4 from socket import inet_pton, inet_ntop
7 from parameterized import parameterized
9 import scapy.layers.inet6 as inet6
10 from scapy.layers.inet import UDP, IP
11 from scapy.contrib.mpls import MPLS
12 from scapy.layers.inet6 import IPv6, ICMPv6ND_NS, ICMPv6ND_RS, \
13 ICMPv6ND_RA, ICMPv6NDOptMTU, ICMPv6NDOptSrcLLAddr, ICMPv6NDOptPrefixInfo, \
14 ICMPv6ND_NA, ICMPv6NDOptDstLLAddr, ICMPv6DestUnreach, icmp6types, \
15 ICMPv6TimeExceeded, ICMPv6EchoRequest, ICMPv6EchoReply, \
16 IPv6ExtHdrHopByHop, ICMPv6MLReport2, ICMPv6MLDMultAddrRec
17 from scapy.layers.l2 import Ether, Dot1Q, GRE
18 from scapy.packet import Raw
19 from scapy.utils6 import in6_getnsma, in6_getnsmac, in6_ptop, in6_islladdr, \
23 from framework import VppTestCase, VppTestRunner, tag_run_solo
24 from util import ppp, ip6_normalize, mk_ll_addr
25 from vpp_papi import VppEnum
26 from vpp_ip import DpoProto, VppIpPuntPolicer, VppIpPuntRedirect, VppIpPathMtu
27 from vpp_ip_route import VppIpRoute, VppRoutePath, find_route, VppIpMRoute, \
28 VppMRoutePath, VppMplsIpBind, \
29 VppMplsRoute, VppMplsTable, VppIpTable, FibPathType, FibPathProto, \
30 VppIpInterfaceAddress, find_route_in_dump, find_mroute_in_dump, \
31 VppIp6LinkLocalAddress, VppIpRouteV2
32 from vpp_neighbor import find_nbr, VppNeighbor
33 from vpp_ipip_tun_interface import VppIpIpTunInterface
34 from vpp_pg_interface import is_ipv6_misc
35 from vpp_sub_interface import VppSubInterface, VppDot1QSubint
36 from vpp_policer import VppPolicer, PolicerAction
37 from ipaddress import IPv6Network, IPv6Address
38 from vpp_gre_interface import VppGreInterface
39 from vpp_teib import VppTeib
41 AF_INET6 = socket.AF_INET6
51 class TestIPv6ND(VppTestCase):
52 def validate_ra(self, intf, rx, dst_ip=None):
54 dst_ip = intf.remote_ip6
56 # unicasted packets must come to the unicast mac
57 self.assertEqual(rx[Ether].dst, intf.remote_mac)
59 # and from the router's MAC
60 self.assertEqual(rx[Ether].src, intf.local_mac)
62 # the rx'd RA should be addressed to the sender's source
63 self.assertTrue(rx.haslayer(ICMPv6ND_RA))
64 self.assertEqual(in6_ptop(rx[IPv6].dst),
67 # and come from the router's link local
68 self.assertTrue(in6_islladdr(rx[IPv6].src))
69 self.assertEqual(in6_ptop(rx[IPv6].src),
70 in6_ptop(mk_ll_addr(intf.local_mac)))
72 def validate_na(self, intf, rx, dst_ip=None, tgt_ip=None):
74 dst_ip = intf.remote_ip6
76 dst_ip = intf.local_ip6
78 # unicasted packets must come to the unicast mac
79 self.assertEqual(rx[Ether].dst, intf.remote_mac)
81 # and from the router's MAC
82 self.assertEqual(rx[Ether].src, intf.local_mac)
84 # the rx'd NA should be addressed to the sender's source
85 self.assertTrue(rx.haslayer(ICMPv6ND_NA))
86 self.assertEqual(in6_ptop(rx[IPv6].dst),
89 # and come from the target address
91 in6_ptop(rx[IPv6].src), in6_ptop(tgt_ip))
93 # Dest link-layer options should have the router's MAC
94 dll = rx[ICMPv6NDOptDstLLAddr]
95 self.assertEqual(dll.lladdr, intf.local_mac)
97 def validate_ns(self, intf, rx, tgt_ip):
98 nsma = in6_getnsma(inet_pton(AF_INET6, tgt_ip))
99 dst_ip = inet_ntop(AF_INET6, nsma)
102 self.assertEqual(rx[Ether].dst, in6_getnsmac(nsma))
104 # and from the router's MAC
105 self.assertEqual(rx[Ether].src, intf.local_mac)
107 # the rx'd NS should be addressed to an mcast address
108 # derived from the target address
110 in6_ptop(rx[IPv6].dst), in6_ptop(dst_ip))
112 # expect the tgt IP in the NS header
114 self.assertEqual(in6_ptop(ns.tgt), in6_ptop(tgt_ip))
116 # packet is from the router's local address
118 in6_ptop(rx[IPv6].src), intf.local_ip6)
120 # Src link-layer options should have the router's MAC
121 sll = rx[ICMPv6NDOptSrcLLAddr]
122 self.assertEqual(sll.lladdr, intf.local_mac)
124 def send_and_expect_ra(self, intf, pkts, remark, dst_ip=None,
125 filter_out_fn=is_ipv6_misc):
126 intf.add_stream(pkts)
127 self.pg_enable_capture(self.pg_interfaces)
129 rx = intf.get_capture(1, filter_out_fn=filter_out_fn)
131 self.assertEqual(len(rx), 1)
133 self.validate_ra(intf, rx, dst_ip)
135 def send_and_expect_na(self, intf, pkts, remark, dst_ip=None,
137 filter_out_fn=is_ipv6_misc):
138 intf.add_stream(pkts)
139 self.pg_enable_capture(self.pg_interfaces)
141 rx = intf.get_capture(1, filter_out_fn=filter_out_fn)
143 self.assertEqual(len(rx), 1)
145 self.validate_na(intf, rx, dst_ip, tgt_ip)
147 def send_and_expect_ns(self, tx_intf, rx_intf, pkts, tgt_ip,
148 filter_out_fn=is_ipv6_misc):
149 self.vapi.cli("clear trace")
150 tx_intf.add_stream(pkts)
151 self.pg_enable_capture(self.pg_interfaces)
153 rx = rx_intf.get_capture(1, filter_out_fn=filter_out_fn)
155 self.assertEqual(len(rx), 1)
157 self.validate_ns(rx_intf, rx, tgt_ip)
159 def verify_ip(self, rx, smac, dmac, sip, dip):
161 self.assertEqual(ether.dst, dmac)
162 self.assertEqual(ether.src, smac)
165 self.assertEqual(ip.src, sip)
166 self.assertEqual(ip.dst, dip)
170 class TestIPv6(TestIPv6ND):
171 """ IPv6 Test Case """
175 super(TestIPv6, cls).setUpClass()
178 def tearDownClass(cls):
179 super(TestIPv6, cls).tearDownClass()
183 Perform test setup before test case.
186 - create 3 pg interfaces
187 - untagged pg0 interface
188 - Dot1Q subinterface on pg1
189 - Dot1AD subinterface on pg2
191 - put it into UP state
193 - resolve neighbor address using NDP
194 - configure 200 fib entries
196 :ivar list interfaces: pg interfaces and subinterfaces.
197 :ivar dict flows: IPv4 packet flows in test.
199 *TODO:* Create AD sub interface
201 super(TestIPv6, self).setUp()
203 # create 3 pg interfaces
204 self.create_pg_interfaces(range(3))
206 # create 2 subinterfaces for p1 and pg2
207 self.sub_interfaces = [
208 VppDot1QSubint(self, self.pg1, 100),
209 VppDot1QSubint(self, self.pg2, 200)
210 # TODO: VppDot1ADSubint(self, self.pg2, 200, 300, 400)
213 # packet flows mapping pg0 -> pg1.sub, pg2.sub, etc.
215 self.flows[self.pg0] = [self.pg1.sub_if, self.pg2.sub_if]
216 self.flows[self.pg1.sub_if] = [self.pg0, self.pg2.sub_if]
217 self.flows[self.pg2.sub_if] = [self.pg0, self.pg1.sub_if]
220 self.pg_if_packet_sizes = [64, 1500, 9020]
222 self.interfaces = list(self.pg_interfaces)
223 self.interfaces.extend(self.sub_interfaces)
225 # setup all interfaces
226 for i in self.interfaces:
232 """Run standard test teardown and log ``show ip6 neighbors``."""
233 for i in self.interfaces:
236 for i in self.sub_interfaces:
237 i.remove_vpp_config()
239 super(TestIPv6, self).tearDown()
240 if not self.vpp_dead:
241 self.logger.info(self.vapi.cli("show ip6 neighbors"))
242 # info(self.vapi.cli("show ip6 fib")) # many entries
244 def modify_packet(self, src_if, packet_size, pkt):
245 """Add load, set destination IP and extend packet to required packet
246 size for defined interface.
248 :param VppInterface src_if: Interface to create packet for.
249 :param int packet_size: Required packet size.
250 :param Scapy pkt: Packet to be modified.
252 dst_if_idx = int(packet_size / 10 % 2)
253 dst_if = self.flows[src_if][dst_if_idx]
254 info = self.create_packet_info(src_if, dst_if)
255 payload = self.info_to_payload(info)
256 p = pkt / Raw(payload)
257 p[IPv6].dst = dst_if.remote_ip6
259 if isinstance(src_if, VppSubInterface):
260 p = src_if.add_dot1_layer(p)
261 self.extend_packet(p, packet_size)
265 def create_stream(self, src_if):
266 """Create input packet stream for defined interface.
268 :param VppInterface src_if: Interface to create packet stream for.
270 hdr_ext = 4 if isinstance(src_if, VppSubInterface) else 0
271 pkt_tmpl = (Ether(dst=src_if.local_mac, src=src_if.remote_mac) /
272 IPv6(src=src_if.remote_ip6) /
273 inet6.UDP(sport=1234, dport=1234))
275 pkts = [self.modify_packet(src_if, i, pkt_tmpl)
276 for i in moves.range(self.pg_if_packet_sizes[0],
277 self.pg_if_packet_sizes[1], 10)]
278 pkts_b = [self.modify_packet(src_if, i, pkt_tmpl)
279 for i in moves.range(self.pg_if_packet_sizes[1] + hdr_ext,
280 self.pg_if_packet_sizes[2] + hdr_ext,
286 def verify_capture(self, dst_if, capture):
287 """Verify captured input packet stream for defined interface.
289 :param VppInterface dst_if: Interface to verify captured packet stream
291 :param list capture: Captured packet stream.
293 self.logger.info("Verifying capture on interface %s" % dst_if.name)
295 for i in self.interfaces:
296 last_info[i.sw_if_index] = None
298 dst_sw_if_index = dst_if.sw_if_index
299 if hasattr(dst_if, 'parent'):
301 for packet in capture:
303 # Check VLAN tags and Ethernet header
304 packet = dst_if.remove_dot1_layer(packet)
305 self.assertTrue(Dot1Q not in packet)
308 udp = packet[inet6.UDP]
309 payload_info = self.payload_to_info(packet[Raw])
310 packet_index = payload_info.index
311 self.assertEqual(payload_info.dst, dst_sw_if_index)
313 "Got packet on port %s: src=%u (id=%u)" %
314 (dst_if.name, payload_info.src, packet_index))
315 next_info = self.get_next_packet_info_for_interface2(
316 payload_info.src, dst_sw_if_index,
317 last_info[payload_info.src])
318 last_info[payload_info.src] = next_info
319 self.assertTrue(next_info is not None)
320 self.assertEqual(packet_index, next_info.index)
321 saved_packet = next_info.data
322 # Check standard fields
324 ip.src, saved_packet[IPv6].src)
326 ip.dst, saved_packet[IPv6].dst)
328 udp.sport, saved_packet[inet6.UDP].sport)
330 udp.dport, saved_packet[inet6.UDP].dport)
332 self.logger.error(ppp("Unexpected or invalid packet:", packet))
334 for i in self.interfaces:
335 remaining_packet = self.get_next_packet_info_for_interface2(
336 i.sw_if_index, dst_sw_if_index, last_info[i.sw_if_index])
337 self.assertTrue(remaining_packet is None,
338 "Interface %s: Packet expected from interface %s "
339 "didn't arrive" % (dst_if.name, i.name))
341 def test_next_header_anomaly(self):
342 """ IPv6 next header anomaly test
345 - ipv6 next header field = Fragment Header (44)
346 - next header is ICMPv6 Echo Request
347 - wait for reassembly
349 pkt = (Ether(src=self.pg0.local_mac, dst=self.pg0.remote_mac) /
350 IPv6(src=self.pg0.remote_ip6, dst=self.pg0.local_ip6, nh=44) /
353 self.pg0.add_stream(pkt)
356 # wait for reassembly
363 - Create IPv6 stream for pg0 interface
364 - Create IPv6 tagged streams for pg1's and pg2's subinterface.
365 - Send and verify received packets on each interface.
368 pkts = self.create_stream(self.pg0)
369 self.pg0.add_stream(pkts)
371 for i in self.sub_interfaces:
372 pkts = self.create_stream(i)
373 i.parent.add_stream(pkts)
375 self.pg_enable_capture(self.pg_interfaces)
378 pkts = self.pg0.get_capture()
379 self.verify_capture(self.pg0, pkts)
381 for i in self.sub_interfaces:
382 pkts = i.parent.get_capture()
383 self.verify_capture(i, pkts)
386 """ IPv6 Neighbour Solicitation Exceptions
389 - Send an NS Sourced from an address not covered by the link sub-net
390 - Send an NS to an mcast address the router has not joined
391 - Send NS for a target address the router does not onn.
