5 from socket import AF_INET6
7 from framework import VppTestCase, VppTestRunner
8 from vpp_ip_route import VppIpRoute, VppRoutePath, DpoProto, VppIpTable
9 from vpp_srv6 import SRv6LocalSIDBehaviors, VppSRv6LocalSID, VppSRv6Policy, \
10 SRv6PolicyType, VppSRv6Steering, SRv6PolicySteeringTypes
12 from scapy.packet import Raw
13 from scapy.layers.l2 import Ether, Dot1Q
14 from scapy.layers.inet6 import IPv6, UDP, IPv6ExtHdrSegmentRouting
15 from scapy.layers.inet import IP, UDP
17 from scapy.utils import inet_pton, inet_ntop
22 class TestSRv6(VppTestCase):
23 """ SRv6 Static Proxy plugin Test Case """
27 super(TestSRv6, self).setUpClass()
30 """ Perform test setup before each test case.
32 super(TestSRv6, self).setUp()
34 # packet sizes, inclusive L2 overhead
35 self.pg_packet_sizes = [64, 512, 1518, 9018]
38 self.reset_packet_infos()
41 """ Clean up test setup after each test case.
43 self.teardown_interfaces()
45 super(TestSRv6, self).tearDown()
47 def configure_interface(self,
49 ipv6=False, ipv4=False,
50 ipv6_table_id=0, ipv4_table_id=0):
51 """ Configure interface.
52 :param ipv6: configure IPv6 on interface
53 :param ipv4: configure IPv4 on interface
54 :param ipv6_table_id: FIB table_id for IPv6
55 :param ipv4_table_id: FIB table_id for IPv4
57 self.logger.debug("Configuring interface %s" % (interface.name))
59 self.logger.debug("Configuring IPv6")
60 interface.set_table_ip6(ipv6_table_id)
61 interface.config_ip6()
62 interface.resolve_ndp(timeout=5)
64 self.logger.debug("Configuring IPv4")
65 interface.set_table_ip4(ipv4_table_id)
66 interface.config_ip4()
67 interface.resolve_arp()
70 def setup_interfaces(self, ipv6=[], ipv4=[],
71 ipv6_table_id=[], ipv4_table_id=[]):
72 """ Create and configure interfaces.
74 :param ipv6: list of interface IPv6 capabilities
75 :param ipv4: list of interface IPv4 capabilities
76 :param ipv6_table_id: list of intf IPv6 FIB table_ids
77 :param ipv4_table_id: list of intf IPv4 FIB table_ids
78 :returns: List of created interfaces.
80 # how many interfaces?
85 self.logger.debug("Creating and configuring %d interfaces" % (count))
87 # fill up ipv6 and ipv4 lists if needed
88 # not enabled (False) is the default
90 ipv6 += (count - len(ipv6)) * [False]
92 ipv4 += (count - len(ipv4)) * [False]
94 # fill up table_id lists if needed
95 # table_id 0 (global) is the default
96 if len(ipv6_table_id) < count:
97 ipv6_table_id += (count - len(ipv6_table_id)) * [0]
98 if len(ipv4_table_id) < count:
99 ipv4_table_id += (count - len(ipv4_table_id)) * [0]
101 # create 'count' pg interfaces
102 self.create_pg_interfaces(range(count))
104 # setup all interfaces
105 for i in range(count):
106 intf = self.pg_interfaces[i]
107 self.configure_interface(intf,
109 ipv6_table_id[i], ipv4_table_id[i])
112 self.logger.debug(self.vapi.cli("show ip6 neighbors"))
114 self.logger.debug(self.vapi.cli("show ip arp"))
115 self.logger.debug(self.vapi.cli("show interface"))
116 self.logger.debug(self.vapi.cli("show hardware"))
118 return self.pg_interfaces
120 def teardown_interfaces(self):
121 """ Unconfigure and bring down interface.
123 self.logger.debug("Tearing down interfaces")
124 # tear down all interfaces
125 # AFAIK they cannot be deleted
126 for i in self.pg_interfaces:
127 self.logger.debug("Tear down interface %s" % (i.name))
133 def test_SRv6_End_AS_IPv6_noSRH(self):
134 """ Test SRv6 End.AS behavior with IPv6 traffic and no SRH rewrite.
