From: Peter Mikus <pmikus@cisco.com>
Date: Fri, 7 Jun 2019 13:44:52 +0000 (+0000)
Subject: vpp_device: IPsec
X-Git-Url: https://gerrit.fd.io/r/gitweb?p=csit.git;a=commitdiff_plain;h=f49a6734523f7e4ae26e357e4bd2c2df8c3de4d8

vpp_device: IPsec

- Remove VM ipsec tests as they are not interesting
- Remove duplicate (vpp_device/virl) VM tests
- Remove VM tunnel tests and use base tunnel (we do not need tunnel and VM)

Change-Id: I5d7b6d8a037878f81a6bdc0114af481b32141dde
Signed-off-by: Peter Mikus <pmikus@cisco.com>
---

diff --git a/resources/libraries/robot/crypto/ipsec.robot b/resources/libraries/robot/crypto/ipsec.robot
index b7e9ff173d..dcf3d48c4d 100644
--- a/resources/libraries/robot/crypto/ipsec.robot
+++ b/resources/libraries/robot/crypto/ipsec.robot
@@ -187,26 +187,6 @@
 | | ... | sa_id=${l_sa_id} | laddr_range=${l_ip}
 | | ... | raddr_range=${r_ip} | inbound=${FALSE}
 
-| Update IPSec SA keys
-| | [Documentation] | Update IPsec SA keys on VPP node.
-| | ...
-| | ... | *Arguments:*
-| | ... | - node - VPP node to update SA keys. Type: dictionary
-| | ... | - l_sa_id - Local SA ID. Type: string
-| | ... | - r_sa_id - Remote SA ID. Type: string
-| | ... | - crypto_key - Encryption key. Type: string
-| | ... | - integ_key - Integrity key. Type: string
-| | ...
-| | ... | *Example:*
-| | ... | \| Update IPSec SA keys \| ${nodes['DUT1']} \
-| | ... | \| 10 \| 20 \| sixteenbytes_key \| twentybytessecretkey \|
-| | [Arguments] | ${node} | ${l_sa_id} | ${r_sa_id} | ${crypto_key}
-| | ... | ${integ_key}
-| | VPP IPsec SA Set Key | ${dut_node} | ${l_sa_id} | ${crypto_key}
-| | ... | ${integ_key}
-| | VPP IPsec SA Set Key | ${dut_node} | ${r_sa_id} | ${crypto_key}
-| | ... | ${integ_key}
-
 | Send IPsec Packet and verify ESP encapsulation in received packet
 | | [Documentation] | Send IPsec packet from TG to DUT. Receive IPsec packet\
 | | ... | from DUT on TG and verify ESP encapsulation.
@@ -253,33 +233,6 @@
 | | ... | ${args} --dst_tun ${r_tunnel}
 | | Run Traffic Script On Node | ipsec.py | ${node} | ${args}
 
-| Set up IPv4 IPSec functional test
-| | [Documentation]
-| | ... | Set up IPv4 IPSec functional test.
-| | ...
-| | Set up functional test
-| | Configure topology for IPv4 IPsec testing
-
-| Set up IPv6 IPSec functional test
-| | [Documentation]
-| | ... | Set up IPv6 IPSec functional test.
-| | ...
-| | Set up functional test
-| | Configure topology for IPv6 IPsec testing
-
-| Tear down IPSec functional test
-| | [Documentation]
-| | ... | Tear down IPSec functional test.
-| | ...
-| | ... | *Example:*
-| | ...
-| | ... | \| Tear down IPSec functional test \| ${dut_node} \|
-| | ...
-| | [Arguments] | ${dut_node}
-| | ...
-| | VPP IPsec Show | ${dut_node}
-| | Tear down functional test
-
 | Set up IPSec SW device functional test
 | | [Documentation]
 | | ... | Set up IPSec SW device functional test for required IP version.
@@ -313,7 +266,7 @@
 | | | Run keyword | ${dut}.Add DPDK SW Cryptodev | aesni_gcm | ${socket_id}
 | | | ... | ${sw_dev_count}
 | | Write startup configuration on all VPP DUTs
-| | Set up functional test
+| | Set up VPP device test
 | | Run Keyword | Configure topology for ${ip_version} IPsec testing
 
 | Tear down IPSec SW device functional test
@@ -322,6 +275,5 @@
 | | ...
 | | ${duts}= | Get Matches | ${nodes} | DUT*
 | | :FOR | ${dut} | IN | @{duts}
-| | | VPP IPsec Show | ${nodes['${dut}']}
 | | | Run keyword | ${dut}.Restore Config
-| | Tear down functional test
+| | Tear down VPP device test
diff --git a/tests/vpp/device/crypto/eth2p-ethip4ipsectnl-ip4base-dev.robot b/tests/vpp/device/crypto/eth2p-ethip4ipsectnl-ip4base-dev.robot
new file mode 100644
index 0000000000..c6ac8f26e9
--- /dev/null
+++ b/tests/vpp/device/crypto/eth2p-ethip4ipsectnl-ip4base-dev.robot
@@ -0,0 +1,124 @@
+# Copyright (c) 2019 Cisco and/or its affiliates.
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at:
+#
+#     http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+
+*** Settings ***
+| Resource | resources/libraries/robot/crypto/ipsec.robot
+| ...
+| Force Tags | 2_NODE_SINGLE_LINK_TOPO | DEVICETEST | HW_ENV | DCR_ENV
+| ... | FUNCTEST | IP4FWD | IPSEC | IPSEC_TNL | IP4BASE
+| ...
+| Test Setup | Set up IPSec SW device functional test | IPv4
+| ...
+| Test Teardown | Tear down VPP device test
+| ...
+| Documentation | *IPv4 IPsec tunnel mode test suite.*
+| ...
+| ... | *[Top] Network topologies:* TG-DUT1 2-node topology with one link\
+| ... | between nodes.
+| ... | *[Cfg] DUT configuration:* On DUT1 create loopback interface, configure\
+| ... | loopback an physical interface IPv4 addresses, static ARP record, route\
+| ... | and IPsec manual keyed connection in tunnel mode.
+| ... | *[Ver] TG verification:* ESP packet is sent from TG to DUT1. ESP packet\
+| ... | is received on TG from DUT1.
+| ... | *[Ref] Applicable standard specifications:* RFC4303.
+
+*** Variables ***
+| ${tg_spi}= | ${1000}
+| ${dut_spi}= | ${1001}
+| ${ESP_PROTO}= | ${50}
+| ${tg_if_ip4}= | 192.168.100.2
+| ${dut_if_ip4}= | 192.168.100.3
+| ${tg_lo_ip4}= | 192.168.3.3
+| ${dut_lo_ip4}= | 192.168.4.4
+| ${ip4_plen}= | ${24}
+
+*** Test Cases ***
+| tc01-eth2p-ethip4ipsectnl-ip4base-device-aes-128-cbc-sha-256-128
+| | [Documentation]
+| | ... | [Cfg] On DUT1 configure IPsec manual keyed connection with encryption\
+| | ... | algorithm AES-CBC-128 and integrity algorithm SHA-256-128 in tunnel\
+| | ... | mode.
+| | ... | [Ver] Send and receive ESP packet between TG and VPP node.
+| | ...
+| | ${encr_alg}= | Crypto Alg AES CBC 128
+| | ${auth_alg}= | Integ Alg SHA 256 128
+| | Given Generate keys for IPSec | ${encr_alg} | ${auth_alg}
+| | When Configure manual keyed connection for IPSec
+| | ... | ${dut_node} | ${dut_if} | ${encr_alg} | ${encr_key} | ${auth_alg}
+| | ... | ${auth_key} | ${dut_spi} | ${tg_spi} | ${dut_src_ip} | ${tg_src_ip}
+| | ... | ${dut_tun_ip} | ${tg_tun_ip}
+| | Then Send IPsec Packet and verify ESP encapsulation in received packet
+| | ... | ${tg_node} | ${tg_if} | ${dut_if_mac}
+| | ... | ${encr_alg} | ${encr_key} | ${auth_alg} | ${auth_key} | ${tg_spi}
+| | ... | ${dut_spi} | ${tg_src_ip} | ${dut_src_ip} | ${tg_tun_ip}
+| | ... | ${dut_tun_ip}
+
+| tc02-eth2p-ethip4ipsectnl-ip4base-device-aes-256-cbc-sha-256-128
+| | [Documentation]
+| | ... | [Cfg] On DUT1 configure IPsec manual keyed connection with encryption\
+| | ... | algorithm AES-CBC-256 and integrity algorithm SHA-256-128 in tunnel\
+| | ... | mode.
+| | ... | [Ver] Send and receive ESP packet between TG and VPP node.
+| | ...
+| | ${encr_alg}= | Crypto Alg AES CBC 256
+| | ${auth_alg}= | Integ Alg SHA 256 128
+| | Given Generate keys for IPSec | ${encr_alg} | ${auth_alg}
+| | When Configure manual keyed connection for IPSec
+| | ... | ${dut_node} | ${dut_if} | ${encr_alg} | ${encr_key} | ${auth_alg}
+| | ... | ${auth_key} | ${dut_spi} | ${tg_spi} | ${dut_src_ip} | ${tg_src_ip}
+| | ... | ${dut_tun_ip} | ${tg_tun_ip}
+| | Then Send IPsec Packet and verify ESP encapsulation in received packet
+| | ... | ${tg_node} | ${tg_if} | ${dut_if_mac}
+| | ... | ${encr_alg} | ${encr_key} | ${auth_alg} | ${auth_key} | ${tg_spi}
+| | ... | ${dut_spi} | ${tg_src_ip} | ${dut_src_ip} | ${tg_tun_ip}
+| | ... | ${dut_tun_ip}
+
+| tc03-eth2p-ethip4ipsectnl-ip4base-device-aes-128-cbc-sha-512-256
+| | [Documentation]
+| | ... | [Cfg] On DUT1 configure IPsec manual keyed connection with encryption\
+| | ... | algorithm AES-CBC-128 and integrity algorithm SHA-512-256 in tunnel\
+| | ... | mode.
+| | ... | [Ver] Send and receive ESP packet between TG and VPP node.
+| | ...
+| | ${encr_alg}= | Crypto Alg AES CBC 128
+| | ${auth_alg}= | Integ Alg SHA 512 256
+| | Given Generate keys for IPSec | ${encr_alg} | ${auth_alg}
+| | When Configure manual keyed connection for IPSec
+| | ... | ${dut_node} | ${dut_if} | ${encr_alg} | ${encr_key} | ${auth_alg}
+| | ... | ${auth_key} | ${dut_spi} | ${tg_spi} | ${dut_src_ip} | ${tg_src_ip}
+| | ... | ${dut_tun_ip} | ${tg_tun_ip}
+| | Then Send IPsec Packet and verify ESP encapsulation in received packet
+| | ... | ${tg_node} | ${tg_if} | ${dut_if_mac}
+| | ... | ${encr_alg} | ${encr_key} | ${auth_alg} | ${auth_key} | ${tg_spi}
+| | ... | ${dut_spi} | ${tg_src_ip} | ${dut_src_ip} | ${tg_tun_ip}
+| | ... | ${dut_tun_ip}
+
+| tc04-eth2p-ethip4ipsectnl-ip4base-device-aes-256-cbc-sha-512-256
+| | [Documentation]
+| | ... | [Cfg] On DUT1 configure IPsec manual keyed connection with encryption\
+| | ... | algorithm AES-CBC-256 and integrity algorithm SHA-512-256 in tunnel\
+| | ... | mode.
+| | ... | [Ver] Send and receive ESP packet between TG and VPP node.
+| | ...
+| | ${encr_alg}= | Crypto Alg AES CBC 256
+| | ${auth_alg}= | Integ Alg SHA 512 256
+| | Given Generate keys for IPSec | ${encr_alg} | ${auth_alg}
+| | When Configure manual keyed connection for IPSec
+| | ... | ${dut_node} | ${dut_if} | ${encr_alg} | ${encr_key} | ${auth_alg}
+| | ... | ${auth_key} | ${dut_spi} | ${tg_spi} | ${dut_src_ip} | ${tg_src_ip}
+| | ... | ${dut_tun_ip} | ${tg_tun_ip}
+| | Then Send IPsec Packet and verify ESP encapsulation in received packet
+| | ... | ${tg_node} | ${tg_if} | ${dut_if_mac}
+| | ... | ${encr_alg} | ${encr_key} | ${auth_alg} | ${auth_key} | ${tg_spi}
+| | ... | ${dut_spi} | ${tg_src_ip} | ${dut_src_ip} | ${tg_tun_ip}
+| | ... | ${dut_tun_ip}
diff --git a/tests/vpp/device/crypto/eth2p-ethip4ipsectpt-ip4base-dev.robot b/tests/vpp/device/crypto/eth2p-ethip4ipsectpt-ip4base-dev.robot
new file mode 100644
index 0000000000..83507e5f14
--- /dev/null
+++ b/tests/vpp/device/crypto/eth2p-ethip4ipsectpt-ip4base-dev.robot
@@ -0,0 +1,116 @@
+# Copyright (c) 2019 Cisco and/or its affiliates.
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at:
+#
+#     http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+
+*** Settings ***
+| Resource | resources/libraries/robot/crypto/ipsec.robot
+| ...
+| Force Tags | 2_NODE_SINGLE_LINK_TOPO | DEVICETEST | HW_ENV | DCR_ENV
+| ... | FUNCTEST | IP4FWD | IPSEC | IPSEC_TPT | IP4BASE
+| ...
+| Test Setup | Set up IPSec SW device functional test | IPv4
+| ...
+| Test Teardown | Tear down VPP device test
+| ...
+| Documentation | *IPv4 IPsec transport mode test suite.*
+| ...
+| ... | *[Top] Network topologies:* TG-DUT1 2-node topology with one link\
+| ... | between nodes.
+| ... | *[Cfg] DUT configuration:* On DUT1 create loopback interface, configure\
+| ... | loopback an physical interface IPv4 addresses, static ARP record, route\
+| ... | and IPsec manual keyed connection in transport mode.
+| ... | *[Ver] TG verification:* ESP packet is sent from TG to DUT1. ESP packet\
+| ... | is received on TG from DUT1.
+| ... | *[Ref] Applicable standard specifications:* RFC4303.
+
+*** Variables ***
+| ${tg_spi}= | ${1000}
+| ${dut_spi}= | ${1001}
+| ${ESP_PROTO}= | ${50}
+| ${tg_if_ip4}= | 192.168.100.2
+| ${dut_if_ip4}= | 192.168.100.3
+| ${tg_lo_ip4}= | 192.168.3.3
+| ${dut_lo_ip4}= | 192.168.4.4
+| ${ip4_plen}= | ${24}
+
+*** Test Cases ***
+| tc01-eth2p-ethip4ipsectpt-ip4base-device-aes-128-cbc-sha-256-128
+| | [Documentation]
+| | ... | [Cfg] On DUT1 configure IPsec manual keyed connection with encryption\
+| | ... | algorithm AES-CBC-128 and integrity algorithm SHA-256-128 in transport
+| | ... | mode.
+| | ... | [Ver] Send and receive ESP packet between TG and VPP node.
+| | ...
+| | ${encr_alg}= | Crypto Alg AES CBC 128
+| | ${auth_alg}= | Integ Alg SHA 256 128
+| | Given Generate keys for IPSec | ${encr_alg} | ${auth_alg}
+| | When Configure manual keyed connection for IPSec
+| | ... | ${dut_node} | ${dut_if} | ${encr_alg} | ${encr_key} | ${auth_alg}
+| | ... | ${auth_key} | ${dut_spi} | ${tg_spi} | ${dut_tun_ip} | ${tg_tun_ip}
+| | Then Send IPsec Packet and verify ESP encapsulation in received packet
+| | ... | ${tg_node} | ${tg_if} | ${dut_if_mac}
+| | ... | ${encr_alg} | ${encr_key} | ${auth_alg} | ${auth_key} | ${tg_spi}
+| | ... | ${dut_spi} | ${tg_tun_ip} | ${dut_tun_ip}
+
+| tc02-eth2p-ethip4ipsectpt-ip4base-device-aes-256-cbc-sha-256-128
+| | [Documentation]
+| | ... | [Cfg] On DUT1 configure IPsec manual keyed connection with encryption\
+| | ... | algorithm AES-CBC-256 and integrity algorithm SHA-256-128 in transport
+| | ... | mode.
+| | ... | [Ver] Send and receive ESP packet between TG and VPP node.
+| | ...
+| | ${encr_alg}= | Crypto Alg AES CBC 256
+| | ${auth_alg}= | Integ Alg SHA 256 128
+| | Given Generate keys for IPSec | ${encr_alg} | ${auth_alg}
+| | When Configure manual keyed connection for IPSec
+| | ... | ${dut_node} | ${dut_if} | ${encr_alg} | ${encr_key} | ${auth_alg}
+| | ... | ${auth_key} | ${dut_spi} | ${tg_spi} | ${dut_tun_ip} | ${tg_tun_ip}
+| | Then Send IPsec Packet and verify ESP encapsulation in received packet
+| | ... | ${tg_node} | ${tg_if} | ${dut_if_mac}
+| | ... | ${encr_alg} | ${encr_key} | ${auth_alg} | ${auth_key} | ${tg_spi}
+| | ... | ${dut_spi} | ${tg_tun_ip} | ${dut_tun_ip}
+
+| tc03-eth2p-ethip4ipsectpt-ip4base-device-aes-128-cbc-sha-512-256
+| | [Documentation]
+| | ... | [Cfg] On DUT1 configure IPsec manual keyed connection with encryption\
+| | ... | algorithm AES-CBC-128 and integrity algorithm SHA-512-256 in transport
+| | ... | mode.
+| | ... | [Ver] Send and receive ESP packet between TG and VPP node.
+| | ...
+| | ${encr_alg}= | Crypto Alg AES CBC 128
+| | ${auth_alg}= | Integ Alg SHA 512 256
+| | Given Generate keys for IPSec | ${encr_alg} | ${auth_alg}
+| | When Configure manual keyed connection for IPSec
+| | ... | ${dut_node} | ${dut_if} | ${encr_alg} | ${encr_key} | ${auth_alg}
+| | ... | ${auth_key} | ${dut_spi} | ${tg_spi} | ${dut_tun_ip} | ${tg_tun_ip}
+| | Then Send IPsec Packet and verify ESP encapsulation in received packet
+| | ... | ${tg_node} | ${tg_if} | ${dut_if_mac}
+| | ... | ${encr_alg} | ${encr_key} | ${auth_alg} | ${auth_key} | ${tg_spi}
+| | ... | ${dut_spi} | ${tg_tun_ip} | ${dut_tun_ip}
+
+| tc04-eth2p-ethip4ipsectpt-ip4base-device-aes-256-cbc-sha-512-256
+| | [Documentation]
+| | ... | [Cfg] On DUT1 configure IPsec manual keyed connection with encryption\
+| | ... | algorithm AES-CBC-256 and integrity algorithm SHA-512-256 in transport
+| | ... | mode.
+| | ... | [Ver] Send and receive ESP packet between TG and VPP node.
+| | ...
+| | ${encr_alg}= | Crypto Alg AES CBC 256
+| | ${auth_alg}= | Integ Alg SHA 512 256
+| | Given Generate keys for IPSec | ${encr_alg} | ${auth_alg}
+| | When Configure manual keyed connection for IPSec
+| | ... | ${dut_node} | ${dut_if} | ${encr_alg} | ${encr_key} | ${auth_alg}
+| | ... | ${auth_key} | ${dut_spi} | ${tg_spi} | ${dut_tun_ip} | ${tg_tun_ip}
+| | Then Send IPsec Packet and verify ESP encapsulation in received packet
+| | ... | ${tg_node} | ${tg_if} | ${dut_if_mac}
+| | ... | ${encr_alg} | ${encr_key} | ${auth_alg} | ${auth_key} | ${tg_spi}
+| | ... | ${dut_spi} | ${tg_tun_ip} | ${dut_tun_ip}
\ No newline at end of file
diff --git a/tests/vpp/device/crypto/eth2p-ethip6ipsectnl-ip6base-dev.robot b/tests/vpp/device/crypto/eth2p-ethip6ipsectnl-ip6base-dev.robot
new file mode 100644
index 0000000000..43f9dcf078
--- /dev/null
+++ b/tests/vpp/device/crypto/eth2p-ethip6ipsectnl-ip6base-dev.robot
@@ -0,0 +1,125 @@
+# Copyright (c) 2016 Cisco and/or its affiliates.
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at:
+#
+#     http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+
+*** Settings ***
+| Resource | resources/libraries/robot/crypto/ipsec.robot
+| ...
+| Force Tags | 2_NODE_SINGLE_LINK_TOPO | DEVICETEST | HW_ENV | DCR_ENV
+| ... | FUNCTEST | IP6FWD | IPSEC | IPSEC_TNL | IP6BASE
+| ...
+| Test Setup | Set up IPSec SW device functional test | IPv6
+| ...
+| Test Teardown | Tear down VPP device test
+| ...
+| Documentation | *IPv6 IPsec tunnel mode test suite.*
+| ...
+| ... | *[Top] Network topologies:* TG-DUT1 2-node topology with one link\
+| ... | between nodes.
+| ... | *[Cfg] DUT configuration:* On DUT1 create loopback interface, configure
+| ... | loopback an physical interface IPv6 addresses, static ARP record, route
+| ... | and IPsec manual keyed connection in tunnel mode.
+| ... | *[Ver] TG verification:* ESP packet is sent from TG to DUT1. ESP packet
+| ... | is received on TG from DUT1.
+| ... | *[Ref] Applicable standard specifications:* RFC4303.
+
+*** Variables ***
+| ${tg_spi}= | ${1000}
+| ${dut_spi}= | ${1001}
+| ${ESP_PROTO}= | ${50}
+| ${tg_if_ip6}= | 3ffe:5f::1
+| ${dut_if_ip6}= | 3ffe:5f::2
+| ${tg_lo_ip6}= | 3ffe:60::3
+| ${dut_lo_ip6}= | 3ffe:60::4
+| ${ip6_plen}= | ${64}
+| ${ip6_plen_rt}= | ${128}
+
+*** Test Cases ***
+| tc01-eth2p-ethip6ipsectnl-ip6base-device-aes-128-cbc-sha-256-128
+| | [Documentation]
+| | ... | [Cfg] On DUT1 configure IPsec manual keyed connection with encryption\
+| | ... | algorithm AES-CBC-128 and integrity algorithm SHA-256-128 in tunnel\
+| | ... | mode.
+| | ... | [Ver] Send and receive ESP packet between TG and VPP node.
+| | ...
+| | ${encr_alg}= | Crypto Alg AES CBC 128
+| | ${auth_alg}= | Integ Alg SHA 256 128
+| | Given Generate keys for IPSec | ${encr_alg} | ${auth_alg}
+| | When Configure manual keyed connection for IPSec
+| | ... | ${dut_node} | ${dut_if} | ${encr_alg} | ${encr_key} | ${auth_alg}
+| | ... | ${auth_key} | ${dut_spi} | ${tg_spi} | ${dut_src_ip} | ${tg_src_ip}
+| | ... | ${dut_tun_ip} | ${tg_tun_ip} | is_ipv6=${TRUE}
+| | Then Send IPsec Packet and verify ESP encapsulation in received packet
+| | ... | ${tg_node} | ${tg_if} | ${dut_if_mac}
+| | ... | ${encr_alg} | ${encr_key} | ${auth_alg} | ${auth_key} | ${tg_spi}
+| | ... | ${dut_spi} | ${tg_src_ip} | ${dut_src_ip} | ${tg_tun_ip}
+| | ... | ${dut_tun_ip}
+
+| tc02-eth2p-ethip6ipsectnl-ip6base-device-aes-256-cbc-sha-256-128
+| | [Documentation]
+| | ... | [Cfg] On DUT1 configure IPsec manual keyed connection with encryption\
+| | ... | algorithm AES-CBC-256 and integrity algorithm SHA-256-128 in tunnel\
+| | ... | mode.
+| | ... | [Ver] Send and receive ESP packet between TG and VPP node.
+| | ...
+| | ${encr_alg}= | Crypto Alg AES CBC 256
+| | ${auth_alg}= | Integ Alg SHA 256 128
+| | Given Generate keys for IPSec | ${encr_alg} | ${auth_alg}
+| | When Configure manual keyed connection for IPSec
+| | ... | ${dut_node} | ${dut_if} | ${encr_alg} | ${encr_key} | ${auth_alg}
+| | ... | ${auth_key} | ${dut_spi} | ${tg_spi} | ${dut_src_ip} | ${tg_src_ip}
+| | ... | ${dut_tun_ip} | ${tg_tun_ip} | is_ipv6=${TRUE}
+| | Then Send IPsec Packet and verify ESP encapsulation in received packet
+| | ... | ${tg_node} | ${tg_if} | ${dut_if_mac}
+| | ... | ${encr_alg} | ${encr_key} | ${auth_alg} | ${auth_key} | ${tg_spi}
+| | ... | ${dut_spi} | ${tg_src_ip} | ${dut_src_ip} | ${tg_tun_ip}
+| | ... | ${dut_tun_ip}
+
+| tc03-eth2p-ethip6ipsectnl-ip6base-device-aes-128-cbc-sha-512-256
+| | [Documentation]
+| | ... | [Cfg] On DUT1 configure IPsec manual keyed connection with encryption\
+| | ... | algorithm AES-CBC-128 and integrity algorithm SHA-512-256 in tunnel\
+| | ... | mode.
