--- /dev/null
+# Copyright (c) 2016 Cisco and/or its affiliates.
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at:
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+
+
+from robot.api import logger
+
+from resources.libraries.python.VatExecutor import VatExecutor, VatTerminal
+
+
+class Classify(object):
+ """Classify utilities."""
+
+ @staticmethod
+ def vpp_create_classify_table(node, ip_version, direction):
+ """Create classify table.
+
+ :param node: VPP node to create classify table.
+ :param ip_version: Version of IP protocol.
+ :param direction: Direction of traffic - src/dst.
+ :type node: dict
+ :type ip_version: str
+ :type direction: str
+ :return table_index: Classify table index.
+ :return skip_n: Number of skip vectors.
+ :return match_n: Number of match vectors.
+ :rtype table_index: int
+ :rtype skip_n: int
+ :rtype match_n: int
+ """
+ output = VatExecutor.cmd_from_template(node, "classify_add_table.vat",
+ ip_version=ip_version,
+ direction=direction)
+
+ if output[0]["retval"] == 0:
+ table_index = output[0]["new_table_index"]
+ skip_n = output[0]["skip_n_vectors"]
+ match_n = output[0]["match_n_vectors"]
+ logger.trace('Classify table with table_index {} created on node {}'
+ .format(table_index, node['host']))
+ else:
+ raise RuntimeError('Unable to create classify table on node {}'
+ .format(node['host']))
+
+ return table_index, skip_n, match_n
+
+ @staticmethod
+ def vpp_configure_classify_session(node, acl_method, table_index, skip_n,
+ match_n, ip_version, direction, address):
+ """Configuration of classify session.
+
+ :param node: VPP node to setup classify session.
+ :param acl_method: ACL method - deny/permit.
+ :param table_index: Classify table index.
+ :param skip_n: Number of skip vectors based on mask.
+ :param match_n: Number of match vectors based on mask.
+ :param ip_version: Version of IP protocol.
+ :param direction: Direction of traffic - src/dst.
+ :param address: IPv4 or IPv6 address.
+ :type node: dict
+ :type acl_method: str
+ :type table_index: int
+ :type skip_n: int
+ :type match_n: int
+ :type ip_version: str
+ :type direction: str
+ :type address: str
+ """
+ with VatTerminal(node) as vat:
+ vat.vat_terminal_exec_cmd_from_template("classify_add_session.vat",
+ acl_method=acl_method,
+ table_index=table_index,
+ skip_n=skip_n,
+ match_n=match_n,
+ ip_version=ip_version,
+ direction=direction,
+ address=address)
def add_arp_on_dut(node, interface, ip_address, mac_address):
"""Set ARP cache entree on DUT node.
- :param node: Node in the topology.
+ :param node: VPP Node in the topology.
:param interface: Interface name of the node.
:param ip_address: IP address of the interface.
:param mac_address: MAC address of the interface.
import re
from resources.libraries.python.ssh import SSH
+from resources.libraries.python.VatExecutor import VatTerminal
+from resources.libraries.python.topology import Topology
class IPv6Util(object):
raise Exception('Node {n} port {p} IPv6 address not found.'.format(
n=node['host'], p=interface))
+
+ @staticmethod
+ def add_ip_neighbor(node, interface, ip_address, mac_address):
+ """Add IP neighbor.
+
+ :param node: VPP node to add ip neighbor.
+ :param interface: Interface name or sw_if_index.
+ :param ip_address: IP address.
+ :param mac_address: MAC address.
+ :type node: dict
+ :type interface: str or int
+ :type ip_address: str
+ :type mac_address: str
+ """
+ if isinstance(interface, basestring):
+ sw_if_index = Topology.get_interface_sw_index(node, interface)
+ else:
+ sw_if_index = interface
+
+ with VatTerminal(node) as vat:
+ vat.vat_terminal_exec_cmd_from_template("add_ip_neighbor.vat",
+ sw_if_index=sw_if_index,
+ ip_address=ip_address,
+ mac_address=mac_address)
else:
raise RuntimeError('Create loopback failed on node "{}"'
.format(node['host']))
+
+ @staticmethod
+ def vpp_enable_input_acl_interface(node, interface, ip_version,
+ table_index):
+ """Enable input acl on interface.
