X-Git-Url: https://gerrit.fd.io/r/gitweb?a=blobdiff_plain;f=test%2Ftest_dvr.py;h=e616408e8c7836c5b5ec3f73b9408e8a96def9f8;hb=4941afb4f96a20df7dc8b6688f7921a3d713b77d;hp=ae7864cc3e68a7e12314aeca1015531172ca3244;hpb=4271c971919bb8defa3ca54f4a362676cd57bfb2;p=vpp.git diff --git a/test/test_dvr.py b/test/test_dvr.py index ae7864cc3e6..e616408e8c7 100644 --- a/test/test_dvr.py +++ b/test/test_dvr.py @@ -1,21 +1,24 @@ -#!/usr/bin/env python +#!/usr/bin/env python3 import unittest -from framework import VppTestCase, VppTestRunner -from vpp_ip_route import VppIpRoute, VppRoutePath +from framework import VppTestCase +from asfframework import VppTestRunner +from vpp_ip_route import VppIpRoute, VppRoutePath, FibPathType from vpp_l2 import L2_PORT_TYPE from vpp_sub_interface import L2_VTR_OP, VppDot1QSubint +from vpp_acl import AclRule, VppAcl, VppAclInterface from scapy.packet import Raw from scapy.layers.l2 import Ether, Dot1Q from scapy.layers.inet import IP, UDP -from socket import AF_INET, inet_pton +from socket import AF_INET +from ipaddress import IPv4Network NUM_PKTS = 67 class TestDVR(VppTestCase): - """ Distributed Virtual Router """ + """Distributed Virtual Router""" @classmethod def setUpClass(cls): @@ -60,7 +63,7 @@ class TestDVR(VppTestCase): self.assertFalse(p.haslayer(Dot1Q)) def test_dvr(self): - """ Distributed Virtual Router """ + """Distributed Virtual Router""" # # A packet destined to an IP address that is L2 bridged via @@ -70,18 +73,18 @@ class TestDVR(VppTestCase): ip_tag_bridged = "10.10.10.11" any_src_addr = "1.1.1.1" - pkt_no_tag = (Ether(src=self.pg0.remote_mac, - dst=self.loop0.local_mac) / - IP(src=any_src_addr, - dst=ip_non_tag_bridged) / - UDP(sport=1234, dport=1234) / - Raw('\xa5' * 100)) - pkt_tag = (Ether(src=self.pg0.remote_mac, - dst=self.loop0.local_mac) / - IP(src=any_src_addr, - dst=ip_tag_bridged) / - UDP(sport=1234, dport=1234) / - Raw('\xa5' * 100)) + pkt_no_tag = ( + Ether(src=self.pg0.remote_mac, dst=self.loop0.local_mac) + / IP(src=any_src_addr, dst=ip_non_tag_bridged) + / UDP(sport=1234, dport=1234) + / Raw(b"\xa5" * 100) + ) + pkt_tag = ( + Ether(src=self.pg0.remote_mac, dst=self.loop0.local_mac) + / IP(src=any_src_addr, dst=ip_tag_bridged) + / UDP(sport=1234, dport=1234) + / Raw(b"\xa5" * 100) + ) # # Two sub-interfaces so we can test VLAN tag push/pop @@ -95,32 +98,45 @@ class TestDVR(VppTestCase): # Put all the interfaces into a new bridge domain # self.vapi.sw_interface_set_l2_bridge( - rx_sw_if_index=self.pg0.sw_if_index, bd_id=1) + rx_sw_if_index=self.pg0.sw_if_index, bd_id=1 + ) self.vapi.sw_interface_set_l2_bridge( - rx_sw_if_index=self.pg1.sw_if_index, bd_id=1) + rx_sw_if_index=self.pg1.sw_if_index, bd_id=1 + ) self.vapi.sw_interface_set_l2_bridge( - rx_sw_if_index=sub_if_on_pg2.sw_if_index, bd_id=1) + rx_sw_if_index=sub_if_on_pg2.sw_if_index, bd_id=1 + ) self.vapi.sw_interface_set_l2_bridge( - rx_sw_if_index=sub_if_on_pg3.sw_if_index, bd_id=1) + rx_sw_if_index=sub_if_on_pg3.sw_if_index, bd_id=1 + ) self.vapi.sw_interface_set_l2_bridge( - rx_sw_if_index=self.loop0.sw_if_index, bd_id=1, - port_type=L2_PORT_TYPE.BVI) + rx_sw_if_index=self.loop0.sw_if_index, bd_id=1, port_type=L2_PORT_TYPE.BVI + ) self.vapi.l2_interface_vlan_tag_rewrite( - sw_if_index=sub_if_on_pg2.sw_if_index, vtr_op=L2_VTR_OP.L2_POP_1, - push_dot1q=92) + sw_if_index=sub_if_on_pg2.sw_if_index, + vtr_op=L2_VTR_OP.L2_POP_1, + push_dot1q=92, + ) self.vapi.l2_interface_vlan_tag_rewrite( - sw_if_index=sub_if_on_pg3.sw_if_index, vtr_op=L2_VTR_OP.L2_POP_1, - push_dot1q=93) + sw_if_index=sub_if_on_pg3.sw_if_index, + vtr_op=L2_VTR_OP.L2_POP_1, + push_dot1q=93, + ) # # Add routes to bridge the traffic via a tagged an nontagged interface # route_no_tag = VppIpRoute( - self, ip_non_tag_bridged, 32, - [VppRoutePath("0.0.0.0", - self.pg1.sw_if_index, - is_dvr=1)]) + self, + ip_non_tag_bridged, + 32, + [ + VppRoutePath( + "0.0.0.0", self.pg1.sw_if_index, type=FibPathType.FIB_PATH_TYPE_DVR + ) + ], + ) route_no_tag.add_vpp_config() # @@ -135,10 +151,17 @@ class TestDVR(VppTestCase): # Add routes to bridge the traffic via a tagged interface # route_with_tag = VppIpRoute( - self, ip_tag_bridged, 32, - [VppRoutePath("0.0.0.0", - sub_if_on_pg3.sw_if_index, - is_dvr=1)]) + self, + ip_tag_bridged, + 32, + [ + VppRoutePath( + "0.0.0.0", + sub_if_on_pg3.sw_if_index, + type=FibPathType.FIB_PATH_TYPE_DVR, + ) + ], + ) route_with_tag.add_vpp_config() # @@ -152,100 +175,98 @@ class TestDVR(VppTestCase): # # Tag to tag # - pkt_tag_to_tag = (Ether(src=self.pg2.remote_mac, - dst=self.loop0.local_mac) / - Dot1Q(vlan=92) / - IP(src=any_src_addr, - dst=ip_tag_bridged) / - UDP(sport=1234, dport=1234) / - Raw('\xa5' * 100)) - - rx = self.send_and_expect(self.pg2, - pkt_tag_to_tag * NUM_PKTS, - self.pg3) + pkt_tag_to_tag = ( + Ether(src=self.pg2.remote_mac, dst=self.loop0.local_mac) + / Dot1Q(vlan=92) + / IP(src=any_src_addr, dst=ip_tag_bridged) + / UDP(sport=1234, dport=1234) + / Raw(b"\xa5" * 100) + ) + + rx = self.send_and_expect(self.pg2, pkt_tag_to_tag * NUM_PKTS, self.pg3) self.assert_same_mac_addr(pkt_tag_to_tag, rx) self.assert_has_vlan_tag(93, rx) # # Tag to non-Tag # - pkt_tag_to_non_tag = (Ether(src=self.pg2.remote_mac, - dst=self.loop0.local_mac) / - Dot1Q(vlan=92) / - IP(src=any_src_addr, - dst=ip_non_tag_bridged) / - UDP(sport=1234, dport=1234) / - Raw('\xa5' * 100)) - - rx = self.send_and_expect(self.pg2, - pkt_tag_to_non_tag * NUM_PKTS, - self.pg1) + pkt_tag_to_non_tag = ( + Ether(src=self.pg2.remote_mac, dst=self.loop0.local_mac) + / Dot1Q(vlan=92) + / IP(src=any_src_addr, dst=ip_non_tag_bridged) + / UDP(sport=1234, dport=1234) + / Raw(b"\xa5" * 100) + ) + + rx = self.send_and_expect(self.pg2, pkt_tag_to_non_tag * NUM_PKTS, self.pg1) self.assert_same_mac_addr(pkt_tag_to_tag, rx) self.assert_has_no_tag(rx) # # Add an output L3 ACL that will block the traffic # - rule_1 = ({'is_permit': 0, - 'is_ipv6': 0, - 'proto': 17, - 'srcport_or_icmptype_first': 1234, - 'srcport_or_icmptype_last': 1234, - 'src_ip_prefix_len': 32, - 'src_ip_addr': inet_pton(AF_INET, any_src_addr), - 'dstport_or_icmpcode_first': 1234, - 'dstport_or_icmpcode_last': 1234, - 'dst_ip_prefix_len': 32, - 'dst_ip_addr': inet_pton(AF_INET, ip_non_tag_bridged)}) - acl = self.vapi.acl_add_replace(acl_index=4294967295, - r=[rule_1]) + rule_1 = AclRule( + is_permit=0, + proto=17, + ports=1234, + src_prefix=IPv4Network((any_src_addr, 32)), + dst_prefix=IPv4Network((ip_non_tag_bridged, 32)), + ) + acl = VppAcl(self, rules=[rule_1]) + acl.add_vpp_config() # # Apply the ACL on the output interface # - self.vapi.acl_interface_set_acl_list(self.pg1.sw_if_index, - 0, - [acl.acl_index]) + acl_if1 = VppAclInterface( + self, sw_if_index=self.pg1.sw_if_index, n_input=0, acls=[acl] + ) + acl_if1.add_vpp_config() # # Send packet's that should match the ACL and be dropped # - rx = self.send_and_assert_no_replies(self.pg2, - pkt_tag_to_non_tag * NUM_PKTS) + rx = self.send_and_assert_no_replies(self.pg2, pkt_tag_to_non_tag * NUM_PKTS) # # cleanup # - self.vapi.acl_interface_set_acl_list(self.pg1.sw_if_index, - 0, []) - self.vapi.acl_del(acl.acl_index) + acl_if1.remove_vpp_config() + acl.remove_vpp_config() self.vapi.sw_interface_set_l2_bridge( - rx_sw_if_index=self.pg0.sw_if_index, bd_id=1, enable=0) + rx_sw_if_index=self.pg0.sw_if_index, bd_id=1, enable=0 + ) self.vapi.sw_interface_set_l2_bridge( - rx_sw_if_index=self.pg1.sw_if_index, bd_id=1, enable=0) + rx_sw_if_index=self.pg1.sw_if_index, bd_id=1, enable=0 + ) self.vapi.sw_interface_set_l2_bridge( - rx_sw_if_index=sub_if_on_pg2.sw_if_index, bd_id=1, enable=0) + rx_sw_if_index=sub_if_on_pg2.sw_if_index, bd_id=1, enable=0 + ) self.vapi.sw_interface_set_l2_bridge( - rx_sw_if_index=sub_if_on_pg3.sw_if_index, bd_id=1, enable=0) + rx_sw_if_index=sub_if_on_pg3.sw_if_index, bd_id=1, enable=0 + ) self.vapi.sw_interface_set_l2_bridge( - rx_sw_if_index=self.loop0.sw_if_index, bd_id=1, - port_type=L2_PORT_TYPE.BVI, enable=0) + rx_sw_if_index=self.loop0.sw_if_index, + bd_id=1, + port_type=L2_PORT_TYPE.BVI, + enable=0, + ) # # Do a FIB dump to make sure the paths are correctly reported as DVR # - routes = self.vapi.ip_fib_dump() + routes = self.vapi.ip_route_dump(0) for r in routes: - if (inet_pton(AF_INET, ip_tag_bridged) == r.address): - self.assertEqual(r.path[0].sw_if_index, - sub_if_on_pg3.sw_if_index) - self.assertEqual(r.path[0].is_dvr, 1) - if (inet_pton(AF_INET, ip_non_tag_bridged) == r.address): - self.assertEqual(r.path[0].sw_if_index, - self.pg1.sw_if_index) - self.assertEqual(r.path[0].is_dvr, 1) + if ip_tag_bridged == str(r.route.prefix.network_address): + self.assertEqual( + r.route.paths[0].sw_if_index, sub_if_on_pg3.sw_if_index + ) + self.assertEqual(r.route.paths[0].type, FibPathType.FIB_PATH_TYPE_DVR) + if ip_non_tag_bridged == str(r.route.prefix.network_address): + self.assertEqual(r.route.paths[0].sw_if_index, self.pg1.sw_if_index) + self.assertEqual(r.route.paths[0].type, FibPathType.FIB_PATH_TYPE_DVR) # # the explicit route delete is require so it happens before @@ -257,157 +278,6 @@ class TestDVR(VppTestCase): sub_if_on_pg3.remove_vpp_config() sub_if_on_pg2.remove_vpp_config() - def test_l2_emulation(self): - """ L2 Emulation """ - - # - # non distinct L3 packets, in the tag/non-tag combos - # - pkt_no_tag = (Ether(src=self.pg0.remote_mac, - dst=self.pg1.remote_mac) / - IP(src="2.2.2.2", - dst="1.1.1.1") / - UDP(sport=1234, dport=1234) / - Raw('\xa5' * 100)) - pkt_to_tag = (Ether(src=self.pg0.remote_mac, - dst=self.pg2.remote_mac) / - IP(src="2.2.2.2", - dst="1.1.1.2") / - UDP(sport=1234, dport=1234) / - Raw('\xa5' * 100)) - pkt_from_tag = (Ether(src=self.pg3.remote_mac, - dst=self.pg2.remote_mac) / - Dot1Q(vlan=93) / - IP(src="2.2.2.2", - dst="1.1.1.1") / - UDP(sport=1234, dport=1234) / - Raw('\xa5' * 100)) - pkt_from_to_tag = (Ether(src=self.pg3.remote_mac, - dst=self.pg2.remote_mac) / - Dot1Q(vlan=93) / - IP(src="2.2.2.2", - dst="1.1.1.2") / - UDP(sport=1234, dport=1234) / - Raw('\xa5' * 100)) - pkt_bcast = (Ether(src=self.pg0.remote_mac, - dst="ff:ff:ff:ff:ff:ff") / - IP(src="2.2.2.2", - dst="255.255.255.255") / - UDP(sport=1234, dport=1234) / - Raw('\xa5' * 100)) - - # - # A couple of sub-interfaces for tags - # - sub_if_on_pg2 = VppDot1QSubint(self, self.pg2, 92) - sub_if_on_pg3 = VppDot1QSubint(self, self.pg3, 93) - sub_if_on_pg2.admin_up() - sub_if_on_pg3.admin_up() - - # - # Put all the interfaces into a new bridge domain - # - self.vapi.sw_interface_set_l2_bridge( - rx_sw_if_index=self.pg0.sw_if_index, bd_id=1) - self.vapi.sw_interface_set_l2_bridge( - rx_sw_if_index=self.pg1.sw_if_index, bd_id=1) - self.vapi.sw_interface_set_l2_bridge( - rx_sw_if_index=sub_if_on_pg2.sw_if_index, bd_id=1) - self.vapi.sw_interface_set_l2_bridge( - rx_sw_if_index=sub_if_on_pg3.sw_if_index, bd_id=1) - self.vapi.l2_interface_vlan_tag_rewrite( - sw_if_index=sub_if_on_pg2.sw_if_index, vtr_op=L2_VTR_OP.L2_POP_1, - push_dot1q=92) - self.vapi.l2_interface_vlan_tag_rewrite( - sw_if_index=sub_if_on_pg3.sw_if_index, vtr_op=L2_VTR_OP.L2_POP_1, - push_dot1q=93) - - # - # Disable