+| | ... | [Ver] Send and receive ESP packet between TG and VPP node.
+| | ...
+| | ${encr_alg}= | Crypto Alg AES CBC 128
+| | ${auth_alg}= | Integ Alg SHA 512 256
+| | Given Generate keys for IPSec | ${encr_alg} | ${auth_alg}
+| | When Configure manual keyed connection for IPSec
+| | ... | ${dut_node} | ${dut_if} | ${encr_alg} | ${encr_key} | ${auth_alg}
+| | ... | ${auth_key} | ${dut_spi} | ${tg_spi} | ${dut_src_ip} | ${tg_src_ip}
+| | ... | ${dut_tun_ip} | ${tg_tun_ip} | is_ipv6=${TRUE}
+| | Then Send IPsec Packet and verify ESP encapsulation in received packet
+| | ... | ${tg_node} | ${tg_if} | ${dut_if_mac}
+| | ... | ${encr_alg} | ${encr_key} | ${auth_alg} | ${auth_key} | ${tg_spi}
+| | ... | ${dut_spi} | ${tg_src_ip} | ${dut_src_ip} | ${tg_tun_ip}
+| | ... | ${dut_tun_ip}
+
+| tc04-eth2p-ethip6ipsectnl-ip6base-device-aes-256-cbc-sha-512-256
+| | [Documentation]
+| | ... | [Cfg] On DUT1 configure IPsec manual keyed connection with encryption\
+| | ... | algorithm AES-CBC-256 and integrity algorithm SHA-512-256 in tunnel\
+| | ... | mode.
+| | ... | [Ver] Send and receive ESP packet between TG and VPP node.
+| | ...
+| | ${encr_alg}= | Crypto Alg AES CBC 256
+| | ${auth_alg}= | Integ Alg SHA 512 256
+| | Given Generate keys for IPSec | ${encr_alg} | ${auth_alg}
+| | When Configure manual keyed connection for IPSec
+| | ... | ${dut_node} | ${dut_if} | ${encr_alg} | ${encr_key} | ${auth_alg}
+| | ... | ${auth_key} | ${dut_spi} | ${tg_spi} | ${dut_src_ip} | ${tg_src_ip}
+| | ... | ${dut_tun_ip} | ${tg_tun_ip} | is_ipv6=${TRUE}
+| | Then Send IPsec Packet and verify ESP encapsulation in received packet
+| | ... | ${tg_node} | ${tg_if} | ${dut_if_mac}
+| | ... | ${encr_alg} | ${encr_key} | ${auth_alg} | ${auth_key} | ${tg_spi}
+| | ... | ${dut_spi} | ${tg_src_ip} | ${dut_src_ip} | ${tg_tun_ip}
+| | ... | ${dut_tun_ip}
diff --git a/tests/vpp/device/crypto/eth2p-ethip6ipsectpt-ip6base-dev.robot b/tests/vpp/device/crypto/eth2p-ethip6ipsectpt-ip6base-dev.robot
new file mode 100644
index 0000000000..8fcc11c036
--- /dev/null
+++ b/tests/vpp/device/crypto/eth2p-ethip6ipsectpt-ip6base-dev.robot
@@ -0,0 +1,121 @@
+# Copyright (c) 2019 Cisco and/or its affiliates.
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at:
+#
+#     http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+
+*** Settings ***
+| Resource | resources/libraries/robot/crypto/ipsec.robot
+| ...
+| Force Tags | 2_NODE_SINGLE_LINK_TOPO | DEVICETEST | HW_ENV | DCR_ENV
+| ... | FUNCTEST | IP6FWD | IPSEC | IPSEC_TPT | IP6BASE
+| ...
+| Test Setup | Set up IPSec SW device functional test | IPv6
+| ...
+| Test Teardown | Tear down VPP device test
+| ...
+| Documentation | *IPv6 IPsec transport mode test suite.*
+| ...
+| ... | *[Top] Network topologies:* TG-DUT1 2-node topology with one link\
+| ... | between nodes.
+| ... | *[Cfg] DUT configuration:* On DUT1 create loopback interface, configure
+| ... | loopback an physical interface IPv6 addresses, static ARP record, route
+| ... | and IPsec manual keyed connection in transport mode.
+| ... | *[Ver] TG verification:* ESP packet is sent from TG to DUT1. ESP packet
+| ... | is received on TG from DUT1.
+| ... | *[Ref] Applicable standard specifications:* RFC4303.
+
+*** Variables ***
+| ${tg_spi}= | ${1000}
+| ${dut_spi}= | ${1001}
+| ${ESP_PROTO}= | ${50}
+| ${tg_if_ip6}= | 3ffe:5f::1
+| ${dut_if_ip6}= | 3ffe:5f::2
+| ${tg_lo_ip6}= | 3ffe:60::3
+| ${dut_lo_ip6}= | 3ffe:60::4
+| ${ip6_plen}= | ${64}
+| ${ip6_plen_rt}= | ${128}
+
+*** Test Cases ***
+| tc01-eth2p-ethip6ipsectpt-ip6base-device-aes-128-cbc-sha-256-128
+| | [Documentation]
+| | ... | [Cfg] On DUT1 configure IPsec manual keyed connection with encryption\
+| | ... | algorithm AES-CBC-128 and integrity algorithm SHA-256-128 in transport
+| | ... | mode.
+| | ... | [Ver] Send and receive ESP packet between TG and VPP node.
+| | ...
+| | ${encr_alg}= | Crypto Alg AES CBC 128
+| | ${auth_alg}= | Integ Alg SHA 256 128
+| | Given Generate keys for IPSec | ${encr_alg} | ${auth_alg}
+| | When Configure manual keyed connection for IPSec
+| | ... | ${dut_node} | ${dut_if} | ${encr_alg} | ${encr_key} | ${auth_alg}
+| | ... | ${auth_key} | ${dut_spi} | ${tg_spi} | ${dut_tun_ip} | ${tg_tun_ip}
+| | ... | is_ipv6=${TRUE}
+| | Then Send IPsec Packet and verify ESP encapsulation in received packet
+| | ... | ${tg_node} | ${tg_if} | ${dut_if_mac}
+| | ... | ${encr_alg} | ${encr_key} | ${auth_alg} | ${auth_key} | ${tg_spi}
+| | ... | ${dut_spi} | ${tg_tun_ip} | ${dut_tun_ip}
+
+| tc02-eth2p-ethip6ipsectpt-ip6base-device-aes-256-cbc-sha-256-128
+| | [Documentation]
+| | ... | [Cfg] On DUT1 configure IPsec manual keyed connection with encryption\
+| | ... | algorithm AES-CBC-256 and integrity algorithm SHA-256-128 in transport
+| | ... | mode.
+| | ... | [Ver] Send and receive ESP packet between TG and VPP node.
+| | ...
+| | ${encr_alg}= | Crypto Alg AES CBC 256
+| | ${auth_alg}= | Integ Alg SHA 256 128
+| | Given Generate keys for IPSec | ${encr_alg} | ${auth_alg}
+| | When Configure manual keyed connection for IPSec
+| | ... | ${dut_node} | ${dut_if} | ${encr_alg} | ${encr_key} | ${auth_alg}
+| | ... | ${auth_key} | ${dut_spi} | ${tg_spi} | ${dut_tun_ip} | ${tg_tun_ip}
+| | ... | is_ipv6=${TRUE}
+| | Then Send IPsec Packet and verify ESP encapsulation in received packet
+| | ... | ${tg_node} | ${tg_if} | ${dut_if_mac}
+| | ... | ${encr_alg} | ${encr_key} | ${auth_alg} | ${auth_key} | ${tg_spi}
+| | ... | ${dut_spi} | ${tg_tun_ip} | ${dut_tun_ip}
+
+| tc03-eth2p-ethip6ipsectpt-ip6base-device-aes-128-cbc-sha-512-256
+| | [Documentation]
+| | ... | [Cfg] On DUT1 configure IPsec manual keyed connection with encryption\
+| | ... | algorithm AES-CBC-128 and integrity algorithm SHA-512-256 in transport
+| | ... | mode.
+| | ... | [Ver] Send and receive ESP packet between TG and VPP node.
+| | ...
+| | ${encr_alg}= | Crypto Alg AES CBC 128
+| | ${auth_alg}= | Integ Alg SHA 512 256
+| | Given Generate keys for IPSec | ${encr_alg} | ${auth_alg}
+| | When Configure manual keyed connection for IPSec
+| | ... | ${dut_node} | ${dut_if} | ${encr_alg} | ${encr_key} | ${auth_alg}
+| | ... | ${auth_key} | ${dut_spi} | ${tg_spi} | ${dut_tun_ip} | ${tg_tun_ip}
+| | ... | is_ipv6=${TRUE}
+| | Then Send IPsec Packet and verify ESP encapsulation in received packet
+| | ... | ${tg_node} | ${tg_if} | ${dut_if_mac}
+| | ... | ${encr_alg} | ${encr_key} | ${auth_alg} | ${auth_key} | ${tg_spi}
+| | ... | ${dut_spi} | ${tg_tun_ip} | ${dut_tun_ip}
+
+| tc04-eth2p-ethip6ipsectpt-ip6base-device-aes-256-cbc-sha-512-256
+| | [Documentation]
+| | ... | [Cfg] On DUT1 configure IPsec manual keyed connection with encryption\
+| | ... | algorithm AES-CBC-256 and integrity algorithm SHA-512-256 in transport
+| | ... | mode.
+| | ... | [Ver] Send and receive ESP packet between TG and VPP node.
+| | ...
+| | ${encr_alg}= | Crypto Alg AES CBC 256
+| | ${auth_alg}= | Integ Alg SHA 512 256
+| | Given Generate keys for IPSec | ${encr_alg} | ${auth_alg}
+| | When Configure manual keyed connection for IPSec
+| | ... | ${dut_node} | ${dut_if} | ${encr_alg} | ${encr_key} | ${auth_alg}
+| | ... | ${auth_key} | ${dut_spi} | ${tg_spi} | ${dut_tun_ip} | ${tg_tun_ip}
+| | ... | is_ipv6=${TRUE}
+| | Then Send IPsec Packet and verify ESP encapsulation in received packet
+| | ... | ${tg_node} | ${tg_if} | ${dut_if_mac}
+| | ... | ${encr_alg} | ${encr_key} | ${auth_alg} | ${auth_key} | ${tg_spi}
+| | ... | ${dut_spi} | ${tg_tun_ip} | ${dut_tun_ip}
\ No newline at end of file
diff --git a/tests/vpp/func/crypto/default/eth2p-ethip4ipsectnl-ip4base-func.robot b/tests/vpp/func/crypto/default/eth2p-ethip4ipsectnl-ip4base-func.robot
deleted file mode 100644
index 2cab1cdd44..0000000000
--- a/tests/vpp/func/crypto/default/eth2p-ethip4ipsectnl-ip4base-func.robot
+++ /dev/null
@@ -1,524 +0,0 @@
-# Copyright (c) 2016 Cisco and/or its affiliates.
-# Licensed under the Apache License, Version 2.0 (the "License");
-# you may not use this file except in compliance with the License.
-# You may obtain a copy of the License at:
-#
-#     http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS,
-# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# See the License for the specific language governing permissions and
-# limitations under the License.
-
-*** Settings ***
-| Resource | resources/libraries/robot/crypto/ipsec.robot
-| Library | resources.libraries.python.Trace
-| Force Tags | 3_NODE_SINGLE_LINK_TOPO | 3_NODE_DOUBLE_LINK_TOPO
-| ...        | VM_ENV | HW_ENV | SKIP_VPP_PATCH
-| ...
-| Test Setup | Set up IPv4 IPSec functional test
-| ...
-| Test Teardown | Tear down IPSec functional test | ${dut_node}
-| ...
-| Documentation | *IPv4 IPsec tunnel mode test suite.*
-| ...
-| ... | *[Top] Network topologies:* TG-DUT1 2-node topology with one link\
-| ... | between nodes.
-| ... | *[Cfg] DUT configuration:* On DUT1 create loopback interface, configure\
-| ... | loopback an physical interface IPv4 addresses, static ARP record, route\
-| ... | and IPsec manual keyed connection in tunnel mode.
-| ... | *[Ver] TG verification:* ESP packet is sent from TG to DUT1. ESP packet\
-| ... | is received on TG from DUT1.
-| ... | *[Ref] Applicable standard specifications:* RFC4303.
-
-*** Variables ***
-| ${tg_spi}= | ${1000}
-| ${dut_spi}= | ${1001}
-| ${ESP_PROTO}= | ${50}
-| ${tg_if_ip4}= | 192.168.100.2
-| ${dut_if_ip4}= | 192.168.100.3
-| ${tg_lo_ip4}= | 192.168.3.3
-| ${dut_lo_ip4}= | 192.168.4.4
-| ${ip4_plen}= | ${24}
-
-*** Test Cases ***
-| TC01: VPP process ESP packet in Tunnel Mode with AES-CBC-128 encryption and SHA1-96 integrity
-| | [Documentation]
-| | ... | [Top] TG-DUT1.
-| | ... | [Ref] RFC4303.
-| | ... | [Cfg] On DUT1 configure IPsec manual keyed connection with encryption\
-| | ... | algorithm AES-CBC-128 and integrity algorithm SHA1-96 in tunnel mode.
-| | ... | [Ver] Send and receive ESP packet between TG and VPP node.
-| | ${encr_alg}= | Crypto Alg AES CBC 128
-| | ${auth_alg}= | Integ Alg SHA1 96
-| | Given Generate keys for IPSec | ${encr_alg} | ${auth_alg}
-| | When Configure manual keyed connection for IPSec
-| | ... | ${dut_node} | ${dut_if} | ${encr_alg} | ${encr_key} | ${auth_alg}
-| | ... | ${auth_key} | ${dut_spi} | ${tg_spi} | ${dut_src_ip} | ${tg_src_ip}
-| | ... | ${dut_tun_ip} | ${tg_tun_ip}
-| | Then Send IPsec Packet and verify ESP encapsulation in received packet
-| | ... | ${tg_node} | ${tg_if} | ${dut_if_mac}
-| | ... | ${encr_alg} | ${encr_key} | ${auth_alg} | ${auth_key} | ${tg_spi}
-| | ... | ${dut_spi} | ${tg_src_ip} | ${dut_src_ip} | ${tg_tun_ip}
-| | ... | ${dut_tun_ip}
-
-| TC02: VPP process ESP packet in Tunnel Mode with AES-CBC-192 encryption and SHA1-96 integrity
-| | [Documentation]
-| | ... | [Top] TG-DUT1.
-| | ... | [Ref] RFC4303.
-| | ... | [Cfg] On DUT1 configure IPsec manual keyed connection with encryption\
-| | ... | algorithm AES-CBC-192 and integrity algorithm SHA1-96 in tunnel mode.
-| | ... | [Ver] Send and receive ESP packet between TG and VPP node.
-| | [Tags] | SKIP_PATCH
-| | ${encr_alg}= | Crypto Alg AES CBC 192
-| | ${auth_alg}= | Integ Alg SHA1 96
-| | Given Generate keys for IPSec | ${encr_alg} | ${auth_alg}
-| | When Configure manual keyed connection for IPSec
-| | ... | ${dut_node} | ${dut_if} | ${encr_alg} | ${encr_key} | ${auth_alg}
-| | ... | ${auth_key} | ${dut_spi} | ${tg_spi} | ${dut_src_ip} | ${tg_src_ip}
-| | ... | ${dut_tun_ip} | ${tg_tun_ip}
-| | Then Send IPsec Packet and verify ESP encapsulation in received packet
-| | ... | ${tg_node} | ${tg_if} | ${dut_if_mac}
-| | ... | ${encr_alg} | ${encr_key} | ${auth_alg} | ${auth_key} | ${tg_spi}
-| | ... | ${dut_spi} | ${tg_src_ip} | ${dut_src_ip} | ${tg_tun_ip}
-| | ... | ${dut_tun_ip}
-
-| TC03: VPP process ESP packet in Tunnel Mode with AES-CBC-256 encryption and SHA1-96 integrity
-| | [Documentation]
-| | ... | [Top] TG-DUT1.
-| | ... | [Ref] RFC4303.
-| | ... | [Cfg] On DUT1 configure IPsec manual keyed connection with encryption\
-| | ... | algorithm AES-CBC-256 and integrity algorithm SHA1-96 in tunnel mode.
-| | ... | [Ver] Send and receive ESP packet between TG and VPP node.
-| | [Tags] | SKIP_PATCH
-| | ${encr_alg}= | Crypto Alg AES CBC 256
-| | ${auth_alg}= | Integ Alg SHA1 96
-| | Given Generate keys for IPSec | ${encr_alg} | ${auth_alg}
-| | When Configure manual keyed connection for IPSec
-| | ... | ${dut_node} | ${dut_if} | ${encr_alg} | ${encr_key} | ${auth_alg}
-| | ... | ${auth_key} | ${dut_spi} | ${tg_spi} | ${dut_src_ip} | ${tg_src_ip}
-| | ... | ${dut_tun_ip} | ${tg_tun_ip}
-| | Then Send IPsec Packet and verify ESP encapsulation in received packet
-| | ... | ${tg_node} | ${tg_if} | ${dut_if_mac}
-| | ... | ${encr_alg} | ${encr_key} | ${auth_alg} | ${auth_key} | ${tg_spi}
-| | ... | ${dut_spi} | ${tg_src_ip} | ${dut_src_ip} | ${tg_tun_ip}
-| | ... | ${dut_tun_ip}
-
-| TC04: VPP process ESP packet in Tunnel Mode with AES-CBC-128 encryption and SHA-256-128 integrity
-| | [Documentation]
-| | ... | [Top] TG-DUT1.
-| | ... | [Ref] RFC4303.
-| | ... | [Cfg] On DUT1 configure IPsec manual keyed connection with encryption\
-| | ... | algorithm AES-CBC-128 and integrity algorithm SHA-256-128 in tunnel\
-| | ... | mode.
-| | ... | [Ver] Send and receive ESP packet between TG and VPP node.
-| | [Tags] | SKIP_PATCH
-| | ${encr_alg}= | Crypto Alg AES CBC 128
-| | ${auth_alg}= | Integ Alg SHA 256 128
-| | Given Generate keys for IPSec | ${encr_alg} | ${auth_alg}
-| | When Configure manual keyed connection for IPSec
-| | ... | ${dut_node} | ${dut_if} | ${encr_alg} | ${encr_key} | ${auth_alg}
-| | ... | ${auth_key} | ${dut_spi} | ${tg_spi} | ${dut_src_ip} | ${tg_src_ip}
-| | ... | ${dut_tun_ip} | ${tg_tun_ip}
-| | Then Send IPsec Packet and verify ESP encapsulation in received packet
-| | ... | ${tg_node} | ${tg_if} | ${dut_if_mac}
-| | ... | ${encr_alg} | ${encr_key} | ${auth_alg} | ${auth_key} | ${tg_spi}
-| | ... | ${dut_spi} | ${tg_src_ip} | ${dut_src_ip} | ${tg_tun_ip}
-| | ... | ${dut_tun_ip}
-
-| TC05: VPP process ESP packet in Tunnel Mode with AES-CBC-192 encryption and SHA-256-128 integrity
-| | [Documentation]
-| | ... | [Top] TG-DUT1.
-| | ... | [Ref] RFC4303.
-| | ... | [Cfg] On DUT1 configure IPsec manual keyed connection with encryption\
-| | ... | algorithm AES-CBC-192 and integrity algorithm SHA-256-128 in tunnel\
-| | ... | mode.
-| | ... | [Ver] Send and receive ESP packet between TG and VPP node.
-| | ${encr_alg}= | Crypto Alg AES CBC 192
-| | ${auth_alg}= | Integ Alg SHA 256 128
-| | Given Generate keys for IPSec | ${encr_alg} | ${auth_alg}
-| | When Configure manual keyed connection for IPSec
-| | ... | ${dut_node} | ${dut_if} | ${encr_alg} | ${encr_key} | ${auth_alg}
-| | ... | ${auth_key} | ${dut_spi} | ${tg_spi} | ${dut_src_ip} | ${tg_src_ip}
-| | ... | ${dut_tun_ip} | ${tg_tun_ip}
-| | Then Send IPsec Packet and verify ESP encapsulation in received packet
-| | ... | ${tg_node} | ${tg_if} | ${dut_if_mac}
-| | ... | ${encr_alg} | ${encr_key} | ${auth_alg} | ${auth_key} | ${tg_spi}
-| | ... | ${dut_spi} | ${tg_src_ip} | ${dut_src_ip} | ${tg_tun_ip}
-| | ... | ${dut_tun_ip}
-
-| TC06: VPP process ESP packet in Tunnel Mode with AES-CBC-256 encryption and SHA-256-128 integrity
-| | [Documentation]
-| | ... | [Top] TG-DUT1.
-| | ... | [Ref] RFC4303.
-| | ... | [Cfg] On DUT1 configure IPsec manual keyed connection with encryption\
-| | ... | algorithm AES-CBC-256 and integrity algorithm SHA-256-128 in tunnel\
-| | ... | mode.
-| | ... | [Ver] Send and receive ESP packet between TG and VPP node.
-| | [Tags] | SKIP_PATCH
-| | ${encr_alg}= | Crypto Alg AES CBC 256
-| | ${auth_alg}= | Integ Alg SHA 256 128
-| | Given Generate keys for IPSec | ${encr_alg} | ${auth_alg}
-| | When Configure manual keyed connection for IPSec
-| | ... | ${dut_node} | ${dut_if} | ${encr_alg} | ${encr_key} | ${auth_alg}
-| | ... | ${auth_key} | ${dut_spi} | ${tg_spi} | ${dut_src_ip} | ${tg_src_ip}
-| | ... | ${dut_tun_ip} | ${tg_tun_ip}
-| | Then Send IPsec Packet and verify ESP encapsulation in received packet
-| | ... | ${tg_node} | ${tg_if} | ${dut_if_mac}
-| | ... | ${encr_alg} | ${encr_key} | ${auth_alg} | ${auth_key} | ${tg_spi}
-| | ... | ${dut_spi} | ${tg_src_ip} | ${dut_src_ip} | ${tg_tun_ip}
-| | ... | ${dut_tun_ip}
-
-| TC07: VPP process ESP packet in Tunnel Mode with AES-CBC-128 encryption and SHA-384-192 integrity
-| | [Documentation]
-| | ... | [Top] TG-DUT1.
-| | ... | [Ref] RFC4303.
-| | ... | [Cfg] On DUT1 configure IPsec manual keyed connection with encryption\
-| | ... | algorithm AES-CBC-128 and integrity algorithm SHA-384-192 in tunnel\
-| | ... | mode.
-| | ... | [Ver] Send and receive ESP packet between TG and VPP node.
-| | [Tags] | SKIP_PATCH
-| | ${encr_alg}= | Crypto Alg AES CBC 128
-| | ${auth_alg}= | Integ Alg SHA 384 192
-| | Given Generate keys for IPSec | ${encr_alg} | ${auth_alg}
-| | When Configure manual keyed connection for IPSec
-| | ... | ${dut_node} | ${dut_if} | ${encr_alg} | ${encr_key} | ${auth_alg}
-| | ... | ${auth_key} | ${dut_spi} | ${tg_spi} | ${dut_src_ip} | ${tg_src_ip}
-| | ... | ${dut_tun_ip} | ${tg_tun_ip}
-| | Then Send IPsec Packet and verify ESP encapsulation in received packet
-| | ... | ${tg_node} | ${tg_if} | ${dut_if_mac}
-| | ... | ${encr_alg} | ${encr_key} | ${auth_alg} | ${auth_key} | ${tg_spi}
-| | ... | ${dut_spi} | ${tg_src_ip} | ${dut_src_ip} | ${tg_tun_ip}
-| | ... | ${dut_tun_ip}
-
-| TC08: VPP process ESP packet in Tunnel Mode with AES-CBC-192 encryption and SHA-384-192 integrity
-| | [Documentation]
-| | ... | [Top] TG-DUT1.
-| | ... | [Ref] RFC4303.
-| | ... | [Cfg] On DUT1 configure IPsec manual keyed connection with encryption\
-| | ... | algorithm AES-CBC-192 and integrity algorithm SHA-384-192 in tunnel\
-| | ... | mode.
-| | ... | [Ver] Send and receive ESP packet between TG and VPP node.