+
+ :param node: VPP node to setup interface for input acl.
+ :param interface: Interface to setup input acl.
+ :param ip_version: Version of IP protocol.
+ :param table_index: Classify table index.
+ :type node: dict
+ :type interface: str or int
+ :type ip_version: str
+ :type table_index: int
+ """
+ if isinstance(interface, basestring):
+ sw_if_index = Topology.get_interface_sw_index(node, interface)
+ else:
+ sw_if_index = interface
+
+ with VatTerminal(node) as vat:
+ vat.vat_terminal_exec_cmd_from_template("input_acl_int.vat",
+ sw_if_index=sw_if_index,
+ ip_version=ip_version,
+ table_index=table_index)
--- /dev/null
+# Copyright (c) 2016 Cisco and/or its affiliates.
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at:
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+
+*** Settings ***
+| Documentation | Keywords for iACL tests
+| Resource | resources/libraries/robot/default.robot
+| Library | resources.libraries.python.InterfaceUtil
+| Library | resources.libraries.python.NodePath
+
+*** Keywords ***
+| Node path computed for 3-node topology
+| | [Arguments] | ${tg_node} | ${dut1_node} | ${dut2_node} | ${tg_node}
+| | [Documentation] | *Create interface variables for 3-node topology.*
+| | ...
+| | ... | *Arguments:*
+| | ... | - ${tg_node} - Node attached to the path. Type: dictionary
+| | ... | - ${dut1_node} - Node attached to the path. Type: dictionary
+| | ... | - ${dut2_node} - Node attached to the path. Type: dictionary
+| | ...
+| | ... | _Set testcase variables for nodes and interfaces._
+| | ... | - ${tg_node} - Variable for node in path. Type: dictionary
+| | ... | - ${dut1_node} - Variable for node in path. Type: dictionary
+| | ... | - ${dut2_node} - Variable for node in path. Type: dictionary
+| | ... | - ${tg_if1} - First interface of TG node. Type: str
+| | ... | - ${tg_if2} - Second interface of TG node. Type: str
+| | ... | - ${dut1_if1} - First interface of first DUT node. Type: str
+| | ... | - ${dut1_if2} - Second interface of first DUT node. Type: str
+| | ... | - ${dut2_if1} - First interface of second DUT node. Type: str
+| | ... | - ${dut2_if2} - Second interface of second DUT node. Type: str
+| | ... | - ${tg_if1_mac} - MAC address of TG interface (1st).
+| | ... | - ${tg_if2_mac} - MAC address of TG interface (2nd).
+| | ... | - ${dut1_if1_mac} - MAC address of DUT1 interface (1st).
+| | ... | - ${dut1_if2_mac} - MAC address of DUT1 interface (2nd).
+| | ...
+| | Append Nodes | ${tg_node} | ${dut1_node} | ${dut2_node} | ${tg_node}
+| | Compute Path
+| | ${tg_if1} | ${tg_node}= | Next Interface
+| | ${dut1_if1} | ${dut1_node}= | Next Interface
+| | ${dut1_if2} | ${dut1_node}= | Next Interface
+| | ${dut2_if1} | ${dut2_node}= | Next Interface
+| | ${dut2_if2} | ${dut2_node}= | Next Interface
+| | ${tg_if2} | ${tg_node}= | Next Interface
+| | ${tg_if1_mac}= | Get interface mac | ${tg_node} | ${tg_if1}
+| | ${tg_if2_mac}= | Get interface mac | ${tg_node} | ${tg_if2}
+| | ${dut1_if1_mac}= | Get interface mac | ${dut1_node} | ${dut1_if1}
+| | ${dut1_if2_mac}= | Get interface mac | ${dut1_node} | ${dut1_if2}
+| | Set Test Variable | ${tg_node}
+| | Set Test Variable | ${tg_if1}
+| | Set Test Variable | ${tg_if2}
+| | Set Test Variable | ${dut1_node}
+| | Set Test Variable | ${dut1_if1}
+| | Set Test Variable | ${dut1_if2}
+| | Set Test Variable | ${dut2_node}
+| | Set Test Variable | ${dut2_if1}
+| | Set Test Variable | ${dut2_if2}
+| | Set Test Variable | ${tg_if1_mac}
+| | Set Test Variable | ${tg_if2_mac}
+| | Set Test Variable | ${dut1_if1_mac}
+| | Set Test Variable | ${dut1_if2_mac}
+
+| Interfaces in path are up
+| | [Documentation] | *Set UP state on interfaces in path on nodes.*
+| | ...
