From: Jan Gelety Date: Mon, 14 Aug 2017 07:04:09 +0000 (+0200) Subject: CSIT-777: L2 keywords for MACIP ACL tests X-Git-Url: https://gerrit.fd.io/r/gitweb?p=csit.git;a=commitdiff_plain;h=a75ddafd4f342b6c7964f0c5b152d0674144e33a CSIT-777: L2 keywords for MACIP ACL tests Change-Id: I678d87770405105555ccc30ce0003f704d7ca82e Signed-off-by: Jan Gelety --- diff --git a/resources/libraries/python/Classify.py b/resources/libraries/python/Classify.py index b89a20dd2d..a66994906b 100644 --- a/resources/libraries/python/Classify.py +++ b/resources/libraries/python/Classify.py @@ -410,8 +410,10 @@ class Classify(object): :type acl_idx: list :raises RuntimeError: If unable to set ACL list for the interface. """ - sw_if_index = Topology.get_interface_sw_index(node, interface) \ - if isinstance(interface, basestring) else interface + if isinstance(interface, basestring): + sw_if_index = Topology.get_interface_sw_index(node, interface) + else: + sw_if_index = interface acl_list = acl_type + ' ' + ' '.join(str(idx) for idx in acl_idx) \ if acl_idx else acl_type diff --git a/resources/libraries/robot/performance/performance_configuration.robot b/resources/libraries/robot/performance/performance_configuration.robot index e40d3f6bcd..5935b020d0 100644 --- a/resources/libraries/robot/performance/performance_configuration.robot +++ b/resources/libraries/robot/performance/performance_configuration.robot @@ -752,19 +752,29 @@ | | ... | Configure ACL with required number of not-hitting permit ACEs plus two | | ... | hitting ACEs for both traffic directions. | | ... +| | ... | *Arguments:* +| | ... | - dut_node - DUT node. Type: dictionary +| | ... | - dut_if1 - DUT node interface1 name (Optional). Type: string +| | ... | - dut_if2 - DUT node interface2 name (Optional). Type: string +| | ... +| | ... | *Example:* +| | ... +| | ... | \| Configure IPv4 ACLs \| ${nodes['DUT1']} \| GigabitEthernet0/7/0 \ +| | ... | \| GigabitEthernet0/8/0 \| +| | ... | | ... | _NOTE:_ This KW uses following test case variables: -| | ... | - ${src_ip_start} - Source IP address start. Type: string. -| | ... | - ${dst_ip_start} - Destination IP address start. Type: string. -| | ... | - ${ip_step} - IP address step. Type: string. -| | ... | - ${sport_start} - Source port number start. Type: string. -| | ... | - ${dport_start} - Destination port number start. Type: string. -| | ... | - ${port_step} - Port number step. Type: string. +| | ... | - ${src_ip_start} - Source IP address start. Type: string +| | ... | - ${dst_ip_start} - Destination IP address start. Type: string +| | ... | - ${ip_step} - IP address step. Type: string +| | ... | - ${sport_start} - Source port number start. Type: string +| | ... | - ${dport_start} - Destination port number start. Type: string +| | ... | - ${port_step} - Port number step. Type: string | | ... | - ${no_hit_aces_number} - Number of not-hitting ACEs to be configured. | | ... | Type: integer -| | ... | - ${acl_apply_type} - To what path aplly the ACL - input or output. +| | ... | - ${acl_apply_type} - To what path apply the ACL - input or output. | | ... | Type: string | | ... | - ${acl_action} - Action for the rule - deny, permit, permit+reflect. -| | ... | Type: stringe +| | ... | Type: string | | ... | - ${trex_stream1_subnet} - IP subnet used by T-Rex in direction 0->1. | | ... | Type: string | | ... | - ${trex_stream2_subnet} - IP subnet used by T-Rex in direction 1->0. @@ -839,6 +849,14 @@ | | ... | enabled. Interfaces are brought up. Apply required ACL rules to DUT1 | | ... | interfaces. | | ... +| | ... | *Arguments:* +| | ... | _None_ +| | ... +| | ... | *Example:* +| | ... +| | ... | \| Initialize L2 bridge domain with IPv4 ACLs on DUT1 in 3-node \ +| | ... | circular topology \| +| | ... | | ... | _NOTE:_ This KW uses following test case variables: | | ... | - ${dut1} - DUT1 node. | | ... | - ${dut2} - DUT2 node. @@ -861,6 +879,14 @@ | | ... | prefix /24 and next hops of neighbour DUT interface IPv4 address. | | ... | Apply required ACL rules to DUT1 