CSIT-235: Switched Port Analyzer mirroring (SPAN) - IPv4 11/3111/7
authorselias <samelias@cisco.com>
Wed, 21 Sep 2016 08:52:31 +0000 (10:52 +0200)
committerPeter Mikus <pmikus@cisco.com>
Mon, 3 Oct 2016 13:13:24 +0000 (13:13 +0000)
 - add library for SPAN setup
 - add telemetry traffic script and a keyword to run it
 - add "telemetry" folders for python and robot libraries
 - move IPFIX libraries to these new folders
 - add first SPAN test case, mirroring IPv4 ICMP packets

Change-Id: Ibca35f724c13662bf80dce2d7e2649d1a0b8676a
Signed-off-by: selias <samelias@cisco.com>
14 files changed:
bootstrap.sh
resources/libraries/python/telemetry/IPFIXSetup.py [moved from resources/libraries/python/IPFIXSetup.py with 100% similarity]
resources/libraries/python/telemetry/IPFIXUtil.py [moved from resources/libraries/python/IPFIXUtil.py with 100% similarity]
resources/libraries/python/telemetry/SPAN.py [new file with mode: 0644]
resources/libraries/python/telemetry/__init__.py [new file with mode: 0644]
resources/libraries/robot/telemetry/ipfix.robot [moved from resources/libraries/robot/ipfix.robot with 99% similarity]
resources/libraries/robot/telemetry/span.robot [new file with mode: 0644]
resources/templates/vat/span_create.vat [new file with mode: 0644]
resources/traffic_scripts/ipfix_check.py
resources/traffic_scripts/ipfix_sessions.py
resources/traffic_scripts/span_check.py [new file with mode: 0755]
tests/func/telemetry/ipfix_ipv4.robot [moved from tests/func/ipfix/ipfix_ipv4.robot with 99% similarity]
tests/func/telemetry/ipfix_ipv6.robot [moved from tests/func/ipfix/ipfix_ipv6.robot with 99% similarity]
tests/func/telemetry/span.robot [new file with mode: 0644]

index 2bd3a0f..12427d2 100755 (executable)
@@ -30,7 +30,7 @@ VIRL_SERVER_EXPECTED_STATUS="PRODUCTION"
 
 SSH_OPTIONS="-i ${VIRL_PKEY} -o StrictHostKeyChecking=no -o UserKnownHostsFile=/dev/null -o BatchMode=yes -o LogLevel=error"
 
-TEST_GROUPS=("bridge_domain,dhcp,gre,honeycomb,l2_xconnect,lisp,softwire" "cop,ipfix,ipsec,ipv6,rpf,tap,vrf" "fds,iacl,ipv4,policer,vlan,vxlan")
+TEST_GROUPS=("bridge_domain,dhcp,gre,honeycomb,l2_xconnect,lisp,softwire" "cop,telemetry,ipsec,ipv6,rpf,tap,vrf" "fds,iacl,ipv4,policer,vlan,vxlan")
 SUITE_PATH="tests.func"
 
 SCRIPT_DIR="$( cd "$( dirname "${BASH_SOURCE[0]}" )" && pwd )"
diff --git a/resources/libraries/python/telemetry/SPAN.py b/resources/libraries/python/telemetry/SPAN.py
new file mode 100644 (file)
index 0000000..7933898
--- /dev/null
@@ -0,0 +1,48 @@
+# Copyright (c) 2016 Cisco and/or its affiliates.
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at:
+#
+#     http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+
+"""SPAN setup library"""
+
+from resources.libraries.python.topology import Topology
+from resources.libraries.python.VatExecutor import VatTerminal
+
+
+# pylint: disable=too-few-public-methods
+class SPAN(object):
+    """Class contains methods for setting up SPAN mirroring on DUTs."""
+
+    def __init__(self):
+        """Initializer."""
+        pass
+
+    @staticmethod
+    def set_span_mirroring(node, src_if, dst_if):
+        """Set Span mirroring on the specified node.
+
+        :param node: DUT node.
+        :param src_if: Interface to mirror traffic from.
+        :param dst_if: Interface to mirror traffic to.
+        :type node: dict
+        :type src_if: str
+        :type dst_if: str
+        """
+
+        src_if = Topology.get_interface_name(node, src_if)
+        dst_if = Topology.get_interface_name(node, dst_if)
+
+        with VatTerminal(node, json_param=False) as vat:
+            vat.vat_terminal_exec_cmd_from_template('span_create.vat',
+                                                    src_if=src_if,
+                                                    dst_if=dst_if,
+                                                    )
+    # TODO: Update "span_create.vat" to use VAT command, once available
diff --git a/resources/libraries/python/telemetry/__init__.py b/resources/libraries/python/telemetry/__init__.py
new file mode 100644 (file)
index 0000000..5a0e0e1
--- /dev/null
@@ -0,0 +1,12 @@
+# Copyright (c) 2016 Cisco and/or its affiliates.
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at:
+#
+#     http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
similarity index 99%
rename from resources/libraries/robot/ipfix.robot
rename to resources/libraries/robot/telemetry/ipfix.robot
index d8840a5..5248964 100644 (file)
@@ -11,7 +11,7 @@
 # See the License for the specific language governing permissions and
 # limitations under the License.
 