-| | [Tags] | SKIP_PATCH
-| | ${encr_alg}= | Crypto Alg AES CBC 192
-| | ${auth_alg}= | Integ Alg SHA 384 192
-| | Given Generate keys for IPSec | ${encr_alg} | ${auth_alg}
-| | When Configure manual keyed connection for IPSec
-| | ... | ${dut_node} | ${dut_if} | ${encr_alg} | ${encr_key} | ${auth_alg}
-| | ... | ${auth_key} | ${dut_spi} | ${tg_spi} | ${dut_src_ip} | ${tg_src_ip}
-| | ... | ${dut_tun_ip} | ${tg_tun_ip}
-| | Then Send IPsec Packet and verify ESP encapsulation in received packet
-| | ... | ${tg_node} | ${tg_if} | ${dut_if_mac}
-| | ... | ${encr_alg} | ${encr_key} | ${auth_alg} | ${auth_key} | ${tg_spi}
-| | ... | ${dut_spi} | ${tg_src_ip} | ${dut_src_ip} | ${tg_tun_ip}
-| | ... | ${dut_tun_ip}
-
-| TC09: VPP process ESP packet in Tunnel Mode with AES-CBC-256 encryption and SHA-384-192 integrity
-| | [Documentation]
-| | ... | [Top] TG-DUT1.
-| | ... | [Ref] RFC4303.
-| | ... | [Cfg] On DUT1 configure IPsec manual keyed connection with encryption\
-| | ... | algorithm AES-CBC-256 and integrity algorithm SHA-384-192 in tunnel\
-| | ... | mode.
-| | ... | [Ver] Send and receive ESP packet between TG and VPP node.
-| | ${encr_alg}= | Crypto Alg AES CBC 256
-| | ${auth_alg}= | Integ Alg SHA 384 192
-| | Given Generate keys for IPSec | ${encr_alg} | ${auth_alg}
-| | When Configure manual keyed connection for IPSec
-| | ... | ${dut_node} | ${dut_if} | ${encr_alg} | ${encr_key} | ${auth_alg}
-| | ... | ${auth_key} | ${dut_spi} | ${tg_spi} | ${dut_src_ip} | ${tg_src_ip}
-| | ... | ${dut_tun_ip} | ${tg_tun_ip}
-| | Then Send IPsec Packet and verify ESP encapsulation in received packet
-| | ... | ${tg_node} | ${tg_if} | ${dut_if_mac}
-| | ... | ${encr_alg} | ${encr_key} | ${auth_alg} | ${auth_key} | ${tg_spi}
-| | ... | ${dut_spi} | ${tg_src_ip} | ${dut_src_ip} | ${tg_tun_ip}
-| | ... | ${dut_tun_ip}
-
-| TC10: VPP process ESP packet in Tunnel Mode with AES-CBC-128 encryption and SHA-512-256 integrity
-| | [Documentation]
-| | ... | [Top] TG-DUT1.
-| | ... | [Ref] RFC4303.
-| | ... | [Cfg] On DUT1 configure IPsec manual keyed connection with encryption\
-| | ... | algorithm AES-CBC-128 and integrity algorithm SHA-512-256 in tunnel\
-| | ... | mode.
-| | ... | [Ver] Send and receive ESP packet between TG and VPP node.
-| | [Tags] | SKIP_PATCH
-| | ${encr_alg}= | Crypto Alg AES CBC 128
-| | ${auth_alg}= | Integ Alg SHA 512 256
-| | Given Generate keys for IPSec | ${encr_alg} | ${auth_alg}
-| | When Configure manual keyed connection for IPSec
-| | ... | ${dut_node} | ${dut_if} | ${encr_alg} | ${encr_key} | ${auth_alg}
-| | ... | ${auth_key} | ${dut_spi} | ${tg_spi} | ${dut_src_ip} | ${tg_src_ip}
-| | ... | ${dut_tun_ip} | ${tg_tun_ip}
-| | Then Send IPsec Packet and verify ESP encapsulation in received packet
-| | ... | ${tg_node} | ${tg_if} | ${dut_if_mac}
-| | ... | ${encr_alg} | ${encr_key} | ${auth_alg} | ${auth_key} | ${tg_spi}
-| | ... | ${dut_spi} | ${tg_src_ip} | ${dut_src_ip} | ${tg_tun_ip}
-| | ... | ${dut_tun_ip}
-
-| TC11: VPP process ESP packet in Tunnel Mode with AES-CBC-192 encryption and SHA-512-256 integrity
-| | [Documentation]
-| | ... | [Top] TG-DUT1.
-| | ... | [Ref] RFC4303.
-| | ... | [Cfg] On DUT1 configure IPsec manual keyed connection with encryption\
-| | ... | algorithm AES-CBC-192 and integrity algorithm SHA-512-256 in tunnel\
-| | ... | mode.
-| | ... | [Ver] Send and receive ESP packet between TG and VPP node.
-| | [Tags] | SKIP_PATCH
-| | ${encr_alg}= | Crypto Alg AES CBC 192
-| | ${auth_alg}= | Integ Alg SHA 512 256
-| | Given Generate keys for IPSec | ${encr_alg} | ${auth_alg}
-| | When Configure manual keyed connection for IPSec
-| | ... | ${dut_node} | ${dut_if} | ${encr_alg} | ${encr_key} | ${auth_alg}
-| | ... | ${auth_key} | ${dut_spi} | ${tg_spi} | ${dut_src_ip} | ${tg_src_ip}
-| | ... | ${dut_tun_ip} | ${tg_tun_ip}
-| | Then Send IPsec Packet and verify ESP encapsulation in received packet
-| | ... | ${tg_node} | ${tg_if} | ${dut_if_mac}
-| | ... | ${encr_alg} | ${encr_key} | ${auth_alg} | ${auth_key} | ${tg_spi}
-| | ... | ${dut_spi} | ${tg_src_ip} | ${dut_src_ip} | ${tg_tun_ip}
-| | ... | ${dut_tun_ip}
-
-| TC12: VPP process ESP packet in Tunnel Mode with AES-CBC-256 encryption and SHA-512-256 integrity
-| | [Documentation]
-| | ... | [Top] TG-DUT1.
-| | ... | [Ref] RFC4303.
-| | ... | [Cfg] On DUT1 configure IPsec manual keyed connection with encryption\
-| | ... | algorithm AES-CBC-256 and integrity algorithm SHA-512-256 in tunnel\
-| | ... | mode.
-| | ... | [Ver] Send and receive ESP packet between TG and VPP node.
-| | ${encr_alg}= | Crypto Alg AES CBC 256
-| | ${auth_alg}= | Integ Alg SHA 512 256
-| | Given Generate keys for IPSec | ${encr_alg} | ${auth_alg}
-| | When Configure manual keyed connection for IPSec
-| | ... | ${dut_node} | ${dut_if} | ${encr_alg} | ${encr_key} | ${auth_alg}
-| | ... | ${auth_key} | ${dut_spi} | ${tg_spi} | ${dut_src_ip} | ${tg_src_ip}
-| | ... | ${dut_tun_ip} | ${tg_tun_ip}
-| | Then Send IPsec Packet and verify ESP encapsulation in received packet
-| | ... | ${tg_node} | ${tg_if} | ${dut_if_mac}
-| | ... | ${encr_alg} | ${encr_key} | ${auth_alg} | ${auth_key} | ${tg_spi}
-| | ... | ${dut_spi} | ${tg_src_ip} | ${dut_src_ip} | ${tg_tun_ip}
-| | ... | ${dut_tun_ip}
-
-| TC13: VPP process ESP packet in Tunnel Mode with AES-CBC-128 encryption and SHA1-96 integrity - different encryption alogrithms used
-| | [Documentation]
-| | ... | [Top] TG-DUT1.
-| | ... | [Cfg] On DUT1 configure IPsec manual keyed connection with encryption\
-| | ... | algorithm AES-CBC-128 and integrity algorithm SHA1-96 in tunnel mode.
-| | ... | [Ver] Send an ESP packet encrypted by encryption key different from\
-| | ... | encryption key stored on VPP node from TG to VPP node and expect no\
-| | ... | response to be received on TG.
-| | ... | [Ref] RFC4303.
-| | ${encr_alg}= | Crypto Alg AES CBC 128
-| | ${auth_alg}= | Integ Alg SHA1 96
-| | Given Generate keys for IPSec | ${encr_alg} | ${auth_alg}
-| | ${encr_key2}= | And Get Second Random String | ${encr_alg} | Crypto
-| | When Configure manual keyed connection for IPSec
-| | ... | ${dut_node} | ${dut_if} | ${encr_alg} | ${encr_key} | ${auth_alg}
-| | ... | ${auth_key} | ${dut_spi} | ${tg_spi} | ${dut_src_ip} | ${tg_src_ip}
-| | ... | ${dut_tun_ip} | ${tg_tun_ip}
-| | Then Run Keyword And Expect Error | ESP packet Rx timeout
-| | ... | Send IPsec Packet and verify ESP encapsulation in received packet
-| | ... | ${tg_node} | ${tg_if} | ${dut_if_mac}
-| | ... | ${encr_alg} | ${encr_key2} | ${auth_alg} | ${auth_key} | ${tg_spi}
-| | ... | ${dut_spi} | ${tg_src_ip} | ${dut_src_ip} | ${tg_tun_ip}
-| | ... | ${dut_tun_ip}
-
-| TC14: VPP process ESP packet in Tunnel Mode with AES-CBC-128 encryption and SHA1-96 integrity - different integrity alogrithms used
-| | [Documentation]
-| | ... | [Top] TG-DUT1.
-| | ... | [Cfg] On DUT1 configure IPsec manual keyed connection with encryption\
-| | ... | algorithm AES-CBC-128 and integrity algorithm SHA1-96 in tunnel mode.
-| | ... | [Ver] Send an ESP packet authenticated by integrity key different\
-| | ... | from integrity key stored on VPP node from TG to VPP node and expect\
-| | ... | no response to be received on TG.
-| | ... | [Ref] RFC4303.
-| | ${encr_alg}= | Crypto Alg AES CBC 128
-| | ${auth_alg}= | Integ Alg SHA1 96
-| | Given Generate keys for IPSec | ${encr_alg} | ${auth_alg}
-| | ${auth_key2}= | And Get Second Random String | ${auth_alg} | Integ
-| | When Configure manual keyed connection for IPSec
-| | ... | ${dut_node} | ${dut_if} | ${encr_alg} | ${encr_key} | ${auth_alg}
-| | ... | ${auth_key} | ${dut_spi} | ${tg_spi} | ${dut_src_ip} | ${tg_src_ip}
-| | ... | ${dut_tun_ip} | ${tg_tun_ip}
-| | Then Run Keyword And Expect Error | ESP packet Rx timeout
-| | ... | Send IPsec Packet and verify ESP encapsulation in received packet
-| | ... | ${tg_node} | ${tg_if} | ${dut_if_mac}
-| | ... | ${encr_alg} | ${encr_key} | ${auth_alg} | ${auth_key2} | ${tg_spi}
-| | ... | ${dut_spi} | ${tg_src_ip} | ${dut_src_ip} | ${tg_tun_ip}
-| | ... | ${dut_tun_ip}
-
-| TC15: VPP process ESP packet in Tunnel Mode with AES-CBC-128 encryption and SHA1-96 integrity - different encryption and integrity alogrithms used
-| | [Documentation]
-| | ... | [Top] TG-DUT1.
-| | ... | [Cfg] On DUT1 configure IPsec manual keyed connection with encryption\
-| | ... | algorithm AES-CBC-128 and integrity algorithm SHA1-96 in tunnel mode.
-| | ... | [Ver] Send an ESP packet authenticated by integrity key and encrypted\
-| | ... | by encryption key different from integrity and encryption keys stored\
-| | ... | on VPP node from TG to VPP node and expect no response to be received\
-| | ... | on TG.
-| | ... | [Ref] RFC4303.
-| | ${encr_alg}= | Crypto Alg AES CBC 128
-| | ${auth_alg}= | Integ Alg SHA1 96
-| | Given Generate keys for IPSec | ${encr_alg} | ${auth_alg}
-| | ${encr_key2}= | And Get Second Random String | ${encr_alg} | Crypto
-| | ${auth_key2}= | And Get Second Random String | ${auth_alg} | Integ
-| | When Configure manual keyed connection for IPSec
-| | ... | ${dut_node} | ${dut_if} | ${encr_alg} | ${encr_key} | ${auth_alg}
-| | ... | ${auth_key} | ${dut_spi} | ${tg_spi} | ${dut_src_ip} | ${tg_src_ip}
-| | ... | ${dut_tun_ip} | ${tg_tun_ip}
-| | Then Run Keyword And Expect Error | ESP packet Rx timeout
-| | ... | Send IPsec Packet and verify ESP encapsulation in received packet
-| | ... | ${tg_node} | ${tg_if} | ${dut_if_mac}
-| | ... | ${encr_alg} | ${encr_key2} | ${auth_alg} | ${auth_key2} | ${tg_spi}
-| | ... | ${dut_spi} | ${tg_src_ip} | ${dut_src_ip} | ${tg_tun_ip}
-| | ... | ${dut_tun_ip}
-
-| TC16: VPP process ESP packet in Tunnel Mode with AES-CBC-128 encryption and SHA1-96 integrity with update SA keys
-| | [Documentation]
-| | ... | [Top] TG-DUT1.
-| | ... | [Ref] RFC4303.
-| | ... | [Cfg] On DUT1 configure IPsec manual keyed connection with encryption\
-| | ... | algorithm AES-CBC-128 and integrity algorithm SHA1-96 in tunnel\
-| | ... | mode. Then update SA keys - use new keys.
-| | ... | [Ver] Send and receive ESP packet between TG and VPP node before\
-| | ... | and after SA keys update.
-| | [Tags] | EXPECTED_FAILING
-| | ${encr_alg}= | Crypto Alg AES CBC 128
-| | ${auth_alg}= | Integ Alg SHA1 96
-| | Given Generate keys for IPSec | ${encr_alg} | ${auth_alg}
-| | When Configure manual keyed connection for IPSec
-| | ... | ${dut_node} | ${dut_if} | ${encr_alg} | ${encr_key} | ${auth_alg}
-| | ... | ${auth_key} | ${dut_spi} | ${tg_spi} | ${dut_src_ip} | ${tg_src_ip}
-| | ... | ${dut_tun_ip} | ${tg_tun_ip}
-| | Then Send IPsec Packet and verify ESP encapsulation in received packet
-| | ... | ${tg_node} | ${tg_if} | ${dut_if_mac}
-| | ... | ${encr_alg} | ${encr_key} | ${auth_alg} | ${auth_key} | ${tg_spi}
-| | ... | ${dut_spi} | ${tg_src_ip} | ${dut_src_ip} | ${tg_tun_ip}
-| | ... | ${dut_tun_ip}
-| | ${new_encr_key}= | Given Get Second Random String | ${encr_alg} | Crypto
-| | ${new_auth_key}= | And Get Second Random String | ${auth_alg} | Integ
-| | When Update IPSec SA keys | ${dut_node} | ${l_sa_id} | ${r_sa_id}
-| | ... | ${new_encr_key} | ${new_auth_key}
-| | Then Send IPsec Packet and verify ESP encapsulation in received packet
-| | ... | ${tg_node} | ${tg_if} | ${dut_if_mac}
-| | ... | ${encr_alg} | ${new_encr_key} | ${auth_alg} | ${new_auth_key}
-| | ... | ${tg_spi} | ${dut_spi} | ${tg_src_ip} | ${dut_src_ip} | ${tg_tun_ip}
-| | ... | ${dut_tun_ip}
-
-| TC17: VPP process ESP packet in Tunnel Mode with AES-CBC-128 encryption and SHA1-96 integrity with update SA keys - different encryption alogrithms used
-| | [Documentation]
-| | ... | [Top] TG-DUT1.
-| | ... | [Ref] RFC4303.
-| | ... | [Cfg] On DUT1 configure IPsec manual keyed connection with encryption\
-| | ... | algorithm AES-CBC-128 and integrity algorithm SHA1-96 in tunnel
-| | ... | mode. Then update SA keys - use new keys.
-| | ... | [Ver] Send an ESP packet encrypted by encryption key different from\
-| | ... | encryption key stored on VPP node from TG to VPP node and expect no\
-| | ... | response to be received on TG before and after SA keys update.
-| | ${encr_alg}= | Crypto Alg AES CBC 128
-| | ${auth_alg}= | Integ Alg SHA1 96
-| | Given Generate keys for IPSec | ${encr_alg} | ${auth_alg}
-| | When Configure manual keyed connection for IPSec
-| | ... | ${dut_node} | ${dut_if} | ${encr_alg} | ${encr_key} | ${auth_alg}
-| | ... | ${auth_key} | ${dut_spi} | ${tg_spi} | ${dut_src_ip} | ${tg_src_ip}
-| | ... | ${dut_tun_ip} | ${tg_tun_ip}
-| | ${encr_key2}= | And Get Second Random String | ${encr_alg} | Crypto
-| | Then Run Keyword And Expect Error | ESP packet Rx timeout
-| | ... | Send IPsec Packet and verify ESP encapsulation in received packet
-| | ... | ${tg_node} | ${tg_if} | ${dut_if_mac}
-| | ... | ${encr_alg} | ${encr_key2} | ${auth_alg} | ${auth_key} | ${tg_spi}
-| | ... | ${dut_spi} | ${tg_src_ip} | ${dut_src_ip} | ${tg_tun_ip}
-| | ... | ${dut_tun_ip}
-| | ${new_encr_key}= | Given Get Second Random String | ${encr_alg} | Crypto
-| | ${new_auth_key}= | And Get Second Random String | ${auth_alg} | Integ
-| | When Update IPSec SA keys | ${dut_node} | ${l_sa_id} | ${r_sa_id}
-| | ... | ${new_encr_key} | ${new_auth_key}
-| | Then Run Keyword And Expect Error | ESP packet Rx timeout
-| | ... | Send IPsec Packet and verify ESP encapsulation in received packet
-| | ... | ${tg_node} | ${tg_if} | ${dut_if_mac}
-| | ... | ${encr_alg} | ${encr_key2} | ${auth_alg} | ${new_auth_key} | ${tg_spi}
-| | ... | ${dut_spi} | ${tg_src_ip} | ${dut_src_ip} | ${tg_tun_ip}
-| | ... | ${dut_tun_ip}
-
-| TC18: VPP process ESP packet in Tunnel Mode with AES-CBC-128 encryption and SHA1-96 integrity with update SA keys - different integrity alogrithms used
-| | [Documentation]
-| | ... | [Top] TG-DUT1.
-| | ... | [Ref] RFC4303.
-| | ... | [Cfg] On DUT1 configure IPsec manual keyed connection with encryption\
-| | ... | algorithm AES-CBC-128 and integrity algorithm SHA1-96 in tunnel\
-| | ... | mode. Then update SA keys - use new keys.
-| | ... | [Ver] Send an ESP packet authenticated by integrity key different\
-| | ... | from integrity key stored on VPP node from TG to VPP node and expect\
-| | ... | no response to be received on TG before and after SA keys update.
-| | ${encr_alg}= | Crypto Alg AES CBC 128
-| | ${auth_alg}= | Integ Alg SHA1 96
-| | Given Generate keys for IPSec | ${encr_alg} | ${auth_alg}
-| | When Configure manual keyed connection for IPSec
-| | ... | ${dut_node} | ${dut_if} | ${encr_alg} | ${encr_key} | ${auth_alg}
-| | ... | ${auth_key} | ${dut_spi} | ${tg_spi} | ${dut_src_ip} | ${tg_src_ip}
-| | ... | ${dut_tun_ip} | ${tg_tun_ip}
-| | ${auth_key2}= | And Get Second Random String | ${auth_alg} | Integ
-| | Then Run Keyword And Expect Error | ESP packet Rx timeout
-| | ... | Send IPsec Packet and verify ESP encapsulation in received packet
-| | ... | ${tg_node} | ${tg_if} | ${dut_if_mac}
-| | ... | ${encr_alg} | ${encr_key} | ${auth_alg} | ${auth_key2} | ${tg_spi}
-| | ... | ${dut_spi} | ${tg_src_ip} | ${dut_src_ip} | ${tg_tun_ip}
-| | ... | ${dut_tun_ip}
-| | ${new_encr_key}= | Given Get Second Random String | ${encr_alg} | Crypto
-| | ${new_auth_key}= | And Get Second Random String | ${auth_alg} | Integ
-| | When Update IPSec SA keys | ${dut_node} | ${l_sa_id} | ${r_sa_id}
-| | ... | ${new_encr_key} | ${new_auth_key}
-| | Then Run Keyword And Expect Error | ESP packet Rx timeout
-| | ... | Send IPsec Packet and verify ESP encapsulation in received packet
-| | ... | ${tg_node} | ${tg_if} | ${dut_if_mac}
-| | ... | ${encr_alg} | ${new_encr_key} | ${auth_alg} | ${auth_key2} | ${tg_spi}
-| | ... | ${dut_spi} | ${tg_src_ip} | ${dut_src_ip} | ${tg_tun_ip}
-| | ... | ${dut_tun_ip}
-
-| TC19: VPP process ESP packet in Tunnel Mode with AES-CBC-128 encryption and SHA1-96 integrity with update SA keys - different encryption and integrity alogrithms used
-| | [Documentation]
-| | ... | [Top] TG-DUT1.
-| | ... | [Ref] RFC4303.
-| | ... | [Cfg] On DUT1 configure IPsec manual keyed connection with encryption\
-| | ... | algorithm AES-CBC-128 and integrity algorithm SHA1-96 in tunnel\
-| | ... | mode. Then update SA keys - use new keys.
-| | ... | [Ver] Send an ESP packet authenticated by integrity key and encrypted\
-| | ... | by encryption key different from integrity and encryption keys stored\
-| | ... | on VPP node from TG to VPP node and expect no response to be received\
-| | ... | on TG before and after SA keys update.
-| | ${encr_alg}= | Crypto Alg AES CBC 128
-| | ${auth_alg}= | Integ Alg SHA1 96
-| | Given Generate keys for IPSec | ${encr_alg} | ${auth_alg}
-| | When Configure manual keyed connection for IPSec
-| | ... | ${dut_node} | ${dut_if} | ${encr_alg} | ${encr_key} | ${auth_alg}
-| | ... | ${auth_key} | ${dut_spi} | ${tg_spi} | ${dut_src_ip} | ${tg_src_ip}
-| | ... | ${dut_tun_ip} | ${tg_tun_ip}
-| | ${encr_key2}= | And Get Second Random String | ${encr_alg} | Crypto
-| | ${auth_key2}= | And Get Second Random String | ${auth_alg} | Integ
-| | Then Run Keyword And Expect Error | ESP packet Rx timeout
-| | ... | Send IPsec Packet and verify ESP encapsulation in received packet
-| | ... | ${tg_node} | ${tg_if} | ${dut_if_mac}
-| | ... | ${encr_alg} | ${encr_key2} | ${auth_alg} | ${auth_key2} | ${tg_spi}
-| | ... | ${dut_spi} | ${tg_src_ip} | ${dut_src_ip} | ${tg_tun_ip}
-| | ... | ${dut_tun_ip}
-| | ${new_encr_key}= | Given Get Second Random String | ${encr_alg} | Crypto
-| | ${new_auth_key}= | And Get Second Random String | ${auth_alg} | Integ
-| | When Update IPSec SA keys | ${dut_node} | ${l_sa_id} | ${r_sa_id}
-| | ... | ${new_encr_key} | ${new_auth_key}
-| | Then Run Keyword And Expect Error | ESP packet Rx timeout
-| | ... | Send IPsec Packet and verify ESP encapsulation in received packet
-| | ... | ${tg_node} | ${tg_if} | ${dut_if_mac}
-| | ... | ${encr_alg} | ${encr_key2} | ${auth_alg} | ${auth_key2} | ${tg_spi}
-| | ... | ${dut_spi} | ${tg_src_ip} | ${dut_src_ip} | ${tg_tun_ip}
-| | ... | ${dut_tun_ip}
-
-*** Keywords ***
-| Get Second Random String
-| | [Arguments] | ${req_alg} | ${req_type}
-| | ${req_key_len}= | Run Keyword | Get ${req_type} Alg Key Len | ${req_alg}
-| | ${key}= | Set Variable If | '${req_type}' == 'Crypto' | ${encr_key}
-| | ... | '${req_type}' == 'Integ' | ${auth_key}
-| | :FOR | ${index} | IN RANGE | 100
-| | | ${req_key}= | Generate Random String | ${req_key_len}
-| | | Return From Keyword If | '${req_key}' != '${key}' | ${req_key}
diff --git a/tests/vpp/func/crypto/default/eth2p-ethip4ipsectpt-ip4base-func.robot b/tests/vpp/func/crypto/default/eth2p-ethip4ipsectpt-ip4base-func.robot
deleted file mode 100644
index 009889b2dc..0000000000
--- a/tests/vpp/func/crypto/default/eth2p-ethip4ipsectpt-ip4base-func.robot
+++ /dev/null
@@ -1,488 +0,0 @@
-# Copyright (c) 2016 Cisco and/or its affiliates.
-# Licensed under the Apache License, Version 2.0 (the "License");
-# you may not use this file except in compliance with the License.
-# You may obtain a copy of the License at:
-#
-#     http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS,
-# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# See the License for the specific language governing permissions and
-# limitations under the License.
-
-*** Settings ***
-| Resource | resources/libraries/robot/crypto/ipsec.robot
-| Library | resources.libraries.python.Trace
-| Force Tags | 3_NODE_SINGLE_LINK_TOPO | 3_NODE_DOUBLE_LINK_TOPO
-| ...        | VM_ENV | HW_ENV | SKIP_VPP_PATCH
-| Test Setup | Set up IPv4 IPSec functional test
-| ...