interfaces. | | ... +| | ... | *Arguments:* +| | ... | - ip_nr - Number of IPs to be used. Type: integer or string +| | ... +| | ... | *Example:* +| | ... +| | ... | \| Initialize IPv4 routing for '10' addresses with IPv4 ACLs on DUT1 \ +| | ... | in 3-node circular topology \| +| | ... | | ... | _NOTE:_ This KW uses following test case variables: | | ... | - ${dut1} - DUT1 node. | | ... | - ${dut2} - DUT2 node. @@ -894,6 +920,134 @@ | | All Vpp Interfaces Ready Wait | ${nodes} | | Configure IPv4 ACLs | ${dut1} | ${dut1_if1} | ${dut1_if2} +| Configure MACIP ACLs +| | [Documentation] +| | ... | Configure MACIP ACL with required number of not-hitting permit ACEs +| | ... | plus two hitting ACEs for both traffic directions. +| | ... +| | ... | *Arguments:* +| | ... | - dut_node - DUT node. Type: dictionary +| | ... | - dut_if1 - DUT node interface1 name (Optional). Type: string +| | ... | - dut_if2 - DUT node interface2 name (Optional). Type: string +| | ... +| | ... | *Example:* +| | ... +| | ... | \| Configure MACIP ACLs \| ${nodes['DUT1']} \| GigabitEthernet0/7/0 \ +| | ... | \| GigabitEthernet0/8/0 \| +| | ... +| | ... | _NOTE:_ This KW uses following test case variables: +| | ... | - ${tg_if1_mac} - MAC address of TG interface towards DUT1. +| | ... | Type: string +| | ... | - ${tg_if2_mac} - MAC address of TG interface towards DUT2. +| | ... | Type: string +| | ... | - ${src_ip_start} - Source IP address start. Type: string +| | ... | - ${ip_step} - IP address step. Type: string +| | ... | - ${src_mac_start} - Source MAC address start in format with colons. +| | ... | Type: string +| | ... | - ${src_mac_step} - Source MAC address step. Type: string +| | ... | - ${src_mac_mask} - Source MAC address mask. 00:00:00:00:00:00 is a +| | ... | wildcard mask. Type: string +| | ... | - ${no_hit_aces_number} - Number of not-hitting ACEs to be configured. +| | ... | Type: integer +| | ... | - ${acl_action} - Action for the rule - deny, permit, permit+reflect. +| | ... | Type: string +| | ... | - ${trex_stream1_subnet} - IP subnet used by T-Rex in direction 0->1. +| | ... | Type: string +| | ... | - ${trex_stream2_subnet} - IP subnet used by T-Rex in direction 1->0. +| | ... | Type: string +| | ... | - ${tg_mac_mask} - MAC address mask for traffic streams. +| | ... | 00:00:00:00:00:00 is a wildcard mask. Type: string +| | ... +| | [Arguments] | ${dut} | ${dut_if1}=${None} | ${dut_if2}=${None} +| | ${src_ip_int} = | Evaluate +| | ... | int(ipaddress.ip_address(unicode($src_ip_start))) - $ip_step +| | ... | modules=ipaddress +| | ${ip_limit} = | Set Variable | 255.255.255.255 +| | ${ip_limit_int} = | Evaluate +| | ... | int(ipaddress.ip_address(unicode($ip_limit))) | modules=ipaddress +| | ${src_mac_int} = | Evaluate +| | ... | int($src_mac_start.replace(':', ''), 16) - $src_mac_step +| | ${mac_limit} = | Set Variable | ff:ff:ff:ff:ff:ff +| | ${mac_limit_int} = | Evaluate +| | ... | int($mac_limit.replace(':', ''), 16) +| | ${acl}= | Set Variable | ipv4 permit +| | :FOR | ${nr} | IN RANGE | 0 | ${no_hit_aces_number} +| | | ${src_ip_int} = | Evaluate | $src_ip_int + $ip_step +| | | ${src_mac_int} = | Evaluate | $src_mac_int + $src_mac_step +| | | ${ipv4_limit_reached}= | Set Variable If +| | | ... | $src_ip_int > $ip_limit_int | ${True} +| | | ${mac_limit_reached}= | Set Variable If +| | | ... | $src_mac_int > $mac_limit_int | ${True} +| | | Run Keyword If | $ipv4_limit_reached is True | Log +| | | ... | Can't do more iterations - IPv4 address limit has been reached. +| | | ... | WARN +| | | Run Keyword If | $mac_limit_reached is True | Log +| | | ... | Can't do more iterations - MAC address limit has been reached. +| | | ... | WARN +| | | ${src_ip} = | Run Keyword If | $ipv4_limit_reached is True +| | | ... | Set Variable | ${ip_limit} +| | | ... | ELSE | Evaluate | str(ipaddress.ip_address($src_ip_int)) +| | | ... | modules=ipaddress +| | | ${src_mac}= | Run Keyword If | $mac_limit_reached is True +| | | ... | Set Variable | ${mac_limit} +| | | ... | ELSE | Evaluate +| | | ... | ':'.join(textwrap.wrap("{:012x}".format($src_mac_int), width=2)) +| | | ... | modules=textwrap +| | | ${acl}= | Catenate | ${acl} | ip ${src_ip}/32 +| | | ... | mac ${src_mac} | mask ${src_mac_mask}, +| | | Exit For Loop If +| | | ... | $ipv4_limit_reached is True or $mac_limit_reached is True +| | ${acl}= | Catenate | ${acl} +| | ... | ipv4 ${acl_action} ip ${trex_stream1_subnet} mac ${tg_if1_mac} +| | ... | mask ${tg_mac_mask}, +| | ... | ipv4 ${acl_action} ip ${trex_stream2_subnet} mac ${tg_if2_mac} +| | ... | mask ${tg_mac_mask} +| | Add Macip Acl Multi Entries | ${dut} | rules=${acl} +| | ${acl_idx}= | Set Variable | 0 +| | Run Keyword If | $dut_if1 is not None +| | ... | Add Del Macip Acl Interface | ${dut} | ${dut_if1} | add | ${acl_idx} +| | Run Keyword If | $dut_if2 is not None +| | ... | Add Del Macip Acl Interface | ${dut} | ${dut_if2} | add | ${acl_idx} + +| Initialize L2 bridge domain with MACIP ACLs on DUT1 in 3-node circular topology +| | [Documentation] +| | ... | Setup L2BD topology by adding two interfaces on DUT1 into bridge +| | ... | domain that is created automatically with index 1. Learning is +| | ... | enabled. Interfaces are brought up. Apply required MACIP ACL rules to +| | ... | DUT1 interfaces. +| | ... +| | ... | *Arguments:* +| | ... | _None_ +| | ... +| | ... | *Example:* +| | ... +| | ... | \| Initialize L2 bridge domain with MACIP ACLs on DUT1 in 3-node \ +| | ... | circular topology \| +| | ... +| | ... | _NOTE 1:_ This KW uses following test case variables: +| | ... | - ${tg} - TG node. +| | ... | - ${dut1} - DUT1 node. +| | ... | - ${dut2} - DUT2 node. +| | ... | - ${tg_if1} - TG interface towards DUT1. +| | ... | - ${tg_if2} - TG interface towards DUT2. +| | ... | - ${dut1_if1} - DUT1 interface towards TG. +| | ... | - ${dut1_if2} - DUT1 interface towards DUT2. +| | ... | - ${dut2_if1} - DUT2 interface towards DUT1. +| | ... | - ${dut2_if2} - DUT2 interface towards TG. +| | ... +| | ... | _NOTE 2:_ This KW sets following test case variables: +| | ... | - ${tg_if1_mac} - MAC address of TG interface towards DUT1. +| | ... | - ${tg_if2_mac} - MAC address of TG interface towards DUT2. +| | ... +| | Configure L2BD forwarding | ${dut1} | ${dut1_if1} | ${dut1_if2} +| | Configure L2XC | ${dut2} | ${dut2_if1} | ${dut2_if2} +| | All Vpp Interfaces Ready Wait | ${nodes} +| | ${tg_if1_mac}= | Get Interface MAC | ${tg} | ${tg_if1} +| | Set Test Variable | ${tg_if1_mac} +| | ${tg_if2_mac}= | Get Interface MAC | ${tg} | ${tg_if2} +| | Set Test Variable | ${tg_if2_mac} +| | Configure MACIP ACLs | ${dut1} | ${dut1_if1} | ${dut1_if2} + | Initialize L2 bridge domains with Vhost-User in 3-node circular topology | | [Documentation] | | ... | Create two Vhost-User interfaces on all defined VPP nodes. Add each diff --git a/resources/libraries/robot/performance/performance_setup.robot b/resources/libraries/robot/performance/performance_setup.robot index 5bb5015a23..95b2bddd4f 100644 --- a/resources/libraries/robot/performance/performance_setup.robot +++ b/resources/libraries/robot/performance/performance_setup.robot @@ -566,3 +566,24 @@ | | Vpp Log Plugin Acl Settings | ${dut1} | | Run Keyword If Test Failed | Run Keyword And Ignore Error | | ... | Vpp Log Plugin Acl Interface Assignment | ${dut1} + +| Tear down performance test with MACIP ACL +| | [Documentation] | Common test teardown for ndrdisc and pdrdisc performance \ +| | ... | tests with MACIP ACL feature used. +| | ... +| | ... | *Arguments:* +| | ... | - rate - Rate for sending packets. Type: string +| | ... | - framesize - L2 Frame Size [B]. Type: integer +| | ... | - traffic_profile - Traffic profile. Type: string +| | ... +| | ... | *Example:* +| | ... +| | ... | \| Tear down performance test with MACIP ACL \| 100000pps \| 64 \ +| | ... | \| ${traffic_profile} \| +| | ... +| | [Arguments] | ${rate} | ${framesize} | ${traffic_profile} +| | ... +| | Tear down performance discovery test | ${rate} | ${framesize} +| | ... | ${traffic_profile} +| | Vpp Log Macip Acl Settings | ${dut1} +| | Vpp Log Macip Acl Interface Assignment | ${dut1}