6 from scapy.contrib.mpls import MPLS
7 from scapy.contrib.gtp import GTP_U_Header
8 from scapy.layers.inet import IP, UDP, TCP, ICMP, icmptypes, icmpcodes
9 from scapy.layers.inet6 import IPv6
10 from scapy.layers.l2 import Ether, Dot1Q, ARP
11 from scapy.packet import Raw
14 from framework import VppTestCase
15 from asfframework import VppTestRunner, tag_fixme_vpp_workers
17 from vpp_ip_route import (
27 VppIpInterfaceAddress,
31 from vpp_ip import VppIpPuntPolicer, VppIpPuntRedirect, VppIpPathMtu
32 from vpp_sub_interface import VppSubInterface, VppDot1QSubint, VppDot1ADSubint
33 from vpp_papi import vpp_papi, VppEnum
34 from vpp_neighbor import VppNeighbor
35 from vpp_lo_interface import VppLoInterface
36 from vpp_policer import VppPolicer, PolicerAction
41 class TestIPv4(VppTestCase):
46 super(TestIPv4, cls).setUpClass()
49 def tearDownClass(cls):
50 super(TestIPv4, cls).tearDownClass()
54 Perform test setup before test case.
57 - create 3 pg interfaces
58 - untagged pg0 interface
59 - Dot1Q subinterface on pg1
60 - Dot1AD subinterface on pg2
62 - put it into UP state
64 - resolve neighbor address using ARP
65 - configure 200 fib entries
67 :ivar list interfaces: pg interfaces and subinterfaces.
68 :ivar dict flows: IPv4 packet flows in test.
70 super(TestIPv4, self).setUp()
72 # create 3 pg interfaces
73 self.create_pg_interfaces(range(3))
75 # create 2 subinterfaces for pg1 and pg2
76 self.sub_interfaces = [
77 VppDot1QSubint(self, self.pg1, 100),
78 VppDot1ADSubint(self, self.pg2, 200, 300, 400),
81 # packet flows mapping pg0 -> pg1.sub, pg2.sub, etc.
83 self.flows[self.pg0] = [self.pg1.sub_if, self.pg2.sub_if]
84 self.flows[self.pg1.sub_if] = [self.pg0, self.pg2.sub_if]
85 self.flows[self.pg2.sub_if] = [self.pg0, self.pg1.sub_if]
88 self.pg_if_packet_sizes = [64, 1500, 9020]
90 self.interfaces = list(self.pg_interfaces)
91 self.interfaces.extend(self.sub_interfaces)
93 # setup all interfaces
94 for i in self.interfaces:
99 # config 2M FIB entries
102 """Run standard test teardown and log ``show ip arp``."""
103 super(TestIPv4, self).tearDown()
105 def show_commands_at_teardown(self):
106 self.logger.info(self.vapi.cli("show ip4 neighbors"))
107 # info(self.vapi.cli("show ip fib")) # many entries
109 def modify_packet(self, src_if, packet_size, pkt):
110 """Add load, set destination IP and extend packet to required packet
111 size for defined interface.
113 :param VppInterface src_if: Interface to create packet for.
114 :param int packet_size: Required packet size.
115 :param Scapy pkt: Packet to be modified.
117 dst_if_idx = int(packet_size / 10 % 2)
118 dst_if = self.flows[src_if][dst_if_idx]
119 info = self.create_packet_info(src_if, dst_if)
120 payload = self.info_to_payload(info)
121 p = pkt / Raw(payload)
122 p[IP].dst = dst_if.remote_ip4
124 if isinstance(src_if, VppSubInterface):
125 p = src_if.add_dot1_layer(p)
126 self.extend_packet(p, packet_size)
130 def create_stream(self, src_if):
131 """Create input packet stream for defined interface.
133 :param VppInterface src_if: Interface to create packet stream for.
135 hdr_ext = 4 if isinstance(src_if, VppSubInterface) else 0
137 Ether(dst=src_if.local_mac, src=src_if.remote_mac)
138 / IP(src=src_if.remote_ip4)
139 / UDP(sport=1234, dport=1234)
143 self.modify_packet(src_if, i, pkt_tmpl)
144 for i in moves.range(
145 self.pg_if_packet_sizes[0], self.pg_if_packet_sizes[1], 10
149 self.modify_packet(src_if, i, pkt_tmpl)
150 for i in moves.range(
151 self.pg_if_packet_sizes[1] + hdr_ext,
152 self.pg_if_packet_sizes[2] + hdr_ext,
160 def verify_capture(self, dst_if, capture):
161 """Verify captured input packet stream for defined interface.
163 :param VppInterface dst_if: Interface to verify captured packet stream
165 :param list capture: Captured packet stream.
167 self.logger.info("Verifying capture on interface %s" % dst_if.name)
169 for i in self.interfaces:
170 last_info[i.sw_if_index] = None
172 dst_sw_if_index = dst_if.sw_if_index
173 if hasattr(dst_if, "parent"):
175 for packet in capture:
177 # Check VLAN tags and Ethernet header
178 packet = dst_if.remove_dot1_layer(packet)
179 self.assertTrue(Dot1Q not in packet)
183 payload_info = self.payload_to_info(packet[Raw])
184 packet_index = payload_info.index
185 self.assertEqual(payload_info.dst, dst_sw_if_index)
187 "Got packet on port %s: src=%u (id=%u)"
188 % (dst_if.name, payload_info.src, packet_index)
190 next_info = self.get_next_packet_info_for_interface2(
191 payload_info.src, dst_sw_if_index, last_info[payload_info.src]
193 last_info[payload_info.src] = next_info
194 self.assertTrue(next_info is not None)
195 self.assertEqual(packet_index, next_info.index)
196 saved_packet = next_info.data
197 # Check standard fields
198 self.assertEqual(ip.src, saved_packet[IP].src)
199 self.assertEqual(ip.dst, saved_packet[IP].dst)
200 self.assertEqual(udp.sport, saved_packet[UDP].sport)
201 self.assertEqual(udp.dport, saved_packet[UDP].dport)
203 self.logger.error(ppp("Unexpected or invalid packet:", packet))
205 for i in self.interfaces:
206 remaining_packet = self.get_next_packet_info_for_interface2(
207 i.sw_if_index, dst_sw_if_index, last_info[i.sw_if_index]
210 remaining_packet is None,
211 "Interface %s: Packet expected from interface %s "
212 "didn't arrive" % (dst_if.name, i.name),
220 - Create IPv4 stream for pg0 interface
221 - Create IPv4 tagged streams for pg1's and pg2's sub-interface.
222 - Send and verify received packets on each interface.
225 pkts = self.create_stream(self.pg0)
226 self.pg0.add_stream(pkts)
228 for i in self.sub_interfaces:
229 pkts = self.create_stream(i)
230 i.parent.add_stream(pkts)
232 self.pg_enable_capture(self.pg_interfaces)
235 pkts = self.pg0.get_capture()
236 self.verify_capture(self.pg0, pkts)
238 for i in self.sub_interfaces:
239 pkts = i.parent.get_capture()
240 self.verify_capture(i, pkts)
243 class TestIPv4RouteLookup(VppTestCase):
244 """IPv4 Route Lookup Test Case"""
248 def route_lookup(self, prefix, exact):
249 return self.vapi.api(
250 self.vapi.papi.ip_route_lookup,
260 super(TestIPv4RouteLookup, cls).setUpClass()
263 def tearDownClass(cls):
264 super(TestIPv4RouteLookup, cls).tearDownClass()
267 super(TestIPv4RouteLookup, self).setUp()
269 drop_nh = VppRoutePath(
270 "127.0.0.1", 0xFFFFFFFF, type=FibPathType.FIB_PATH_TYPE_DROP
274 r = VppIpRoute(self, "1.1.0.0", 16, [drop_nh])
276 self.routes.append(r)
278 r = VppIpRoute(self, "1.1.1.0", 24, [drop_nh])
280 self.routes.append(r)
282 r = VppIpRoute(self, "1.1.1.1", 32, [drop_nh])
284 self.routes.append(r)
287 # Remove the routes we added
288 for r in self.routes:
289 r.remove_vpp_config()
291 super(TestIPv4RouteLookup, self).tearDown()
293 def test_exact_match(self):
294 # Verify we find the host route
295 prefix = "1.1.1.1/32"
296 result = self.route_lookup(prefix, True)
297 assert prefix == str(result.route.prefix)
299 # Verify we find a middle prefix route
300 prefix = "1.1.1.0/24"
301 result = self.route_lookup(prefix, True)
302 assert prefix == str(result.route.prefix)
304 # Verify we do not find an available LPM.
305 with self.vapi.assert_negative_api_retval():
306 self.route_lookup("1.1.1.2/32", True)
308 def test_longest_prefix_match(self):
310 lpm_prefix = "1.1.1.0/24"
311 result = self.route_lookup("1.1.1.2/32", False)
312 assert lpm_prefix == str(result.route.prefix)
314 # Verify we find the exact when not requested
315 result = self.route_lookup(lpm_prefix, False)
316 assert lpm_prefix == str(result.route.prefix)
318 # Can't seem to delete the default route so no negative LPM test.
321 class TestIPv4IfAddrRoute(VppTestCase):
322 """IPv4 Interface Addr Route Test Case"""
326 super(TestIPv4IfAddrRoute, cls).setUpClass()
329 def tearDownClass(cls):
330 super(TestIPv4IfAddrRoute, cls).tearDownClass()
333 super(TestIPv4IfAddrRoute, self).setUp()
335 # create 1 pg interface
336 self.create_pg_interfaces(range(1))
338 for i in self.pg_interfaces:
344 super(TestIPv4IfAddrRoute, self).tearDown()
345 for i in self.pg_interfaces:
349 def test_ipv4_ifaddrs_same_prefix(self):
350 """IPv4 Interface Addresses Same Prefix test
354 - Verify no route in FIB for prefix 10.10.10.0/24
355 - Configure IPv4 address 10.10.10.10/24 on an interface
356 - Verify route in FIB for prefix 10.10.10.0/24
357 - Configure IPv4 address 10.10.10.20/24 on an interface
358 - Delete 10.10.10.10/24 from interface
359 - Verify route in FIB for prefix 10.10.10.0/24
360 - Delete 10.10.10.20/24 from interface
361 - Verify no route in FIB for prefix 10.10.10.0/24
364 # create two addresses, verify route not present
365 if_addr1 = VppIpInterfaceAddress(self, self.pg0, "10.10.10.10", 24)
366 if_addr2 = VppIpInterfaceAddress(self, self.pg0, "10.10.10.20", 24)
367 self.assertFalse(if_addr1.query_vpp_config()) # 10.10.10.10/24
368 self.assertFalse(find_route(self, "10.10.10.10", 32))
369 self.assertFalse(find_route(self, "10.10.10.20", 32))
370 self.assertFalse(find_route(self, "10.10.10.255", 32))
371 self.assertFalse(find_route(self, "10.10.10.0", 32))
373 # configure first address, verify route present
374 if_addr1.add_vpp_config()
375 self.assertTrue(if_addr1.query_vpp_config()) # 10.10.10.10/24
376 self.assertTrue(find_route(self, "10.10.10.10", 32))
377 self.assertFalse(find_route(self, "10.10.10.20", 32))
378 self.assertTrue(find_route(self, "10.10.10.255", 32))
379 self.assertTrue(find_route(self, "10.10.10.0", 32))
381 # configure second address, delete first, verify route not removed
382 if_addr2.add_vpp_config()
383 if_addr1.remove_vpp_config()
384 self.assertFalse(if_addr1.query_vpp_config()) # 10.10.10.10/24
385 self.assertTrue(if_addr2.query_vpp_config()) # 10.10.10.20/24
386 self.assertFalse(find_route(self, "10.10.10.10", 32))
387 self.assertTrue(find_route(self, "10.10.10.20", 32))
388 self.assertTrue(find_route(self, "10.10.10.255", 32))
389 self.assertTrue(find_route(self, "10.10.10.0", 32))
391 # delete second address, verify route removed
392 if_addr2.remove_vpp_config()
393 self.assertFalse(if_addr2.query_vpp_config()) # 10.10.10.20/24
394 self.assertFalse(find_route(self, "10.10.10.10", 32))
395 self.assertFalse(find_route(self, "10.10.10.20", 32))
396 self.assertFalse(find_route(self, "10.10.10.255", 32))
397 self.assertFalse(find_route(self, "10.10.10.0", 32))
399 def test_ipv4_ifaddr_route(self):
400 """IPv4 Interface Address Route test
405 - Configure IPv4 address on loopback
406 - Verify that address is not in the FIB
408 - Verify that address is in the FIB now
409 - Bring loopback down
410 - Verify that address is not in the FIB anymore
412 - Configure IPv4 address on loopback
413 - Verify that address is in the FIB now
416 # create a loopback and configure IPv4
417 loopbacks = self.create_loopback_interfaces(1)
418 lo_if = self.lo_interfaces[0]
420 lo_if.local_ip4_prefix_len = 32
423 # The intf was down when addr was added -> entry not in FIB
424 fib4_dump = self.vapi.ip_route_dump(0)
425 self.assertFalse(lo_if.is_ip4_entry_in_fib_dump(fib4_dump))
427 # When intf is brought up, entry is added
429 fib4_dump = self.vapi.ip_route_dump(0)
430 self.assertTrue(lo_if.is_ip4_entry_in_fib_dump(fib4_dump))
432 # When intf is brought down, entry is removed
434 fib4_dump = self.vapi.ip_route_dump(0)
435 self.assertFalse(lo_if.is_ip4_entry_in_fib_dump(fib4_dump))
437 # Remove addr, bring up interface, re-add -> entry in FIB
441 fib4_dump = self.vapi.ip_route_dump(0)
442 self.assertTrue(lo_if.is_ip4_entry_in_fib_dump(fib4_dump))
444 def test_ipv4_ifaddr_del(self):
445 """Delete an interface address that does not exist"""
447 loopbacks = self.create_loopback_interfaces(1)
448 lo = self.lo_interfaces[0]
454 # try and remove pg0's subnet from lo
456 with self.vapi.assert_negative_api_retval():
457 self.vapi.sw_interface_add_del_address(
458 sw_if_index=lo.sw_if_index, prefix=self.pg0.local_ip4_prefix, is_add=0
462 class TestICMPEcho(VppTestCase):
463 """ICMP Echo Test Case"""
467 super(TestICMPEcho, cls).setUpClass()
470 def tearDownClass(cls):
471 super(TestICMPEcho, cls).tearDownClass()
474 super(TestICMPEcho, self).setUp()
476 # create 1 pg interface
477 self.create_pg_interfaces(range(1))
479 for i in self.pg_interfaces:
485 super(TestICMPEcho, self).tearDown()
486 for i in self.pg_interfaces:
490 def test_icmp_echo(self):
491 """VPP replies to ICMP Echo Request
495 - Receive ICMP Echo Request message on pg0 interface.