136 self.run_SRv6_End_AS_IPv6(
137 sid_list=['a1::', 'a2::a6', 'a3::'],
139 rewrite_src_addr='a2::')
141 def test_SRv6_End_AS_IPv6_SRH(self):
142 """ Test SRv6 End.AS behavior with IPv6 traffic and SRH rewrite.
144 self.run_SRv6_End_AS_IPv6(
145 sid_list=['a1::a6', 'a2::', 'a3::'],
147 rewrite_src_addr='a1::')
149 def test_SRv6_End_AS_IPv4_noSRH(self):
150 """ Test SRv6 End.AS behavior with IPv4 traffic and no SRH rewrite.
152 self.run_SRv6_End_AS_IPv4(
153 sid_list=['a1::', 'a2::a6', 'a3::'],
155 rewrite_src_addr='a2::')
157 def test_SRv6_End_AS_IPv4_SRH(self):
158 """ Test SRv6 End.AS behavior with IPv4 traffic and SRH rewrite.
160 self.run_SRv6_End_AS_IPv4(
161 sid_list=['a1::a6', 'a2::', 'a3::'],
163 rewrite_src_addr='a1::')
165 def run_SRv6_End_AS_IPv6(self, sid_list, test_sid_index, rewrite_src_addr):
166 """ Run SRv6 End.AS test with IPv6 traffic.
168 self.rewrite_src_addr = rewrite_src_addr
169 self.rewrite_sid_list = sid_list[test_sid_index + 1::]
171 # send traffic to one destination interface
172 # source and destination interfaces are IPv6 only
173 self.setup_interfaces(ipv6=[True, True])
175 # configure route to next segment
176 route = VppIpRoute(self, sid_list[test_sid_index + 1], 128,
177 [VppRoutePath(self.pg0.remote_ip6,
178 self.pg0.sw_if_index,
179 proto=DpoProto.DPO_PROTO_IP6)],
181 route.add_vpp_config()
183 # configure SRv6 localSID behavior
184 cli_str = "sr localsid address " + sid_list[test_sid_index] \
185 + " behavior end.as" \
186 + " nh " + self.pg1.remote_ip6 \
187 + " oif " + self.pg1.name \
188 + " iif " + self.pg1.name \
189 + " src " + self.rewrite_src_addr
190 for s in self.rewrite_sid_list:
191 cli_str += " next " + s
192 self.vapi.cli(cli_str)
195 self.logger.debug(self.vapi.cli("show sr localsid"))
197 # send one packet per packet size
198 count = len(self.pg_packet_sizes)
200 # prepare IPv6 in SRv6 headers
201 packet_header1 = self.create_packet_header_IPv6_SRH_IPv6(
202 sidlist=sid_list[::-1],
203 segleft=len(sid_list) - test_sid_index - 1)
205 # generate packets (pg0->pg1)
206 pkts1 = self.create_stream(self.pg0, self.pg1, packet_header1,
207 self.pg_packet_sizes, count)
209 # send packets and verify received packets
210 self.send_and_verify_pkts(self.pg0, pkts1, self.pg1,
211 self.compare_rx_tx_packet_End_AS_IPv6_out)
213 # log the localsid counters
214 self.logger.info(self.vapi.cli("show sr localsid"))
216 # prepare IPv6 header for returning packets
217 packet_header2 = self.create_packet_header_IPv6()
219 # generate returning packets (pg1->pg0)
220 pkts2 = self.create_stream(self.pg1, self.pg0, packet_header2,
221 self.pg_packet_sizes, count)
223 # send packets and verify received packets
224 self.send_and_verify_pkts(self.pg1, pkts2, self.pg0,
225 self.compare_rx_tx_packet_End_AS_IPv6_in)
227 # log the localsid counters
228 self.logger.info(self.vapi.cli("show sr localsid"))
230 # remove SRv6 localSIDs
231 self.vapi.cli("sr localsid del address " + sid_list[test_sid_index])
234 self.teardown_interfaces()
236 def run_SRv6_End_AS_IPv4(self, sid_list, test_sid_index, rewrite_src_addr):
237 """ Run SRv6 End.AS test with IPv4 traffic.