+| | Set Interface State | ${tg_node} | ${tg_if1} | up
+| | Set Interface State | ${tg_node} | ${tg_if2} | up
+| | Set Interface State | ${dut1_node} | ${dut1_if1} | up
+| | Set Interface State | ${dut1_node} | ${dut1_if2} | up
+| | Set Interface State | ${dut2_node} | ${dut2_if1} | up
+| | Set Interface State | ${dut2_node} | ${dut2_if2} | up
+| | Vpp Node Interfaces Ready Wait | ${dut1_node}
+| | Vpp Node Interfaces Ready Wait | ${dut2_node}
+
+| IPv4 Addresses set on the node interfaces
+| | [Arguments] | ${dut_node} | ${int1} | ${ip_addr1} | ${int2} | ${ip_addr2}
+| | ... | ${prefix_length}
+| | [Documentation] | Setup IPv4 adresses on the node interfaces
+| | ...
+| | ... | *Arguments*
+| | ... | - ${dut_node} - VPP node.
+| | ... | - ${int1} - First node interface.
+| | ... | - ${ip_addr1} - First IP address.
+| | ... | - ${int2} - Second node interface.
+| | ... | - ${ip_addr2} - Second IP address.
+| | ... | - ${prefix_length} - IP prefix length.
+| | ...
+| | ... | *Example*
+| | ... | \| IPv4 Addresses set on the node interfaces \
+| | ... | \| ${dut1_node} \| ${dut1_if1} \| ${dut1_if1_ip} \
+| | ... | \| ${dut1_if2} \| ${dut1_if2_ip} \| ${prefix_length} \|
+| | ...
+| | Set Interface Address | ${dut_node} | ${int1} | ${ip_addr1}
+| | ... | ${prefix_length}
+| | Set Interface Address | ${dut_node} | ${int2} | ${ip_addr2}
+| | ... | ${prefix_length}
+
+| IPv6 Addresses set on the node interfaces
+| | [Arguments] | ${dut_node} | ${int1} | ${ip_addr1} | ${int2} | ${ip_addr2}
+| | ... | ${prefix_length}
+| | [Documentation] | Setup IPv6 adresses on the node interfaces
+| | ...
+| | ... | *Arguments*
+| | ... | - ${dut_node} - VPP node.
+| | ... | - ${int1} - First node interface.
+| | ... | - ${ip_addr1} - First IP address.
+| | ... | - ${int2} - Second node interface.
+| | ... | - ${ip_addr2} - Second IP address.
+| | ... | - ${prefix_length} - IP prefix length.
+| | ...
+| | ... | *Example*
+| | ... | \| IPv6 Addresses set on the node interfaces \
+| | ... | \| ${dut1_node} \| ${dut1_if1} \| ${dut1_if1_ip} \
+| | ... | \| ${dut1_if2} \| ${dut1_if2_ip} \| ${prefix_length} \|
+| | ...
+| | Vpp Set If Ipv6 Addr | ${dut_node} | ${int1} | ${ip_addr1} | ${prefix_length}
+| | Vpp Set If Ipv6 Addr | ${dut_node} | ${int2} | ${ip_addr2} | ${prefix_length}
| | Run Keyword And Expect Error | ICMP echo Rx timeout |
| | ... | Run Traffic Script On Node | send_icmp_check_headers.py
| | ... | ${tg_node} | ${args}
-l
\ No newline at end of file
--- /dev/null
+classify_add_del_session acl-hit-next {acl_method} table-index {table_index} skip_n {skip_n} match_n {match_n} match l3 {ip_version} {direction} {address}
\ No newline at end of file
--- /dev/null
+classify_add_del_table mask l3 {ip_version} {direction}
\ No newline at end of file
--- /dev/null
+input_acl_set_interface sw_if_index {sw_if_index} {ip_version}-table {table_index}
\ No newline at end of file
--- /dev/null
+# Copyright (c) 2016 Cisco and/or its affiliates.