496 - Check outgoing ICMP Echo Reply message on pg0 interface.
501 icmp_load = b"\x0a" * 18
503 Ether(src=self.pg0.remote_mac, dst=self.pg0.local_mac)
504 / IP(src=self.pg0.remote_ip4, dst=self.pg0.local_ip4)
505 / ICMP(id=icmp_id, seq=icmp_seq)
506 / Raw(load=icmp_load)
509 self.pg0.add_stream(p_echo_request)
510 self.pg_enable_capture(self.pg_interfaces)
513 rx = self.pg0.get_capture(1)
519 self.assertEqual(ether.src, self.pg0.local_mac)
520 self.assertEqual(ether.dst, self.pg0.remote_mac)
522 self.assertEqual(ipv4.src, self.pg0.local_ip4)
523 self.assertEqual(ipv4.dst, self.pg0.remote_ip4)
525 self.assertEqual(icmptypes[icmp.type], "echo-reply")
526 self.assertEqual(icmp.id, icmp_id)
527 self.assertEqual(icmp.seq, icmp_seq)
528 self.assertEqual(icmp[Raw].load, icmp_load)
531 class TestIPv4FibCrud(VppTestCase):
532 """FIB - add/update/delete - ip4 routes
540 ..note:: Python API is too slow to add many routes, needs replacement.
543 def config_fib_many_to_one(self, start_dest_addr, next_hop_addr, count, start=0):
546 :param start_dest_addr:
547 :param next_hop_addr:
549 :return list: added ips with 32 prefix
552 for i in range(count):
555 start_dest_addr % (i + start),
557 [VppRoutePath(next_hop_addr, 0xFFFFFFFF)],
563 def unconfig_fib_many_to_one(self, start_dest_addr, next_hop_addr, count, start=0):
565 for i in range(count):
568 start_dest_addr % (i + start),
570 [VppRoutePath(next_hop_addr, 0xFFFFFFFF)],
572 r.remove_vpp_config()
576 def create_stream(self, src_if, dst_if, routes, count):
579 for _ in range(count):
580 dst_addr = random.choice(routes).prefix.network_address
581 info = self.create_packet_info(src_if, dst_if)
582 payload = self.info_to_payload(info)
584 Ether(dst=src_if.local_mac, src=src_if.remote_mac)
585 / IP(src=src_if.remote_ip4, dst=str(dst_addr))
586 / UDP(sport=1234, dport=1234)
590 self.extend_packet(p, random.choice(self.pg_if_packet_sizes))
595 def _find_ip_match(self, find_in, pkt):
597 if self.payload_to_info(p[Raw]) == self.payload_to_info(pkt[Raw]):
598 if p[IP].src != pkt[IP].src:
600 if p[IP].dst != pkt[IP].dst:
602 if p[UDP].sport != pkt[UDP].sport:
604 if p[UDP].dport != pkt[UDP].dport:
609 def verify_capture(self, dst_interface, received_pkts, expected_pkts):
610 self.assertEqual(len(received_pkts), len(expected_pkts))
611 to_verify = list(expected_pkts)
612 for p in received_pkts:
613 self.assertEqual(p.src, dst_interface.local_mac)
614 self.assertEqual(p.dst, dst_interface.remote_mac)
615 x = self._find_ip_match(to_verify, p)
617 self.assertListEqual(to_verify, [])
619 def verify_route_dump(self, routes):
622 find_route(self, r.prefix.network_address, r.prefix.prefixlen)
625 def verify_not_in_route_dump(self, routes):
628 find_route(self, r.prefix.network_address, r.prefix.prefixlen)
634 #. Create and initialize 3 pg interfaces.
635 #. initialize class attributes configured_routes and deleted_routes
636 to store information between tests.
638 super(TestIPv4FibCrud, cls).setUpClass()
641 # create 3 pg interfaces
642 cls.create_pg_interfaces(range(3))
644 cls.interfaces = list(cls.pg_interfaces)
646 # setup all interfaces
647 for i in cls.interfaces:
652 cls.configured_routes = []
653 cls.deleted_routes = []
654 cls.pg_if_packet_sizes = [64, 512, 1518, 9018]
657 super(TestIPv4FibCrud, cls).tearDownClass()
661 def tearDownClass(cls):
662 super(TestIPv4FibCrud, cls).tearDownClass()
665 super(TestIPv4FibCrud, self).setUp()
666 self.reset_packet_infos()
668 self.configured_routes = []
669 self.deleted_routes = []
671 def test_1_add_routes(self):
674 # add 100 routes check with traffic script.
675 self.configured_routes.extend(
676 self.config_fib_many_to_one("10.0.0.%d", self.pg0.remote_ip4, 100)
679 self.verify_route_dump(self.configured_routes)
681 self.stream_1 = self.create_stream(
682 self.pg1, self.pg0, self.configured_routes, 100
684 self.stream_2 = self.create_stream(
685 self.pg2, self.pg0, self.configured_routes, 100
687 self.pg1.add_stream(self.stream_1)
688 self.pg2.add_stream(self.stream_2)
690 self.pg_enable_capture(self.pg_interfaces)
693 pkts = self.pg0.get_capture(len(self.stream_1) + len(self.stream_2))
694 self.verify_capture(self.pg0, pkts, self.stream_1 + self.stream_2)
696 def test_2_del_routes(self):
699 - delete 10 routes check with traffic script.
701 # config 1M FIB entries
702 self.configured_routes.extend(
703 self.config_fib_many_to_one("10.0.0.%d", self.pg0.remote_ip4, 100)
705 self.deleted_routes.extend(
706 self.unconfig_fib_many_to_one(
707 "10.0.0.%d", self.pg0.remote_ip4, 10, start=10
710 for x in self.deleted_routes:
711 self.configured_routes.remove(x)
713 self.verify_route_dump(self.configured_routes)
715 self.stream_1 = self.create_stream(
716 self.pg1, self.pg0, self.configured_routes, 100
718 self.stream_2 = self.create_stream(
719 self.pg2, self.pg0, self.configured_routes, 100
721 self.stream_3 = self.create_stream(self.pg1, self.pg0, self.deleted_routes, 100)
722 self.stream_4 = self.create_stream(self.pg2, self.pg0, self.deleted_routes, 100)
723 self.pg1.add_stream(self.stream_1 + self.stream_3)
724 self.pg2.add_stream(self.stream_2 + self.stream_4)
725 self.pg_enable_capture(self.pg_interfaces)
728 pkts = self.pg0.get_capture(len(self.stream_1) + len(self.stream_2))
729 self.verify_capture(self.pg0, pkts, self.stream_1 + self.stream_2)
731 def test_3_add_new_routes(self):
734 - re-add 5 routes check with traffic script.
735 - add 100 routes check with traffic script.
737 # config 1M FIB entries
738 self.configured_routes.extend(
739 self.config_fib_many_to_one("10.0.0.%d", self.pg0.remote_ip4, 100)
741 self.deleted_routes.extend(
742 self.unconfig_fib_many_to_one(
743 "10.0.0.%d", self.pg0.remote_ip4, 10, start=10
746 for x in self.deleted_routes:
747 self.configured_routes.remove(x)
749 tmp = self.config_fib_many_to_one("10.0.0.%d", self.pg0.remote_ip4, 5, start=10)
750 self.configured_routes.extend(tmp)
752 self.deleted_routes.remove(x)
754 self.configured_routes.extend(
755 self.config_fib_many_to_one("10.0.1.%d", self.pg0.remote_ip4, 100)
758 self.verify_route_dump(self.configured_routes)
760 self.stream_1 = self.create_stream(
761 self.pg1, self.pg0, self.configured_routes, 300
763 self.stream_2 = self.create_stream(
764 self.pg2, self.pg0, self.configured_routes, 300
766 self.stream_3 = self.create_stream(self.pg1, self.pg0, self.deleted_routes, 100)
767 self.stream_4 = self.create_stream(self.pg2, self.pg0, self.deleted_routes, 100)
769 self.pg1.add_stream(self.stream_1 + self.stream_3)
770 self.pg2.add_stream(self.stream_2 + self.stream_4)
771 self.pg_enable_capture(self.pg_interfaces)
774 pkts = self.pg0.get_capture(len(self.stream_1) + len(self.stream_2))
775 self.verify_capture(self.pg0, pkts, self.stream_1 + self.stream_2)
777 # delete 5 routes check with traffic script.
778 # add 100 routes check with traffic script.
779 self.deleted_routes.extend(
780 self.unconfig_fib_many_to_one("10.0.0.%d", self.pg0.remote_ip4, 15)
782 self.deleted_routes.extend(
783 self.unconfig_fib_many_to_one("10.0.0.%d", self.pg0.remote_ip4, 85)
785 self.deleted_routes.extend(
786 self.unconfig_fib_many_to_one("10.0.1.%d", self.pg0.remote_ip4, 100)
788 self.verify_not_in_route_dump(self.deleted_routes)
791 class TestIPNull(VppTestCase):
792 """IPv4 routes via NULL"""
796 super(TestIPNull, cls).setUpClass()
799 def tearDownClass(cls):
800 super(TestIPNull, cls).tearDownClass()
803 super(TestIPNull, self).setUp()
805 # create 2 pg interfaces
806 self.create_pg_interfaces(range(2))
808 for i in self.pg_interfaces:
814 super(TestIPNull, self).tearDown()
815 for i in self.pg_interfaces:
819 def test_ip_null(self):
823 # A route via IP NULL that will reply with ICMP unreachables
825 ip_unreach = VppIpRoute(
831 "0.0.0.0", 0xFFFFFFFF, type=FibPathType.FIB_PATH_TYPE_ICMP_UNREACH
835 ip_unreach.add_vpp_config()
838 Ether(src=self.pg0.remote_mac, dst=self.pg0.local_mac)
839 / IP(src=self.pg0.remote_ip4, dst="10.0.0.1")
840 / UDP(sport=1234, dport=1234)
843 self.pg0.add_stream(p_unreach)
844 self.pg_enable_capture(self.pg_interfaces)
847 rx = self.pg0.get_capture(1)
851 self.assertEqual(icmptypes[icmp.type], "dest-unreach")
852 self.assertEqual(icmpcodes[icmp.type][icmp.code], "host-unreachable")
853 self.assertEqual(icmp.src, self.pg0.remote_ip4)
854 self.assertEqual(icmp.dst, "10.0.0.1")
857 # ICMP replies are rate limited. so sit and spin.