-"""Traffic keywords"""
+"""IPFIX keywords"""
 
 *** Settings ***
 | Library | resources.libraries.python.TrafficScriptExecutor
diff --git a/resources/libraries/robot/telemetry/span.robot b/resources/libraries/robot/telemetry/span.robot
new file mode 100644 (file)
index 0000000..d994e95
--- /dev/null
@@ -0,0 +1,56 @@
+# Copyright (c) 2016 Cisco and/or its affiliates.
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at:
+#
+#     http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+
+*** Settings ***
+| Library | resources.libraries.python.TrafficScriptExecutor
+| Library | resources.libraries.python.topology.Topology
+| Documentation | SPAN traffic keywords
+
+*** Keywords ***
+| Send Packet And Check Received Copies
+| | [Documentation] | Sends an ARP or ICMP packet from TG to DUT using one\
+| | ... | link, then receive a copy of both the sent packet and the DUT's reply\
+| | ... | on the second link.
+| | ...
+| | ... | *Arguments:*
+| | ...
+| | ... | - tg_node - Node to execute scripts on (TG). Type: dictionary
+| | ... | - tx_src_port - First interface on TG. Type: string
+| | ... | - tx_src_mac - MAC address of the first interface on TG. Type: string
+| | ... | - tx_dst_mac - MAC address of the first interface on DUT. Type: string
+| | ... | - rx_port - Second interface on TG. Type: string
+| | ... | - src_ip - Packet source IP address. Type: string
+| | ... | - dst_ip - Packet destination IP address. Type: string
+| | ... | - ptype - Type of payload, ARP or ICMP. Type: string
+| | ...
+| | ... | *Return:*
+| | ... | - No value returned
+| | ...
+| | ... | *Example:*
+| | ...
+| | ... | \| Send Packet And Check Received Copies \| ${nodes['TG']} \| eth1 \
+| | ... | \| 8:00:27:ee:fd:b3 \| 08:00:27:a2:52:5b \
+| | ... | \| eth3 \| 192.168.0.2 \| 192.168.0.3 \| ARP \|
+| | ...
+| | [Arguments] | ${tg_node} | ${tx_src_port}
+| | ... | ${tx_src_mac} | ${tx_dst_mac} | ${rx_port}
+| | ... | ${src_ip} | ${dst_ip} | ${ptype}
+| | ${tx_port_name}= | Get interface name | ${tg_node} | ${tx_src_port}
+| | ${rx_port_name}= | Get interface name | ${tg_node} | ${rx_port}
+| | ${args}= | Catenate
+| | ... | --tg_src_mac ${tx_src_mac} --dut_if1_mac ${tx_dst_mac}
+| | ... | --src_ip ${src_ip} --dst_ip ${dst_ip}
+| | ... | --tx_if ${tx_port_name} --rx_if | ${rx_port_name}
+| | ... | --ptype ${ptype}
+| | Run Traffic Script On Node | span_check.py | ${tg_node} |
+| | ... | ${args}
\ No newline at end of file
diff --git a/resources/templates/vat/span_create.vat b/resources/templates/vat/span_create.vat
new file mode 100644 (file)
index 0000000..62c4232
--- /dev/null
@@ -0,0 +1 @@
+exec set span src {src_if} dst {dst_if}
index 14b5a07..aa04b24 100755 (executable)
@@ -22,7 +22,8 @@ from scapy.layers.inet import IP, TCP, UDP
 from scapy.layers.inet6 import IPv6
 from scapy.layers.l2 import Ether
 
