def _generate_port(self): """Get a free TCP port from the Operating System and return it. This might fail if some other process occupies this port after this function finished but before the neutron-server process started. """ return str(helpers.get_free_namespace_port())
def _generate_port(self): """Get a free TCP port from the Operating System and return it. This might fail if some other process occupies this port after this function finished but before the neutron-server process started. """ return str(helpers.get_free_namespace_port())
def setUp(self): super(IptablesManagerTestCase, self).setUp() self.client_ns, self.server_ns = self.prepare_veth_pairs() self.client_fw, self.server_fw = self.create_firewalls() # The port is used in isolated namespace that precludes possibility of # port conflicts self.port = helpers.get_free_namespace_port(self.server_ns.namespace)
def setUp(self): super(IptablesManagerTestCase, self).setUp() self.client_ns, self.server_ns = self.prepare_veth_pairs() self.client_fw, self.server_fw = self.create_firewalls() # The port is used in isolated namespace that precludes possibility of # port conflicts self.port = helpers.get_free_namespace_port(self.server_ns.namespace)
def setUp(self): super(IptablesManagerTestCase, self).setUp() bridge = self.useFixture(net_helpers.VethBridgeFixture()).bridge self.client, self.server = self.useFixture( machine_fixtures.PeerMachines(bridge)).machines self.client_fw, self.server_fw = self.create_firewalls() # The port is used in isolated namespace that precludes possibility of # port conflicts self.port = helpers.get_free_namespace_port(self.server.namespace)
def setUp(self): super(IptablesManagerTestCase, self).setUp() bridge = self.useFixture(net_helpers.VethBridgeFixture()).bridge self.client, self.server = self.useFixture( machine_fixtures.PeerMachines(bridge)).machines self.client_fw, self.server_fw = self.create_firewalls() # The port is used in isolated namespace that precludes possibility of # port conflicts self.port = helpers.get_free_namespace_port(self.server.namespace)
def test_conntrack_disassociate_fip(self): '''Test that conntrack immediately drops stateful connection that uses floating IP once it's disassociated. ''' router_info = self.generate_router_info(enable_ha=False) router = self.manage_router(self.agent, router_info) port = helpers.get_free_namespace_port(router.ns_name) client_address = '19.4.4.3' server_address = '35.4.0.4' def clean_fips(router): router.router[l3_constants.FLOATINGIP_KEY] = [] clean_fips(router) self._add_fip(router, client_address, fixed_address=server_address) router.process(self.agent) router_ns = ip_lib.IPWrapper(namespace=router.ns_name) netcat = helpers.NetcatTester(router_ns, router_ns, server_address, port, client_address=client_address, run_as_root=True, udp=False) self.addCleanup(netcat.stop_processes) def assert_num_of_conntrack_rules(n): out = router_ns.netns.execute( ["conntrack", "-L", "--orig-src", client_address]) self.assertEqual( n, len([line for line in out.strip().split('\n') if line])) with self.assert_max_execution_time(100): assert_num_of_conntrack_rules(0) self.assertTrue(netcat.test_connectivity()) assert_num_of_conntrack_rules(1) clean_fips(router) router.process(self.agent) assert_num_of_conntrack_rules(0) with testtools.ExpectedException(RuntimeError): netcat.test_connectivity()
def test_conntrack_disassociate_fip(self): '''Test that conntrack immediately drops stateful connection that uses floating IP once it's disassociated. ''' router_info = self.generate_router_info(enable_ha=False) router = self.manage_router(self.agent, router_info) port = helpers.get_free_namespace_port(router.ns_name) client_address = '19.4.4.3' server_address = '35.4.0.4' def clean_fips(router): router.router[l3_constants.FLOATINGIP_KEY] = [] clean_fips(router) self._add_fip(router, client_address, fixed_address=server_address) self.agent.process_router(router) router_ns = ip_lib.IPWrapper(self.root_helper, namespace=router.ns_name) netcat = helpers.NetcatTester(router_ns, router_ns, server_address, port, client_address=client_address, root_helper=self.root_helper, udp=False) self.addCleanup(netcat.stop_processes) def assert_num_of_conntrack_rules(n): out = router_ns.netns.execute(["conntrack", "-L", "--orig-src", client_address]) self.assertEqual( n, len([line for line in out.strip().split('\n') if line])) with self.assert_max_execution_time(100): assert_num_of_conntrack_rules(0) self.assertTrue(netcat.test_connectivity()) assert_num_of_conntrack_rules(1) clean_fips(router) self.agent.process_router(router) assert_num_of_conntrack_rules(0) with testtools.ExpectedException(RuntimeError): netcat.test_connectivity()
def test_fip_connection_from_same_subnet(self): '''Test connection to floatingip which is associated with fixed_ip on the same subnet of the source fixed_ip. In other words it confirms that return packets surely go through the router. ''' router_info = self.generate_router_info(enable_ha=False) router = self.manage_router(self.agent, router_info) router_ip_cidr = self._port_first_ip_cidr(router.internal_ports[0]) router_ip = router_ip_cidr.partition('/')[0] src_ip_cidr = net_helpers.increment_ip_cidr(router_ip_cidr) dst_ip_cidr = net_helpers.increment_ip_cidr(src_ip_cidr) dst_ip = dst_ip_cidr.partition('/')[0] dst_fip = '19.4.4.10' router.router[l3_constants.FLOATINGIP_KEY] = [] self._add_fip(router, dst_fip, fixed_address=dst_ip) router.process(self.agent) br_int = get_ovs_bridge(self.agent.conf.ovs_integration_bridge) # FIXME(cbrandily): temporary, will be replaced by fake machines src_ns = self._create_namespace(prefix='test-src-') src_port = self.useFixture( net_helpers.OVSPortFixture(br_int, src_ns.namespace)).port src_port.addr.add(src_ip_cidr) net_helpers.set_namespace_gateway(src_port, router_ip) dst_ns = self._create_namespace(prefix='test-dst-') dst_port = self.useFixture( net_helpers.OVSPortFixture(br_int, dst_ns.namespace)).port dst_port.addr.add(dst_ip_cidr) net_helpers.set_namespace_gateway(dst_port, router_ip) protocol_port = helpers.get_free_namespace_port(dst_ns) # client sends to fip netcat = helpers.NetcatTester(src_ns, dst_ns, dst_ip, protocol_port, client_address=dst_fip, run_as_root=True, udp=False) self.addCleanup(netcat.stop_processes) self.assertTrue(netcat.test_connectivity())
def test_fip_connection_from_same_subnet(self): '''Test connection to floatingip which is associated with fixed_ip on the same subnet of the source fixed_ip. In other words it confirms that return packets surely go through the router. ''' router_info = self.generate_router_info(enable_ha=False) router = self.manage_router(self.agent, router_info) router_ip_cidr = self._port_first_ip_cidr(router.internal_ports[0]) router_ip = router_ip_cidr.partition('/')[0] src_ip_cidr = net_helpers.increment_ip_cidr(router_ip_cidr) dst_ip_cidr = net_helpers.increment_ip_cidr(src_ip_cidr) dst_ip = dst_ip_cidr.partition('/')[0] dst_fip = '19.4.4.10' router.router[l3_constants.FLOATINGIP_KEY] = [] self._add_fip(router, dst_fip, fixed_address=dst_ip) router.process(self.agent) br_int = get_ovs_bridge(self.agent.conf.ovs_integration_bridge) # FIXME(cbrandily): temporary, will be replaced by fake machines src_ns = self._create_namespace(prefix='test-src-') src_port = self.useFixture( net_helpers.OVSPortFixture(br_int, src_ns.namespace)).port src_port.addr.add(src_ip_cidr) net_helpers.set_namespace_gateway(src_port, router_ip) dst_ns = self._create_namespace(prefix='test-dst-') dst_port = self.useFixture( net_helpers.OVSPortFixture(br_int, dst_ns.namespace)).port dst_port.addr.add(dst_ip_cidr) net_helpers.set_namespace_gateway(dst_port, router_ip) protocol_port = helpers.get_free_namespace_port(dst_ns) # client sends to fip netcat = helpers.NetcatTester(src_ns, dst_ns, dst_ip, protocol_port, client_address=dst_fip, run_as_root=True, udp=False) self.addCleanup(netcat.stop_processes) self.assertTrue(netcat.test_connectivity())