-| Test Teardown | Tear down IPSec functional test | ${dut_node}
-| ...
-| Documentation | *IPv4 IPsec transport mode test suite.*
-| ...
-| ... | *[Top] Network topologies:* TG-DUT1 2-node topology with one link\
-| ... | between nodes.
-| ... | *[Cfg] DUT configuration:* On DUT1 create loopback interface, configure\
-| ... | loopback an physical interface IPv4 addresses, static ARP record, route\
-| ... | and IPsec manual keyed connection in transport mode.
-| ... | *[Ver] TG verification:* ESP packet is sent from TG to DUT1. ESP packet\
-| ... | is received on TG from DUT1.
-| ... | *[Ref] Applicable standard specifications:* RFC4303.
-
-*** Variables ***
-| ${tg_spi}= | ${1000}
-| ${dut_spi}= | ${1001}
-| ${ESP_PROTO}= | ${50}
-| ${tg_if_ip4}= | 192.168.100.2
-| ${dut_if_ip4}= | 192.168.100.3
-| ${tg_lo_ip4}= | 192.168.3.3
-| ${dut_lo_ip4}= | 192.168.4.4
-| ${ip4_plen}= | ${24}
-
-*** Test Cases ***
-| TC01: VPP process ESP packet in Transport Mode with AES-CBC-128 encryption and SHA1-96 integrity
-| | [Documentation]
-| | ... | [Top] TG-DUT1.
-| | ... | [Ref] RFC4303.
-| | ... | [Cfg] On DUT1 configure IPsec manual keyed connection with encryption\
-| | ... | algorithm AES-CBC-128 and integrity algorithm SHA1-96 in transport
-| | ... | mode.
-| | ... | [Ver] Send and receive ESP packet between TG and VPP node.
-| | ${encr_alg}= | Crypto Alg AES CBC 128
-| | ${auth_alg}= | Integ Alg SHA1 96
-| | Given Generate keys for IPSec | ${encr_alg} | ${auth_alg}
-| | When Configure manual keyed connection for IPSec
-| | ... | ${dut_node} | ${dut_if} | ${encr_alg} | ${encr_key} | ${auth_alg}
-| | ... | ${auth_key} | ${dut_spi} | ${tg_spi} | ${dut_tun_ip} | ${tg_tun_ip}
-| | Then Send IPsec Packet and verify ESP encapsulation in received packet
-| | ... | ${tg_node} | ${tg_if} | ${dut_if_mac}
-| | ... | ${encr_alg} | ${encr_key} | ${auth_alg} | ${auth_key} | ${tg_spi}
-| | ... | ${dut_spi} | ${tg_tun_ip} | ${dut_tun_ip}
-
-| TC02: VPP process ESP packet in Transport Mode with AES-CBC-192 encryption and SHA1-96 integrity
-| | [Documentation]
-| | ... | [Top] TG-DUT1.
-| | ... | [Ref] RFC4303.
-| | ... | [Cfg] On DUT1 configure IPsec manual keyed connection with encryption\
-| | ... | algorithm AES-CBC-192 and integrity algorithm SHA1-96 in transport
-| | ... | mode.
-| | ... | [Ver] Send and receive ESP packet between TG and VPP node.
-| | [Tags] | SKIP_PATCH
-| | ${encr_alg}= | Crypto Alg AES CBC 192
-| | ${auth_alg}= | Integ Alg SHA1 96
-| | Given Generate keys for IPSec | ${encr_alg} | ${auth_alg}
-| | When Configure manual keyed connection for IPSec
-| | ... | ${dut_node} | ${dut_if} | ${encr_alg} | ${encr_key} | ${auth_alg}
-| | ... | ${auth_key} | ${dut_spi} | ${tg_spi} | ${dut_tun_ip} | ${tg_tun_ip}
-| | Then Send IPsec Packet and verify ESP encapsulation in received packet
-| | ... | ${tg_node} | ${tg_if} | ${dut_if_mac}
-| | ... | ${encr_alg} | ${encr_key} | ${auth_alg} | ${auth_key} | ${tg_spi}
-| | ... | ${dut_spi} | ${tg_tun_ip} | ${dut_tun_ip}
-
-| TC03: VPP process ESP packet in Transport Mode with AES-CBC-256 encryption and SHA1-96 integrity
-| | [Documentation]
-| | ... | [Top] TG-DUT1.
-| | ... | [Ref] RFC4303.
-| | ... | [Cfg] On DUT1 configure IPsec manual keyed connection with encryption\
-| | ... | algorithm AES-CBC-256 and integrity algorithm SHA1-96 in transport
-| | ... | mode.
-| | ... | [Ver] Send and receive ESP packet between TG and VPP node.
-| | [Tags] | SKIP_PATCH
-| | ${encr_alg}= | Crypto Alg AES CBC 256
-| | ${auth_alg}= | Integ Alg SHA1 96
-| | Given Generate keys for IPSec | ${encr_alg} | ${auth_alg}
-| | When Configure manual keyed connection for IPSec
-| | ... | ${dut_node} | ${dut_if} | ${encr_alg} | ${encr_key} | ${auth_alg}
-| | ... | ${auth_key} | ${dut_spi} | ${tg_spi} | ${dut_tun_ip} | ${tg_tun_ip}
-| | Then Send IPsec Packet and verify ESP encapsulation in received packet
-| | ... | ${tg_node} | ${tg_if} | ${dut_if_mac}
-| | ... | ${encr_alg} | ${encr_key} | ${auth_alg} | ${auth_key} | ${tg_spi}
-| | ... | ${dut_spi} | ${tg_tun_ip} | ${dut_tun_ip}
-
-| TC04: VPP process ESP packet in Transport Mode with AES-CBC-128 encryption and SHA-256-128 integrity
-| | [Documentation]
-| | ... | [Top] TG-DUT1.
-| | ... | [Ref] RFC4303.
-| | ... | [Cfg] On DUT1 configure IPsec manual keyed connection with encryption\
-| | ... | algorithm AES-CBC-128 and integrity algorithm SHA-256-128 in transport
-| | ... | mode.
-| | ... | [Ver] Send and receive ESP packet between TG and VPP node.
-| | [Tags] | SKIP_PATCH
-| | ${encr_alg}= | Crypto Alg AES CBC 128
-| | ${auth_alg}= | Integ Alg SHA 256 128
-| | Given Generate keys for IPSec | ${encr_alg} | ${auth_alg}
-| | When Configure manual keyed connection for IPSec
-| | ... | ${dut_node} | ${dut_if} | ${encr_alg} | ${encr_key} | ${auth_alg}
-| | ... | ${auth_key} | ${dut_spi} | ${tg_spi} | ${dut_tun_ip} | ${tg_tun_ip}
-| | Then Send IPsec Packet and verify ESP encapsulation in received packet
-| | ... | ${tg_node} | ${tg_if} | ${dut_if_mac}
-| | ... | ${encr_alg} | ${encr_key} | ${auth_alg} | ${auth_key} | ${tg_spi}
-| | ... | ${dut_spi} | ${tg_tun_ip} | ${dut_tun_ip}
-
-| TC05: VPP process ESP packet in Transport Mode with AES-CBC-192 encryption and SHA-256-128 integrity
-| | [Documentation]
-| | ... | [Top] TG-DUT1.
-| | ... | [Ref] RFC4303.
-| | ... | [Cfg] On DUT1 configure IPsec manual keyed connection with encryption\
-| | ... | algorithm AES-CBC-192 and integrity algorithm SHA-256-128 in transport
-| | ... | mode.
-| | ... | [Ver] Send and receive ESP packet between TG and VPP node.
-| | ${encr_alg}= | Crypto Alg AES CBC 192
-| | ${auth_alg}= | Integ Alg SHA 256 128
-| | Given Generate keys for IPSec | ${encr_alg} | ${auth_alg}
-| | When Configure manual keyed connection for IPSec
-| | ... | ${dut_node} | ${dut_if} | ${encr_alg} | ${encr_key} | ${auth_alg}
-| | ... | ${auth_key} | ${dut_spi} | ${tg_spi} | ${dut_tun_ip} | ${tg_tun_ip}
-| | Then Send IPsec Packet and verify ESP encapsulation in received packet
-| | ... | ${tg_node} | ${tg_if} | ${dut_if_mac}
-| | ... | ${encr_alg} | ${encr_key} | ${auth_alg} | ${auth_key} | ${tg_spi}
-| | ... | ${dut_spi} | ${tg_tun_ip} | ${dut_tun_ip}
-
-| TC06: VPP process ESP packet in Transport Mode with AES-CBC-256 encryption and SHA-256-128 integrity
-| | [Documentation]
-| | ... | [Top] TG-DUT1.
-| | ... | [Ref] RFC4303.
-| | ... | [Cfg] On DUT1 configure IPsec manual keyed connection with encryption\
-| | ... | algorithm AES-CBC-256 and integrity algorithm SHA-256-128 in transport
-| | ... | mode.
-| | ... | [Ver] Send and receive ESP packet between TG and VPP node.
-| | [Tags] | SKIP_PATCH
-| | ${encr_alg}= | Crypto Alg AES CBC 256
-| | ${auth_alg}= | Integ Alg SHA 256 128
-| | Given Generate keys for IPSec | ${encr_alg} | ${auth_alg}
-| | When Configure manual keyed connection for IPSec
-| | ... | ${dut_node} | ${dut_if} | ${encr_alg} | ${encr_key} | ${auth_alg}
-| | ... | ${auth_key} | ${dut_spi} | ${tg_spi} | ${dut_tun_ip} | ${tg_tun_ip}
-| | Then Send IPsec Packet and verify ESP encapsulation in received packet
-| | ... | ${tg_node} | ${tg_if} | ${dut_if_mac}
-| | ... | ${encr_alg} | ${encr_key} | ${auth_alg} | ${auth_key} | ${tg_spi}
-| | ... | ${dut_spi} | ${tg_tun_ip} | ${dut_tun_ip}
-
-| TC07: VPP process ESP packet in Transport Mode with AES-CBC-128 encryption and SHA-384-192 integrity
-| | [Documentation]
-| | ... | [Top] TG-DUT1.
-| | ... | [Ref] RFC4303.
-| | ... | [Cfg] On DUT1 configure IPsec manual keyed connection with encryption\
-| | ... | algorithm AES-CBC-128 and integrity algorithm SHA-384-192 in transport
-| | ... | mode.
-| | ... | [Ver] Send and receive ESP packet between TG and VPP node.
-| | [Tags] | SKIP_PATCH
-| | ${encr_alg}= | Crypto Alg AES CBC 128
-| | ${auth_alg}= | Integ Alg SHA 384 192
-| | Given Generate keys for IPSec | ${encr_alg} | ${auth_alg}
-| | When Configure manual keyed connection for IPSec
-| | ... | ${dut_node} | ${dut_if} | ${encr_alg} | ${encr_key} | ${auth_alg}
-| | ... | ${auth_key} | ${dut_spi} | ${tg_spi} | ${dut_tun_ip} | ${tg_tun_ip}
-| | Then Send IPsec Packet and verify ESP encapsulation in received packet
-| | ... | ${tg_node} | ${tg_if} | ${dut_if_mac}
-| | ... | ${encr_alg} | ${encr_key} | ${auth_alg} | ${auth_key} | ${tg_spi}
-| | ... | ${dut_spi} | ${tg_tun_ip} | ${dut_tun_ip}
-
-| TC08: VPP process ESP packet in Transport Mode with AES-CBC-192 encryption and SHA-384-192 integrity
-| | [Documentation]
-| | ... | [Top] TG-DUT1.
-| | ... | [Ref] RFC4303.
-| | ... | [Cfg] On DUT1 configure IPsec manual keyed connection with encryption\
-| | ... | algorithm AES-CBC-192 and integrity algorithm SHA-384-192 in transport
-| | ... | mode.
-| | ... | [Ver] Send and receive ESP packet between TG and VPP node.
-| | [Tags] | SKIP_PATCH
-| | ${encr_alg}= | Crypto Alg AES CBC 192
-| | ${auth_alg}= | Integ Alg SHA 384 192
-| | Given Generate keys for IPSec | ${encr_alg} | ${auth_alg}
-| | When Configure manual keyed connection for IPSec
-| | ... | ${dut_node} | ${dut_if} | ${encr_alg} | ${encr_key} | ${auth_alg}
-| | ... | ${auth_key} | ${dut_spi} | ${tg_spi} | ${dut_tun_ip} | ${tg_tun_ip}
-| | Then Send IPsec Packet and verify ESP encapsulation in received packet
-| | ... | ${tg_node} | ${tg_if} | ${dut_if_mac}
-| | ... | ${encr_alg} | ${encr_key} | ${auth_alg} | ${auth_key} | ${tg_spi}
-| | ... | ${dut_spi} | ${tg_tun_ip} | ${dut_tun_ip}
-
-| TC09: VPP process ESP packet in Transport Mode with AES-CBC-256 encryption and SHA-384-192 integrity
-| | [Documentation]
-| | ... | [Top] TG-DUT1.
-| | ... | [Ref] RFC4303.
-| | ... | [Cfg] On DUT1 configure IPsec manual keyed connection with encryption\
-| | ... | algorithm AES-CBC-256 and integrity algorithm SHA-384-192 in transport
-| | ... | mode.
-| | ... | [Ver] Send and receive ESP packet between TG and VPP node.
-| | ${encr_alg}= | Crypto Alg AES CBC 256
-| | ${auth_alg}= | Integ Alg SHA 384 192
-| | Given Generate keys for IPSec | ${encr_alg} | ${auth_alg}
-| | When Configure manual keyed connection for IPSec
-| | ... | ${dut_node} | ${dut_if} | ${encr_alg} | ${encr_key} | ${auth_alg}
-| | ... | ${auth_key} | ${dut_spi} | ${tg_spi} | ${dut_tun_ip} | ${tg_tun_ip}
-| | Then Send IPsec Packet and verify ESP encapsulation in received packet
-| | ... | ${tg_node} | ${tg_if} | ${dut_if_mac}
-| | ... | ${encr_alg} | ${encr_key} | ${auth_alg} | ${auth_key} | ${tg_spi}
-| | ... | ${dut_spi} | ${tg_tun_ip} | ${dut_tun_ip}
-
-| TC10: VPP process ESP packet in Transport Mode with AES-CBC-128 encryption and SHA-512-256 integrity
-| | [Documentation]
-| | ... | [Top] TG-DUT1.
-| | ... | [Ref] RFC4303.
-| | ... | [Cfg] On DUT1 configure IPsec manual keyed connection with encryption\
-| | ... | algorithm AES-CBC-128 and integrity algorithm SHA-512-256 in transport
-| | ... | mode.
-| | ... | [Ver] Send and receive ESP packet between TG and VPP node.
-| | [Tags] | SKIP_PATCH
-| | ${encr_alg}= | Crypto Alg AES CBC 128
-| | ${auth_alg}= | Integ Alg SHA 512 256
-| | Given Generate keys for IPSec | ${encr_alg} | ${auth_alg}
-| | When Configure manual keyed connection for IPSec
-| | ... | ${dut_node} | ${dut_if} | ${encr_alg} | ${encr_key} | ${auth_alg}
-| | ... | ${auth_key} | ${dut_spi} | ${tg_spi} | ${dut_tun_ip} | ${tg_tun_ip}
-| | Then Send IPsec Packet and verify ESP encapsulation in received packet
-| | ... | ${tg_node} | ${tg_if} | ${dut_if_mac}
-| | ... | ${encr_alg} | ${encr_key} | ${auth_alg} | ${auth_key} | ${tg_spi}
-| | ... | ${dut_spi} | ${tg_tun_ip} | ${dut_tun_ip}
-
-| TC11: VPP process ESP packet in Transport Mode with AES-CBC-192 encryption and SHA-512-256 integrity
-| | [Documentation]
-| | ... | [Top] TG-DUT1.
-| | ... | [Ref] RFC4303.
-| | ... | [Cfg] On DUT1 configure IPsec manual keyed connection with encryption\
-| | ... | algorithm AES-CBC-192 and integrity algorithm SHA-512-256 in transport
-| | ... | mode.
-| | ... | [Ver] Send and receive ESP packet between TG and VPP node.
-| | [Tags] | SKIP_PATCH
-| | ${encr_alg}= | Crypto Alg AES CBC 192
-| | ${auth_alg}= | Integ Alg SHA 512 256
-| | Given Generate keys for IPSec | ${encr_alg} | ${auth_alg}
-| | When Configure manual keyed connection for IPSec
-| | ... | ${dut_node} | ${dut_if} | ${encr_alg} | ${encr_key} | ${auth_alg}
-| | ... | ${auth_key} | ${dut_spi} | ${tg_spi} | ${dut_tun_ip} | ${tg_tun_ip}
-| | Then Send IPsec Packet and verify ESP encapsulation in received packet
-| | ... | ${tg_node} | ${tg_if} | ${dut_if_mac}
-| | ... | ${encr_alg} | ${encr_key} | ${auth_alg} | ${auth_key} | ${tg_spi}
-| | ... | ${dut_spi} | ${tg_tun_ip} | ${dut_tun_ip}
-
-| TC12: VPP process ESP packet in Transport Mode with AES-CBC-256 encryption and SHA-512-256 integrity
-| | [Documentation]
-| | ... | [Top] TG-DUT1.
-| | ... | [Ref] RFC4303.
-| | ... | [Cfg] On DUT1 configure IPsec manual keyed connection with encryption\
-| | ... | algorithm AES-CBC-256 and integrity algorithm SHA-512-256 in transport
-| | ... | mode.
-| | ... | [Ver] Send and receive ESP packet between TG and VPP node.
-| | ${encr_alg}= | Crypto Alg AES CBC 256
-| | ${auth_alg}= | Integ Alg SHA 512 256
-| | Given Generate keys for IPSec | ${encr_alg} | ${auth_alg}
-| | When Configure manual keyed connection for IPSec
-| | ... | ${dut_node} | ${dut_if} | ${encr_alg} | ${encr_key} | ${auth_alg}
-| | ... | ${auth_key} | ${dut_spi} | ${tg_spi} | ${dut_tun_ip} | ${tg_tun_ip}
-| | Then Send IPsec Packet and verify ESP encapsulation in received packet
-| | ... | ${tg_node} | ${tg_if} | ${dut_if_mac}
-| | ... | ${encr_alg} | ${encr_key} | ${auth_alg} | ${auth_key} | ${tg_spi}
-| | ... | ${dut_spi} | ${tg_tun_ip} | ${dut_tun_ip}
-
-
-| TC13: VPP process ESP packet in Transport Mode with AES-CBC-128 encryption and SHA1-96 integrity - different encryption alogrithms used
-| | [Documentation]
-| | ... | [Top] TG-DUT1.
-| | ... | [Cfg] On DUT1 configure IPsec manual keyed connection with encryption\
-| | ... | algorithm AES-CBC-128 and integrity algorithm SHA1-96 in transport\
-| | ... | mode.
-| | ... | [Ver] Send an ESP packet encrypted by encryption key different from\
-| | ... | encryption key stored on VPP node from TG to VPP node and expect no\
-| | ... | response to be received on TG.
-| | ... | [Ref] RFC4303.
-| | ${encr_alg}= | Crypto Alg AES CBC 128
-| | ${auth_alg}= | Integ Alg SHA1 96
-| | Given Generate keys for IPSec | ${encr_alg} | ${auth_alg}
-| | ${encr_key2}= | And Get Second Random String | ${encr_alg} | Crypto
-| | When Configure manual keyed connection for IPSec
-| | ... | ${dut_node} | ${dut_if} | ${encr_alg} | ${encr_key} | ${auth_alg}
-| | ... | ${auth_key} | ${dut_spi} | ${tg_spi} | ${dut_tun_ip} | ${tg_tun_ip}
-| | Then Run Keyword And Expect Error | ESP packet Rx timeout
-| | ... | Send IPsec Packet and verify ESP encapsulation in received packet
-| | ... | ${tg_node} | ${tg_if} | ${dut_if_mac}
-| | ... | ${encr_alg} | ${encr_key2} | ${auth_alg} | ${auth_key} | ${tg_spi}
-| | ... | ${dut_spi} | ${tg_tun_ip} | ${dut_tun_ip}
-
-| TC14: VPP process ESP packet in Transport Mode with AES-CBC-128 encryption and SHA1-96 integrity - different integrity alogrithms used
-| | [Documentation]
-| | ... | [Top] TG-DUT1.
-| | ... | [Cfg] On DUT1 configure IPsec manual keyed connection with encryption\
-| | ... | algorithm AES-CBC-128 and integrity algorithm SHA1-96 in transport\
-| | ... | mode.
-| | ... | [Ver] Send an ESP packet authenticated by integrity key different\
-| | ... | from integrity key stored on VPP node from TG to VPP node and expect\
-| | ... | no response to be received on TG.
-| | ... | [Ref] RFC4303.
-| | ${encr_alg}= | Crypto Alg AES CBC 128
-| | ${auth_alg}= | Integ Alg SHA1 96
-| | Given Generate keys for IPSec | ${encr_alg} | ${auth_alg}
-| | ${auth_key2}= | And Get Second Random String | ${auth_alg} | Integ
-| | When Configure manual keyed connection for IPSec
-| | ... | ${dut_node} | ${dut_if} | ${encr_alg} | ${encr_key} | ${auth_alg}
-| | ... | ${auth_key} | ${dut_spi} | ${tg_spi} | ${dut_tun_ip} | ${tg_tun_ip}
-| | Then Run Keyword And Expect Error | ESP packet Rx timeout
-| | ... | Send IPsec Packet and verify ESP encapsulation in received packet
-| | ... | ${tg_node} | ${tg_if} | ${dut_if_mac}
-| | ... | ${encr_alg} | ${encr_key} | ${auth_alg} | ${auth_key2} | ${tg_spi}
-| | ... | ${dut_spi} | ${tg_tun_ip} | ${dut_tun_ip}
-
-| TC15: VPP process ESP packet in Transport Mode with AES-CBC-128 encryption and SHA1-96 integrity - different encryption and integrity alogrithms used
-| | [Documentation]
-| | ... | [Top] TG-DUT1.
-| | ... | [Cfg] On DUT1 configure IPsec manual keyed connection with encryption\
-| | ... | algorithm AES-CBC-128 and integrity algorithm SHA1-96 in transport\
-| | ... | mode.
-| | ... | [Ver] Send an ESP packet authenticated by integrity key and encrypted\
-| | ... | by encryption key different from integrity and encryption keys stored\
-| | ... | on VPP node from TG to VPP node and expect no response to be received\
-| | ... | on TG.
-| | ... | [Ref] RFC4303.
-| | ${encr_alg}= | Crypto Alg AES CBC 128
-| | ${auth_alg}= | Integ Alg SHA1 96
-| | Given Generate keys for IPSec | ${encr_alg} | ${auth_alg}
-| | ${encr_key2}= | And Get Second Random String | ${encr_alg} | Crypto
-| | ${auth_key2}= | And Get Second Random String | ${auth_alg} | Integ
-| | When Configure manual keyed connection for IPSec
-| | ... | ${dut_node} | ${dut_if} | ${encr_alg} | ${encr_key} | ${auth_alg}
-| | ... | ${auth_key} | ${dut_spi} | ${tg_spi} | ${dut_tun_ip} | ${tg_tun_ip}
-| | Then Run Keyword And Expect Error | ESP packet Rx timeout
-| | ... | Send IPsec Packet and verify ESP encapsulation in received packet
-| | ... | ${tg_node} | ${tg_if} | ${dut_if_mac}
-| | ... | ${encr_alg} | ${encr_key2} | ${auth_alg} | ${auth_key2} | ${tg_spi}
-| | ... | ${dut_spi} | ${tg_tun_ip} | ${dut_tun_ip}
-
-| TC16: VPP process ESP packet in Transport Mode with AES-CBC-128 encryption and SHA1-96 integrity with update SA keys
-| | [Documentation]
-| | ... | [Top] TG-DUT1.
-| | ... | [Ref] RFC4303.
-| | ... | [Cfg] On DUT1 configure IPsec manual keyed connection with encryption\
-| | ... | algorithm AES-CBC-128 and integrity algorithm SHA1-96 in transport\
-| | ... | mode. Then update SA keys - use new keys.
-| | ... | [Ver] Send and receive ESP packet between TG and VPP node before\
-| | ... | and after SA keys update.