-from resources.libraries.python.IPFIXUtil import IPFIXHandler, IPFIXData
+from resources.libraries.python.telemetry.IPFIXUtil import IPFIXHandler, \
+    IPFIXData
 from resources.libraries.python.PacketVerifier import RxQueue, TxQueue, auto_pad
 from resources.libraries.python.TrafficScriptArg import TrafficScriptArg
 
@@ -81,7 +82,6 @@ def main():
     rxq = RxQueue(tx_if)
 
     # generate simple packet based on arguments
-    ip_version = None
     if valid_ipv4(src_ip) and valid_ipv4(dst_ip):
         ip_version = IP
     elif valid_ipv6(src_ip) and valid_ipv6(dst_ip):
index 2994916..e7597a8 100755 (executable)
@@ -22,7 +22,8 @@ from scapy.layers.inet import IP, TCP, UDP
 from scapy.layers.inet6 import IPv6
 from scapy.layers.l2 import Ether
 
-from resources.libraries.python.IPFIXUtil import IPFIXHandler, IPFIXData
+from resources.libraries.python.telemetry.IPFIXUtil import IPFIXHandler, \
+    IPFIXData
 from resources.libraries.python.PacketVerifier import RxQueue, TxQueue, auto_pad
 from resources.libraries.python.TrafficScriptArg import TrafficScriptArg
 
@@ -133,8 +134,6 @@ def main():
     tx_if = args.get_arg('tx_if')
 
     protocol = args.get_arg('protocol')
-    source_port = int(args.get_arg('port'))
-    destination_port = int(args.get_arg('port'))
     count = int(args.get_arg('count'))
     sessions = int(args.get_arg('sessions'))
 
