def test_fif6(self):
""" Fragments in fragments (6o6) """
# TODO this should be ideally in setUpClass, but then we hit a bug
# with VppIpRoute incorrectly reporting it's present when it's not
# so we need to manually remove the vpp config, thus we cannot have
# it shared for multiple test cases
self.tun_ip6 = "1002::1"
self.gre6 = VppGre6Interface(self, self.src_if.local_ip6, self.tun_ip6)
self.gre6.add_vpp_config()
self.gre6.admin_up()
self.gre6.config_ip6()
self.vapi.ip_reassembly_enable_disable(
sw_if_index=self.gre6.sw_if_index, enable_ip6=True)
self.route6 = VppIpRoute(self,
self.tun_ip6,
128, [
VppRoutePath(self.src_if.remote_ip6,
self.src_if.sw_if_index,
proto=DpoProto.DPO_PROTO_IP6)
],
is_ip6=1)
self.route6.add_vpp_config()
self.reset_packet_infos()
for i in range(test_packet_count):
info = self.create_packet_info(self.src_if, self.dst_if)
payload = self.info_to_payload(info)
# Ethernet header here is only for size calculation, thus it
# doesn't matter how it's initialized. This is to ensure that
# reassembled packet is not > 9000 bytes, so that it's not dropped
p = (Ether() /
IPv6(src=self.src_if.remote_ip6, dst=self.dst_if.remote_ip6) /
UDP(sport=1234, dport=5678) / Raw(payload))
size = self.packet_sizes[(i // 2) % len(self.packet_sizes)]
self.extend_packet(p, size, self.padding)
info.data = p[IPv6] # use only IPv6 part, without ethernet header
fragments = [
x for _, i in six.iteritems(self._packet_infos)
for x in fragment_rfc8200(i.data, i.index, 400)
]
encapped_fragments = \
[Ether(dst=self.src_if.local_mac, src=self.src_if.remote_mac) /
IPv6(src=self.tun_ip6, dst=self.src_if.local_ip6) /
GRE() /
p
for p in fragments]
fragmented_encapped_fragments = \
[x for p in encapped_fragments for x in (
fragment_rfc8200(
p,
2 * len(self._packet_infos) + p[IPv6ExtHdrFragment].id,
200)
if IPv6ExtHdrFragment in p else [p]
)
]
self.src_if.add_stream(fragmented_encapped_fragments)
self.pg_enable_capture(self.pg_interfaces)
self.pg_start()
self.src_if.assert_nothing_captured()
packets = self.dst_if.get_capture(len(self._packet_infos))
self.verify_capture(packets, IPv6)
# TODO remove gre vpp config by hand until VppIpRoute gets fixed
# so that it's query_vpp_config() works as it should
self.gre6.remove_vpp_config()
def test_fif6(self):
""" Fragments in fragments (6o6) """
# TODO this should be ideally in setUpClass, but then we hit a bug
# with VppIpRoute incorrectly reporting it's present when it's not
# so we need to manually remove the vpp config, thus we cannot have
# it shared for multiple test cases
self.tun_ip6 = "1002::1"
self.gre6 = VppGre6Interface(self, self.pg0.local_ip6, self.tun_ip6)
self.gre6.add_vpp_config()
self.gre6.admin_up()
self.gre6.config_ip6()
self.route6 = VppIpRoute(self,
self.tun_ip6,
128, [
VppRoutePath(self.pg0.remote_ip6,
self.pg0.sw_if_index,
proto=DpoProto.DPO_PROTO_IP6)
],
is_ip6=1)
self.route6.add_vpp_config()
self.reset_packet_infos()
for i in range(test_packet_count):
info = self.create_packet_info(self.pg0, self.pg0)
payload = self.info_to_payload(info)
p = (IPv6(src=self.pg0.remote_ip6, dst=self.pg0.local_ip6) /
UDP(sport=1234, dport=self.punt_port) / Raw(payload))
size = self.packet_sizes[(i // 2) % len(self.packet_sizes)]
self.extend_packet(p, size, self.padding)
info.data = p
fragments = [
x for _, i in self._packet_infos.iteritems()
for x in fragment_rfc8200(i.data, i.index, 400)
]
encapped_fragments = \
[Ether(dst=self.pg0.local_mac, src=self.pg0.remote_mac) /
IPv6(src=self.tun_ip6, dst=self.pg0.local_ip6) /
GRE() /
p
for p in fragments]
fragmented_encapped_fragments = \
[x for p in encapped_fragments for x in (
fragment_rfc8200(
p,
2 * len(self._packet_infos) + p[IPv6ExtHdrFragment].id,
200)
if IPv6ExtHdrFragment in p else [p]
)
]
self.pg0.add_stream(fragmented_encapped_fragments)
self.pg_enable_capture(self.pg_interfaces)
self.pg_start()
self.pg0.assert_nothing_captured()
packets = self.punt6_socket.wait_for_packets(len(self._packet_infos))
self.verify_capture(packets, IPv6)
# TODO remove gre vpp config by hand until VppIpRoute gets fixed
# so that it's query_vpp_config() works as it should
self.gre6.remove_vpp_config()
def test_gre6(self):
""" GRE IPv6 tunnel Tests """
self.pg1.config_ip6()
self.pg1.resolve_ndp()