-| | [Tags] | EXPECTED_FAILING
-| | ${encr_alg}= | Crypto Alg AES CBC 128
-| | ${auth_alg}= | Integ Alg SHA1 96
-| | Given Generate keys for IPSec | ${encr_alg} | ${auth_alg}
-| | When Configure manual keyed connection for IPSec
-| | ... | ${dut_node} | ${dut_if} | ${encr_alg} | ${encr_key} | ${auth_alg}
-| | ... | ${auth_key} | ${dut_spi} | ${tg_spi} | ${dut_tun_ip} | ${tg_tun_ip}
-| | Then Send IPsec Packet and verify ESP encapsulation in received packet
-| | ... | ${tg_node} | ${tg_if} | ${dut_if_mac}
-| | ... | ${encr_alg} | ${encr_key} | ${auth_alg} | ${auth_key} | ${tg_spi}
-| | ... | ${dut_spi} | ${tg_tun_ip} | ${dut_tun_ip}
-| | ${new_encr_key}= | Given Get Second Random String | ${encr_alg} | Crypto
-| | ${new_auth_key}= | And Get Second Random String | ${auth_alg} | Integ
-| | When Update IPSec SA keys | ${dut_node} | ${l_sa_id} | ${r_sa_id}
-| | ... | ${new_encr_key} | ${new_auth_key}
-| | Then Send IPsec Packet and verify ESP encapsulation in received packet
-| | ... | ${tg_node} | ${tg_if} | ${dut_if_mac}
-| | ... | ${encr_alg} | ${new_encr_key} | ${auth_alg} | ${new_auth_key}
-| | ... | ${tg_spi} | ${dut_spi} | ${tg_tun_ip} | ${dut_tun_ip}
-
-| TC17: VPP process ESP packet in Transport Mode with AES-CBC-128 encryption and SHA1-96 integrity with update SA keys - different encryption alogrithms used
-| | [Documentation]
-| | ... | [Top] TG-DUT1.
-| | ... | [Ref] RFC4303.
-| | ... | [Cfg] On DUT1 configure IPsec manual keyed connection with encryption\
-| | ... | algorithm AES-CBC-128 and integrity algorithm SHA1-96 in transport\
-| | ... | mode. Then update SA keys - use new keys.
-| | ... | [Ver] Send an ESP packet encrypted by encryption key different from\
-| | ... | encryption key stored on VPP node from TG to VPP node and expect no\
-| | ... | response to be received on TG before and after SA keys update.
-| | ${encr_alg}= | Crypto Alg AES CBC 128
-| | ${auth_alg}= | Integ Alg SHA1 96
-| | Given Generate keys for IPSec | ${encr_alg} | ${auth_alg}
-| | When Configure manual keyed connection for IPSec
-| | ... | ${dut_node} | ${dut_if} | ${encr_alg} | ${encr_key} | ${auth_alg}
-| | ... | ${auth_key} | ${dut_spi} | ${tg_spi} | ${dut_tun_ip} | ${tg_tun_ip}
-| | ${encr_key2}= | And Get Second Random String | ${encr_alg} | Crypto
-| | Then Run Keyword And Expect Error | ESP packet Rx timeout
-| | ... | Send IPsec Packet and verify ESP encapsulation in received packet
-| | ... | ${tg_node} | ${tg_if} | ${dut_if_mac}
-| | ... | ${encr_alg} | ${encr_key2} | ${auth_alg} | ${auth_key} | ${tg_spi}
-| | ... | ${dut_spi} | ${tg_tun_ip} | ${dut_tun_ip}
-| | ${new_encr_key}= | Given Get Second Random String | ${encr_alg} | Crypto
-| | ${new_auth_key}= | And Get Second Random String | ${auth_alg} | Integ
-| | When Update IPSec SA keys | ${dut_node} | ${l_sa_id} | ${r_sa_id}
-| | ... | ${new_encr_key} | ${new_auth_key}
-| | Then Run Keyword And Expect Error | ESP packet Rx timeout
-| | ... | Send IPsec Packet and verify ESP encapsulation in received packet
-| | ... | ${tg_node} | ${tg_if} | ${dut_if_mac}
-| | ... | ${encr_alg} | ${encr_key2} | ${auth_alg} | ${new_auth_key} | ${tg_spi}
-| | ... | ${dut_spi} | ${tg_tun_ip} | ${dut_tun_ip}
-
-| TC18: VPP process ESP packet in Transport Mode with AES-CBC-128 encryption and SHA1-96 integrity with update SA keys - different integrity alogrithms used
-| | [Documentation]
-| | ... | [Top] TG-DUT1.
-| | ... | [Ref] RFC4303.
-| | ... | [Cfg] On DUT1 configure IPsec manual keyed connection with encryption\
-| | ... | algorithm AES-CBC-128 and integrity algorithm SHA1-96 in transport\
-| | ... | mode. Then update SA keys - use new keys.
-| | ... | [Ver] Send an ESP packet authenticated by integrity key different\
-| | ... | from integrity key stored on VPP node from TG to VPP node and expect\
-| | ... | no response to be received on TG before and after SA keys update.
-| | ${encr_alg}= | Crypto Alg AES CBC 128
-| | ${auth_alg}= | Integ Alg SHA1 96
-| | Given Generate keys for IPSec | ${encr_alg} | ${auth_alg}
-| | When Configure manual keyed connection for IPSec
-| | ... | ${dut_node} | ${dut_if} | ${encr_alg} | ${encr_key} | ${auth_alg}
-| | ... | ${auth_key} | ${dut_spi} | ${tg_spi} | ${dut_tun_ip} | ${tg_tun_ip}
-| | ${auth_key2}= | And Get Second Random String | ${auth_alg} | Integ
-| | Then Run Keyword And Expect Error | ESP packet Rx timeout
-| | ... | Send IPsec Packet and verify ESP encapsulation in received packet
-| | ... | ${tg_node} | ${tg_if} | ${dut_if_mac}
-| | ... | ${encr_alg} | ${encr_key} | ${auth_alg} | ${auth_key2} | ${tg_spi}
-| | ... | ${dut_spi} | ${tg_tun_ip} | ${dut_tun_ip}
-| | ${new_encr_key}= | Given Get Second Random String | ${encr_alg} | Crypto
-| | ${new_auth_key}= | And Get Second Random String | ${auth_alg} | Integ
-| | When Update IPSec SA keys | ${dut_node} | ${l_sa_id} | ${r_sa_id}
-| | ... | ${new_encr_key} | ${new_auth_key}
-| | Then Run Keyword And Expect Error | ESP packet Rx timeout
-| | ... | Send IPsec Packet and verify ESP encapsulation in received packet
-| | ... | ${tg_node} | ${tg_if} | ${dut_if_mac}
-| | ... | ${encr_alg} | ${new_encr_key} | ${auth_alg} | ${auth_key2} | ${tg_spi}
-| | ... | ${dut_spi} | ${tg_tun_ip} | ${dut_tun_ip}
-
-| TC19: VPP process ESP packet in Transport Mode with AES-CBC-128 encryption and SHA1-96 integrity with update SA keys - different encryption and integrity alogrithms used
-| | [Documentation]
-| | ... | [Top] TG-DUT1.
-| | ... | [Ref] RFC4303.
-| | ... | [Cfg] On DUT1 configure IPsec manual keyed connection with encryption\
-| | ... | algorithm AES-CBC-128 and integrity algorithm SHA1-96 in transport\
-| | ... | mode. Then update SA keys - use new keys.
-| | ... | [Ver] Send an ESP packet authenticated by integrity key and encrypted\
-| | ... | by encryption key different from integrity and encryption keys stored\
-| | ... | on VPP node from TG to VPP node and expect no response to be received\
-| | ... | on TG before and after SA keys update.
-| | ${encr_alg}= | Crypto Alg AES CBC 128
-| | ${auth_alg}= | Integ Alg SHA1 96
-| | Given Generate keys for IPSec | ${encr_alg} | ${auth_alg}
-| | When Configure manual keyed connection for IPSec
-| | ... | ${dut_node} | ${dut_if} | ${encr_alg} | ${encr_key} | ${auth_alg}
-| | ... | ${auth_key} | ${dut_spi} | ${tg_spi} | ${dut_tun_ip} | ${tg_tun_ip}
-| | ${encr_key2}= | And Get Second Random String | ${encr_alg} | Crypto
-| | ${auth_key2}= | And Get Second Random String | ${auth_alg} | Integ
-| | Then Run Keyword And Expect Error | ESP packet Rx timeout
-| | ... | Send IPsec Packet and verify ESP encapsulation in received packet
-| | ... | ${tg_node} | ${tg_if} | ${dut_if_mac}
-| | ... | ${encr_alg} | ${encr_key2} | ${auth_alg} | ${auth_key2} | ${tg_spi}
-| | ... | ${dut_spi} | ${tg_tun_ip} | ${dut_tun_ip}
-| | ${new_encr_key}= | Given Get Second Random String | ${encr_alg} | Crypto
-| | ${new_auth_key}= | And Get Second Random String | ${auth_alg} | Integ
-| | When Update IPSec SA keys | ${dut_node} | ${l_sa_id} | ${r_sa_id}
-| | ... | ${new_encr_key} | ${new_auth_key}
-| | Then Run Keyword And Expect Error | ESP packet Rx timeout
-| | ... | Send IPsec Packet and verify ESP encapsulation in received packet
-| | ... | ${tg_node} | ${tg_if} | ${dut_if_mac}
-| | ... | ${encr_alg} | ${encr_key2} | ${auth_alg} | ${auth_key2} | ${tg_spi}
-| | ... | ${dut_spi} | ${tg_tun_ip} | ${dut_tun_ip}
-
-*** Keywords ***
-| Get Second Random String
-| | [Arguments] | ${req_alg} | ${req_type}
-| | ${req_key_len}= | Run Keyword | Get ${req_type} Alg Key Len | ${req_alg}
-| | ${key}= | Set Variable If | '${req_type}' == 'Crypto' | ${encr_key}
-| | ... | '${req_type}' == 'Integ' | ${auth_key}
-| | :FOR | ${index} | IN RANGE | 100
-| | | ${req_key}= | Generate Random String | ${req_key_len}
-| | | Return From Keyword If | '${req_key}' != '${key}' | ${req_key}
diff --git a/tests/vpp/func/crypto/default/eth2p-ethip4ipsectptlispgpe-ip4base-func.robot b/tests/vpp/func/crypto/default/eth2p-ethip4ipsectptlispgpe-ip4base-func.robot
deleted file mode 100644
index f13ccbcb10..0000000000
--- a/tests/vpp/func/crypto/default/eth2p-ethip4ipsectptlispgpe-ip4base-func.robot
+++ /dev/null
@@ -1,272 +0,0 @@
-# Copyright (c) 2016 Cisco and/or its affiliates.
-# Licensed under the Apache License, Version 2.0 (the "License");
-# you may not use this file except in compliance with the License.
-# You may obtain a copy of the License at:
-#
-#     http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS,
-# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# See the License for the specific language governing permissions and
-# limitations under the License.
-
-*** Settings ***
-| Library | resources.libraries.python.topology.Topology
-| Library | resources.libraries.python.NodePath
-| Library | resources.libraries.python.Trace
-| Library | resources.libraries.python.LispUtil
-| Library | resources.libraries.python.VPPUtil
-| Library | resources.libraries.python.IPsecUtil
-| Resource | resources/libraries/robot/shared/traffic.robot
-| Resource | resources/libraries/robot/shared/default.robot
-| Resource | resources/libraries/robot/shared/interfaces.robot
-| Resource | resources/libraries/robot/shared/testing_path.robot
-| Resource | resources/libraries/robot/crypto/ipsec.robot
-| Resource | resources/libraries/robot/vm/qemu.robot
-| Resource | resources/libraries/robot/overlay/lispgpe.robot
-| Resource | resources/libraries/robot/l2/l2_bridge_domain.robot
-| Resource | resources/libraries/robot/overlay/l2lisp.robot
-# Import configuration and test data:
-| Variables | resources/test_data/lisp/ipv4_ipsec_lispgpe_ipv4/ipv4_ipsec_lispgpe_ipv4.py
-| ...
-| Force Tags | 3_NODE_SINGLE_LINK_TOPO | VM_ENV | LISP | SKIP_VPP_PATCH
-| ...
-| Test Setup | Set up functional test
-| ...
-| Test Teardown | Tear down LISP functional test
-| ...
-| Documentation | *IPv4-ip4-ipsec-lispgpe-ip4 - main fib, vrf (gpe_vni-to-vrf)*
-| ...
-| ... | *[Top] Network Topologies:* TG-DUT1-DUT2-TG 3-node circular topology\
-| ... | with single links between nodes.
-| ... | *[Enc] Packet Encapsulations:* ICMPv4-IPv4-IPSec-LISPGPE-IPv4-ICMPv4.
-| ... | *[Cfg] DUT configuration:* Each DUT is configured with LISP and IPsec.\
-| ... | IPsec is in transport mode. Tests cases are for IPsec configured both\
-| ... | on RLOC interface or lisp_gpe0 interface.
-| ... | *[Ver] TG verification:* Packet is send from TG(if1) across the DUT1 to\
-| ... | DUT2 where it is forwarded to TG(if2).
-| ... | *[Ref] Applicable standard specifications:* RFC6830, RFC4303.
-
-*** Variables ***
-| ${dut2_spi}= | ${1000}
-| ${dut1_spi}= | ${1001}
-
-| ${ESP_PROTO}= | ${50}
-
-| ${bid}= | 10
-
-*** Test Cases ***
-| TC01: DUT1 and DUT2 route IPv4 bidirectionally over LISP GPE tunnel using IPsec (transport) on RLOC Int.
-| | [Documentation]
-| | ... | [Top] TG-DUT1-DUT2-TG.
-| | ... | [Enc] Eth-IPv4-IPSec-LISPGPE-IPv4-ICMPv4 on DUT1-DUT2,\
-| | ... | Eth-IPv4-ICMPv4 on TG-DUTn.
-| | ... | [Cfg] Configure IPv4 LISP static adjacencies on DUT1 and DUT2 with\
-| | ... | IPsec in between DUTs.
-| | ... | [Ver] Case: ip4-lispgpe-ipsec-ip4 - main fib
-| | ... | Make TG send ICMPv4 Echo Req between its interfaces across both\
-| | ... | DUTs and LISP GPE tunnel between them; verify IPv4 headers on\
-| | ... | received packets are correct.
-| | ... | [Ref] RFC6830, RFC4303.
-| | ...
-| | [Tags] | EXPECTED_FAILING
-| | ...
-| | ${encr_alg}= | Crypto Alg AES CBC 128
-| | ${auth_alg}= | Integ Alg SHA1 96
-| | Given Setup 3-node Topology
-| | And Add IP Neighbors
-| | And Configure LISP GPE topology in 3-node circular topology
-| | ... | ${dut1_node} | ${dut1_to_dut2} | ${NONE}
-| | ... | ${dut2_node} | ${dut2_to_dut1} | ${NONE}
-| | ... | ${duts_locator_set} | ${dut1_ip4_eid} | ${dut2_ip4_eid}
-| | ... | ${dut1_to_dut2_ip4_static_adjacency}
-| | ... | ${dut2_to_dut1_ip4_static_adjacency}
-| | And Generate keys for IPSec | ${encr_alg} | ${auth_alg}
-| | When Configure manual keyed connection for IPSec
-| | ... | ${dut1_node} | ${dut1_to_dut2} | ${encr_alg} | ${encr_key}
-| | ... | ${auth_alg} | ${auth_key} | ${dut1_spi} | ${dut2_spi}
-| | ... | ${dut1_to_dut2_ip4} | ${dut2_to_dut1_ip4}
-| | And Configure manual keyed connection for IPSec
-| | ... | ${dut2_node} | ${dut2_to_dut1} | ${encr_alg} | ${encr_key}
-| | ... | ${auth_alg} | ${auth_key} | ${dut2_spi} | ${dut1_spi}
-| | ... | ${dut2_to_dut1_ip4} | ${dut1_to_dut2_ip4}
-| | Then Send packet and verify headers
-| | ... | ${tg_node} | ${tg1_ip4} | ${tg2_ip4}
-| | ... | ${tg_to_dut1} | ${tg_to_dut1_mac} | ${dut1_to_tg_mac}
-| | ... | ${tg_to_dut2} | ${dut2_to_tg_mac} | ${tg_to_dut2_mac}
-| | And Send packet and verify headers
-| | ... | ${tg_node} | ${tg2_ip4} | ${tg1_ip4}
-| | ... | ${tg_to_dut2} | ${tg_to_dut2_mac} | ${dut2_to_tg_mac}
-| | ... | ${tg_to_dut1} | ${dut1_to_tg_mac} | ${tg_to_dut1_mac}
-
-| TC02: DUT1 and DUT2 route IPv4 bidirectionally over LISP GPE tunnel using IPsec (transport) lisp_gpe0 Int.
-| | [Documentation]
-| | ... | [Top] TG-DUT1-DUT2-TG.
-| | ... | [Enc] Eth-IPv4-IPSec-LISPGPE-IPv4-ICMPv4 on DUT1-DUT2,\
-| | ... | Eth-IPv4-ICMPv4 on TG-DUTn.
-| | ... | [Cfg] Configure IPv4 LISP static adjacencies on DUT1 and DUT2 with\
-| | ... | IPsec in between DUTs.
-| | ... | [Ver] Case: ip4-ipsec-lispgpe-ip4 - main fib
-| | ... | Make TG send ICMPv4 Echo Req between its interfaces across both\
-| | ... | DUTs and LISP GPE tunnel between them; verify IPv4 headers on\
-| | ... | received packets are correct.
-| | ... | [Ref] RFC6830, RFC4303.
-| | ...
-| | ${encr_alg}= | Crypto Alg AES CBC 128
-| | ${auth_alg}= | Integ Alg SHA1 96
-| | Given Setup 3-node Topology
-| | And Add IP Neighbors
-| | And Configure LISP GPE topology in 3-node circular topology
-| | ... | ${dut1_node} | ${dut1_to_dut2} | ${NONE}
-| | ... | ${dut2_node} | ${dut2_to_dut1} | ${NONE}
-| | ... | ${duts_locator_set} | ${dut1_ip4_eid} | ${dut2_ip4_eid}
-| | ... | ${dut1_to_dut2_ip4_static_adjacency}
-| | ... | ${dut2_to_dut1_ip4_static_adjacency}
-| | ${lisp_if_idx}= | resources.libraries.python.InterfaceUtil.Get sw if index
-| | ... | ${dut1_node} | lisp_gpe0
-| | And Generate keys for IPSec | ${encr_alg} | ${auth_alg}
-| | When Configure manual keyed connection for IPSec
-| | ... | ${dut1_node} | ${lisp_if_idx} | ${encr_alg} | ${encr_key}
-| | ... | ${auth_alg} | ${auth_key} | ${dut1_spi} | ${dut2_spi} | ${tg1_ip4}
-| | ... | ${tg2_ip4}
-| | And Configure manual keyed connection for IPSec
-| | ... | ${dut2_node} | ${lisp_if_idx} | ${encr_alg} | ${encr_key}
-| | ... | ${auth_alg} | ${auth_key} | ${dut2_spi} | ${dut1_spi} | ${tg2_ip4}
-| | ... | ${tg1_ip4}
-| | Then Send packet and verify headers
-| | ... | ${tg_node} | ${tg1_ip4} | ${tg2_ip4}
-| | ... | ${tg_to_dut1} | ${tg_to_dut1_mac} | ${dut1_to_tg_mac}
-| | ... | ${tg_to_dut2} | ${dut2_to_tg_mac} | ${tg_to_dut2_mac}
-| | And Send packet and verify headers
-| | ... | ${tg_node} | ${tg2_ip4} | ${tg1_ip4}
-| | ... | ${tg_to_dut2} | ${tg_to_dut2_mac} | ${dut2_to_tg_mac}
-| | ... | ${tg_to_dut1} | ${dut1_to_tg_mac} | ${tg_to_dut1_mac}
-
-| TC03: DUT1 and DUT2 route IPv4 bidirectionally over LISP GPE tunnel using IPsec (transport) on RLOC Int and VRF on EID is enabled.
-| | [Documentation]
-| | ... | [Top] TG-DUT1-DUT2-TG.
-| | ... | [Enc] Eth-IPv4-IPSec-LISPGPE-IPv4-ICMPv4 on DUT1-DUT2,\
-| | ... | Eth-IPv4-ICMPv4 on TG-DUTn.
-| | ... | [Cfg] Configure IPv4 LISP static adjacencies on DUT1 and DUT2 with\
-| | ... | IPsec in between DUTs.
-| | ... | [Ver] Case: ip4-lispgpe-ipsec-ip4 - vrf, main fib
-| | ... | Make TG send ICMPv4 Echo Req between its interfaces across both\
-| | ... | DUTs and LISP GPE tunnel between them; verify IPv4 headers on\
-| | ... | received packets are correct.
-| | ... | [Ref] RFC6830, RFC4303.
-| | ...
-| | [Tags] | EXPECTED_FAILING
-| | ...
-| | ${encr_alg}= | Crypto Alg AES CBC 128
-| | ${auth_alg}= | Integ Alg SHA1 96
-| | Given Setup 3-node Topology | ${fib_table_1}
-| | And Add IP Neighbors
-| | When Generate keys for IPSec | ${encr_alg} | ${auth_alg}
-| | And Configure LISP GPE topology in 3-node circular topology
-| | ... | ${dut1_node} | ${dut1_to_dut2} | ${NONE}
-| | ... | ${dut2_node} | ${dut2_to_dut1} | ${NONE}
-| | ... | ${duts_locator_set} | ${dut1_ip4_eid} | ${dut2_ip4_eid}
-| | ... | ${dut1_to_dut2_ip4_static_adjacency}
-| | ... | ${dut2_to_dut1_ip4_static_adjacency}
-| | ... | ${dut1_dut2_vni} | ${fib_table_1}
-| | And Configure manual keyed connection for IPSec
-| | ... | ${dut1_node} | ${dut1_to_dut2} | ${encr_alg} | ${encr_key}
-| | ... | ${auth_alg} | ${auth_key} | ${dut1_spi} | ${dut2_spi}
-| | ... | ${dut1_to_dut2_ip4} | ${dut2_to_dut1_ip4}
-| | And Configure manual keyed connection for IPSec
-| | ... | ${dut2_node} | ${dut2_to_dut1} | ${encr_alg} | ${encr_key}
-| | ... | ${auth_alg} | ${auth_key} | ${dut2_spi} | ${dut1_spi}
-| | ... | ${dut2_to_dut1_ip4} | ${dut1_to_dut2_ip4}
-| | Then Send packet and verify headers
-| | ... | ${tg_node} | ${tg1_ip4} | ${tg2_ip4}
-| | ... | ${tg_to_dut1} | ${tg_to_dut1_mac} | ${dut1_to_tg_mac}
-| | ... | ${tg_to_dut2} | ${dut2_to_tg_mac} | ${tg_to_dut2_mac}
-| | And Send packet and verify headers
-| | ... | ${tg_node} | ${tg2_ip4} | ${tg1_ip4}
-| | ... | ${tg_to_dut2} | ${tg_to_dut2_mac} | ${dut2_to_tg_mac}
-| | ... | ${tg_to_dut1} | ${dut1_to_tg_mac} | ${tg_to_dut1_mac}
-
-| TC04: DUT1 and DUT2 route IPv4 bidirectionally over LISP GPE tunnel using IPsec (transport) on lisp_gpe0 Int and VRF is enabled.
-| | [Documentation]
-| | ... | [Top] TG-DUT1-DUT2-TG.
-| | ... | [Enc] Eth-IPv4-IPSec-LISPGPE-IPv4-ICMPv4 on DUT1-DUT2,\
-| | ... | Eth-IPv4-ICMPv4 on TG-DUTn.
-| | ... | [Cfg] Configure IPv4 LISP static adjacencies on DUT1 and DUT2 with\
-| | ... | IPsec in between DUTs.
-| | ... | [Ver] Case: ip4-ipsec-lispgpe-ip4 - vrf, main fib
-| | ... | Make TG send ICMPv4 Echo Req between its interfaces across both\
-| | ... | DUTs and LISP GPE tunnel between them; verify IPv4 headers on\
-| | ... | received packets are correct.
-| | ... | [Ref] RFC6830, RFC4303.
-| | ...
-| | ${encr_alg}= | Crypto Alg AES CBC 128
-| | ${auth_alg}= | Integ Alg SHA1 96
-| | Given Setup 3-node Topology | ${fib_table_1}
-| | And Add IP Neighbors
-| | And Configure LISP GPE topology in 3-node circular topology
-| | ... | ${dut1_node} | ${dut1_to_dut2} | ${NONE}
-| | ... | ${dut2_node} | ${dut2_to_dut1} | ${NONE}
-| | ... | ${duts_locator_set} | ${dut1_ip4_eid} | ${dut2_ip4_eid}
-| | ... | ${dut1_to_dut2_ip4_static_adjacency}
-| | ... | ${dut2_to_dut1_ip4_static_adjacency}
-| | ... | ${dut1_dut2_vni} | ${fib_table_1}
-| | When Generate keys for IPSec | ${encr_alg} | ${auth_alg}
-| | ${lisp_if_idx}= | resources.libraries.python.InterfaceUtil.Get sw if index
-| | ... | ${dut1_node} | lisp_gpe0
-| | And Configure manual keyed connection for IPSec
-| | ... | ${dut1_node} | ${lisp_if_idx} | ${encr_alg} | ${encr_key}
-| | ... | ${auth_alg} | ${auth_key} | ${dut1_spi} | ${dut2_spi} | ${tg1_ip4}
-| | ... | ${tg2_ip4}
-| | And Configure manual keyed connection for IPSec
-| | ... | ${dut2_node} | ${lisp_if_idx} | ${encr_alg} | ${encr_key}
-| | ... | ${auth_alg} | ${auth_key} | ${dut2_spi} | ${dut1_spi} | ${tg2_ip4}
-| | ... | ${tg1_ip4}
-| | Then Send packet and verify headers
-| | ... | ${tg_node} | ${tg1_ip4} | ${tg2_ip4}
-| | ... | ${tg_to_dut1} | ${tg_to_dut1_mac} | ${dut1_to_tg_mac}
-| | ... | ${tg_to_dut2} | ${dut2_to_tg_mac} | ${tg_to_dut2_mac}
-| | And Send packet and verify headers
-| | ... | ${tg_node} | ${tg2_ip4} | ${tg1_ip4}
-| | ... | ${tg_to_dut2} | ${tg_to_dut2_mac} | ${dut2_to_tg_mac}
-| | ... | ${tg_to_dut1} | ${dut1_to_tg_mac} | ${tg_to_dut1_mac}
-
-*** Keywords ***
-| Setup 3-node Topology
-| | [Documentation]
-| | ... | Setup 3-node topology for this test suite. Set all physical\
-| | ... | interfaces up and assing IP adresses to them.\
-| | ... | You can specify fib table ID where the DUT-TG interfaces assign to.\
-| | ... | Default is 0.