395 # An NS from a non link source address
397 nsma = in6_getnsma(inet_pton(AF_INET6, self.pg0.local_ip6))
398 d = inet_ntop(AF_INET6, nsma)
400 p = (Ether(dst=in6_getnsmac(nsma)) /
401 IPv6(dst=d, src="2002::2") /
402 ICMPv6ND_NS(tgt=self.pg0.local_ip6) /
403 ICMPv6NDOptSrcLLAddr(
404 lladdr=self.pg0.remote_mac))
407 self.send_and_assert_no_replies(
409 "No response to NS source by address not on sub-net")
412 # An NS for sent to a solicited mcast group the router is
413 # not a member of FAILS
416 nsma = in6_getnsma(inet_pton(AF_INET6, "fd::ffff"))
417 d = inet_ntop(AF_INET6, nsma)
419 p = (Ether(dst=in6_getnsmac(nsma)) /
420 IPv6(dst=d, src=self.pg0.remote_ip6) /
421 ICMPv6ND_NS(tgt=self.pg0.local_ip6) /
422 ICMPv6NDOptSrcLLAddr(
423 lladdr=self.pg0.remote_mac))
426 self.send_and_assert_no_replies(
428 "No response to NS sent to unjoined mcast address")
431 # An NS whose target address is one the router does not own
433 nsma = in6_getnsma(inet_pton(AF_INET6, self.pg0.local_ip6))
434 d = inet_ntop(AF_INET6, nsma)
436 p = (Ether(dst=in6_getnsmac(nsma)) /
437 IPv6(dst=d, src=self.pg0.remote_ip6) /
438 ICMPv6ND_NS(tgt="fd::ffff") /
439 ICMPv6NDOptSrcLLAddr(
440 lladdr=self.pg0.remote_mac))
443 self.send_and_assert_no_replies(self.pg0, pkts,
444 "No response to NS for unknown target")
447 # A neighbor entry that has no associated FIB-entry
449 self.pg0.generate_remote_hosts(4)
450 nd_entry = VppNeighbor(self,
451 self.pg0.sw_if_index,
452 self.pg0.remote_hosts[2].mac,
453 self.pg0.remote_hosts[2].ip6,
455 nd_entry.add_vpp_config()
458 # check we have the neighbor, but no route
460 self.assertTrue(find_nbr(self,
461 self.pg0.sw_if_index,
462 self.pg0._remote_hosts[2].ip6))
463 self.assertFalse(find_route(self,
464 self.pg0._remote_hosts[2].ip6,
468 # send an NS from a link local address to the interface's global
471 p = (Ether(dst=in6_getnsmac(nsma), src=self.pg0.remote_mac) /
473 dst=d, src=self.pg0._remote_hosts[2].ip6_ll) /
474 ICMPv6ND_NS(tgt=self.pg0.local_ip6) /
475 ICMPv6NDOptSrcLLAddr(
476 lladdr=self.pg0.remote_mac))
478 self.send_and_expect_na(self.pg0, p,
479 "NS from link-local",
480 dst_ip=self.pg0._remote_hosts[2].ip6_ll,
481 tgt_ip=self.pg0.local_ip6)
484 # we should have learned an ND entry for the peer's link-local
485 # but not inserted a route to it in the FIB
487 self.assertTrue(find_nbr(self,
488 self.pg0.sw_if_index,
489 self.pg0._remote_hosts[2].ip6_ll))
490 self.assertFalse(find_route(self,
491 self.pg0._remote_hosts[2].ip6_ll,
495 # An NS to the router's own Link-local
497 p = (Ether(dst=in6_getnsmac(nsma), src=self.pg0.remote_mac) /
499 dst=d, src=self.pg0._remote_hosts[3].ip6_ll) /
500 ICMPv6ND_NS(tgt=self.pg0.local_ip6_ll) /
501 ICMPv6NDOptSrcLLAddr(
502 lladdr=self.pg0.remote_mac))
504 self.send_and_expect_na(self.pg0, p,
505 "NS to/from link-local",
506 dst_ip=self.pg0._remote_hosts[3].ip6_ll,
507 tgt_ip=self.pg0.local_ip6_ll)
510 # do not respond to a NS for the peer's address
512 p = (Ether(dst=in6_getnsmac(nsma), src=self.pg0.remote_mac) /
514 src=self.pg0._remote_hosts[3].ip6_ll) /
515 ICMPv6ND_NS(tgt=self.pg0._remote_hosts[3].ip6_ll) /
516 ICMPv6NDOptSrcLLAddr(
517 lladdr=self.pg0.remote_mac))
519 self.send_and_assert_no_replies(self.pg0, p)
522 # we should have learned an ND entry for the peer's link-local
523 # but not inserted a route to it in the FIB
525 self.assertTrue(find_nbr(self,
526 self.pg0.sw_if_index,
527 self.pg0._remote_hosts[3].ip6_ll))
528 self.assertFalse(find_route(self,
529 self.pg0._remote_hosts[3].ip6_ll,
532 def test_ns_duplicates(self):
536 # Generate some hosts on the LAN
538 self.pg1.generate_remote_hosts(3)
541 # Add host 1 on pg1 and pg2
543 ns_pg1 = VppNeighbor(self,
544 self.pg1.sw_if_index,
545 self.pg1.remote_hosts[1].mac,
546 self.pg1.remote_hosts[1].ip6)
547 ns_pg1.add_vpp_config()
548 ns_pg2 = VppNeighbor(self,
549 self.pg2.sw_if_index,
551 self.pg1.remote_hosts[1].ip6)
552 ns_pg2.add_vpp_config()
555 # IP packet destined for pg1 remote host arrives on pg1 again.
557 p = (Ether(dst=self.pg0.local_mac,
558 src=self.pg0.remote_mac) /
559 IPv6(src=self.pg0.remote_ip6,
560 dst=self.pg1.remote_hosts[1].ip6) /
561 inet6.UDP(sport=1234, dport=1234) /
564 self.pg0.add_stream(p)
565 self.pg_enable_capture(self.pg_interfaces)
568 rx1 = self.pg1.get_capture(1)
570 self.verify_ip(rx1[0],
572 self.pg1.remote_hosts[1].mac,
574 self.pg1.remote_hosts[1].ip6)
577 # remove the duplicate on pg1
578 # packet stream should generate NSs out of pg1
580 ns_pg1.remove_vpp_config()
582 self.send_and_expect_ns(self.pg0, self.pg1,
583 p, self.pg1.remote_hosts[1].ip6)
588 ns_pg1.add_vpp_config()
590 self.pg0.add_stream(p)
591 self.pg_enable_capture(self.pg_interfaces)
594 rx1 = self.pg1.get_capture(1)
596 self.verify_ip(rx1[0],
598 self.pg1.remote_hosts[1].mac,
600 self.pg1.remote_hosts[1].ip6)
602 def validate_ra(self, intf, rx, dst_ip=None, src_ip=None,
603 mtu=9000, pi_opt=None):
605 dst_ip = intf.remote_ip6
607 src_ip = mk_ll_addr(intf.local_mac)
609 # unicasted packets must come to the unicast mac
610 self.assertEqual(rx[Ether].dst, intf.remote_mac)
612 # and from the router's MAC
613 self.assertEqual(rx[Ether].src, intf.local_mac)
615 # the rx'd RA should be addressed to the sender's source
616 self.assertTrue(rx.haslayer(ICMPv6ND_RA))
617 self.assertEqual(in6_ptop(rx[IPv6].dst),
620 # and come from the router's link local
621 self.assertTrue(in6_islladdr(rx[IPv6].src))
622 self.assertEqual(in6_ptop(rx[IPv6].src), in6_ptop(src_ip))
624 # it should contain the links MTU
626 self.assertEqual(ra[ICMPv6NDOptMTU].mtu, mtu)
628 # it should contain the source's link layer address option
629 sll = ra[ICMPv6NDOptSrcLLAddr]
630 self.assertEqual(sll.lladdr, intf.local_mac)
633 # the RA should not contain prefix information
634 self.assertFalse(ra.haslayer(
635 ICMPv6NDOptPrefixInfo))
637 raos = rx.getlayer(ICMPv6NDOptPrefixInfo, 1)
639 # the options are nested in the scapy packet in way that i cannot
640 # decipher how to decode. this 1st layer of option always returns
641 # nested classes, so a direct obj1=obj2 comparison always fails.
642 # however, the getlayer(.., 2) does give one instance.
643 # so we cheat here and construct a new opt instance for comparison
644 rd = ICMPv6NDOptPrefixInfo(
645 prefixlen=raos.prefixlen,
649 if type(pi_opt) is list:
650 for ii in range(len(pi_opt)):
651 self.assertEqual(pi_opt[ii], rd)
653 ICMPv6NDOptPrefixInfo, ii + 2)
655 self.assertEqual(pi_opt, raos, 'Expected: %s, received: %s'
656 % (pi_opt.show(dump=True),
657 raos.show(dump=True)))
659 def send_and_expect_ra(self, intf, pkts, remark, dst_ip=None,
660 filter_out_fn=is_ipv6_misc,
663 self.vapi.cli("clear trace")
664 intf.add_stream(pkts)
665 self.pg_enable_capture(self.pg_interfaces)
667 rx = intf.get_capture(1, filter_out_fn=filter_out_fn)
669 self.assertEqual(len(rx), 1)
671 self.validate_ra(intf, rx, dst_ip, src_ip=src_ip, pi_opt=opt)
674 """ IPv6 Router Solicitation Exceptions
680 # Before we begin change the IPv6 RA responses to use the unicast
681 # address - that way we will not confuse them with the periodic
682 # RAs which go to the mcast address
683 # Sit and wait for the first periodic RA.
687 self.pg0.ip6_ra_config(send_unicast=1)
690 # An RS from a link source address
691 # - expect an RA in return
693 p = (Ether(dst=self.pg0.local_mac, src=self.pg0.remote_mac) /
694 IPv6(dst=self.pg0.local_ip6, src=self.pg0.remote_ip6) /
697 self.send_and_expect_ra(self.pg0, pkts, "Genuine RS")
700 # For the next RS sent the RA should be rate limited
702 self.send_and_assert_no_replies(self.pg0, pkts, "RA rate limited")
705 # When we reconfigure the IPv6 RA config,
706 # we reset the RA rate limiting,
707 # so we need to do this before each test below so as not to drop
708 # packets for rate limiting reasons. Test this works here.
710 self.pg0.ip6_ra_config(send_unicast=1)
711 self.send_and_expect_ra(self.pg0, pkts, "Rate limit reset RS")
714 # An RS sent from a non-link local source
716 self.pg0.ip6_ra_config(send_unicast=1)
717 p = (Ether(dst=self.pg0.local_mac, src=self.pg0.remote_mac) /
718 IPv6(dst=self.pg0.local_ip6,
722 self.send_and_assert_no_replies(self.pg0, pkts,
723 "RS from non-link source")
726 # Source an RS from a link local address
728 self.pg0.ip6_ra_config(send_unicast=1)
729 ll = mk_ll_addr(self.pg0.remote_mac)
730 p = (Ether(dst=self.pg0.local_mac, src=self.pg0.remote_mac) /
731 IPv6(dst=self.pg0.local_ip6, src=ll) /
734 self.send_and_expect_ra(self.pg0, pkts,
735 "RS sourced from link-local",
739 # Source an RS from a link local address
740 # Ensure suppress also applies to solicited RS
742 self.pg0.ip6_ra_config(send_unicast=1, suppress=1)
743 ll = mk_ll_addr(self.pg0.remote_mac)
744 p = (Ether(dst=self.pg0.local_mac, src=self.pg0.remote_mac) /
745 IPv6(dst=self.pg0.local_ip6, src=ll) /
748 self.send_and_assert_no_replies(self.pg0, pkts,
749 "Suppressed RS from link-local")
752 # Send the RS multicast
754 self.pg0.ip6_ra_config(no=1, suppress=1) # Reset suppress flag to zero
755 self.pg0.ip6_ra_config(send_unicast=1)
756 dmac = in6_getnsmac(inet_pton(AF_INET6, "ff02::2"))
757 ll = mk_ll_addr(self.pg0.remote_mac)
758 p = (Ether(dst=dmac, src=self.pg0.remote_mac) /
759 IPv6(dst="ff02::2", src=ll) /
762 self.send_and_expect_ra(self.pg0, pkts,
763 "RS sourced from link-local",
767 # Source from the unspecified address ::. This happens when the RS
768 # is sent before the host has a configured address/sub-net,
769 # i.e. auto-config. Since the sender has no IP address, the reply
770 # comes back mcast - so the capture needs to not filter this.
771 # If we happen to pick up the periodic RA at this point then so be it,
774 self.pg0.ip6_ra_config(send_unicast=1, suppress=0)
775 p = (Ether(dst=dmac, src=self.pg0.remote_mac) /
776 IPv6(dst="ff02::2", src="::") /
779 self.send_and_expect_ra(self.pg0, pkts,
780 "RS sourced from unspecified",
785 # Configure The RA to announce the links prefix
787 self.pg0.ip6_ra_prefix('%s/%s' % (self.pg0.local_ip6,
788 self.pg0.local_ip6_prefix_len))
791 # RAs should now contain the prefix information option
793 opt = ICMPv6NDOptPrefixInfo(
794 prefixlen=self.pg0.local_ip6_prefix_len,
795 prefix=self.pg0.local_ip6,
799 self.pg0.ip6_ra_config(send_unicast=1)
800 ll = mk_ll_addr(self.pg0.remote_mac)
801 p = (Ether(dst=self.pg0.local_mac, src=self.pg0.remote_mac) /
802 IPv6(dst=self.pg0.local_ip6, src=ll) /
804 self.send_and_expect_ra(self.pg0, p,
805 "RA with prefix-info",
810 # Change the prefix info to not off-link
813 self.pg0.ip6_ra_prefix('%s/%s' % (self.pg0.local_ip6,
814 self.pg0.local_ip6_prefix_len),
817 opt = ICMPv6NDOptPrefixInfo(
818 prefixlen=self.pg0.local_ip6_prefix_len,
819 prefix=self.pg0.local_ip6,
823 self.pg0.ip6_ra_config(send_unicast=1)
824 self.send_and_expect_ra(self.pg0, p,
825 "RA with Prefix info with L-flag=0",
830 # Change the prefix info to not off-link, no-autoconfig
831 # L and A flag are clear in the advert
833 self.pg0.ip6_ra_prefix('%s/%s' % (self.pg0.local_ip6,
834 self.pg0.local_ip6_prefix_len),
838 opt = ICMPv6NDOptPrefixInfo(
839 prefixlen=self.pg0.local_ip6_prefix_len,
840 prefix=self.pg0.local_ip6,
844 self.pg0.ip6_ra_config(send_unicast=1)
845 self.send_and_expect_ra(self.pg0, p,
846 "RA with Prefix info with A & L-flag=0",
851 # Change the flag settings back to the defaults
852 # L and A flag are set in the advert
854 self.pg0.ip6_ra_prefix('%s/%s' % (self.pg0.local_ip6,
855 self.pg0.local_ip6_prefix_len))
857 opt = ICMPv6NDOptPrefixInfo(
858 prefixlen=self.pg0.local_ip6_prefix_len,
859 prefix=self.pg0.local_ip6,
863 self.pg0.ip6_ra_config(send_unicast=1)
864 self.send_and_expect_ra(self.pg0, p,
865 "RA with Prefix info",
870 # Change the prefix info to not off-link, no-autoconfig
871 # L and A flag are clear in the advert
873 self.pg0.ip6_ra_prefix('%s/%s' % (self.pg0.local_ip6,
874 self.pg0.local_ip6_prefix_len),
878 opt = ICMPv6NDOptPrefixInfo(
879 prefixlen=self.pg0.local_ip6_prefix_len,
880 prefix=self.pg0.local_ip6,
884 self.pg0.ip6_ra_config(send_unicast=1)
885 self.send_and_expect_ra(self.pg0, p,
886 "RA with Prefix info with A & L-flag=0",
891 # Use the reset to defaults option to revert to defaults
892 # L and A flag are clear in the advert
894 self.pg0.ip6_ra_prefix('%s/%s' % (self.pg0.local_ip6,
895 self.pg0.local_ip6_prefix_len),
898 opt = ICMPv6NDOptPrefixInfo(
899 prefixlen=self.pg0.local_ip6_prefix_len,
900 prefix=self.pg0.local_ip6,
904 self.pg0.ip6_ra_config(send_unicast=1)
905 self.send_and_expect_ra(self.pg0, p,
906 "RA with Prefix reverted to defaults",
911 # Advertise Another prefix. With no L-flag/A-flag
913 self.pg0.ip6_ra_prefix('%s/%s' % (self.pg1.local_ip6,
914 self.pg1.local_ip6_prefix_len),
918 opt = [ICMPv6NDOptPrefixInfo(
919 prefixlen=self.pg0.local_ip6_prefix_len,
920 prefix=self.pg0.local_ip6,
923 ICMPv6NDOptPrefixInfo(
924 prefixlen=self.pg1.local_ip6_prefix_len,
925 prefix=self.pg1.local_ip6,
929 self.pg0.ip6_ra_config(send_unicast=1)
930 ll = mk_ll_addr(self.pg0.remote_mac)
931 p = (Ether(dst=self.pg0.local_mac, src=self.pg0.remote_mac) /
932 IPv6(dst=self.pg0.local_ip6, src=ll) /
934 self.send_and_expect_ra(self.pg0, p,
935 "RA with multiple Prefix infos",
940 # Remove the first prefix-info - expect the second is still in the
943 self.pg0.ip6_ra_prefix('%s/%s' % (self.pg0.local_ip6,
944 self.pg0.local_ip6_prefix_len),
947 opt = ICMPv6NDOptPrefixInfo(
948 prefixlen=self.pg1.local_ip6_prefix_len,
949 prefix=self.pg1.local_ip6,
953 self.pg0.ip6_ra_config(send_unicast=1)
954 self.send_and_expect_ra(self.pg0, p,
955 "RA with Prefix reverted to defaults",
960 # Remove the second prefix-info - expect no prefix-info in the adverts
962 self.pg0.ip6_ra_prefix('%s/%s' % (self.pg1.local_ip6,
963 self.pg1.local_ip6_prefix_len),
967 # change the link's link local, so we know that works too.