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at:
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+
+*** Settings ***
+| Resource | resources/libraries/robot/default.robot
+| Resource | resources/libraries/robot/counters.robot
+| Resource | resources/libraries/robot/interfaces.robot
+| Resource | resources/libraries/robot/ipv4.robot
+| Resource | resources/libraries/robot/iacl.robot
+| Resource | resources/libraries/robot/l2_xconnect.robot
+| Resource | resources/libraries/robot/traffic.robot
+| Library | resources.libraries.python.Classify.Classify
+| Library | resources.libraries.python.Trace
+
+| Force Tags | HW_ENV | VM_ENV | 3_NODE_SINGLE_LINK_TOPO
+| Suite Setup | Run Keywords | Setup all TGs before traffic script
+| ... | AND | Update All Interface Data On All Nodes | ${nodes}
+| Test Setup | Setup all DUTs before test
+| Test Teardown | Show packet trace on all DUTs | ${nodes}
+
+*** Variables ***
+| ${dut1_if1_ip}= | 192.168.1.1
+| ${dut1_if2_ip}= | 192.168.2.1
+| ${dut1_if2_ip_GW}= | 192.168.2.2
+| ${test_dst_ip}= | 32.0.0.1
+| ${test_src_ip}= | 16.0.0.1
+| ${prefix_length}= | 24
+
+*** Test Cases ***
+| VPP drops packets based on IPv4 source addresses
+| | [Documentation] | Create classify table on VPP, add source IP address
+| | ... | of traffic into table and setup 'deny' traffic
+| | ... | and check if traffic is dropped.
+| | Given Node path computed for 3-node topology
+| | ... | ${nodes['TG']} | ${nodes['DUT1']} | ${nodes['DUT2']} | ${nodes['TG']}
+| | And Interfaces in path are up
+| | And IPv4 Addresses set on the node interfaces
+| | ... | ${dut1_node} | ${dut1_if1} | ${dut1_if1_ip} | ${dut1_if2}
+| | ... | ${dut1_if2_ip} | ${prefix_length}
+| | ${table_index} | ${skip_n} | ${match_n}= | When Vpp Create Classify Table
+| | ... | ${dut1_node} | ip4 | src
+| | And Vpp Configure Classify Session
+| | ... | ${dut1_node} | deny | ${table_index} | ${skip_n} | ${match_n}
+| | ... | ip4 | src | ${test_src_ip}
+| | And Vpp Enable Input Acl Interface
+| | ... | ${dut1_node} | ${dut1_if1} | ip4 | ${table_index}
+| | And Add Arp On Dut
+| | ... | ${dut1_node} | ${dut1_if2} | ${dut1_if2_ip_GW} | ${tg_if2_mac}
+| | And Vpp Route Add
+| | ... | ${dut1_node} | ${test_dst_ip} | ${prefix_length} | ${dut1_if2_ip_GW}
+| | ... | ${dut1_if2}
+| | And L2 setup xconnect on DUT | ${dut2_node} | ${dut2_if1} | ${dut2_if2}
+| | Then Send packet from Port to Port should failed | ${tg_node} |
+| | ... | ${test_src_ip} | ${test_dst_ip} | ${tg_if1} | ${tg_if1_mac} |
+| | ... | ${dut1_if1_mac} | ${tg_if2} | ${dut1_if2_mac} | ${tg_if2_mac}
+
+| VPP drops packets based on IPv4 destination addresses
+| | [Documentation] | Create classify table on VPP, add destination IP address
+| | ... | of traffic into table and setup 'deny' traffic
+| | ... | and check if traffic is dropped.
