7 from framework import VppTestCase, VppTestRunner
8 from vpp_object import VppObject
10 from scapy.packet import Raw
11 from scapy.layers.l2 import Ether
12 from scapy.layers.inet import IP, UDP
13 from scapy.layers.inet6 import IPv6
15 from socket import AF_INET, AF_INET6
16 from scapy.utils import inet_pton
19 class VppGbpEndpoint(VppObject):
24 def __init__(self, test, sw_if_index, addr, epg, is_ip6=0):
26 self.sw_if_index = sw_if_index
31 self.addr = inet_pton(AF_INET6, addr)
33 self.addr = inet_pton(AF_INET, addr)
35 def add_vpp_config(self):
36 self._test.vapi.gbp_endpoint_add_del(
42 self._test.registry.register(self, self._test.logger)
44 def remove_vpp_config(self):
45 self._test.vapi.gbp_endpoint_add_del(
53 return self.object_id()
56 return "gbp-endpoint;[%d:%s:%d]" % (self.sw_if_index,
60 def query_vpp_config(self):
61 eps = self._test.vapi.gbp_endpoint_dump()
63 if ep.endpoint.address == self.addr \
64 and ep.endpoint.sw_if_index == self.sw_if_index:
69 class VppGbpContract(VppObject):
74 def __init__(self, test, src_epg, dst_epg, acl_index):
76 self.acl_index = acl_index
77 self.src_epg = src_epg
78 self.dst_epg = dst_epg
80 def add_vpp_config(self):
81 self._test.vapi.gbp_contract_add_del(
86 self._test.registry.register(self, self._test.logger)
88 def remove_vpp_config(self):
89 self._test.vapi.gbp_contract_add_del(
96 return self.object_id()
99 return "gbp-contract;[%d:%s:%d]" % (self.src_epg,
103 def query_vpp_config(self):
104 eps = self._test.vapi.gbp_contract_dump()
106 if ep.contract.src_epg == self.src_epg \
107 and ep.contract.dst_epg == self.dst_epg:
112 class TestGBP(VppTestCase):
113 """ GBP Test Case """
116 super(TestGBP, self).setUp()
118 # create 6 pg interfaces for pg0 to pg5
119 self.create_pg_interfaces(range(6))
121 for i in self.pg_interfaces:
129 for i in self.pg_interfaces:
133 super(TestGBP, self).tearDown()
136 """ Group Based Policy v4 """
138 ep1 = VppGbpEndpoint(self,
139 self.pg0.sw_if_index,
143 ep2 = VppGbpEndpoint(self,
144 self.pg1.sw_if_index,
149 ep3 = VppGbpEndpoint(self,
150 self.pg2.sw_if_index,
154 ep4 = VppGbpEndpoint(self,
155 self.pg3.sw_if_index,
160 self.logger.info(self.vapi.cli("sh gbp endpoint"))
163 # in the abscense of policy, endpoints in the same EPG
166 pkt_intra_epg = (Ether(src=self.pg0.remote_mac,
167 dst=self.pg0.local_mac) /
168 IP(src=self.pg0.remote_ip4,
169 dst=self.pg1.remote_ip4) /
170 UDP(sport=1234, dport=1234) /
173 self.send_and_expect(self.pg0, pkt_intra_epg * 65, self.pg1)
176 # in the abscense of policy, endpoints in the different EPG
179 pkt_inter_epg_220_to_221 = (Ether(src=self.pg0.remote_mac,
180 dst=self.pg0.local_mac) /
181 IP(src=self.pg0.remote_ip4,
182 dst=self.pg2.remote_ip4) /
183 UDP(sport=1234, dport=1234) /
185 pkt_inter_epg_220_to_222 = (Ether(src=self.pg0.remote_mac,
186 dst=self.pg0.local_mac) /
187 IP(src=self.pg0.remote_ip4,
188 dst=self.pg3.remote_ip4) /
189 UDP(sport=1234, dport=1234) /
191 pkt_inter_epg_221_to_220 = (Ether(src=self.pg2.remote_mac,
192 dst=self.pg2.local_mac) /
193 IP(src=self.pg2.remote_ip4,
194 dst=self.pg0.remote_ip4) /
195 UDP(sport=1234, dport=1234) /
198 self.send_and_assert_no_replies(self.pg0,
199 pkt_inter_epg_220_to_221 * 65)
200 self.send_and_assert_no_replies(self.pg0,
201 pkt_inter_epg_221_to_220 * 65)
204 # A uni-directional contract from EPG 220 -> 221
206 c1 = VppGbpContract(self, 220, 221, 0xffffffff)
209 self.send_and_expect(self.pg0,
210 pkt_inter_epg_220_to_221 * 65,
212 self.send_and_assert_no_replies(self.pg2,
213 pkt_inter_epg_221_to_220 * 65)
216 # contract for the return direction
218 c2 = VppGbpContract(self, 221, 220, 0xffffffff)
221 self.send_and_expect(self.pg0,
222 pkt_inter_epg_220_to_221 * 65,
224 self.send_and_expect(self.pg2,
225 pkt_inter_epg_221_to_220 * 65,
229 # check that inter group is still disabled for the groups
230 # not in the contract.