862 # A route via IP NULL that will reply with ICMP prohibited
864 ip_prohibit = VppIpRoute(
870 "0.0.0.0", 0xFFFFFFFF, type=FibPathType.FIB_PATH_TYPE_ICMP_PROHIBIT
874 ip_prohibit.add_vpp_config()
877 Ether(src=self.pg0.remote_mac, dst=self.pg0.local_mac)
878 / IP(src=self.pg0.remote_ip4, dst="10.0.0.2")
879 / UDP(sport=1234, dport=1234)
883 self.pg0.add_stream(p_prohibit)
884 self.pg_enable_capture(self.pg_interfaces)
887 rx = self.pg0.get_capture(1)
892 self.assertEqual(icmptypes[icmp.type], "dest-unreach")
893 self.assertEqual(icmpcodes[icmp.type][icmp.code], "host-prohibited")
894 self.assertEqual(icmp.src, self.pg0.remote_ip4)
895 self.assertEqual(icmp.dst, "10.0.0.2")
897 def test_ip_drop(self):
901 Ether(src=self.pg0.remote_mac, dst=self.pg0.local_mac)
902 / IP(src=self.pg0.remote_ip4, dst="1.1.1.1")
903 / UDP(sport=1234, dport=1234)
911 [VppRoutePath(self.pg1.remote_ip4, self.pg1.sw_if_index)],
915 rx = self.send_and_expect(self.pg0, p * NUM_PKTS, self.pg1)
918 # insert a more specific as a drop
924 [VppRoutePath("0.0.0.0", 0xFFFFFFFF, type=FibPathType.FIB_PATH_TYPE_DROP)],
928 self.send_and_assert_no_replies(self.pg0, p * NUM_PKTS, "Drop Route")
929 r2.remove_vpp_config()
930 rx = self.send_and_expect(self.pg0, p * NUM_PKTS, self.pg1)
933 class TestIPDisabled(VppTestCase):
938 super(TestIPDisabled, cls).setUpClass()
941 def tearDownClass(cls):
942 super(TestIPDisabled, cls).tearDownClass()
945 super(TestIPDisabled, self).setUp()
947 # create 2 pg interfaces
948 self.create_pg_interfaces(range(2))
952 self.pg0.config_ip4()
953 self.pg0.resolve_arp()
955 # PG 1 is not IP enabled
959 super(TestIPDisabled, self).tearDown()
960 for i in self.pg_interfaces:
964 def test_ip_disabled(self):
967 MRouteItfFlags = VppEnum.vl_api_mfib_itf_flags_t
968 MRouteEntryFlags = VppEnum.vl_api_mfib_entry_flags_t
972 # one accepting interface, pg0, 2 forwarding interfaces
974 route_232_1_1_1 = VppIpMRoute(
979 MRouteEntryFlags.MFIB_API_ENTRY_FLAG_NONE,
982 self.pg1.sw_if_index, MRouteItfFlags.MFIB_API_ITF_FLAG_ACCEPT
985 self.pg0.sw_if_index, MRouteItfFlags.MFIB_API_ITF_FLAG_FORWARD
989 route_232_1_1_1.add_vpp_config()
992 Ether(src=self.pg1.remote_mac, dst=self.pg1.local_mac)
993 / IP(src="10.10.10.10", dst=self.pg0.remote_ip4)
994 / UDP(sport=1234, dport=1234)
998 Ether(src=self.pg1.remote_mac, dst=self.pg1.local_mac)
999 / IP(src="10.10.10.10", dst="232.1.1.1")
1000 / UDP(sport=1234, dport=1234)
1001 / Raw(b"\xa5" * 100)
1005 # PG1 does not forward IP traffic
1007 self.send_and_assert_no_replies(self.pg1, pu, "IP disabled")
1008 self.send_and_assert_no_replies(self.pg1, pm, "IP disabled")
1013 self.pg1.config_ip4()
1016 # Now we get packets through
1018 self.pg1.add_stream(pu)
1019 self.pg_enable_capture(self.pg_interfaces)
1021 rx = self.pg0.get_capture(1)
1023 self.pg1.add_stream(pm)
1024 self.pg_enable_capture(self.pg_interfaces)
1026 rx = self.pg0.get_capture(1)
1031 self.pg1.unconfig_ip4()
1034 # PG1 does not forward IP traffic
1036 self.send_and_assert_no_replies(self.pg1, pu, "IP disabled")
1037 self.send_and_assert_no_replies(self.pg1, pm, "IP disabled")
1040 class TestIPSubNets(VppTestCase):
1044 def setUpClass(cls):
1045 super(TestIPSubNets, cls).setUpClass()
1048 def tearDownClass(cls):
1049 super(TestIPSubNets, cls).tearDownClass()
1052 super(TestIPSubNets, self).setUp()
1054 # create a 2 pg interfaces
1055 self.create_pg_interfaces(range(2))
1057 # pg0 we will use to experiment
1060 # pg1 is setup normally
1062 self.pg1.config_ip4()
1063 self.pg1.resolve_arp()
1066 super(TestIPSubNets, self).tearDown()
1067 for i in self.pg_interfaces:
1070 def test_ip_sub_nets(self):
1074 # Configure a covering route to forward so we know
1075 # when we are dropping
1077 cover_route = VppIpRoute(
1081 [VppRoutePath(self.pg1.remote_ip4, self.pg1.sw_if_index)],
1083 cover_route.add_vpp_config()
1086 Ether(src=self.pg1.remote_mac, dst=self.pg1.local_mac)
1087 / IP(dst="10.10.10.10", src=self.pg0.local_ip4)
1088 / UDP(sport=1234, dport=1234)
1089 / Raw(b"\xa5" * 100)
1092 self.pg1.add_stream(p)
1093 self.pg_enable_capture(self.pg_interfaces)
1095 rx = self.pg1.get_capture(1)
1098 # Configure some non-/24 subnets on an IP interface
1100 ip_addr_n = socket.inet_pton(socket.AF_INET, "10.10.10.10")
1102 self.vapi.sw_interface_add_del_address(
1103 sw_if_index=self.pg0.sw_if_index, prefix="10.10.10.10/16"
1107 Ether(src=self.pg1.remote_mac, dst=self.pg1.local_mac)
1108 / IP(dst="10.10.0.0", src=self.pg0.local_ip4)
1109 / UDP(sport=1234, dport=1234)
1110 / Raw(b"\xa5" * 100)
1113 Ether(src=self.pg1.remote_mac, dst=self.pg1.local_mac)
1114 / IP(dst="10.10.255.255", src=self.pg0.local_ip4)
1115 / UDP(sport=1234, dport=1234)
1116 / Raw(b"\xa5" * 100)
1119 self.send_and_assert_no_replies(self.pg1, pn, "IP Network address")
1120 self.send_and_assert_no_replies(self.pg1, pb, "IP Broadcast address")
1122 # remove the sub-net and we are forwarding via the cover again
1123 self.vapi.sw_interface_add_del_address(
1124 sw_if_index=self.pg0.sw_if_index, prefix="10.10.10.10/16", is_add=0
1127 self.pg1.add_stream(pn)
1128 self.pg_enable_capture(self.pg_interfaces)
1130 rx = self.pg1.get_capture(1)
1131 self.pg1.add_stream(pb)
1132 self.pg_enable_capture(self.pg_interfaces)
1134 rx = self.pg1.get_capture(1)
1137 # A /31 is a special case where the 'other-side' is an attached host
1138 # packets to that peer generate ARP requests
1140 ip_addr_n = socket.inet_pton(socket.AF_INET, "10.10.10.10")
1142 self.vapi.sw_interface_add_del_address(
1143 sw_if_index=self.pg0.sw_if_index, prefix="10.10.10.10/31"
1147 Ether(src=self.pg1.remote_mac, dst=self.pg1.local_mac)
1148 / IP(dst="10.10.10.11", src=self.pg0.local_ip4)
1149 / UDP(sport=1234, dport=1234)
1150 / Raw(b"\xa5" * 100)
1153 self.pg1.add_stream(pn)
1154 self.pg_enable_capture(self.pg_interfaces)
1156 rx = self.pg0.get_capture(1)
1159 # remove the sub-net and we are forwarding via the cover again
1160 self.vapi.sw_interface_add_del_address(
1161 sw_if_index=self.pg0.sw_if_index, prefix="10.10.10.10/31", is_add=0
1164 self.pg1.add_stream(pn)
1165 self.pg_enable_capture(self.pg_interfaces)
1167 rx = self.pg1.get_capture(1)
1170 class TestIPLoadBalance(VppTestCase):
1171 """IPv4 Load-Balancing"""
1174 def setUpClass(cls):
1175 super(TestIPLoadBalance, cls).setUpClass()
1178 def tearDownClass(cls):
1179 super(TestIPLoadBalance, cls).tearDownClass()
1182 super(TestIPLoadBalance, self).setUp()
1184 self.create_pg_interfaces(range(5))
1185 mpls_tbl = VppMplsTable(self, 0)
1186 mpls_tbl.add_vpp_config()
1188 for i in self.pg_interfaces:
1195 for i in self.pg_interfaces:
1199 super(TestIPLoadBalance, self).tearDown()
1201 def total_len(self, rxs):
1207 def test_ip_load_balance(self):
1208 """IP Load-Balancing"""
1210 fhc = VppEnum.vl_api_ip_flow_hash_config_t
1211 fhcv2 = VppEnum.vl_api_ip_flow_hash_config_v2_t
1212 af = VppEnum.vl_api_address_family_t
1215 # An array of packets that differ only in the destination port
1222 # An array of packets that differ only in the source address
1228 for ii in range(NUM_PKTS):
1229 internal_src_ip_hdr = IP(dst="10.0.0.1", src="20.0.0.1")
1233 / UDP(sport=1234, dport=1234 + ii)
1234 / Raw(b"\xa5" * 100)
1236 port_ip_pkts.append(
1237 (Ether(src=self.pg0.remote_mac, dst=self.pg0.local_mac) / port_ip_hdr)
1239 port_mpls_pkts.append(
1241 Ether(src=self.pg0.remote_mac, dst=self.pg0.local_mac)
1242 / MPLS(label=66, ttl=2)
1246 port_gtp_pkts.append(
1248 Ether(src=self.pg0.remote_mac, dst=self.pg0.local_mac)
1249 / internal_src_ip_hdr
1250 / UDP(sport=2152, dport=2152, chksum=0)
1251 / GTP_U_Header(gtp_type="g_pdu", teid=200)
1252 / Raw(b"\xa5" * 100)
1257 IP(dst="10.0.0.1", src="20.0.0.%d" % ii)
1258 / UDP(sport=1234, dport=1234)
1259 / Raw(b"\xa5" * 100)
1262 (Ether(src=self.pg0.remote_mac, dst=self.pg0.local_mac) / src_ip_hdr)
1264 src_mpls_pkts.append(
1266 Ether(src=self.pg0.remote_mac, dst=self.pg0.local_mac)
1267 / MPLS(label=66, ttl=2)
1271 src_gtp_pkts.append(
1273 Ether(src=self.pg0.remote_mac, dst=self.pg0.local_mac)
1274 / IP(dst="10.0.0.1", src="20.0.0.1")
1275 / UDP(sport=2152, dport=2152, chksum=0)
1276 / GTP_U_Header(gtp_type="g_pdu", teid=ii)
1277 / Raw(b"\xa5" * 100)
1281 route_10_0_0_1 = VppIpRoute(
1286 VppRoutePath(self.pg1.remote_ip4, self.pg1.sw_if_index),
1287 VppRoutePath(self.pg2.remote_ip4, self.pg2.sw_if_index),
1290 route_10_0_0_1.add_vpp_config()
1292 binding = VppMplsIpBind(self, 66, "10.0.0.1", 32)
1293 binding.add_vpp_config()
1296 # inject the packet on pg0 - expect load-balancing across the 2 paths
1297 # - since the default hash config is to use IP src,dst and port
1299 # We are not going to ensure equal amounts of packets across each link,
1300 # since the hash algorithm is statistical and therefore this can never
1301 # be guaranteed. But with 64 different packets we do expect some
1302 # balancing. So instead just ensure there is traffic on each link.
