4 from socket import inet_pton, inet_ntop
7 from parameterized import parameterized
9 import scapy.layers.inet6 as inet6
10 from scapy.layers.inet import UDP, IP
11 from scapy.contrib.mpls import MPLS
12 from scapy.layers.inet6 import IPv6, ICMPv6ND_NS, ICMPv6ND_RS, \
13 ICMPv6ND_RA, ICMPv6NDOptMTU, ICMPv6NDOptSrcLLAddr, ICMPv6NDOptPrefixInfo, \
14 ICMPv6ND_NA, ICMPv6NDOptDstLLAddr, ICMPv6DestUnreach, icmp6types, \
15 ICMPv6TimeExceeded, ICMPv6EchoRequest, ICMPv6EchoReply, \
16 IPv6ExtHdrHopByHop, ICMPv6MLReport2, ICMPv6MLDMultAddrRec
17 from scapy.layers.l2 import Ether, Dot1Q, GRE
18 from scapy.packet import Raw
19 from scapy.utils6 import in6_getnsma, in6_getnsmac, in6_ptop, in6_islladdr, \
23 from framework import VppTestCase, VppTestRunner, tag_run_solo
24 from util import ppp, ip6_normalize, mk_ll_addr
25 from vpp_papi import VppEnum
26 from vpp_ip import DpoProto, VppIpPuntPolicer, VppIpPuntRedirect, VppIpPathMtu
27 from vpp_ip_route import VppIpRoute, VppRoutePath, find_route, VppIpMRoute, \
28 VppMRoutePath, VppMplsIpBind, \
29 VppMplsRoute, VppMplsTable, VppIpTable, FibPathType, FibPathProto, \
30 VppIpInterfaceAddress, find_route_in_dump, find_mroute_in_dump, \
31 VppIp6LinkLocalAddress, VppIpRouteV2
32 from vpp_neighbor import find_nbr, VppNeighbor
33 from vpp_ipip_tun_interface import VppIpIpTunInterface
34 from vpp_pg_interface import is_ipv6_misc
35 from vpp_sub_interface import VppSubInterface, VppDot1QSubint
36 from vpp_policer import VppPolicer, PolicerAction
37 from ipaddress import IPv6Network, IPv6Address
38 from vpp_gre_interface import VppGreInterface
39 from vpp_teib import VppTeib
41 AF_INET6 = socket.AF_INET6
51 class TestIPv6ND(VppTestCase):
52 def validate_ra(self, intf, rx, dst_ip=None):
54 dst_ip = intf.remote_ip6
56 # unicasted packets must come to the unicast mac
57 self.assertEqual(rx[Ether].dst, intf.remote_mac)
59 # and from the router's MAC
60 self.assertEqual(rx[Ether].src, intf.local_mac)
62 # the rx'd RA should be addressed to the sender's source
63 self.assertTrue(rx.haslayer(ICMPv6ND_RA))
64 self.assertEqual(in6_ptop(rx[IPv6].dst),
67 # and come from the router's link local
68 self.assertTrue(in6_islladdr(rx[IPv6].src))
69 self.assertEqual(in6_ptop(rx[IPv6].src),
70 in6_ptop(mk_ll_addr(intf.local_mac)))
72 def validate_na(self, intf, rx, dst_ip=None, tgt_ip=None):
74 dst_ip = intf.remote_ip6
76 dst_ip = intf.local_ip6
78 # unicasted packets must come to the unicast mac
79 self.assertEqual(rx[Ether].dst, intf.remote_mac)
81 # and from the router's MAC
82 self.assertEqual(rx[Ether].src, intf.local_mac)
84 # the rx'd NA should be addressed to the sender's source
85 self.assertTrue(rx.haslayer(ICMPv6ND_NA))
86 self.assertEqual(in6_ptop(rx[IPv6].dst),
89 # and come from the target address
91 in6_ptop(rx[IPv6].src), in6_ptop(tgt_ip))
93 # Dest link-layer options should have the router's MAC
94 dll = rx[ICMPv6NDOptDstLLAddr]
95 self.assertEqual(dll.lladdr, intf.local_mac)
97 def validate_ns(self, intf, rx, tgt_ip):
98 nsma = in6_getnsma(inet_pton(AF_INET6, tgt_ip))
99 dst_ip = inet_ntop(AF_INET6, nsma)
102 self.assertEqual(rx[Ether].dst, in6_getnsmac(nsma))
104 # and from the router's MAC
105 self.assertEqual(rx[Ether].src, intf.local_mac)
107 # the rx'd NS should be addressed to an mcast address
108 # derived from the target address
110 in6_ptop(rx[IPv6].dst), in6_ptop(dst_ip))
112 # expect the tgt IP in the NS header
114 self.assertEqual(in6_ptop(ns.tgt), in6_ptop(tgt_ip))
116 # packet is from the router's local address
118 in6_ptop(rx[IPv6].src), intf.local_ip6)
120 # Src link-layer options should have the router's MAC
121 sll = rx[ICMPv6NDOptSrcLLAddr]
122 self.assertEqual(sll.lladdr, intf.local_mac)
124 def send_and_expect_ra(self, intf, pkts, remark, dst_ip=None,
125 filter_out_fn=is_ipv6_misc):
126 intf.add_stream(pkts)
127 self.pg_enable_capture(self.pg_interfaces)
129 rx = intf.get_capture(1, filter_out_fn=filter_out_fn)
131 self.assertEqual(len(rx), 1)
133 self.validate_ra(intf, rx, dst_ip)
135 def send_and_expect_na(self, intf, pkts, remark, dst_ip=None,
137 filter_out_fn=is_ipv6_misc):
138 intf.add_stream(pkts)
139 self.pg_enable_capture(self.pg_interfaces)
141 rx = intf.get_capture(1, filter_out_fn=filter_out_fn)
143 self.assertEqual(len(rx), 1)
145 self.validate_na(intf, rx, dst_ip, tgt_ip)
147 def send_and_expect_ns(self, tx_intf, rx_intf, pkts, tgt_ip,
148 filter_out_fn=is_ipv6_misc):
149 self.vapi.cli("clear trace")
150 tx_intf.add_stream(pkts)
151 self.pg_enable_capture(self.pg_interfaces)
153 rx = rx_intf.get_capture(1, filter_out_fn=filter_out_fn)
155 self.assertEqual(len(rx), 1)
157 self.validate_ns(rx_intf, rx, tgt_ip)
159 def verify_ip(self, rx, smac, dmac, sip, dip):
161 self.assertEqual(ether.dst, dmac)
162 self.assertEqual(ether.src, smac)
165 self.assertEqual(ip.src, sip)
166 self.assertEqual(ip.dst, dip)
170 class TestIPv6(TestIPv6ND):
171 """ IPv6 Test Case """
175 super(TestIPv6, cls).setUpClass()
178 def tearDownClass(cls):
179 super(TestIPv6, cls).tearDownClass()
183 Perform test setup before test case.
186 - create 3 pg interfaces
187 - untagged pg0 interface
188 - Dot1Q subinterface on pg1
189 - Dot1AD subinterface on pg2
191 - put it into UP state
193 - resolve neighbor address using NDP
194 - configure 200 fib entries
196 :ivar list interfaces: pg interfaces and subinterfaces.
197 :ivar dict flows: IPv4 packet flows in test.
199 *TODO:* Create AD sub interface
201 super(TestIPv6, self).setUp()
203 # create 3 pg interfaces
204 self.create_pg_interfaces(range(3))
206 # create 2 subinterfaces for p1 and pg2
207 self.sub_interfaces = [
208 VppDot1QSubint(self, self.pg1, 100),
209 VppDot1QSubint(self, self.pg2, 200)
210 # TODO: VppDot1ADSubint(self, self.pg2, 200, 300, 400)
213 # packet flows mapping pg0 -> pg1.sub, pg2.sub, etc.
215 self.flows[self.pg0] = [self.pg1.sub_if, self.pg2.sub_if]
216 self.flows[self.pg1.sub_if] = [self.pg0, self.pg2.sub_if]
217 self.flows[self.pg2.sub_if] = [self.pg0, self.pg1.sub_if]
220 self.pg_if_packet_sizes = [64, 1500, 9020]
222 self.interfaces = list(self.pg_interfaces)
223 self.interfaces.extend(self.sub_interfaces)
225 # setup all interfaces
226 for i in self.interfaces:
232 """Run standard test teardown and log ``show ip6 neighbors``."""
233 for i in self.interfaces:
236 for i in self.sub_interfaces:
237 i.remove_vpp_config()
239 super(TestIPv6, self).tearDown()
240 if not self.vpp_dead:
241 self.logger.info(self.vapi.cli("show ip6 neighbors"))
242 # info(self.vapi.cli("show ip6 fib")) # many entries
244 def modify_packet(self, src_if, packet_size, pkt):
245 """Add load, set destination IP and extend packet to required packet
246 size for defined interface.
248 :param VppInterface src_if: Interface to create packet for.
249 :param int packet_size: Required packet size.
250 :param Scapy pkt: Packet to be modified.
252 dst_if_idx = int(packet_size / 10 % 2)
253 dst_if = self.flows[src_if][dst_if_idx]
254 info = self.create_packet_info(src_if, dst_if)
255 payload = self.info_to_payload(info)
256 p = pkt / Raw(payload)
257 p[IPv6].dst = dst_if.remote_ip6
259 if isinstance(src_if, VppSubInterface):
260 p = src_if.add_dot1_layer(p)
261 self.extend_packet(p, packet_size)
265 def create_stream(self, src_if):
266 """Create input packet stream for defined interface.
268 :param VppInterface src_if: Interface to create packet stream for.
270 hdr_ext = 4 if isinstance(src_if, VppSubInterface) else 0
271 pkt_tmpl = (Ether(dst=src_if.local_mac, src=src_if.remote_mac) /
272 IPv6(src=src_if.remote_ip6) /
273 inet6.UDP(sport=1234, dport=1234))
275 pkts = [self.modify_packet(src_if, i, pkt_tmpl)
276 for i in moves.range(self.pg_if_packet_sizes[0],
277 self.pg_if_packet_sizes[1], 10)]
278 pkts_b = [self.modify_packet(src_if, i, pkt_tmpl)
279 for i in moves.range(self.pg_if_packet_sizes[1] + hdr_ext,
280 self.pg_if_packet_sizes[2] + hdr_ext,
286 def verify_capture(self, dst_if, capture):
287 """Verify captured input packet stream for defined interface.
289 :param VppInterface dst_if: Interface to verify captured packet stream
291 :param list capture: Captured packet stream.
293 self.logger.info("Verifying capture on interface %s" % dst_if.name)
295 for i in self.interfaces:
296 last_info[i.sw_if_index] = None
298 dst_sw_if_index = dst_if.sw_if_index
299 if hasattr(dst_if, 'parent'):
301 for packet in capture:
303 # Check VLAN tags and Ethernet header
304 packet = dst_if.remove_dot1_layer(packet)
305 self.assertTrue(Dot1Q not in packet)
308 udp = packet[inet6.UDP]
309 payload_info = self.payload_to_info(packet[Raw])
310 packet_index = payload_info.index
311 self.assertEqual(payload_info.dst, dst_sw_if_index)
313 "Got packet on port %s: src=%u (id=%u)" %
314 (dst_if.name, payload_info.src, packet_index))
315 next_info = self.get_next_packet_info_for_interface2(
316 payload_info.src, dst_sw_if_index,
317 last_info[payload_info.src])
318 last_info[payload_info.src] = next_info
319 self.assertTrue(next_info is not None)
320 self.assertEqual(packet_index, next_info.index)
321 saved_packet = next_info.data
322 # Check standard fields
324 ip.src, saved_packet[IPv6].src)
326 ip.dst, saved_packet[IPv6].dst)
328 udp.sport, saved_packet[inet6.UDP].sport)
330 udp.dport, saved_packet[inet6.UDP].dport)
332 self.logger.error(ppp("Unexpected or invalid packet:", packet))
334 for i in self.interfaces:
335 remaining_packet = self.get_next_packet_info_for_interface2(
336 i.sw_if_index, dst_sw_if_index, last_info[i.sw_if_index])
337 self.assertTrue(remaining_packet is None,
338 "Interface %s: Packet expected from interface %s "
339 "didn't arrive" % (dst_if.name, i.name))
341 def test_next_header_anomaly(self):
342 """ IPv6 next header anomaly test
345 - ipv6 next header field = Fragment Header (44)
346 - next header is ICMPv6 Echo Request
347 - wait for reassembly
349 pkt = (Ether(src=self.pg0.local_mac, dst=self.pg0.remote_mac) /
350 IPv6(src=self.pg0.remote_ip6, dst=self.pg0.local_ip6, nh=44) /
353 self.pg0.add_stream(pkt)
356 # wait for reassembly
363 - Create IPv6 stream for pg0 interface
364 - Create IPv6 tagged streams for pg1's and pg2's subinterface.
365 - Send and verify received packets on each interface.
368 pkts = self.create_stream(self.pg0)
369 self.pg0.add_stream(pkts)
371 for i in self.sub_interfaces:
372 pkts = self.create_stream(i)
373 i.parent.add_stream(pkts)
375 self.pg_enable_capture(self.pg_interfaces)
378 pkts = self.pg0.get_capture()
379 self.verify_capture(self.pg0, pkts)
381 for i in self.sub_interfaces:
382 pkts = i.parent.get_capture()
383 self.verify_capture(i, pkts)
386 """ IPv6 Neighbour Solicitation Exceptions
389 - Send an NS Sourced from an address not covered by the link sub-net
390 - Send an NS to an mcast address the router has not joined
391 - Send NS for a target address the router does not onn.