diff --git a/resources/traffic_scripts/span_check.py b/resources/traffic_scripts/span_check.py
new file mode 100755 (executable)
index 0000000..66400d9
--- /dev/null
@@ -0,0 +1,138 @@
+#!/usr/bin/env python
+# Copyright (c) 2016 Cisco and/or its affiliates.
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at:
+#
+#     http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+
+"""Traffic script that sends an IP ICMPv4/ICMPv6 packet from one interface
+to the other. Source and destination IP addresses and source and destination
+MAC addresses are checked in received packet.
+"""
+
+import sys
+import ipaddress
+
+from scapy.layers.inet import IP, ICMP, ARP
+from scapy.layers.inet6 import IPv6, ICMPv6EchoRequest, ICMPv6EchoReply
+from scapy.layers.l2 import Ether
+
+from resources.libraries.python.PacketVerifier import RxQueue, TxQueue, auto_pad
+from resources.libraries.python.TrafficScriptArg import TrafficScriptArg
+
+
+def valid_ipv4(address):
+    """Check if IP address has the correct IPv4 address format.
+
+    :param address: IP address.
+    :type address: str
+    :return: True in case of correct IPv4 address format,
+    otherwise return false.
+    :rtype: bool
+    """
+    try:
+        ipaddress.IPv4Address(unicode(address))
+        return True
+    except (AttributeError, ipaddress.AddressValueError):
+        return False
+
+
+def valid_ipv6(address):
+    """Check if IP address has the correct IPv6 address format.
+
+    :param address: IP address.
+    :type address: str
+    :return: True in case of correct IPv6 address format,
+    otherwise return false.
+    :rtype: bool
+    """
+    try:
+        ipaddress.IPv6Address(unicode(address))
+        return True
+    except (AttributeError, ipaddress.AddressValueError):
+        return False
+
+
+def main():
+    """Send a simple L2 or ICMP packet from one TG interface to DUT, then
+    receive a copy of the packet on the second TG interface, and a copy of
+    the ICMP reply."""
+    args = TrafficScriptArg(
+        ['tg_src_mac', 'src_ip', 'dst_ip', 'dut_if1_mac', 'ptype'])
+
+    src_mac = args.get_arg('tg_src_mac')
+    dst_mac = args.get_arg('dut_if1_mac')
+    src_ip = args.get_arg('src_ip')
+    dst_ip = args.get_arg('dst_ip')
+    tx_if = args.get_arg('tx_if')
+    rx_if = args.get_arg('rx_if')
+    ptype = args.get_arg('ptype')
+
+    rxq = RxQueue(rx_if)
+    txq = TxQueue(tx_if)
+
+    if ptype == "ARP":
+        pkt_raw = (Ether(src=src_mac, dst=dst_mac) /
+                   ARP(hwsrc=src_mac, hwdst="00:00:00:00:00:00",
+                       psrc=src_ip, pdst=dst_ip, op="who-has"))
+    elif ptype == "ICMP":
+        if valid_ipv4(src_ip) and valid_ipv4(dst_ip):
+            pkt_raw = (Ether(src=src_mac, dst=dst_mac) /
+                       IP(src=src_ip, dst=dst_ip) /
+                       ICMP(type="echo-request"))
+        elif valid_ipv6(src_ip) and valid_ipv6(dst_ip):
+            pkt_raw = (Ether(src=src_mac, dst=dst_mac) /
+                       IPv6(src=src_ip, dst=dst_ip) /
+                       ICMPv6EchoRequest())
+        else:
+            raise ValueError("IP not in correct format")
+    else:
+        raise RuntimeError("Unexpected payload type.")
+
+    txq.send(pkt_raw)
+    ether = rxq.recv(2)
+
+    # Receive copy of sent packet.
+    if ether is None:
+        raise RuntimeError("Rx timeout")
+    pkt = auto_pad(pkt_raw)
+    if str(ether) != str(pkt):
+        raise RuntimeError("Mirrored packet does not match packet sent.")
+
+    # Receive copy of reply to sent packet.
+    ether = rxq.recv(2)
+    if ether is None:
+        raise RuntimeError("Rx timeout")
+    if ether.src != dst_mac or ether.dst != src_mac:
+        raise RuntimeError("MAC mismatch in mirrored response.")
+    if ptype == "ARP":
+        if ether['ARP'].op != 2:
+            raise RuntimeError("Mirrored packet is not an ARP reply.")
+        if ether['ARP'].hwsrc != dst_mac or ether['ARP'].hwdst != src_mac:
+            raise RuntimeError("ARP MAC does not match l2 MAC "
+                               "in mirrored response.")
+        if ether['ARP'].psrc != dst_ip or ether['ARP'].pdst != src_ip:
+            raise RuntimeError("ARP IP address mismatch in mirrored response.")
+    elif ptype == "ICMP" and ether.haslayer(IP):
+        if ether['IP'].src != dst_ip or ether['IP'].dst != src_ip:
+            raise RuntimeError("IP address mismatch in mirrored reply.")
+        if ether['ICMP'].type != 0:
+            raise RuntimeError("Mirrored packet is not an ICMP reply.")
+    elif ptype == "ICMP" and ether.haslayer(IPv6):
+        if ether['IPv6'].src != dst_ip or ether['IPv6'].dst != src_ip:
+            raise RuntimeError("IP address mismatch in mirrored reply.")
+        if not ether.haslayer(ICMPv6EchoReply):
+            raise RuntimeError("Mirrored packet is not an ICMP reply.")
+
+    sys.exit(0)
+
+
+if __name__ == "__main__":
+    main()
similarity index 99%
rename from tests/func/ipfix/ipfix_ipv4.robot
rename to tests/func/telemetry/ipfix_ipv4.robot
index 200bd34..ccd5d70 100644 (file)
@@ -16,9 +16,9 @@
 | Resource | resources/libraries/robot/interfaces.robot
 | Resource | resources/libraries/robot/testing_path.robot
 | Resource | resources/libraries/robot/ipv4.robot
-| Resource | resources/libraries/robot/ipfix.robot
+| Resource | resources/libraries/robot/telemetry/ipfix.robot
 | Library | resources.libraries.python.Classify.Classify
-| Library | resources.libraries.python.IPFIXSetup
+| Library | resources.libraries.python.telemetry.IPFIXSetup
 | Library | resources.libraries.python.Trace
 
 | Force Tags | HW_ENV | VM_ENV | 3_NODE_SINGLE_LINK_TOPO | EXPECTED_FAILING
similarity index 99%
rename from tests/func/ipfix/ipfix_ipv6.robot
rename to tests/func/telemetry/ipfix_ipv6.robot
index 7f86a16..4f1dd5f 100644 (file)
@@ -16,9 +16,9 @@
 | Resource | resources/libraries/robot/interfaces.robot
 | Resource | resources/libraries/robot/testing_path.robot
 | Resource | resources/libraries/robot/ipv4.robot
-| Resource | resources/libraries/robot/ipfix.robot
+| Resource | resources/libraries/robot/telemetry/ipfix.robot
 | Library | resources.libraries.python.Classify.Classify
-| Library | resources.libraries.python.IPFIXSetup
+| Library | resources.libraries.python.telemetry.IPFIXSetup
 | Library | resources.libraries.python.IPv6Setup
 | Library | resources.libraries.python.Trace
 
