--- /dev/null
+# Copyright (c) 2016 Cisco and/or its affiliates.
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at:
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+
+"""COP utilities library."""
+
+from resources.libraries.python.VatExecutor import VatTerminal
+from resources.libraries.python.topology import Topology
+
+
+class Cop(object):
+ """COP utilities."""
+
+ @staticmethod
+ def cop_add_whitelist_entry(node, interface, ip_format, fib_id):
+ """Add cop whitelisted entry.
+
+ :param node: Node to add COP whitelist on.
+ :param interface: Interface of the node where the COP is added.
+ :param ip_format: IP format : ip4 or ip6 are valid formats.
+ :param fib_id: Specify the fib table ID.
+ :type node: dict
+ :type interface: str
+ :type ip_format: str
+ :type fib_id: int
+ """
+ if ip_format not in ('ip4', 'ip6'):
+ raise ValueError("Ip not in correct format!")
+ sw_if_index = Topology.get_interface_sw_index(node, interface)
+ with VatTerminal(node) as vat:
+ vat.vat_terminal_exec_cmd_from_template('cop_whitelist.vat',
+ sw_if_index=sw_if_index,
+ ip=ip_format,
+ fib_id=fib_id)
+
+ @staticmethod
+ def cop_interface_enable_or_disable(node, interface, state):
+ """Enable or disable COP on the interface.
+
+ :param node: Node to add COP whitelist on.
+ :param interface: Interface of the node where the COP is added.
+ :param state: disable/enable COP on the interface.
+ :type node: dict
+ :type interface: str
+ :type state: str
+ """
+ state = state.lower()
+ if state in ('enable', 'disable'):
+ if state == 'enable':
+ state = ''
+ sw_if_index = Topology.get_interface_sw_index(node, interface)
+ with VatTerminal(node) as vat:
+ vat.vat_terminal_exec_cmd_from_template('cop_interface.vat',
+ sw_if_index=sw_if_index,
+ state=state)
+ else:
+ raise ValueError(
+ "Possible values are 'enable' or 'disable'!"
+ )
nodes_addr)
mac_address = adj_int['mac_address']
get_node(node).set_arp(interface_name, ip_address, mac_address)
+
+ @staticmethod
+ def add_arp_on_dut(node, interface, ip_address, mac_address):
+ """Set ARP cache entree on DUT node.
+
+ :param node: Node in the topology.
+ :param interface: Interface name of the node.
+ :param ip_address: IP address of the interface.
+ :param mac_address: MAC address of the interface.
+ :type node: dict
+ :type interface: str
+ :type ip_address: str
+ :type mac_address: str
+ """
+ get_node(node).set_arp(interface, ip_address, mac_address)
get_node(node).set_ip(interface, address, int(prefix_length))
@staticmethod
- @keyword('Node "${node}" routes to IPv4 network "${network}" with prefix '
- 'length "${prefix_length}" using interface "${interface}" via '
- '"${gateway}"')
def set_route(node, network, prefix_length, interface, gateway):
"""See IPv4Node.set_route for more information.
prefix_length=prefix_len,
gateway=gateway,
sw_if_index=sw_if_index)
+
+ @staticmethod
+ def add_fib_table(node, network, prefix_len, fib_id, place):
+ """Create new FIB table according to ID.
+
+ :param node: Node to add FIB on.
+ :param network: IP address to add to the FIB table.
+ :param prefix_len: IP address prefix length.
+ :param fib_id: FIB table ID.
+ :param place: Possible variants are local, drop.
+ :type node: dict
+ :type network: str
+ :type prefix_len: int
+ :type fib_id: int
+ :type place: str
+ """
+ with VatTerminal(node) as vat:
+ vat.vat_terminal_exec_cmd_from_template('add_fib_table.vat',
+ network=network,
+ prefix_length=prefix_len,
+ fib_number=fib_id,
+ where=place)
--- /dev/null
+# Copyright (c) 2016 Cisco and/or its affiliates.
