1 # Copyright (c) 2022 Cisco and/or its affiliates.
2 # Licensed under the Apache License, Version 2.0 (the "License");
3 # you may not use this file except in compliance with the License.
4 # You may obtain a copy of the License at:
6 # http://www.apache.org/licenses/LICENSE-2.0
8 # Unless required by applicable law or agreed to in writing, software
9 # distributed under the License is distributed on an "AS IS" BASIS,
10 # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
11 # See the License for the specific language governing permissions and
12 # limitations under the License.
15 | Resource | resources/libraries/robot/shared/default.robot
17 | Force Tags | 2_NODE_SINGLE_LINK_TOPO | DEVICETEST | HW_ENV | DCR_ENV | SCAPY
18 | ... | NIC_Intel-X710 | ETH | IP4FWD | FEATURE | ADLBLKLIST | DRV_VFIO_PCI
19 | ... | RXQ_SIZE_0 | TXQ_SIZE_0
20 | ... | ethip4-ip4base-adlblklistbase
22 | Suite Setup | Setup suite topology interfaces | scapy
23 | Test Setup | Setup test
24 | Test Teardown | Tear down test | packet_trace | telemetry
26 | Test Template | Local Template
28 | Documentation | **ADL Security IPv4 allowlist test cases**
30 | ... | - **[Top] Network Topologies:** TG-DUT1-TG 2-node circular topology \
31 | ... | with single links between nodes.
33 | ... | - **[Enc] Packet Encapsulations:** Eth-IPv4 on all links.
35 | ... | - **[Cfg] DUT configuration:** DUT1 is configured with IPv4 routing \
36 | ... | and static routes. ADL security allowlist are applied on DUT1 ingress \
37 | ... | interface from TG.
39 | ... | - **[Ver] TG verification:** Test IPv4 packets are sent in one \
40 | ... | direction by TG on link to DUT1; on receive TG verifies packets for \
41 | ... | correctness and drops as applicable.
43 | ... | - **[Ref] Applicable standard specifications:**
46 | @{plugins_to_enable}= | dpdk_plugin.so | perfmon_plugin.so | adl_plugin.so
47 | ${crypto_type}= | ${None}
48 | ${nic_name}= | Intel-X710
49 | ${nic_driver}= | vfio-pci
50 | ${nic_rxq_size}= | 0
51 | ${nic_txq_size}= | 0
56 | ${telemetry_profile}= | vppctl_test_teardown
61 | | ... | - **[Ver]** Make TG send IPv4 on its interface to DUT1; \
62 | | ... | verify received IPv4 pkts are correct.
64 | | ... | *Arguments:*
65 | | ... | - frame_size - Framesize in Bytes in integer. Type: integer
66 | | ... | - phy_cores - Number of physical cores. Type: integer
67 | | ... | - rxq - Number of RX queues, default value: ${None}. Type: integer
69 | | [Arguments] | ${frame_size} | ${phy_cores} | ${rxq}=${None}
71 | | Set Test Variable | \${frame_size}
73 | | Given Set Max Rate And Jumbo
74 | | And Add worker threads to all DUTs | ${phy_cores} | ${rxq}
75 | | And Pre-initialize layer driver | ${nic_driver}
76 | | And Apply startup configuration on all VPP DUTs | with_trace=${True}
77 | | When Initialize layer driver | ${nic_driver}
78 | | And Initialize layer interface
79 | | And Initialize IPv4 forwarding in circular topology
80 | | And Add Fib Table | ${dut1} | 1
81 | | And Vpp Route Add | ${dut1} | 10.10.10.0 | 24 | vrf=1 | local=${TRUE}
82 | | And ADL Add allowlist Entry | ${dut1} | ${DUT1_${int}1}[0] | ip4 | 1
83 | | And ADL interface enable or disable | ${dut1} | ${DUT1_${int}1}[0] | enable
84 | | Then Packet transmission from port to port should fail
85 | | ... | ${tg} | 100.0.0.2 | 200.0.0.2
86 | | ... | ${TG_pf1}[0] | ${TG_pf1_mac}[0] | ${DUT1_vf1_mac}[0]
87 | | ... | ${TG_pf2}[0] | ${DUT1_vf2_mac}[0] | ${TG_pf2_mac}[0]
90 | 64B-0c-ethip4-ip4base-adlblklistbase-scapy
92 | | frame_size=${64} | phy_cores=${0}