1304 rx = self.send_and_expect_load_balancing(
1305 self.pg0, port_ip_pkts, [self.pg1, self.pg2]
1307 n_ip_pg0 = len(rx[0])
1308 self.send_and_expect_load_balancing(self.pg0, src_ip_pkts, [self.pg1, self.pg2])
1309 self.send_and_expect_load_balancing(
1310 self.pg0, port_mpls_pkts, [self.pg1, self.pg2]
1312 rx = self.send_and_expect_load_balancing(
1313 self.pg0, src_mpls_pkts, [self.pg1, self.pg2]
1315 n_mpls_pg0 = len(rx[0])
1318 # change the router ID and expect the distribution changes
1320 self.vapi.set_ip_flow_hash_router_id(router_id=0x11111111)
1322 rx = self.send_and_expect_load_balancing(
1323 self.pg0, port_ip_pkts, [self.pg1, self.pg2]
1325 self.assertNotEqual(n_ip_pg0, len(rx[0]))
1327 rx = self.send_and_expect_load_balancing(
1328 self.pg0, src_mpls_pkts, [self.pg1, self.pg2]
1330 self.assertNotEqual(n_mpls_pg0, len(rx[0]))
1333 # change the flow hash config so it's only IP src,dst
1334 # - now only the stream with differing source address will
1337 self.vapi.set_ip_flow_hash_v2(
1341 fhc.IP_API_FLOW_HASH_SRC_IP
1342 | fhc.IP_API_FLOW_HASH_DST_IP
1343 | fhc.IP_API_FLOW_HASH_PROTO
1347 self.send_and_expect_load_balancing(self.pg0, src_ip_pkts, [self.pg1, self.pg2])
1348 self.send_and_expect_load_balancing(
1349 self.pg0, src_mpls_pkts, [self.pg1, self.pg2]
1352 self.send_and_expect_only(self.pg0, port_ip_pkts, self.pg2)
1355 # this case gtp v1 teid key LB
1357 self.vapi.set_ip_flow_hash_v3(
1361 fhcv2.IP_API_V2_FLOW_HASH_SRC_IP
1362 | fhcv2.IP_API_V2_FLOW_HASH_PROTO
1363 | fhcv2.IP_API_V2_FLOW_HASH_GTPV1_TEID
1366 self.logger.info(self.vapi.cli("show ip fib"))
1368 self.send_and_expect_load_balancing(
1369 self.pg0, src_gtp_pkts, [self.pg1, self.pg2]
1372 self.send_and_expect_only(self.pg0, port_gtp_pkts, self.pg2)
1375 # change the flow hash config back to defaults
1377 self.vapi.set_ip_flow_hash(vrf_id=0, src=1, dst=1, proto=1, sport=1, dport=1)
1380 # Recursive prefixes
1381 # - testing that 2 stages of load-balancing occurs and there is no
1382 # polarisation (i.e. only 2 of 4 paths are used)
1387 for ii in range(257):
1390 Ether(src=self.pg0.remote_mac, dst=self.pg0.local_mac)
1391 / IP(dst="1.1.1.1", src="20.0.0.1")
1392 / UDP(sport=1234, dport=1234 + ii)
1393 / Raw(b"\xa5" * 100)
1398 Ether(src=self.pg0.remote_mac, dst=self.pg0.local_mac)
1399 / IP(dst="1.1.1.1", src="20.0.0.%d" % ii)
1400 / UDP(sport=1234, dport=1234)
1401 / Raw(b"\xa5" * 100)
1405 route_10_0_0_2 = VppIpRoute(
1410 VppRoutePath(self.pg3.remote_ip4, self.pg3.sw_if_index),
1411 VppRoutePath(self.pg4.remote_ip4, self.pg4.sw_if_index),
1414 route_10_0_0_2.add_vpp_config()
1416 route_1_1_1_1 = VppIpRoute(
1421 VppRoutePath("10.0.0.2", 0xFFFFFFFF),
1422 VppRoutePath("10.0.0.1", 0xFFFFFFFF),
1425 route_1_1_1_1.add_vpp_config()
1428 # inject the packet on pg0 - expect load-balancing across all 4 paths
1430 self.vapi.cli("clear trace")
1431 self.send_and_expect_load_balancing(
1432 self.pg0, port_pkts, [self.pg1, self.pg2, self.pg3, self.pg4]
1434 self.send_and_expect_load_balancing(
1435 self.pg0, src_pkts, [self.pg1, self.pg2, self.pg3, self.pg4]
1439 # bring down pg1 expect LB to adjust to use only those that are up
1441 self.pg1.link_down()
1443 rx = self.send_and_expect_load_balancing(
1444 self.pg0, src_pkts, [self.pg2, self.pg3, self.pg4]
1446 self.assertEqual(len(src_pkts), self.total_len(rx))
1449 # bring down pg2 expect LB to adjust to use only those that are up
1451 self.pg2.link_down()
1453 rx = self.send_and_expect_load_balancing(
1454 self.pg0, src_pkts, [self.pg3, self.pg4]
1456 self.assertEqual(len(src_pkts), self.total_len(rx))
1459 # bring the links back up - expect LB over all again
1464 rx = self.send_and_expect_load_balancing(
1465 self.pg0, src_pkts, [self.pg1, self.pg2, self.pg3, self.pg4]
1467 self.assertEqual(len(src_pkts), self.total_len(rx))
1470 # The same link-up/down but this time admin state
1472 self.pg1.admin_down()
1473 self.pg2.admin_down()
1474 rx = self.send_and_expect_load_balancing(
1475 self.pg0, src_pkts, [self.pg3, self.pg4]
1477 self.assertEqual(len(src_pkts), self.total_len(rx))
1480 self.pg1.resolve_arp()
1481 self.pg2.resolve_arp()
1482 rx = self.send_and_expect_load_balancing(
1483 self.pg0, src_pkts, [self.pg1, self.pg2, self.pg3, self.pg4]
1485 self.assertEqual(len(src_pkts), self.total_len(rx))
1488 # Recursive prefixes
1489 # - testing that 2 stages of load-balancing, no choices
1493 for ii in range(257):
1496 Ether(src=self.pg0.remote_mac, dst=self.pg0.local_mac)
1497 / IP(dst="1.1.1.2", src="20.0.0.2")
1498 / UDP(sport=1234, dport=1234 + ii)
1499 / Raw(b"\xa5" * 100)
1503 route_10_0_0_3 = VppIpRoute(
1507 [VppRoutePath(self.pg3.remote_ip4, self.pg3.sw_if_index)],
1509 route_10_0_0_3.add_vpp_config()
1511 route_1_1_1_2 = VppIpRoute(
1512 self, "1.1.1.2", 32, [VppRoutePath("10.0.0.3", 0xFFFFFFFF)]
1514 route_1_1_1_2.add_vpp_config()
1517 # inject the packet on pg0 - rx only on via routes output interface
1519 self.vapi.cli("clear trace")
1520 self.send_and_expect_only(self.pg0, port_pkts, self.pg3)
1523 # Add a LB route in the presence of a down link - expect no
1524 # packets over the down link
1526 self.pg3.link_down()
1528 route_10_0_0_3 = VppIpRoute(
1533 VppRoutePath(self.pg3.remote_ip4, self.pg3.sw_if_index),
1534 VppRoutePath(self.pg4.remote_ip4, self.pg4.sw_if_index),
1537 route_10_0_0_3.add_vpp_config()
1540 for ii in range(257):
1542 Ether(src=self.pg0.remote_mac, dst=self.pg0.local_mac)
1543 / IP(dst="10.0.0.3", src="20.0.0.2")
1544 / UDP(sport=1234, dport=1234 + ii)
1545 / Raw(b"\xa5" * 100)
1548 self.send_and_expect_only(self.pg0, port_pkts, self.pg4)
1550 # bring the link back up
1553 rx = self.send_and_expect_load_balancing(
1554 self.pg0, port_pkts, [self.pg3, self.pg4]
1556 self.assertEqual(len(src_pkts), self.total_len(rx))
1559 class TestIPVlan0(VppTestCase):
1563 def setUpClass(cls):
1564 super(TestIPVlan0, cls).setUpClass()
1567 def tearDownClass(cls):
1568 super(TestIPVlan0, cls).tearDownClass()
1571 super(TestIPVlan0, self).setUp()
1573 self.create_pg_interfaces(range(2))
1574 mpls_tbl = VppMplsTable(self, 0)
1575 mpls_tbl.add_vpp_config()
1577 for i in self.pg_interfaces:
1584 for i in self.pg_interfaces:
1588 super(TestIPVlan0, self).tearDown()
1590 def test_ip_vlan_0(self):
1594 Ether(src=self.pg0.remote_mac, dst=self.pg0.local_mac)
1596 / IP(dst=self.pg1.remote_ip4, src=self.pg0.remote_ip4)
1597 / UDP(sport=1234, dport=1234)
1598 / Raw(b"\xa5" * 100)
1602 # Expect that packets sent on VLAN-0 are forwarded on the
1605 self.send_and_expect(self.pg0, pkts, self.pg1)
1608 class IPPuntSetup(object):
1609 """Setup for IPv4 Punt Police/Redirect"""
1611 def punt_setup(self):
1612 self.create_pg_interfaces(range(4))
1614 for i in self.pg_interfaces:
1619 # use UDP packet that have a port we need to explicitly
1620 # register to get punted.
1621 pt_l4 = VppEnum.vl_api_punt_type_t.PUNT_API_TYPE_L4
1622 af_ip4 = VppEnum.vl_api_address_family_t.ADDRESS_IP4
1623 udp_proto = VppEnum.vl_api_ip_proto_t.IP_API_PROTO_UDP
1629 "protocol": udp_proto,
1635 self.vapi.set_punt(is_add=1, punt=punt_udp)
1637 af_ip6 = VppEnum.vl_api_address_family_t.ADDRESS_IP6
1643 "protocol": udp_proto,
1649 self.vapi.set_punt(is_add=1, punt=punt_udp)
1652 Ether(src=self.pg0.remote_mac, dst=self.pg0.local_mac)
1653 / IP(src=self.pg0.remote_ip4, dst=self.pg0.local_ip4)
1654 / UDP(sport=1234, dport=1234)
1655 / Raw(b"\xa5" * 100)
1658 def punt_teardown(self):
1659 for i in self.pg_interfaces:
1664 class TestIPPunt(IPPuntSetup, VppTestCase):
1665 """IPv4 Punt Police/Redirect"""
1669 super().punt_setup()
1672 super().punt_teardown()
1675 def test_ip_punt_api_validation(self):
1676 """IP punt API parameter validation"""
1678 nh_addr = self.pg1.remote_ip4
1680 "rx_sw_if_index": self.pg0.sw_if_index,
1681 "af": VppEnum.vl_api_address_family_t.ADDRESS_IP4,
1686 with self.assertRaises(vpp_papi.VPPIOError):
1687 self.vapi.add_del_ip_punt_redirect_v2(punt=punt, is_add=True)
1690 "rx_sw_if_index": self.pg0.sw_if_index,
1691 "af": VppEnum.vl_api_address_family_t.ADDRESS_IP4,
1696 self.vapi.add_del_ip_punt_redirect_v2(punt=punt, is_add=True)
1698 def test_ip_punt(self):
1699 """IP punt police and redirect"""
1701 pkts = self.pkt * 1025
1704 # Configure a punt redirect via pg1.
1706 nh_addr = self.pg1.remote_ip4
1707 ip_punt_redirect = VppIpPuntRedirect(
1708 self, self.pg0.sw_if_index, self.pg1.sw_if_index, nh_addr
1710 ip_punt_redirect.add_vpp_config()
1712 self.send_and_expect(self.pg0, pkts, self.pg1)
1717 policer = VppPolicer(self, "ip4-punt", 400, 0, 10, 0, rate_type=1)
1718 policer.add_vpp_config()
1719 ip_punt_policer = VppIpPuntPolicer(self, policer.policer_index)
1720 ip_punt_policer.add_vpp_config()
1722 self.vapi.cli("clear trace")
1723 self.pg0.add_stream(pkts)
1724 self.pg_enable_capture(self.pg_interfaces)
1728 # the number of packet received should be greater than 0,
1729 # but not equal to the number sent, since some were policed
1731 rx = self.pg1._get_capture(1)
1733 stats = policer.get_stats()
1735 # Single rate policer - expect conform, violate but no exceed
1736 self.assertGreater(stats["conform_packets"], 0)
1737 self.assertEqual(stats["exceed_packets"], 0)
1738 self.assertGreater(stats["violate_packets"], 0)
1740 self.assertGreater(len(rx), 0)
1741 self.assertLess(len(rx), len(pkts))
1744 # remove the policer. back to full rx
1746 ip_punt_policer.remove_vpp_config()
1747 policer.remove_vpp_config()
1748 self.send_and_expect(self.pg0, pkts, self.pg1)
1751 # remove the redirect. expect full drop.