395 # An NS from a non link source address
397 nsma = in6_getnsma(inet_pton(AF_INET6, self.pg0.local_ip6))
398 d = inet_ntop(AF_INET6, nsma)
400 p = (Ether(dst=in6_getnsmac(nsma)) /
401 IPv6(dst=d, src="2002::2") /
402 ICMPv6ND_NS(tgt=self.pg0.local_ip6) /
403 ICMPv6NDOptSrcLLAddr(
404 lladdr=self.pg0.remote_mac))
407 self.send_and_assert_no_replies(
409 "No response to NS source by address not on sub-net")
412 # An NS for sent to a solicited mcast group the router is
413 # not a member of FAILS
416 nsma = in6_getnsma(inet_pton(AF_INET6, "fd::ffff"))
417 d = inet_ntop(AF_INET6, nsma)
419 p = (Ether(dst=in6_getnsmac(nsma)) /
420 IPv6(dst=d, src=self.pg0.remote_ip6) /
421 ICMPv6ND_NS(tgt=self.pg0.local_ip6) /
422 ICMPv6NDOptSrcLLAddr(
423 lladdr=self.pg0.remote_mac))
426 self.send_and_assert_no_replies(
428 "No response to NS sent to unjoined mcast address")
431 # An NS whose target address is one the router does not own
433 nsma = in6_getnsma(inet_pton(AF_INET6, self.pg0.local_ip6))
434 d = inet_ntop(AF_INET6, nsma)
436 p = (Ether(dst=in6_getnsmac(nsma)) /
437 IPv6(dst=d, src=self.pg0.remote_ip6) /
438 ICMPv6ND_NS(tgt="fd::ffff") /
439 ICMPv6NDOptSrcLLAddr(
440 lladdr=self.pg0.remote_mac))
443 self.send_and_assert_no_replies(self.pg0, pkts,
444 "No response to NS for unknown target")
447 # A neighbor entry that has no associated FIB-entry
449 self.pg0.generate_remote_hosts(4)
450 nd_entry = VppNeighbor(self,
451 self.pg0.sw_if_index,
452 self.pg0.remote_hosts[2].mac,
453 self.pg0.remote_hosts[2].ip6,
455 nd_entry.add_vpp_config()
458 # check we have the neighbor, but no route
460 self.assertTrue(find_nbr(self,
461 self.pg0.sw_if_index,
462 self.pg0._remote_hosts[2].ip6))
463 self.assertFalse(find_route(self,
464 self.pg0._remote_hosts[2].ip6,
468 # send an NS from a link local address to the interface's global
471 p = (Ether(dst=in6_getnsmac(nsma), src=self.pg0.remote_mac) /
473 dst=d, src=self.pg0._remote_hosts[2].ip6_ll) /
474 ICMPv6ND_NS(tgt=self.pg0.local_ip6) /
475 ICMPv6NDOptSrcLLAddr(
476 lladdr=self.pg0.remote_mac))
478 self.send_and_expect_na(self.pg0, p,
479 "NS from link-local",
480 dst_ip=self.pg0._remote_hosts[2].ip6_ll,
481 tgt_ip=self.pg0.local_ip6)
484 # we should have learned an ND entry for the peer's link-local
485 # but not inserted a route to it in the FIB
487 self.assertTrue(find_nbr(self,
488 self.pg0.sw_if_index,
489 self.pg0._remote_hosts[2].ip6_ll))
490 self.assertFalse(find_route(self,
491 self.pg0._remote_hosts[2].ip6_ll,
495 # An NS to the router's own Link-local
497 p = (Ether(dst=in6_getnsmac(nsma), src=self.pg0.remote_mac) /
499 dst=d, src=self.pg0._remote_hosts[3].ip6_ll) /
500 ICMPv6ND_NS(tgt=self.pg0.local_ip6_ll) /
501 ICMPv6NDOptSrcLLAddr(
502 lladdr=self.pg0.remote_mac))
504 self.send_and_expect_na(self.pg0, p,
505 "NS to/from link-local",
506 dst_ip=self.pg0._remote_hosts[3].ip6_ll,
507 tgt_ip=self.pg0.local_ip6_ll)
510 # do not respond to a NS for the peer's address
512 p = (Ether(dst=in6_getnsmac(nsma), src=self.pg0.remote_mac) /
514 src=self.pg0._remote_hosts[3].ip6_ll) /
515 ICMPv6ND_NS(tgt=self.pg0._remote_hosts[3].ip6_ll) /
516 ICMPv6NDOptSrcLLAddr(
517 lladdr=self.pg0.remote_mac))
519 self.send_and_assert_no_replies(self.pg0, p)
522 # we should have learned an ND entry for the peer's link-local
523 # but not inserted a route to it in the FIB
525 self.assertTrue(find_nbr(self,
526 self.pg0.sw_if_index,
527 self.pg0._remote_hosts[3].ip6_ll))
528 self.assertFalse(find_route(self,
529 self.pg0._remote_hosts[3].ip6_ll,
532 def test_ns_duplicates(self):
536 # Generate some hosts on the LAN
538 self.pg1.generate_remote_hosts(3)
541 # Add host 1 on pg1 and pg2
543 ns_pg1 = VppNeighbor(self,
544 self.pg1.sw_if_index,
545 self.pg1.remote_hosts[1].mac,
546 self.pg1.remote_hosts[1].ip6)
547 ns_pg1.add_vpp_config()
548 ns_pg2 = VppNeighbor(self,
549 self.pg2.sw_if_index,
551 self.pg1.remote_hosts[1].ip6)
552 ns_pg2.add_vpp_config()
555 # IP packet destined for pg1 remote host arrives on pg1 again.
557 p = (Ether(dst=self.pg0.local_mac,
558 src=self.pg0.remote_mac) /
559 IPv6(src=self.pg0.remote_ip6,
560 dst=self.pg1.remote_hosts[1].ip6) /
561 inet6.UDP(sport=1234, dport=1234) /
564 self.pg0.add_stream(p)
565 self.pg_enable_capture(self.pg_interfaces)
568 rx1 = self.pg1.get_capture(1)
570 self.verify_ip(rx1[0],
572 self.pg1.remote_hosts[1].mac,
574 self.pg1.remote_hosts[1].ip6)
577 # remove the duplicate on pg1
578 # packet stream should generate NSs out of pg1
580 ns_pg1.remove_vpp_config()
582 self.send_and_expect_ns(self.pg0, self.pg1,
583 p, self.pg1.remote_hosts[1].ip6)
588 ns_pg1.add_vpp_config()
590 self.pg0.add_stream(p)
591 self.pg_enable_capture(self.pg_interfaces)
594 rx1 = self.pg1.get_capture(1)
596 self.verify_ip(rx1[0],
598 self.pg1.remote_hosts[1].mac,
600 self.pg1.remote_hosts[1].ip6)
602 def validate_ra(self, intf, rx, dst_ip=None, src_ip=None,
603 mtu=9000, pi_opt=None):
605 dst_ip = intf.remote_ip6
607 src_ip = mk_ll_addr(intf.local_mac)
609 # unicasted packets must come to the unicast mac
610 self.assertEqual(rx[Ether].dst, intf.remote_mac)
612 # and from the router's MAC
613 self.assertEqual(rx[Ether].src, intf.local_mac)
615 # the rx'd RA should be addressed to the sender's source
616 self.assertTrue(rx.haslayer(ICMPv6ND_RA))
617 self.assertEqual(in6_ptop(rx[IPv6].dst),
620 # and come from the router's link local
621 self.assertTrue(in6_islladdr(rx[IPv6].src))
622 self.assertEqual(in6_ptop(rx[IPv6].src), in6_ptop(src_ip))
624 # it should contain the links MTU
626 self.assertEqual(ra[ICMPv6NDOptMTU].mtu, mtu)
628 # it should contain the source's link layer address option
629 sll = ra[ICMPv6NDOptSrcLLAddr]
630 self.assertEqual(sll.lladdr, intf.local_mac)
633 # the RA should not contain prefix information
634 self.assertFalse(ra.haslayer(
635 ICMPv6NDOptPrefixInfo))
637 raos = rx.getlayer(ICMPv6NDOptPrefixInfo, 1)
639 # the options are nested in the scapy packet in way that i cannot
640 # decipher how to decode. this 1st layer of option always returns
641 # nested classes, so a direct obj1=obj2 comparison always fails.
642 # however, the getlayer(.., 2) does give one instance.
643 # so we cheat here and construct a new opt instance for comparison
644 rd = ICMPv6NDOptPrefixInfo(
645 prefixlen=raos.prefixlen,
649 if type(pi_opt) is list:
650 for ii in range(len(pi_opt)):
651 self.assertEqual(pi_opt[ii], rd)
653 ICMPv6NDOptPrefixInfo, ii + 2)
655 self.assertEqual(pi_opt, raos, 'Expected: %s, received: %s'
656 % (pi_opt.show(dump=True),
657 raos.show(dump=True)))
659 def send_and_expect_ra(self, intf, pkts, remark, dst_ip=None,
660 filter_out_fn=is_ipv6_misc,
663 self.vapi.cli("clear trace")
664 intf.add_stream(pkts)
665 self.pg_enable_capture(self.pg_interfaces)
667 rx = intf.get_capture(1, filter_out_fn=filter_out_fn)
669 self.assertEqual(len(rx), 1)
671 self.validate_ra(intf, rx, dst_ip, src_ip=src_ip, pi_opt=opt)
674 """ IPv6 Router Solicitation Exceptions
680 # Before we begin change the IPv6 RA responses to use the unicast
681 # address - that way we will not confuse them with the periodic
682 # RAs which go to the mcast address
683 # Sit and wait for the first periodic RA.
687 self.pg0.ip6_ra_config(send_unicast=1)
690 # An RS from a link source address
691 # - expect an RA in return
693 p = (Ether(dst=self.pg0.local_mac, src=self.pg0.remote_mac) /
694 IPv6(dst=self.pg0.local_ip6, src=self.pg0.remote_ip6) /
697 self.send_and_expect_ra(self.pg0, pkts, "Genuine RS")
700 # For the next RS sent the RA should be rate limited
702 self.send_and_assert_no_replies(self.pg0, pkts, "RA rate limited")
705 # When we reconfigure the IPv6 RA config,
706 # we reset the RA rate limiting,
707 # so we need to do this before each test below so as not to drop
708 # packets for rate limiting reasons. Test this works here.
710 self.pg0.ip6_ra_config(send_unicast=1)
711 self.send_and_expect_ra(self.pg0, pkts, "Rate limit reset RS")
714 # An RS sent from a non-link local source
716 self.pg0.ip6_ra_config(send_unicast=1)
717 p = (Ether(dst=self.pg0.local_mac, src=self.pg0.remote_mac) /
718 IPv6(dst=self.pg0.local_ip6,
722 self.send_and_assert_no_replies(self.pg0, pkts,
723 "RS from non-link source")
726 # Source an RS from a link local address
728 self.pg0.ip6_ra_config(send_unicast=1)
729 ll = mk_ll_addr(self.pg0.remote_mac)
730 p = (Ether(dst=self.pg0.local_mac, src=self.pg0.remote_mac) /
731 IPv6(dst=self.pg0.local_ip6, src=ll) /
734 self.send_and_expect_ra(self.pg0, pkts,
735 "RS sourced from link-local",
739 # Source an RS from a link local address
740 # Ensure suppress also applies to solicited RS
742 self.pg0.ip6_ra_config(send_unicast=1, suppress=1)
743 ll = mk_ll_addr(self.pg0.remote_mac)
744 p = (Ether(dst=self.pg0.local_mac, src=self.pg0.remote_mac) /
745 IPv6(dst=self.pg0.local_ip6, src=ll) /
748 self.send_and_assert_no_replies(self.pg0, pkts,
749 "Suppressed RS from link-local")
752 # Send the RS multicast
754 self.pg0.ip6_ra_config(no=1, suppress=1) # Reset suppress flag to zero
755 self.pg0.ip6_ra_config(send_unicast=1)
756 dmac = in6_getnsmac(inet_pton(AF_INET6, "ff02::2"))
757 ll = mk_ll_addr(self.pg0.remote_mac)
758 p = (Ether(dst=dmac, src=self.pg0.remote_mac) /
759 IPv6(dst="ff02::2", src=ll) /
762 self.send_and_expect_ra(self.pg0, pkts,
763 "RS sourced from link-local",
767 # Source from the unspecified address ::. This happens when the RS
768 # is sent before the host has a configured address/sub-net,
769 # i.e. auto-config. Since the sender has no IP address, the reply
770 # comes back mcast - so the capture needs to not filter this.
771 # If we happen to pick up the periodic RA at this point then so be it,
774 self.pg0.ip6_ra_config(send_unicast=1, suppress=0)
775 p = (Ether(dst=dmac, src=self.pg0.remote_mac) /
776 IPv6(dst="ff02::2", src="::") /
779 self.send_and_expect_ra(self.pg0, pkts,
780 "RS sourced from unspecified",
785 # Configure The RA to announce the links prefix
787 self.pg0.ip6_ra_prefix('%s/%s' % (self.pg0.local_ip6,
788 self.pg0.local_ip6_prefix_len))
791 # RAs should now contain the prefix information option
793 opt = ICMPv6NDOptPrefixInfo(
794 prefixlen=self.pg0.local_ip6_prefix_len,
795 prefix=self.pg0.local_ip6,
799 self.pg0.ip6_ra_config(send_unicast=1)
800 ll = mk_ll_addr(self.pg0.remote_mac)
801 p = (Ether(dst=self.pg0.local_mac, src=self.pg0.remote_mac) /
802 IPv6(dst=self.pg0.local_ip6, src=ll) /
804 self.send_and_expect_ra(self.pg0, p,
805 "RA with prefix-info",
810 # Change the prefix info to not off-link
813 self.pg0.ip6_ra_prefix('%s/%s' % (self.pg0.local_ip6,
814 self.pg0.local_ip6_prefix_len),
817 opt = ICMPv6NDOptPrefixInfo(
818 prefixlen=self.pg0.local_ip6_prefix_len,
819 prefix=self.pg0.local_ip6,
823 self.pg0.ip6_ra_config(send_unicast=1)
824 self.send_and_expect_ra(self.pg0, p,
825 "RA with Prefix info with L-flag=0",
830 # Change the prefix info to not off-link, no-autoconfig
831 # L and A flag are clear in the advert
833 self.pg0.ip6_ra_prefix('%s/%s' % (self.pg0.local_ip6,
834 self.pg0.local_ip6_prefix_len),
838 opt = ICMPv6NDOptPrefixInfo(
839 prefixlen=self.pg0.local_ip6_prefix_len,
840 prefix=self.pg0.local_ip6,
844 self.pg0.ip6_ra_config(send_unicast=1)
845 self.send_and_expect_ra(self.pg0, p,
846 "RA with Prefix info with A & L-flag=0",
851 # Change the flag settings back to the defaults
852 # L and A flag are set in the advert
854 self.pg0.ip6_ra_prefix('%s/%s' % (self.pg0.local_ip6,
855 self.pg0.local_ip6_prefix_len))
857 opt = ICMPv6NDOptPrefixInfo(
858 prefixlen=self.pg0.local_ip6_prefix_len,
859 prefix=self.pg0.local_ip6,
863 self.pg0.ip6_ra_config(send_unicast=1)
864 self.send_and_expect_ra(self.pg0, p,
865 "RA with Prefix info",
870 # Change the prefix info to not off-link, no-autoconfig
871 # L and A flag are clear in the advert
873 self.pg0.ip6_ra_prefix('%s/%s' % (self.pg0.local_ip6,
874 self.pg0.local_ip6_prefix_len),
878 opt = ICMPv6NDOptPrefixInfo(
879 prefixlen=self.pg0.local_ip6_prefix_len,
880 prefix=self.pg0.local_ip6,
884 self.pg0.ip6_ra_config(send_unicast=1)
885 self.send_and_expect_ra(self.pg0, p,
886 "RA with Prefix info with A & L-flag=0",
891 # Use the reset to defaults option to revert to defaults
892 # L and A flag are clear in the advert
894 self.pg0.ip6_ra_prefix('%s/%s' % (self.pg0.local_ip6,
895 self.pg0.local_ip6_prefix_len),
898 opt = ICMPv6NDOptPrefixInfo(
899 prefixlen=self.pg0.local_ip6_prefix_len,
900 prefix=self.pg0.local_ip6,
904 self.pg0.ip6_ra_config(send_unicast=1)
905 self.send_and_expect_ra(self.pg0, p,
906 "RA with Prefix reverted to defaults",
911 # Advertise Another prefix. With no L-flag/A-flag
913 self.pg0.ip6_ra_prefix('%s/%s' % (self.pg1.local_ip6,
914 self.pg1.local_ip6_prefix_len),
918 opt = [ICMPv6NDOptPrefixInfo(
919 prefixlen=self.pg0.local_ip6_prefix_len,
920 prefix=self.pg0.local_ip6,
923 ICMPv6NDOptPrefixInfo(
924 prefixlen=self.pg1.local_ip6_prefix_len,
925 prefix=self.pg1.local_ip6,
929 self.pg0.ip6_ra_config(send_unicast=1)
930 ll = mk_ll_addr(self.pg0.remote_mac)
931 p = (Ether(dst=self.pg0.local_mac, src=self.pg0.remote_mac) /
932 IPv6(dst=self.pg0.local_ip6, src=ll) /
934 self.send_and_expect_ra(self.pg0, p,
935 "RA with multiple Prefix infos",
940 # Remove the first prefix-info - expect the second is still in the
943 self.pg0.ip6_ra_prefix('%s/%s' % (self.pg0.local_ip6,
944 self.pg0.local_ip6_prefix_len),
947 opt = ICMPv6NDOptPrefixInfo(
948 prefixlen=self.pg1.local_ip6_prefix_len,
949 prefix=self.pg1.local_ip6,
953 self.pg0.ip6_ra_config(send_unicast=1)
954 self.send_and_expect_ra(self.pg0, p,
955 "RA with Prefix reverted to defaults",
960 # Remove the second prefix-info - expect no prefix-info in the adverts
962 self.pg0.ip6_ra_prefix('%s/%s' % (self.pg1.local_ip6,
963 self.pg1.local_ip6_prefix_len),
967 # change the link's link local, so we know that works too.