232 self.send_and_assert_no_replies(self.pg0,
233 pkt_inter_epg_220_to_222 * 65)
235 self.logger.info(self.vapi.cli("sh gbp contract"))
238 # remove both contracts, traffic stops in both directions
240 c2.remove_vpp_config()
241 c1.remove_vpp_config()
243 self.send_and_assert_no_replies(self.pg2,
244 pkt_inter_epg_221_to_220 * 65)
245 self.send_and_assert_no_replies(self.pg0,
246 pkt_inter_epg_220_to_221 * 65)
247 self.send_and_expect(self.pg0, pkt_intra_epg * 65, self.pg1)
250 """ Group Based Policy v6 """
252 ep1 = VppGbpEndpoint(self,
253 self.pg0.sw_if_index,
258 ep2 = VppGbpEndpoint(self,
259 self.pg1.sw_if_index,
265 ep3 = VppGbpEndpoint(self,
266 self.pg2.sw_if_index,
271 ep4 = VppGbpEndpoint(self,
272 self.pg3.sw_if_index,
278 self.logger.info(self.vapi.cli("sh gbp endpoint"))
281 # in the abscense of policy, endpoints in the same EPG
284 pkt_intra_epg = (Ether(src=self.pg0.remote_mac,
285 dst=self.pg0.local_mac) /
286 IPv6(src=self.pg0.remote_ip6,
287 dst=self.pg1.remote_ip6) /
288 UDP(sport=1234, dport=1234) /
291 self.send_and_expect(self.pg0, pkt_intra_epg * 65, self.pg1)
294 # in the abscense of policy, endpoints in the different EPG
297 pkt_inter_epg_220_to_221 = (Ether(src=self.pg0.remote_mac,
298 dst=self.pg0.local_mac) /
299 IPv6(src=self.pg0.remote_ip6,
300 dst=self.pg2.remote_ip6) /
301 UDP(sport=1234, dport=1234) /
303 pkt_inter_epg_220_to_222 = (Ether(src=self.pg0.remote_mac,
304 dst=self.pg0.local_mac) /
305 IPv6(src=self.pg0.remote_ip6,
306 dst=self.pg3.remote_ip6) /
307 UDP(sport=1234, dport=1234) /
309 pkt_inter_epg_221_to_220 = (Ether(src=self.pg2.remote_mac,
310 dst=self.pg2.local_mac) /
311 IPv6(src=self.pg2.remote_ip6,
312 dst=self.pg0.remote_ip6) /
313 UDP(sport=1234, dport=1234) /
316 self.send_and_assert_no_replies(self.pg0,
317 pkt_inter_epg_220_to_221 * 65)
318 self.send_and_assert_no_replies(self.pg0,
319 pkt_inter_epg_221_to_220 * 65)
322 # A uni-directional contract from EPG 220 -> 221
324 c1 = VppGbpContract(self, 220, 221, 0xffffffff)
327 self.send_and_expect(self.pg0,
328 pkt_inter_epg_220_to_221 * 65,
330 self.send_and_assert_no_replies(self.pg2,
331 pkt_inter_epg_221_to_220 * 65)
334 # contract for the return direction
336 c2 = VppGbpContract(self, 221, 220, 0xffffffff)
339 self.send_and_expect(self.pg0,
340 pkt_inter_epg_220_to_221 * 65,
342 self.send_and_expect(self.pg2,
343 pkt_inter_epg_221_to_220 * 65,
347 # check that inter group is still disabled for the groups
348 # not in the contract.
350 self.send_and_assert_no_replies(self.pg0,
351 pkt_inter_epg_220_to_222 * 65)
353 self.logger.info(self.vapi.cli("sh gbp contract"))
356 # remove both contracts, traffic stops in both directions
358 c2.remove_vpp_config()
359 c1.remove_vpp_config()
361 self.send_and_assert_no_replies(self.pg2,
362 pkt_inter_epg_221_to_220 * 65)
363 self.send_and_assert_no_replies(self.pg0,
364 pkt_inter_epg_220_to_221 * 65)
365 self.send_and_expect(self.pg0, pkt_intra_epg * 65, self.pg1)
368 if __name__ == '__main__':
369 unittest.main(testRunner=VppTestRunner)