969 self.vapi.sw_interface_ip6_set_link_local_address(
970 sw_if_index=self.pg0.sw_if_index,
973 self.pg0.ip6_ra_config(send_unicast=1)
974 self.send_and_expect_ra(self.pg0, p,
975 "RA with Prefix reverted to defaults",
980 # Reset the periodic advertisements back to default values
982 self.pg0.ip6_ra_config(no=1, suppress=1, send_unicast=0)
987 # test one MLD is sent after applying an IPv6 Address on an interface
989 self.pg_enable_capture(self.pg_interfaces)
992 subitf = VppDot1QSubint(self, self.pg1, 99)
997 rxs = self.pg1._get_capture(timeout=4, filter_out_fn=None)
1000 # hunt for the MLD on vlan 99
1003 # make sure ipv6 packets with hop by hop options have
1005 self.assert_packet_checksums_valid(rx)
1006 if rx.haslayer(IPv6ExtHdrHopByHop) and \
1007 rx.haslayer(Dot1Q) and \
1008 rx[Dot1Q].vlan == 99:
1009 mld = rx[ICMPv6MLReport2]
1011 self.assertEqual(mld.records_number, 4)
1014 class TestIPv6RouteLookup(VppTestCase):
1015 """ IPv6 Route Lookup Test Case """
1018 def route_lookup(self, prefix, exact):
1019 return self.vapi.api(self.vapi.papi.ip_route_lookup,
1027 def setUpClass(cls):
1028 super(TestIPv6RouteLookup, cls).setUpClass()
1031 def tearDownClass(cls):
1032 super(TestIPv6RouteLookup, cls).tearDownClass()
1035 super(TestIPv6RouteLookup, self).setUp()
1037 drop_nh = VppRoutePath("::1", 0xffffffff,
1038 type=FibPathType.FIB_PATH_TYPE_DROP)
1041 r = VppIpRoute(self, "2001:1111::", 32, [drop_nh])
1043 self.routes.append(r)
1045 r = VppIpRoute(self, "2001:1111:2222::", 48, [drop_nh])
1047 self.routes.append(r)
1049 r = VppIpRoute(self, "2001:1111:2222::1", 128, [drop_nh])
1051 self.routes.append(r)
1054 # Remove the routes we added
1055 for r in self.routes:
1056 r.remove_vpp_config()
1058 super(TestIPv6RouteLookup, self).tearDown()
1060 def test_exact_match(self):
1061 # Verify we find the host route
1062 prefix = "2001:1111:2222::1/128"
1063 result = self.route_lookup(prefix, True)
1064 assert (prefix == str(result.route.prefix))
1066 # Verify we find a middle prefix route
1067 prefix = "2001:1111:2222::/48"
1068 result = self.route_lookup(prefix, True)
1069 assert (prefix == str(result.route.prefix))
1071 # Verify we do not find an available LPM.
1072 with self.vapi.assert_negative_api_retval():
1073 self.route_lookup("2001::2/128", True)
1075 def test_longest_prefix_match(self):
1076 # verify we find lpm
1077 lpm_prefix = "2001:1111:2222::/48"
1078 result = self.route_lookup("2001:1111:2222::2/128", False)
1079 assert (lpm_prefix == str(result.route.prefix))
1081 # Verify we find the exact when not requested
1082 result = self.route_lookup(lpm_prefix, False)
1083 assert (lpm_prefix == str(result.route.prefix))
1085 # Can't seem to delete the default route so no negative LPM test.
1088 class TestIPv6IfAddrRoute(VppTestCase):
1089 """ IPv6 Interface Addr Route Test Case """
1092 def setUpClass(cls):
1093 super(TestIPv6IfAddrRoute, cls).setUpClass()
1096 def tearDownClass(cls):
1097 super(TestIPv6IfAddrRoute, cls).tearDownClass()
1100 super(TestIPv6IfAddrRoute, self).setUp()
1102 # create 1 pg interface
1103 self.create_pg_interfaces(range(1))
1105 for i in self.pg_interfaces:
1111 super(TestIPv6IfAddrRoute, self).tearDown()
1112 for i in self.pg_interfaces:
1116 def test_ipv6_ifaddrs_same_prefix(self):
1117 """ IPv6 Interface Addresses Same Prefix test
1121 - Verify no route in FIB for prefix 2001:10::/64
1122 - Configure IPv4 address 2001:10::10/64 on an interface
1123 - Verify route in FIB for prefix 2001:10::/64
1124 - Configure IPv4 address 2001:10::20/64 on an interface
1125 - Delete 2001:10::10/64 from interface
1126 - Verify route in FIB for prefix 2001:10::/64
1127 - Delete 2001:10::20/64 from interface
1128 - Verify no route in FIB for prefix 2001:10::/64
1131 addr1 = "2001:10::10"
1132 addr2 = "2001:10::20"
1134 if_addr1 = VppIpInterfaceAddress(self, self.pg0, addr1, 64)
1135 if_addr2 = VppIpInterfaceAddress(self, self.pg0, addr2, 64)
1136 self.assertFalse(if_addr1.query_vpp_config())
1137 self.assertFalse(find_route(self, addr1, 128))
1138 self.assertFalse(find_route(self, addr2, 128))
1140 # configure first address, verify route present
1141 if_addr1.add_vpp_config()
1142 self.assertTrue(if_addr1.query_vpp_config())
1143 self.assertTrue(find_route(self, addr1, 128))
1144 self.assertFalse(find_route(self, addr2, 128))
1146 # configure second address, delete first, verify route not removed
1147 if_addr2.add_vpp_config()
1148 if_addr1.remove_vpp_config()
1149 self.assertFalse(if_addr1.query_vpp_config())
1150 self.assertTrue(if_addr2.query_vpp_config())
1151 self.assertFalse(find_route(self, addr1, 128))
1152 self.assertTrue(find_route(self, addr2, 128))
1154 # delete second address, verify route removed
1155 if_addr2.remove_vpp_config()
1156 self.assertFalse(if_addr1.query_vpp_config())
1157 self.assertFalse(find_route(self, addr1, 128))
1158 self.assertFalse(find_route(self, addr2, 128))
1160 def test_ipv6_ifaddr_del(self):
1161 """ Delete an interface address that does not exist """
1163 loopbacks = self.create_loopback_interfaces(1)
1164 lo = self.lo_interfaces[0]
1170 # try and remove pg0's subnet from lo
1172 with self.vapi.assert_negative_api_retval():
1173 self.vapi.sw_interface_add_del_address(
1174 sw_if_index=lo.sw_if_index,
1175 prefix=self.pg0.local_ip6_prefix,
1179 class TestICMPv6Echo(VppTestCase):
1180 """ ICMPv6 Echo Test Case """
1183 def setUpClass(cls):
1184 super(TestICMPv6Echo, cls).setUpClass()
1187 def tearDownClass(cls):
1188 super(TestICMPv6Echo, cls).tearDownClass()
1191 super(TestICMPv6Echo, self).setUp()
1193 # create 1 pg interface
1194 self.create_pg_interfaces(range(1))
1196 for i in self.pg_interfaces:
1199 i.resolve_ndp(link_layer=True)
1203 super(TestICMPv6Echo, self).tearDown()
1204 for i in self.pg_interfaces:
1208 def test_icmpv6_echo(self):
1209 """ VPP replies to ICMPv6 Echo Request
1213 - Receive ICMPv6 Echo Request message on pg0 interface.
1214 - Check outgoing ICMPv6 Echo Reply message on pg0 interface.
1217 # test both with global and local ipv6 addresses
1218 dsts = (self.pg0.local_ip6, self.pg0.local_ip6_ll)
1224 p.append((Ether(src=self.pg0.remote_mac, dst=self.pg0.local_mac) /
1225 IPv6(src=self.pg0.remote_ip6, dst=dst) /
1226 ICMPv6EchoRequest(id=id, seq=seq, data=data)))
1228 self.pg0.add_stream(p)
1229 self.pg_enable_capture(self.pg_interfaces)
1231 rxs = self.pg0.get_capture(len(dsts))
1233 for rx, dst in zip(rxs, dsts):
1236 icmpv6 = rx[ICMPv6EchoReply]
1237 self.assertEqual(ether.src, self.pg0.local_mac)
1238 self.assertEqual(ether.dst, self.pg0.remote_mac)
1239 self.assertEqual(ipv6.src, dst)
1240 self.assertEqual(ipv6.dst, self.pg0.remote_ip6)
1241 self.assertEqual(icmp6types[icmpv6.type], "Echo Reply")
1242 self.assertEqual(icmpv6.id, id)
1243 self.assertEqual(icmpv6.seq, seq)
1244 self.assertEqual(icmpv6.data, data)
1247 class TestIPv6RD(TestIPv6ND):
1248 """ IPv6 Router Discovery Test Case """
1251 def setUpClass(cls):
1252 super(TestIPv6RD, cls).setUpClass()
1255 def tearDownClass(cls):
1256 super(TestIPv6RD, cls).tearDownClass()
1259 super(TestIPv6RD, self).setUp()
1261 # create 2 pg interfaces
1262 self.create_pg_interfaces(range(2))
1264 self.interfaces = list(self.pg_interfaces)
1266 # setup all interfaces
1267 for i in self.interfaces:
1272 for i in self.interfaces:
1275 super(TestIPv6RD, self).tearDown()
1277 def test_rd_send_router_solicitation(self):
1278 """ Verify router solicitation packets """
1281 self.pg_enable_capture(self.pg_interfaces)
1283 self.vapi.ip6nd_send_router_solicitation(self.pg1.sw_if_index,
1285 rx_list = self.pg1.get_capture(count, timeout=3)
1286 self.assertEqual(len(rx_list), count)
1287 for packet in rx_list:
1288 self.assertEqual(packet.haslayer(IPv6), 1)
1289 self.assertEqual(packet[IPv6].haslayer(
1291 dst = ip6_normalize(packet[IPv6].dst)
1292 dst2 = ip6_normalize("ff02::2")
1293 self.assert_equal(dst, dst2)
1294 src = ip6_normalize(packet[IPv6].src)
1295 src2 = ip6_normalize(self.pg1.local_ip6_ll)
1296 self.assert_equal(src, src2)
1298 bool(packet[ICMPv6ND_RS].haslayer(
1299 ICMPv6NDOptSrcLLAddr)))
1301 packet[ICMPv6NDOptSrcLLAddr].lladdr,
1304 def verify_prefix_info(self, reported_prefix, prefix_option):
1305 prefix = IPv6Network(
1306 text_type(prefix_option.getfieldval("prefix") +
1308 text_type(prefix_option.getfieldval("prefixlen"))),
1310 self.assert_equal(reported_prefix.prefix.network_address,
1311 prefix.network_address)
1312 L = prefix_option.getfieldval("L")
1313 A = prefix_option.getfieldval("A")
1314 option_flags = (L << 7) | (A << 6)
1315 self.assert_equal(reported_prefix.flags, option_flags)
1316 self.assert_equal(reported_prefix.valid_time,
1317 prefix_option.getfieldval("validlifetime"))
1318 self.assert_equal(reported_prefix.preferred_time,
1319 prefix_option.getfieldval("preferredlifetime"))
1321 def test_rd_receive_router_advertisement(self):
1322 """ Verify events triggered by received RA packets """
1324 self.vapi.want_ip6_ra_events(enable=1)
1326 prefix_info_1 = ICMPv6NDOptPrefixInfo(
1330 preferredlifetime=500,
1335 prefix_info_2 = ICMPv6NDOptPrefixInfo(
1339 preferredlifetime=1000,
1344 p = (Ether(dst=self.pg1.local_mac, src=self.pg1.remote_mac) /
1345 IPv6(dst=self.pg1.local_ip6_ll,
1346 src=mk_ll_addr(self.pg1.remote_mac)) /
1350 self.pg1.add_stream([p])
1353 ev = self.vapi.wait_for_event(10, "ip6_ra_event")
1355 self.assert_equal(ev.current_hop_limit, 0)
1356 self.assert_equal(ev.flags, 8)
1357 self.assert_equal(ev.router_lifetime_in_sec, 1800)
1358 self.assert_equal(ev.neighbor_reachable_time_in_msec, 0)
1360 ev.time_in_msec_between_retransmitted_neighbor_solicitations, 0)
1362 self.assert_equal(ev.n_prefixes, 2)
1364 self.verify_prefix_info(ev.prefixes[0], prefix_info_1)