239 self.rewrite_src_addr = rewrite_src_addr
240 self.rewrite_sid_list = sid_list[test_sid_index + 1::]
242 # send traffic to one destination interface
243 # source and destination interfaces are IPv6 only
244 self.setup_interfaces(ipv6=[True, False], ipv4=[True, True])
246 # configure route to next segment
247 route = VppIpRoute(self, sid_list[test_sid_index + 1], 128,
248 [VppRoutePath(self.pg0.remote_ip6,
249 self.pg0.sw_if_index,
250 proto=DpoProto.DPO_PROTO_IP6)],
252 route.add_vpp_config()
254 # configure SRv6 localSID behavior
255 cli_str = "sr localsid address " + sid_list[test_sid_index] \
256 + " behavior end.as" \
257 + " nh " + self.pg1.remote_ip4 \
258 + " oif " + self.pg1.name \
259 + " iif " + self.pg1.name \
260 + " src " + self.rewrite_src_addr
261 for s in self.rewrite_sid_list:
262 cli_str += " next " + s
263 self.vapi.cli(cli_str)
266 self.logger.debug(self.vapi.cli("show sr localsid"))
268 # send one packet per packet size
269 count = len(self.pg_packet_sizes)
271 # prepare IPv4 in SRv6 headers
272 packet_header1 = self.create_packet_header_IPv6_SRH_IPv4(
273 sidlist=sid_list[::-1],
274 segleft=len(sid_list) - test_sid_index - 1)
276 # generate packets (pg0->pg1)
277 pkts1 = self.create_stream(self.pg0, self.pg1, packet_header1,
278 self.pg_packet_sizes, count)
280 # send packets and verify received packets
281 self.send_and_verify_pkts(self.pg0, pkts1, self.pg1,
282 self.compare_rx_tx_packet_End_AS_IPv4_out)
284 # log the localsid counters
285 self.logger.info(self.vapi.cli("show sr localsid"))
287 # prepare IPv6 header for returning packets
288 packet_header2 = self.create_packet_header_IPv4()
290 # generate returning packets (pg1->pg0)
291 pkts2 = self.create_stream(self.pg1, self.pg0, packet_header2,
292 self.pg_packet_sizes, count)
294 # send packets and verify received packets
295 self.send_and_verify_pkts(self.pg1, pkts2, self.pg0,
296 self.compare_rx_tx_packet_End_AS_IPv4_in)
298 # log the localsid counters
299 self.logger.info(self.vapi.cli("show sr localsid"))
301 # remove SRv6 localSIDs
302 self.vapi.cli("sr localsid del address " + sid_list[test_sid_index])
305 self.teardown_interfaces()
307 def compare_rx_tx_packet_End_AS_IPv6_in(self, tx_pkt, rx_pkt):
308 """ Compare input and output packet after passing End.AS
310 :param tx_pkt: transmitted packet
311 :param rx_pkt: received packet
314 # get first (outer) IPv6 header of rx'ed packet
315 rx_ip = rx_pkt.getlayer(IPv6)
318 tx_ip = tx_pkt.getlayer(IPv6)
320 # expected segment-list (SRH order)
321 tx_seglist = self.rewrite_sid_list[::-1]
323 # received ip.src should be equal to SR Policy source
324 self.assertEqual(rx_ip.src, self.rewrite_src_addr)
325 # received ip.dst should be equal to expected sidlist[lastentry]
326 self.assertEqual(rx_ip.dst, tx_seglist[-1])
328 if len(tx_seglist) > 1:
329 # rx'ed packet should have SRH
330 self.assertTrue(rx_pkt.haslayer(IPv6ExtHdrSegmentRouting))
332 rx_srh = rx_pkt.getlayer(IPv6ExtHdrSegmentRouting)
333 # rx'ed seglist should be equal to expected seglist
334 self.assertEqual(rx_srh.addresses, tx_seglist)
335 # segleft should be equal to size expected seglist-1
336 self.assertEqual(rx_srh.segleft, len(tx_seglist)-1)
337 # segleft should be equal to lastentry
338 self.assertEqual(rx_srh.segleft, rx_srh.lastentry)
340 payload = rx_srh.payload
342 # rx'ed packet should NOT have SRH
343 self.assertFalse(rx_pkt.haslayer(IPv6ExtHdrSegmentRouting))
345 payload = rx_ip.payload
347 # the whole rx'ed pkt beyond SRH should be equal to tx'ed pkt
348 # except for the hop-limit field
349 # -> update tx'ed hlim to the expected hlim
350 tx_ip.hlim = tx_ip.hlim - 1
352 self.assertEqual(payload, tx_ip)