1753 ip_punt_redirect.remove_vpp_config()
1754 self.send_and_assert_no_replies(self.pg0, pkts, "IP no punt config")
1757 # Add a redirect that is not input port selective
1759 ip_punt_redirect = VppIpPuntRedirect(
1760 self, 0xFFFFFFFF, self.pg1.sw_if_index, nh_addr
1762 ip_punt_redirect.add_vpp_config()
1763 self.send_and_expect(self.pg0, pkts, self.pg1)
1764 ip_punt_redirect.remove_vpp_config()
1766 def test_ip_punt_vrf(self):
1767 """IP punt/local with VRFs"""
1769 # use a punt redirect to test if for-us packets are accepted
1770 pkts = self.pkt * 1025
1772 vlans_pg0 = [VppDot1QSubint(self, self.pg0, v) for v in range(100, 104)]
1773 vlans_pg1 = [VppDot1QSubint(self, self.pg1, v) for v in range(100, 104)]
1774 tbl4 = [VppIpTable(self, v).add_vpp_config() for v in range(100, 104)]
1775 tbl6 = [VppIpTable(self, v, True).add_vpp_config() for v in range(100, 104)]
1777 for v in vlans_pg0 + vlans_pg1:
1779 v.set_table_ip4(v.vlan)
1780 v.set_table_ip6(v.vlan)
1789 vlans_pg0[i].sw_if_index,
1790 vlans_pg1[i].sw_if_index,
1791 vlans_pg1[i].remote_ip4,
1798 vlans_pg0[i].sw_if_index,
1799 vlans_pg1[i].sw_if_index,
1800 vlans_pg1[i].remote_ip6,
1807 Ether(src=self.pg0.remote_mac, dst=self.pg0.local_mac)
1808 / Dot1Q(vlan=i.vlan)
1809 / IP(src=i.remote_ip4, dst=i.local_ip4)
1810 / UDP(sport=1234, dport=1234)
1811 / Raw(b"\xa5" * 100)
1816 self.send_and_expect(self.pg0, pkts, self.pg1)
1822 # we reject packets for source addresses in the wrong vlan/VRF
1825 Ether(src=self.pg0.remote_mac, dst=self.pg0.local_mac)
1826 / Dot1Q(vlan=i.vlan)
1827 / IP(src="1.1.1.1", dst=i.local_ip4)
1828 / UDP(sport=1234, dport=1234)
1829 / Raw(b"\xa5" * 100)
1833 # single and dual loop
1834 self.send_and_assert_no_replies(self.pg0, [pkts[0]])
1835 self.send_and_assert_no_replies(self.pg0, pkts)
1837 self.assert_error_counter_equal("/err/ip4-local/src_lookup_miss", len(pkts) + 1)
1839 # using the same source in different tables, should reject
1840 # for the table that the source is not present in
1841 # the first packet in the stream is drop
1844 Ether(src=self.pg0.remote_mac, dst=self.pg0.local_mac)
1845 / Dot1Q(vlan=i.vlan)
1846 / IP(src=vlans_pg0[0].remote_ip4, dst=i.local_ip4)
1847 / UDP(sport=1234, dport=1234)
1848 / Raw(b"\xa5" * 100)
1852 # single loop accept and drop
1853 # followed by both in the same frame/loop
1854 self.send_and_expect(self.pg0, [pkts[0]], self.pg1)
1855 self.send_and_assert_no_replies(self.pg0, [pkts[1]])
1856 self.send_and_expect(self.pg0, pkts * 4, self.pg1, n_rx=4)
1858 # using the same source in different tables, should reject
1859 # for the table that the source is not present in
1860 # the first packet in the stream is accept
1863 Ether(src=self.pg0.remote_mac, dst=self.pg0.local_mac)
1864 / Dot1Q(vlan=i.vlan)
1865 / IP(src=vlans_pg0[3].remote_ip4, dst=i.local_ip4)
1866 / UDP(sport=1234, dport=1234)
1867 / Raw(b"\xa5" * 100)
1872 # single loop accept and drop
1873 # followed by both in the same frame/loop
1874 self.send_and_expect(self.pg0, [pkts[3]], self.pg1)
1875 self.send_and_assert_no_replies(self.pg0, [pkts[1]])
1876 self.send_and_expect(self.pg0, pkts * 4, self.pg1, n_rx=4)
1882 # we reject packets for source addresses in the wrong vlan/VRF
1885 Ether(src=self.pg0.remote_mac, dst=self.pg0.local_mac)
1886 / Dot1Q(vlan=i.vlan)
1887 / IPv6(src="1::1", dst=i.local_ip6)
1888 / UDP(sport=1236, dport=1236)
1889 / Raw(b"\xa5" * 100)
1893 # single and dual loop
1894 self.send_and_assert_no_replies(self.pg0, [pkts[0]])
1895 self.send_and_assert_no_replies(self.pg0, pkts)
1897 self.assert_error_counter_equal("/err/ip6-input/src_lookup_miss", len(pkts) + 1)
1899 # using the same source in different tables, should reject
1900 # for the table that the source is not present in
1901 # the first packet in the stream is drop
1904 Ether(src=self.pg0.remote_mac, dst=self.pg0.local_mac)
1905 / Dot1Q(vlan=i.vlan)
1906 / IPv6(src=vlans_pg0[0].remote_ip6, dst=i.local_ip6)
1907 / UDP(sport=1236, dport=1236)
1908 / Raw(b"\xa5" * 100)
1912 # single loop accept and drop
1913 # followed by both in the same frame/loop
1914 self.send_and_expect(self.pg0, [pkts[0]], self.pg1)
1915 self.send_and_assert_no_replies(self.pg0, [pkts[1]])
1916 self.send_and_expect(self.pg0, pkts * 4, self.pg1, n_rx=4)
1918 # using the same source in different tables, should reject
1919 # for the table that the source is not present in
1920 # the first packet in the stream is accept
1923 Ether(src=self.pg0.remote_mac, dst=self.pg0.local_mac)
1924 / Dot1Q(vlan=i.vlan)
1925 / IPv6(src=vlans_pg0[3].remote_ip6, dst=i.local_ip6)
1926 / UDP(sport=1236, dport=1236)
1927 / Raw(b"\xa5" * 100)
1932 # single loop accept and drop
1933 # followed by both in the same frame/loop
1934 self.send_and_expect(self.pg0, [pkts[3]], self.pg1)
1935 self.send_and_assert_no_replies(self.pg0, [pkts[1]])
1936 self.send_and_expect(self.pg0, pkts * 4, self.pg1, n_rx=4)
1938 for v in vlans_pg0 + vlans_pg1:
1944 def test_ip_punt_dump(self):
1945 """IP4 punt redirect dump"""
1948 # Configure a punt redirects
1950 nh_address = self.pg3.remote_ip4
1951 ipr_03 = VppIpPuntRedirect(
1952 self, self.pg0.sw_if_index, self.pg3.sw_if_index, nh_address
1954 ipr_13 = VppIpPuntRedirect(
1955 self, self.pg1.sw_if_index, self.pg3.sw_if_index, nh_address
1957 ipr_23 = VppIpPuntRedirect(
1958 self, self.pg2.sw_if_index, self.pg3.sw_if_index, "0.0.0.0"
1960 ipr_03.add_vpp_config()
1961 ipr_13.add_vpp_config()
1962 ipr_23.add_vpp_config()
1965 # Dump pg0 punt redirects
1967 self.assertTrue(ipr_03.query_vpp_config())
1968 self.assertTrue(ipr_13.query_vpp_config())
1969 self.assertTrue(ipr_23.query_vpp_config())
1972 # Dump punt redirects for all interfaces
1974 punts = self.vapi.ip_punt_redirect_dump(0xFFFFFFFF)
1975 self.assertEqual(len(punts), 3)
1977 self.assertEqual(p.punt.tx_sw_if_index, self.pg3.sw_if_index)
1978 self.assertNotEqual(punts[1].punt.nh, self.pg3.remote_ip4)
1979 self.assertEqual(str(punts[2].punt.nh), "0.0.0.0")
1982 class TestIPPuntHandoff(IPPuntSetup, VppTestCase):
1983 """IPv4 Punt Policer thread handoff"""
1985 vpp_worker_count = 2
1988 super(TestIPPuntHandoff, self).setUp()
1989 super(TestIPPuntHandoff, self).punt_setup()
1992 super(TestIPPuntHandoff, self).punt_teardown()
1993 super(TestIPPuntHandoff, self).tearDown()
1995 def test_ip_punt_policer_handoff(self):
1996 """IP4 punt policer thread handoff"""
1997 pkts = self.pkt * NUM_PKTS
2000 # Configure a punt redirect via pg1.
2002 nh_addr = self.pg1.remote_ip4
2003 ip_punt_redirect = VppIpPuntRedirect(
2004 self, self.pg0.sw_if_index, self.pg1.sw_if_index, nh_addr
2006 ip_punt_redirect.add_vpp_config()
2008 action_tx = PolicerAction(
2009 VppEnum.vl_api_sse2_qos_action_type_t.SSE2_QOS_ACTION_API_TRANSMIT, 0
2012 # This policer drops no packets, we are just
2013 # testing that they get to the right thread.