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at:
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+
+*** Settings ***
+| Resource | resources/libraries/robot/default.robot
+| Resource | resources/libraries/robot/counters.robot
+| Library | resources.libraries.python.NodePath
+| Library | resources.libraries.python.Cop
+| Library | resources.libraries.python.Routing
+| Library | resources.libraries.python.TrafficScriptExecutor
+| Library | resources.libraries.python.InterfaceUtil
+
+*** Keywords ***
+| Setup Nodes And Variables
+| | [Documentation] | Setup of test variables and bring interfaces up.
+| | ...
+| | ... | *Arguments:*
+| | ...
+| | ... | - {tg_node} : Node where to start/end. Type: dictionary
+| | ... | - {dut1_node} - Next node from start. Type: dictionary
+| | ... | - {dut2_node} - Third node. Type: dictionary
+| | ...
+| | ... | *Return:*
+| | ...
+| | ... | - No value returned
+| | ...
+| | ... | *Example:*
+| | ...
+| | ... | \| Setup Nodes And Variables \| ${nodes['TG']} \
+| | ... | \| ${nodes['DUT1']} \| ${nodes['DUT2']} \|
+| | ...
+| | ... | _NOTE:_ This KW sets following test case variables:
+| | ...
+| | ... | - ${tg_if1} - Iterface of TG towards DUT (1st).
+| | ... | - ${tg_if2} - Interface of TG towards DUT (2nd).
+| | ... | - ${dut1_if1} - Interface of DUT towards TG (1st).
+| | ... | - ${dut1_if2} - Interface of DUT towards TG (2nd).
+| | ... | - ${dut2_if1} - Interface of DUT2 towards DUT (1st).
+| | ... | - ${dut2_if2} - Interface of DUT2 towards TG (2nd).
+| | ... | - ${tg_if1_mac} - MAC address of TG interface (1st).
+| | ... | - ${tg_if2_mac} - MAC address of TG interface (2nd).
+| | ... | - ${dut1_if1_mac} - MAC address of DUT1 interface (1st).
+| | ... | - ${dut1_if2_mac} - MAC address of DUT1 interface (2nd).
+| | ...
+| | [Arguments] | ${tg_node} | ${dut1_node} | ${dut2_node}
+| | Append Nodes | ${tg_node} | ${dut1_node} | ${dut2_node} |
+| | ... | ${tg_node}
+| | Compute Path
+| | ${tg_if1} | ${tg}= | Next Interface
+| | ${dut1_if1} | ${dut1}= | Next Interface
+| | ${dut1_if2} | ${dut1}= | Next Interface
+| | ${dut2_if1} | ${dut2}= | Next Interface
+| | ${dut2_if2} | ${dut2}= | Next Interface
+| | ${tg_if2} | ${tg}= | Next Interface
+| | ${tg_if1_mac}= | Get interface mac | ${tg} | ${tg_if1}
+| | ${tg_if2_mac}= | Get interface mac | ${tg} | ${tg_if2}
+| | ${dut1_if1_mac}= | Get interface mac | ${dut1} | ${dut1_if1}
+| | ${dut1_if2_mac}= | Get interface mac | ${dut1} | ${dut1_if2}
+| | Set Test Variable | ${tg_if1}
+| | Set Test Variable | ${tg_if2}
+| | Set Test Variable | ${dut1_if1}
+| | Set Test Variable | ${dut1_if2}
+| | Set Test Variable | ${dut2_if1}
+| | Set Test Variable | ${dut2_if2}
+| | Set Test Variable | ${tg_if1_mac}
+| | Set Test Variable | ${tg_if2_mac}
+| | Set Test Variable | ${dut1_if1_mac}
+| | Set Test Variable | ${dut1_if2_mac}
+| | Set Interface State | ${tg_node} | ${tg_if1} | up
+| | Set Interface State | ${tg_node} | ${tg_if2} | up
+| | Set Interface State | ${dut1_node} | ${dut1_if1} | up
+| | Set Interface State | ${dut1_node} | ${dut1_if2} | up
+| | Set Interface State | ${dut2_node} | ${dut2_if1} | up
+| | Set Interface State | ${dut2_node} | ${dut2_if2} | up
+| | All Vpp Interfaces Ready Wait | ${nodes}
--- /dev/null
+# Copyright (c) 2016 Cisco and/or its affiliates.