354 self.logger.debug("packet verification: SUCCESS")
356 def compare_rx_tx_packet_End_AS_IPv4_in(self, tx_pkt, rx_pkt):
357 """ Compare input and output packet after passing End.AS
359 :param tx_pkt: transmitted packet
360 :param rx_pkt: received packet
363 # get first (outer) IPv6 header of rx'ed packet
364 rx_ip = rx_pkt.getlayer(IPv6)
367 tx_ip = tx_pkt.getlayer(IP)
369 # expected segment-list (SRH order)
370 tx_seglist = self.rewrite_sid_list[::-1]
372 # received ip.src should be equal to SR Policy source
373 self.assertEqual(rx_ip.src, self.rewrite_src_addr)
374 # received ip.dst should be equal to expected sidlist[lastentry]
375 self.assertEqual(rx_ip.dst, tx_seglist[-1])
377 if len(tx_seglist) > 1:
378 # rx'ed packet should have SRH and IPv4 header
379 self.assertTrue(rx_pkt.haslayer(IPv6ExtHdrSegmentRouting))
380 self.assertTrue(rx_ip.payload.haslayer(IP))
382 rx_srh = rx_pkt.getlayer(IPv6ExtHdrSegmentRouting)
383 # rx'ed seglist should be equal to seglist
384 self.assertEqual(rx_srh.addresses, tx_seglist)
385 # segleft should be equal to size seglist-1
386 self.assertEqual(rx_srh.segleft, len(tx_seglist)-1)
387 # segleft should be equal to lastentry
388 self.assertEqual(rx_srh.segleft, rx_srh.lastentry)
389 payload = rx_srh.payload
391 # rx'ed packet should NOT have SRH
392 self.assertFalse(rx_pkt.haslayer(IPv6ExtHdrSegmentRouting))
394 payload = rx_ip.payload
396 # the whole rx'ed pkt beyond SRH should be equal to tx'ed pkt
397 # except for the ttl field and ip checksum
398 # -> adjust tx'ed ttl to expected ttl
399 tx_ip.ttl = tx_ip.ttl - 1
400 # -> set tx'ed ip checksum to None and let scapy recompute
402 # read back the pkt (with str()) to force computing these fields
403 # probably other ways to accomplish this are possible
404 tx_ip = IP(str(tx_ip))
406 self.assertEqual(payload, tx_ip)
408 self.logger.debug("packet verification: SUCCESS")
410 def compare_rx_tx_packet_End_AS_IPv6_out(self, tx_pkt, rx_pkt):
411 """ Compare input and output packet after passing End.AS with IPv6
413 :param tx_pkt: transmitted packet
414 :param rx_pkt: received packet
417 # get first (outer) IPv6 header of rx'ed packet
418 rx_ip = rx_pkt.getlayer(IPv6)
420 tx_ip = tx_pkt.getlayer(IPv6)
421 tx_ip2 = tx_pkt.getlayer(IPv6, 2)
423 # verify if rx'ed packet has no SRH
424 self.assertFalse(rx_pkt.haslayer(IPv6ExtHdrSegmentRouting))
426 # the whole rx_ip pkt should be equal to tx_ip2
427 # except for the hlim field
428 # -> adjust tx'ed hlim to expected hlim
429 tx_ip2.hlim = tx_ip2.hlim - 1
431 self.assertEqual(rx_ip, tx_ip2)
433 self.logger.debug("packet verification: SUCCESS")
435 def compare_rx_tx_packet_End_AS_IPv4_out(self, tx_pkt, rx_pkt):
436 """ Compare input and output packet after passing End.AS with IPv4
438 :param tx_pkt: transmitted packet
439 :param rx_pkt: received packet
442 # get IPv4 header of rx'ed packet
443 rx_ip = rx_pkt.getlayer(IP)
445 tx_ip = tx_pkt.getlayer(IPv6)
446 tx_ip2 = tx_pkt.getlayer(IP)
448 # verify if rx'ed packet has no SRH
449 self.assertFalse(rx_pkt.haslayer(IPv6ExtHdrSegmentRouting))
451 # the whole rx_ip pkt should be equal to tx_ip2
452 # except for the ttl field and ip checksum
453 # -> adjust tx'ed ttl to expected ttl
454 tx_ip2.ttl = tx_ip2.ttl - 1
455 # -> set tx'ed ip checksum to None and let scapy recompute
457 # read back the pkt (with str()) to force computing these fields
458 # probably other ways to accomplish this are possible
459 tx_ip2 = IP(str(tx_ip2))
461 self.assertEqual(rx_ip, tx_ip2)
463 self.logger.debug("packet verification: SUCCESS")
465 def create_stream(self, src_if, dst_if, packet_header, packet_sizes,
467 """Create SRv6 input packet stream for defined interface.