UU flooding, learning and ARP termination. makes this test - # easier as unicast packets are dropped if not extracted. - # - self.vapi.bridge_flags(bd_id=1, is_set=0, - flags=(1 << 0) | (1 << 3) | (1 << 4)) - - # - # Add a DVR route to steer traffic at L3 - # - route_1 = VppIpRoute(self, "1.1.1.1", 32, - [VppRoutePath("0.0.0.0", - self.pg1.sw_if_index, - is_dvr=1)]) - route_2 = VppIpRoute(self, "1.1.1.2", 32, - [VppRoutePath("0.0.0.0", - sub_if_on_pg2.sw_if_index, - is_dvr=1)]) - route_1.add_vpp_config() - route_2.add_vpp_config() - - # - # packets are dropped because bridge does not flood unknown unicast - # - self.send_and_assert_no_replies(self.pg0, pkt_no_tag) - - # - # Enable L3 extraction on pgs - # - self.vapi.l2_emulation(self.pg0.sw_if_index) - self.vapi.l2_emulation(self.pg1.sw_if_index) - self.vapi.l2_emulation(sub_if_on_pg2.sw_if_index) - self.vapi.l2_emulation(sub_if_on_pg3.sw_if_index) - - # - # now we expect the packet forward according to the DVR route - # - rx = self.send_and_expect(self.pg0, pkt_no_tag * NUM_PKTS, self.pg1) - self.assert_same_mac_addr(pkt_no_tag, rx) - self.assert_has_no_tag(rx) - - rx = self.send_and_expect(self.pg0, pkt_to_tag * NUM_PKTS, self.pg2) - self.assert_same_mac_addr(pkt_to_tag, rx) - self.assert_has_vlan_tag(92, rx) - - rx = self.send_and_expect(self.pg3, pkt_from_tag * NUM_PKTS, self.pg1) - self.assert_same_mac_addr(pkt_from_tag, rx) - self.assert_has_no_tag(rx) - - rx = self.send_and_expect(self.pg3, - pkt_from_to_tag * NUM_PKTS, - self.pg2) - self.assert_same_mac_addr(pkt_from_tag, rx) - self.assert_has_vlan_tag(92, rx) - - # - # but broadcast packets are still flooded - # - self.send_and_expect(self.pg0, pkt_bcast * 33, self.pg2) - - # - # cleanup - # - self.vapi.l2_emulation(self.pg0.sw_if_index, - enable=0) - self.vapi.l2_emulation(self.pg1.sw_if_index, - enable=0) - self.vapi.l2_emulation(sub_if_on_pg2.sw_if_index, - enable=0) - self.vapi.l2_emulation(sub_if_on_pg3.sw_if_index, - enable=0) - - self.vapi.sw_interface_set_l2_bridge( - rx_sw_if_index=self.pg0.sw_if_index, bd_id=1, enable=0) - self.vapi.sw_interface_set_l2_bridge( - rx_sw_if_index=self.pg1.sw_if_index, bd_id=1, enable=0) - self.vapi.sw_interface_set_l2_bridge( - rx_sw_if_index=sub_if_on_pg2.sw_if_index, bd_id=1, enable=0) - self.vapi.sw_interface_set_l2_bridge( - rx_sw_if_index=sub_if_on_pg3.sw_if_index, bd_id=1, enable=0) - - route_1.remove_vpp_config() - route_2.remove_vpp_config() - sub_if_on_pg3.remove_vpp_config() - sub_if_on_pg2.remove_vpp_config() - -if __name__ == '__main__': +if __name__ == "__main__": unittest.main(testRunner=VppTestRunner)