969 self.vapi.sw_interface_ip6_set_link_local_address(
970 sw_if_index=self.pg0.sw_if_index,
973 self.pg0.ip6_ra_config(send_unicast=1)
974 self.send_and_expect_ra(self.pg0, p,
975 "RA with Prefix reverted to defaults",
980 # Reset the periodic advertisements back to default values
982 self.pg0.ip6_ra_config(no=1, suppress=1, send_unicast=0)
987 # test one MLD is sent after applying an IPv6 Address on an interface
989 self.pg_enable_capture(self.pg_interfaces)
992 subitf = VppDot1QSubint(self, self.pg1, 99)
997 rxs = self.pg1._get_capture(timeout=4, filter_out_fn=None)
1000 # hunt for the MLD on vlan 99
1003 # make sure ipv6 packets with hop by hop options have
1005 self.assert_packet_checksums_valid(rx)
1006 if rx.haslayer(IPv6ExtHdrHopByHop) and \
1007 rx.haslayer(Dot1Q) and \
1008 rx[Dot1Q].vlan == 99:
1009 mld = rx[ICMPv6MLReport2]
1011 self.assertEqual(mld.records_number, 4)
1014 class TestIPv6RouteLookup(VppTestCase):
1015 """ IPv6 Route Lookup Test Case """
1018 def route_lookup(self, prefix, exact):
1019 return self.vapi.api(self.vapi.papi.ip_route_lookup,
1027 def setUpClass(cls):
1028 super(TestIPv6RouteLookup, cls).setUpClass()
1031 def tearDownClass(cls):
1032 super(TestIPv6RouteLookup, cls).tearDownClass()
1035 super(TestIPv6RouteLookup, self).setUp()
1037 drop_nh = VppRoutePath("::1", 0xffffffff,
1038 type=FibPathType.FIB_PATH_TYPE_DROP)
1041 r = VppIpRoute(self, "2001:1111::", 32, [drop_nh])
1043 self.routes.append(r)
1045 r = VppIpRoute(self, "2001:1111:2222::", 48, [drop_nh])
1047 self.routes.append(r)
1049 r = VppIpRoute(self, "2001:1111:2222::1", 128, [drop_nh])
1051 self.routes.append(r)
1054 # Remove the routes we added
1055 for r in self.routes:
1056 r.remove_vpp_config()
1058 super(TestIPv6RouteLookup, self).tearDown()
1060 def test_exact_match(self):
1061 # Verify we find the host route
1062 prefix = "2001:1111:2222::1/128"
1063 result = self.route_lookup(prefix, True)
1064 assert (prefix == str(result.route.prefix))
1066 # Verify we find a middle prefix route
1067 prefix = "2001:1111:2222::/48"
1068 result = self.route_lookup(prefix, True)
1069 assert (prefix == str(result.route.prefix))
1071 # Verify we do not find an available LPM.
1072 with self.vapi.assert_negative_api_retval():
1073 self.route_lookup("2001::2/128", True)
1075 def test_longest_prefix_match(self):
1076 # verify we find lpm
1077 lpm_prefix = "2001:1111:2222::/48"
1078 result = self.route_lookup("2001:1111:2222::2/128", False)
1079 assert (lpm_prefix == str(result.route.prefix))
1081 # Verify we find the exact when not requested
1082 result = self.route_lookup(lpm_prefix, False)
1083 assert (lpm_prefix == str(result.route.prefix))
1085 # Can't seem to delete the default route so no negative LPM test.
1088 class TestIPv6IfAddrRoute(VppTestCase):
1089 """ IPv6 Interface Addr Route Test Case """
1092 def setUpClass(cls):
1093 super(TestIPv6IfAddrRoute, cls).setUpClass()
1096 def tearDownClass(cls):
1097 super(TestIPv6IfAddrRoute, cls).tearDownClass()
1100 super(TestIPv6IfAddrRoute, self).setUp()
1102 # create 1 pg interface
1103 self.create_pg_interfaces(range(1))
1105 for i in self.pg_interfaces:
1111 super(TestIPv6IfAddrRoute, self).tearDown()
1112 for i in self.pg_interfaces:
1116 def test_ipv6_ifaddrs_same_prefix(self):
1117 """ IPv6 Interface Addresses Same Prefix test
1121 - Verify no route in FIB for prefix 2001:10::/64
1122 - Configure IPv4 address 2001:10::10/64 on an interface
1123 - Verify route in FIB for prefix 2001:10::/64
1124 - Configure IPv4 address 2001:10::20/64 on an interface
1125 - Delete 2001:10::10/64 from interface
1126 - Verify route in FIB for prefix 2001:10::/64
1127 - Delete 2001:10::20/64 from interface
1128 - Verify no route in FIB for prefix 2001:10::/64
1131 addr1 = "2001:10::10"
1132 addr2 = "2001:10::20"
1134 if_addr1 = VppIpInterfaceAddress(self, self.pg0, addr1, 64)
1135 if_addr2 = VppIpInterfaceAddress(self, self.pg0, addr2, 64)
1136 self.assertFalse(if_addr1.query_vpp_config())
1137 self.assertFalse(find_route(self, addr1, 128))
1138 self.assertFalse(find_route(self, addr2, 128))
1140 # configure first address, verify route present
1141 if_addr1.add_vpp_config()
1142 self.assertTrue(if_addr1.query_vpp_config())
1143 self.assertTrue(find_route(self, addr1, 128))
1144 self.assertFalse(find_route(self, addr2, 128))
1146 # configure second address, delete first, verify route not removed
1147 if_addr2.add_vpp_config()
1148 if_addr1.remove_vpp_config()
1149 self.assertFalse(if_addr1.query_vpp_config())
1150 self.assertTrue(if_addr2.query_vpp_config())
1151 self.assertFalse(find_route(self, addr1, 128))
1152 self.assertTrue(find_route(self, addr2, 128))
1154 # delete second address, verify route removed
1155 if_addr2.remove_vpp_config()
1156 self.assertFalse(if_addr1.query_vpp_config())
1157 self.assertFalse(find_route(self, addr1, 128))
1158 self.assertFalse(find_route(self, addr2, 128))
1160 def test_ipv6_ifaddr_del(self):
1161 """ Delete an interface address that does not exist """
1163 loopbacks = self.create_loopback_interfaces(1)
1164 lo = self.lo_interfaces[0]
1170 # try and remove pg0's subnet from lo
1172 with self.vapi.assert_negative_api_retval():
1173 self.vapi.sw_interface_add_del_address(
1174 sw_if_index=lo.sw_if_index,
1175 prefix=self.pg0.local_ip6_prefix,
1179 class TestICMPv6Echo(VppTestCase):
1180 """ ICMPv6 Echo Test Case """
1183 def setUpClass(cls):
1184 super(TestICMPv6Echo, cls).setUpClass()
1187 def tearDownClass(cls):
1188 super(TestICMPv6Echo, cls).tearDownClass()
1191 super(TestICMPv6Echo, self).setUp()
1193 # create 1 pg interface
1194 self.create_pg_interfaces(range(1))
1196 for i in self.pg_interfaces:
1199 i.resolve_ndp(link_layer=True)
1203 super(TestICMPv6Echo, self).tearDown()
1204 for i in self.pg_interfaces:
1208 def test_icmpv6_echo(self):
1209 """ VPP replies to ICMPv6 Echo Request
1213 - Receive ICMPv6 Echo Request message on pg0 interface.
1214 - Check outgoing ICMPv6 Echo Reply message on pg0 interface.
1217 # test both with global and local ipv6 addresses
1218 dsts = (self.pg0.local_ip6, self.pg0.local_ip6_ll)
1224 p.append((Ether(src=self.pg0.remote_mac, dst=self.pg0.local_mac) /
1225 IPv6(src=self.pg0.remote_ip6, dst=dst) /
1226 ICMPv6EchoRequest(id=id, seq=seq, data=data)))
1228 self.pg0.add_stream(p)
1229 self.pg_enable_capture(self.pg_interfaces)
1231 rxs = self.pg0.get_capture(len(dsts))
1233 for rx, dst in zip(rxs, dsts):
1236 icmpv6 = rx[ICMPv6EchoReply]
1237 self.assertEqual(ether.src, self.pg0.local_mac)
1238 self.assertEqual(ether.dst, self.pg0.remote_mac)
1239 self.assertEqual(ipv6.src, dst)
1240 self.assertEqual(ipv6.dst, self.pg0.remote_ip6)
1241 self.assertEqual(icmp6types[icmpv6.type], "Echo Reply")
1242 self.assertEqual(icmpv6.id, id)
1243 self.assertEqual(icmpv6.seq, seq)
1244 self.assertEqual(icmpv6.data, data)
1247 class TestIPv6RD(TestIPv6ND):
1248 """ IPv6 Router Discovery Test Case """
1251 def setUpClass(cls):
1252 super(TestIPv6RD, cls).setUpClass()
1255 def tearDownClass(cls):
1256 super(TestIPv6RD, cls).tearDownClass()
1259 super(TestIPv6RD, self).setUp()
1261 # create 2 pg interfaces
1262 self.create_pg_interfaces(range(2))
1264 self.interfaces = list(self.pg_interfaces)
1266 # setup all interfaces
1267 for i in self.interfaces:
1272 for i in self.interfaces:
1275 super(TestIPv6RD, self).tearDown()
1277 def test_rd_send_router_solicitation(self):
1278 """ Verify router solicitation packets """
1281 self.pg_enable_capture(self.pg_interfaces)
1283 self.vapi.ip6nd_send_router_solicitation(self.pg1.sw_if_index,
1285 rx_list = self.pg1.get_capture(count, timeout=3)
1286 self.assertEqual(len(rx_list), count)
1287 for packet in rx_list:
1288 self.assertEqual(packet.haslayer(IPv6), 1)
1289 self.assertEqual(packet[IPv6].haslayer(
1291 dst = ip6_normalize(packet[IPv6].dst)
1292 dst2 = ip6_normalize("ff02::2")
1293 self.assert_equal(dst, dst2)
1294 src = ip6_normalize(packet[IPv6].src)
1295 src2 = ip6_normalize(self.pg1.local_ip6_ll)
1296 self.assert_equal(src, src2)
1298 bool(packet[ICMPv6ND_RS].haslayer(
1299 ICMPv6NDOptSrcLLAddr)))
1301 packet[ICMPv6NDOptSrcLLAddr].lladdr,
1304 def verify_prefix_info(self, reported_prefix, prefix_option):
1305 prefix = IPv6Network(
1306 text_type(prefix_option.getfieldval("prefix") +
1308 text_type(prefix_option.getfieldval("prefixlen"))),
1310 self.assert_equal(reported_prefix.prefix.network_address,
1311 prefix.network_address)
1312 L = prefix_option.getfieldval("L")
1313 A = prefix_option.getfieldval("A")
1314 option_flags = (L << 7) | (A << 6)
1315 self.assert_equal(reported_prefix.flags, option_flags)
1316 self.assert_equal(reported_prefix.valid_time,
1317 prefix_option.getfieldval("validlifetime"))
1318 self.assert_equal(reported_prefix.preferred_time,
1319 prefix_option.getfieldval("preferredlifetime"))
1321 def test_rd_receive_router_advertisement(self):
1322 """ Verify events triggered by received RA packets """
1324 self.vapi.want_ip6_ra_events(enable=1)
1326 prefix_info_1 = ICMPv6NDOptPrefixInfo(
1330 preferredlifetime=500,
1335 prefix_info_2 = ICMPv6NDOptPrefixInfo(
1339 preferredlifetime=1000,
1344 p = (Ether(dst=self.pg1.local_mac, src=self.pg1.remote_mac) /
1345 IPv6(dst=self.pg1.local_ip6_ll,
1346 src=mk_ll_addr(self.pg1.remote_mac)) /
1350 self.pg1.add_stream([p])
1353 ev = self.vapi.wait_for_event(10, "ip6_ra_event")
1355 self.assert_equal(ev.current_hop_limit, 0)
1356 self.assert_equal(ev.flags, 8)
1357 self.assert_equal(ev.router_lifetime_in_sec, 1800)
1358 self.assert_equal(ev.neighbor_reachable_time_in_msec, 0)
1360 ev.time_in_msec_between_retransmitted_neighbor_solicitations, 0)
1362 self.assert_equal(ev.n_prefixes, 2)
1364 self.verify_prefix_info(ev.prefixes[0], prefix_info_1)