2015 policer = VppPolicer(
2030 policer.add_vpp_config()
2031 ip_punt_policer = VppIpPuntPolicer(self, policer.policer_index)
2032 ip_punt_policer.add_vpp_config()
2034 for worker in [0, 1]:
2035 self.send_and_expect(self.pg0, pkts, self.pg1, worker=worker)
2036 self.logger.debug(self.vapi.cli("show trace max 100"))
2038 # Combined stats, all threads
2039 stats = policer.get_stats()
2041 # Single rate policer - expect conform, violate but no exceed
2042 self.assertGreater(stats["conform_packets"], 0)
2043 self.assertEqual(stats["exceed_packets"], 0)
2044 self.assertGreater(stats["violate_packets"], 0)
2046 # Worker 0, should have done all the policing
2047 stats0 = policer.get_stats(worker=0)
2048 self.assertEqual(stats, stats0)
2050 # Worker 1, should have handed everything off
2051 stats1 = policer.get_stats(worker=1)
2052 self.assertEqual(stats1["conform_packets"], 0)
2053 self.assertEqual(stats1["exceed_packets"], 0)
2054 self.assertEqual(stats1["violate_packets"], 0)
2056 # Bind the policer to worker 1 and repeat
2057 policer.bind_vpp_config(1, True)
2058 for worker in [0, 1]:
2059 self.send_and_expect(self.pg0, pkts, self.pg1, worker=worker)
2060 self.logger.debug(self.vapi.cli("show trace max 100"))
2062 # The 2 workers should now have policed the same amount
2063 stats = policer.get_stats()
2064 stats0 = policer.get_stats(worker=0)
2065 stats1 = policer.get_stats(worker=1)
2067 self.assertGreater(stats0["conform_packets"], 0)
2068 self.assertEqual(stats0["exceed_packets"], 0)
2069 self.assertGreater(stats0["violate_packets"], 0)
2071 self.assertGreater(stats1["conform_packets"], 0)
2072 self.assertEqual(stats1["exceed_packets"], 0)
2073 self.assertGreater(stats1["violate_packets"], 0)
2076 stats0["conform_packets"] + stats1["conform_packets"],
2077 stats["conform_packets"],
2081 stats0["violate_packets"] + stats1["violate_packets"],
2082 stats["violate_packets"],
2085 # Unbind the policer and repeat
2086 policer.bind_vpp_config(1, False)
2087 for worker in [0, 1]:
2088 self.send_and_expect(self.pg0, pkts, self.pg1, worker=worker)
2089 self.logger.debug(self.vapi.cli("show trace max 100"))
2091 # The policer should auto-bind to worker 0 when packets arrive
2092 stats = policer.get_stats()
2093 stats0new = policer.get_stats(worker=0)
2094 stats1new = policer.get_stats(worker=1)
2096 self.assertGreater(stats0new["conform_packets"], stats0["conform_packets"])
2097 self.assertEqual(stats0new["exceed_packets"], 0)
2098 self.assertGreater(stats0new["violate_packets"], stats0["violate_packets"])
2100 self.assertEqual(stats1, stats1new)
2105 ip_punt_policer.remove_vpp_config()
2106 policer.remove_vpp_config()
2107 ip_punt_redirect.remove_vpp_config()
2110 class TestIPDeag(VppTestCase):
2111 """IPv4 Deaggregate Routes"""
2114 def setUpClass(cls):
2115 super(TestIPDeag, cls).setUpClass()
2118 def tearDownClass(cls):
2119 super(TestIPDeag, cls).tearDownClass()
2122 super(TestIPDeag, self).setUp()
2124 self.create_pg_interfaces(range(3))
2126 for i in self.pg_interfaces:
2132 super(TestIPDeag, self).tearDown()
2133 for i in self.pg_interfaces:
2137 def test_ip_deag(self):
2138 """IP Deag Routes"""
2141 # Create a table to be used for:
2142 # 1 - another destination address lookup
2143 # 2 - a source address lookup
2145 table_dst = VppIpTable(self, 1)
2146 table_src = VppIpTable(self, 2)
2147 table_dst.add_vpp_config()
2148 table_src.add_vpp_config()
2151 # Add a route in the default table to point to a deag/
2152 # second lookup in each of these tables
2154 route_to_dst = VppIpRoute(
2155 self, "1.1.1.1", 32, [VppRoutePath("0.0.0.0", 0xFFFFFFFF, nh_table_id=1)]
2157 route_to_src = VppIpRoute(
2166 type=FibPathType.FIB_PATH_TYPE_SOURCE_LOOKUP,
2170 route_to_dst.add_vpp_config()
2171 route_to_src.add_vpp_config()
2174 # packets to these destination are dropped, since they'll
2175 # hit the respective default routes in the second table
2178 Ether(src=self.pg0.remote_mac, dst=self.pg0.local_mac)
2179 / IP(src="5.5.5.5", dst="1.1.1.1")
2180 / TCP(sport=1234, dport=1234)
2181 / Raw(b"\xa5" * 100)
2184 Ether(src=self.pg0.remote_mac, dst=self.pg0.local_mac)
2185 / IP(src="2.2.2.2", dst="1.1.1.2")
2186 / TCP(sport=1234, dport=1234)
2187 / Raw(b"\xa5" * 100)
2189 pkts_dst = p_dst * 257
2190 pkts_src = p_src * 257
2192 self.send_and_assert_no_replies(self.pg0, pkts_dst, "IP in dst table")
2193 self.send_and_assert_no_replies(self.pg0, pkts_src, "IP in src table")
2196 # add a route in the dst table to forward via pg1
2198 route_in_dst = VppIpRoute(
2202 [VppRoutePath(self.pg1.remote_ip4, self.pg1.sw_if_index)],
2205 route_in_dst.add_vpp_config()
2207 self.send_and_expect(self.pg0, pkts_dst, self.pg1)
2210 # add a route in the src table to forward via pg2
2212 route_in_src = VppIpRoute(
2216 [VppRoutePath(self.pg2.remote_ip4, self.pg2.sw_if_index)],
2219 route_in_src.add_vpp_config()
2220 self.send_and_expect(self.pg0, pkts_src, self.pg2)
2223 # loop in the lookup DP
2225 route_loop = VppIpRoute(
2226 self, "2.2.2.3", 32, [VppRoutePath("0.0.0.0", 0xFFFFFFFF, nh_table_id=0)]
2228 route_loop.add_vpp_config()
2231 Ether(src=self.pg0.remote_mac, dst=self.pg0.local_mac)
2232 / IP(src="2.2.2.4", dst="2.2.2.3")
2233 / TCP(sport=1234, dport=1234)
2234 / Raw(b"\xa5" * 100)
2237 self.send_and_assert_no_replies(self.pg0, p_l * 257, "IP lookup loop")
2240 class TestIPInput(VppTestCase):
2241 """IPv4 Input Exceptions"""
2244 def setUpClass(cls):
2245 super(TestIPInput, cls).setUpClass()
2248 def tearDownClass(cls):
2249 super(TestIPInput, cls).tearDownClass()
2252 super(TestIPInput, self).setUp()
2254 self.create_pg_interfaces(range(2))
2256 for i in self.pg_interfaces:
2262 super(TestIPInput, self).tearDown()
2263 for i in self.pg_interfaces:
2267 def test_ip_input(self):
2268 """IP Input Exceptions"""
2270 # i can't find a way in scapy to construct an IP packet
2271 # with a length less than the IP header length
2274 # Packet too short - this is forwarded
2277 Ether(src=self.pg0.remote_mac, dst=self.pg0.local_mac)
2278 / IP(src=self.pg0.remote_ip4, dst=self.pg1.remote_ip4, len=40)
2279 / UDP(sport=1234, dport=1234)
2280 / Raw(b"\xa5" * 100)
2283 rx = self.send_and_expect(self.pg0, p_short * NUM_PKTS, self.pg1)
2286 # Packet too long - this is dropped
2289 Ether(src=self.pg0.remote_mac, dst=self.pg0.local_mac)
2290 / IP(src=self.pg0.remote_ip4, dst=self.pg1.remote_ip4, len=400)
2291 / UDP(sport=1234, dport=1234)
2292 / Raw(b"\xa5" * 100)
2295 rx = self.send_and_assert_no_replies(self.pg0, p_long * NUM_PKTS, "too long")
2298 # bad chksum - this is dropped
2301 Ether(src=self.pg0.remote_mac, dst=self.pg0.local_mac)
2302 / IP(src=self.pg0.remote_ip4, dst=self.pg1.remote_ip4, chksum=400)
2303 / UDP(sport=1234, dport=1234)
2304 / Raw(b"\xa5" * 100)
2307 rx = self.send_and_assert_no_replies(
2308 self.pg0, p_chksum * NUM_PKTS, "bad checksum"
2312 # bad version - this is dropped
2315 Ether(src=self.pg0.remote_mac, dst=self.pg0.local_mac)
2316 / IP(src=self.pg0.remote_ip4, dst=self.pg1.remote_ip4, version=3)
2317 / UDP(sport=1234, dport=1234)
2318 / Raw(b"\xa5" * 100)
2321 rx = self.send_and_assert_no_replies(
2322 self.pg0, p_ver * NUM_PKTS, "funky version"
2326 # fragment offset 1 - this is dropped
2329 Ether(src=self.pg0.remote_mac, dst=self.pg0.local_mac)
2330 / IP(src=self.pg0.remote_ip4, dst=self.pg1.remote_ip4, frag=1)
2331 / UDP(sport=1234, dport=1234)
2332 / Raw(b"\xa5" * 100)
2335 rx = self.send_and_assert_no_replies(self.pg0, p_frag * NUM_PKTS, "frag offset")
2338 # TTL expired packet
2341 Ether(src=self.pg0.remote_mac, dst=self.pg0.local_mac)
2342 / IP(src=self.pg0.remote_ip4, dst=self.pg1.remote_ip4, ttl=1)
2343 / UDP(sport=1234, dport=1234)
2344 / Raw(b"\xa5" * 100)
2347 rxs = self.send_and_expect_some(self.pg0, p_ttl * NUM_PKTS, self.pg0)
2351 self.assertEqual(icmptypes[icmp.type], "time-exceeded")
2352 self.assertEqual(icmpcodes[icmp.type][icmp.code], "ttl-zero-during-transit")
2353 self.assertEqual(icmp.src, self.pg0.remote_ip4)
2354 self.assertEqual(icmp.dst, self.pg1.remote_ip4)
2360 Ether(src=self.pg0.remote_mac, dst=self.pg0.local_mac)
2361 / IP(src=self.pg0.remote_ip4, dst=self.pg1.remote_ip4, ttl=10, flags="DF")
2362 / UDP(sport=1234, dport=1234)
2363 / Raw(b"\xa5" * 2000)
2366 self.vapi.sw_interface_set_mtu(self.pg1.sw_if_index, [1500, 0, 0, 0])
2368 rxs = self.send_and_expect_some(self.pg0, p_mtu * NUM_PKTS, self.pg0)
2372 self.assertEqual(icmptypes[icmp.type], "dest-unreach")
2373 self.assertEqual(icmpcodes[icmp.type][icmp.code], "fragmentation-needed")
2374 self.assertEqual(icmp.nexthopmtu, 1500)
2375 self.assertEqual(icmp.src, self.pg0.remote_ip4)
2376 self.assertEqual(icmp.dst, self.pg1.remote_ip4)
2378 self.vapi.sw_interface_set_mtu(self.pg1.sw_if_index, [2500, 0, 0, 0])
2379 rx = self.send_and_expect(self.pg0, p_mtu * NUM_PKTS, self.pg1)
2381 # Reset MTU for subsequent tests
2382 self.vapi.sw_interface_set_mtu(self.pg1.sw_if_index, [9000, 0, 0, 0])
2385 # source address 0.0.0.0 and 25.255.255.255 and for-us
2388 Ether(src=self.pg0.remote_mac, dst=self.pg0.local_mac)
2389 / IP(src="0.0.0.0", dst=self.pg0.local_ip4)
2391 / Raw(load=b"\x0a" * 18)
2393 rx = self.send_and_assert_no_replies(self.pg0, p_s0 * 17)
2396 Ether(src=self.pg0.remote_mac, dst=self.pg0.local_mac)
2397 / IP(src="255.255.255.255", dst=self.pg0.local_ip4)
2399 / Raw(load=b"\x0a" * 18)
2401 rx = self.send_and_assert_no_replies(self.pg0, p_s0 * 17)
2404 class TestIPDirectedBroadcast(VppTestCase):
2405 """IPv4 Directed Broadcast"""
2408 def setUpClass(cls):
2409 super(TestIPDirectedBroadcast, cls).setUpClass()
2412 def tearDownClass(cls):
2413 super(TestIPDirectedBroadcast, cls).tearDownClass()
2416 super(TestIPDirectedBroadcast, self).setUp()
2418 self.create_pg_interfaces(range(2))
2420 for i in self.pg_interfaces:
2424 super(TestIPDirectedBroadcast, self).tearDown()
2425 for i in self.pg_interfaces:
2428 def test_ip_input(self):
2429 """IP Directed Broadcast"""
2432 # set the directed broadcast on pg0 first, then config IP4 addresses
2433 # for pg1 directed broadcast is always disabled
2434 self.vapi.sw_interface_set_ip_directed_broadcast(self.pg0.sw_if_index, 1)
2437 Ether(src=self.pg1.remote_mac, dst=self.pg1.local_mac)
2438 / IP(src="1.1.1.1", dst=self.pg0._local_ip4_bcast)
2439 / UDP(sport=1234, dport=1234)
2440 / Raw(b"\xa5" * 2000)
2443 Ether(src=self.pg0.remote_mac, dst=self.pg0.local_mac)
2444 / IP(src="1.1.1.1", dst=self.pg1._local_ip4_bcast)
2445 / UDP(sport=1234, dport=1234)
2446 / Raw(b"\xa5" * 2000)
2449 self.pg0.config_ip4()
2450 self.pg0.resolve_arp()
2451 self.pg1.config_ip4()
2452 self.pg1.resolve_arp()
2455 # test packet is L2 broadcast
2457 rx = self.send_and_expect(self.pg1, p0 * NUM_PKTS, self.pg0)
2458 self.assertTrue(rx[0][Ether].dst, "ff:ff:ff:ff:ff:ff")
2460 self.send_and_assert_no_replies(
2461 self.pg0, p1 * NUM_PKTS, "directed broadcast disabled"
2465 # toggle directed broadcast on pg0
2467 self.vapi.sw_interface_set_ip_directed_broadcast(self.pg0.sw_if_index, 0)
2468 self.send_and_assert_no_replies(
2469 self.pg1, p0 * NUM_PKTS, "directed broadcast disabled"
2472 self.vapi.sw_interface_set_ip_directed_broadcast(self.pg0.sw_if_index, 1)
2473 rx = self.send_and_expect(self.pg1, p0 * NUM_PKTS, self.pg0)
2475 self.pg0.unconfig_ip4()
2476 self.pg1.unconfig_ip4()
2479 class TestIPLPM(VppTestCase):
2480 """IPv4 longest Prefix Match"""
2483 def setUpClass(cls):
2484 super(TestIPLPM, cls).setUpClass()
2487 def tearDownClass(cls):
2488 super(TestIPLPM, cls).tearDownClass()
