test/bfd.py

   1 """ BFD protocol implementation """
   2
   3 from random import randint
   4 from socket import AF_INET, AF_INET6, inet_pton
   5 from scapy.all import bind_layers
   6 from scapy.layers.inet import UDP
   7 from scapy.packet import Packet
   8 from scapy.fields import BitField, BitEnumField, XByteField, FlagsField,\
   9     ConditionalField, StrField
  10 from vpp_object import VppObject
  11 from util import NumericConstant
  12
  13
  14 class BFDDiagCode(NumericConstant):
  15     """ BFD Diagnostic Code """
  16     no_diagnostic = 0
  17     control_detection_time_expired = 1
  18     echo_function_failed = 2
  19     neighbor_signaled_session_down = 3
  20     forwarding_plane_reset = 4
  21     path_down = 5
  22     concatenated_path_down = 6
  23     administratively_down = 7
  24     reverse_concatenated_path_down = 8
  25
  26     desc_dict = {
  27         no_diagnostic: "No diagnostic",
  28         control_detection_time_expired: "Control Detection Time Expired",
  29         echo_function_failed: "Echo Function Failed",
  30         neighbor_signaled_session_down: "Neighbor Signaled Session Down",
  31         forwarding_plane_reset: "Forwarding Plane Reset",
  32         path_down: "Path Down",
  33         concatenated_path_down: "Concatenated Path Down",
  34         administratively_down: "Administratively Down",
  35         reverse_concatenated_path_down: "Reverse Concatenated Path Down",
  36     }
  37
  38     def __init__(self, value):
  39         NumericConstant.__init__(self, value)
  40
  41
  42 class BFDState(NumericConstant):
  43     """ BFD State """
  44     admin_down = 0
  45     down = 1
  46     init = 2
  47     up = 3
  48
  49     desc_dict = {
  50         admin_down: "AdminDown",
  51         down: "Down",
  52         init: "Init",
  53         up: "Up",
  54     }
  55
  56     def __init__(self, value):
  57         NumericConstant.__init__(self, value)
  58
  59
  60 class BFDAuthType(NumericConstant):
  61     """ BFD Authentication Type """
  62     no_auth = 0
  63     simple_pwd = 1
  64     keyed_md5 = 2
  65     meticulous_keyed_md5 = 3
  66     keyed_sha1 = 4
  67     meticulous_keyed_sha1 = 5
  68
  69     desc_dict = {
  70         no_auth: "No authentication",
  71         simple_pwd: "Simple Password",
  72         keyed_md5: "Keyed MD5",
  73         meticulous_keyed_md5: "Meticulous Keyed MD5",
  74         keyed_sha1: "Keyed SHA1",
  75         meticulous_keyed_sha1: "Meticulous Keyed SHA1",
  76     }
  77
  78     def __init__(self, value):
  79         NumericConstant.__init__(self, value)
  80
  81
  82 def bfd_is_auth_used(pkt):
  83     """ is packet authenticated? """
  84     return "A" in pkt.sprintf("%BFD.flags%")
  85
  86
  87 def bfd_is_simple_pwd_used(pkt):
  88     """ is simple password authentication used? """
  89     return bfd_is_auth_used(pkt) and pkt.auth_type == BFDAuthType.simple_pwd
  90
  91
  92 def bfd_is_sha1_used(pkt):
  93     """ is sha1 authentication used? """
  94     return bfd_is_auth_used(pkt) and pkt.auth_type in \
  95         (BFDAuthType.keyed_sha1, BFDAuthType.meticulous_keyed_sha1)
  96
  97
  98 def bfd_is_md5_used(pkt):
  99     """ is md5 authentication used? """
 100     return bfd_is_auth_used(pkt) and pkt.auth_type in \
 101         (BFDAuthType.keyed_md5, BFDAuthType.meticulous_keyed_md5)
 102
 103
 104 def bfd_is_md5_or_sha1_used(pkt):
 105     """ is md5 or sha1 used? """
 106     return bfd_is_md5_used(pkt) or bfd_is_sha1_used(pkt)
 107
 108
 109 class BFD(Packet):
 110     """ BFD protocol layer for scapy """
 111
 112     udp_dport = 3784  #: BFD destination port per RFC 5881
 113     udp_dport_echo = 3785  # : BFD destination port for ECHO per RFC 5881
 114     udp_sport_min = 49152  #: BFD source port min value per RFC 5881
 115     udp_sport_max = 65535  #: BFD source port max value per RFC 5881
 116     bfd_pkt_len = 24  # : length of BFD pkt without authentication section
 117     sha1_auth_len = 28  # : length of authentication section if SHA1 used
 118
 119     name = "BFD"
 120
 121     fields_desc = [
 122         BitField("version", 1, 3),
 123         BitEnumField("diag", 0, 5, BFDDiagCode.desc_dict),
 124         BitEnumField("state", 0, 2, BFDState.desc_dict),
 125         FlagsField("flags", 0, 6, ['M', 'D', 'A', 'C', 'F', 'P']),