1365 self.verify_prefix_info(ev.prefixes[1], prefix_info_2)
1368 class TestIPv6RDControlPlane(TestIPv6ND):
1369 """ IPv6 Router Discovery Control Plane Test Case """
1372 def setUpClass(cls):
1373 super(TestIPv6RDControlPlane, cls).setUpClass()
1376 def tearDownClass(cls):
1377 super(TestIPv6RDControlPlane, cls).tearDownClass()
1380 super(TestIPv6RDControlPlane, self).setUp()
1382 # create 1 pg interface
1383 self.create_pg_interfaces(range(1))
1385 self.interfaces = list(self.pg_interfaces)
1387 # setup all interfaces
1388 for i in self.interfaces:
1393 super(TestIPv6RDControlPlane, self).tearDown()
1396 def create_ra_packet(pg, routerlifetime=None):
1397 src_ip = pg.remote_ip6_ll
1398 dst_ip = pg.local_ip6
1399 if routerlifetime is not None:
1400 ra = ICMPv6ND_RA(routerlifetime=routerlifetime)
1403 p = (Ether(dst=pg.local_mac, src=pg.remote_mac) /
1404 IPv6(dst=dst_ip, src=src_ip) / ra)
1408 def get_default_routes(fib):
1411 if entry.route.prefix.prefixlen == 0:
1412 for path in entry.route.paths:
1413 if path.sw_if_index != 0xFFFFFFFF:
1415 defaut_route['sw_if_index'] = path.sw_if_index
1416 defaut_route['next_hop'] = path.nh.address.ip6
1417 list.append(defaut_route)
1421 def get_interface_addresses(fib, pg):
1424 if entry.route.prefix.prefixlen == 128:
1425 path = entry.route.paths[0]
1426 if path.sw_if_index == pg.sw_if_index:
1427 list.append(str(entry.route.prefix.network_address))
1430 def wait_for_no_default_route(self, n_tries=50, s_time=1):
1432 fib = self.vapi.ip_route_dump(0, True)
1433 default_routes = self.get_default_routes(fib)
1434 if 0 == len(default_routes):
1436 n_tries = n_tries - 1
1442 """ Test handling of SLAAC addresses and default routes """
1444 fib = self.vapi.ip_route_dump(0, True)
1445 default_routes = self.get_default_routes(fib)
1446 initial_addresses = set(self.get_interface_addresses(fib, self.pg0))
1447 self.assertEqual(default_routes, [])
1448 router_address = IPv6Address(text_type(self.pg0.remote_ip6_ll))
1450 self.vapi.ip6_nd_address_autoconfig(self.pg0.sw_if_index, 1, 1)
1455 packet = (self.create_ra_packet(
1456 self.pg0) / ICMPv6NDOptPrefixInfo(
1460 preferredlifetime=2,
1463 ) / ICMPv6NDOptPrefixInfo(
1467 preferredlifetime=1000,
1471 self.pg0.add_stream([packet])
1474 self.sleep_on_vpp_time(0.1)
1476 fib = self.vapi.ip_route_dump(0, True)
1478 # check FIB for new address
1479 addresses = set(self.get_interface_addresses(fib, self.pg0))
1480 new_addresses = addresses.difference(initial_addresses)
1481 self.assertEqual(len(new_addresses), 1)
1482 prefix = IPv6Network(text_type("%s/%d" % (list(new_addresses)[0], 20)),
1484 self.assertEqual(prefix, IPv6Network(text_type('1::/20')))
1486 # check FIB for new default route
1487 default_routes = self.get_default_routes(fib)
1488 self.assertEqual(len(default_routes), 1)
1489 dr = default_routes[0]
1490 self.assertEqual(dr['sw_if_index'], self.pg0.sw_if_index)
1491 self.assertEqual(dr['next_hop'], router_address)
1493 # send RA to delete default route
1494 packet = self.create_ra_packet(self.pg0, routerlifetime=0)
1495 self.pg0.add_stream([packet])
1498 self.sleep_on_vpp_time(0.1)
1500 # check that default route is deleted
1501 fib = self.vapi.ip_route_dump(0, True)
1502 default_routes = self.get_default_routes(fib)
1503 self.assertEqual(len(default_routes), 0)
1505 self.sleep_on_vpp_time(0.1)
1508 packet = self.create_ra_packet(self.pg0)
1509 self.pg0.add_stream([packet])
1512 self.sleep_on_vpp_time(0.1)
1514 # check FIB for new default route
1515 fib = self.vapi.ip_route_dump(0, True)
1516 default_routes = self.get_default_routes(fib)
1517 self.assertEqual(len(default_routes), 1)
1518 dr = default_routes[0]
1519 self.assertEqual(dr['sw_if_index'], self.pg0.sw_if_index)
1520 self.assertEqual(dr['next_hop'], router_address)
1522 # send RA, updating router lifetime to 1s
1523 packet = self.create_ra_packet(self.pg0, 1)
1524 self.pg0.add_stream([packet])
1527 self.sleep_on_vpp_time(0.1)
1529 # check that default route still exists
1530 fib = self.vapi.ip_route_dump(0, True)
1531 default_routes = self.get_default_routes(fib)
1532 self.assertEqual(len(default_routes), 1)
1533 dr = default_routes[0]
1534 self.assertEqual(dr['sw_if_index'], self.pg0.sw_if_index)
1535 self.assertEqual(dr['next_hop'], router_address)
1537 self.sleep_on_vpp_time(1)
1539 # check that default route is deleted
1540 self.assertTrue(self.wait_for_no_default_route())
1542 # check FIB still contains the SLAAC address
1543 addresses = set(self.get_interface_addresses(fib, self.pg0))
1544 new_addresses = addresses.difference(initial_addresses)
1546 self.assertEqual(len(new_addresses), 1)
1547 prefix = IPv6Network(text_type("%s/%d" % (list(new_addresses)[0], 20)),
1549 self.assertEqual(prefix, IPv6Network(text_type('1::/20')))
1551 self.sleep_on_vpp_time(1)
1553 # check that SLAAC address is deleted
1554 fib = self.vapi.ip_route_dump(0, True)
1555 addresses = set(self.get_interface_addresses(fib, self.pg0))
1556 new_addresses = addresses.difference(initial_addresses)
1557 self.assertEqual(len(new_addresses), 0)
1560 class IPv6NDProxyTest(TestIPv6ND):
1561 """ IPv6 ND ProxyTest Case """
1564 def setUpClass(cls):
1565 super(IPv6NDProxyTest, cls).setUpClass()
1568 def tearDownClass(cls):
1569 super(IPv6NDProxyTest, cls).tearDownClass()
1572 super(IPv6NDProxyTest, self).setUp()
1574 # create 3 pg interfaces
1575 self.create_pg_interfaces(range(3))
1577 # pg0 is the master interface, with the configured subnet
1579 self.pg0.config_ip6()
1580 self.pg0.resolve_ndp()
1582 self.pg1.ip6_enable()
1583 self.pg2.ip6_enable()
1586 super(IPv6NDProxyTest, self).tearDown()
1588 def test_nd_proxy(self):
1589 """ IPv6 Proxy ND """
1592 # Generate some hosts in the subnet that we are proxying
1594 self.pg0.generate_remote_hosts(8)
1596 nsma = in6_getnsma(inet_pton(AF_INET6, self.pg0.local_ip6))
1597 d = inet_ntop(AF_INET6, nsma)
1600 # Send an NS for one of those remote hosts on one of the proxy links
1601 # expect no response since it's from an address that is not
1602 # on the link that has the prefix configured
1604 ns_pg1 = (Ether(dst=in6_getnsmac(nsma), src=self.pg1.remote_mac) /
1606 src=self.pg0._remote_hosts[2].ip6) /
1607 ICMPv6ND_NS(tgt=self.pg0.local_ip6) /
1608 ICMPv6NDOptSrcLLAddr(
1609 lladdr=self.pg0._remote_hosts[2].mac))
1611 self.send_and_assert_no_replies(self.pg1, ns_pg1, "Off link NS")
1614 # Add proxy support for the host
1616 self.vapi.ip6nd_proxy_add_del(
1617 is_add=1, ip=inet_pton(AF_INET6, self.pg0._remote_hosts[2].ip6),
1618 sw_if_index=self.pg1.sw_if_index)
1621 # try that NS again. this time we expect an NA back
1623 self.send_and_expect_na(self.pg1, ns_pg1,
1624 "NS to proxy entry",
1625 dst_ip=self.pg0._remote_hosts[2].ip6,
1626 tgt_ip=self.pg0.local_ip6)
1629 # ... and that we have an entry in the ND cache
1631 self.assertTrue(find_nbr(self,
1632 self.pg1.sw_if_index,
1633 self.pg0._remote_hosts[2].ip6))
1636 # ... and we can route traffic to it
1638 t = (Ether(dst=self.pg0.local_mac, src=self.pg0.remote_mac) /
1639 IPv6(dst=self.pg0._remote_hosts[2].ip6,
1640 src=self.pg0.remote_ip6) /
1641 inet6.UDP(sport=10000, dport=20000) /
1644 self.pg0.add_stream(t)
1645 self.pg_enable_capture(self.pg_interfaces)
1647 rx = self.pg1.get_capture(1)
1650 self.assertEqual(rx[Ether].dst, self.pg0._remote_hosts[2].mac)
1651 self.assertEqual(rx[Ether].src, self.pg1.local_mac)
1653 self.assertEqual(rx[IPv6].src,
1655 self.assertEqual(rx[IPv6].dst,
1659 # Test we proxy for the host on the main interface
1661 ns_pg0 = (Ether(dst=in6_getnsmac(nsma), src=self.pg0.remote_mac) /
1662 IPv6(dst=d, src=self.pg0.remote_ip6) /
1664 tgt=self.pg0._remote_hosts[2].ip6) /
1665 ICMPv6NDOptSrcLLAddr(
1666 lladdr=self.pg0.remote_mac))
1668 self.send_and_expect_na(self.pg0, ns_pg0,
1669 "NS to proxy entry on main",
1670 tgt_ip=self.pg0._remote_hosts[2].ip6,
1671 dst_ip=self.pg0.remote_ip6)
1674 # Setup and resolve proxy for another host on another interface
1676 ns_pg2 = (Ether(dst=in6_getnsmac(nsma), src=self.pg2.remote_mac) /
1678 src=self.pg0._remote_hosts[3].ip6) /
1679 ICMPv6ND_NS(tgt=self.pg0.local_ip6) /
1680 ICMPv6NDOptSrcLLAddr(
1681 lladdr=self.pg0._remote_hosts[2].mac))
1683 self.vapi.ip6nd_proxy_add_del(
1684 is_add=1, ip=inet_pton(AF_INET6, self.pg0._remote_hosts[3].ip6),
1685 sw_if_index=self.pg2.sw_if_index)
1687 self.send_and_expect_na(self.pg2, ns_pg2,
1688 "NS to proxy entry other interface",
1689 dst_ip=self.pg0._remote_hosts[3].ip6,
1690 tgt_ip=self.pg0.local_ip6)
1692 self.assertTrue(find_nbr(self,
1693 self.pg2.sw_if_index,
1694 self.pg0._remote_hosts[3].ip6))
1697 # hosts can communicate. pg2->pg1
1699 t2 = (Ether(dst=self.pg2.local_mac,
1700 src=self.pg0.remote_hosts[3].mac) /
1701 IPv6(dst=self.pg0._remote_hosts[2].ip6,
1702 src=self.pg0._remote_hosts[3].ip6) /
1703 inet6.UDP(sport=10000, dport=20000) /
1706 self.pg2.add_stream(t2)
1707 self.pg_enable_capture(self.pg_interfaces)
1709 rx = self.pg1.get_capture(1)
1712 self.assertEqual(rx[Ether].dst, self.pg0._remote_hosts[2].mac)
1713 self.assertEqual(rx[Ether].src, self.pg1.local_mac)
1715 self.assertEqual(rx[IPv6].src,
1717 self.assertEqual(rx[IPv6].dst,
1721 # remove the proxy configs
1723 self.vapi.ip6nd_proxy_add_del(
1724 ip=inet_pton(AF_INET6, self.pg0._remote_hosts[2].ip6),
1725 sw_if_index=self.pg1.sw_if_index, is_add=0)
1726 self.vapi.ip6nd_proxy_add_del(
1727 ip=inet_pton(AF_INET6, self.pg0._remote_hosts[3].ip6),
1728 sw_if_index=self.pg2.sw_if_index, is_add=0)
1730 self.assertFalse(find_nbr(self,
1731 self.pg2.sw_if_index,
1732 self.pg0._remote_hosts[3].ip6))
1733 self.assertFalse(find_nbr(self,
1734 self.pg1.sw_if_index,
1735 self.pg0._remote_hosts[2].ip6))
1738 # no longer proxy-ing...