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at:
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+
+"""Traffic keywords"""
+
+*** Settings ***
+| Library | resources.libraries.python.IPv6Util
+| Library | resources.libraries.python.IPv6Setup
+| Library | resources.libraries.python.TrafficScriptExecutor
+| Library | resources.libraries.python.NodePath
+| Library | resources.libraries.python.Routing
+| Library | resources.libraries.python.InterfaceUtil
+| Library | resources.libraries.python.topology.Topology
+| Resource | resources/libraries/robot/default.robot
+| Resource | resources/libraries/robot/counters.robot
+| Documentation | Traffic keywords
+
+*** Keywords ***
+| Send Packet And Check Headers
+| | [Documentation] | Sends packet from IP (with source mac) to IP
+| | ... | (with dest mac). There has to be 4 MAC addresses
+| | ... | when using 2 node +
+| | ... | xconnect (one for each eth).
+| | ...
+| | ... | *Arguments:*
+| | ...
+| | ... | _NOTE:_ Arguments are based on example:
+| | ... | TG(if1)->(if1)DUT(if2)->TG(if2)
+| | ...
+| | ... | - {tg_node} : Node to execute scripts on (TG). Type: dictionary
+| | ... | - {src_ip} - IP of source interface (TG-if1). Type: int
+| | ... | - {dst_ip} - IP of destination interface (TG-if2). Type: int
+| | ... | - {tx_src_port} - Interface of TG-if1. Type: string
+| | ... | - {tx_src_mac} - MAC address of TG-if1. Type: string
+| | ... | - {tx_dst_mac} - MAC address of DUT-if1. Type: string
+| | ... | - {rx_port} - Interface of TG-if1. Type: string
+| | ... | - {rx_src_mac} - MAC address of DUT1-if2. Type: string
+| | ... | - {rx_dst_mac} - MAC address of TG-if2. Type: string
+| | ...
+| | ... | *Return:*
+| | ... | - No value returned
+| | ...
+| | ... | *Example:*
+| | ...
+| | ... | \| Send Packet And Check Headers \| ${nodes['TG']} \| 10.0.0.1 \
+| | ... | \| 32.0.0.1 \| eth2 \| 08:00:27:ee:fd:b3 \| 08:00:27:a2:52:5b \
+| | ... | \| eth3 \| 08:00:27:4d:ca:7a \| 08:00:27:7d:fd:10 \|
+| | ...
+| | [Arguments] | ${tg_node} | ${src_ip} | ${dst_ip} | ${tx_src_port} |
+| | ... | ${tx_src_mac} | ${tx_dst_mac} | ${rx_port} | ${rx_src_mac}
+| | ... | ${rx_dst_mac}
+| | ${args}= | Catenate | --tg_src_mac | ${tx_src_mac} | --tg_dst_mac |
+| | ... | ${rx_dst_mac} | --dut_if1_mac | ${tx_dst_mac} | --dut_if2_mac |
+| | ... | ${rx_src_mac} | --src_ip | ${src_ip} | --dst_ip | ${dst_ip} |
+| | ... | --tx_if | ${tx_src_port} | --rx_if | ${rx_port}
+| | Run Traffic Script On Node | send_icmp_check_headers.py | ${tg_node} |
+| | ... | ${args}
+
+| Send packet from Port to Port should failed
+| | [Documentation] | Sends packet from ip (with specified mac) to ip
+| | ... | (with dest mac). Using keyword : Send packet And Check
+| | ... | Headers and subsequently checks the return value
+| | ...
+| | ... | *Arguments:*
+| | ...
+| | ... | _NOTE:_ Arguments are based on example:
+| | ... | TG(if1)->(if1)DUT(if2)->TG(if2)
+| | ...