+| | Given Node path computed for 3-node topology
+| | ... | ${nodes['TG']} | ${nodes['DUT1']} | ${nodes['DUT2']} | ${nodes['TG']}
+| | And Interfaces in path are up
+| | And IPv4 Addresses set on the node interfaces
+| | ... | ${dut1_node} | ${dut1_if1} | ${dut1_if1_ip} | ${dut1_if2}
+| | ... | ${dut1_if2_ip} | ${prefix_length}
+| | ${table_index} | ${skip_n} | ${match_n}= | When Vpp Create Classify Table
+| | ... | ${dut1_node} | ip4 | dst
+| | And Vpp Configure Classify Session
+| | ... | ${dut1_node} | deny | ${table_index} | ${skip_n} | ${match_n}
+| | ... | ip4 | dst | ${test_dst_ip}
+| | And Vpp Enable Input Acl Interface
+| | ... | ${dut1_node} | ${dut1_if1} | ip4 | ${table_index}
+| | And Add Arp On Dut
+| | ... | ${dut1_node} | ${dut1_if2} | ${dut1_if2_ip_GW} | ${tg_if2_mac}
+| | And Vpp Route Add
+| | ... | ${dut1_node} | ${test_dst_ip} | ${prefix_length} | ${dut1_if2_ip_GW}
+| | ... | ${dut1_if2}
+| | And L2 setup xconnect on DUT | ${dut2_node} | ${dut2_if1} | ${dut2_if2}
+| | Then Send packet from Port to Port should failed | ${tg_node} |
+| | ... | ${test_src_ip} | ${test_dst_ip} | ${tg_if1} | ${tg_if1_mac} |
+| | ... | ${dut1_if1_mac} | ${tg_if2} | ${dut1_if2_mac} | ${tg_if2_mac}
+
+
+| VPP drops packets based on IPv4 src-addr and dst-addr
+| | [Documentation] | Create classify table on VPP, add source and destination
+| | ... | IP address of traffic into table and setup 'deny' traffic
+| | ... | and check if traffic is dropped.
+| | Given Node path computed for 3-node topology
+| | ... | ${nodes['TG']} | ${nodes['DUT1']} | ${nodes['DUT2']} | ${nodes['TG']}
+| | And Interfaces in path are up
+| | And IPv4 Addresses set on the node interfaces
+| | ... | ${dut1_node} | ${dut1_if1} | ${dut1_if1_ip} | ${dut1_if2}
+| | ... | ${dut1_if2_ip} | ${prefix_length}
+| | ${table_index_1} | ${skip_n_1} | ${match_n_1}=
+| | ... | When Vpp Create Classify Table | ${dut1_node} | ip4 | src
+| | ${table_index_2} | ${skip_n_2} | ${match_n_2}=
+| | ... | When Vpp Create Classify Table | ${dut1_node} | ip4 | dst
+| | And Vpp Configure Classify Session
+| | ... | ${dut1_node} | deny | ${table_index_1} | ${skip_n_1} | ${match_n_2}
+| | ... | ip4 | src | ${test_src_ip}
+| | And Vpp Configure Classify Session
+| | ... | ${dut1_node} | deny | ${table_index_2} | ${skip_n_2} | ${match_n_2}
+| | ... | ip4 | dst | ${test_dst_ip}
+| | And Vpp Enable Input Acl Interface
+| | ... | ${dut1_node} | ${dut1_if1} | ip4 | ${table_index_1}
+| | And Vpp Enable Input Acl Interface
+| | ... | ${dut1_node} | ${dut1_if1} | ip4 | ${table_index_2}
+| | And Add Arp On Dut
+| | ... | ${dut1_node} | ${dut1_if2} | ${dut1_if2_ip_GW} | ${tg_if2_mac}
+| | And Vpp Route Add
+| | ... | ${dut1_node} | ${test_dst_ip} | ${prefix_length} | ${dut1_if2_ip_GW}
+| | ... | ${dut1_if2}
+| | And L2 setup xconnect on DUT | ${dut2_node} | ${dut2_if1} | ${dut2_if2}
+| | Then Send packet from Port to Port should failed | ${tg_node} |
+| | ... | ${test_src_ip} | ${test_dst_ip} | ${tg_if1} | ${tg_if1_mac} |
+| | ... | ${dut1_if1_mac} | ${tg_if2} | ${dut1_if2_mac} | ${tg_if2_mac}
--- /dev/null
+# Copyright (c) 2016 Cisco and/or its affiliates.