 126         XByteField("detect_mult", 0),
 127         BitField("length", bfd_pkt_len, 8),
 128         BitField("my_discriminator", 0, 32),
 129         BitField("your_discriminator", 0, 32),
 130         BitField("desired_min_tx_interval", 0, 32),
 131         BitField("required_min_rx_interval", 0, 32),
 132         BitField("required_min_echo_rx_interval", 0, 32),
 133         ConditionalField(
 134             BitEnumField("auth_type", 0, 8, BFDAuthType.desc_dict),
 135             bfd_is_auth_used),
 136         ConditionalField(BitField("auth_len", 0, 8), bfd_is_auth_used),
 137         ConditionalField(BitField("auth_key_id", 0, 8), bfd_is_auth_used),
 138         ConditionalField(BitField("auth_reserved", 0, 8),
 139                          bfd_is_md5_or_sha1_used),
 140         ConditionalField(
 141             BitField("auth_seq_num", 0, 32), bfd_is_md5_or_sha1_used),
 142         ConditionalField(StrField("auth_key_hash", "0" * 16), bfd_is_md5_used),
 143         ConditionalField(
 144             StrField("auth_key_hash", "0" * 20), bfd_is_sha1_used),
 145     ]
 146
 147     def mysummary(self):
 148         return self.sprintf("BFD(my_disc=%BFD.my_discriminator%,"
 149                             "your_disc=%BFD.your_discriminator%)")
 150
 151 # glue the BFD packet class to scapy parser
 152 bind_layers(UDP, BFD, dport=BFD.udp_dport)
 153
 154
 155 class VppBFDAuthKey(VppObject):
 156     """ Represents BFD authentication key in VPP """
 157
 158     def __init__(self, test, conf_key_id, auth_type, key):
 159         self._test = test
 160         self._key = key
 161         self._auth_type = auth_type
 162         test.assertIn(auth_type, BFDAuthType.desc_dict)
 163         self._conf_key_id = conf_key_id
 164
 165     @property
 166     def test(self):
 167         """ Test which created this key """
 168         return self._test
 169
 170     @property
 171     def auth_type(self):
 172         """ Authentication type for this key """
 173         return self._auth_type
 174
 175     @property
 176     def key(self):
 177         """ key data """
 178         return self._key
 179
 180     @property
 181     def conf_key_id(self):
 182         """ configuration key ID """
 183         return self._conf_key_id
 184
 185     def add_vpp_config(self):
 186         self.test.vapi.bfd_auth_set_key(
 187             self._conf_key_id, self._auth_type, self._key)
 188         self._test.registry.register(self, self.test.logger)
 189
 190     def get_bfd_auth_keys_dump_entry(self):
 191         """ get the entry in the auth keys dump corresponding to this key """
 192         result = self.test.vapi.bfd_auth_keys_dump()
 193         for k in result:
 194             if k.conf_key_id == self._conf_key_id:
 195                 return k
 196         return None
 197
 198     def query_vpp_config(self):
 199         return self.get_bfd_auth_keys_dump_entry() is not None
 200
 201     def remove_vpp_config(self):
 202         self.test.vapi.bfd_auth_del_key(self._conf_key_id)
 203
 204     def object_id(self):
 205         return "bfd-auth-key-%s" % self._conf_key_id
 206
 207     def __str__(self):
 208         return self.object_id()
 209
 210
 211 class VppBFDUDPSession(VppObject):
 212     """ Represents BFD UDP session in VPP """
 213
 214     def __init__(self, test, interface, peer_addr, local_addr=None, af=AF_INET,
 215                  desired_min_tx=100000, required_min_rx=100000, detect_mult=3,
 216                  sha1_key=None, bfd_key_id=None):
 217         self._test = test
 218         self._interface = interface
 219         self._af = af
 220         self._local_addr = local_addr
 221         if local_addr is not None:
 222             self._local_addr_n = inet_pton(af, local_addr)
 223         else:
 224             self._local_addr_n = None
 225         self._peer_addr = peer_addr
 226         self._peer_addr_n = inet_pton(af, peer_addr)
 227         self._desired_min_tx = desired_min_tx
 228         self._required_min_rx = required_min_rx
 229         self._detect_mult = detect_mult
 230         self._sha1_key = sha1_key
 231         self._bfd_key_id = bfd_key_id if bfd_key_id else randint(0, 255)
 232
 233     @property
 234     def test(self):
 235         """ Test which created this session """
 236         return self._test
 237