2491 super(TestIPLPM, self).setUp()
2493 self.create_pg_interfaces(range(4))
2495 for i in self.pg_interfaces:
2501 super(TestIPLPM, self).tearDown()
2502 for i in self.pg_interfaces:
2506 def test_ip_lpm(self):
2507 """IP longest Prefix Match"""
2513 [VppRoutePath(self.pg1.remote_ip4, self.pg1.sw_if_index)],
2515 s_24.add_vpp_config()
2520 [VppRoutePath(self.pg2.remote_ip4, self.pg2.sw_if_index)],
2522 s_8.add_vpp_config()
2525 Ether(src=self.pg0.remote_mac, dst=self.pg0.local_mac)
2526 / IP(src="1.1.1.1", dst="10.1.1.1")
2527 / UDP(sport=1234, dport=1234)
2528 / Raw(b"\xa5" * 2000)
2531 Ether(src=self.pg0.remote_mac, dst=self.pg0.local_mac)
2532 / IP(src="1.1.1.1", dst="10.1.2.1")
2533 / UDP(sport=1234, dport=1234)
2534 / Raw(b"\xa5" * 2000)
2537 self.logger.info(self.vapi.cli("sh ip fib mtrie"))
2538 rx = self.send_and_expect(self.pg0, p_8 * NUM_PKTS, self.pg2)
2539 rx = self.send_and_expect(self.pg0, p_24 * NUM_PKTS, self.pg1)
2542 @tag_fixme_vpp_workers
2543 class TestIPv4Frag(VppTestCase):
2544 """IPv4 fragmentation"""
2547 def setUpClass(cls):
2548 super(TestIPv4Frag, cls).setUpClass()
2550 cls.create_pg_interfaces([0, 1])
2551 cls.src_if = cls.pg0
2552 cls.dst_if = cls.pg1
2554 # setup all interfaces
2555 for i in cls.pg_interfaces:
2561 def tearDownClass(cls):
2562 super(TestIPv4Frag, cls).tearDownClass()
2564 def test_frag_large_packets(self):
2565 """Fragmentation of large packets"""
2567 self.vapi.cli("adjacency counters enable")
2570 Ether(dst=self.src_if.local_mac, src=self.src_if.remote_mac)
2571 / IP(src=self.src_if.remote_ip4, dst=self.dst_if.remote_ip4)
2572 / UDP(sport=1234, dport=5678)
2575 self.extend_packet(p, 6000, "abcde")
2576 saved_payload = p[Raw].load
2580 self.dst_if.sw_if_index,
2581 self.dst_if.remote_mac,
2582 self.dst_if.remote_ip4,
2585 # Force fragmentation by setting MTU of output interface
2586 # lower than packet size
2587 self.vapi.sw_interface_set_mtu(self.dst_if.sw_if_index, [5000, 0, 0, 0])
2589 self.pg_enable_capture()
2590 self.src_if.add_stream(p)
2593 # Expecting 3 fragments because size of created fragments currently
2594 # cannot be larger then VPP buffer size (which is 2048)
2595 packets = self.dst_if.get_capture(3)
2597 # we should show 3 packets thru the neighbor
2598 self.assertEqual(3, nbr.get_stats()["packets"])
2600 # Assume VPP sends the fragments in order
2603 payload_offset = p.frag * 8
2604 if payload_offset > 0:
2605 payload_offset -= 8 # UDP header is not in payload
2606 self.assert_equal(payload_offset, len(payload))
2607 payload += p[Raw].load
2608 self.assert_equal(payload, saved_payload, "payload")
2611 class TestIPReplace(VppTestCase):
2612 """IPv4 Table Replace"""
2615 def setUpClass(cls):
2616 super(TestIPReplace, cls).setUpClass()
2619 def tearDownClass(cls):
2620 super(TestIPReplace, cls).tearDownClass()
2623 super(TestIPReplace, self).setUp()
2625 self.create_pg_interfaces(range(4))
2630 for i in self.pg_interfaces:
2634 i.generate_remote_hosts(2)
2635 self.tables.append(VppIpTable(self, table_id).add_vpp_config())
2639 super(TestIPReplace, self).tearDown()
2640 for i in self.pg_interfaces:
2644 def test_replace(self):
2645 """IP Table Replace"""
2647 MRouteItfFlags = VppEnum.vl_api_mfib_itf_flags_t
2648 MRouteEntryFlags = VppEnum.vl_api_mfib_entry_flags_t
2650 links = [self.pg0, self.pg1, self.pg2, self.pg3]
2651 routes = [[], [], [], []]
2653 # load up the tables with some routes
2654 for ii, t in enumerate(self.tables):
2655 for jj in range(N_ROUTES):
2662 links[ii].remote_hosts[0].ip4, links[ii].sw_if_index
2665 links[ii].remote_hosts[1].ip4, links[ii].sw_if_index
2668 table_id=t.table_id,
2670 multi = VppIpMRoute(
2675 MRouteEntryFlags.MFIB_API_ENTRY_FLAG_NONE,
2678 self.pg0.sw_if_index,
2679 MRouteItfFlags.MFIB_API_ITF_FLAG_ACCEPT,
2682 self.pg1.sw_if_index,
2683 MRouteItfFlags.MFIB_API_ITF_FLAG_FORWARD,
2686 self.pg2.sw_if_index,
2687 MRouteItfFlags.MFIB_API_ITF_FLAG_FORWARD,
2690 self.pg3.sw_if_index,
2691 MRouteItfFlags.MFIB_API_ITF_FLAG_FORWARD,
2694 table_id=t.table_id,
2696 routes[ii].append({"uni": uni, "multi": multi})
2699 # replace the tables a few times
2702 # replace_begin each table
2703 for t in self.tables:
2706 # all the routes are still there
2707 for ii, t in enumerate(self.tables):
2710 for r in routes[ii]:
2711 self.assertTrue(find_route_in_dump(dump, r["uni"], t))
2712 self.assertTrue(find_mroute_in_dump(mdump, r["multi"], t))
2714 # redownload the even numbered routes
2715 for ii, t in enumerate(self.tables):
2716 for jj in range(0, N_ROUTES, 2):
2717 routes[ii][jj]["uni"].add_vpp_config()
2718 routes[ii][jj]["multi"].add_vpp_config()
2720 # signal each table replace_end
2721 for t in self.tables:
2724 # we should find the even routes, but not the odd
2725 for ii, t in enumerate(self.tables):
2728 for jj in range(0, N_ROUTES, 2):
2729 self.assertTrue(find_route_in_dump(dump, routes[ii][jj]["uni"], t))
2731 find_mroute_in_dump(mdump, routes[ii][jj]["multi"], t)
2733 for jj in range(1, N_ROUTES - 1, 2):
2734 self.assertFalse(find_route_in_dump(dump, routes[ii][jj]["uni"], t))
2736 find_mroute_in_dump(mdump, routes[ii][jj]["multi"], t)
2739 # reload all the routes
2740 for ii, t in enumerate(self.tables):
2741 for r in routes[ii]:
2742 r["uni"].add_vpp_config()
2743 r["multi"].add_vpp_config()
2745 # all the routes are still there
2746 for ii, t in enumerate(self.tables):
2749 for r in routes[ii]:
2750 self.assertTrue(find_route_in_dump(dump, r["uni"], t))
2751 self.assertTrue(find_mroute_in_dump(mdump, r["multi"], t))
2754 # finally flush the tables for good measure
2756 for t in self.tables:
2758 self.assertEqual(len(t.dump()), 5)
2759 self.assertEqual(len(t.mdump()), 3)
2762 class TestIPCover(VppTestCase):
2763 """IPv4 Table Cover"""
2766 def setUpClass(cls):
2767 super(TestIPCover, cls).setUpClass()
2770 def tearDownClass(cls):
2771 super(TestIPCover, cls).tearDownClass()
2774 super(TestIPCover, self).setUp()
2776 self.create_pg_interfaces(range(4))
2781 for i in self.pg_interfaces:
2785 i.generate_remote_hosts(2)
2786 self.tables.append(VppIpTable(self, table_id).add_vpp_config())
2790 super(TestIPCover, self).tearDown()
2791 for i in self.pg_interfaces:
2795 def test_cover(self):
2796 """IP Table Cover"""
2798 # add a loop back with a /32 prefix
2799 lo = VppLoInterface(self)
2801 a = VppIpInterfaceAddress(self, lo, "127.0.0.1", 32).add_vpp_config()
2803 # add a neighbour that matches the loopback's /32
2805 self, lo.sw_if_index, lo.remote_mac, "127.0.0.1"
2808 # add the default route which will be the cover for /32
2813 [VppRoutePath("127.0.0.1", lo.sw_if_index)],
2817 # add/remove/add a longer mask cover
2819 self, "127.0.0.0", 8, [VppRoutePath("127.0.0.1", lo.sw_if_index)]
2821 r8.remove_vpp_config()
2823 r8.remove_vpp_config()
2825 # remove the default route
2826 r.remove_vpp_config()
2828 # remove the interface prefix
2829 a.remove_vpp_config()
2832 class TestIP4Replace(VppTestCase):
2833 """IPv4 Interface Address Replace"""
2836 def setUpClass(cls):
2837 super(TestIP4Replace, cls).setUpClass()
2840 def tearDownClass(cls):
2841 super(TestIP4Replace, cls).tearDownClass()
2844 super(TestIP4Replace, self).setUp()
2846 self.create_pg_interfaces(range(4))
2848 for i in self.pg_interfaces:
2852 super(TestIP4Replace, self).tearDown()
2853 for i in self.pg_interfaces:
2856 def get_n_pfxs(self, intf):
2857 return len(self.vapi.ip_address_dump(intf.sw_if_index))
2859 def test_replace(self):
2860 """IP interface address replace"""
2862 intf_pfxs = [[], [], [], []]
2864 # add prefixes to each of the interfaces
2865 for i in range(len(self.pg_interfaces)):
2866 intf = self.pg_interfaces[i]
2869 addr = "172.16.%d.1" % intf.sw_if_index
2870 a = VppIpInterfaceAddress(self, intf, addr, 24).add_vpp_config()
2871 intf_pfxs[i].append(a)
2873 # 172.16.x.2/24 - a different address in the same subnet as above
2874 addr = "172.16.%d.2" % intf.sw_if_index
2875 a = VppIpInterfaceAddress(self, intf, addr, 24).add_vpp_config()
2876 intf_pfxs[i].append(a)
2878 # 172.15.x.2/24 - a different address and subnet
2879 addr = "172.15.%d.2" % intf.sw_if_index
2880 a = VppIpInterfaceAddress(self, intf, addr, 24).add_vpp_config()
2881 intf_pfxs[i].append(a)
2883 # a dump should n_address in it
2884 for intf in self.pg_interfaces:
2885 self.assertEqual(self.get_n_pfxs(intf), 3)
2888 # remove all the address thru a replace
2890 self.vapi.sw_interface_address_replace_begin()
2891 self.vapi.sw_interface_address_replace_end()
2892 for intf in self.pg_interfaces:
2893 self.assertEqual(self.get_n_pfxs(intf), 0)
2896 # add all the interface addresses back
2901 for intf in self.pg_interfaces:
2902 self.assertEqual(self.get_n_pfxs(intf), 3)
2905 # replace again, but this time update/re-add the address on the first
2908 self.vapi.sw_interface_address_replace_begin()
2910 for p in intf_pfxs[:2]:
2914 self.vapi.sw_interface_address_replace_end()
2916 # on the first two the address still exist,
2917 # on the other two they do not
2918 for intf in self.pg_interfaces[:2]:
2919 self.assertEqual(self.get_n_pfxs(intf), 3)
2920 for p in intf_pfxs[:2]:
2922 self.assertTrue(v.query_vpp_config())
2923 for intf in self.pg_interfaces[2:]:
2924 self.assertEqual(self.get_n_pfxs(intf), 0)
2927 # add all the interface addresses back on the last two
2929 for p in intf_pfxs[2:]:
2932 for intf in self.pg_interfaces:
2933 self.assertEqual(self.get_n_pfxs(intf), 3)
2936 # replace again, this time add different prefixes on all the interfaces
2938 self.vapi.sw_interface_address_replace_begin()
2941 for intf in self.pg_interfaces:
2943 addr = "172.18.%d.1" % intf.sw_if_index
2944 pfxs.append(VppIpInterfaceAddress(self, intf, addr, 24).add_vpp_config())
2946 self.vapi.sw_interface_address_replace_end()
2948 # only .18 should exist on each interface
2949 for intf in self.pg_interfaces:
2950 self.assertEqual(self.get_n_pfxs(intf), 1)
2952 self.assertTrue(pfx.query_vpp_config())
2957 self.vapi.sw_interface_address_replace_begin()
2958 self.vapi.sw_interface_address_replace_end()
2959 for intf in self.pg_interfaces:
2960 self.assertEqual(self.get_n_pfxs(intf), 0)
2963 # add prefixes to each interface. post-begin add the prefix from
2964 # interface X onto interface Y. this would normally be an error
2965 # since it would generate a 'duplicate address' warning. but in
2966 # this case, since what is newly downloaded is sane, it's ok
2968 for intf in self.pg_interfaces:
2970 addr = "172.18.%d.1" % intf.sw_if_index
2971 VppIpInterfaceAddress(self, intf, addr, 24).add_vpp_config()
2973 self.vapi.sw_interface_address_replace_begin()
2976 for intf in self.pg_interfaces:
2978 addr = "172.18.%d.1" % (intf.sw_if_index + 1)
2979 pfxs.append(VppIpInterfaceAddress(self, intf, addr, 24).add_vpp_config())
2981 self.vapi.sw_interface_address_replace_end()
2983 self.logger.info(self.vapi.cli("sh int addr"))
2985 for intf in self.pg_interfaces:
2986 self.assertEqual(self.get_n_pfxs(intf), 1)
2988 self.assertTrue(pfx.query_vpp_config())
2991 class TestIPv4PathMTU(VppTestCase):
2995 def setUpClass(cls):
2996 super(TestIPv4PathMTU, cls).setUpClass()
2998 cls.create_pg_interfaces(range(2))
3000 # setup all interfaces
3001 for i in cls.pg_interfaces:
3007 def tearDownClass(cls):
3008 super(TestIPv4PathMTU, cls).tearDownClass()
3010 def test_path_mtu(self):
3014 # The goal here is not to test that fragmentation works correctly,
3015 # that's done elsewhere, the intent is to ensure that the Path MTU
3016 # settings are honoured.