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at:
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+
+*** Settings ***
+| Resource | resources/libraries/robot/default.robot
+| Resource | resources/libraries/robot/counters.robot
+| Resource | resources/libraries/robot/interfaces.robot
+| Resource | resources/libraries/robot/iacl.robot
+| Resource | resources/libraries/robot/ipv6.robot
+| Resource | resources/libraries/robot/l2_xconnect.robot
+| Resource | resources/libraries/robot/traffic.robot
+| Library | resources.libraries.python.Classify.Classify
+| Library | resources.libraries.python.Trace
+
+| Force Tags | HW_ENV | VM_ENV | 3_NODE_SINGLE_LINK_TOPO
+| Suite Setup | Run Keywords | Setup all TGs before traffic script
+| ... | AND | Update All Interface Data On All Nodes | ${nodes}
+| Test Setup | Setup all DUTs before test
+| Test Teardown | Show packet trace on all DUTs | ${nodes}
+
+*** Variables ***
+| ${dut1_if1_ip}= | 3ffe:62::1
+| ${dut1_if2_ip}= | 3ffe:63::1
+| ${dut1_if2_ip_GW}= | 3ffe:63::2
+| ${dut2_if1_ip}= | 3ffe:72::1
+| ${dut2_if2_ip}= | 3ffe:73::1
+| ${test_dst_ip}= | 3ffe:64::1
+| ${test_src_ip}= | 3ffe:61::1
+| ${prefix_length}= | 64
+
+*** Test Cases ***
+| VPP drops packets based on IPv6 source addresses
+| | [Documentation] | Create classify table on VPP, add source IP address
+| | ... | of traffic into table and setup 'deny' traffic
+| | ... | and check if traffic is dropped.
+| | Given Node path computed for 3-node topology
+| | ... | ${nodes['TG']} | ${nodes['DUT1']} | ${nodes['DUT2']} | ${nodes['TG']}
+| | And Interfaces in path are up
+| | And IPv6 Addresses set on the node interfaces
+| | ... | ${dut1_node} | ${dut1_if1} | ${dut1_if1_ip} | ${dut1_if2}
+| | ... | ${dut1_if2_ip} | ${prefix_length}
+| | ${table_index} | ${skip_n} | ${match_n}= | When Vpp Create Classify Table
+| | ... | ${dut1_node} | ip6 | src
+| | And Vpp Configure Classify Session
+| | ... | ${dut1_node} | deny | ${table_index} | ${skip_n} | ${match_n}
+| | ... | ip6 | src | ${test_src_ip}
+| | And Vpp Enable Input Acl Interface
+| | ... | ${dut1_node} | ${dut1_if1} | ip6 | ${table_index}
+| | And Add Ip Neighbor
+| | ... | ${dut1_node} | ${dut1_if2} | ${dut1_if2_ip_GW} | ${tg_if2_mac}
+| | And Vpp Route Add
+| | ... | ${dut1_node} | ${test_dst_ip} | ${prefix_length} | ${dut1_if2_ip_GW}
+| | ... | ${dut1_if2}
+| | And L2 setup xconnect on DUT | ${dut2_node} | ${dut2_if1} | ${dut2_if2}
+| | Then Send packet from Port to Port should failed | ${tg_node} |
+| | ... | ${test_src_ip} | ${test_dst_ip} | ${tg_if1} | ${tg_if1_mac} |
+| | ... | ${dut1_if1_mac} | ${tg_if2} | ${dut1_if2_mac} | ${tg_if2_mac}
+
+
+| VPP drops packets based on IPv6 destination addresses
+| | [Documentation] | Create classify table on VPP, add destination IP address
+| | ... | of traffic into table and setup 'deny' traffic
+| | ... | and check if traffic is dropped.
