirror.verify_session_all, 20, vars.D1, mirror_type="erspan", status="inactive",
session_name=data.mirror_session):
st.error("Mirror session status should be inactive after port shutdown")
data.flag = 0
intf_obj.interface_noshutdown(vars.D1, [vars.D1D2P1], skip_verify=True)
if not poll_wait(mirror.verify_session_all, 20, vars.D1, mirror_type="erspan", status="active",
session_name=data.mirror_session):
st.error("Mirror session status should be active after port startup")
data.flag = 0
data.tg1.tg_traffic_control(action='stop', stream_handle=stream)
if data.flag == 0:
st.report_fail("test_case_failed")
else:
st.report_pass("test_case_passed")
def test_ft_erspan_action_encapsulation():
"""
Author: Lakshminarayana D ([email protected])
Verify that ERSPAN is working as expected and intended traffic is mirrored to remote interface using various
encapsulation methods:
1. Encapsulation method 0x6558
2. Encapsulation method 0x88ee
Topology:
---------
TG1 ----
DUT1 ---- DUT2 ---- TG3
TG2 ----
"""
encap_list = ['0x88ee', '0x6558']
for encap in encap_list:
st.log("############### Test started for encapusulation method : {} ###############".format(encap))
mirror.create_session(vars.D1, session_name="mirror_" + encap, gre_type=encap,
dscp=data.dscp, ttl=data.ttl, queue=data.queue, src_ip=data.ip_D1T1P1,
dst_ip=data.ip_T1D2P1)
# creation and verification of ACL Rule
acl_dscp.config_classifier_table(vars.D1, enable='create', match_type="fields", class_name=data.acl_rule)
acl_dscp.config_classifier_table(vars.D1, enable='yes', class_criteria='--src-ip', class_name=data.acl_rule,
criteria_value=data.src_ip_mask, match_type="fields")
acl_dscp.config_flow_update_table(vars.D1, policy_name=data.acl_table_name, flow='add',policy_type=data.type,
class_name=data.acl_rule, priority_value=data.priority,
description=data.description)
acl_dscp.config_flow_update_table(vars.D1, policy_name=data.acl_table_name, flow='update',policy_type=data.type,
class_name=data.acl_rule, priority_option='--mirror-session',
priority_value="mirror_" + encap)
# TG traffic verification: Needed arguments : capture_values='11.1.1.2, capture_fields='src_ip'
retval = send_traffic(capture_values=[encap.strip('0x')], capture_fields=['gre_protocol'], pkts_per_burst=5,
verify_capture=True)
if not retval[1]:
st.report_fail("traffic_verification_fail", 'capture')
st.report_pass("test_case_passed")
def erspan_pre_config():
"""
Author: Anil Kumar Kacharla<*****@*****.**>
Using this pre config at module level. So, applicable for all test cases which includes in this module.
:return: None
"""
# IP address configuration on DUT-1
for port, ip_addr, in zip(data.port_list_d1, data.ip_list_d1):
ip.config_ip_addr_interface(data.dut1, port, ip_addr, data.subnet_mask)
# IP address configuration on DUT-2
for port, ip_addr in zip(data.port_list_d2, data.ip_list_d2):
ip.config_ip_addr_interface(data.dut2, port, ip_addr, data.subnet_mask)
# Create static route
_, network = ip.get_network_addr("{}/{}".format(data.ip_T1D2P1,
data.subnet_mask))
ip.create_static_route(data.dut1, data.ip_D2D1P1, network)
_, network = ip.get_network_addr("{}/{}".format(data.ip_T1D1P1,
data.subnet_mask))
ip.create_static_route(data.dut2, data.ip_D1D2P1, network)
# creation and verification of Monitor session
mirror.create_session(data.dut1,
session_name=data.session_name,
src_ip=data.ip_D1T1P1,
dst_ip=data.ip_T1D2P1,
gre_type=data.gre_type,
dscp=data.dscp,
ttl=data.ttl,
queue=data.queue)
# creation and verification of ACL policy
acl_dscp.config_policy_table(vars.D1,
enable='create',
policy_name=data.acl_table_name,
policy_type=data.type)
acl_dscp.config_service_policy_table(
vars.D1,
policy_kind="bind",
interface_name=vars.D1T1P1,
stage='in',
service_policy_name=data.acl_table_name,
policy_type=data.type)
# creation and verification of ACL classifier
acl_dscp.config_classifier_table(vars.D1,
enable='create',
match_type="fields",
class_name=data.acl_rule)
acl_dscp.config_classifier_table(data.dut1,
enable='yes',
class_criteria=['--src-ip'],
class_name=data.acl_rule,
criteria_value=[data.src_ip_mask],
match_type="fields")
acl_dscp.config_flow_update_table(data.dut1,
policy_name=data.acl_table_name,
flow='add',
class_name=data.acl_rule,
priority_value=data.priority,
description=data.description,
policy_type=data.type)
acl_dscp.config_flow_update_table(data.dut1,
policy_name=data.acl_table_name,
flow='update',
policy_type=data.type,
class_name=data.acl_rule,
priority_option='--mirror-session',
priority_value=data.mirror_action)
def test_ft_erspan_basic_functionality():
"""
Author: Sesha Koilkonda ([email protected])
TC1 FtOpSoSyErspanFn019: Verify that maximum number of mirror sessions are created.