 238     @property
 239     def interface(self):
 240         """ Interface on which this session lives """
 241         return self._interface
 242
 243     @property
 244     def af(self):
 245         """ Address family - AF_INET or AF_INET6 """
 246         return self._af
 247
 248     @property
 249     def local_addr(self):
 250         """ BFD session local address (VPP address) """
 251         if self._local_addr is None:
 252             if self.af == AF_INET:
 253                 return self._interface.local_ip4
 254             elif self.af == AF_INET6:
 255                 return self._interface.local_ip6
 256             else:
 257                 raise Exception("Unexpected af '%s'" % self.af)
 258         return self._local_addr
 259
 260     @property
 261     def local_addr_n(self):
 262         """ BFD session local address (VPP address) - raw, suitable for API """
 263         if self._local_addr is None:
 264             if self.af == AF_INET:
 265                 return self._interface.local_ip4n
 266             elif self.af == AF_INET6:
 267                 return self._interface.local_ip6n
 268             else:
 269                 raise Exception("Unexpected af '%s'" % self.af)
 270         return self._local_addr_n
 271
 272     @property
 273     def peer_addr(self):
 274         """ BFD session peer address """
 275         return self._peer_addr
 276
 277     @property
 278     def peer_addr_n(self):
 279         """ BFD session peer address - raw, suitable for API """
 280         return self._peer_addr_n
 281
 282     def get_bfd_udp_session_dump_entry(self):
 283         """ get the namedtuple entry from bfd udp session dump """
 284         result = self.test.vapi.bfd_udp_session_dump()
 285         for s in result:
 286             self.test.logger.debug("session entry: %s" % str(s))
 287             if s.sw_if_index == self.interface.sw_if_index:
 288                 if self.af == AF_INET \
 289                         and s.is_ipv6 == 0 \
 290                         and self.interface.local_ip4n == s.local_addr[:4] \
 291                         and self.interface.remote_ip4n == s.peer_addr[:4]:
 292                     return s
 293                 if self.af == AF_INET6 \
 294                         and s.is_ipv6 == 1 \
 295                         and self.interface.local_ip6n == s.local_addr \
 296                         and self.interface.remote_ip6n == s.peer_addr:
 297                     return s
 298         return None
 299
 300     @property
 301     def state(self):
 302         """ BFD session state """
 303         session = self.get_bfd_udp_session_dump_entry()
 304         if session is None:
 305             raise Exception("Could not find BFD session in VPP response")
 306         return session.state
 307
 308     @property
 309     def desired_min_tx(self):
 310         """ desired minimum tx interval """
 311         return self._desired_min_tx
 312
 313     @property
 314     def required_min_rx(self):
 315         """ required minimum rx interval """
 316         return self._required_min_rx
 317
 318     @property
 319     def detect_mult(self):
 320         """ detect multiplier """
 321         return self._detect_mult
 322
 323     @property
 324     def sha1_key(self):
 325         """ sha1 key """
 326         return self._sha1_key
 327
 328     @property
 329     def bfd_key_id(self):
 330         """ bfd key id in use """
 331         return self._bfd_key_id
 332
 333     def activate_auth(self, key, bfd_key_id=None, delayed=False):
 334         """ activate authentication for this session """
 335         self._bfd_key_id = bfd_key_id if bfd_key_id else randint(0, 255)
 336         self._sha1_key = key
 337         is_ipv6 = 1 if AF_INET6 == self.af else 0
 338         conf_key_id = self._sha1_key.conf_key_id
 339         is_delayed = 1 if delayed else 0
 340         self.test.vapi.bfd_udp_auth_activate(self._interface.sw_if_index,
 341                                              self.local_addr_n,
 342                                              self.peer_addr_n,
 343                                              is_ipv6=is_ipv6,
 344                                              bfd_key_id=self._bfd_key_id,
 345                                              conf_key_id=conf_key_id,