469 :param VppInterface src_if: Interface to create packet stream for
470 :param VppInterface dst_if: destination interface of packet stream
471 :param packet_header: Layer3 scapy packet headers,
472 L2 is added when not provided,
473 Raw(payload) with packet_info is added
474 :param list packet_sizes: packet stream pckt sizes,sequentially applied
475 to packets in stream have
476 :param int count: number of packets in packet stream
477 :return: list of packets
479 self.logger.info("Creating packets")
481 for i in range(0, count-1):
482 payload_info = self.create_packet_info(src_if, dst_if)
484 "Creating packet with index %d" % (payload_info.index))
485 payload = self.info_to_payload(payload_info)
486 # add L2 header if not yet provided in packet_header
487 if packet_header.getlayer(0).name == 'Ethernet':
491 p = (Ether(dst=src_if.local_mac, src=src_if.remote_mac) /
494 size = packet_sizes[i % len(packet_sizes)]
495 self.logger.debug("Packet size %d" % (size))
496 self.extend_packet(p, size)
497 # we need to store the packet with the automatic fields computed
498 # read back the dumped packet (with str())
499 # to force computing these fields
500 # probably other ways are possible
502 payload_info.data = p.copy()
503 self.logger.debug(ppp("Created packet:", p))
505 self.logger.info("Done creating packets")
508 def send_and_verify_pkts(self, input, pkts, output, compare_func):
509 """Send packets and verify received packets using compare_func
511 :param input: ingress interface of DUT
512 :param pkts: list of packets to transmit
513 :param output: egress interface of DUT
514 :param compare_func: function to compare in and out packets
516 # add traffic stream to input interface
517 input.add_stream(pkts)
519 # enable capture on all interfaces
520 self.pg_enable_capture(self.pg_interfaces)
523 self.logger.info("Starting traffic")
527 self.logger.info("Getting packet capture")
528 capture = output.get_capture()
530 # assert nothing was captured on input interface
531 # input.assert_nothing_captured()
533 # verify captured packets
534 self.verify_captured_pkts(output, capture, compare_func)
536 def create_packet_header_IPv6(self):
537 """Create packet header: IPv6 header, UDP header
539 :param dst: IPv6 destination address
541 IPv6 source address is 1234::1
542 IPv6 destination address is 4321::1
543 UDP source port and destination port are 1234
546 p = (IPv6(src='1234::1', dst='4321::1') /
547 UDP(sport=1234, dport=1234))
550 def create_packet_header_IPv6_SRH_IPv6(self, sidlist, segleft):
551 """Create packet header: IPv6 encapsulated in SRv6:
552 IPv6 header with SRH, IPv6 header, UDP header
554 :param list sidlist: segment list of outer IPv6 SRH
555 :param int segleft: segments-left field of outer IPv6 SRH
557 Outer IPv6 source address is set to 5678::1
558 Outer IPv6 destination address is set to sidlist[segleft]
559 IPv6 source addresses is 1234::1
560 IPv6 destination address is 4321::1
561 UDP source port and destination port are 1234
564 p = (IPv6(src='5678::1', dst=sidlist[segleft]) /
565 IPv6ExtHdrSegmentRouting(addresses=sidlist,
566 segleft=segleft, nh=41) /
567 IPv6(src='1234::1', dst='4321::1') /
568 UDP(sport=1234, dport=1234))
571 def create_packet_header_IPv4(self):
572 """Create packet header: IPv4 header, UDP header
574 :param dst: IPv4 destination address
576 IPv4 source address is 123.1.1.1
577 IPv4 destination address is 124.1.1.1
578 UDP source port and destination port are 1234
581 p = (IP(src='123.1.1.1', dst='124.1.1.1') /
582 UDP(sport=1234, dport=1234))