1365 self.verify_prefix_info(ev.prefixes[1], prefix_info_2)
1368 class TestIPv6RDControlPlane(TestIPv6ND):
1369 """ IPv6 Router Discovery Control Plane Test Case """
1372 def setUpClass(cls):
1373 super(TestIPv6RDControlPlane, cls).setUpClass()
1376 def tearDownClass(cls):
1377 super(TestIPv6RDControlPlane, cls).tearDownClass()
1380 super(TestIPv6RDControlPlane, self).setUp()
1382 # create 1 pg interface
1383 self.create_pg_interfaces(range(1))
1385 self.interfaces = list(self.pg_interfaces)
1387 # setup all interfaces
1388 for i in self.interfaces:
1393 super(TestIPv6RDControlPlane, self).tearDown()
1396 def create_ra_packet(pg, routerlifetime=None):
1397 src_ip = pg.remote_ip6_ll
1398 dst_ip = pg.local_ip6
1399 if routerlifetime is not None:
1400 ra = ICMPv6ND_RA(routerlifetime=routerlifetime)
1403 p = (Ether(dst=pg.local_mac, src=pg.remote_mac) /
1404 IPv6(dst=dst_ip, src=src_ip) / ra)
1408 def get_default_routes(fib):
1411 if entry.route.prefix.prefixlen == 0:
1412 for path in entry.route.paths:
1413 if path.sw_if_index != 0xFFFFFFFF:
1415 defaut_route['sw_if_index'] = path.sw_if_index
1416 defaut_route['next_hop'] = path.nh.address.ip6
1417 list.append(defaut_route)
1421 def get_interface_addresses(fib, pg):
1424 if entry.route.prefix.prefixlen == 128:
1425 path = entry.route.paths[0]
1426 if path.sw_if_index == pg.sw_if_index:
1427 list.append(str(entry.route.prefix.network_address))
1430 def wait_for_no_default_route(self, n_tries=50, s_time=1):
1432 fib = self.vapi.ip_route_dump(0, True)
1433 default_routes = self.get_default_routes(fib)
1434 if 0 == len(default_routes):
1436 n_tries = n_tries - 1
1442 """ Test handling of SLAAC addresses and default routes """
1444 fib = self.vapi.ip_route_dump(0, True)
1445 default_routes = self.get_default_routes(fib)
1446 initial_addresses = set(self.get_interface_addresses(fib, self.pg0))
1447 self.assertEqual(default_routes, [])
1448 router_address = IPv6Address(text_type(self.pg0.remote_ip6_ll))
1450 self.vapi.ip6_nd_address_autoconfig(self.pg0.sw_if_index, 1, 1)
1455 packet = (self.create_ra_packet(
1456 self.pg0) / ICMPv6NDOptPrefixInfo(
1460 preferredlifetime=2,
1463 ) / ICMPv6NDOptPrefixInfo(
1467 preferredlifetime=1000,
1471 self.pg0.add_stream([packet])
1474 self.sleep_on_vpp_time(0.1)
1476 fib = self.vapi.ip_route_dump(0, True)
1478 # check FIB for new address
1479 addresses = set(self.get_interface_addresses(fib, self.pg0))
1480 new_addresses = addresses.difference(initial_addresses)
1481 self.assertEqual(len(new_addresses), 1)
1482 prefix = IPv6Network(text_type("%s/%d" % (list(new_addresses)[0], 20)),
1484 self.assertEqual(prefix, IPv6Network(text_type('1::/20')))
1486 # check FIB for new default route
1487 default_routes = self.get_default_routes(fib)
1488 self.assertEqual(len(default_routes), 1)
1489 dr = default_routes[0]
1490 self.assertEqual(dr['sw_if_index'], self.pg0.sw_if_index)
1491 self.assertEqual(dr['next_hop'], router_address)
1493 # send RA to delete default route
1494 packet = self.create_ra_packet(self.pg0, routerlifetime=0)
1495 self.pg0.add_stream([packet])
1498 self.sleep_on_vpp_time(0.1)
1500 # check that default route is deleted
1501 fib = self.vapi.ip_route_dump(0, True)
1502 default_routes = self.get_default_routes(fib)
1503 self.assertEqual(len(default_routes), 0)
1505 self.sleep_on_vpp_time(0.1)
1508 packet = self.create_ra_packet(self.pg0)
1509 self.pg0.add_stream([packet])
1512 self.sleep_on_vpp_time(0.1)
1514 # check FIB for new default route
1515 fib = self.vapi.ip_route_dump(0, True)
1516 default_routes = self.get_default_routes(fib)
1517 self.assertEqual(len(default_routes), 1)
1518 dr = default_routes[0]
1519 self.assertEqual(dr['sw_if_index'], self.pg0.sw_if_index)
1520 self.assertEqual(dr['next_hop'], router_address)
1522 # send RA, updating router lifetime to 1s
1523 packet = self.create_ra_packet(self.pg0, 1)
1524 self.pg0.add_stream([packet])
1527 self.sleep_on_vpp_time(0.1)
1529 # check that default route still exists
1530 fib = self.vapi.ip_route_dump(0, True)
1531 default_routes = self.get_default_routes(fib)
1532 self.assertEqual(len(default_routes), 1)
1533 dr = default_routes[0]
1534 self.assertEqual(dr['sw_if_index'], self.pg0.sw_if_index)
1535 self.assertEqual(dr['next_hop'], router_address)
1537 self.sleep_on_vpp_time(1)
1539 # check that default route is deleted
1540 self.assertTrue(self.wait_for_no_default_route())
1542 # check FIB still contains the SLAAC address
1543 addresses = set(self.get_interface_addresses(fib, self.pg0))
1544 new_addresses = addresses.difference(initial_addresses)
1546 self.assertEqual(len(new_addresses), 1)
1547 prefix = IPv6Network(text_type("%s/%d" % (list(new_addresses)[0], 20)),
1549 self.assertEqual(prefix, IPv6Network(text_type('1::/20')))
1551 self.sleep_on_vpp_time(1)
1553 # check that SLAAC address is deleted
1554 fib = self.vapi.ip_route_dump(0, True)
1555 addresses = set(self.get_interface_addresses(fib, self.pg0))
1556 new_addresses = addresses.difference(initial_addresses)
1557 self.assertEqual(len(new_addresses), 0)
1560 class IPv6NDProxyTest(TestIPv6ND):
1561 """ IPv6 ND ProxyTest Case """
1564 def setUpClass(cls):
1565 super(IPv6NDProxyTest, cls).setUpClass()
1568 def tearDownClass(cls):
1569 super(IPv6NDProxyTest, cls).tearDownClass()
1572 super(IPv6NDProxyTest, self).setUp()
1574 # create 3 pg interfaces
1575 self.create_pg_interfaces(range(3))
1577 # pg0 is the master interface, with the configured subnet
1579 self.pg0.config_ip6()
1580 self.pg0.resolve_ndp()
1582 self.pg1.ip6_enable()
1583 self.pg2.ip6_enable()
1586 super(IPv6NDProxyTest, self).tearDown()
1588 def test_nd_proxy(self):
1589 """ IPv6 Proxy ND """
1592 # Generate some hosts in the subnet that we are proxying
1594 self.pg0.generate_remote_hosts(8)
1596 nsma = in6_getnsma(inet_pton(AF_INET6, self.pg0.local_ip6))
1597 d = inet_ntop(AF_INET6, nsma)
1600 # Send an NS for one of those remote hosts on one of the proxy links
1601 # expect no response since it's from an address that is not
1602 # on the link that has the prefix configured
1604 ns_pg1 = (Ether(dst=in6_getnsmac(nsma), src=self.pg1.remote_mac) /
1606 src=self.pg0._remote_hosts[2].ip6) /
1607 ICMPv6ND_NS(tgt=self.pg0.local_ip6) /
1608 ICMPv6NDOptSrcLLAddr(
1609 lladdr=self.pg0._remote_hosts[2].mac))
1611 self.send_and_assert_no_replies(self.pg1, ns_pg1, "Off link NS")
1614 # Add proxy support for the host
1616 self.vapi.ip6nd_proxy_add_del(
1617 is_add=1, ip=inet_pton(AF_INET6, self.pg0._remote_hosts[2].ip6),
1618 sw_if_index=self.pg1.sw_if_index)
1621 # try that NS again. this time we expect an NA back
1623 self.send_and_expect_na(self.pg1, ns_pg1,
1624 "NS to proxy entry",
1625 dst_ip=self.pg0._remote_hosts[2].ip6,
1626 tgt_ip=self.pg0.local_ip6)
1629 # ... and that we have an entry in the ND cache
1631 self.assertTrue(find_nbr(self,
1632 self.pg1.sw_if_index,
1633 self.pg0._remote_hosts[2].ip6))
1636 # ... and we can route traffic to it
1638 t = (Ether(dst=self.pg0.local_mac, src=self.pg0.remote_mac) /
1639 IPv6(dst=self.pg0._remote_hosts[2].ip6,
1640 src=self.pg0.remote_ip6) /
1641 inet6.UDP(sport=10000, dport=20000) /
1644 self.pg0.add_stream(t)
1645 self.pg_enable_capture(self.pg_interfaces)
1647 rx = self.pg1.get_capture(1)
1650 self.assertEqual(rx[Ether].dst, self.pg0._remote_hosts[2].mac)
1651 self.assertEqual(rx[Ether].src, self.pg1.local_mac)
1653 self.assertEqual(rx[IPv6].src,
1655 self.assertEqual(rx[IPv6].dst,
1659 # Test we proxy for the host on the main interface
1661 ns_pg0 = (Ether(dst=in6_getnsmac(nsma), src=self.pg0.remote_mac) /
1662 IPv6(dst=d, src=self.pg0.remote_ip6) /
1664 tgt=self.pg0._remote_hosts[2].ip6) /
1665 ICMPv6NDOptSrcLLAddr(
1666 lladdr=self.pg0.remote_mac))
1668 self.send_and_expect_na(self.pg0, ns_pg0,
1669 "NS to proxy entry on main",
1670 tgt_ip=self.pg0._remote_hosts[2].ip6,
1671 dst_ip=self.pg0.remote_ip6)
1674 # Setup and resolve proxy for another host on another interface
1676 ns_pg2 = (Ether(dst=in6_getnsmac(nsma), src=self.pg2.remote_mac) /
1678 src=self.pg0._remote_hosts[3].ip6) /
1679 ICMPv6ND_NS(tgt=self.pg0.local_ip6) /
1680 ICMPv6NDOptSrcLLAddr(
1681 lladdr=self.pg0._remote_hosts[2].mac))
1683 self.vapi.ip6nd_proxy_add_del(
1684 is_add=1, ip=inet_pton(AF_INET6, self.pg0._remote_hosts[3].ip6),
1685 sw_if_index=self.pg2.sw_if_index)
1687 self.send_and_expect_na(self.pg2, ns_pg2,
1688 "NS to proxy entry other interface",
1689 dst_ip=self.pg0._remote_hosts[3].ip6,
1690 tgt_ip=self.pg0.local_ip6)
1692 self.assertTrue(find_nbr(self,
1693 self.pg2.sw_if_index,
1694 self.pg0._remote_hosts[3].ip6))
1697 # hosts can communicate. pg2->pg1
1699 t2 = (Ether(dst=self.pg2.local_mac,
1700 src=self.pg0.remote_hosts[3].mac) /
1701 IPv6(dst=self.pg0._remote_hosts[2].ip6,
1702 src=self.pg0._remote_hosts[3].ip6) /
1703 inet6.UDP(sport=10000, dport=20000) /
1706 self.pg2.add_stream(t2)
1707 self.pg_enable_capture(self.pg_interfaces)
1709 rx = self.pg1.get_capture(1)
1712 self.assertEqual(rx[Ether].dst, self.pg0._remote_hosts[2].mac)
1713 self.assertEqual(rx[Ether].src, self.pg1.local_mac)
1715 self.assertEqual(rx[IPv6].src,
1717 self.assertEqual(rx[IPv6].dst,
1721 # remove the proxy configs
1723 self.vapi.ip6nd_proxy_add_del(
1724 ip=inet_pton(AF_INET6, self.pg0._remote_hosts[2].ip6),
1725 sw_if_index=self.pg1.sw_if_index, is_add=0)
1726 self.vapi.ip6nd_proxy_add_del(
1727 ip=inet_pton(AF_INET6, self.pg0._remote_hosts[3].ip6),
1728 sw_if_index=self.pg2.sw_if_index, is_add=0)
1730 self.assertFalse(find_nbr(self,
1731 self.pg2.sw_if_index,
1732 self.pg0._remote_hosts[3].ip6))
1733 self.assertFalse(find_nbr(self,
1734 self.pg1.sw_if_index,
1735 self.pg0._remote_hosts[2].ip6))
1738 # no longer proxy-ing...