+| | ... | - {tg_node} : Node to execute scripts on (TG). Type: dictionary
+| | ... | - {src_ip} - IP of source interface (TG-if1). Type: int
+| | ... | - {dst_ip} - IP of destination interface (TG-if2). Type: int
+| | ... | - {tx_src_port} - Interface of TG-if1. Type: string
+| | ... | - {tx_src_mac} - MAC address of TG-if1. Type: string
+| | ... | - {tx_dst_mac} - MAC address of DUT-if1. Type: string
+| | ... | - {rx_port} - Interface of TG-if1. Type: string
+| | ... | - {rx_src_mac} - MAC address of DUT1-if2. Type: string
+| | ... | - {rx_dst_mac} - MAC address of TG-if2. Type: string
+| | ...
+| | ... | *Return:*
+| | ... | - No value returned
+| | ...
+| | ... | *Example:*
+| | ...
+| | ... | \| Send packet from Port to Port should failed \| ${nodes['TG']} \
+| | ... | \| 10.0.0.1 \ \| 32.0.0.1 \| eth2 \| 08:00:27:ee:fd:b3 \
+| | ... | \| 08:00:27:a2:52:5b \| eth3 \| 08:00:27:4d:ca:7a \
+| | ... | \| 08:00:27:7d:fd:10 \|
+| | [Arguments] | ${tg_node} | ${src_ip} | ${dst_ip} | ${tx_src_port} |
+| | ... | ${tx_src_mac} | ${tx_dst_mac} | ${rx_port} | ${rx_src_mac} |
+| | ... | ${rx_dst_mac}
+| | ${args}= | Catenate | --tg_src_mac | ${tx_src_mac} | --tg_dst_mac |
+| | ... | ${rx_dst_mac} | --dut_if1_mac | ${tx_dst_mac} | --dut_if2_mac |
+| | ... | ${rx_src_mac} | --src_ip | ${src_ip} | --dst_ip | ${dst_ip} |
+| | ... | --tx_if | ${tx_src_port} | --rx_if | ${rx_port}
+| | Run Keyword And Expect Error | ICMP echo Rx timeout |
+| | ... | Run Traffic Script On Node | send_icmp_check_headers.py
+| | ... | ${tg_node} | ${args}
+l
\ No newline at end of file
--- /dev/null
+ip_add_del_route {network}/{prefix_length} {where} vrf {fib_number} create-vrf
\ No newline at end of file
--- /dev/null
+cop_interface_enable_disable sw_if_index {sw_if_index} {state}
\ No newline at end of file
--- /dev/null
+cop_whitelist_enable_disable sw_if_index {sw_if_index} {ip} fib-id {fib_id}
\ No newline at end of file
--- /dev/null
+#!/usr/bin/env python
+# Copyright (c) 2016 Cisco and/or its affiliates.
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at:
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+
+"""Traffic script that sends an ip icmp packet
+from one interface to the other.
+"""
+
+import sys
+import ipaddress
+
+from scapy.layers.inet import ICMP, IP
+from scapy.layers.inet6 import IPv6
+from scapy.all import Ether
+from scapy.layers.inet6 import ICMPv6EchoRequest
+from robot.api import logger
+
+from resources.libraries.python.PacketVerifier import RxQueue, TxQueue
+from resources.libraries.python.TrafficScriptArg import TrafficScriptArg
+
+
+def valid_ipv4(ip):
+ try:
+ ipaddress.IPv4Address(unicode(ip))
+ return True
+ except (AttributeError, ipaddress.AddressValueError):
+ return False
+
+
+def valid_ipv6(ip):
+ try:
+ ipaddress.IPv6Address(unicode(ip))
+ return True
+ except (AttributeError, ipaddress.AddressValueError):
+ return False
+
+
+def main():
+ """Send IP ICMP packet from one traffic generator interface to the other."""