-| | ...
-| | [Arguments] | ${fib_table}=0
-| | Configure path in 3-node circular topology
-| | ... | ${nodes['TG']} | ${nodes['DUT1']} | ${nodes['DUT2']} | ${nodes['TG']}
-| | Set interfaces in 3-node circular topology up
-| | And Add Fib Table | ${dut1_node} | ${fib_table}
-| | Assign Interface To Fib Table | ${dut1_node}
-| | ... | ${dut1_to_tg} | ${fib_table}
-| | And Add Fib Table | ${dut2_node} | ${fib_table}
-| | Assign Interface To Fib Table | ${dut2_node}
-| | ... | ${dut2_to_tg} | ${fib_table}
-| | Set Interface Address | ${dut1_node} | ${dut1_to_dut2} | ${dut1_to_dut2_ip4}
-| | ... | ${prefix4}
-| | Set Interface Address | ${dut1_node} | ${dut1_to_tg} | ${dut1_to_tg_ip4}
-| | ... | ${prefix4}
-| | Set Interface Address | ${dut2_node} | ${dut2_to_dut1} | ${dut2_to_dut1_ip4}
-| | ... | ${prefix4}
-| | Set Interface Address | ${dut2_node} | ${dut2_to_tg} | ${dut2_to_tg_ip4}
-| | ... | ${prefix4}
-
-| Add IP Neighbors
-| | [Documentation]
-| | ... | Add IP neighbors to physical interfaces on DUTs.
-| | ...
-| | Add IP Neighbor | ${dut1_node} | ${dut1_to_tg} | ${tg1_ip4}
-| | ... | ${tg_to_dut1_mac}
-| | Add IP Neighbor | ${dut2_node} | ${dut2_to_tg} | ${tg2_ip4}
-| | ... | ${tg_to_dut2_mac}
-| | Add IP Neighbor | ${dut1_node} | ${dut1_to_dut2} | ${dut2_to_dut1_ip4}
-| | ... | ${dut2_to_dut1_mac}
-| | Add IP Neighbor | ${dut2_node} | ${dut2_to_dut1} | ${dut1_to_dut2_ip4}
-| | ... | ${dut1_to_dut2_mac}
diff --git a/tests/vpp/func/crypto/default/eth2p-ethip4ipsectptlispgpe-ip6base-func.robot b/tests/vpp/func/crypto/default/eth2p-ethip4ipsectptlispgpe-ip6base-func.robot
deleted file mode 100644
index 4e1b6973d9..0000000000
--- a/tests/vpp/func/crypto/default/eth2p-ethip4ipsectptlispgpe-ip6base-func.robot
+++ /dev/null
@@ -1,160 +0,0 @@
-# Copyright (c) 2016 Cisco and/or its affiliates.
-# Licensed under the Apache License, Version 2.0 (the "License");
-# you may not use this file except in compliance with the License.
-# You may obtain a copy of the License at:
-#
-#     http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS,
-# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# See the License for the specific language governing permissions and
-# limitations under the License.
-
-*** Settings ***
-| Library | resources.libraries.python.topology.Topology
-| Library | resources.libraries.python.NodePath
-| Library | resources.libraries.python.Trace
-| Library | resources.libraries.python.IPUtil
-| Library | resources.libraries.python.L2Util
-| Library | resources.libraries.python.LispUtil
-| Library | resources.libraries.python.IPsecUtil
-| Library | resources.libraries.python.VatJsonUtil
-| Library | resources.libraries.python.IPv6Setup
-| Library | resources.libraries.python.VPPUtil
-| Library | String
-| Resource | resources/libraries/robot/shared/traffic.robot
-| Resource | resources/libraries/robot/shared/default.robot
-| Resource | resources/libraries/robot/shared/interfaces.robot
-| Resource | resources/libraries/robot/shared/testing_path.robot
-| Resource | resources/libraries/robot/ip/ip6.robot
-| Resource | resources/libraries/robot/crypto/ipsec.robot
-| Resource | resources/libraries/robot/vm/qemu.robot
-| Resource | resources/libraries/robot/overlay/lispgpe.robot
-| Resource | resources/libraries/robot/l2/l2_bridge_domain.robot
-# Import configuration and test data:
-| Variables | resources/test_data/lisp/ipv6_lispgpe_ipv4/ipv6_lispgpe_ipsec_ipv4.py
-| ...
-| Force Tags | 3_NODE_SINGLE_LINK_TOPO | VM_ENV | LISP | SKIP_VPP_PATCH
-| ...
-| Test Setup | Set up functional test
-| ...
-| Test Teardown | Tear down LISP functional test
-| ...
-| Documentation | *IPv6 - ip4-ipsec-lispgpe-ip6 - main fib, vrf, virt2lisp,\
-| ... | phy2lisp*
-| ...
-| ... | *[Top] Network Topologies:* TG-DUT1-DUT2-TG 3-node circular topology\
-| ... | with single links between nodes.
-| ... | *[Enc] Packet Encapsulations:* Eth-IPv4-LISPGPE-IPSec-IPv6-ICMP,\
-| ... | Eth-IPv4-IPSec-LISPGPE-IPv6-ICMP
-| ... | *[Cfg] DUT configuration:* Each DUT is configured with LISP and IPsec.\
-| ... | IPsec is in transport mode. Tests cases are for IPsec configured both\
-| ... | on RLOC interface or lisp_gpe0 interface.
-| ... | *[Ver] TG verification:* Packet is send from TG(if1) across the DUT1 to\
-| ... | DUT2 where it is forwarded to TG(if2).
-| ... | *[Ref] Applicable standard specifications:* RFC6830, RFC4303.
-
-*** Test Cases ***
-| TC01: DUT1 and DUT2 route IPv4 bidirectionally over LISP GPE tunnel using IPsec (transport) on RLOC Int.
-| | [Documentation]
-| | ... | [Top] TG-DUT1-DUT2-TG.
-| | ... | [Enc] Eth-IPv4-LISPGPE-IPSec-IPv6-ICMP on DUT1-DUT2, Eth-IPv6-ICMP\
-| | ... | on TG-DUTn.
-| | ... | [Cfg] Configure IPv6 LISP static adjacencies on DUT1 and DUT2 with\
-| | ... | IPsec in between DUTS.
-| | ... | [Ver] Make TG send ICMPv6 Echo Req between its interfaces across\
-| | ... | both DUTs and LISP GPE tunnel between them; verify IPv6 headers on\
-| | ... | received packets are correct.
-| | ... | [Ref] RFC6830, RFC4303.
-| | ...
-| | [Tags] | EXPECTED_FAILING
-| | ...
-| | ${encr_alg}= | Crypto Alg AES CBC 128
-| | ${auth_alg}= | Integ Alg SHA1 96
-| | Given Setup Topology And Lisp
-| | And Generate keys for IPSec | ${encr_alg} | ${auth_alg}
-| | When Configure manual keyed connection for IPSec
-| | ... | ${dut1_node} | ${dut1_to_dut2} | ${encr_alg} | ${encr_key}
-| | ... | ${auth_alg} | ${auth_key} | ${dut1_spi} | ${dut2_spi}
-| | ... | ${dut1_to_dut2_ip4} | ${dut2_to_dut1_ip4}
-| | And Configure manual keyed connection for IPSec
-| | ... | ${dut2_node} | ${dut2_to_dut1} | ${encr_alg} | ${encr_key}
-| | ... | ${auth_alg} | ${auth_key} | ${dut2_spi} | ${dut1_spi}
-| | ... | ${dut2_to_dut1_ip4} | ${dut1_to_dut2_ip4}
-| | Then Send packet and verify headers
-| | ... | ${tg_node} | ${tg1_ip6} | ${tg2_ip6}
-| | ... | ${tg_to_dut1} | ${tg_to_dut1_mac} | ${dut1_to_tg_mac}
-| | ... | ${tg_to_dut2} | ${dut2_to_tg_mac} | ${tg_to_dut2_mac}
-| | And Send packet and verify headers
-| | ... | ${tg_node} | ${tg2_ip6} | ${tg1_ip6}
-| | ... | ${tg_to_dut2} | ${tg_to_dut2_mac} | ${dut2_to_tg_mac}
-| | ... | ${tg_to_dut1} | ${dut1_to_tg_mac} | ${tg_to_dut1_mac}
-
-| TC02: DUT1 and DUT2 route IPv4 bidirectionally over LISP GPE tunnel using IPsec (transport) on lisp_gpe0 Int.
-| | [Documentation]
-| | ... | [Top] TG-DUT1-DUT2-TG.
-| | ... | [Enc] Eth-IPv4-IPSec-LISPGPE-IPv6-ICMPv6 on DUT1-DUT2, Eth-IPv6-ICMP\
-| | ... | on TG-DUTn.
-| | ... | [Cfg] Configure IPv4 LISP static adjacencies on DUT1 and DUT2 with\
-| | ... | IPsec in between DUTS.
-| | ... | [Ver] Make TG send ICMPv6 Echo Req between its interfaces across\
-| | ... | both DUTs and LISP GPE tunnel between them; verify IPv6 headers on\
-| | ... | received packets are correct.
-| | ... | [Ref] RFC6830, RFC4303.
-| | ...
-| | ${encr_alg}= | Crypto Alg AES CBC 128
-| | ${auth_alg}= | Integ Alg SHA1 96
-| | Given Setup Topology And Lisp
-| | And Generate keys for IPSec | ${encr_alg} | ${auth_alg}
-| | ${lisp_if_idx}= | resources.libraries.python.InterfaceUtil.get sw if index
-| | ... | ${dut1_node} | ${lisp_gpe_int}
-| | When Configure manual keyed connection for IPSec
-| | ... | ${dut1_node} | ${lisp_if_idx} | ${encr_alg} | ${encr_key}
-| | ... | ${auth_alg} | ${auth_key} | ${dut1_spi} | ${dut2_spi}
-| | ... | ${dut1_to_dut2_ip4} | ${dut2_to_dut1_ip4}
-| | And Configure manual keyed connection for IPSec
-| | ... | ${dut2_node} | ${lisp_if_idx} | ${encr_alg} | ${encr_key}
-| | ... | ${auth_alg} | ${auth_key} | ${dut2_spi} | ${dut1_spi}
-| | ... | ${dut2_to_dut1_ip4} | ${dut1_to_dut2_ip4}
-| | Then Send packet and verify headers
-| | ... | ${tg_node} | ${tg1_ip6} | ${tg2_ip6}
-| | ... | ${tg_to_dut1} | ${tg_to_dut1_mac} | ${dut1_to_tg_mac}
-| | ... | ${tg_to_dut2} | ${dut2_to_tg_mac} | ${tg_to_dut2_mac}
-| | And Send packet and verify headers
-| | ... | ${tg_node} | ${tg2_ip6} | ${tg1_ip6}
-| | ... | ${tg_to_dut2} | ${tg_to_dut2_mac} | ${dut2_to_tg_mac}
-| | ... | ${tg_to_dut1} | ${dut1_to_tg_mac} | ${tg_to_dut1_mac}
-
-*** Keywords ***
-| Setup Topology And Lisp
-| | [Documentation] | Setup IPs and neighbors for interfaces on DUT1 and DUT2\
-| | ... | and then setup LISP.
-| | [Arguments] | ${fib_table}=0 | ${vni_table}=0 | ${ip6}=${FALSE}
-| | Configure path in 3-node circular topology
-| | ... | ${nodes['TG']} | ${nodes['DUT1']} | ${nodes['DUT2']} | ${nodes['TG']}
-| | Set interfaces in 3-node circular topology up
-| | Vpp Set If IPv6 Addr | ${dut1_node} | ${dut1_to_dut2} | ${dut1_to_dut2_ip4}
-| | ... | ${prefix4}
-| | Vpp Set If IPv6 Addr | ${dut1_node} | ${dut1_to_tg} | ${dut1_to_tg_ip6}
-| | ... | ${prefix6}
-| | Vpp Set If IPv6 Addr | ${dut2_node} | ${dut2_to_dut1} | ${dut2_to_dut1_ip4}
-| | ... | ${prefix4}
-| | Vpp Set If IPv6 Addr | ${dut2_node} | ${dut2_to_tg} | ${dut2_to_tg_ip6}
-| | ... | ${prefix6}
-| | Add IP Neighbor | ${dut2_node} | ${dut2_to_tg} | ${tg2_ip6}
-| | ... | ${tg_to_dut2_mac}
-| | Add IP Neighbor | ${dut1_node} | ${dut1_to_dut2} | ${dut2_to_dut1_ip4}
-| | ... | ${dut2_to_dut1_mac}
-| | Add IP Neighbor | ${dut2_node} | ${dut2_to_dut1} | ${dut1_to_dut2_ip4}
-| | ... | ${dut1_to_dut2_mac}
-| | Add IP Neighbor | ${dut1_node} | ${dut1_to_tg} | ${tg1_ip6}
-| | ... | ${tg_to_dut1_mac}
-| | Vpp All RA Suppress Link Layer | ${nodes}
-| | Configure LISP GPE topology in 3-node circular topology
-| | ... | ${dut1_node} | ${dut1_to_dut2} | ${NONE}
-| | ... | ${dut2_node} | ${dut2_to_dut1} | ${NONE}
-| | ... | ${duts_locator_set} | ${dut1_ip6_eid} | ${dut2_ip6_eid}
-| | ... | ${dut1_to_dut2_ip_static_adjacency}
-| | ... | ${dut2_to_dut1_ip_static_adjacency}
-| | ... | ${vni_table} | ${fib_table}
diff --git a/tests/vpp/func/crypto/default/eth2p-ethip4ipsectptlispgpe-ip6basevrf-func.robot b/tests/vpp/func/crypto/default/eth2p-ethip4ipsectptlispgpe-ip6basevrf-func.robot
deleted file mode 100644
index 54b6f73dd5..0000000000
--- a/tests/vpp/func/crypto/default/eth2p-ethip4ipsectptlispgpe-ip6basevrf-func.robot
+++ /dev/null
@@ -1,134 +0,0 @@
-# Copyright (c) 2016 Cisco and/or its affiliates.
-# Licensed under the Apache License, Version 2.0 (the "License");
-# you may not use this file except in compliance with the License.
-# You may obtain a copy of the License at:
-#
-#     http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS,
-# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# See the License for the specific language governing permissions and
-# limitations under the License.
-
-*** Settings ***
-| Library | resources.libraries.python.topology.Topology
-| Library | resources.libraries.python.NodePath
-| Library | resources.libraries.python.Trace
-| Library | resources.libraries.python.IPUtil
-| Library | resources.libraries.python.L2Util
-| Library | resources.libraries.python.LispUtil
-| Library | resources.libraries.python.IPsecUtil
-| Library | resources.libraries.python.VatJsonUtil
-| Library | resources.libraries.python.IPv6Setup
-| Library | resources.libraries.python.VPPUtil
-| Library | String
-| Resource | resources/libraries/robot/shared/traffic.robot
-| Resource | resources/libraries/robot/shared/default.robot
-| Resource | resources/libraries/robot/shared/interfaces.robot
-| Resource | resources/libraries/robot/shared/testing_path.robot
-| Resource | resources/libraries/robot/ip/ip6.robot
-| Resource | resources/libraries/robot/crypto/ipsec.robot
-| Resource | resources/libraries/robot/overlay/lispgpe.robot
-| Resource | resources/libraries/robot/l2/l2_bridge_domain.robot
-# Import configuration and test data:
-| Variables | resources/test_data/lisp/ipv6_lispgpe_ipv4/ipv6_lispgpe_ipsec_ipv4.py
-| ...
-| Force Tags | 3_NODE_SINGLE_LINK_TOPO | VM_ENV | LISP | SKIP_VPP_PATCH
-| ...
-| Test Setup | Set up functional test
-| ...
-| Test Teardown | Tear down LISP functional test
-| ...
-| Documentation | *IPv6 - ip4-ipsec-lispgpe-ip6 - main fib, vrf, virt2lisp,\
-| ... | phy2lisp*
-| ...
-| ... | *[Top] Network Topologies:* TG-DUT1-DUT2-TG 3-node circular topology\
-| ... | with single links between nodes.
-| ... | *[Enc] Packet Encapsulations:* Eth-IPv4-LISPGPE-IPSec-IPv6-ICMP,\
-| ... | Eth-IPv4-IPSec-LISPGPE-IPv6-ICMP
-| ... | *[Cfg] DUT configuration:* Each DUT is configured with LISP and IPsec.\
-| ... | IPsec is in transport mode. Tests cases are for IPsec configured both\
-| ... | on RLOC interface or lisp_gpe0 interface.
-| ... | *[Ver] TG verification:* Packet is send from TG(if1) across the DUT1 to\
-| ... | DUT2 where it is forwarded to TG(if2).
-| ... | *[Ref] Applicable standard specifications:* RFC6830, RFC4303.
-
-*** Test Cases ***
-| TC01: DUT1 and DUT2 route IPv6 bidirectionally over LISP GPE tunnel using physical interfaces and VRF is enabled
-| | [Documentation]
-| | ... | [Top] TG-DUT1-DUT2-TG.
-| | ... | [Enc] Eth-IPv4-IPSec-LISPGPE-IPv6-ICMPv6 on DUT1-DUT2,\
-| | ... | Eth-IPv6-ICMPv6, on TG-DUTn.
-| | ... | [Cfg] Configure IPv4 LISP static adjacencies on DUT1 and DUT2 with\
-| | ... | IPsec in between DUTS.
-| | ... | [Ver] Case: ip4-ipsec-lispgpe-ip6 - vrf, phy2lisp
-| | ... | Make TG send ICMPv6 Echo Req between its interfaces across both\
-| | ... | DUTs and LISP GPE tunnel between them; verify IPv6 headers on\
-| | ... | received packets are correct.
-| | ... | [Ref] RFC6830, RFC4303.
-| | ...
-| | [Tags] | EXPECTED_FAILING
-| | ...
-| | ${encr_alg}= | Crypto Alg AES CBC 128
-| | ${auth_alg}= | Integ Alg SHA1 96
-| | Given Configure path in 3-node circular topology
-| | ... | ${nodes['TG']} | ${nodes['DUT1']} | ${nodes['DUT2']} | ${nodes['TG']}
-| | And Set interfaces in 3-node circular topology up
-| | And Add Fib Table | ${dut1_node} | ${fib_table_1} | ip6=${TRUE}
-| | And Add Fib Table | ${dut2_node} | ${fib_table_1} | ip6=${TRUE}
-| | Assign Interface To Fib Table | ${dut1_node}
-| | ... | ${dut1_to_tg} | ${fib_table_1} | ip6=${TRUE}
-| | Assign Interface To Fib Table | ${dut2_node}
-| | ... | ${dut2_to_tg} | ${fib_table_1} | ip6=${TRUE}
-| | And Generate keys for IPSec | ${encr_alg} | ${auth_alg}
-| | When Configure manual keyed connection for IPSec
-| | ... | ${dut1_node} | ${dut1_to_dut2} | ${encr_alg} | ${encr_key}
-| | ... | ${auth_alg} | ${auth_key} | ${dut1_spi} | ${dut2_spi}
-| | ... | ${dut1_to_dut2_ip4} | ${dut2_to_dut1_ip4}
-| | And Configure manual keyed connection for IPSec
-| | ... | ${dut2_node} | ${dut2_to_dut1} | ${encr_alg} | ${encr_key}
-| | ... | ${auth_alg} | ${auth_key} | ${dut2_spi} | ${dut1_spi}
-| | ... | ${dut2_to_dut1_ip4} | ${dut1_to_dut2_ip4}
-| | Setup Topology And Lisp | ${fib_table_1} | ${dut1_dut2_vni}
-| | Then Send packet and verify headers
-| | ... | ${tg_node} | ${tg1_ip6} | ${tg2_ip6}
-| | ... | ${tg_to_dut1} | ${tg_to_dut1_mac} | ${dut1_to_tg_mac}
-| | ... | ${tg_to_dut2} | ${dut2_to_tg_mac} | ${tg_to_dut2_mac}
-| | And Send packet and verify headers
-| | ... | ${tg_node} | ${tg2_ip6} | ${tg1_ip6}
-| | ... | ${tg_to_dut2} | ${tg_to_dut2_mac} | ${dut2_to_tg_mac}
-| | ... | ${tg_to_dut1} | ${dut1_to_tg_mac} | ${tg_to_dut1_mac}
-
-*** Keywords ***
-| Setup Topology And Lisp
-| | [Documentation] | Setup IPs and neighbors for interfaces on DUT1 and DUT2\
-| | ... | and then setup LISP.
-| | [Arguments] | ${fib_table}=0 | ${vni_table}=0 | ${ip6}=${FALSE}
-| | Configure path in 3-node circular topology
-| | ... | ${nodes['TG']} | ${nodes['DUT1']} | ${nodes['DUT2']} | ${nodes['TG']}
-| | Set interfaces in 3-node circular topology up
-| | Vpp Set If IPv6 Addr | ${dut1_node} | ${dut1_to_dut2} | ${dut1_to_dut2_ip4}
-| | ... | ${prefix4}
-| | Vpp Set If IPv6 Addr | ${dut1_node} | ${dut1_to_tg} | ${dut1_to_tg_ip6}
-| | ... | ${prefix6}
-| | Vpp Set If IPv6 Addr | ${dut2_node} | ${dut2_to_dut1} | ${dut2_to_dut1_ip4}
-| | ... | ${prefix4}
-| | Vpp Set If IPv6 Addr | ${dut2_node} | ${dut2_to_tg} | ${dut2_to_tg_ip6}
-| | ... | ${prefix6}
-| | Add IP Neighbor | ${dut2_node} | ${dut2_to_tg} | ${tg2_ip6}
-| | ... | ${tg_to_dut2_mac}
-| | Add IP Neighbor | ${dut1_node} | ${dut1_to_dut2} | ${dut2_to_dut1_ip4}
-| | ... | ${dut2_to_dut1_mac}
-| | Add IP Neighbor | ${dut2_node} | ${dut2_to_dut1} | ${dut1_to_dut2_ip4}
-| | ... | ${dut1_to_dut2_mac}
-| | Add IP Neighbor | ${dut1_node} | ${dut1_to_tg} | ${tg1_ip6}
-| | ... | ${tg_to_dut1_mac}
-| | Vpp All RA Suppress Link Layer | ${nodes}
-| | Configure LISP GPE topology in 3-node circular topology
-| | ... | ${dut1_node} | ${dut1_to_dut2} | ${NONE}
-| | ... | ${dut2_node} | ${dut2_to_dut1} | ${NONE}
-| | ... | ${duts_locator_set} | ${dut1_ip6_eid} | ${dut2_ip6_eid}
-| | ... | ${dut1_to_dut2_ip_static_adjacency}
-| | ... | ${dut2_to_dut1_ip_static_adjacency}
-| | ... | ${vni_table} | ${fib_table}
diff --git a/tests/vpp/func/crypto/default/eth2p-ethip6ipsectnl-ip6base-func.robot b/tests/vpp/func/crypto/default/eth2p-ethip6ipsectnl-ip6base-func.robot
deleted file mode 100644
index b3a81f0653..0000000000
--- a/tests/vpp/func/crypto/default/eth2p-ethip6ipsectnl-ip6base-func.robot
+++ /dev/null
@@ -1,524 +0,0 @@
-# Copyright (c) 2016 Cisco and/or its affiliates.
-# Licensed under the Apache License, Version 2.0 (the "License");
-# you may not use this file except in compliance with the License.
-# You may obtain a copy of the License at:
-#
-#     http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS,
-# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# See the License for the specific language governing permissions and
-# limitations under the License.
-
-*** Settings ***
-| Resource | resources/libraries/robot/crypto/ipsec.robot
-| Library | resources.libraries.python.Trace
-| Force Tags | 3_NODE_SINGLE_LINK_TOPO | 3_NODE_DOUBLE_LINK_TOPO
-| ...        | VM_ENV | HW_ENV | SKIP_VPP_PATCH
-| Test Setup | Set up IPv6 IPSec functional test
-| ...
-| Test Teardown | Tear down IPSec functional test | ${dut_node}
-| ...
-| Documentation | *IPv6 IPsec tunnel mode test suite.*
-| ...
-| ... | *[Top] Network topologies:* TG-DUT1 2-node topology with one link\
-| ... | between nodes.