1740 self.send_and_assert_no_replies(self.pg0, ns_pg0, "Proxy unconfigured")
1741 self.send_and_assert_no_replies(self.pg1, ns_pg1, "Proxy unconfigured")
1742 self.send_and_assert_no_replies(self.pg2, ns_pg2, "Proxy unconfigured")
1745 # no longer forwarding. traffic generates NS out of the glean/main
1748 self.pg2.add_stream(t2)
1749 self.pg_enable_capture(self.pg_interfaces)
1752 rx = self.pg0.get_capture(1)
1754 self.assertTrue(rx[0].haslayer(ICMPv6ND_NS))
1757 class TestIPNull(VppTestCase):
1758 """ IPv6 routes via NULL """
1761 def setUpClass(cls):
1762 super(TestIPNull, cls).setUpClass()
1765 def tearDownClass(cls):
1766 super(TestIPNull, cls).tearDownClass()
1769 super(TestIPNull, self).setUp()
1771 # create 2 pg interfaces
1772 self.create_pg_interfaces(range(1))
1774 for i in self.pg_interfaces:
1780 super(TestIPNull, self).tearDown()
1781 for i in self.pg_interfaces:
1785 def test_ip_null(self):
1786 """ IP NULL route """
1788 p = (Ether(src=self.pg0.remote_mac,
1789 dst=self.pg0.local_mac) /
1790 IPv6(src=self.pg0.remote_ip6, dst="2001::1") /
1791 inet6.UDP(sport=1234, dport=1234) /
1795 # A route via IP NULL that will reply with ICMP unreachables
1797 ip_unreach = VppIpRoute(
1799 [VppRoutePath("::", 0xffffffff,
1800 type=FibPathType.FIB_PATH_TYPE_ICMP_UNREACH)])
1801 ip_unreach.add_vpp_config()
1803 self.pg0.add_stream(p)
1804 self.pg_enable_capture(self.pg_interfaces)
1807 rx = self.pg0.get_capture(1)
1809 icmp = rx[ICMPv6DestUnreach]
1811 # 0 = "No route to destination"
1812 self.assertEqual(icmp.code, 0)
1814 # ICMP is rate limited. pause a bit
1818 # A route via IP NULL that will reply with ICMP prohibited
1820 ip_prohibit = VppIpRoute(
1821 self, "2001::1", 128,
1822 [VppRoutePath("::", 0xffffffff,
1823 type=FibPathType.FIB_PATH_TYPE_ICMP_PROHIBIT)])
1824 ip_prohibit.add_vpp_config()
1826 self.pg0.add_stream(p)
1827 self.pg_enable_capture(self.pg_interfaces)
1830 rx = self.pg0.get_capture(1)
1832 icmp = rx[ICMPv6DestUnreach]
1834 # 1 = "Communication with destination administratively prohibited"
1835 self.assertEqual(icmp.code, 1)
1838 class TestIPDisabled(VppTestCase):
1839 """ IPv6 disabled """
1842 def setUpClass(cls):
1843 super(TestIPDisabled, cls).setUpClass()
1846 def tearDownClass(cls):
1847 super(TestIPDisabled, cls).tearDownClass()
1850 super(TestIPDisabled, self).setUp()
1852 # create 2 pg interfaces
1853 self.create_pg_interfaces(range(2))
1857 self.pg0.config_ip6()
1858 self.pg0.resolve_ndp()
1860 # PG 1 is not IP enabled
1864 super(TestIPDisabled, self).tearDown()
1865 for i in self.pg_interfaces:
1869 def test_ip_disabled(self):
1872 MRouteItfFlags = VppEnum.vl_api_mfib_itf_flags_t
1873 MRouteEntryFlags = VppEnum.vl_api_mfib_entry_flags_t
1876 # one accepting interface, pg0, 2 forwarding interfaces
1878 route_ff_01 = VppIpMRoute(
1882 MRouteEntryFlags.MFIB_API_ENTRY_FLAG_NONE,
1883 [VppMRoutePath(self.pg1.sw_if_index,
1884 MRouteItfFlags.MFIB_API_ITF_FLAG_ACCEPT),
1885 VppMRoutePath(self.pg0.sw_if_index,
1886 MRouteItfFlags.MFIB_API_ITF_FLAG_FORWARD)])
1887 route_ff_01.add_vpp_config()
1889 pu = (Ether(src=self.pg1.remote_mac,
1890 dst=self.pg1.local_mac) /
1891 IPv6(src="2001::1", dst=self.pg0.remote_ip6) /
1892 inet6.UDP(sport=1234, dport=1234) /
1894 pm = (Ether(src=self.pg1.remote_mac,
1895 dst=self.pg1.local_mac) /
1896 IPv6(src="2001::1", dst="ffef::1") /
1897 inet6.UDP(sport=1234, dport=1234) /
1901 # PG1 does not forward IP traffic
1903 self.send_and_assert_no_replies(self.pg1, pu, "IPv6 disabled")
1904 self.send_and_assert_no_replies(self.pg1, pm, "IPv6 disabled")
1909 self.pg1.config_ip6()
1912 # Now we get packets through
1914 self.pg1.add_stream(pu)
1915 self.pg_enable_capture(self.pg_interfaces)
1917 rx = self.pg0.get_capture(1)
1919 self.pg1.add_stream(pm)
1920 self.pg_enable_capture(self.pg_interfaces)
1922 rx = self.pg0.get_capture(1)
1927 self.pg1.unconfig_ip6()
1930 # PG1 does not forward IP traffic
1932 self.send_and_assert_no_replies(self.pg1, pu, "IPv6 disabled")
1933 self.send_and_assert_no_replies(self.pg1, pm, "IPv6 disabled")
1936 class TestIP6LoadBalance(VppTestCase):
1937 """ IPv6 Load-Balancing """
1940 def setUpClass(cls):
1941 super(TestIP6LoadBalance, cls).setUpClass()
1944 def tearDownClass(cls):
1945 super(TestIP6LoadBalance, cls).tearDownClass()
1948 super(TestIP6LoadBalance, self).setUp()
1950 self.create_pg_interfaces(range(5))
1952 mpls_tbl = VppMplsTable(self, 0)
1953 mpls_tbl.add_vpp_config()
1955 for i in self.pg_interfaces:
1962 for i in self.pg_interfaces:
1966 super(TestIP6LoadBalance, self).tearDown()
1968 def pg_send(self, input, pkts):
1969 self.vapi.cli("clear trace")
1970 input.add_stream(pkts)
1971 self.pg_enable_capture(self.pg_interfaces)
1974 def send_and_expect_load_balancing(self, input, pkts, outputs):
1975 self.pg_send(input, pkts)
1978 rx = oo._get_capture(1)
1979 self.assertNotEqual(0, len(rx))
1983 def send_and_expect_one_itf(self, input, pkts, itf):
1984 self.pg_send(input, pkts)
1985 rx = itf.get_capture(len(pkts))
1987 def test_ip6_load_balance(self):
1988 """ IPv6 Load-Balancing """
1991 # An array of packets that differ only in the destination port
1995 # - MPLS non-EOS with an entropy label
1999 port_mpls_neos_pkts = []
2003 # An array of packets that differ only in the source address
2008 for ii in range(NUM_PKTS):
2010 IPv6(dst="3000::1", src="3000:1::1") /
2011 inet6.UDP(sport=1234, dport=1234 + ii) /
2013 port_ip_pkts.append((Ether(src=self.pg0.remote_mac,
2014 dst=self.pg0.local_mac) /
2016 port_mpls_pkts.append((Ether(src=self.pg0.remote_mac,
2017 dst=self.pg0.local_mac) /
2018 MPLS(label=66, ttl=2) /
2020 port_mpls_neos_pkts.append((Ether(src=self.pg0.remote_mac,
2021 dst=self.pg0.local_mac) /
2022 MPLS(label=67, ttl=2) /
2023 MPLS(label=77, ttl=2) /
2025 port_ent_pkts.append((Ether(src=self.pg0.remote_mac,
2026 dst=self.pg0.local_mac) /
2027 MPLS(label=67, ttl=2) /
2028 MPLS(label=14, ttl=2) /
2029 MPLS(label=999, ttl=2) /
2032 IPv6(dst="3000::1", src="3000:1::%d" % ii) /
2033 inet6.UDP(sport=1234, dport=1234) /
2035 src_ip_pkts.append((Ether(src=self.pg0.remote_mac,
2036 dst=self.pg0.local_mac) /
2038 src_mpls_pkts.append((Ether(src=self.pg0.remote_mac,
2039 dst=self.pg0.local_mac) /
2040 MPLS(label=66, ttl=2) /
2044 # A route for the IP packets
2046 route_3000_1 = VppIpRoute(self, "3000::1", 128,
2047 [VppRoutePath(self.pg1.remote_ip6,
2048 self.pg1.sw_if_index),
2049 VppRoutePath(self.pg2.remote_ip6,
2050 self.pg2.sw_if_index)])
2051 route_3000_1.add_vpp_config()
2054 # a local-label for the EOS packets
2056 binding = VppMplsIpBind(self, 66, "3000::1", 128, is_ip6=1)
2057 binding.add_vpp_config()
2060 # An MPLS route for the non-EOS packets
2062 route_67 = VppMplsRoute(self, 67, 0,
2063 [VppRoutePath(self.pg1.remote_ip6,
2064 self.pg1.sw_if_index,
2066 VppRoutePath(self.pg2.remote_ip6,
2067 self.pg2.sw_if_index,
2069 route_67.add_vpp_config()
2072 # inject the packet on pg0 - expect load-balancing across the 2 paths
2073 # - since the default hash config is to use IP src,dst and port
2075 # We are not going to ensure equal amounts of packets across each link,
2076 # since the hash algorithm is statistical and therefore this can never
2077 # be guaranteed. But with 64 different packets we do expect some
2078 # balancing. So instead just ensure there is traffic on each link.
2080 rx = self.send_and_expect_load_balancing(self.pg0, port_ip_pkts,
2081 [self.pg1, self.pg2])
2082 n_ip_pg0 = len(rx[0])
2083 self.send_and_expect_load_balancing(self.pg0, src_ip_pkts,
2084 [self.pg1, self.pg2])
2085 self.send_and_expect_load_balancing(self.pg0, port_mpls_pkts,
2086 [self.pg1, self.pg2])
2087 self.send_and_expect_load_balancing(self.pg0, src_mpls_pkts,
2088 [self.pg1, self.pg2])
2089 rx = self.send_and_expect_load_balancing(self.pg0, port_mpls_neos_pkts,
2090 [self.pg1, self.pg2])
2091 n_mpls_pg0 = len(rx[0])
2094 # change the router ID and expect the distribution changes
2096 self.vapi.set_ip_flow_hash_router_id(router_id=0x11111111)
2098 rx = self.send_and_expect_load_balancing(self.pg0, port_ip_pkts,
2099 [self.pg1, self.pg2])
2100 self.assertNotEqual(n_ip_pg0, len(rx[0]))
2102 rx = self.send_and_expect_load_balancing(self.pg0, src_mpls_pkts,
2103 [self.pg1, self.pg2])
2104 self.assertNotEqual(n_mpls_pg0, len(rx[0]))
2107 # The packets with Entropy label in should not load-balance,
2108 # since the Entropy value is fixed.
2110 self.send_and_expect_one_itf(self.pg0, port_ent_pkts, self.pg1)
2113 # change the flow hash config so it's only IP src,dst
2114 # - now only the stream with differing source address will
2117 self.vapi.set_ip_flow_hash(vrf_id=0, src=1, dst=1, proto=1,
2118 sport=0, dport=0, is_ipv6=1)
2120 self.send_and_expect_load_balancing(self.pg0, src_ip_pkts,
2121 [self.pg1, self.pg2])
2122 self.send_and_expect_load_balancing(self.pg0, src_mpls_pkts,
2123 [self.pg1, self.pg2])
2124 self.send_and_expect_one_itf(self.pg0, port_ip_pkts, self.pg2)
2127 # change the flow hash config back to defaults
2129 self.vapi.set_ip_flow_hash(vrf_id=0, src=1, dst=1, sport=1, dport=1,
2133 # Recursive prefixes
2134 # - testing that 2 stages of load-balancing occurs and there is no
2135 # polarisation (i.e. only 2 of 4 paths are used)
2140 for ii in range(257):
2141 port_pkts.append((Ether(src=self.pg0.remote_mac,
2142 dst=self.pg0.local_mac) /
2145 inet6.UDP(sport=1234,
2147 Raw(b'\xa5' * 100)))
2148 src_pkts.append((Ether(src=self.pg0.remote_mac,
2149 dst=self.pg0.local_mac) /
2151 src="4000:1::%d" % ii) /
2152 inet6.UDP(sport=1234, dport=1234) /
2153 Raw(b'\xa5' * 100)))
2155 route_3000_2 = VppIpRoute(self, "3000::2", 128,
2156 [VppRoutePath(self.pg3.remote_ip6,
2157 self.pg3.sw_if_index),
2158 VppRoutePath(self.pg4.remote_ip6,
2159 self.pg4.sw_if_index)])
2160 route_3000_2.add_vpp_config()
2162 route_4000_1 = VppIpRoute(self, "4000::1", 128,
2163 [VppRoutePath("3000::1",
2165 VppRoutePath("3000::2",
2167 route_4000_1.add_vpp_config()
2170 # inject the packet on pg0 - expect load-balancing across all 4 paths
2172 self.vapi.cli("clear trace")
2173 self.send_and_expect_load_balancing(self.pg0, port_pkts,
2174 [self.pg1, self.pg2,
2175 self.pg3, self.pg4])
2176 self.send_and_expect_load_balancing(self.pg0, src_pkts,
2177 [self.pg1, self.pg2,
2178 self.pg3, self.pg4])
2181 # Recursive prefixes
2182 # - testing that 2 stages of load-balancing no choices
2186 for ii in range(257):
2187 port_pkts.append((Ether(src=self.pg0.remote_mac,
2188 dst=self.pg0.local_mac) /
2191 inet6.UDP(sport=1234,
2193 Raw(b'\xa5' * 100)))
2195 route_5000_2 = VppIpRoute(self, "5000::2", 128,
2196 [VppRoutePath(self.pg3.remote_ip6,
2197 self.pg3.sw_if_index)])
2198 route_5000_2.add_vpp_config()
2200 route_6000_1 = VppIpRoute(self, "6000::1", 128,
2201 [VppRoutePath("5000::2",
2203 route_6000_1.add_vpp_config()
2206 # inject the packet on pg0 - expect load-balancing across all 4 paths
2208 self.vapi.cli("clear trace")
2209 self.send_and_expect_one_itf(self.pg0, port_pkts, self.pg3)
2212 class IP6PuntSetup(object):
2213 """ Setup for IPv6 Punt Police/Redirect """
2215 def punt_setup(self):
2216 self.create_pg_interfaces(range(4))
2218 for i in self.pg_interfaces:
2223 self.pkt = (Ether(src=self.pg0.remote_mac,
2224 dst=self.pg0.local_mac) /
2225 IPv6(src=self.pg0.remote_ip6,
2226 dst=self.pg0.local_ip6) /
2227 inet6.TCP(sport=1234, dport=1234) /
2230 def punt_teardown(self):
2231 for i in self.pg_interfaces:
2236 class TestIP6Punt(IP6PuntSetup, VppTestCase):
2237 """ IPv6 Punt Police/Redirect """
2240 super(TestIP6Punt, self).setUp()
2241 super(TestIP6Punt, self).punt_setup()
2244 super(TestIP6Punt, self).punt_teardown()
2245 super(TestIP6Punt, self).tearDown()
2247 def test_ip_punt(self):
2248 """ IP6 punt police and redirect """
2250 pkts = self.pkt * 1025
2253 # Configure a punt redirect via pg1.
2255 nh_addr = self.pg1.remote_ip6
2256 ip_punt_redirect = VppIpPuntRedirect(self, self.pg0.sw_if_index,
2257 self.pg1.sw_if_index, nh_addr)
2258 ip_punt_redirect.add_vpp_config()
2260 self.send_and_expect(self.pg0, pkts, self.pg1)
2265 policer = VppPolicer(self, "ip6-punt", 400, 0, 10, 0, rate_type=1)
2266 policer.add_vpp_config()
2267 ip_punt_policer = VppIpPuntPolicer(self, policer.policer_index,
2269 ip_punt_policer.add_vpp_config()
2271 self.vapi.cli("clear trace")
2272 self.pg0.add_stream(pkts)
2273 self.pg_enable_capture(self.pg_interfaces)
2277 # the number of packet received should be greater than 0,
2278 # but not equal to the number sent, since some were policed
2280 rx = self.pg1._get_capture(1)
2281 stats = policer.get_stats()
2283 # Single rate policer - expect conform, violate but no exceed
2284 self.assertGreater(stats['conform_packets'], 0)
2285 self.assertEqual(stats['exceed_packets'], 0)
2286 self.assertGreater(stats['violate_packets'], 0)
2288 self.assertGreater(len(rx), 0)
2289 self.assertLess(len(rx), len(pkts))
2292 # remove the policer. back to full rx
2294 ip_punt_policer.remove_vpp_config()
2295 policer.remove_vpp_config()
2296 self.send_and_expect(self.pg0, pkts, self.pg1)
2299 # remove the redirect. expect full drop.