+ args = TrafficScriptArg(
+ ['tg_src_mac', 'tg_dst_mac', 'src_ip', 'dst_ip', 'dut_if1_mac',
+ 'dut_if2_mac'])
+
+ src_mac = args.get_arg('tg_src_mac')
+ dst_mac = args.get_arg('tg_dst_mac')
+ dut1_if1_mac = args.get_arg('dut_if1_mac')
+ dut1_if2_mac = args.get_arg('dut_if2_mac')
+ src_ip = args.get_arg('src_ip')
+ dst_ip = args.get_arg('dst_ip')
+ tx_if = args.get_arg('tx_if')
+ rx_if = args.get_arg('rx_if')
+
+ rxq = RxQueue(rx_if)
+ txq = TxQueue(tx_if)
+ sent_packets = []
+ ip_format = ''
+ pkt_raw = ''
+ if valid_ipv4(src_ip) and valid_ipv4(dst_ip):
+ pkt_raw = (Ether(src=src_mac, dst=dut1_if1_mac) /
+ IP(src=src_ip, dst=dst_ip) /
+ ICMP())
+ ip_format = 'IP'
+ elif valid_ipv6(src_ip) and valid_ipv6(dst_ip):
+ pkt_raw = (Ether(src=src_mac, dst=dut1_if1_mac) /
+ IPv6(src=src_ip, dst=dst_ip) /
+ ICMPv6EchoRequest())
+ ip_format = 'IPv6'
+ else:
+ raise ValueError("IP not in correct format")
+
+ sent_packets.append(pkt_raw)
+ txq.send(pkt_raw)
+ ether = rxq.recv(2)
+
+ if ether is None:
+ raise RuntimeError("ICMP echo Rx timeout")
+ if not ether.haslayer(ip_format):
+ raise RuntimeError("Not an IP packet received {0}"
+ .format(ether.__repr__()))
+
+ # Compare data from packets
+ if src_ip == ether[ip_format].src and dst_ip == ether[ip_format].dst:
+ logger.trace("IP matched")
+ if dst_mac == ether['Ethernet'].dst and \
+ dut1_if2_mac == ether['Ethernet'].src:
+ logger.trace("MAC matched")
+ else:
+ raise RuntimeError("Matching packet unsuccessful: {0}"
+ .format(ether.__repr__()))
+ else:
+ raise RuntimeError("Matching packet unsuccessful: {0}"
+ .format(ether.__repr__()))
+ sys.exit(0)
+
+
+if __name__ == "__main__":
+ main()
--- /dev/null
+# Copyright (c) 2016 Cisco and/or its affiliates.
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at:
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+
+*** Settings ***
+| Library | resources.libraries.python.topology.Topology
+| Library | resources.libraries.python.NodePath
+| Library | resources.libraries.python.Trace
+| Resource | resources/libraries/robot/default.robot
+| Resource | resources/libraries/robot/interfaces.robot
+| Resource | resources/libraries/robot/ipv4.robot
+| Resource | resources/libraries/robot/traffic.robot
+| Resource | resources/libraries/robot/cop.robot
+| Resource | resources/libraries/robot/l2_xconnect.robot
+| Variables | resources/libraries/python/IPv4NodeAddress.py | ${nodes}
+| Force Tags | HW_ENV | VM_ENV | 3_NODE_SINGLE_LINK_TOPO
+| Suite Setup | Run Keywords | Setup all DUTs before test
+| ... | AND | Setup all TGs before traffic script
+| ... | AND | Update All Interface Data On All Nodes | ${nodes}
+| Test Setup | Clear interface counters on all vpp nodes in topology | ${nodes}
+| Test Teardown | Show packet trace on all DUTs | ${nodes}
+| Documentation | *COP Blacklist and Whitelist Tests*
+| ...
+| ... | Test suite uses 3-node topology TG - DUT1 - DUT2 - TG
+| ... | with one link between nodes where DUT2 has xconnect.
+| ... | Test packets are sent only in one direction with COP set either as
+| ... | whitelist or blacklist. Subsequently, packet's IP src/dst and
+| ... | MAC addresses are checked.