585 def create_packet_header_IPv6_SRH_IPv4(self, sidlist, segleft):
586 """Create packet header: IPv4 encapsulated in SRv6:
587 IPv6 header with SRH, IPv4 header, UDP header
589 :param ipv4address dst: inner IPv4 destination address
590 :param list sidlist: segment list of outer IPv6 SRH
591 :param int segleft: segments-left field of outer IPv6 SRH
593 Outer IPv6 destination address is set to sidlist[segleft]
594 IPv6 source address is 1234::1
595 IPv4 source address is 123.1.1.1
596 IPv4 destination address is 124.1.1.1
597 UDP source port and destination port are 1234
600 p = (IPv6(src='1234::1', dst=sidlist[segleft]) /
601 IPv6ExtHdrSegmentRouting(addresses=sidlist,
602 segleft=segleft, nh=4) /
603 IP(src='123.1.1.1', dst='124.1.1.1') /
604 UDP(sport=1234, dport=1234))
607 def get_payload_info(self, packet):
608 """ Extract the payload_info from the packet
610 # in most cases, payload_info is in packet[Raw]
611 # but packet[Raw] gives the complete payload
612 # (incl L2 header) for the T.Encaps L2 case
614 payload_info = self.payload_to_info(str(packet[Raw]))
617 # remote L2 header from packet[Raw]:
618 # take packet[Raw], convert it to an Ether layer
619 # and then extract Raw from it
620 payload_info = self.payload_to_info(
621 str(Ether(str(packet[Raw]))[Raw]))
625 def verify_captured_pkts(self, dst_if, capture, compare_func):
627 Verify captured packet stream for specified interface.
628 Compare ingress with egress packets using the specified compare fn
630 :param dst_if: egress interface of DUT
631 :param capture: captured packets
632 :param compare_func: function to compare in and out packet
634 self.logger.info("Verifying capture on interface %s using function %s"
635 % (dst_if.name, compare_func.func_name))
638 for i in self.pg_interfaces:
639 last_info[i.sw_if_index] = None
640 dst_sw_if_index = dst_if.sw_if_index
642 for packet in capture:
644 # extract payload_info from packet's payload
645 payload_info = self.get_payload_info(packet)
646 packet_index = payload_info.index
648 self.logger.debug("Verifying packet with index %d"
650 # packet should have arrived on the expected interface
651 self.assertEqual(payload_info.dst, dst_sw_if_index)
653 "Got packet on interface %s: src=%u (idx=%u)" %
654 (dst_if.name, payload_info.src, packet_index))
656 # search for payload_info with same src and dst if_index
657 # this will give us the transmitted packet
658 next_info = self.get_next_packet_info_for_interface2(
659 payload_info.src, dst_sw_if_index,
660 last_info[payload_info.src])
661 last_info[payload_info.src] = next_info
662 # next_info should not be None
663 self.assertTrue(next_info is not None)
664 # index of tx and rx packets should be equal
665 self.assertEqual(packet_index, next_info.index)
666 # data field of next_info contains the tx packet
667 txed_packet = next_info.data
669 self.logger.debug(ppp("Transmitted packet:",
670 txed_packet)) # ppp=Pretty Print Packet
672 self.logger.debug(ppp("Received packet:", packet))
674 # compare rcvd packet with expected packet using compare_func
675 compare_func(txed_packet, packet)
678 print packet.command()
679 self.logger.error(ppp("Unexpected or invalid packet:", packet))
682 # have all expected packets arrived?
683 for i in self.pg_interfaces:
684 remaining_packet = self.get_next_packet_info_for_interface2(
685 i.sw_if_index, dst_sw_if_index, last_info[i.sw_if_index])
686 self.assertTrue(remaining_packet is None,
687 "Interface %s: Packet expected from interface %s "
688 "didn't arrive" % (dst_if.name, i.name))
691 if __name__ == '__main__':
692 unittest.main(testRunner=VppTestRunner)