2301 ip_punt_redirect.remove_vpp_config()
2302 self.send_and_assert_no_replies(self.pg0, pkts,
2303 "IP no punt config")
2306 # Add a redirect that is not input port selective
2308 ip_punt_redirect = VppIpPuntRedirect(self, 0xffffffff,
2309 self.pg1.sw_if_index, nh_addr)
2310 ip_punt_redirect.add_vpp_config()
2311 self.send_and_expect(self.pg0, pkts, self.pg1)
2312 ip_punt_redirect.remove_vpp_config()
2314 def test_ip_punt_dump(self):
2315 """ IP6 punt redirect dump"""
2318 # Configure a punt redirects
2320 nh_address = self.pg3.remote_ip6
2321 ipr_03 = VppIpPuntRedirect(self, self.pg0.sw_if_index,
2322 self.pg3.sw_if_index, nh_address)
2323 ipr_13 = VppIpPuntRedirect(self, self.pg1.sw_if_index,
2324 self.pg3.sw_if_index, nh_address)
2325 ipr_23 = VppIpPuntRedirect(self, self.pg2.sw_if_index,
2326 self.pg3.sw_if_index, '0::0')
2327 ipr_03.add_vpp_config()
2328 ipr_13.add_vpp_config()
2329 ipr_23.add_vpp_config()
2332 # Dump pg0 punt redirects
2334 self.assertTrue(ipr_03.query_vpp_config())
2335 self.assertTrue(ipr_13.query_vpp_config())
2336 self.assertTrue(ipr_23.query_vpp_config())
2339 # Dump punt redirects for all interfaces
2341 punts = self.vapi.ip_punt_redirect_dump(0xffffffff, is_ipv6=1)
2342 self.assertEqual(len(punts), 3)
2344 self.assertEqual(p.punt.tx_sw_if_index, self.pg3.sw_if_index)
2345 self.assertNotEqual(punts[1].punt.nh, self.pg3.remote_ip6)
2346 self.assertEqual(str(punts[2].punt.nh), '::')
2349 class TestIP6PuntHandoff(IP6PuntSetup, VppTestCase):
2350 """ IPv6 Punt Police/Redirect """
2351 vpp_worker_count = 2
2354 super(TestIP6PuntHandoff, self).setUp()
2355 super(TestIP6PuntHandoff, self).punt_setup()
2358 super(TestIP6PuntHandoff, self).punt_teardown()
2359 super(TestIP6PuntHandoff, self).tearDown()
2361 def test_ip_punt(self):
2362 """ IP6 punt policer thread handoff """
2363 pkts = self.pkt * NUM_PKTS
2366 # Configure a punt redirect via pg1.
2368 nh_addr = self.pg1.remote_ip6
2369 ip_punt_redirect = VppIpPuntRedirect(self, self.pg0.sw_if_index,
2370 self.pg1.sw_if_index, nh_addr)
2371 ip_punt_redirect.add_vpp_config()
2373 action_tx = PolicerAction(
2374 VppEnum.vl_api_sse2_qos_action_type_t.SSE2_QOS_ACTION_API_TRANSMIT,
2377 # This policer drops no packets, we are just
2378 # testing that they get to the right thread.
2380 policer = VppPolicer(self, "ip6-punt", 400, 0, 10, 0, 1,
2381 0, 0, False, action_tx, action_tx, action_tx)
2382 policer.add_vpp_config()
2383 ip_punt_policer = VppIpPuntPolicer(self, policer.policer_index,
2385 ip_punt_policer.add_vpp_config()
2387 for worker in [0, 1]:
2388 self.send_and_expect(self.pg0, pkts, self.pg1, worker=worker)
2390 self.logger.debug(self.vapi.cli("show trace max 100"))
2392 # Combined stats, all threads
2393 stats = policer.get_stats()
2395 # Single rate policer - expect conform, violate but no exceed
2396 self.assertGreater(stats['conform_packets'], 0)
2397 self.assertEqual(stats['exceed_packets'], 0)
2398 self.assertGreater(stats['violate_packets'], 0)
2400 # Worker 0, should have done all the policing
2401 stats0 = policer.get_stats(worker=0)
2402 self.assertEqual(stats, stats0)
2404 # Worker 1, should have handed everything off
2405 stats1 = policer.get_stats(worker=1)
2406 self.assertEqual(stats1['conform_packets'], 0)
2407 self.assertEqual(stats1['exceed_packets'], 0)
2408 self.assertEqual(stats1['violate_packets'], 0)
2410 # Bind the policer to worker 1 and repeat
2411 policer.bind_vpp_config(1, True)
2412 for worker in [0, 1]:
2413 self.send_and_expect(self.pg0, pkts, self.pg1, worker=worker)
2414 self.logger.debug(self.vapi.cli("show trace max 100"))
2416 # The 2 workers should now have policed the same amount
2417 stats = policer.get_stats()
2418 stats0 = policer.get_stats(worker=0)
2419 stats1 = policer.get_stats(worker=1)
2421 self.assertGreater(stats0['conform_packets'], 0)
2422 self.assertEqual(stats0['exceed_packets'], 0)
2423 self.assertGreater(stats0['violate_packets'], 0)
2425 self.assertGreater(stats1['conform_packets'], 0)
2426 self.assertEqual(stats1['exceed_packets'], 0)
2427 self.assertGreater(stats1['violate_packets'], 0)
2429 self.assertEqual(stats0['conform_packets'] + stats1['conform_packets'],
2430 stats['conform_packets'])
2432 self.assertEqual(stats0['violate_packets'] + stats1['violate_packets'],
2433 stats['violate_packets'])
2435 # Unbind the policer and repeat
2436 policer.bind_vpp_config(1, False)
2437 for worker in [0, 1]:
2438 self.send_and_expect(self.pg0, pkts, self.pg1, worker=worker)
2439 self.logger.debug(self.vapi.cli("show trace max 100"))
2441 # The policer should auto-bind to worker 0 when packets arrive
2442 stats = policer.get_stats()
2443 stats0new = policer.get_stats(worker=0)
2444 stats1new = policer.get_stats(worker=1)
2446 self.assertGreater(stats0new['conform_packets'],
2447 stats0['conform_packets'])
2448 self.assertEqual(stats0new['exceed_packets'], 0)
2449 self.assertGreater(stats0new['violate_packets'],
2450 stats0['violate_packets'])
2452 self.assertEqual(stats1, stats1new)
2457 ip_punt_policer.remove_vpp_config()
2458 policer.remove_vpp_config()
2459 ip_punt_redirect.remove_vpp_config()
2462 class TestIPDeag(VppTestCase):
2463 """ IPv6 Deaggregate Routes """
2466 def setUpClass(cls):
2467 super(TestIPDeag, cls).setUpClass()
2470 def tearDownClass(cls):
2471 super(TestIPDeag, cls).tearDownClass()
2474 super(TestIPDeag, self).setUp()
2476 self.create_pg_interfaces(range(3))
2478 for i in self.pg_interfaces:
2484 super(TestIPDeag, self).tearDown()
2485 for i in self.pg_interfaces:
2489 def test_ip_deag(self):
2490 """ IP Deag Routes """
2493 # Create a table to be used for:
2494 # 1 - another destination address lookup
2495 # 2 - a source address lookup
2497 table_dst = VppIpTable(self, 1, is_ip6=1)
2498 table_src = VppIpTable(self, 2, is_ip6=1)
2499 table_dst.add_vpp_config()
2500 table_src.add_vpp_config()
2503 # Add a route in the default table to point to a deag/
2504 # second lookup in each of these tables
2506 route_to_dst = VppIpRoute(self, "1::1", 128,
2510 route_to_src = VppIpRoute(
2515 type=FibPathType.FIB_PATH_TYPE_SOURCE_LOOKUP)])
2517 route_to_dst.add_vpp_config()
2518 route_to_src.add_vpp_config()
2521 # packets to these destination are dropped, since they'll
2522 # hit the respective default routes in the second table
2524 p_dst = (Ether(src=self.pg0.remote_mac,
2525 dst=self.pg0.local_mac) /
2526 IPv6(src="5::5", dst="1::1") /
2527 inet6.TCP(sport=1234, dport=1234) /
2529 p_src = (Ether(src=self.pg0.remote_mac,
2530 dst=self.pg0.local_mac) /
2531 IPv6(src="2::2", dst="1::2") /
2532 inet6.TCP(sport=1234, dport=1234) /
2534 pkts_dst = p_dst * 257
2535 pkts_src = p_src * 257
2537 self.send_and_assert_no_replies(self.pg0, pkts_dst,
2539 self.send_and_assert_no_replies(self.pg0, pkts_src,
2543 # add a route in the dst table to forward via pg1
2545 route_in_dst = VppIpRoute(self, "1::1", 128,
2546 [VppRoutePath(self.pg1.remote_ip6,
2547 self.pg1.sw_if_index)],
2549 route_in_dst.add_vpp_config()
2551 self.send_and_expect(self.pg0, pkts_dst, self.pg1)
2554 # add a route in the src table to forward via pg2
2556 route_in_src = VppIpRoute(self, "2::2", 128,
2557 [VppRoutePath(self.pg2.remote_ip6,
2558 self.pg2.sw_if_index)],
2560 route_in_src.add_vpp_config()
2561 self.send_and_expect(self.pg0, pkts_src, self.pg2)
2564 # loop in the lookup DP
2566 route_loop = VppIpRoute(self, "3::3", 128,
2569 route_loop.add_vpp_config()
2571 p_l = (Ether(src=self.pg0.remote_mac,
2572 dst=self.pg0.local_mac) /
2573 IPv6(src="3::4", dst="3::3") /
2574 inet6.TCP(sport=1234, dport=1234) /
2577 self.send_and_assert_no_replies(self.pg0, p_l * 257,
2581 class TestIP6Input(VppTestCase):
2582 """ IPv6 Input Exception Test Cases """
2585 def setUpClass(cls):
2586 super(TestIP6Input, cls).setUpClass()
2589 def tearDownClass(cls):
2590 super(TestIP6Input, cls).tearDownClass()
2593 super(TestIP6Input, self).setUp()
2595 self.create_pg_interfaces(range(2))
2597 for i in self.pg_interfaces:
2603 super(TestIP6Input, self).tearDown()
2604 for i in self.pg_interfaces:
2608 def test_ip_input_icmp_reply(self):
2609 """ IP6 Input Exception - Return ICMP (3,0) """
2611 # hop limit - ICMP replies
2613 p_version = (Ether(src=self.pg0.remote_mac,
2614 dst=self.pg0.local_mac) /
2615 IPv6(src=self.pg0.remote_ip6,
2616 dst=self.pg1.remote_ip6,
2618 inet6.UDP(sport=1234, dport=1234) /
2621 rx = self.send_and_expect(self.pg0, p_version * NUM_PKTS, self.pg0)
2623 icmp = rx[ICMPv6TimeExceeded]
2625 # 0: "hop limit exceeded in transit",
2626 self.assertEqual((icmp.type, icmp.code), (3, 0))
2628 icmpv6_data = '\x0a' * 18
2630 all_1s = "FFFF:FFFF:FFFF:FFFF:FFFF:FFFF:FFFF:FFFF"
2632 @parameterized.expand([
2633 # Name, src, dst, l4proto, msg, timeout
2634 ("src='iface', dst='iface'", None, None,
2635 inet6.UDP(sport=1234, dport=1234), "funky version", None),
2636 ("src='All 0's', dst='iface'", all_0s, None,
2637 ICMPv6EchoRequest(id=0xb, seq=5, data=icmpv6_data), None, 0.1),
2638 ("src='iface', dst='All 0's'", None, all_0s,
2639 ICMPv6EchoRequest(id=0xb, seq=5, data=icmpv6_data), None, 0.1),
2640 ("src='All 1's', dst='iface'", all_1s, None,
2641 ICMPv6EchoRequest(id=0xb, seq=5, data=icmpv6_data), None, 0.1),
2642 ("src='iface', dst='All 1's'", None, all_1s,
2643 ICMPv6EchoRequest(id=0xb, seq=5, data=icmpv6_data), None, 0.1),
2644 ("src='All 1's', dst='All 1's'", all_1s, all_1s,
2645 ICMPv6EchoRequest(id=0xb, seq=5, data=icmpv6_data), None, 0.1),
2648 def test_ip_input_no_replies(self, name, src, dst, l4, msg, timeout):
2650 self._testMethodDoc = 'IPv6 Input Exception - %s' % name
2652 p_version = (Ether(src=self.pg0.remote_mac,
2653 dst=self.pg0.local_mac) /
2654 IPv6(src=src or self.pg0.remote_ip6,
2655 dst=dst or self.pg1.remote_ip6,
2660 self.send_and_assert_no_replies(self.pg0, p_version * NUM_PKTS,
2664 def test_hop_by_hop(self):
2665 """ Hop-by-hop header test """
2667 p = (Ether(src=self.pg0.remote_mac,
2668 dst=self.pg0.local_mac) /
2669 IPv6(src=self.pg0.remote_ip6, dst=self.pg0.local_ip6) /
2670 IPv6ExtHdrHopByHop() /
2671 inet6.UDP(sport=1234, dport=1234) /
2674 self.pg0.add_stream(p)
2675 self.pg_enable_capture(self.pg_interfaces)
2679 class TestIPReplace(VppTestCase):
2680 """ IPv6 Table Replace """
2683 def setUpClass(cls):
2684 super(TestIPReplace, cls).setUpClass()
2687 def tearDownClass(cls):
2688 super(TestIPReplace, cls).tearDownClass()
2691 super(TestIPReplace, self).setUp()
2693 self.create_pg_interfaces(range(4))
2698 for i in self.pg_interfaces:
2701 i.generate_remote_hosts(2)
2702 self.tables.append(VppIpTable(self, table_id,
2703 True).add_vpp_config())
2707 super(TestIPReplace, self).tearDown()
2708 for i in self.pg_interfaces:
2712 def test_replace(self):
2713 """ IP Table Replace """
2715 MRouteItfFlags = VppEnum.vl_api_mfib_itf_flags_t
2716 MRouteEntryFlags = VppEnum.vl_api_mfib_entry_flags_t
2718 links = [self.pg0, self.pg1, self.pg2, self.pg3]
2719 routes = [[], [], [], []]
2721 # the sizes of 'empty' tables
2722 for t in self.tables:
2723 self.assertEqual(len(t.dump()), 2)
2724 self.assertEqual(len(t.mdump()), 5)
2726 # load up the tables with some routes
2727 for ii, t in enumerate(self.tables):
2728 for jj in range(1, N_ROUTES):
2730 self, "2001::%d" % jj if jj != 0 else "2001::", 128,
2731 [VppRoutePath(links[ii].remote_hosts[0].ip6,
2732 links[ii].sw_if_index),
2733 VppRoutePath(links[ii].remote_hosts[1].ip6,
2734 links[ii].sw_if_index)],
2735 table_id=t.table_id).add_vpp_config()
2736 multi = VppIpMRoute(
2738 "ff:2001::%d" % jj, 128,
2739 MRouteEntryFlags.MFIB_API_ENTRY_FLAG_NONE,
2740 [VppMRoutePath(self.pg0.sw_if_index,
2741 MRouteItfFlags.MFIB_API_ITF_FLAG_ACCEPT,
2742 proto=FibPathProto.FIB_PATH_NH_PROTO_IP6),
2743 VppMRoutePath(self.pg1.sw_if_index,
2744 MRouteItfFlags.MFIB_API_ITF_FLAG_FORWARD,
2745 proto=FibPathProto.FIB_PATH_NH_PROTO_IP6),
2746 VppMRoutePath(self.pg2.sw_if_index,
2747 MRouteItfFlags.MFIB_API_ITF_FLAG_FORWARD,
2748 proto=FibPathProto.FIB_PATH_NH_PROTO_IP6),
2749 VppMRoutePath(self.pg3.sw_if_index,
2750 MRouteItfFlags.MFIB_API_ITF_FLAG_FORWARD,
2751 proto=FibPathProto.FIB_PATH_NH_PROTO_IP6)],
2752 table_id=t.table_id).add_vpp_config()
2753 routes[ii].append({'uni': uni,
2757 # replace the tables a few times
2760 # replace each table
2761 for t in self.tables:
2764 # all the routes are still there
2765 for ii, t in enumerate(self.tables):
2768 for r in routes[ii]:
2769 self.assertTrue(find_route_in_dump(dump, r['uni'], t))
2770 self.assertTrue(find_mroute_in_dump(mdump, r['multi'], t))
2772 # redownload the even numbered routes
2773 for ii, t in enumerate(self.tables):
2774 for jj in range(0, N_ROUTES, 2):
2775 routes[ii][jj]['uni'].add_vpp_config()
2776 routes[ii][jj]['multi'].add_vpp_config()
2778 # signal each table converged
2779 for t in self.tables:
2782 # we should find the even routes, but not the odd
2783 for ii, t in enumerate(self.tables):
2786 for jj in range(0, N_ROUTES, 2):
2787 self.assertTrue(find_route_in_dump(
2788 dump, routes[ii][jj]['uni'], t))
2789 self.assertTrue(find_mroute_in_dump(
2790 mdump, routes[ii][jj]['multi'], t))
2791 for jj in range(1, N_ROUTES - 1, 2):
2792 self.assertFalse(find_route_in_dump(
2793 dump, routes[ii][jj]['uni'], t))
2794 self.assertFalse(find_mroute_in_dump(
2795 mdump, routes[ii][jj]['multi'], t))
2797 # reload all the routes
2798 for ii, t in enumerate(self.tables):
2799 for r in routes[ii]:
2800 r['uni'].add_vpp_config()
2801 r['multi'].add_vpp_config()
2803 # all the routes are still there
2804 for ii, t in enumerate(self.tables):
2807 for r in routes[ii]:
2808 self.assertTrue(find_route_in_dump(dump, r['uni'], t))
2809 self.assertTrue(find_mroute_in_dump(mdump, r['multi'], t))
2812 # finally flush the tables for good measure
2814 for t in self.tables:
2816 self.assertEqual(len(t.dump()), 2)
2817 self.assertEqual(len(t.mdump()), 5)
2820 class TestIP6Replace(VppTestCase):
2821 """ IPv4 Interface Address Replace """
2824 def setUpClass(cls):
2825 super(TestIP6Replace, cls).setUpClass()
2828 def tearDownClass(cls):
2829 super(TestIP6Replace, cls).tearDownClass()
2832 super(TestIP6Replace, self).setUp()
2834 self.create_pg_interfaces(range(4))
2836 for i in self.pg_interfaces:
2840 super(TestIP6Replace, self).tearDown()
2841 for i in self.pg_interfaces:
2844 def get_n_pfxs(self, intf):
2845 return len(self.vapi.ip_address_dump(intf.sw_if_index, True))
2847 def test_replace(self):
2848 """ IP interface address replace """
2850 intf_pfxs = [[], [], [], []]
2852 # add prefixes to each of the interfaces
2853 for i in range(len(self.pg_interfaces)):
2854 intf = self.pg_interfaces[i]
2857 addr = "2001:16:%d::1" % intf.sw_if_index
2858 a = VppIpInterfaceAddress(self, intf, addr, 64).add_vpp_config()
2859 intf_pfxs[i].append(a)
2861 # 2001:16:x::2/64 - a different address in the same subnet as above
2862 addr = "2001:16:%d::2" % intf.sw_if_index
2863 a = VppIpInterfaceAddress(self, intf, addr, 64).add_vpp_config()
2864 intf_pfxs[i].append(a)
2866 # 2001:15:x::2/64 - a different address and subnet
2867 addr = "2001:15:%d::2" % intf.sw_if_index
2868 a = VppIpInterfaceAddress(self, intf, addr, 64).add_vpp_config()
2869 intf_pfxs[i].append(a)
2871 # a dump should n_address in it
2872 for intf in self.pg_interfaces:
2873 self.assertEqual(self.get_n_pfxs(intf), 3)
2876 # remove all the address thru a replace
2878 self.vapi.sw_interface_address_replace_begin()
2879 self.vapi.sw_interface_address_replace_end()
2880 for intf in self.pg_interfaces:
2881 self.assertEqual(self.get_n_pfxs(intf), 0)
2884 # add all the interface addresses back
2889 for intf in self.pg_interfaces:
2890 self.assertEqual(self.get_n_pfxs(intf), 3)
2893 # replace again, but this time update/re-add the address on the first
2896 self.vapi.sw_interface_address_replace_begin()
2898 for p in intf_pfxs[:2]:
2902 self.vapi.sw_interface_address_replace_end()
2904 # on the first two the address still exist,
2905 # on the other two they do not
2906 for intf in self.pg_interfaces[:2]:
2907 self.assertEqual(self.get_n_pfxs(intf), 3)
2908 for p in intf_pfxs[:2]:
2910 self.assertTrue(v.query_vpp_config())
2911 for intf in self.pg_interfaces[2:]:
2912 self.assertEqual(self.get_n_pfxs(intf), 0)
2915 # add all the interface addresses back on the last two
2917 for p in intf_pfxs[2:]:
2920 for intf in self.pg_interfaces:
2921 self.assertEqual(self.get_n_pfxs(intf), 3)
2924 # replace again, this time add different prefixes on all the interfaces
2926 self.vapi.sw_interface_address_replace_begin()
2929 for intf in self.pg_interfaces:
2931 addr = "2001:18:%d::1" % intf.sw_if_index
2932 pfxs.append(VppIpInterfaceAddress(self, intf, addr,
2933 64).add_vpp_config())
2935 self.vapi.sw_interface_address_replace_end()
2937 # only .18 should exist on each interface
2938 for intf in self.pg_interfaces:
2939 self.assertEqual(self.get_n_pfxs(intf), 1)
2941 self.assertTrue(pfx.query_vpp_config())
2946 self.vapi.sw_interface_address_replace_begin()
2947 self.vapi.sw_interface_address_replace_end()
2948 for intf in self.pg_interfaces:
2949 self.assertEqual(self.get_n_pfxs(intf), 0)
2952 # add prefixes to each interface. post-begin add the prefix from
2953 # interface X onto interface Y. this would normally be an error
2954 # since it would generate a 'duplicate address' warning. but in
2955 # this case, since what is newly downloaded is sane, it's ok
2957 for intf in self.pg_interfaces:
2959 addr = "2001:18:%d::1" % intf.sw_if_index
2960 VppIpInterfaceAddress(self, intf, addr, 64).add_vpp_config()
2962 self.vapi.sw_interface_address_replace_begin()
2965 for intf in self.pg_interfaces:
2967 addr = "2001:18:%d::1" % (intf.sw_if_index + 1)
2968 pfxs.append(VppIpInterfaceAddress(self, intf,
2969 addr, 64).add_vpp_config())
2971 self.vapi.sw_interface_address_replace_end()
2973 self.logger.info(self.vapi.cli("sh int addr"))
2975 for intf in self.pg_interfaces:
2976 self.assertEqual(self.get_n_pfxs(intf), 1)
2978 self.assertTrue(pfx.query_vpp_config())
2981 class TestIP6LinkLocal(VppTestCase):
2982 """ IPv6 Link Local """
2985 def setUpClass(cls):
2986 super(TestIP6LinkLocal, cls).setUpClass()
2989 def tearDownClass(cls):
2990 super(TestIP6LinkLocal, cls).tearDownClass()
2993 super(TestIP6LinkLocal, self).setUp()
2995 self.create_pg_interfaces(range(2))
2997 for i in self.pg_interfaces:
3001 super(TestIP6LinkLocal, self).tearDown()
3002 for i in self.pg_interfaces:
3005 def test_ip6_ll(self):
3006 """ IPv6 Link Local """
3009 # two APIs to add a link local address.
3010 # 1 - just like any other prefix
3011 # 2 - with the special set LL API
3015 # First with the API to set a 'normal' prefix
3022 self.pg0.sw_if_index,
3023 self.pg0.remote_mac,
3024 ll2).add_vpp_config()
3026 VppIpInterfaceAddress(self, self.pg0, ll1, 128).add_vpp_config()
3029 # should be able to ping the ll
3031 p_echo_request_1 = (Ether(src=self.pg0.remote_mac,
3032 dst=self.pg0.local_mac) /
3035 ICMPv6EchoRequest())
3037 self.send_and_expect(self.pg0, [p_echo_request_1], self.pg0)
3040 # change the link-local on pg0
3042 v_ll3 = VppIpInterfaceAddress(self, self.pg0,
3043 ll3, 128).add_vpp_config()
3045 p_echo_request_3 = (Ether(src=self.pg0.remote_mac,
3046 dst=self.pg0.local_mac) /
3049 ICMPv6EchoRequest())
3051 self.send_and_expect(self.pg0, [p_echo_request_3], self.pg0)
3054 # set a normal v6 prefix on the link
3056 self.pg0.config_ip6()
3058 self.send_and_expect(self.pg0, [p_echo_request_3], self.pg0)
3060 # the link-local cannot be removed
3061 with self.vapi.assert_negative_api_retval():
3062 v_ll3.remove_vpp_config()
3065 # Use the specific link-local API on pg1
3067 VppIp6LinkLocalAddress(self, self.pg1, ll1).add_vpp_config()
3068 self.send_and_expect(self.pg1, [p_echo_request_1], self.pg1)
3070 VppIp6LinkLocalAddress(self, self.pg1, ll3).add_vpp_config()
3071 self.send_and_expect(self.pg1, [p_echo_request_3], self.pg1)
3073 def test_ip6_ll_p2p(self):
3074 """ IPv6 Link Local P2P (GRE)"""
3076 self.pg0.config_ip4()
3077 self.pg0.resolve_arp()
3078 gre_if = VppGreInterface(self,
3080 self.pg0.remote_ip4).add_vpp_config()
3086 VppIpInterfaceAddress(self, gre_if, ll1, 128).add_vpp_config()
3088 self.logger.info(self.vapi.cli("sh ip6-ll gre0 fe80:2::2"))
3090 p_echo_request_1 = (Ether(src=self.pg0.remote_mac,
3091 dst=self.pg0.local_mac) /
3092 IP(src=self.pg0.remote_ip4,
3093 dst=self.pg0.local_ip4) /
3095 IPv6(src=ll2, dst=ll1) /
3096 ICMPv6EchoRequest())
3097 self.send_and_expect(self.pg0, [p_echo_request_1], self.pg0)
3099 self.pg0.unconfig_ip4()
3100 gre_if.remove_vpp_config()
3102 def test_ip6_ll_p2mp(self):
3103 """ IPv6 Link Local P2MP (GRE)"""
3105 self.pg0.config_ip4()
3106 self.pg0.resolve_arp()
3108 gre_if = VppGreInterface(
3112 mode=(VppEnum.vl_api_tunnel_mode_t.
3113 TUNNEL_API_MODE_MP)).add_vpp_config()
3119 VppIpInterfaceAddress(self, gre_if, ll1, 128).add_vpp_config()
3121 p_echo_request_1 = (Ether(src=self.pg0.remote_mac,
3122 dst=self.pg0.local_mac) /
3123 IP(src=self.pg0.remote_ip4,
3124 dst=self.pg0.local_ip4) /
3126 IPv6(src=ll2, dst=ll1) /
3127 ICMPv6EchoRequest())
3129 # no route back at this point
3130 self.send_and_assert_no_replies(self.pg0, [p_echo_request_1])
3132 # add teib entry for the peer
3133 teib = VppTeib(self, gre_if, ll2, self.pg0.remote_ip4)
3134 teib.add_vpp_config()
3136 self.logger.info(self.vapi.cli("sh ip6-ll gre0 %s" % ll2))
3137 self.send_and_expect(self.pg0, [p_echo_request_1], self.pg0)
3140 self.pg0.unconfig_ip4()
3143 class TestIPv6PathMTU(VppTestCase):
3144 """ IPv6 Path MTU """
3147 super(TestIPv6PathMTU, self).setUp()
3149 self.create_pg_interfaces(range(2))
3151 # setup all interfaces
3152 for i in self.pg_interfaces:
3158 super(TestIPv6PathMTU, self).tearDown()
3159 for i in self.pg_interfaces:
3163 def test_path_mtu_local(self):
3164 """ Path MTU for attached neighbour """
3166 self.vapi.cli("set log class ip level debug")
3168 # The goal here is not test that fragmentation works correctly,
3169 # that's done elsewhere, the intent is to ensure that the Path MTU
3170 # settings are honoured.