-| ... | *[Cfg] DUT configuration:* On DUT1 create loopback interface, configure
-| ... | loopback an physical interface IPv6 addresses, static ARP record, route
-| ... | and IPsec manual keyed connection in tunnel mode.
-| ... | *[Ver] TG verification:* ESP packet is sent from TG to DUT1. ESP packet
-| ... | is received on TG from DUT1.
-| ... | *[Ref] Applicable standard specifications:* RFC4303.
-
-*** Variables ***
-| ${tg_spi}= | ${1000}
-| ${dut_spi}= | ${1001}
-| ${ESP_PROTO}= | ${50}
-| ${tg_if_ip6}= | 3ffe:5f::1
-| ${dut_if_ip6}= | 3ffe:5f::2
-| ${tg_lo_ip6}= | 3ffe:60::3
-| ${dut_lo_ip6}= | 3ffe:60::4
-| ${ip6_plen}= | ${64}
-| ${ip6_plen_rt}= | ${128}
-
-*** Test Cases ***
-| TC01: VPP process ESP packet in Tunnel Mode with AES-CBC-128 encryption and SHA1-96 integrity
-| | [Documentation]
-| | ... | [Top] TG-DUT1.
-| | ... | [Ref] RFC4303.
-| | ... | [Cfg] On DUT1 configure IPsec manual keyed connection with encryption\
-| | ... | algorithm AES-CBC-128 and integrity algorithm SHA1-96 in tunnel mode.
-| | ... | [Ver] Send and receive ESP packet between TG and VPP node.
-| | ${encr_alg}= | Crypto Alg AES CBC 128
-| | ${auth_alg}= | Integ Alg SHA1 96
-| | Given Generate keys for IPSec | ${encr_alg} | ${auth_alg}
-| | When Configure manual keyed connection for IPSec
-| | ... | ${dut_node} | ${dut_if} | ${encr_alg} | ${encr_key} | ${auth_alg}
-| | ... | ${auth_key} | ${dut_spi} | ${tg_spi} | ${dut_src_ip} | ${tg_src_ip}
-| | ... | ${dut_tun_ip} | ${tg_tun_ip} | is_ipv6=${TRUE}
-| | Then Send IPsec Packet and verify ESP encapsulation in received packet
-| | ... | ${tg_node} | ${tg_if} | ${dut_if_mac}
-| | ... | ${encr_alg} | ${encr_key} | ${auth_alg} | ${auth_key} | ${tg_spi}
-| | ... | ${dut_spi} | ${tg_src_ip} | ${dut_src_ip} | ${tg_tun_ip}
-| | ... | ${dut_tun_ip}
-
-| TC02: VPP process ESP packet in Tunnel Mode with AES-CBC-192 encryption and SHA1-96 integrity
-| | [Documentation]
-| | ... | [Top] TG-DUT1.
-| | ... | [Ref] RFC4303.
-| | ... | [Cfg] On DUT1 configure IPsec manual keyed connection with encryption\
-| | ... | algorithm AES-CBC-192 and integrity algorithm SHA1-96 in tunnel mode.
-| | ... | [Ver] Send and receive ESP packet between TG and VPP node.
-| | [Tags] | SKIP_PATCH
-| | ${encr_alg}= | Crypto Alg AES CBC 192
-| | ${auth_alg}= | Integ Alg SHA1 96
-| | Given Generate keys for IPSec | ${encr_alg} | ${auth_alg}
-| | When Configure manual keyed connection for IPSec
-| | ... | ${dut_node} | ${dut_if} | ${encr_alg} | ${encr_key} | ${auth_alg}
-| | ... | ${auth_key} | ${dut_spi} | ${tg_spi} | ${dut_src_ip} | ${tg_src_ip}
-| | ... | ${dut_tun_ip} | ${tg_tun_ip} | is_ipv6=${TRUE}
-| | Then Send IPsec Packet and verify ESP encapsulation in received packet
-| | ... | ${tg_node} | ${tg_if} | ${dut_if_mac}
-| | ... | ${encr_alg} | ${encr_key} | ${auth_alg} | ${auth_key} | ${tg_spi}
-| | ... | ${dut_spi} | ${tg_src_ip} | ${dut_src_ip} | ${tg_tun_ip}
-| | ... | ${dut_tun_ip}
-
-| TC03: VPP process ESP packet in Tunnel Mode with AES-CBC-256 encryption and SHA1-96 integrity
-| | [Documentation]
-| | ... | [Top] TG-DUT1.
-| | ... | [Ref] RFC4303.
-| | ... | [Cfg] On DUT1 configure IPsec manual keyed connection with encryption\
-| | ... | algorithm AES-CBC-256 and integrity algorithm SHA1-96 in tunnel mode.
-| | ... | [Ver] Send and receive ESP packet between TG and VPP node.
-| | [Tags] | SKIP_PATCH
-| | ${encr_alg}= | Crypto Alg AES CBC 256
-| | ${auth_alg}= | Integ Alg SHA1 96
-| | Given Generate keys for IPSec | ${encr_alg} | ${auth_alg}
-| | When Configure manual keyed connection for IPSec
-| | ... | ${dut_node} | ${dut_if} | ${encr_alg} | ${encr_key} | ${auth_alg}
-| | ... | ${auth_key} | ${dut_spi} | ${tg_spi} | ${dut_src_ip} | ${tg_src_ip}
-| | ... | ${dut_tun_ip} | ${tg_tun_ip} | is_ipv6=${TRUE}
-| | Then Send IPsec Packet and verify ESP encapsulation in received packet
-| | ... | ${tg_node} | ${tg_if} | ${dut_if_mac}
-| | ... | ${encr_alg} | ${encr_key} | ${auth_alg} | ${auth_key} | ${tg_spi}
-| | ... | ${dut_spi} | ${tg_src_ip} | ${dut_src_ip} | ${tg_tun_ip}
-| | ... | ${dut_tun_ip}
-
-| TC04: VPP process ESP packet in Tunnel Mode with AES-CBC-128 encryption and SHA-256-128 integrity
-| | [Documentation]
-| | ... | [Top] TG-DUT1.
-| | ... | [Ref] RFC4303.
-| | ... | [Cfg] On DUT1 configure IPsec manual keyed connection with encryption\
-| | ... | algorithm AES-CBC-128 and integrity algorithm SHA-256-128 in tunnel\
-| | ... | mode.
-| | ... | [Ver] Send and receive ESP packet between TG and VPP node.
-| | [Tags] | SKIP_PATCH
-| | ${encr_alg}= | Crypto Alg AES CBC 128
-| | ${auth_alg}= | Integ Alg SHA 256 128
-| | Given Generate keys for IPSec | ${encr_alg} | ${auth_alg}
-| | When Configure manual keyed connection for IPSec
-| | ... | ${dut_node} | ${dut_if} | ${encr_alg} | ${encr_key} | ${auth_alg}
-| | ... | ${auth_key} | ${dut_spi} | ${tg_spi} | ${dut_src_ip} | ${tg_src_ip}
-| | ... | ${dut_tun_ip} | ${tg_tun_ip} | is_ipv6=${TRUE}
-| | Then Send IPsec Packet and verify ESP encapsulation in received packet
-| | ... | ${tg_node} | ${tg_if} | ${dut_if_mac}
-| | ... | ${encr_alg} | ${encr_key} | ${auth_alg} | ${auth_key} | ${tg_spi}
-| | ... | ${dut_spi} | ${tg_src_ip} | ${dut_src_ip} | ${tg_tun_ip}
-| | ... | ${dut_tun_ip}
-
-| TC05: VPP process ESP packet in Tunnel Mode with AES-CBC-192 encryption and SHA-256-128 integrity
-| | [Documentation]
-| | ... | [Top] TG-DUT1.
-| | ... | [Ref] RFC4303.
-| | ... | [Cfg] On DUT1 configure IPsec manual keyed connection with encryption\
-| | ... | algorithm AES-CBC-192 and integrity algorithm SHA-256-128 in tunnel\
-| | ... | mode.
-| | ... | [Ver] Send and receive ESP packet between TG and VPP node.
-| | ${encr_alg}= | Crypto Alg AES CBC 192
-| | ${auth_alg}= | Integ Alg SHA 256 128
-| | Given Generate keys for IPSec | ${encr_alg} | ${auth_alg}
-| | When Configure manual keyed connection for IPSec
-| | ... | ${dut_node} | ${dut_if} | ${encr_alg} | ${encr_key} | ${auth_alg}
-| | ... | ${auth_key} | ${dut_spi} | ${tg_spi} | ${dut_src_ip} | ${tg_src_ip}
-| | ... | ${dut_tun_ip} | ${tg_tun_ip} | is_ipv6=${TRUE}
-| | Then Send IPsec Packet and verify ESP encapsulation in received packet
-| | ... | ${tg_node} | ${tg_if} | ${dut_if_mac}
-| | ... | ${encr_alg} | ${encr_key} | ${auth_alg} | ${auth_key} | ${tg_spi}
-| | ... | ${dut_spi} | ${tg_src_ip} | ${dut_src_ip} | ${tg_tun_ip}
-| | ... | ${dut_tun_ip}
-
-| TC06: VPP process ESP packet in Tunnel Mode with AES-CBC-256 encryption and SHA-256-128 integrity
-| | [Documentation]
-| | ... | [Top] TG-DUT1.
-| | ... | [Ref] RFC4303.
-| | ... | [Cfg] On DUT1 configure IPsec manual keyed connection with encryption\
-| | ... | algorithm AES-CBC-256 and integrity algorithm SHA-256-128 in tunnel\
-| | ... | mode.
-| | ... | [Ver] Send and receive ESP packet between TG and VPP node.
-| | [Tags] | SKIP_PATCH
-| | ${encr_alg}= | Crypto Alg AES CBC 256
-| | ${auth_alg}= | Integ Alg SHA 256 128
-| | Given Generate keys for IPSec | ${encr_alg} | ${auth_alg}
-| | When Configure manual keyed connection for IPSec
-| | ... | ${dut_node} | ${dut_if} | ${encr_alg} | ${encr_key} | ${auth_alg}
-| | ... | ${auth_key} | ${dut_spi} | ${tg_spi} | ${dut_src_ip} | ${tg_src_ip}
-| | ... | ${dut_tun_ip} | ${tg_tun_ip} | is_ipv6=${TRUE}
-| | Then Send IPsec Packet and verify ESP encapsulation in received packet
-| | ... | ${tg_node} | ${tg_if} | ${dut_if_mac}
-| | ... | ${encr_alg} | ${encr_key} | ${auth_alg} | ${auth_key} | ${tg_spi}
-| | ... | ${dut_spi} | ${tg_src_ip} | ${dut_src_ip} | ${tg_tun_ip}
-| | ... | ${dut_tun_ip}
-
-| TC07: VPP process ESP packet in Tunnel Mode with AES-CBC-128 encryption and SHA-384-192 integrity
-| | [Documentation]
-| | ... | [Top] TG-DUT1.
-| | ... | [Ref] RFC4303.
-| | ... | [Cfg] On DUT1 configure IPsec manual keyed connection with encryption\
-| | ... | algorithm AES-CBC-128 and integrity algorithm SHA-384-192 in tunnel\
-| | ... | mode.
-| | ... | [Ver] Send and receive ESP packet between TG and VPP node.
-| | [Tags] | SKIP_PATCH
-| | ${encr_alg}= | Crypto Alg AES CBC 128
-| | ${auth_alg}= | Integ Alg SHA 384 192
-| | Given Generate keys for IPSec | ${encr_alg} | ${auth_alg}
-| | When Configure manual keyed connection for IPSec
-| | ... | ${dut_node} | ${dut_if} | ${encr_alg} | ${encr_key} | ${auth_alg}
-| | ... | ${auth_key} | ${dut_spi} | ${tg_spi} | ${dut_src_ip} | ${tg_src_ip}
-| | ... | ${dut_tun_ip} | ${tg_tun_ip} | is_ipv6=${TRUE}
-| | Then Send IPsec Packet and verify ESP encapsulation in received packet
-| | ... | ${tg_node} | ${tg_if} | ${dut_if_mac}
-| | ... | ${encr_alg} | ${encr_key} | ${auth_alg} | ${auth_key} | ${tg_spi}
-| | ... | ${dut_spi} | ${tg_src_ip} | ${dut_src_ip} | ${tg_tun_ip}
-| | ... | ${dut_tun_ip}
-
-| TC08: VPP process ESP packet in Tunnel Mode with AES-CBC-192 encryption and SHA-384-192 integrity
-| | [Documentation]
-| | ... | [Top] TG-DUT1.
-| | ... | [Ref] RFC4303.
-| | ... | [Cfg] On DUT1 configure IPsec manual keyed connection with encryption\
-| | ... | algorithm AES-CBC-192 and integrity algorithm SHA-384-192 in tunnel\
-| | ... | mode.
-| | ... | [Ver] Send and receive ESP packet between TG and VPP node.
-| | [Tags] | SKIP_PATCH
-| | ${encr_alg}= | Crypto Alg AES CBC 192
-| | ${auth_alg}= | Integ Alg SHA 384 192
-| | Given Generate keys for IPSec | ${encr_alg} | ${auth_alg}
-| | When Configure manual keyed connection for IPSec
-| | ... | ${dut_node} | ${dut_if} | ${encr_alg} | ${encr_key} | ${auth_alg}
-| | ... | ${auth_key} | ${dut_spi} | ${tg_spi} | ${dut_src_ip} | ${tg_src_ip}
-| | ... | ${dut_tun_ip} | ${tg_tun_ip} | is_ipv6=${TRUE}
-| | Then Send IPsec Packet and verify ESP encapsulation in received packet
-| | ... | ${tg_node} | ${tg_if} | ${dut_if_mac}
-| | ... | ${encr_alg} | ${encr_key} | ${auth_alg} | ${auth_key} | ${tg_spi}
-| | ... | ${dut_spi} | ${tg_src_ip} | ${dut_src_ip} | ${tg_tun_ip}
-| | ... | ${dut_tun_ip}
-
-| TC09: VPP process ESP packet in Tunnel Mode with AES-CBC-256 encryption and SHA-384-192 integrity
-| | [Documentation]
-| | ... | [Top] TG-DUT1.
-| | ... | [Ref] RFC4303.
-| | ... | [Cfg] On DUT1 configure IPsec manual keyed connection with encryption\
-| | ... | algorithm AES-CBC-256 and integrity algorithm SHA-384-192 in tunnel\
-| | ... | mode.
-| | ... | [Ver] Send and receive ESP packet between TG and VPP node.
-| | ${encr_alg}= | Crypto Alg AES CBC 256
-| | ${auth_alg}= | Integ Alg SHA 384 192
-| | Given Generate keys for IPSec | ${encr_alg} | ${auth_alg}
-| | When Configure manual keyed connection for IPSec
-| | ... | ${dut_node} | ${dut_if} | ${encr_alg} | ${encr_key} | ${auth_alg}
-| | ... | ${auth_key} | ${dut_spi} | ${tg_spi} | ${dut_src_ip} | ${tg_src_ip}
-| | ... | ${dut_tun_ip} | ${tg_tun_ip} | is_ipv6=${TRUE}
-| | Then Send IPsec Packet and verify ESP encapsulation in received packet
-| | ... | ${tg_node} | ${tg_if} | ${dut_if_mac}
-| | ... | ${encr_alg} | ${encr_key} | ${auth_alg} | ${auth_key} | ${tg_spi}
-| | ... | ${dut_spi} | ${tg_src_ip} | ${dut_src_ip} | ${tg_tun_ip}
-| | ... | ${dut_tun_ip}
-
-| TC10: VPP process ESP packet in Tunnel Mode with AES-CBC-128 encryption and SHA-512-256 integrity
-| | [Documentation]
-| | ... | [Top] TG-DUT1.
-| | ... | [Ref] RFC4303.
-| | ... | [Cfg] On DUT1 configure IPsec manual keyed connection with encryption\
-| | ... | algorithm AES-CBC-128 and integrity algorithm SHA-512-256 in tunnel\
-| | ... | mode.
-| | ... | [Ver] Send and receive ESP packet between TG and VPP node.
-| | [Tags] | SKIP_PATCH
-| | ${encr_alg}= | Crypto Alg AES CBC 128
-| | ${auth_alg}= | Integ Alg SHA 512 256
-| | Given Generate keys for IPSec | ${encr_alg} | ${auth_alg}
-| | When Configure manual keyed connection for IPSec
-| | ... | ${dut_node} | ${dut_if} | ${encr_alg} | ${encr_key} | ${auth_alg}
-| | ... | ${auth_key} | ${dut_spi} | ${tg_spi} | ${dut_src_ip} | ${tg_src_ip}
-| | ... | ${dut_tun_ip} | ${tg_tun_ip} | is_ipv6=${TRUE}
-| | Then Send IPsec Packet and verify ESP encapsulation in received packet
-| | ... | ${tg_node} | ${tg_if} | ${dut_if_mac}
-| | ... | ${encr_alg} | ${encr_key} | ${auth_alg} | ${auth_key} | ${tg_spi}
-| | ... | ${dut_spi} | ${tg_src_ip} | ${dut_src_ip} | ${tg_tun_ip}
-| | ... | ${dut_tun_ip}
-
-| TC11: VPP process ESP packet in Tunnel Mode with AES-CBC-192 encryption and SHA-512-256 integrity
-| | [Documentation]
-| | ... | [Top] TG-DUT1.
-| | ... | [Ref] RFC4303.
-| | ... | [Cfg] On DUT1 configure IPsec manual keyed connection with encryption\
-| | ... | algorithm AES-CBC-192 and integrity algorithm SHA-512-256 in tunnel\
-| | ... | mode.
-| | ... | [Ver] Send and receive ESP packet between TG and VPP node.
-| | [Tags] | SKIP_PATCH
-| | ${encr_alg}= | Crypto Alg AES CBC 192
-| | ${auth_alg}= | Integ Alg SHA 512 256
-| | Given Generate keys for IPSec | ${encr_alg} | ${auth_alg}
-| | When Configure manual keyed connection for IPSec
-| | ... | ${dut_node} | ${dut_if} | ${encr_alg} | ${encr_key} | ${auth_alg}
-| | ... | ${auth_key} | ${dut_spi} | ${tg_spi} | ${dut_src_ip} | ${tg_src_ip}
-| | ... | ${dut_tun_ip} | ${tg_tun_ip} | is_ipv6=${TRUE}
-| | Then Send IPsec Packet and verify ESP encapsulation in received packet
-| | ... | ${tg_node} | ${tg_if} | ${dut_if_mac}
-| | ... | ${encr_alg} | ${encr_key} | ${auth_alg} | ${auth_key} | ${tg_spi}
-| | ... | ${dut_spi} | ${tg_src_ip} | ${dut_src_ip} | ${tg_tun_ip}
-| | ... | ${dut_tun_ip}
-
-| TC12: VPP process ESP packet in Tunnel Mode with AES-CBC-256 encryption and SHA-512-256 integrity
-| | [Documentation]
-| | ... | [Top] TG-DUT1.
-| | ... | [Ref] RFC4303.
-| | ... | [Cfg] On DUT1 configure IPsec manual keyed connection with encryption\
-| | ... | algorithm AES-CBC-256 and integrity algorithm SHA-512-256 in tunnel\
-| | ... | mode.
-| | ... | [Ver] Send and receive ESP packet between TG and VPP node.
-| | ${encr_alg}= | Crypto Alg AES CBC 256
-| | ${auth_alg}= | Integ Alg SHA 512 256
-| | Given Generate keys for IPSec | ${encr_alg} | ${auth_alg}
-| | When Configure manual keyed connection for IPSec
-| | ... | ${dut_node} | ${dut_if} | ${encr_alg} | ${encr_key} | ${auth_alg}
-| | ... | ${auth_key} | ${dut_spi} | ${tg_spi} | ${dut_src_ip} | ${tg_src_ip}
-| | ... | ${dut_tun_ip} | ${tg_tun_ip} | is_ipv6=${TRUE}
-| | Then Send IPsec Packet and verify ESP encapsulation in received packet
-| | ... | ${tg_node} | ${tg_if} | ${dut_if_mac}
-| | ... | ${encr_alg} | ${encr_key} | ${auth_alg} | ${auth_key} | ${tg_spi}
-| | ... | ${dut_spi} | ${tg_src_ip} | ${dut_src_ip} | ${tg_tun_ip}
-| | ... | ${dut_tun_ip}
-
-| TC13: VPP process ESP packet in Tunnel Mode with AES-CBC-128 encryption and SHA1-96 integrity - different encryption alogrithms used
-| | [Documentation]
-| | ... | [Top] TG-DUT1.
-| | ... | [Cfg] On DUT1 configure IPsec manual keyed connection with encryption\
-| | ... | algorithm AES-CBC-128 and integrity algorithm SHA1-96 in tunnel mode.
-| | ... | [Ver] Send an ESP packet encrypted by encryption key different from\
-| | ... | encryption key stored on VPP node from TG to VPP node and expect no\
-| | ... | response to be received on TG.
-| | ... | [Ref] RFC4303.
-| | ${encr_alg}= | Crypto Alg AES CBC 128
-| | ${auth_alg}= | Integ Alg SHA1 96
-| | Given Generate keys for IPSec | ${encr_alg} | ${auth_alg}
-| | ${encr_key2}= | And Get Second Random String | ${encr_alg} | Crypto
-| | When Configure manual keyed connection for IPSec
-| | ... | ${dut_node} | ${dut_if} | ${encr_alg} | ${encr_key} | ${auth_alg}
-| | ... | ${auth_key} | ${dut_spi} | ${tg_spi} | ${dut_src_ip} | ${tg_src_ip}
-| | ... | ${dut_tun_ip} | ${tg_tun_ip} | is_ipv6=${TRUE}
-| | Then Run Keyword And Expect Error | ESP packet Rx timeout
-| | ... | Send IPsec Packet and verify ESP encapsulation in received packet
-| | ... | ${tg_node} | ${tg_if} | ${dut_if_mac}
-| | ... | ${encr_alg} | ${encr_key2} | ${auth_alg} | ${auth_key} | ${tg_spi}
-| | ... | ${dut_spi} | ${tg_src_ip} | ${dut_src_ip} | ${tg_tun_ip}
-| | ... | ${dut_tun_ip}
-
-| TC14: VPP process ESP packet in Tunnel Mode with AES-CBC-128 encryption and SHA1-96 integrity - different integrity alogrithms used
-| | [Documentation]
-| | ... | [Top] TG-DUT1.
-| | ... | [Cfg] On DUT1 configure IPsec manual keyed connection with encryption\
-| | ... | algorithm AES-CBC-128 and integrity algorithm SHA1-96 in tunnel mode.
-| | ... | [Ver] Send an ESP packet authenticated by integrity key different\
-| | ... | from integrity key stored on VPP node from TG to VPP node and expect\
-| | ... | no response to be received on TG.
-| | ... | [Ref] RFC4303.
-| | ${encr_alg}= | Crypto Alg AES CBC 128
-| | ${auth_alg}= | Integ Alg SHA1 96
-| | Given Generate keys for IPSec | ${encr_alg} | ${auth_alg}
-| | ${auth_key2}= | And Get Second Random String | ${auth_alg} | Integ
-| | When Configure manual keyed connection for IPSec
-| | ... | ${dut_node} | ${dut_if} | ${encr_alg} | ${encr_key} | ${auth_alg}
-| | ... | ${auth_key} | ${dut_spi} | ${tg_spi} | ${dut_src_ip} | ${tg_src_ip}
-| | ... | ${dut_tun_ip} | ${tg_tun_ip} | is_ipv6=${TRUE}
-| | Then Run Keyword And Expect Error | ESP packet Rx timeout
-| | ... | Send IPsec Packet and verify ESP encapsulation in received packet
-| | ... | ${tg_node} | ${tg_if} | ${dut_if_mac}
-| | ... | ${encr_alg} | ${encr_key} | ${auth_alg} | ${auth_key2} | ${tg_spi}
-| | ... | ${dut_spi} | ${tg_src_ip} | ${dut_src_ip} | ${tg_tun_ip}
-| | ... | ${dut_tun_ip}
-
-| TC15: VPP process ESP packet in Tunnel Mode with AES-CBC-128 encryption and SHA1-96 integrity - different encryption and integrity alogrithms used
-| | [Documentation]
-| | ... | [Top] TG-DUT1.
-| | ... | [Cfg] On DUT1 configure IPsec manual keyed connection with encryption\
-| | ... | algorithm AES-CBC-128 and integrity algorithm SHA1-96 in tunnel mode.
-| | ... | [Ver] Send an ESP packet authenticated by integrity key and encrypted\
-| | ... | by encryption key different from integrity and encryption keys stored\
-| | ... | on VPP node from TG to VPP node and expect no response to be received\
-| | ... | on TG.
-| | ... | [Ref] RFC4303.