+
+*** Variables ***
+| ${tg_node}= | ${nodes['TG']}
+| ${dut1_node}= | ${nodes['DUT1']}
+| ${dut2_node}= | ${nodes['DUT2']}
+
+| ${dut1_if1_ip}= | 192.168.1.1
+| ${dut1_if2_ip}= | 192.168.2.1
+| ${dut1_if1_ip_GW}= | 192.168.1.2
+| ${dut1_if2_ip_GW}= | 192.168.2.2
+
+| ${test_dst_ip}= | 32.0.0.1
+| ${test_src_ip}= | 16.0.0.1
+
+| ${cop_dut_ip}= | 16.0.0.0
+
+| ${ip_prefix}= | 24
+| ${nodes_ipv4_addresses}= | ${nodes_ipv4_addr}
+
+| ${fib_table_number}= | 1
+
+*** Test Cases ***
+| VPP permits packets based on IPv4 src addr
+| | [Documentation] | COP Whitelist test with basic setup.
+| | Given Setup Nodes And Variables | ${tg_node} | ${dut1_node} | ${dut2_node}
+| | And L2 setup xconnect on DUT | ${dut2_node} | ${dut2_if1} | ${dut2_if2}
+| | And Set Interface Address
+| | ... | ${dut1_node} | ${dut1_if1} | ${dut1_if1_ip} | ${ip_prefix}
+| | And Set Interface Address
+| | ... | ${dut1_node} | ${dut1_if2} | ${dut1_if2_ip} | ${ip_prefix}
+| | And Add Arp On Dut
+| | ... | ${dut1_node} | ${dut1_if1} | ${dut1_if1_ip_GW} | ${tg_if1_mac}
+| | And Add Arp On Dut
+| | ... | ${dut1_node} | ${dut1_if2} | ${dut1_if2_ip_GW} | ${tg_if2_mac}
+| | And Vpp Route Add | ${dut1_node}
+| | ... | ${test_dst_ip} | ${ip_prefix} | ${dut1_if2_ip_GW} | ${dut1_if2}
+| | And Add fib table | ${dut1_node}
+| | ... | ${cop_dut_ip} | ${ip_prefix} | ${fib_table_number} | local
+| | When COP Add whitelist Entry
+| | ... | ${dut1_node} | ${dut1_if1} | ip4 | ${fib_table_number}
+| | And COP interface enable or disable | ${dut1_node} | ${dut1_if1} | enable
+| | Then Send Packet And Check Headers | ${tg_node} |
+| | ... | ${test_src_ip} | ${test_dst_ip} | ${tg_if1} | ${tg_if1_mac} |
+| | ... | ${dut1_if1_mac} | ${tg_if2} | ${dut1_if2_mac} | ${tg_if2_mac}
+
+
+| VPP drops packets based on IPv4 src addr
+| | [Documentation] | COP blacklist test with basic setup.
+| | Given Setup Nodes And Variables | ${tg_node} | ${dut1_node} | ${dut2_node}
+| | And L2 setup xconnect on DUT | ${dut2_node} | ${dut2_if1} | ${dut2_if2}
+| | And Set Interface Address
+| | ... | ${dut1_node} | ${dut1_if1} | ${dut1_if1_ip} | ${ip_prefix}
+| | And Set Interface Address
+| | ... | ${dut1_node} | ${dut1_if2} | ${dut1_if2_ip} | ${ip_prefix}
+| | And Add Arp On Dut
+| | ... | ${dut1_node} | ${dut1_if1} | ${dut1_if1_ip_GW} | ${tg_if1_mac}
+| | And Add Arp On Dut
+| | ... | ${dut1_node} | ${dut1_if2} | ${dut1_if2_ip_GW} | ${tg_if2_mac}
+| | And Vpp Route Add | ${dut1_node}
+| | ... | ${test_dst_ip} | ${ip_prefix} | ${dut1_if2_ip_GW} | ${dut1_if2}
+| | And Add fib table | ${dut1_node}
+| | ... | ${cop_dut_ip} | ${ip_prefix} | ${fib_table_number} | drop
+| | When COP Add whitelist Entry
+| | ... | ${dut1_node} | ${dut1_if1} | ip4 | ${fib_table_number}
+| | And COP interface enable or disable | ${dut1_node} | ${dut1_if1} | enable
+| | Then Send packet from Port to Port should failed | ${tg_node} |
+| | ... | ${test_src_ip} | ${test_dst_ip} | ${tg_if1} | ${tg_if1_mac} |
+| | ... | ${dut1_if1_mac} | ${tg_if2} | ${dut1_if2_mac} | ${tg_if2_mac}
--- /dev/null
+# Copyright (c) 2016 Cisco and/or its affiliates.