+| | Given Node path computed for 3-node topology
+| | ... | ${nodes['TG']} | ${nodes['DUT1']} | ${nodes['DUT2']} | ${nodes['TG']}
+| | And Interfaces in path are up
+| | And IPv6 Addresses set on the node interfaces
+| | ... | ${dut1_node} | ${dut1_if1} | ${dut1_if1_ip} | ${dut1_if2}
+| | ... | ${dut1_if2_ip} | ${prefix_length}
+| | ${table_index} | ${skip_n} | ${match_n}= | When Vpp Create Classify Table
+| | ... | ${dut1_node} | ip6 | dst
+| | And Vpp Configure Classify Session
+| | ... | ${dut1_node} | deny | ${table_index} | ${skip_n} | ${match_n}
+| | ... | ip6 | dst | ${test_dst_ip}
+| | And Vpp Enable Input Acl Interface
+| | ... | ${dut1_node} | ${dut1_if1} | ip6 | ${table_index}
+| | And Add Ip Neighbor
+| | ... | ${dut1_node} | ${dut1_if2} | ${dut1_if2_ip_GW} | ${tg_if2_mac}
+| | And Vpp Route Add
+| | ... | ${dut1_node} | ${test_dst_ip} | ${prefix_length} | ${dut1_if2_ip_GW}
+| | ... | ${dut1_if2}
+| | And L2 setup xconnect on DUT | ${dut2_node} | ${dut2_if1} | ${dut2_if2}
+| | Then Send packet from Port to Port should failed | ${tg_node} |
+| | ... | ${test_src_ip} | ${test_dst_ip} | ${tg_if1} | ${tg_if1_mac} |
+| | ... | ${dut1_if1_mac} | ${tg_if2} | ${dut1_if2_mac} | ${tg_if2_mac}
+
+
+| VPP drops packets based on IPv6 src-addr and dst-addr
+| | [Documentation] | Create classify table on VPP, add source and destination
+| | ... | IP address of traffic into table and setup 'deny' traffic
+| | ... | and check if traffic is dropped.
+| | Given Node path computed for 3-node topology
+| | ... | ${nodes['TG']} | ${nodes['DUT1']} | ${nodes['DUT2']} | ${nodes['TG']}
+| | And Interfaces in path are up
+| | And IPv6 Addresses set on the node interfaces
+| | ... | ${dut1_node} | ${dut1_if1} | ${dut1_if1_ip} | ${dut1_if2}
+| | ... | ${dut1_if2_ip} | ${prefix_length}
+| | ${table_index_1} | ${skip_n_1} | ${match_n_1}=
+| | ... | When Vpp Create Classify Table | ${dut1_node} | ip6 | src
+| | ${table_index_2} | ${skip_n_2} | ${match_n_2}=
+| | ... | When Vpp Create Classify Table | ${dut1_node} | ip6 | dst
+| | And Vpp Configure Classify Session
+| | ... | ${dut1_node} | deny | ${table_index_1} | ${skip_n_1} | ${match_n_2}
+| | ... | ip6 | src | ${test_src_ip}
+| | And Vpp Configure Classify Session
+| | ... | ${dut1_node} | deny | ${table_index_2} | ${skip_n_2} | ${match_n_2}
+| | ... | ip6 | dst | ${test_dst_ip}
+| | And Vpp Enable Input Acl Interface
+| | ... | ${dut1_node} | ${dut1_if1} | ip6 | ${table_index_1}
+| | And Vpp Enable Input Acl Interface
+| | ... | ${dut1_node} | ${dut1_if1} | ip6 | ${table_index_2}
+| | And Add Ip Neighbor
+| | ... | ${dut1_node} | ${dut1_if2} | ${dut1_if2_ip_GW} | ${tg_if2_mac}
+| | And Vpp Route Add
+| | ... | ${dut1_node} | ${test_dst_ip} | ${prefix_length} | ${dut1_if2_ip_GW}
+| | ... | ${dut1_if2}
+| | And L2 setup xconnect on DUT | ${dut2_node} | ${dut2_if1} | ${dut2_if2}
+| | Then Send packet from Port to Port should failed | ${tg_node} |
+| | ... | ${test_src_ip} | ${test_dst_ip} | ${tg_if1} | ${tg_if1_mac} |
+| | ... | ${dut1_if1_mac} | ${tg_if2} | ${dut1_if2_mac} | ${tg_if2_mac}
Code Review / csit.git / commitdiff