1740 self.send_and_assert_no_replies(self.pg0, ns_pg0, "Proxy unconfigured")
1741 self.send_and_assert_no_replies(self.pg1, ns_pg1, "Proxy unconfigured")
1742 self.send_and_assert_no_replies(self.pg2, ns_pg2, "Proxy unconfigured")
1745 # no longer forwarding. traffic generates NS out of the glean/main
1748 self.pg2.add_stream(t2)
1749 self.pg_enable_capture(self.pg_interfaces)
1752 rx = self.pg0.get_capture(1)
1754 self.assertTrue(rx[0].haslayer(ICMPv6ND_NS))
1757 class TestIPNull(VppTestCase):
1758 """ IPv6 routes via NULL """
1761 def setUpClass(cls):
1762 super(TestIPNull, cls).setUpClass()
1765 def tearDownClass(cls):
1766 super(TestIPNull, cls).tearDownClass()
1769 super(TestIPNull, self).setUp()
1771 # create 2 pg interfaces
1772 self.create_pg_interfaces(range(1))
1774 for i in self.pg_interfaces:
1780 super(TestIPNull, self).tearDown()
1781 for i in self.pg_interfaces:
1785 def test_ip_null(self):
1786 """ IP NULL route """
1788 p = (Ether(src=self.pg0.remote_mac,
1789 dst=self.pg0.local_mac) /
1790 IPv6(src=self.pg0.remote_ip6, dst="2001::1") /
1791 inet6.UDP(sport=1234, dport=1234) /
1795 # A route via IP NULL that will reply with ICMP unreachables
1797 ip_unreach = VppIpRoute(
1799 [VppRoutePath("::", 0xffffffff,
1800 type=FibPathType.FIB_PATH_TYPE_ICMP_UNREACH)])
1801 ip_unreach.add_vpp_config()
1803 self.pg0.add_stream(p)
1804 self.pg_enable_capture(self.pg_interfaces)
1807 rx = self.pg0.get_capture(1)
1809 icmp = rx[ICMPv6DestUnreach]
1811 # 0 = "No route to destination"
1812 self.assertEqual(icmp.code, 0)
1814 # ICMP is rate limited. pause a bit
1818 # A route via IP NULL that will reply with ICMP prohibited
1820 ip_prohibit = VppIpRoute(
1821 self, "2001::1", 128,
1822 [VppRoutePath("::", 0xffffffff,
1823 type=FibPathType.FIB_PATH_TYPE_ICMP_PROHIBIT)])
1824 ip_prohibit.add_vpp_config()
1826 self.pg0.add_stream(p)
1827 self.pg_enable_capture(self.pg_interfaces)
1830 rx = self.pg0.get_capture(1)
1832 icmp = rx[ICMPv6DestUnreach]
1834 # 1 = "Communication with destination administratively prohibited"
1835 self.assertEqual(icmp.code, 1)
1838 class TestIPDisabled(VppTestCase):
1839 """ IPv6 disabled """
1842 def setUpClass(cls):
1843 super(TestIPDisabled, cls).setUpClass()
1846 def tearDownClass(cls):
1847 super(TestIPDisabled, cls).tearDownClass()
1850 super(TestIPDisabled, self).setUp()
1852 # create 2 pg interfaces
1853 self.create_pg_interfaces(range(2))
1857 self.pg0.config_ip6()
1858 self.pg0.resolve_ndp()
1860 # PG 1 is not IP enabled
1864 super(TestIPDisabled, self).tearDown()
1865 for i in self.pg_interfaces:
1869 def test_ip_disabled(self):
1872 MRouteItfFlags = VppEnum.vl_api_mfib_itf_flags_t
1873 MRouteEntryFlags = VppEnum.vl_api_mfib_entry_flags_t
1876 # one accepting interface, pg0, 2 forwarding interfaces
1878 route_ff_01 = VppIpMRoute(
1882 MRouteEntryFlags.MFIB_API_ENTRY_FLAG_NONE,
1883 [VppMRoutePath(self.pg1.sw_if_index,
1884 MRouteItfFlags.MFIB_API_ITF_FLAG_ACCEPT),
1885 VppMRoutePath(self.pg0.sw_if_index,
1886 MRouteItfFlags.MFIB_API_ITF_FLAG_FORWARD)])
1887 route_ff_01.add_vpp_config()
1889 pu = (Ether(src=self.pg1.remote_mac,
1890 dst=self.pg1.local_mac) /
1891 IPv6(src="2001::1", dst=self.pg0.remote_ip6) /
1892 inet6.UDP(sport=1234, dport=1234) /
1894 pm = (Ether(src=self.pg1.remote_mac,
1895 dst=self.pg1.local_mac) /
1896 IPv6(src="2001::1", dst="ffef::1") /
1897 inet6.UDP(sport=1234, dport=1234) /
1901 # PG1 does not forward IP traffic
1903 self.send_and_assert_no_replies(self.pg1, pu, "IPv6 disabled")
1904 self.send_and_assert_no_replies(self.pg1, pm, "IPv6 disabled")
1909 self.pg1.config_ip6()
1912 # Now we get packets through
1914 self.pg1.add_stream(pu)
1915 self.pg_enable_capture(self.pg_interfaces)
1917 rx = self.pg0.get_capture(1)
1919 self.pg1.add_stream(pm)
1920 self.pg_enable_capture(self.pg_interfaces)
1922 rx = self.pg0.get_capture(1)
1927 self.pg1.unconfig_ip6()
1930 # PG1 does not forward IP traffic
1932 self.send_and_assert_no_replies(self.pg1, pu, "IPv6 disabled")
1933 self.send_and_assert_no_replies(self.pg1, pm, "IPv6 disabled")
1936 class TestIP6LoadBalance(VppTestCase):
1937 """ IPv6 Load-Balancing """
1940 def setUpClass(cls):
1941 super(TestIP6LoadBalance, cls).setUpClass()
1944 def tearDownClass(cls):
1945 super(TestIP6LoadBalance, cls).tearDownClass()
1948 super(TestIP6LoadBalance, self).setUp()
1950 self.create_pg_interfaces(range(5))
1952 mpls_tbl = VppMplsTable(self, 0)
1953 mpls_tbl.add_vpp_config()
1955 for i in self.pg_interfaces:
1962 for i in self.pg_interfaces:
1966 super(TestIP6LoadBalance, self).tearDown()
1968 def test_ip6_load_balance(self):
1969 """ IPv6 Load-Balancing """
1972 # An array of packets that differ only in the destination port
1976 # - MPLS non-EOS with an entropy label
1980 port_mpls_neos_pkts = []
1984 # An array of packets that differ only in the source address
1989 for ii in range(NUM_PKTS):
1991 IPv6(dst="3000::1", src="3000:1::1") /
1992 inet6.UDP(sport=1234, dport=1234 + ii) /
1994 port_ip_pkts.append((Ether(src=self.pg0.remote_mac,
1995 dst=self.pg0.local_mac) /
1997 port_mpls_pkts.append((Ether(src=self.pg0.remote_mac,
1998 dst=self.pg0.local_mac) /
1999 MPLS(label=66, ttl=2) /
2001 port_mpls_neos_pkts.append((Ether(src=self.pg0.remote_mac,
2002 dst=self.pg0.local_mac) /
2003 MPLS(label=67, ttl=2) /
2004 MPLS(label=77, ttl=2) /
2006 port_ent_pkts.append((Ether(src=self.pg0.remote_mac,
2007 dst=self.pg0.local_mac) /
2008 MPLS(label=67, ttl=2) /
2009 MPLS(label=14, ttl=2) /
2010 MPLS(label=999, ttl=2) /
2013 IPv6(dst="3000::1", src="3000:1::%d" % ii) /
2014 inet6.UDP(sport=1234, dport=1234) /
2016 src_ip_pkts.append((Ether(src=self.pg0.remote_mac,
2017 dst=self.pg0.local_mac) /
2019 src_mpls_pkts.append((Ether(src=self.pg0.remote_mac,
2020 dst=self.pg0.local_mac) /
2021 MPLS(label=66, ttl=2) /
2025 # A route for the IP packets
2027 route_3000_1 = VppIpRoute(self, "3000::1", 128,
2028 [VppRoutePath(self.pg1.remote_ip6,
2029 self.pg1.sw_if_index),
2030 VppRoutePath(self.pg2.remote_ip6,
2031 self.pg2.sw_if_index)])
2032 route_3000_1.add_vpp_config()
2035 # a local-label for the EOS packets
2037 binding = VppMplsIpBind(self, 66, "3000::1", 128, is_ip6=1)
2038 binding.add_vpp_config()
2041 # An MPLS route for the non-EOS packets
2043 route_67 = VppMplsRoute(self, 67, 0,
2044 [VppRoutePath(self.pg1.remote_ip6,
2045 self.pg1.sw_if_index,
2047 VppRoutePath(self.pg2.remote_ip6,
2048 self.pg2.sw_if_index,
2050 route_67.add_vpp_config()
2053 # inject the packet on pg0 - expect load-balancing across the 2 paths
2054 # - since the default hash config is to use IP src,dst and port
2056 # We are not going to ensure equal amounts of packets across each link,
2057 # since the hash algorithm is statistical and therefore this can never
2058 # be guaranteed. But with 64 different packets we do expect some
2059 # balancing. So instead just ensure there is traffic on each link.
2061 rx = self.send_and_expect_load_balancing(self.pg0, port_ip_pkts,
2062 [self.pg1, self.pg2])
2063 n_ip_pg0 = len(rx[0])
2064 self.send_and_expect_load_balancing(self.pg0, src_ip_pkts,
2065 [self.pg1, self.pg2])
2066 self.send_and_expect_load_balancing(self.pg0, port_mpls_pkts,
2067 [self.pg1, self.pg2])
2068 self.send_and_expect_load_balancing(self.pg0, src_mpls_pkts,
2069 [self.pg1, self.pg2])
2070 rx = self.send_and_expect_load_balancing(self.pg0, port_mpls_neos_pkts,
2071 [self.pg1, self.pg2])
2072 n_mpls_pg0 = len(rx[0])
2075 # change the router ID and expect the distribution changes
2077 self.vapi.set_ip_flow_hash_router_id(router_id=0x11111111)
2079 rx = self.send_and_expect_load_balancing(self.pg0, port_ip_pkts,
2080 [self.pg1, self.pg2])
2081 self.assertNotEqual(n_ip_pg0, len(rx[0]))
2083 rx = self.send_and_expect_load_balancing(self.pg0, src_mpls_pkts,
2084 [self.pg1, self.pg2])
2085 self.assertNotEqual(n_mpls_pg0, len(rx[0]))
2088 # The packets with Entropy label in should not load-balance,
2089 # since the Entropy value is fixed.
2091 self.send_and_expect_only(self.pg0, port_ent_pkts, self.pg1)
2094 # change the flow hash config so it's only IP src,dst
2095 # - now only the stream with differing source address will
2098 self.vapi.set_ip_flow_hash(vrf_id=0, src=1, dst=1, proto=1,
2099 sport=0, dport=0, is_ipv6=1)
2101 self.send_and_expect_load_balancing(self.pg0, src_ip_pkts,
2102 [self.pg1, self.pg2])
2103 self.send_and_expect_load_balancing(self.pg0, src_mpls_pkts,
2104 [self.pg1, self.pg2])
2105 self.send_and_expect_only(self.pg0, port_ip_pkts, self.pg2)
2108 # change the flow hash config back to defaults
2110 self.vapi.set_ip_flow_hash(vrf_id=0, src=1, dst=1, sport=1, dport=1,
2114 # Recursive prefixes
2115 # - testing that 2 stages of load-balancing occurs and there is no
2116 # polarisation (i.e. only 2 of 4 paths are used)
2121 for ii in range(257):
2122 port_pkts.append((Ether(src=self.pg0.remote_mac,
2123 dst=self.pg0.local_mac) /
2126 inet6.UDP(sport=1234,
2128 Raw(b'\xa5' * 100)))
2129 src_pkts.append((Ether(src=self.pg0.remote_mac,
2130 dst=self.pg0.local_mac) /
2132 src="4000:1::%d" % ii) /
2133 inet6.UDP(sport=1234, dport=1234) /
2134 Raw(b'\xa5' * 100)))
2136 route_3000_2 = VppIpRoute(self, "3000::2", 128,
2137 [VppRoutePath(self.pg3.remote_ip6,
2138 self.pg3.sw_if_index),
2139 VppRoutePath(self.pg4.remote_ip6,
2140 self.pg4.sw_if_index)])
2141 route_3000_2.add_vpp_config()
2143 route_4000_1 = VppIpRoute(self, "4000::1", 128,
2144 [VppRoutePath("3000::1",
2146 VppRoutePath("3000::2",
2148 route_4000_1.add_vpp_config()
2151 # inject the packet on pg0 - expect load-balancing across all 4 paths
2153 self.vapi.cli("clear trace")
2154 self.send_and_expect_load_balancing(self.pg0, port_pkts,
2155 [self.pg1, self.pg2,
2156 self.pg3, self.pg4])
2157 self.send_and_expect_load_balancing(self.pg0, src_pkts,
2158 [self.pg1, self.pg2,
2159 self.pg3, self.pg4])
2162 # Recursive prefixes
2163 # - testing that 2 stages of load-balancing no choices
2167 for ii in range(257):
2168 port_pkts.append((Ether(src=self.pg0.remote_mac,
2169 dst=self.pg0.local_mac) /
2172 inet6.UDP(sport=1234,
2174 Raw(b'\xa5' * 100)))
2176 route_5000_2 = VppIpRoute(self, "5000::2", 128,
2177 [VppRoutePath(self.pg3.remote_ip6,
2178 self.pg3.sw_if_index)])
2179 route_5000_2.add_vpp_config()
2181 route_6000_1 = VppIpRoute(self, "6000::1", 128,
2182 [VppRoutePath("5000::2",
2184 route_6000_1.add_vpp_config()
2187 # inject the packet on pg0 - expect load-balancing across all 4 paths
2189 self.vapi.cli("clear trace")
2190 self.send_and_expect_only(self.pg0, port_pkts, self.pg3)
2193 class IP6PuntSetup(object):
2194 """ Setup for IPv6 Punt Police/Redirect """
2196 def punt_setup(self):
2197 self.create_pg_interfaces(range(4))
2199 for i in self.pg_interfaces:
2204 self.pkt = (Ether(src=self.pg0.remote_mac,
2205 dst=self.pg0.local_mac) /
2206 IPv6(src=self.pg0.remote_ip6,
2207 dst=self.pg0.local_ip6) /
2208 inet6.TCP(sport=1234, dport=1234) /
2211 def punt_teardown(self):
2212 for i in self.pg_interfaces:
2217 class TestIP6Punt(IP6PuntSetup, VppTestCase):
2218 """ IPv6 Punt Police/Redirect """
2221 super(TestIP6Punt, self).setUp()
2222 super(TestIP6Punt, self).punt_setup()
2225 super(TestIP6Punt, self).punt_teardown()
2226 super(TestIP6Punt, self).tearDown()
2228 def test_ip_punt(self):
2229 """ IP6 punt police and redirect """
2231 pkts = self.pkt * 1025
2234 # Configure a punt redirect via pg1.
2236 nh_addr = self.pg1.remote_ip6
2237 ip_punt_redirect = VppIpPuntRedirect(self, self.pg0.sw_if_index,
2238 self.pg1.sw_if_index, nh_addr)
2239 ip_punt_redirect.add_vpp_config()
2241 self.send_and_expect(self.pg0, pkts, self.pg1)
2246 policer = VppPolicer(self, "ip6-punt", 400, 0, 10, 0, rate_type=1)
2247 policer.add_vpp_config()
2248 ip_punt_policer = VppIpPuntPolicer(self, policer.policer_index,
2250 ip_punt_policer.add_vpp_config()
2252 self.vapi.cli("clear trace")
2253 self.pg0.add_stream(pkts)
2254 self.pg_enable_capture(self.pg_interfaces)
2258 # the number of packet received should be greater than 0,
2259 # but not equal to the number sent, since some were policed
2261 rx = self.pg1._get_capture(1)
2262 stats = policer.get_stats()
2264 # Single rate policer - expect conform, violate but no exceed
2265 self.assertGreater(stats['conform_packets'], 0)
2266 self.assertEqual(stats['exceed_packets'], 0)
2267 self.assertGreater(stats['violate_packets'], 0)
2269 self.assertGreater(len(rx), 0)
2270 self.assertLess(len(rx), len(pkts))
2273 # remove the policer. back to full rx
2275 ip_punt_policer.remove_vpp_config()
2276 policer.remove_vpp_config()
2277 self.send_and_expect(self.pg0, pkts, self.pg1)
2280 # remove the redirect. expect full drop.
2282 ip_punt_redirect.remove_vpp_config()
2283 self.send_and_assert_no_replies(self.pg0, pkts,
2284 "IP no punt config")
2287 # Add a redirect that is not input port selective
2289 ip_punt_redirect = VppIpPuntRedirect(self, 0xffffffff,
2290 self.pg1.sw_if_index, nh_addr)
2291 ip_punt_redirect.add_vpp_config()
2292 self.send_and_expect(self.pg0, pkts, self.pg1)
2293 ip_punt_redirect.remove_vpp_config()
2295 def test_ip_punt_dump(self):
2296 """ IP6 punt redirect dump"""
2299 # Configure a punt redirects
2301 nh_address = self.pg3.remote_ip6
2302 ipr_03 = VppIpPuntRedirect(self, self.pg0.sw_if_index,
2303 self.pg3.sw_if_index, nh_address)
2304 ipr_13 = VppIpPuntRedirect(self, self.pg1.sw_if_index,
2305 self.pg3.sw_if_index, nh_address)
2306 ipr_23 = VppIpPuntRedirect(self, self.pg2.sw_if_index,
2307 self.pg3.sw_if_index, '0::0')
2308 ipr_03.add_vpp_config()
2309 ipr_13.add_vpp_config()
2310 ipr_23.add_vpp_config()
2313 # Dump pg0 punt redirects
2315 self.assertTrue(ipr_03.query_vpp_config())
2316 self.assertTrue(ipr_13.query_vpp_config())
2317 self.assertTrue(ipr_23.query_vpp_config())
2320 # Dump punt redirects for all interfaces
2322 punts = self.vapi.ip_punt_redirect_dump(0xffffffff, is_ipv6=1)
2323 self.assertEqual(len(punts), 3)
2325 self.assertEqual(p.punt.tx_sw_if_index, self.pg3.sw_if_index)
2326 self.assertNotEqual(punts[1].punt.nh, self.pg3.remote_ip6)
2327 self.assertEqual(str(punts[2].punt.nh), '::')
2330 class TestIP6PuntHandoff(IP6PuntSetup, VppTestCase):
2331 """ IPv6 Punt Police/Redirect """
2332 vpp_worker_count = 2
2335 super(TestIP6PuntHandoff, self).setUp()
2336 super(TestIP6PuntHandoff, self).punt_setup()
2339 super(TestIP6PuntHandoff, self).punt_teardown()
2340 super(TestIP6PuntHandoff, self).tearDown()
2342 def test_ip_punt(self):
2343 """ IP6 punt policer thread handoff """
2344 pkts = self.pkt * NUM_PKTS
2347 # Configure a punt redirect via pg1.