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at:
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+
+*** Settings ***
+| Library | resources.libraries.python.topology.Topology
+| Library | resources.libraries.python.NodePath
+| Library | resources.libraries.python.Trace
+| Resource | resources/libraries/robot/default.robot
+| Resource | resources/libraries/robot/interfaces.robot
+| Resource | resources/libraries/robot/ipv6.robot
+| Resource | resources/libraries/robot/ipv4.robot
+| Resource | resources/libraries/robot/traffic.robot
+| Resource | resources/libraries/robot/cop.robot
+| Resource | resources/libraries/robot/l2_xconnect.robot
+| Variables | resources/libraries/python/IPv6NodesAddr.py | ${nodes}
+| Force Tags | HW_ENV | VM_ENV | 3_NODE_SINGLE_LINK_TOPO
+| Suite Setup | Run Keywords | Setup all DUTs before test
+| ... | AND | Setup all TGs before traffic script
+| ... | AND | Update All Interface Data On All Nodes | ${nodes}
+| Test Setup | Clear interface counters on all vpp nodes in topology | ${nodes}
+| Test Teardown | Show packet trace on all DUTs | ${nodes}
+| Documentation | *COP Blacklist and Whitelist Tests*
+| ...
+| ... | Test suite uses 3-node topology TG - DUT1 - DUT2 - TG
+| ... | with one link between nodes where DUT2 has xconnect.
+| ... | Test packets are sent only in one direction with COP set either as
+| ... | whitelist or blacklist. Subsequently, packet's IP src/dst and
+| ... | MAC addresses are checked.
+
+*** Variables ***
+| ${tg_node}= | ${nodes['TG']}
+| ${dut1_node}= | ${nodes['DUT1']}
+| ${dut2_node}= | ${nodes['DUT2']}
+
+| ${dut1_if1_ip}= | 3ffe:62::1
+| ${dut1_if2_ip}= | 3ffe:63::1
+| ${dut1_if1_ip_GW}= | 3ffe:62::2
+| ${dut1_if2_ip_GW}= | 3ffe:63::2
+
+| ${dut2_if1_ip}= | 3ffe:72::1
+| ${dut2_if2_ip}= | 3ffe:73::1
+
+| ${test_dst_ip}= | 3ffe:64::1
+| ${test_src_ip}= | 3ffe:61::1
+
+| ${cop_dut_ip}= | 3ffe:61::
+
+| ${ip_prefix}= | 64
+
+| ${nodes_ipv6_addresses}= | ${nodes_ipv6_addr}
+
+| ${fib_table_number}= | 1
+
+*** Test Cases ***
+| VPP permits packets based on IPv6 src addr
+| | [Documentation] | COP Whitelist test with basic setup.