 346                                              is_delayed=is_delayed)
 347
 348     def deactivate_auth(self, delayed=False):
 349         """ deactivate authentication """
 350         self._bfd_key_id = None
 351         self._sha1_key = None
 352         is_delayed = 1 if delayed else 0
 353         is_ipv6 = 1 if AF_INET6 == self.af else 0
 354         self.test.vapi.bfd_udp_auth_deactivate(self._interface.sw_if_index,
 355                                                self.local_addr_n,
 356                                                self.peer_addr_n,
 357                                                is_ipv6=is_ipv6,
 358                                                is_delayed=is_delayed)
 359
 360     def modify_parameters(self,
 361                           detect_mult=None,
 362                           desired_min_tx=None,
 363                           required_min_rx=None):
 364         """ modify session parameters """
 365         if detect_mult:
 366             self._detect_mult = detect_mult
 367         if desired_min_tx:
 368             self._desired_min_tx = desired_min_tx
 369         if required_min_rx:
 370             self._required_min_rx = required_min_rx
 371         is_ipv6 = 1 if AF_INET6 == self.af else 0
 372         self.test.vapi.bfd_udp_mod(self._interface.sw_if_index,
 373                                    self.desired_min_tx,
 374                                    self.required_min_rx,
 375                                    self.detect_mult,
 376                                    self.local_addr_n,
 377                                    self.peer_addr_n,
 378                                    is_ipv6=is_ipv6)
 379
 380     def add_vpp_config(self):
 381         is_ipv6 = 1 if AF_INET6 == self.af else 0
 382         bfd_key_id = self._bfd_key_id if self._sha1_key else None
 383         conf_key_id = self._sha1_key.conf_key_id if self._sha1_key else None
 384         self.test.vapi.bfd_udp_add(self._interface.sw_if_index,
 385                                    self.desired_min_tx,
 386                                    self.required_min_rx,
 387                                    self.detect_mult,
 388                                    self.local_addr_n,
 389                                    self.peer_addr_n,
 390                                    is_ipv6=is_ipv6,
 391                                    bfd_key_id=bfd_key_id,
 392                                    conf_key_id=conf_key_id)
 393         self._test.registry.register(self, self.test.logger)
 394
 395     def query_vpp_config(self):
 396         session = self.get_bfd_udp_session_dump_entry()
 397         return session is not None
 398
 399     def remove_vpp_config(self):
 400         is_ipv6 = 1 if AF_INET6 == self._af else 0
 401         self.test.vapi.bfd_udp_del(self._interface.sw_if_index,
 402                                    self.local_addr_n,
 403                                    self.peer_addr_n,
 404                                    is_ipv6=is_ipv6)
 405
 406     def object_id(self):
 407         return "bfd-udp-%s-%s-%s-%s" % (self._interface.sw_if_index,
 408                                         self.local_addr,
 409                                         self.peer_addr,
 410                                         self.af)
 411
 412     def __str__(self):
 413         return self.object_id()
 414
 415     def admin_up(self):
 416         """ set bfd session admin-up """
 417         is_ipv6 = 1 if AF_INET6 == self._af else 0
 418         self.test.vapi.bfd_udp_session_set_flags(1,
 419                                                  self._interface.sw_if_index,
 420                                                  self.local_addr_n,
 421                                                  self.peer_addr_n,
 422                                                  is_ipv6=is_ipv6)
 423
 424     def admin_down(self):
 425         """ set bfd session admin-down """
 426         is_ipv6 = 1 if AF_INET6 == self._af else 0
 427         self.test.vapi.bfd_udp_session_set_flags(0,
 428                                                  self._interface.sw_if_index,
 429                                                  self.local_addr_n,
 430                                                  self.peer_addr_n,
 431                                                  is_ipv6=is_ipv6)