2349 nh_addr = self.pg1.remote_ip6
2350 ip_punt_redirect = VppIpPuntRedirect(self, self.pg0.sw_if_index,
2351 self.pg1.sw_if_index, nh_addr)
2352 ip_punt_redirect.add_vpp_config()
2354 action_tx = PolicerAction(
2355 VppEnum.vl_api_sse2_qos_action_type_t.SSE2_QOS_ACTION_API_TRANSMIT,
2358 # This policer drops no packets, we are just
2359 # testing that they get to the right thread.
2361 policer = VppPolicer(self, "ip6-punt", 400, 0, 10, 0, 1,
2362 0, 0, False, action_tx, action_tx, action_tx)
2363 policer.add_vpp_config()
2364 ip_punt_policer = VppIpPuntPolicer(self, policer.policer_index,
2366 ip_punt_policer.add_vpp_config()
2368 for worker in [0, 1]:
2369 self.send_and_expect(self.pg0, pkts, self.pg1, worker=worker)
2371 self.logger.debug(self.vapi.cli("show trace max 100"))
2373 # Combined stats, all threads
2374 stats = policer.get_stats()
2376 # Single rate policer - expect conform, violate but no exceed
2377 self.assertGreater(stats['conform_packets'], 0)
2378 self.assertEqual(stats['exceed_packets'], 0)
2379 self.assertGreater(stats['violate_packets'], 0)
2381 # Worker 0, should have done all the policing
2382 stats0 = policer.get_stats(worker=0)
2383 self.assertEqual(stats, stats0)
2385 # Worker 1, should have handed everything off
2386 stats1 = policer.get_stats(worker=1)
2387 self.assertEqual(stats1['conform_packets'], 0)
2388 self.assertEqual(stats1['exceed_packets'], 0)
2389 self.assertEqual(stats1['violate_packets'], 0)
2391 # Bind the policer to worker 1 and repeat
2392 policer.bind_vpp_config(1, True)
2393 for worker in [0, 1]:
2394 self.send_and_expect(self.pg0, pkts, self.pg1, worker=worker)
2395 self.logger.debug(self.vapi.cli("show trace max 100"))
2397 # The 2 workers should now have policed the same amount
2398 stats = policer.get_stats()
2399 stats0 = policer.get_stats(worker=0)
2400 stats1 = policer.get_stats(worker=1)
2402 self.assertGreater(stats0['conform_packets'], 0)
2403 self.assertEqual(stats0['exceed_packets'], 0)
2404 self.assertGreater(stats0['violate_packets'], 0)
2406 self.assertGreater(stats1['conform_packets'], 0)
2407 self.assertEqual(stats1['exceed_packets'], 0)
2408 self.assertGreater(stats1['violate_packets'], 0)
2410 self.assertEqual(stats0['conform_packets'] + stats1['conform_packets'],
2411 stats['conform_packets'])
2413 self.assertEqual(stats0['violate_packets'] + stats1['violate_packets'],
2414 stats['violate_packets'])
2416 # Unbind the policer and repeat
2417 policer.bind_vpp_config(1, False)
2418 for worker in [0, 1]:
2419 self.send_and_expect(self.pg0, pkts, self.pg1, worker=worker)
2420 self.logger.debug(self.vapi.cli("show trace max 100"))
2422 # The policer should auto-bind to worker 0 when packets arrive
2423 stats = policer.get_stats()
2424 stats0new = policer.get_stats(worker=0)
2425 stats1new = policer.get_stats(worker=1)
2427 self.assertGreater(stats0new['conform_packets'],
2428 stats0['conform_packets'])
2429 self.assertEqual(stats0new['exceed_packets'], 0)
2430 self.assertGreater(stats0new['violate_packets'],
2431 stats0['violate_packets'])
2433 self.assertEqual(stats1, stats1new)
2438 ip_punt_policer.remove_vpp_config()
2439 policer.remove_vpp_config()
2440 ip_punt_redirect.remove_vpp_config()
2443 class TestIPDeag(VppTestCase):
2444 """ IPv6 Deaggregate Routes """
2447 def setUpClass(cls):
2448 super(TestIPDeag, cls).setUpClass()
2451 def tearDownClass(cls):
2452 super(TestIPDeag, cls).tearDownClass()
2455 super(TestIPDeag, self).setUp()
2457 self.create_pg_interfaces(range(3))
2459 for i in self.pg_interfaces:
2465 super(TestIPDeag, self).tearDown()
2466 for i in self.pg_interfaces:
2470 def test_ip_deag(self):
2471 """ IP Deag Routes """
2474 # Create a table to be used for:
2475 # 1 - another destination address lookup
2476 # 2 - a source address lookup
2478 table_dst = VppIpTable(self, 1, is_ip6=1)
2479 table_src = VppIpTable(self, 2, is_ip6=1)
2480 table_dst.add_vpp_config()
2481 table_src.add_vpp_config()
2484 # Add a route in the default table to point to a deag/
2485 # second lookup in each of these tables
2487 route_to_dst = VppIpRoute(self, "1::1", 128,
2491 route_to_src = VppIpRoute(
2496 type=FibPathType.FIB_PATH_TYPE_SOURCE_LOOKUP)])
2498 route_to_dst.add_vpp_config()
2499 route_to_src.add_vpp_config()
2502 # packets to these destination are dropped, since they'll
2503 # hit the respective default routes in the second table
2505 p_dst = (Ether(src=self.pg0.remote_mac,
2506 dst=self.pg0.local_mac) /
2507 IPv6(src="5::5", dst="1::1") /
2508 inet6.TCP(sport=1234, dport=1234) /
2510 p_src = (Ether(src=self.pg0.remote_mac,
2511 dst=self.pg0.local_mac) /
2512 IPv6(src="2::2", dst="1::2") /
2513 inet6.TCP(sport=1234, dport=1234) /
2515 pkts_dst = p_dst * 257
2516 pkts_src = p_src * 257
2518 self.send_and_assert_no_replies(self.pg0, pkts_dst,
2520 self.send_and_assert_no_replies(self.pg0, pkts_src,
2524 # add a route in the dst table to forward via pg1
2526 route_in_dst = VppIpRoute(self, "1::1", 128,
2527 [VppRoutePath(self.pg1.remote_ip6,
2528 self.pg1.sw_if_index)],
2530 route_in_dst.add_vpp_config()
2532 self.send_and_expect(self.pg0, pkts_dst, self.pg1)
2535 # add a route in the src table to forward via pg2
2537 route_in_src = VppIpRoute(self, "2::2", 128,
2538 [VppRoutePath(self.pg2.remote_ip6,
2539 self.pg2.sw_if_index)],
2541 route_in_src.add_vpp_config()
2542 self.send_and_expect(self.pg0, pkts_src, self.pg2)
2545 # loop in the lookup DP
2547 route_loop = VppIpRoute(self, "3::3", 128,
2550 route_loop.add_vpp_config()
2552 p_l = (Ether(src=self.pg0.remote_mac,
2553 dst=self.pg0.local_mac) /
2554 IPv6(src="3::4", dst="3::3") /
2555 inet6.TCP(sport=1234, dport=1234) /
2558 self.send_and_assert_no_replies(self.pg0, p_l * 257,
2562 class TestIP6Input(VppTestCase):
2563 """ IPv6 Input Exception Test Cases """
2566 def setUpClass(cls):
2567 super(TestIP6Input, cls).setUpClass()
2570 def tearDownClass(cls):
2571 super(TestIP6Input, cls).tearDownClass()
2574 super(TestIP6Input, self).setUp()
2576 self.create_pg_interfaces(range(2))
2578 for i in self.pg_interfaces:
2584 super(TestIP6Input, self).tearDown()
2585 for i in self.pg_interfaces:
2589 def test_ip_input_icmp_reply(self):
2590 """ IP6 Input Exception - Return ICMP (3,0) """
2592 # hop limit - ICMP replies
2594 p_version = (Ether(src=self.pg0.remote_mac,
2595 dst=self.pg0.local_mac) /
2596 IPv6(src=self.pg0.remote_ip6,
2597 dst=self.pg1.remote_ip6,
2599 inet6.UDP(sport=1234, dport=1234) /
2602 rx = self.send_and_expect(self.pg0, p_version * NUM_PKTS, self.pg0)
2604 icmp = rx[ICMPv6TimeExceeded]
2606 # 0: "hop limit exceeded in transit",
2607 self.assertEqual((icmp.type, icmp.code), (3, 0))
2609 icmpv6_data = '\x0a' * 18
2611 all_1s = "FFFF:FFFF:FFFF:FFFF:FFFF:FFFF:FFFF:FFFF"
2613 @parameterized.expand([
2614 # Name, src, dst, l4proto, msg, timeout
2615 ("src='iface', dst='iface'", None, None,
2616 inet6.UDP(sport=1234, dport=1234), "funky version", None),
2617 ("src='All 0's', dst='iface'", all_0s, None,
2618 ICMPv6EchoRequest(id=0xb, seq=5, data=icmpv6_data), None, 0.1),
2619 ("src='iface', dst='All 0's'", None, all_0s,
2620 ICMPv6EchoRequest(id=0xb, seq=5, data=icmpv6_data), None, 0.1),
2621 ("src='All 1's', dst='iface'", all_1s, None,
2622 ICMPv6EchoRequest(id=0xb, seq=5, data=icmpv6_data), None, 0.1),
2623 ("src='iface', dst='All 1's'", None, all_1s,
2624 ICMPv6EchoRequest(id=0xb, seq=5, data=icmpv6_data), None, 0.1),
2625 ("src='All 1's', dst='All 1's'", all_1s, all_1s,
2626 ICMPv6EchoRequest(id=0xb, seq=5, data=icmpv6_data), None, 0.1),
2629 def test_ip_input_no_replies(self, name, src, dst, l4, msg, timeout):
2631 self._testMethodDoc = 'IPv6 Input Exception - %s' % name
2633 p_version = (Ether(src=self.pg0.remote_mac,
2634 dst=self.pg0.local_mac) /
2635 IPv6(src=src or self.pg0.remote_ip6,
2636 dst=dst or self.pg1.remote_ip6,
2641 self.send_and_assert_no_replies(self.pg0, p_version * NUM_PKTS,
2645 def test_hop_by_hop(self):
2646 """ Hop-by-hop header test """
2648 p = (Ether(src=self.pg0.remote_mac,
2649 dst=self.pg0.local_mac) /
2650 IPv6(src=self.pg0.remote_ip6, dst=self.pg0.local_ip6) /
2651 IPv6ExtHdrHopByHop() /
2652 inet6.UDP(sport=1234, dport=1234) /
2655 self.pg0.add_stream(p)
2656 self.pg_enable_capture(self.pg_interfaces)
2660 class TestIPReplace(VppTestCase):
2661 """ IPv6 Table Replace """
2664 def setUpClass(cls):
2665 super(TestIPReplace, cls).setUpClass()
2668 def tearDownClass(cls):
2669 super(TestIPReplace, cls).tearDownClass()
2672 super(TestIPReplace, self).setUp()
2674 self.create_pg_interfaces(range(4))
2679 for i in self.pg_interfaces:
2682 i.generate_remote_hosts(2)
2683 self.tables.append(VppIpTable(self, table_id,
2684 True).add_vpp_config())
2688 super(TestIPReplace, self).tearDown()
2689 for i in self.pg_interfaces:
2693 def test_replace(self):
2694 """ IP Table Replace """
2696 MRouteItfFlags = VppEnum.vl_api_mfib_itf_flags_t
2697 MRouteEntryFlags = VppEnum.vl_api_mfib_entry_flags_t
2699 links = [self.pg0, self.pg1, self.pg2, self.pg3]
2700 routes = [[], [], [], []]
2702 # the sizes of 'empty' tables
2703 for t in self.tables:
2704 self.assertEqual(len(t.dump()), 2)
2705 self.assertEqual(len(t.mdump()), 5)
2707 # load up the tables with some routes
2708 for ii, t in enumerate(self.tables):
2709 for jj in range(1, N_ROUTES):
2711 self, "2001::%d" % jj if jj != 0 else "2001::", 128,
2712 [VppRoutePath(links[ii].remote_hosts[0].ip6,
2713 links[ii].sw_if_index),
2714 VppRoutePath(links[ii].remote_hosts[1].ip6,
2715 links[ii].sw_if_index)],
2716 table_id=t.table_id).add_vpp_config()
2717 multi = VppIpMRoute(
2719 "ff:2001::%d" % jj, 128,
2720 MRouteEntryFlags.MFIB_API_ENTRY_FLAG_NONE,
2721 [VppMRoutePath(self.pg0.sw_if_index,
2722 MRouteItfFlags.MFIB_API_ITF_FLAG_ACCEPT,
2723 proto=FibPathProto.FIB_PATH_NH_PROTO_IP6),
2724 VppMRoutePath(self.pg1.sw_if_index,
2725 MRouteItfFlags.MFIB_API_ITF_FLAG_FORWARD,
2726 proto=FibPathProto.FIB_PATH_NH_PROTO_IP6),
2727 VppMRoutePath(self.pg2.sw_if_index,
2728 MRouteItfFlags.MFIB_API_ITF_FLAG_FORWARD,
2729 proto=FibPathProto.FIB_PATH_NH_PROTO_IP6),
2730 VppMRoutePath(self.pg3.sw_if_index,
2731 MRouteItfFlags.MFIB_API_ITF_FLAG_FORWARD,
2732 proto=FibPathProto.FIB_PATH_NH_PROTO_IP6)],
2733 table_id=t.table_id).add_vpp_config()
2734 routes[ii].append({'uni': uni,
2738 # replace the tables a few times
2741 # replace each table
2742 for t in self.tables:
2745 # all the routes are still there
2746 for ii, t in enumerate(self.tables):
2749 for r in routes[ii]:
2750 self.assertTrue(find_route_in_dump(dump, r['uni'], t))
2751 self.assertTrue(find_mroute_in_dump(mdump, r['multi'], t))
2753 # redownload the even numbered routes
2754 for ii, t in enumerate(self.tables):
2755 for jj in range(0, N_ROUTES, 2):
2756 routes[ii][jj]['uni'].add_vpp_config()
2757 routes[ii][jj]['multi'].add_vpp_config()
2759 # signal each table converged
2760 for t in self.tables:
2763 # we should find the even routes, but not the odd
2764 for ii, t in enumerate(self.tables):
2767 for jj in range(0, N_ROUTES, 2):
2768 self.assertTrue(find_route_in_dump(
2769 dump, routes[ii][jj]['uni'], t))
2770 self.assertTrue(find_mroute_in_dump(
2771 mdump, routes[ii][jj]['multi'], t))
2772 for jj in range(1, N_ROUTES - 1, 2):
2773 self.assertFalse(find_route_in_dump(
2774 dump, routes[ii][jj]['uni'], t))
2775 self.assertFalse(find_mroute_in_dump(
2776 mdump, routes[ii][jj]['multi'], t))
2778 # reload all the routes