+| | Given Setup Nodes And Variables | ${tg_node} | ${dut1_node} | ${dut2_node}
+| | And L2 setup xconnect on DUT | ${dut2_node} | ${dut2_if1} | ${dut2_if2}
+| | And VPP Set IF IPv6 Addr
+| | ... | ${dut1_node} | ${dut1_if1} | ${dut1_if1_ip} | ${ip_prefix}
+| | And VPP Set IF IPv6 Addr
+| | ... | ${dut1_node} | ${dut1_if2} | ${dut1_if2_ip} | ${ip_prefix}
+| | And VPP Set IF IPv6 Addr
+| | ... | ${dut2_node} | ${dut2_if1} | ${dut2_if1_ip} | ${ip_prefix}
+| | And VPP Set IF IPv6 Addr
+| | ... | ${dut2_node} | ${dut2_if2} | ${dut2_if2_ip} | ${ip_prefix}
+| | And Add Arp On Dut
+| | ... | ${dut1_node} | ${dut1_if1} | ${dut1_if1_ip_GW} | ${tg_if1_mac}
+| | And Add Arp On Dut
+| | ... | ${dut1_node} | ${dut1_if2} | ${dut1_if2_ip_GW} | ${tg_if2_mac}
+| | And Vpp Route Add | ${dut1_node}
+| | ... | ${test_dst_ip} | ${ip_prefix} | ${dut1_if2_ip_GW} | ${dut1_if2}
+| | And Vpp All Ra Suppress Link Layer | ${nodes}
+| | And Add fib table | ${dut1_node} | ${cop_dut_ip} | ${ip_prefix} |
+| | ... | ${fib_table_number} | local
+| | When COP Add whitelist Entry | ${dut1_node} | ${dut1_if1} | ip6 |
+| | ... | ${fib_table_number}
+| | And COP interface enable or disable | ${dut1_node} | ${dut1_if1} | enable
+| | Then Send Packet And Check Headers | ${tg_node} |
+| | ... | ${test_src_ip} | ${test_dst_ip} | ${tg_if1} | ${tg_if1_mac} |
+| | ... | ${dut1_if1_mac} | ${tg_if2} | ${dut1_if2_mac} | ${tg_if2_mac}
+
+
+| VPP drops packets based on IPv6 src addr
+| | [Documentation] | COP blacklist test with basic setup.
+| | Given Setup Nodes And Variables | ${tg_node} | ${dut1_node} | ${dut2_node}
+| | And L2 setup xconnect on DUT | ${dut2_node} | ${dut2_if1} | ${dut2_if2}
+| | And VPP Set IF IPv6 Addr
+| | ... | ${dut1_node} | ${dut1_if1} | ${dut1_if1_ip} | ${ip_prefix}
+| | And VPP Set IF IPv6 Addr
+| | ... | ${dut1_node} | ${dut1_if2} | ${dut1_if2_ip} | ${ip_prefix}
+| | And VPP Set IF IPv6 Addr
+| | ... | ${dut2_node} | ${dut2_if1} | ${dut2_if1_ip} | ${ip_prefix}
+| | And VPP Set IF IPv6 Addr
+| | ... | ${dut2_node} | ${dut2_if2} | ${dut2_if2_ip} | ${ip_prefix}
+| | And Add Arp On Dut
+| | ... | ${dut1_node} | ${dut1_if1} | ${dut1_if1_ip_GW} | ${tg_if1_mac}
+| | And Add Arp On Dut
+| | ... | ${dut1_node} | ${dut1_if2} | ${dut1_if2_ip_GW} | ${tg_if2_mac}
+| | And Vpp Route Add | ${dut1_node}
+| | ... | ${test_dst_ip} | ${ip_prefix} | ${dut1_if2_ip_GW} | ${dut1_if2}
+| | And Vpp All Ra Suppress Link Layer | ${nodes}
+| | And Add fib table | ${dut1_node}
+| | ... | ${cop_dut_ip} | ${ip_prefix} | ${fib_table_number} | drop
+| | When COP Add whitelist Entry
+| | ... | ${dut1_node} | ${dut1_if1} | ip6 | ${fib_table_number}
+| | And COP interface enable or disable | ${dut1_node} | ${dut1_if1} | enable
+| | Then Send packet from Port to Port should failed | ${tg_node} |
+| | ... | ${test_src_ip} | ${test_dst_ip} | ${tg_if1} | ${tg_if1_mac} |
+| | ... | ${dut1_if1_mac} | ${tg_if2} | ${dut1_if2_mac} | ${tg_if2_mac}
Code Review / csit.git / commitdiff