3018 self.vapi.cli("adjacency counters enable")
3020 # set the interface MTU to a reasonable value
3021 self.vapi.sw_interface_set_mtu(self.pg1.sw_if_index, [1800, 0, 0, 0])
3023 self.pg1.generate_remote_hosts(4)
3026 Ether(dst=self.pg0.local_mac, src=self.pg0.remote_mac)
3027 / IP(src=self.pg0.remote_ip4, dst=self.pg1.remote_ip4)
3028 / UDP(sport=1234, dport=5678)
3032 Ether(dst=self.pg0.local_mac, src=self.pg0.remote_mac)
3033 / IP(src=self.pg0.remote_ip4, dst=self.pg1.remote_ip4)
3034 / UDP(sport=1234, dport=5678)
3039 self, self.pg1.sw_if_index, self.pg1.remote_mac, self.pg1.remote_ip4
3042 # this is now the interface MTU frags
3043 self.send_and_expect(self.pg0, [p_2k], self.pg1, n_rx=2)
3044 self.send_and_expect(self.pg0, [p_1k], self.pg1)
3046 # drop the path MTU for this neighbour to below the interface MTU
3048 pmtu = VppIpPathMtu(self, self.pg1.remote_ip4, 900).add_vpp_config()
3050 self.send_and_expect(self.pg0, [p_2k], self.pg1, n_rx=3)
3051 self.send_and_expect(self.pg0, [p_1k], self.pg1, n_rx=2)
3053 # print/format the adj delegate
3054 self.logger.info(self.vapi.cli("sh adj 5"))
3056 # increase the path MTU to more than the interface
3057 # expect to use the interface MTU
3060 self.send_and_expect(self.pg0, [p_2k], self.pg1, n_rx=2)
3061 self.send_and_expect(self.pg0, [p_1k], self.pg1)
3063 # go back to an MTU from the path
3064 # wrap the call around mark-n-sweep to enusre updates clear stale
3065 self.vapi.ip_path_mtu_replace_begin()
3067 self.vapi.ip_path_mtu_replace_end()
3069 self.send_and_expect(self.pg0, [p_2k], self.pg1, n_rx=3)
3070 self.send_and_expect(self.pg0, [p_1k], self.pg1, n_rx=2)
3072 # raise the interface's MTU
3073 # should still use that of the path
3074 self.vapi.sw_interface_set_mtu(self.pg1.sw_if_index, [2000, 0, 0, 0])
3075 self.send_and_expect(self.pg0, [p_2k], self.pg1, n_rx=3)
3076 self.send_and_expect(self.pg0, [p_1k], self.pg1, n_rx=2)
3078 # set path high and interface low
3080 self.vapi.sw_interface_set_mtu(self.pg1.sw_if_index, [900, 0, 0, 0])
3081 self.send_and_expect(self.pg0, [p_2k], self.pg1, n_rx=3)
3082 self.send_and_expect(self.pg0, [p_1k], self.pg1, n_rx=2)
3084 # remove the path MTU using the mark-n-sweep semantics
3085 self.vapi.sw_interface_set_mtu(self.pg1.sw_if_index, [1800, 0, 0, 0])
3086 self.vapi.ip_path_mtu_replace_begin()
3087 self.vapi.ip_path_mtu_replace_end()
3089 self.send_and_expect(self.pg0, [p_2k], self.pg1, n_rx=2)
3090 self.send_and_expect(self.pg0, [p_1k], self.pg1)
3093 # set path MTU for a neighbour that doesn't exist, yet
3095 pmtu2 = VppIpPathMtu(self, self.pg1.remote_hosts[2].ip4, 900).add_vpp_config()
3098 Ether(dst=self.pg0.local_mac, src=self.pg0.remote_mac)
3099 / IP(src=self.pg0.remote_ip4, dst=self.pg1.remote_hosts[2].ip4)
3100 / UDP(sport=1234, dport=5678)
3104 Ether(dst=self.pg0.local_mac, src=self.pg0.remote_mac)
3105 / IP(src=self.pg0.remote_ip4, dst=self.pg1.remote_hosts[2].ip4)
3106 / UDP(sport=1234, dport=5678)
3112 self.pg1.sw_if_index,
3113 self.pg1.remote_hosts[2].mac,
3114 self.pg1.remote_hosts[2].ip4,
3117 # should frag to the path MTU
3118 self.send_and_expect(self.pg0, [p_2k], self.pg1, n_rx=3)
3119 self.send_and_expect(self.pg0, [p_1k], self.pg1, n_rx=2)
3121 # remove and re-add the neighbour
3122 nbr2.remove_vpp_config()
3123 nbr2.add_vpp_config()
3125 # should frag to the path MTU
3126 self.send_and_expect(self.pg0, [p_2k], self.pg1, n_rx=3)
3127 self.send_and_expect(self.pg0, [p_1k], self.pg1, n_rx=2)
3130 # set PMTUs for many peers
3133 self.pg1.generate_remote_hosts(16)
3134 self.pg1.configure_ipv4_neighbors()
3136 for h in range(N_HOSTS):
3137 pmtu = VppIpPathMtu(self, self.pg1.remote_hosts[h].ip4, 900)
3138 pmtu.add_vpp_config()
3139 self.assertTrue(pmtu.query_vpp_config())
3141 self.logger.info(self.vapi.cli("sh ip pmtu"))
3142 dump = list(self.vapi.vpp.details_iter(self.vapi.ip_path_mtu_get))
3143 self.assertEqual(N_HOSTS, len(dump))
3145 for h in range(N_HOSTS):
3146 p_2k[IP].dst = self.pg1.remote_hosts[h].ip4
3147 p_1k[IP].dst = self.pg1.remote_hosts[h].ip4
3149 # should frag to the path MTU
3150 self.send_and_expect(self.pg0, [p_2k], self.pg1, n_rx=3)
3151 self.send_and_expect(self.pg0, [p_1k], self.pg1, n_rx=2)
3154 class TestIPv4ItfRebind(VppTestCase):
3155 """IPv4 Interface Bind w/ attached routes"""
3158 super(TestIPv4ItfRebind, self).setUp()
3160 self.create_pg_interfaces(range(3))
3163 super(TestIPv4ItfRebind, self).tearDown()
3165 def test_rebind(self):
3166 """Import to no import"""
3169 tbl = VppIpTable(self, TABLE_ID).add_vpp_config()
3170 self.pg1.set_table_ip4(TABLE_ID)
3172 for i in self.pg_interfaces:
3177 # add an attached route via an pg0
3178 # in a different table. this prefix should import
3183 [VppRoutePath("0.0.0.0", self.pg0.sw_if_index)],
3188 Ether(dst=self.pg1.local_mac, src=self.pg1.remote_mac)
3189 / IP(src=self.pg1.remote_ip4, dst=self.pg0.remote_ip4)
3190 / UDP(sport=1234, dport=5678)
3194 rx = self.send_and_expect(self.pg1, [p], self.pg0)
3195 self.assertFalse(rx[0].haslayer(ARP))
3197 # then bind pg0 to a new table
3198 # so the prefix no longer imports
3199 self.pg0.unconfig_ip4()
3200 self.pg0.set_table_ip4(TABLE_ID)
3201 self.pg0.config_ip4()
3202 self.pg0.resolve_arp()
3204 rx = self.send_and_expect(self.pg1, [p], self.pg0)
3205 self.assertFalse(rx[0].haslayer(ARP))
3207 # revert back to imported
3208 self.pg0.unconfig_ip4()
3209 self.pg0.set_table_ip4(0)
3210 self.pg0.config_ip4()
3211 self.pg0.resolve_arp()
3213 rx = self.send_and_expect(self.pg1, [p], self.pg0)
3214 self.assertFalse(rx[0].haslayer(ARP))
3217 for i in self.pg_interfaces:
3222 rt.remove_vpp_config()
3223 tbl.remove_vpp_config()
3225 def test_delete(self):
3226 """Swap import tables"""
3229 tbl1_4 = VppIpTable(self, TABLE_ID1).add_vpp_config()
3230 tbl1_6 = VppIpTable(self, TABLE_ID1, True).add_vpp_config()
3232 tbl2_4 = VppIpTable(self, TABLE_ID2).add_vpp_config()
3233 tbl2_6 = VppIpTable(self, TABLE_ID2, True).add_vpp_config()
3236 self.pg1.set_table_ip4(TABLE_ID1)
3237 self.pg1.set_table_ip6(TABLE_ID1)
3238 self.pg2.set_table_ip4(TABLE_ID2)
3239 self.pg2.set_table_ip6(TABLE_ID2)
3241 for i in self.pg_interfaces:
3246 # add an attached route in the default table via pg0
3247 # this should import to table 1
3252 [VppRoutePath("0.0.0.0", self.pg1.sw_if_index)],
3258 [VppRoutePath("0.0.0.0", self.pg1.sw_if_index)],
3262 Ether(dst=self.pg0.local_mac, src=self.pg0.remote_mac)
3263 / IP(src=self.pg1.remote_ip4, dst=self.pg1.remote_ip4)
3264 / UDP(sport=1234, dport=5678)
3268 # inject into table 0
3269 rx = self.send_and_expect(self.pg0, [p1], self.pg1)
3270 self.assertFalse(rx[0].haslayer(ARP))
3272 # swap the attached interface to table 2
3273 self.pg1.unconfig_ip4()
3274 self.pg1.unconfig_ip6()
3275 self.pg1.set_table_ip4(TABLE_ID2)
3276 self.pg1.set_table_ip6(TABLE_ID2)
3277 self.pg1.config_ip4()
3278 self.pg1.config_ip6()
3279 self.pg1.resolve_arp()
3284 tbl1_4.remove_vpp_config()
3285 tbl1_6.remove_vpp_config()
3287 rx = self.send_and_expect(self.pg0, [p1], self.pg1)
3288 self.assertFalse(rx[0].haslayer(ARP))
3290 for i in self.pg_interfaces:
3298 if __name__ == "__main__":
3299 unittest.main(testRunner=VppTestRunner)