#
# Create an L3 GRE tunnel.
# - set it admin up
# - assign an IP Address
# - Add a route via the tunnel
#
gre_if = VppGre6Interface(self,
self.pg2.local_ip6,
"1002::1")
gre_if.add_vpp_config()
gre_if.admin_up()
gre_if.config_ip6()
route_via_tun = VppIpRoute(
self, "4004::1", 128,
[VppRoutePath("0::0",
gre_if.sw_if_index,
proto=DpoProto.DPO_PROTO_IP6)],
is_ip6=1)
route_via_tun.add_vpp_config()
#
# Send a packet stream that is routed into the tunnel
# - they are all dropped since the tunnel's desintation IP
# is unresolved - or resolves via the default route - which
# which is a drop.
#
tx = self.create_stream_ip6(self.pg2, "5005::1", "4004::1")
self.pg2.add_stream(tx)
self.pg_enable_capture(self.pg_interfaces)
self.pg_start()
self.pg2.assert_nothing_captured(
remark="GRE packets forwarded without DIP resolved")
#
# Add a route that resolves the tunnel's destination
#
route_tun_dst = VppIpRoute(
self, "1002::1", 128,
[VppRoutePath(self.pg2.remote_ip6,
self.pg2.sw_if_index,
proto=DpoProto.DPO_PROTO_IP6)],
is_ip6=1)
route_tun_dst.add_vpp_config()
#
# Send a packet stream that is routed into the tunnel
# - packets are GRE encapped
#
self.vapi.cli("clear trace")
tx = self.create_stream_ip6(self.pg2, "5005::1", "4004::1")
self.pg2.add_stream(tx)
self.pg_enable_capture(self.pg_interfaces)
self.pg_start()
rx = self.pg2.get_capture(len(tx))
self.verify_tunneled_6o6(self.pg2, rx, tx,
self.pg2.local_ip6, "1002::1")
#
# Test decap. decapped packets go out pg1
#
tx = self.create_tunnel_stream_6o6(self.pg2,
"1002::1",
self.pg2.local_ip6,
"2001::1",
self.pg1.remote_ip6)
self.vapi.cli("clear trace")
self.pg2.add_stream(tx)
self.pg_enable_capture(self.pg_interfaces)
self.pg_start()
rx = self.pg1.get_capture(len(tx))
#
# RX'd packet is UDP over IPv6, test the GRE header is gone.
#
self.assertFalse(rx[0].haslayer(GRE))
self.assertEqual(rx[0][IPv6].dst, self.pg1.remote_ip6)
#
# test case cleanup
#
route_tun_dst.remove_vpp_config()
route_via_tun.remove_vpp_config()
gre_if.remove_vpp_config()
self.pg2.unconfig_ip6()
self.pg1.unconfig_ip6()
def test_gre6(self):
""" GRE IPv6 tunnel Tests """
#
# Create an L3 GRE tunnel.
# - set it admin up
# - assign an IP Address
# - Add a route via the tunnel
#
gre_if = VppGre6Interface(self, self.pg2.local_ip6, "1002::1")
gre_if.add_vpp_config()
gre_if.admin_up()
gre_if.config_ip6()
route_via_tun = VppIpRoute(
self,
"4004::1",
128, [VppRoutePath("0::0", gre_if.sw_if_index, is_ip6=1)],
is_ip6=1)
route_via_tun.add_vpp_config()
#
# Send a packet stream that is routed into the tunnel
# - they are all dropped since the tunnel's desintation IP
# is unresolved - or resolves via the default route - which
# which is a drop.
#
tx = self.create_stream_ip6(self.pg2, "5005::1", "4004::1")
self.pg2.add_stream(tx)
self.pg_enable_capture(self.pg_interfaces)
self.pg_start()
self.pg2.assert_nothing_captured(
remark="GRE packets forwarded without DIP resolved")
#
# Add a route that resolves the tunnel's destination
#
route_tun_dst = VppIpRoute(
self,
"1002::1",
128, [
VppRoutePath(
self.pg2.remote_ip6, self.pg2.sw_if_index, is_ip6=1)
],
is_ip6=1)
route_tun_dst.add_vpp_config()
#
# Send a packet stream that is routed into the tunnel
# - packets are GRE encapped
#
self.vapi.cli("clear trace")
tx = self.create_stream_ip6(self.pg2, "5005::1", "4004::1")
self.pg2.add_stream(tx)
self.pg_enable_capture(self.pg_interfaces)
self.pg_start()
rx = self.pg2.get_capture(len(tx))
self.verify_tunneled_6o6(self.pg2, rx, tx, self.pg2.local_ip6,
"1002::1")
#
# test case cleanup
#
route_tun_dst.remove_vpp_config()
route_via_tun.remove_vpp_config()
gre_if.remove_vpp_config()
self.pg2.unconfig_ip6()