TC2 FtOpSoSyErspanFn015: Verify that multiple mirror sessions can be created and assigned to rules from the same ACL.
TC3 FtOpSoSyErspanFn011: Verify that ERSPAN is working as expected and intended traffic is mirrored to remote interface from multiple interfaces.
Notes from dev: Only 1 Mirror ACL configuration is supported as of now.
maximum Acl rules that can be configured in mirror sesssion(s) is 3.
:return:
"""
ip_add_src, ip_add_dst = data.ip_T1D1P1, data.ip_T1D2P1
max_sessions, data.mask = 4, '32'
tc_fail = 0
acl_dscp.config_classifier_table(vars.D1, enable='create', match_type="fields", class_name=data.acl_rule)
acl_dscp.config_classifier_table(vars.D1, enable='yes', class_criteria='--src-ip', class_name=data.acl_rule,
criteria_value="{}/{}".format(ip_add_src, data.mask), match_type="fields")
acl_dscp.config_flow_update_table(vars.D1, policy_name=data.acl_table_name, flow='add', policy_type=data.type,
class_name=data.acl_rule, priority_value=data.priority,
description=data.description)
acl_dscp.config_flow_update_table(vars.D1, policy_name=data.acl_table_name, flow='update',policy_type=data.type,
class_name=data.acl_rule, priority_option='--mirror-session',
priority_value=data.session_name)
#Configure the maximum supported mirror sessions(Session1 alreday created as part of module config.)
for ele in range(1, max_sessions):
_, ip_add_src = ip.increment_ip_addr("{}/{}".format(ip_add_src.split('/')[0], data.mask), "host")
_, ip_add_dst = ip.increment_ip_addr("{}/{}".format(ip_add_dst.split('/')[0], data.mask), "host")
if ele == 2: _, ip_add_src = ip.increment_ip_addr("{}/{}".format(data.ip_D1T1P2, data.mask), "host")
mirror_args = {'session_name': data.session_name + str(ele),'src_ip': ip_add_src.split('/')[0], 'dst_ip': ip_add_dst.split('/')[0],
'dscp':'50', 'ttl':'60', 'gre_type':'0x88ee', 'queue':data.queue}
mirror.create_session(vars.D1, **mirror_args)
if not mirror.verify_session(vars.D1, **mirror_args):
st.log("failed to configure the mirror session: {} ".format(data.session_name + str(ele)))
tc_fail = 1
acl_dscp.config_classifier_table(vars.D1, enable='create', match_type="fields", class_name=data.acl_rule+ str(ele))
acl_dscp.config_classifier_table(vars.D1, enable='yes', class_criteria='--src-ip', match_type="fields",
class_name=data.acl_rule + str(ele),
criteria_value="{}".format(ip_add_src))
acl_dscp.config_flow_update_table(vars.D1, policy_name=data.acl_table_name, flow='add', policy_type=data.type,
class_name=data.acl_rule+str(ele),priority_value=int(data.priority) + ele,
description=data.description)
acl_dscp.config_flow_update_table(vars.D1, policy_name=data.acl_table_name, flow='update',policy_type=data.type,
class_name=data.acl_rule+str(ele), priority_option='--mirror-session',
priority_value=data.session_name + str(ele))
# Traffic validations for the mirror sessions.
ip_add_src, ip_add_dst, tg_src = data.ip_T1D1P1, data.ip_T1D1P2, 'tg_ph_1'
for ele in range(0, max_sessions):
if ele == 2:
_, ip_add_src = ip.increment_ip_addr("{}/{}".format(data.ip_D1T1P2.split('/')[0], data.mask), "host")
_, ip_add_dst = ip.increment_ip_addr("{}/{}".format(data.ip_D1T1P1.split('/')[0], data.mask), "host")
tg_src = 'tg_ph_2'
retval = send_traffic(capture_values=[ip_add_dst], capture_fields=['dst_ip'], ip_src_addr= ip_add_src.split('/')[0],
ip_dst_addr= ip_add_dst.split('/')[0], tg_src_port=tg_src)
if not retval[0]:
st.log('Traffic validation failed for the mirror session combination: source_ip {} , destination_ip {}'.format(ip_add_src,ip_add_dst))
tc_fail = ele
_, ip_add_src = ip.increment_ip_addr("{}/{}".format(ip_add_src.split('/')[0], data.mask), "host")
#Unconfigration part
for ele in range(1, max_sessions):
acl_dscp.config_flow_update_table(vars.D1, policy_name=data.acl_table_name, flow='del',
policy_type=data.type, class_name=data.acl_rule + str(ele))
acl_dscp.config_classifier_table(dut=vars.D1, enable="del", class_name=data.acl_rule+str(ele))
mirror.delete_session(vars.D1, data.session_name + str(ele))
if tc_fail == 1:
st.report_fail("mirror_session_fail", "")
elif tc_fail == 2:
st.report_fail("traffic_verification_fail", "packet count")
st.report_pass("test_case_passed")