3174 # IPv6 will only frag locally generated packets, so use tunnelled
3175 # packets post encap
3177 tun = VppIpIpTunInterface(
3181 self.pg1.remote_ip6)
3182 tun.add_vpp_config()
3186 # set the interface MTU to a reasonable value
3187 self.vapi.sw_interface_set_mtu(self.pg1.sw_if_index,
3190 p_2k = (Ether(dst=self.pg0.local_mac,
3191 src=self.pg0.remote_mac) /
3192 IPv6(src=self.pg0.remote_ip6,
3193 dst=tun.remote_ip6) /
3194 UDP(sport=1234, dport=5678) /
3196 p_1k = (Ether(dst=self.pg0.local_mac,
3197 src=self.pg0.remote_mac) /
3198 IPv6(src=self.pg0.remote_ip6,
3199 dst=tun.remote_ip6) /
3200 UDP(sport=1234, dport=5678) /
3203 nbr = VppNeighbor(self,
3204 self.pg1.sw_if_index,
3205 self.pg1.remote_mac,
3206 self.pg1.remote_ip6).add_vpp_config()
3208 # this is now the interface MTU frags
3209 self.send_and_expect(self.pg0, [p_2k], self.pg1, n_rx=2)
3210 self.send_and_expect(self.pg0, [p_1k], self.pg1)
3212 # drop the path MTU for this neighbour to below the interface MTU
3214 pmtu = VppIpPathMtu(self, self.pg1.remote_ip6, 1300).add_vpp_config()
3216 # print/format the adj delegate and trackers
3217 self.logger.info(self.vapi.cli("sh ip pmtu"))
3218 self.logger.info(self.vapi.cli("sh adj 7"))
3220 self.send_and_expect(self.pg0, [p_2k], self.pg1, n_rx=3)
3221 self.send_and_expect(self.pg0, [p_1k], self.pg1, n_rx=2)
3223 # increase the path MTU to more than the interface
3224 # expect to use the interface MTU
3227 self.send_and_expect(self.pg0, [p_2k], self.pg1, n_rx=2)
3228 self.send_and_expect(self.pg0, [p_1k], self.pg1)
3230 # go back to an MTU from the path
3233 self.send_and_expect(self.pg0, [p_2k], self.pg1, n_rx=3)
3234 self.send_and_expect(self.pg0, [p_1k], self.pg1, n_rx=2)
3236 # raise the interface's MTU
3237 # should still use that of the path
3238 self.vapi.sw_interface_set_mtu(self.pg1.sw_if_index,
3240 self.send_and_expect(self.pg0, [p_2k], self.pg1, n_rx=3)
3241 self.send_and_expect(self.pg0, [p_1k], self.pg1, n_rx=2)
3243 # set path high and interface low
3245 self.vapi.sw_interface_set_mtu(self.pg1.sw_if_index,
3247 self.send_and_expect(self.pg0, [p_2k], self.pg1, n_rx=3)
3248 self.send_and_expect(self.pg0, [p_1k], self.pg1, n_rx=2)
3250 # remove the path MTU
3251 self.vapi.sw_interface_set_mtu(self.pg1.sw_if_index,
3255 self.send_and_expect(self.pg0, [p_2k], self.pg1, n_rx=2)
3256 self.send_and_expect(self.pg0, [p_1k], self.pg1)
3258 def test_path_mtu_remote(self):
3259 """ Path MTU for remote neighbour """
3261 self.vapi.cli("set log class ip level debug")
3263 # The goal here is not test that fragmentation works correctly,
3264 # that's done elsewhere, the intent is to ensure that the Path MTU
3265 # settings are honoured.
3271 [VppRoutePath(self.pg1.remote_ip6,
3272 self.pg1.sw_if_index)]).add_vpp_config()
3275 # IPv6 will only frag locally generated packets, so use tunnelled
3276 # packets post encap
3278 tun = VppIpIpTunInterface(
3283 tun.add_vpp_config()
3287 # set the interface MTU to a reasonable value
3288 self.vapi.sw_interface_set_mtu(self.pg1.sw_if_index,
3291 p_2k = (Ether(dst=self.pg0.local_mac,
3292 src=self.pg0.remote_mac) /
3293 IPv6(src=self.pg0.remote_ip6,
3294 dst=tun.remote_ip6) /
3295 UDP(sport=1234, dport=5678) /
3297 p_1k = (Ether(dst=self.pg0.local_mac,
3298 src=self.pg0.remote_mac) /
3299 IPv6(src=self.pg0.remote_ip6,
3300 dst=tun.remote_ip6) /
3301 UDP(sport=1234, dport=5678) /
3304 nbr = VppNeighbor(self,
3305 self.pg1.sw_if_index,
3306 self.pg1.remote_mac,
3307 self.pg1.remote_ip6).add_vpp_config()
3309 # this is now the interface MTU frags
3310 self.send_and_expect(self.pg0, [p_2k], self.pg1, n_rx=2)
3311 self.send_and_expect(self.pg0, [p_1k], self.pg1)
3313 # drop the path MTU for this neighbour to below the interface MTU
3315 pmtu = VppIpPathMtu(self, tun_dst, 1300).add_vpp_config()
3317 # print/format the fib entry/dpo
3318 self.logger.info(self.vapi.cli("sh ip6 fib 2001::1"))
3320 self.send_and_expect(self.pg0, [p_2k], self.pg1, n_rx=3)
3321 self.send_and_expect(self.pg0, [p_1k], self.pg1, n_rx=2)
3323 # increase the path MTU to more than the interface
3324 # expect to use the interface MTU
3327 self.send_and_expect(self.pg0, [p_2k], self.pg1, n_rx=2)
3328 self.send_and_expect(self.pg0, [p_1k], self.pg1)
3330 # go back to an MTU from the path
3333 self.send_and_expect(self.pg0, [p_2k], self.pg1, n_rx=3)
3334 self.send_and_expect(self.pg0, [p_1k], self.pg1, n_rx=2)
3336 # raise the interface's MTU
3337 # should still use that of the path
3338 self.vapi.sw_interface_set_mtu(self.pg1.sw_if_index,
3340 self.send_and_expect(self.pg0, [p_2k], self.pg1, n_rx=3)
3341 self.send_and_expect(self.pg0, [p_1k], self.pg1, n_rx=2)
3343 # turn the tun_dst into an attached neighbour
3344 route.modify([VppRoutePath("::",
3345 self.pg1.sw_if_index)])
3346 nbr2 = VppNeighbor(self,
3347 self.pg1.sw_if_index,
3348 self.pg1.remote_mac,
3349 tun_dst).add_vpp_config()
3351 self.send_and_expect(self.pg0, [p_2k], self.pg1, n_rx=3)
3352 self.send_and_expect(self.pg0, [p_1k], self.pg1, n_rx=2)
3354 # add back to not attached
3355 nbr2.remove_vpp_config()
3356 route.modify([VppRoutePath(self.pg1.remote_ip6,
3357 self.pg1.sw_if_index)])
3359 # set path high and interface low
3361 self.vapi.sw_interface_set_mtu(self.pg1.sw_if_index,
3363 self.send_and_expect(self.pg0, [p_2k], self.pg1, n_rx=3)
3364 self.send_and_expect(self.pg0, [p_1k], self.pg1, n_rx=2)
3366 # remove the path MTU
3367 self.vapi.sw_interface_set_mtu(self.pg1.sw_if_index,
3369 pmtu.remove_vpp_config()
3370 self.send_and_expect(self.pg0, [p_2k], self.pg1, n_rx=2)
3371 self.send_and_expect(self.pg0, [p_1k], self.pg1)
3374 class TestIPFibSource(VppTestCase):
3375 """ IPv6 Table FibSource """
3378 def setUpClass(cls):
3379 super(TestIPFibSource, cls).setUpClass()
3382 def tearDownClass(cls):
3383 super(TestIPFibSource, cls).tearDownClass()
3386 super(TestIPFibSource, self).setUp()
3388 self.create_pg_interfaces(range(2))
3390 for i in self.pg_interfaces:
3394 i.generate_remote_hosts(2)
3395 i.configure_ipv6_neighbors()
3398 super(TestIPFibSource, self).tearDown()
3399 for i in self.pg_interfaces:
3403 def test_fib_source(self):
3404 """ IP Table FibSource """
3406 routes = self.vapi.ip_route_v2_dump(0, True)
3408 # 2 interfaces (4 routes) + 2 specials + 4 neighbours = 10 routes
3409 self.assertEqual(len(routes), 10)
3411 # dump all the sources in the FIB
3412 sources = self.vapi.fib_source_dump()
3413 for source in sources:
3414 if (source.src.name == "API"):
3415 api_source = source.src
3416 if (source.src.name == "interface"):
3417 intf_source = source.src
3418 if (source.src.name == "adjacency"):
3419 adj_source = source.src
3420 if (source.src.name == "special"):
3421 special_source = source.src
3422 if (source.src.name == "default-route"):
3423 dr_source = source.src
3425 # dump the individual route types
3426 routes = self.vapi.ip_route_v2_dump(0, True, src=adj_source.id)
3427 self.assertEqual(len(routes), 4)
3428 routes = self.vapi.ip_route_v2_dump(0, True, src=intf_source.id)
3429 self.assertEqual(len(routes), 4)
3430 routes = self.vapi.ip_route_v2_dump(0, True, src=special_source.id)
3431 self.assertEqual(len(routes), 1)
3432 routes = self.vapi.ip_route_v2_dump(0, True, src=dr_source.id)
3433 self.assertEqual(len(routes), 1)
3435 # add a new soure that'a better than the API
3436 self.vapi.fib_source_add(src={'name': "bgp",
3437 "priority": api_source.priority - 1})
3439 # dump all the sources to check our new one is there
3440 sources = self.vapi.fib_source_dump()
3442 for source in sources:
3443 if (source.src.name == "bgp"):
3444 bgp_source = source.src
3446 self.assertTrue(bgp_source)
3447 self.assertEqual(bgp_source.priority,
3448 api_source.priority - 1)
3450 # add a route with the default API source
3452 self, "2001::1", 128,
3453 [VppRoutePath(self.pg0.remote_ip6,
3454 self.pg0.sw_if_index)]).add_vpp_config()
3456 r2 = VppIpRouteV2(self, "2001::1", 128,
3457 [VppRoutePath(self.pg1.remote_ip6,
3458 self.pg1.sw_if_index)],
3459 src=bgp_source.id).add_vpp_config()
3461 # ensure the BGP source takes priority
3462 p = (Ether(src=self.pg0.remote_mac,
3463 dst=self.pg0.local_mac) /
3464 IPv6(src=self.pg0.remote_ip6, dst="2001::1") /
3465 inet6.UDP(sport=1234, dport=1234) /
3468 self.send_and_expect(self.pg0, [p], self.pg1)
3470 r2.remove_vpp_config()
3471 r1.remove_vpp_config()
3473 self.assertFalse(find_route(self, "2001::1", 128))
3476 class TestIPxAF(VppTestCase):
3480 def setUpClass(cls):
3481 super(TestIPxAF, cls).setUpClass()
3484 def tearDownClass(cls):
3485 super(TestIPxAF, cls).tearDownClass()
3488 super(TestIPxAF, self).setUp()
3490 self.create_pg_interfaces(range(2))
3492 for i in self.pg_interfaces:
3500 super(TestIPxAF, self).tearDown()
3501 for i in self.pg_interfaces:
3506 def test_x_af(self):
3507 """ Cross AF routing """
3510 # a v4 route via a v6 attached next-hop
3512 self, "1.1.1.1", 32,
3513 [VppRoutePath(self.pg1.remote_ip6,
3514 self.pg1.sw_if_index)]).add_vpp_config()
3516 p = (Ether(src=self.pg0.remote_mac,
3517 dst=self.pg0.local_mac) /
3518 IP(src=self.pg0.remote_ip4, dst="1.1.1.1") /
3519 UDP(sport=1234, dport=1234) /
3521 rxs = self.send_and_expect(self.pg0, p * N_PKTS, self.pg1)
3524 self.assertEqual(rx[IP].dst, "1.1.1.1")
3526 # a v6 route via a v4 attached next-hop
3528 self, "2001::1", 128,
3529 [VppRoutePath(self.pg1.remote_ip4,
3530 self.pg1.sw_if_index)]).add_vpp_config()
3532 p = (Ether(src=self.pg0.remote_mac,
3533 dst=self.pg0.local_mac) /
3534 IPv6(src=self.pg0.remote_ip6, dst="2001::1") /
3535 UDP(sport=1234, dport=1234) /
3537 rxs = self.send_and_expect(self.pg0, p * N_PKTS, self.pg1)
3540 self.assertEqual(rx[IPv6].dst, "2001::1")
3542 # a recursive v4 route via a v6 next-hop (from above)
3544 self, "2.2.2.2", 32,
3545 [VppRoutePath("2001::1",
3546 0xffffffff)]).add_vpp_config()
3548 p = (Ether(src=self.pg0.remote_mac,
3549 dst=self.pg0.local_mac) /
3550 IP(src=self.pg0.remote_ip4, dst="2.2.2.2") /
3551 UDP(sport=1234, dport=1234) /
3553 rxs = self.send_and_expect(self.pg0, p * N_PKTS, self.pg1)
3555 # a recursive v4 route via a v6 next-hop
3557 self, "2.2.2.3", 32,
3558 [VppRoutePath(self.pg1.remote_ip6,
3559 0xffffffff)]).add_vpp_config()
3561 p = (Ether(src=self.pg0.remote_mac,
3562 dst=self.pg0.local_mac) /
3563 IP(src=self.pg0.remote_ip4, dst="2.2.2.3") /
3564 UDP(sport=1234, dport=1234) /
3566 rxs = self.send_and_expect(self.pg0, p * N_PKTS, self.pg1)
3568 # a recursive v6 route via a v4 next-hop
3570 self, "3001::1", 128,
3571 [VppRoutePath(self.pg1.remote_ip4,
3572 0xffffffff)]).add_vpp_config()
3574 p = (Ether(src=self.pg0.remote_mac,
3575 dst=self.pg0.local_mac) /
3576 IPv6(src=self.pg0.remote_ip6, dst="3001::1") /
3577 UDP(sport=1234, dport=1234) /
3579 rxs = self.send_and_expect(self.pg0, p * N_PKTS, self.pg1)
3582 self.assertEqual(rx[IPv6].dst, "3001::1")
3585 self, "3001::2", 128,
3586 [VppRoutePath("1.1.1.1",
3587 0xffffffff)]).add_vpp_config()
3589 p = (Ether(src=self.pg0.remote_mac,
3590 dst=self.pg0.local_mac) /
3591 IPv6(src=self.pg0.remote_ip6, dst="3001::2") /
3592 UDP(sport=1234, dport=1234) /
3594 rxs = self.send_and_expect(self.pg0, p * N_PKTS, self.pg1)
3597 self.assertEqual(rx[IPv6].dst, "3001::2")
3600 if __name__ == '__main__':
3601 unittest.main(testRunner=VppTestRunner)
Code Review / vpp.git / blob