2779 for ii, t in enumerate(self.tables):
2780 for r in routes[ii]:
2781 r['uni'].add_vpp_config()
2782 r['multi'].add_vpp_config()
2784 # all the routes are still there
2785 for ii, t in enumerate(self.tables):
2788 for r in routes[ii]:
2789 self.assertTrue(find_route_in_dump(dump, r['uni'], t))
2790 self.assertTrue(find_mroute_in_dump(mdump, r['multi'], t))
2793 # finally flush the tables for good measure
2795 for t in self.tables:
2797 self.assertEqual(len(t.dump()), 2)
2798 self.assertEqual(len(t.mdump()), 5)
2801 class TestIP6Replace(VppTestCase):
2802 """ IPv4 Interface Address Replace """
2805 def setUpClass(cls):
2806 super(TestIP6Replace, cls).setUpClass()
2809 def tearDownClass(cls):
2810 super(TestIP6Replace, cls).tearDownClass()
2813 super(TestIP6Replace, self).setUp()
2815 self.create_pg_interfaces(range(4))
2817 for i in self.pg_interfaces:
2821 super(TestIP6Replace, self).tearDown()
2822 for i in self.pg_interfaces:
2825 def get_n_pfxs(self, intf):
2826 return len(self.vapi.ip_address_dump(intf.sw_if_index, True))
2828 def test_replace(self):
2829 """ IP interface address replace """
2831 intf_pfxs = [[], [], [], []]
2833 # add prefixes to each of the interfaces
2834 for i in range(len(self.pg_interfaces)):
2835 intf = self.pg_interfaces[i]
2838 addr = "2001:16:%d::1" % intf.sw_if_index
2839 a = VppIpInterfaceAddress(self, intf, addr, 64).add_vpp_config()
2840 intf_pfxs[i].append(a)
2842 # 2001:16:x::2/64 - a different address in the same subnet as above
2843 addr = "2001:16:%d::2" % intf.sw_if_index
2844 a = VppIpInterfaceAddress(self, intf, addr, 64).add_vpp_config()
2845 intf_pfxs[i].append(a)
2847 # 2001:15:x::2/64 - a different address and subnet
2848 addr = "2001:15:%d::2" % intf.sw_if_index
2849 a = VppIpInterfaceAddress(self, intf, addr, 64).add_vpp_config()
2850 intf_pfxs[i].append(a)
2852 # a dump should n_address in it
2853 for intf in self.pg_interfaces:
2854 self.assertEqual(self.get_n_pfxs(intf), 3)
2857 # remove all the address thru a replace
2859 self.vapi.sw_interface_address_replace_begin()
2860 self.vapi.sw_interface_address_replace_end()
2861 for intf in self.pg_interfaces:
2862 self.assertEqual(self.get_n_pfxs(intf), 0)
2865 # add all the interface addresses back
2870 for intf in self.pg_interfaces:
2871 self.assertEqual(self.get_n_pfxs(intf), 3)
2874 # replace again, but this time update/re-add the address on the first
2877 self.vapi.sw_interface_address_replace_begin()
2879 for p in intf_pfxs[:2]:
2883 self.vapi.sw_interface_address_replace_end()
2885 # on the first two the address still exist,
2886 # on the other two they do not
2887 for intf in self.pg_interfaces[:2]:
2888 self.assertEqual(self.get_n_pfxs(intf), 3)
2889 for p in intf_pfxs[:2]:
2891 self.assertTrue(v.query_vpp_config())
2892 for intf in self.pg_interfaces[2:]:
2893 self.assertEqual(self.get_n_pfxs(intf), 0)
2896 # add all the interface addresses back on the last two
2898 for p in intf_pfxs[2:]:
2901 for intf in self.pg_interfaces:
2902 self.assertEqual(self.get_n_pfxs(intf), 3)
2905 # replace again, this time add different prefixes on all the interfaces
2907 self.vapi.sw_interface_address_replace_begin()
2910 for intf in self.pg_interfaces:
2912 addr = "2001:18:%d::1" % intf.sw_if_index
2913 pfxs.append(VppIpInterfaceAddress(self, intf, addr,
2914 64).add_vpp_config())
2916 self.vapi.sw_interface_address_replace_end()
2918 # only .18 should exist on each interface
2919 for intf in self.pg_interfaces:
2920 self.assertEqual(self.get_n_pfxs(intf), 1)
2922 self.assertTrue(pfx.query_vpp_config())
2927 self.vapi.sw_interface_address_replace_begin()
2928 self.vapi.sw_interface_address_replace_end()
2929 for intf in self.pg_interfaces:
2930 self.assertEqual(self.get_n_pfxs(intf), 0)
2933 # add prefixes to each interface. post-begin add the prefix from
2934 # interface X onto interface Y. this would normally be an error
2935 # since it would generate a 'duplicate address' warning. but in
2936 # this case, since what is newly downloaded is sane, it's ok
2938 for intf in self.pg_interfaces:
2940 addr = "2001:18:%d::1" % intf.sw_if_index
2941 VppIpInterfaceAddress(self, intf, addr, 64).add_vpp_config()
2943 self.vapi.sw_interface_address_replace_begin()
2946 for intf in self.pg_interfaces:
2948 addr = "2001:18:%d::1" % (intf.sw_if_index + 1)
2949 pfxs.append(VppIpInterfaceAddress(self, intf,
2950 addr, 64).add_vpp_config())
2952 self.vapi.sw_interface_address_replace_end()
2954 self.logger.info(self.vapi.cli("sh int addr"))
2956 for intf in self.pg_interfaces:
2957 self.assertEqual(self.get_n_pfxs(intf), 1)
2959 self.assertTrue(pfx.query_vpp_config())
2962 class TestIP6LinkLocal(VppTestCase):
2963 """ IPv6 Link Local """
2966 def setUpClass(cls):
2967 super(TestIP6LinkLocal, cls).setUpClass()
2970 def tearDownClass(cls):
2971 super(TestIP6LinkLocal, cls).tearDownClass()
2974 super(TestIP6LinkLocal, self).setUp()
2976 self.create_pg_interfaces(range(2))
2978 for i in self.pg_interfaces:
2982 super(TestIP6LinkLocal, self).tearDown()
2983 for i in self.pg_interfaces:
2986 def test_ip6_ll(self):
2987 """ IPv6 Link Local """
2990 # two APIs to add a link local address.
2991 # 1 - just like any other prefix
2992 # 2 - with the special set LL API
2996 # First with the API to set a 'normal' prefix
3003 self.pg0.sw_if_index,
3004 self.pg0.remote_mac,
3005 ll2).add_vpp_config()
3007 VppIpInterfaceAddress(self, self.pg0, ll1, 128).add_vpp_config()
3010 # should be able to ping the ll
3012 p_echo_request_1 = (Ether(src=self.pg0.remote_mac,
3013 dst=self.pg0.local_mac) /
3016 ICMPv6EchoRequest())
3018 self.send_and_expect(self.pg0, [p_echo_request_1], self.pg0)
3021 # change the link-local on pg0
3023 v_ll3 = VppIpInterfaceAddress(self, self.pg0,
3024 ll3, 128).add_vpp_config()
3026 p_echo_request_3 = (Ether(src=self.pg0.remote_mac,
3027 dst=self.pg0.local_mac) /
3030 ICMPv6EchoRequest())
3032 self.send_and_expect(self.pg0, [p_echo_request_3], self.pg0)
3035 # set a normal v6 prefix on the link
3037 self.pg0.config_ip6()
3039 self.send_and_expect(self.pg0, [p_echo_request_3], self.pg0)
3041 # the link-local cannot be removed
3042 with self.vapi.assert_negative_api_retval():
3043 v_ll3.remove_vpp_config()
3046 # Use the specific link-local API on pg1
3048 VppIp6LinkLocalAddress(self, self.pg1, ll1).add_vpp_config()
3049 self.send_and_expect(self.pg1, [p_echo_request_1], self.pg1)
3051 VppIp6LinkLocalAddress(self, self.pg1, ll3).add_vpp_config()
3052 self.send_and_expect(self.pg1, [p_echo_request_3], self.pg1)
3054 def test_ip6_ll_p2p(self):
3055 """ IPv6 Link Local P2P (GRE)"""
3057 self.pg0.config_ip4()
3058 self.pg0.resolve_arp()
3059 gre_if = VppGreInterface(self,
3061 self.pg0.remote_ip4).add_vpp_config()
3067 VppIpInterfaceAddress(self, gre_if, ll1, 128).add_vpp_config()
3069 self.logger.info(self.vapi.cli("sh ip6-ll gre0 fe80:2::2"))
3071 p_echo_request_1 = (Ether(src=self.pg0.remote_mac,
3072 dst=self.pg0.local_mac) /
3073 IP(src=self.pg0.remote_ip4,
3074 dst=self.pg0.local_ip4) /
3076 IPv6(src=ll2, dst=ll1) /
3077 ICMPv6EchoRequest())
3078 self.send_and_expect(self.pg0, [p_echo_request_1], self.pg0)
3080 self.pg0.unconfig_ip4()
3081 gre_if.remove_vpp_config()
3083 def test_ip6_ll_p2mp(self):
3084 """ IPv6 Link Local P2MP (GRE)"""
3086 self.pg0.config_ip4()
3087 self.pg0.resolve_arp()
3089 gre_if = VppGreInterface(
3093 mode=(VppEnum.vl_api_tunnel_mode_t.
3094 TUNNEL_API_MODE_MP)).add_vpp_config()
3100 VppIpInterfaceAddress(self, gre_if, ll1, 128).add_vpp_config()
3102 p_echo_request_1 = (Ether(src=self.pg0.remote_mac,
3103 dst=self.pg0.local_mac) /
3104 IP(src=self.pg0.remote_ip4,
3105 dst=self.pg0.local_ip4) /
3107 IPv6(src=ll2, dst=ll1) /
3108 ICMPv6EchoRequest())
3110 # no route back at this point
3111 self.send_and_assert_no_replies(self.pg0, [p_echo_request_1])
3113 # add teib entry for the peer
3114 teib = VppTeib(self, gre_if, ll2, self.pg0.remote_ip4)
3115 teib.add_vpp_config()
3117 self.logger.info(self.vapi.cli("sh ip6-ll gre0 %s" % ll2))
3118 self.send_and_expect(self.pg0, [p_echo_request_1], self.pg0)
3121 self.pg0.unconfig_ip4()
3124 class TestIPv6PathMTU(VppTestCase):
3125 """ IPv6 Path MTU """
3128 super(TestIPv6PathMTU, self).setUp()
3130 self.create_pg_interfaces(range(2))
3132 # setup all interfaces
3133 for i in self.pg_interfaces:
3139 super(TestIPv6PathMTU, self).tearDown()
3140 for i in self.pg_interfaces:
3144 def test_path_mtu_local(self):
3145 """ Path MTU for attached neighbour """
3147 self.vapi.cli("set log class ip level debug")
3149 # The goal here is not test that fragmentation works correctly,
3150 # that's done elsewhere, the intent is to ensure that the Path MTU
3151 # settings are honoured.
3155 # IPv6 will only frag locally generated packets, so use tunnelled
3156 # packets post encap
3158 tun = VppIpIpTunInterface(
3162 self.pg1.remote_ip6)
3163 tun.add_vpp_config()
3167 # set the interface MTU to a reasonable value
3168 self.vapi.sw_interface_set_mtu(self.pg1.sw_if_index,
3171 p_2k = (Ether(dst=self.pg0.local_mac,
3172 src=self.pg0.remote_mac) /
3173 IPv6(src=self.pg0.remote_ip6,
3174 dst=tun.remote_ip6) /
3175 UDP(sport=1234, dport=5678) /
3177 p_1k = (Ether(dst=self.pg0.local_mac,
3178 src=self.pg0.remote_mac) /
3179 IPv6(src=self.pg0.remote_ip6,
3180 dst=tun.remote_ip6) /
3181 UDP(sport=1234, dport=5678) /
3184 nbr = VppNeighbor(self,
3185 self.pg1.sw_if_index,
3186 self.pg1.remote_mac,
3187 self.pg1.remote_ip6).add_vpp_config()
3189 # this is now the interface MTU frags
3190 self.send_and_expect(self.pg0, [p_2k], self.pg1, n_rx=2)
3191 self.send_and_expect(self.pg0, [p_1k], self.pg1)
3193 # drop the path MTU for this neighbour to below the interface MTU
3195 pmtu = VppIpPathMtu(self, self.pg1.remote_ip6, 1300).add_vpp_config()
3197 # print/format the adj delegate and trackers
3198 self.logger.info(self.vapi.cli("sh ip pmtu"))
3199 self.logger.info(self.vapi.cli("sh adj 7"))
3201 self.send_and_expect(self.pg0, [p_2k], self.pg1, n_rx=3)
3202 self.send_and_expect(self.pg0, [p_1k], self.pg1, n_rx=2)
3204 # increase the path MTU to more than the interface
3205 # expect to use the interface MTU
3208 self.send_and_expect(self.pg0, [p_2k], self.pg1, n_rx=2)
3209 self.send_and_expect(self.pg0, [p_1k], self.pg1)
3211 # go back to an MTU from the path
3214 self.send_and_expect(self.pg0, [p_2k], self.pg1, n_rx=3)
3215 self.send_and_expect(self.pg0, [p_1k], self.pg1, n_rx=2)
3217 # raise the interface's MTU
3218 # should still use that of the path
3219 self.vapi.sw_interface_set_mtu(self.pg1.sw_if_index,
3221 self.send_and_expect(self.pg0, [p_2k], self.pg1, n_rx=3)
3222 self.send_and_expect(self.pg0, [p_1k], self.pg1, n_rx=2)
3224 # set path high and interface low
3226 self.vapi.sw_interface_set_mtu(self.pg1.sw_if_index,
3228 self.send_and_expect(self.pg0, [p_2k], self.pg1, n_rx=3)
3229 self.send_and_expect(self.pg0, [p_1k], self.pg1, n_rx=2)
3231 # remove the path MTU
3232 self.vapi.sw_interface_set_mtu(self.pg1.sw_if_index,
3236 self.send_and_expect(self.pg0, [p_2k], self.pg1, n_rx=2)
3237 self.send_and_expect(self.pg0, [p_1k], self.pg1)
3239 def test_path_mtu_remote(self):
3240 """ Path MTU for remote neighbour """
3242 self.vapi.cli("set log class ip level debug")
3244 # The goal here is not test that fragmentation works correctly,
3245 # that's done elsewhere, the intent is to ensure that the Path MTU
3246 # settings are honoured.