diff --git a/tests/func/telemetry/span.robot b/tests/func/telemetry/span.robot
new file mode 100644 (file)
index 0000000..e482b28
--- /dev/null
@@ -0,0 +1,67 @@
+# Copyright (c) 2016 Cisco and/or its affiliates.
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at:
+#
+#     http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+
+*** Settings ***
+| Resource | resources/libraries/robot/default.robot
+| Resource | resources/libraries/robot/testing_path.robot
+| Resource | resources/libraries/robot/telemetry/span.robot
+| Library  | resources.libraries.python.Trace
+| Library  | resources.libraries.python.IPv4Util
+| Library  | resources.libraries.python.IPv4Setup
+| Library  | resources.libraries.python.telemetry.SPAN
+| Force Tags | HW_ENV | VM_ENV | 3_NODE_DOUBLE_LINK_TOPO | EXPECTED_FAILING
+# TODO: Remove EXPECTED_FAILING tag once functionality is implemented (VPP-185)
+| Test Setup | Run Keywords | Setup all DUTs before test
+| ...        | AND          | Setup all TGs before traffic script
+| Test Teardown | Run Keyword If Test Failed | Run Keywords
+| ... | Show packet trace on all DUTs | ${nodes} | AND
+| ... | Show vpp trace dump on all DUTs
+| Documentation | *SPAN test suite*
+| ... | *[Top] Network Topologies:* TG=DUT1 2-node topology with two
+| ... | links between nodes.
+| ... | *[Cfg] DUT configuration:* DUT1 is configured with SPAN mirroring from
+| ... | the first DUT1-TG interface to the second one.
+| ... | *[Ver] TG verification:* Test ARP or ICMP packets are sent by TG
+| ... | on first link to DUT1; On receipt through second link TG verifies
+| ... | the copy of packet sent and the copy of DUT's reply packet.
+| ... | *[Ref] Applicable standard specifications: None?*
+
+*** Variables ***
+| ${tg_to_dut_if1_ip4}= | 192.168.1.1
+| ${dut_to_tg_if1_ip4}= | 192.168.1.2
+| ${tg_to_dut_if1_ip6}= | 11::1
+| ${dut_to_tg_if1_ip6}= | 10::1
+| ${prefix}= | 24
+
+*** Test Cases ***
+| TC01: DUT mirrors IPv4 packets from one interface to another
+| | [Documentation]
+| | ... | [Top] TG=DUT1
+| | ... | [Cfg] On DUT1 configure IPv4 address, add ARP entry for one TG \
+| | ... | interface and set SPAN mirroring from one DUT interface to the other.
+| | ... | [Ver] Make TG send an ICMP packet to DUT through one interface,\
+| | ... | then receive a copy of sent packet and of DUT's ICMP reply\
+| | ... | on the other interface.
+| | Given Path For 2-node Testing Is Set | ${nodes['TG']} | ${nodes['DUT1']}
+| | ... | ${nodes['TG']}
+| | And Interfaces In 2-node Path Are Up
+| | And Set interface Address | ${dut_node} | ${dut_to_tg_if1}
+| | ... | ${dut_to_tg_if1_ip4} | ${prefix}
+| | And Add ARP on DUT | ${dut_node} | ${dut_to_tg_if1} | ${tg_to_dut_if1_ip4}
+| | ... | ${tg_to_dut_if1_mac}
+| | And Set SPAN Mirroring | ${dut_node} | ${dut_to_tg_if1} | ${dut_to_tg_if2}
+| | Then Send Packet And Check Received Copies | ${tg_node}
+| | ... | ${tg_to_dut_if1} | ${tg_to_dut_if1_mac}
+| | ... | ${dut_to_tg__if1_mac} | ${tg_to_dut_if2}
+| | ... | ${tg_to_dut_if1_ip4} | ${dut_to_tg_if1_ip4} | ICMP
+

©2016 FD.io a Linux Foundation Collaborative Project. All Rights Reserved.
Linux Foundation is a registered trademark of The Linux Foundation. Linux is a registered trademark of Linus Torvalds.
Please see our privacy policy and terms of use.