3252 [VppRoutePath(self.pg1.remote_ip6,
3253 self.pg1.sw_if_index)]).add_vpp_config()
3256 # IPv6 will only frag locally generated packets, so use tunnelled
3257 # packets post encap
3259 tun = VppIpIpTunInterface(
3264 tun.add_vpp_config()
3268 # set the interface MTU to a reasonable value
3269 self.vapi.sw_interface_set_mtu(self.pg1.sw_if_index,
3272 p_2k = (Ether(dst=self.pg0.local_mac,
3273 src=self.pg0.remote_mac) /
3274 IPv6(src=self.pg0.remote_ip6,
3275 dst=tun.remote_ip6) /
3276 UDP(sport=1234, dport=5678) /
3278 p_1k = (Ether(dst=self.pg0.local_mac,
3279 src=self.pg0.remote_mac) /
3280 IPv6(src=self.pg0.remote_ip6,
3281 dst=tun.remote_ip6) /
3282 UDP(sport=1234, dport=5678) /
3285 nbr = VppNeighbor(self,
3286 self.pg1.sw_if_index,
3287 self.pg1.remote_mac,
3288 self.pg1.remote_ip6).add_vpp_config()
3290 # this is now the interface MTU frags
3291 self.send_and_expect(self.pg0, [p_2k], self.pg1, n_rx=2)
3292 self.send_and_expect(self.pg0, [p_1k], self.pg1)
3294 # drop the path MTU for this neighbour to below the interface MTU
3296 pmtu = VppIpPathMtu(self, tun_dst, 1300).add_vpp_config()
3298 # print/format the fib entry/dpo
3299 self.logger.info(self.vapi.cli("sh ip6 fib 2001::1"))
3301 self.send_and_expect(self.pg0, [p_2k], self.pg1, n_rx=3)
3302 self.send_and_expect(self.pg0, [p_1k], self.pg1, n_rx=2)
3304 # increase the path MTU to more than the interface
3305 # expect to use the interface MTU
3308 self.send_and_expect(self.pg0, [p_2k], self.pg1, n_rx=2)
3309 self.send_and_expect(self.pg0, [p_1k], self.pg1)
3311 # go back to an MTU from the path
3314 self.send_and_expect(self.pg0, [p_2k], self.pg1, n_rx=3)
3315 self.send_and_expect(self.pg0, [p_1k], self.pg1, n_rx=2)
3317 # raise the interface's MTU
3318 # should still use that of the path
3319 self.vapi.sw_interface_set_mtu(self.pg1.sw_if_index,
3321 self.send_and_expect(self.pg0, [p_2k], self.pg1, n_rx=3)
3322 self.send_and_expect(self.pg0, [p_1k], self.pg1, n_rx=2)
3324 # turn the tun_dst into an attached neighbour
3325 route.modify([VppRoutePath("::",
3326 self.pg1.sw_if_index)])
3327 nbr2 = VppNeighbor(self,
3328 self.pg1.sw_if_index,
3329 self.pg1.remote_mac,
3330 tun_dst).add_vpp_config()
3332 self.send_and_expect(self.pg0, [p_2k], self.pg1, n_rx=3)
3333 self.send_and_expect(self.pg0, [p_1k], self.pg1, n_rx=2)
3335 # add back to not attached
3336 nbr2.remove_vpp_config()
3337 route.modify([VppRoutePath(self.pg1.remote_ip6,
3338 self.pg1.sw_if_index)])
3340 # set path high and interface low
3342 self.vapi.sw_interface_set_mtu(self.pg1.sw_if_index,
3344 self.send_and_expect(self.pg0, [p_2k], self.pg1, n_rx=3)
3345 self.send_and_expect(self.pg0, [p_1k], self.pg1, n_rx=2)
3347 # remove the path MTU
3348 self.vapi.sw_interface_set_mtu(self.pg1.sw_if_index,
3350 pmtu.remove_vpp_config()
3351 self.send_and_expect(self.pg0, [p_2k], self.pg1, n_rx=2)
3352 self.send_and_expect(self.pg0, [p_1k], self.pg1)
3355 class TestIPFibSource(VppTestCase):
3356 """ IPv6 Table FibSource """
3359 def setUpClass(cls):
3360 super(TestIPFibSource, cls).setUpClass()
3363 def tearDownClass(cls):
3364 super(TestIPFibSource, cls).tearDownClass()
3367 super(TestIPFibSource, self).setUp()
3369 self.create_pg_interfaces(range(2))
3371 for i in self.pg_interfaces:
3375 i.generate_remote_hosts(2)
3376 i.configure_ipv6_neighbors()
3379 super(TestIPFibSource, self).tearDown()
3380 for i in self.pg_interfaces:
3384 def test_fib_source(self):
3385 """ IP Table FibSource """
3387 routes = self.vapi.ip_route_v2_dump(0, True)
3389 # 2 interfaces (4 routes) + 2 specials + 4 neighbours = 10 routes
3390 self.assertEqual(len(routes), 10)
3392 # dump all the sources in the FIB
3393 sources = self.vapi.fib_source_dump()
3394 for source in sources:
3395 if (source.src.name == "API"):
3396 api_source = source.src
3397 if (source.src.name == "interface"):
3398 intf_source = source.src
3399 if (source.src.name == "adjacency"):
3400 adj_source = source.src
3401 if (source.src.name == "special"):
3402 special_source = source.src
3403 if (source.src.name == "default-route"):
3404 dr_source = source.src
3406 # dump the individual route types
3407 routes = self.vapi.ip_route_v2_dump(0, True, src=adj_source.id)
3408 self.assertEqual(len(routes), 4)
3409 routes = self.vapi.ip_route_v2_dump(0, True, src=intf_source.id)
3410 self.assertEqual(len(routes), 4)
3411 routes = self.vapi.ip_route_v2_dump(0, True, src=special_source.id)
3412 self.assertEqual(len(routes), 1)
3413 routes = self.vapi.ip_route_v2_dump(0, True, src=dr_source.id)
3414 self.assertEqual(len(routes), 1)
3416 # add a new soure that'a better than the API
3417 self.vapi.fib_source_add(src={'name': "bgp",
3418 "priority": api_source.priority - 1})
3420 # dump all the sources to check our new one is there
3421 sources = self.vapi.fib_source_dump()
3423 for source in sources:
3424 if (source.src.name == "bgp"):
3425 bgp_source = source.src
3427 self.assertTrue(bgp_source)
3428 self.assertEqual(bgp_source.priority,
3429 api_source.priority - 1)
3431 # add a route with the default API source
3433 self, "2001::1", 128,
3434 [VppRoutePath(self.pg0.remote_ip6,
3435 self.pg0.sw_if_index)]).add_vpp_config()
3437 r2 = VppIpRouteV2(self, "2001::1", 128,
3438 [VppRoutePath(self.pg1.remote_ip6,
3439 self.pg1.sw_if_index)],
3440 src=bgp_source.id).add_vpp_config()
3442 # ensure the BGP source takes priority
3443 p = (Ether(src=self.pg0.remote_mac,
3444 dst=self.pg0.local_mac) /
3445 IPv6(src=self.pg0.remote_ip6, dst="2001::1") /
3446 inet6.UDP(sport=1234, dport=1234) /
3449 self.send_and_expect(self.pg0, [p], self.pg1)
3451 r2.remove_vpp_config()
3452 r1.remove_vpp_config()
3454 self.assertFalse(find_route(self, "2001::1", 128))
3457 class TestIPxAF(VppTestCase):
3461 def setUpClass(cls):
3462 super(TestIPxAF, cls).setUpClass()
3465 def tearDownClass(cls):
3466 super(TestIPxAF, cls).tearDownClass()
3469 super(TestIPxAF, self).setUp()
3471 self.create_pg_interfaces(range(2))
3473 for i in self.pg_interfaces:
3481 super(TestIPxAF, self).tearDown()
3482 for i in self.pg_interfaces:
3487 def test_x_af(self):
3488 """ Cross AF routing """
3491 # a v4 route via a v6 attached next-hop
3493 self, "1.1.1.1", 32,
3494 [VppRoutePath(self.pg1.remote_ip6,
3495 self.pg1.sw_if_index)]).add_vpp_config()
3497 p = (Ether(src=self.pg0.remote_mac,
3498 dst=self.pg0.local_mac) /
3499 IP(src=self.pg0.remote_ip4, dst="1.1.1.1") /
3500 UDP(sport=1234, dport=1234) /
3502 rxs = self.send_and_expect(self.pg0, p * N_PKTS, self.pg1)
3505 self.assertEqual(rx[IP].dst, "1.1.1.1")
3507 # a v6 route via a v4 attached next-hop
3509 self, "2001::1", 128,
3510 [VppRoutePath(self.pg1.remote_ip4,
3511 self.pg1.sw_if_index)]).add_vpp_config()
3513 p = (Ether(src=self.pg0.remote_mac,
3514 dst=self.pg0.local_mac) /
3515 IPv6(src=self.pg0.remote_ip6, dst="2001::1") /
3516 UDP(sport=1234, dport=1234) /
3518 rxs = self.send_and_expect(self.pg0, p * N_PKTS, self.pg1)
3521 self.assertEqual(rx[IPv6].dst, "2001::1")
3523 # a recursive v4 route via a v6 next-hop (from above)
3525 self, "2.2.2.2", 32,
3526 [VppRoutePath("2001::1",
3527 0xffffffff)]).add_vpp_config()
3529 p = (Ether(src=self.pg0.remote_mac,
3530 dst=self.pg0.local_mac) /
3531 IP(src=self.pg0.remote_ip4, dst="2.2.2.2") /
3532 UDP(sport=1234, dport=1234) /
3534 rxs = self.send_and_expect(self.pg0, p * N_PKTS, self.pg1)
3536 # a recursive v4 route via a v6 next-hop
3538 self, "2.2.2.3", 32,
3539 [VppRoutePath(self.pg1.remote_ip6,
3540 0xffffffff)]).add_vpp_config()
3542 p = (Ether(src=self.pg0.remote_mac,
3543 dst=self.pg0.local_mac) /
3544 IP(src=self.pg0.remote_ip4, dst="2.2.2.3") /
3545 UDP(sport=1234, dport=1234) /
3547 rxs = self.send_and_expect(self.pg0, p * N_PKTS, self.pg1)
3549 # a recursive v6 route via a v4 next-hop
3551 self, "3001::1", 128,
3552 [VppRoutePath(self.pg1.remote_ip4,
3553 0xffffffff)]).add_vpp_config()
3555 p = (Ether(src=self.pg0.remote_mac,
3556 dst=self.pg0.local_mac) /
3557 IPv6(src=self.pg0.remote_ip6, dst="3001::1") /
3558 UDP(sport=1234, dport=1234) /
3560 rxs = self.send_and_expect(self.pg0, p * N_PKTS, self.pg1)
3563 self.assertEqual(rx[IPv6].dst, "3001::1")
3566 self, "3001::2", 128,
3567 [VppRoutePath("1.1.1.1",
3568 0xffffffff)]).add_vpp_config()
3570 p = (Ether(src=self.pg0.remote_mac,
3571 dst=self.pg0.local_mac) /
3572 IPv6(src=self.pg0.remote_ip6, dst="3001::2") /
3573 UDP(sport=1234, dport=1234) /
3575 rxs = self.send_and_expect(self.pg0, p * N_PKTS, self.pg1)
3578 self.assertEqual(rx[IPv6].dst, "3001::2")
3581 class TestIPv6Punt(VppTestCase):
3582 """ IPv6 Punt Police/Redirect """
3585 super(TestIPv6Punt, self).setUp()
3586 self.create_pg_interfaces(range(4))
3588 for i in self.pg_interfaces:
3594 super(TestIPv6Punt, self).tearDown()
3595 for i in self.pg_interfaces:
3599 def test_ip6_punt(self):
3600 """ IPv6 punt police and redirect """
3602 # use UDP packet that have a port we need to explicitly
3603 # register to get punted.
3604 pt_l4 = VppEnum.vl_api_punt_type_t.PUNT_API_TYPE_L4
3605 af_ip6 = VppEnum.vl_api_address_family_t.ADDRESS_IP6
3606 udp_proto = VppEnum.vl_api_ip_proto_t.IP_API_PROTO_UDP
3612 'protocol': udp_proto,
3618 self.vapi.set_punt(is_add=1, punt=punt_udp)
3620 pkts = (Ether(src=self.pg0.remote_mac,
3621 dst=self.pg0.local_mac) /
3622 IPv6(src=self.pg0.remote_ip6, dst=self.pg0.local_ip6) /
3623 UDP(sport=1234, dport=7654) /
3624 Raw(b'\xa5' * 100)) * 1025
3627 # Configure a punt redirect via pg1.
3629 nh_addr = self.pg1.remote_ip6
3630 ip_punt_redirect = VppIpPuntRedirect(self, self.pg0.sw_if_index,
3631 self.pg1.sw_if_index, nh_addr)
3632 ip_punt_redirect.add_vpp_config()
3634 self.send_and_expect(self.pg0, pkts, self.pg1)
3639 policer = VppPolicer(self, "ip6-punt", 400, 0, 10, 0, rate_type=1)
3640 policer.add_vpp_config()
3641 ip_punt_policer = VppIpPuntPolicer(self, policer.policer_index,
3643 ip_punt_policer.add_vpp_config()
3645 self.vapi.cli("clear trace")
3646 self.pg0.add_stream(pkts)
3647 self.pg_enable_capture(self.pg_interfaces)
3651 # the number of packet received should be greater than 0,
3652 # but not equal to the number sent, since some were policed
3654 rx = self.pg1._get_capture(1)
3656 stats = policer.get_stats()
3658 # Single rate policer - expect conform, violate but no exceed
3659 self.assertGreater(stats['conform_packets'], 0)
3660 self.assertEqual(stats['exceed_packets'], 0)
3661 self.assertGreater(stats['violate_packets'], 0)
3663 self.assertGreater(len(rx), 0)
3664 self.assertLess(len(rx), len(pkts))
3667 # remove the policer. back to full rx
3669 ip_punt_policer.remove_vpp_config()
3670 policer.remove_vpp_config()
3671 self.send_and_expect(self.pg0, pkts, self.pg1)
3674 # remove the redirect. expect full drop.
3676 ip_punt_redirect.remove_vpp_config()
3677 self.send_and_assert_no_replies(self.pg0, pkts,
3678 "IP no punt config")
3681 # Add a redirect that is not input port selective
3683 ip_punt_redirect = VppIpPuntRedirect(self, 0xffffffff,
3684 self.pg1.sw_if_index, nh_addr)
3685 ip_punt_redirect.add_vpp_config()
3686 self.send_and_expect(self.pg0, pkts, self.pg1)
3687 ip_punt_redirect.remove_vpp_config()
3689 def test_ip6_punt_dump(self):
3690 """ IPv6 punt redirect dump"""
3693 # Configure a punt redirects
3695 nh_address = self.pg3.remote_ip6
3696 ipr_03 = VppIpPuntRedirect(self, self.pg0.sw_if_index,
3697 self.pg3.sw_if_index, nh_address)
3698 ipr_13 = VppIpPuntRedirect(self, self.pg1.sw_if_index,
3699 self.pg3.sw_if_index, nh_address)
3700 ipr_23 = VppIpPuntRedirect(self, self.pg2.sw_if_index,
3701 self.pg3.sw_if_index, "::")
3702 ipr_03.add_vpp_config()
3703 ipr_13.add_vpp_config()
3704 ipr_23.add_vpp_config()
3707 # Dump pg0 punt redirects
3709 self.assertTrue(ipr_03.query_vpp_config())
3710 self.assertTrue(ipr_13.query_vpp_config())
3711 self.assertTrue(ipr_23.query_vpp_config())
3714 # Dump punt redirects for all interfaces
3716 punts = self.vapi.ip_punt_redirect_dump(sw_if_index=0xffffffff,
3718 self.assertEqual(len(punts), 3)
3720 self.assertEqual(p.punt.tx_sw_if_index, self.pg3.sw_if_index)
3721 self.assertNotEqual(punts[1].punt.nh, self.pg3.remote_ip6)
3722 self.assertEqual(str(punts[2].punt.nh), '::')
3725 if __name__ == '__main__':
3726 unittest.main(testRunner=VppTestRunner)