-| | ${encr_alg}= | Crypto Alg AES CBC 128
-| | ${auth_alg}= | Integ Alg SHA1 96
-| | Given Generate keys for IPSec | ${encr_alg} | ${auth_alg}
-| | ${encr_key2}= | And Get Second Random String | ${encr_alg} | Crypto
-| | ${auth_key2}= | And Get Second Random String | ${auth_alg} | Integ
-| | When Configure manual keyed connection for IPSec
-| | ... | ${dut_node} | ${dut_if} | ${encr_alg} | ${encr_key} | ${auth_alg}
-| | ... | ${auth_key} | ${dut_spi} | ${tg_spi} | ${dut_src_ip} | ${tg_src_ip}
-| | ... | ${dut_tun_ip} | ${tg_tun_ip} | is_ipv6=${TRUE}
-| | Then Run Keyword And Expect Error | ESP packet Rx timeout
-| | ... | Send IPsec Packet and verify ESP encapsulation in received packet
-| | ... | ${tg_node} | ${tg_if} | ${dut_if_mac}
-| | ... | ${encr_alg} | ${encr_key2} | ${auth_alg} | ${auth_key2} | ${tg_spi}
-| | ... | ${dut_spi} | ${tg_src_ip} | ${dut_src_ip} | ${tg_tun_ip}
-| | ... | ${dut_tun_ip}
-
-| TC16: VPP process ESP packet in Tunnel Mode with AES-CBC-128 encryption and SHA1-96 integrity with update SA keys
-| | [Documentation]
-| | ... | [Top] TG-DUT1.
-| | ... | [Ref] RFC4303.
-| | ... | [Cfg] On DUT1 configure IPsec manual keyed connection with encryption\
-| | ... | algorithm AES-CBC-128 and integrity algorithm SHA1-96 in tunnel\
-| | ... | mode. Then update SA keys - use new keys.
-| | ... | [Ver] Send and receive ESP packet between TG and VPP node before\
-| | ... | and after SA keys update.
-| | [Tags] | EXPECTED_FAILING
-| | ${encr_alg}= | Crypto Alg AES CBC 128
-| | ${auth_alg}= | Integ Alg SHA1 96
-| | Given Generate keys for IPSec | ${encr_alg} | ${auth_alg}
-| | When Configure manual keyed connection for IPSec
-| | ... | ${dut_node} | ${dut_if} | ${encr_alg} | ${encr_key} | ${auth_alg}
-| | ... | ${auth_key} | ${dut_spi} | ${tg_spi} | ${dut_src_ip} | ${tg_src_ip}
-| | ... | ${dut_tun_ip} | ${tg_tun_ip} | is_ipv6=${TRUE}
-| | Then Send IPsec Packet and verify ESP encapsulation in received packet
-| | ... | ${tg_node} | ${tg_if} | ${dut_if_mac}
-| | ... | ${encr_alg} | ${encr_key} | ${auth_alg} | ${auth_key} | ${tg_spi}
-| | ... | ${dut_spi} | ${tg_src_ip} | ${dut_src_ip} | ${tg_tun_ip}
-| | ... | ${dut_tun_ip}
-| | ${new_encr_key}= | Given Get Second Random String | ${encr_alg} | Crypto
-| | ${new_auth_key}= | And Get Second Random String | ${auth_alg} | Integ
-| | When Update IPSec SA keys | ${dut_node} | ${l_sa_id} | ${r_sa_id}
-| | ... | ${new_encr_key} | ${new_auth_key}
-| | Then Send IPsec Packet and verify ESP encapsulation in received packet
-| | ... | ${tg_node} | ${tg_if} | ${dut_if_mac}
-| | ... | ${encr_alg} | ${new_encr_key} | ${auth_alg} | ${new_auth_key}
-| | ... | ${tg_spi} | ${dut_spi} | ${tg_src_ip} | ${dut_src_ip} | ${tg_tun_ip}
-| | ... | ${dut_tun_ip}
-
-| TC17: VPP process ESP packet in Tunnel Mode with AES-CBC-128 encryption and SHA1-96 integrity with update SA keys - different encryption alogrithms used
-| | [Documentation]
-| | ... | [Top] TG-DUT1.
-| | ... | [Ref] RFC4303.
-| | ... | [Cfg] On DUT1 configure IPsec manual keyed connection with encryption\
-| | ... | algorithm AES-CBC-128 and integrity algorithm SHA1-96 in tunnel
-| | ... | mode. Then update SA keys - use new keys.
-| | ... | [Ver] Send an ESP packet encrypted by encryption key different from\
-| | ... | encryption key stored on VPP node from TG to VPP node and expect no\
-| | ... | response to be received on TG before and after SA keys update.
-| | ${encr_alg}= | Crypto Alg AES CBC 128
-| | ${auth_alg}= | Integ Alg SHA1 96
-| | Given Generate keys for IPSec | ${encr_alg} | ${auth_alg}
-| | When Configure manual keyed connection for IPSec
-| | ... | ${dut_node} | ${dut_if} | ${encr_alg} | ${encr_key} | ${auth_alg}
-| | ... | ${auth_key} | ${dut_spi} | ${tg_spi} | ${dut_src_ip} | ${tg_src_ip}
-| | ... | ${dut_tun_ip} | ${tg_tun_ip} | is_ipv6=${TRUE}
-| | ${encr_key2}= | And Get Second Random String | ${encr_alg} | Crypto
-| | Then Run Keyword And Expect Error | ESP packet Rx timeout
-| | ... | Send IPsec Packet and verify ESP encapsulation in received packet
-| | ... | ${tg_node} | ${tg_if} | ${dut_if_mac}
-| | ... | ${encr_alg} | ${encr_key2} | ${auth_alg} | ${auth_key} | ${tg_spi}
-| | ... | ${dut_spi} | ${tg_src_ip} | ${dut_src_ip} | ${tg_tun_ip}
-| | ... | ${dut_tun_ip}
-| | ${new_encr_key}= | Given Get Second Random String | ${encr_alg} | Crypto
-| | ${new_auth_key}= | And Get Second Random String | ${auth_alg} | Integ
-| | When Update IPSec SA keys | ${dut_node} | ${l_sa_id} | ${r_sa_id}
-| | ... | ${new_encr_key} | ${new_auth_key}
-| | Then Run Keyword And Expect Error | ESP packet Rx timeout
-| | ... | Send IPsec Packet and verify ESP encapsulation in received packet
-| | ... | ${tg_node} | ${tg_if} | ${dut_if_mac}
-| | ... | ${encr_alg} | ${encr_key2} | ${auth_alg} | ${new_auth_key} | ${tg_spi}
-| | ... | ${dut_spi} | ${tg_src_ip} | ${dut_src_ip} | ${tg_tun_ip}
-| | ... | ${dut_tun_ip}
-
-| TC18: VPP process ESP packet in Tunnel Mode with AES-CBC-128 encryption and SHA1-96 integrity with update SA keys - different integrity alogrithms used
-| | [Documentation]
-| | ... | [Top] TG-DUT1.
-| | ... | [Ref] RFC4303.
-| | ... | [Cfg] On DUT1 configure IPsec manual keyed connection with encryption\
-| | ... | algorithm AES-CBC-128 and integrity algorithm SHA1-96 in tunnel\
-| | ... | mode. Then update SA keys - use new keys.
-| | ... | [Ver] Send an ESP packet authenticated by integrity key different\
-| | ... | from integrity key stored on VPP node from TG to VPP node and expect\
-| | ... | no response to be received on TG before and after SA keys update.
-| | ${encr_alg}= | Crypto Alg AES CBC 128
-| | ${auth_alg}= | Integ Alg SHA1 96
-| | Given Generate keys for IPSec | ${encr_alg} | ${auth_alg}
-| | When Configure manual keyed connection for IPSec
-| | ... | ${dut_node} | ${dut_if} | ${encr_alg} | ${encr_key} | ${auth_alg}
-| | ... | ${auth_key} | ${dut_spi} | ${tg_spi} | ${dut_src_ip} | ${tg_src_ip}
-| | ... | ${dut_tun_ip} | ${tg_tun_ip} | is_ipv6=${TRUE}
-| | ${auth_key2}= | And Get Second Random String | ${auth_alg} | Integ
-| | Then Run Keyword And Expect Error | ESP packet Rx timeout
-| | ... | Send IPsec Packet and verify ESP encapsulation in received packet
-| | ... | ${tg_node} | ${tg_if} | ${dut_if_mac}
-| | ... | ${encr_alg} | ${encr_key} | ${auth_alg} | ${auth_key2} | ${tg_spi}
-| | ... | ${dut_spi} | ${tg_src_ip} | ${dut_src_ip} | ${tg_tun_ip}
-| | ... | ${dut_tun_ip}
-| | ${new_encr_key}= | Given Get Second Random String | ${encr_alg} | Crypto
-| | ${new_auth_key}= | And Get Second Random String | ${auth_alg} | Integ
-| | When Update IPSec SA keys | ${dut_node} | ${l_sa_id} | ${r_sa_id}
-| | ... | ${new_encr_key} | ${new_auth_key}
-| | Then Run Keyword And Expect Error | ESP packet Rx timeout
-| | ... | Send IPsec Packet and verify ESP encapsulation in received packet
-| | ... | ${tg_node} | ${tg_if} | ${dut_if_mac}
-| | ... | ${encr_alg} | ${new_encr_key} | ${auth_alg} | ${auth_key2} | ${tg_spi}
-| | ... | ${dut_spi} | ${tg_src_ip} | ${dut_src_ip} | ${tg_tun_ip}
-| | ... | ${dut_tun_ip}
-
-| TC19: VPP process ESP packet in Tunnel Mode with AES-CBC-128 encryption and SHA1-96 integrity with update SA keys - different encryption and integrity alogrithms used
-| | [Documentation]
-| | ... | [Top] TG-DUT1.
-| | ... | [Ref] RFC4303.
-| | ... | [Cfg] On DUT1 configure IPsec manual keyed connection with encryption\
-| | ... | algorithm AES-CBC-128 and integrity algorithm SHA1-96 in tunnel\
-| | ... | mode. Then update SA keys - use new keys.
-| | ... | [Ver] Send an ESP packet authenticated by integrity key and encrypted\
-| | ... | by encryption key different from integrity and encryption keys stored\
-| | ... | on VPP node from TG to VPP node and expect no response to be received\
-| | ... | on TG before and after SA keys update.
-| | ${encr_alg}= | Crypto Alg AES CBC 128
-| | ${auth_alg}= | Integ Alg SHA1 96
-| | Given Generate keys for IPSec | ${encr_alg} | ${auth_alg}
-| | When Configure manual keyed connection for IPSec
-| | ... | ${dut_node} | ${dut_if} | ${encr_alg} | ${encr_key} | ${auth_alg}
-| | ... | ${auth_key} | ${dut_spi} | ${tg_spi} | ${dut_src_ip} | ${tg_src_ip}
-| | ... | ${dut_tun_ip} | ${tg_tun_ip} | is_ipv6=${TRUE}
-| | ${encr_key2}= | And Get Second Random String | ${encr_alg} | Crypto
-| | ${auth_key2}= | And Get Second Random String | ${auth_alg} | Integ
-| | Then Run Keyword And Expect Error | ESP packet Rx timeout
-| | ... | Send IPsec Packet and verify ESP encapsulation in received packet
-| | ... | ${tg_node} | ${tg_if} | ${dut_if_mac}
-| | ... | ${encr_alg} | ${encr_key2} | ${auth_alg} | ${auth_key2} | ${tg_spi}
-| | ... | ${dut_spi} | ${tg_src_ip} | ${dut_src_ip} | ${tg_tun_ip}
-| | ... | ${dut_tun_ip}
-| | ${new_encr_key}= | Given Get Second Random String | ${encr_alg} | Crypto
-| | ${new_auth_key}= | And Get Second Random String | ${auth_alg} | Integ
-| | When Update IPSec SA keys | ${dut_node} | ${l_sa_id} | ${r_sa_id}
-| | ... | ${new_encr_key} | ${new_auth_key}
-| | Then Run Keyword And Expect Error | ESP packet Rx timeout
-| | ... | Send IPsec Packet and verify ESP encapsulation in received packet
-| | ... | ${tg_node} | ${tg_if} | ${dut_if_mac}
-| | ... | ${encr_alg} | ${encr_key2} | ${auth_alg} | ${auth_key2} | ${tg_spi}
-| | ... | ${dut_spi} | ${tg_src_ip} | ${dut_src_ip} | ${tg_tun_ip}
-| | ... | ${dut_tun_ip}
-
-*** Keywords ***
-| Get Second Random String
-| | [Arguments] | ${req_alg} | ${req_type}
-| | ${req_key_len}= | Run Keyword | Get ${req_type} Alg Key Len | ${req_alg}
-| | ${key}= | Set Variable If | '${req_type}' == 'Crypto' | ${encr_key}
-| | ... | '${req_type}' == 'Integ' | ${auth_key}
-| | :FOR | ${index} | IN RANGE | 100
-| | | ${req_key}= | Generate Random String | ${req_key_len}
-| | | Return From Keyword If | '${req_key}' != '${key}' | ${req_key}
diff --git a/tests/vpp/func/crypto/default/eth2p-ethip6ipsectpt-ip6base-func.robot b/tests/vpp/func/crypto/default/eth2p-ethip6ipsectpt-ip6base-func.robot
deleted file mode 100644
index 276732f077..0000000000
--- a/tests/vpp/func/crypto/default/eth2p-ethip6ipsectpt-ip6base-func.robot
+++ /dev/null
@@ -1,507 +0,0 @@
-# Copyright (c) 2016 Cisco and/or its affiliates.
-# Licensed under the Apache License, Version 2.0 (the "License");
-# you may not use this file except in compliance with the License.
-# You may obtain a copy of the License at:
-#
-#     http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS,
-# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# See the License for the specific language governing permissions and
-# limitations under the License.
-
-*** Settings ***
-| Resource | resources/libraries/robot/crypto/ipsec.robot
-| Library | resources.libraries.python.Trace
-| Force Tags | 3_NODE_SINGLE_LINK_TOPO | 3_NODE_DOUBLE_LINK_TOPO
-| ...        | VM_ENV | HW_ENV | SKIP_VPP_PATCH
-| Test Setup | Set up IPv6 IPSec functional test
-| ...
-| Test Teardown | Tear down IPSec functional test | ${dut_node}
-| ...
-| Documentation | *IPv6 IPsec transport mode test suite.*
-| ...
-| ... | *[Top] Network topologies:* TG-DUT1 2-node topology with one link\
-| ... | between nodes.
-| ... | *[Cfg] DUT configuration:* On DUT1 create loopback interface, configure
-| ... | loopback an physical interface IPv6 addresses, static ARP record, route
-| ... | and IPsec manual keyed connection in transport mode.
-| ... | *[Ver] TG verification:* ESP packet is sent from TG to DUT1. ESP packet
-| ... | is received on TG from DUT1.
-| ... | *[Ref] Applicable standard specifications:* RFC4303.
-
-*** Variables ***
-| ${tg_spi}= | ${1000}
-| ${dut_spi}= | ${1001}
-| ${ESP_PROTO}= | ${50}
-| ${tg_if_ip6}= | 3ffe:5f::1
-| ${dut_if_ip6}= | 3ffe:5f::2
-| ${tg_lo_ip6}= | 3ffe:60::3
-| ${dut_lo_ip6}= | 3ffe:60::4
-| ${ip6_plen}= | ${64}
-| ${ip6_plen_rt}= | ${128}
-
-*** Test Cases ***
-| TC01: VPP process ESP packet in Transport Mode with AES-CBC-128 encryption and SHA1-96 integrity
-| | [Documentation]
-| | ... | [Top] TG-DUT1.
-| | ... | [Ref] RFC4303.
-| | ... | [Cfg] On DUT1 configure IPsec manual keyed connection with encryption\
-| | ... | algorithm AES-CBC-128 and integrity algorithm SHA1-96 in transport
-| | ... | mode.
-| | ... | [Ver] Send and receive ESP packet between TG and VPP node.
-| | ${encr_alg}= | Crypto Alg AES CBC 128
-| | ${auth_alg}= | Integ Alg SHA1 96
-| | Given Generate keys for IPSec | ${encr_alg} | ${auth_alg}
-| | When Configure manual keyed connection for IPSec
-| | ... | ${dut_node} | ${dut_if} | ${encr_alg} | ${encr_key} | ${auth_alg}
-| | ... | ${auth_key} | ${dut_spi} | ${tg_spi} | ${dut_tun_ip} | ${tg_tun_ip}
-| | ... | is_ipv6=${TRUE}
-| | Then Send IPsec Packet and verify ESP encapsulation in received packet
-| | ... | ${tg_node} | ${tg_if} | ${dut_if_mac}
-| | ... | ${encr_alg} | ${encr_key} | ${auth_alg} | ${auth_key} | ${tg_spi}
-| | ... | ${dut_spi} | ${tg_tun_ip} | ${dut_tun_ip}
-
-| TC02: VPP process ESP packet in Transport Mode with AES-CBC-192 encryption and SHA1-96 integrity
-| | [Documentation]
-| | ... | [Top] TG-DUT1.
-| | ... | [Ref] RFC4303.
-| | ... | [Cfg] On DUT1 configure IPsec manual keyed connection with encryption\
-| | ... | algorithm AES-CBC-192 and integrity algorithm SHA1-96 in transport
-| | ... | mode.
-| | ... | [Ver] Send and receive ESP packet between TG and VPP node.
-| | [Tags] | SKIP_PATCH
-| | ${encr_alg}= | Crypto Alg AES CBC 192
-| | ${auth_alg}= | Integ Alg SHA1 96
-| | Given Generate keys for IPSec | ${encr_alg} | ${auth_alg}
-| | When Configure manual keyed connection for IPSec
-| | ... | ${dut_node} | ${dut_if} | ${encr_alg} | ${encr_key} | ${auth_alg}
-| | ... | ${auth_key} | ${dut_spi} | ${tg_spi} | ${dut_tun_ip} | ${tg_tun_ip}
-| | ... | is_ipv6=${TRUE}
-| | Then Send IPsec Packet and verify ESP encapsulation in received packet
-| | ... | ${tg_node} | ${tg_if} | ${dut_if_mac}
-| | ... | ${encr_alg} | ${encr_key} | ${auth_alg} | ${auth_key} | ${tg_spi}
-| | ... | ${dut_spi} | ${tg_tun_ip} | ${dut_tun_ip}
-
-| TC03: VPP process ESP packet in Transport Mode with AES-CBC-256 encryption and SHA1-96 integrity
-| | [Documentation]
-| | ... | [Top] TG-DUT1.
-| | ... | [Ref] RFC4303.
-| | ... | [Cfg] On DUT1 configure IPsec manual keyed connection with encryption\
-| | ... | algorithm AES-CBC-256 and integrity algorithm SHA1-96 in transport
-| | ... | mode.
-| | ... | [Ver] Send and receive ESP packet between TG and VPP node.
-| | [Tags] | SKIP_PATCH
-| | ${encr_alg}= | Crypto Alg AES CBC 256
-| | ${auth_alg}= | Integ Alg SHA1 96
-| | Given Generate keys for IPSec | ${encr_alg} | ${auth_alg}
-| | When Configure manual keyed connection for IPSec
-| | ... | ${dut_node} | ${dut_if} | ${encr_alg} | ${encr_key} | ${auth_alg}
-| | ... | ${auth_key} | ${dut_spi} | ${tg_spi} | ${dut_tun_ip} | ${tg_tun_ip}
-| | ... | is_ipv6=${TRUE}
-| | Then Send IPsec Packet and verify ESP encapsulation in received packet
-| | ... | ${tg_node} | ${tg_if} | ${dut_if_mac}
-| | ... | ${encr_alg} | ${encr_key} | ${auth_alg} | ${auth_key} | ${tg_spi}
-| | ... | ${dut_spi} | ${tg_tun_ip} | ${dut_tun_ip}
-
-| TC04: VPP process ESP packet in Transport Mode with AES-CBC-128 encryption and SHA-256-128 integrity
-| | [Documentation]
-| | ... | [Top] TG-DUT1.
-| | ... | [Ref] RFC4303.
-| | ... | [Cfg] On DUT1 configure IPsec manual keyed connection with encryption\
-| | ... | algorithm AES-CBC-128 and integrity algorithm SHA-256-128 in transport
-| | ... | mode.
-| | ... | [Ver] Send and receive ESP packet between TG and VPP node.
-| | [Tags] | SKIP_PATCH
-| | ${encr_alg}= | Crypto Alg AES CBC 128
-| | ${auth_alg}= | Integ Alg SHA 256 128
-| | Given Generate keys for IPSec | ${encr_alg} | ${auth_alg}
-| | When Configure manual keyed connection for IPSec
-| | ... | ${dut_node} | ${dut_if} | ${encr_alg} | ${encr_key} | ${auth_alg}
-| | ... | ${auth_key} | ${dut_spi} | ${tg_spi} | ${dut_tun_ip} | ${tg_tun_ip}
-| | ... | is_ipv6=${TRUE}
-| | Then Send IPsec Packet and verify ESP encapsulation in received packet
-| | ... | ${tg_node} | ${tg_if} | ${dut_if_mac}
-| | ... | ${encr_alg} | ${encr_key} | ${auth_alg} | ${auth_key} | ${tg_spi}
-| | ... | ${dut_spi} | ${tg_tun_ip} | ${dut_tun_ip}
-
-| TC05: VPP process ESP packet in Transport Mode with AES-CBC-192 encryption and SHA-256-128 integrity
-| | [Documentation]
-| | ... | [Top] TG-DUT1.
-| | ... | [Ref] RFC4303.
-| | ... | [Cfg] On DUT1 configure IPsec manual keyed connection with encryption\
-| | ... | algorithm AES-CBC-192 and integrity algorithm SHA-256-128 in transport
-| | ... | mode.
-| | ... | [Ver] Send and receive ESP packet between TG and VPP node.
-| | ${encr_alg}= | Crypto Alg AES CBC 192
-| | ${auth_alg}= | Integ Alg SHA 256 128
-| | Given Generate keys for IPSec | ${encr_alg} | ${auth_alg}
-| | When Configure manual keyed connection for IPSec
-| | ... | ${dut_node} | ${dut_if} | ${encr_alg} | ${encr_key} | ${auth_alg}
-| | ... | ${auth_key} | ${dut_spi} | ${tg_spi} | ${dut_tun_ip} | ${tg_tun_ip}
-| | ... | is_ipv6=${TRUE}
-| | Then Send IPsec Packet and verify ESP encapsulation in received packet
-| | ... | ${tg_node} | ${tg_if} | ${dut_if_mac}
-| | ... | ${encr_alg} | ${encr_key} | ${auth_alg} | ${auth_key} | ${tg_spi}
-| | ... | ${dut_spi} | ${tg_tun_ip} | ${dut_tun_ip}
-
-| TC06: VPP process ESP packet in Transport Mode with AES-CBC-256 encryption and SHA-256-128 integrity
-| | [Documentation]
-| | ... | [Top] TG-DUT1.
-| | ... | [Ref] RFC4303.
-| | ... | [Cfg] On DUT1 configure IPsec manual keyed connection with encryption\
-| | ... | algorithm AES-CBC-256 and integrity algorithm SHA-256-128 in transport
-| | ... | mode.
-| | ... | [Ver] Send and receive ESP packet between TG and VPP node.
-| | [Tags] | SKIP_PATCH
-| | ${encr_alg}= | Crypto Alg AES CBC 256
-| | ${auth_alg}= | Integ Alg SHA 256 128
-| | Given Generate keys for IPSec | ${encr_alg} | ${auth_alg}
-| | When Configure manual keyed connection for IPSec
-| | ... | ${dut_node} | ${dut_if} | ${encr_alg} | ${encr_key} | ${auth_alg}
-| | ... | ${auth_key} | ${dut_spi} | ${tg_spi} | ${dut_tun_ip} | ${tg_tun_ip}
-| | ... | is_ipv6=${TRUE}
-| | Then Send IPsec Packet and verify ESP encapsulation in received packet
-| | ... | ${tg_node} | ${tg_if} | ${dut_if_mac}
-| | ... | ${encr_alg} | ${encr_key} | ${auth_alg} | ${auth_key} | ${tg_spi}
-| | ... | ${dut_spi} | ${tg_tun_ip} | ${dut_tun_ip}
-
-| TC07: VPP process ESP packet in Transport Mode with AES-CBC-128 encryption and SHA-384-192 integrity
-| | [Documentation]
-| | ... | [Top] TG-DUT1.
-| | ... | [Ref] RFC4303.
-| | ... | [Cfg] On DUT1 configure IPsec manual keyed connection with encryption\
-| | ... | algorithm AES-CBC-128 and integrity algorithm SHA-384-192 in transport
-| | ... | mode.
-| | ... | [Ver] Send and receive ESP packet between TG and VPP node.
-| | [Tags] | SKIP_PATCH
-| | ${encr_alg}= | Crypto Alg AES CBC 128
-| | ${auth_alg}= | Integ Alg SHA 384 192
-| | Given Generate keys for IPSec | ${encr_alg} | ${auth_alg}
-| | When Configure manual keyed connection for IPSec
-| | ... | ${dut_node} | ${dut_if} | ${encr_alg} | ${encr_key} | ${auth_alg}
-| | ... | ${auth_key} | ${dut_spi} | ${tg_spi} | ${dut_tun_ip} | ${tg_tun_ip}
-| | ... | is_ipv6=${TRUE}
-| | Then Send IPsec Packet and verify ESP encapsulation in received packet
-| | ... | ${tg_node} | ${tg_if} | ${dut_if_mac}
-| | ... | ${encr_alg} | ${encr_key} | ${auth_alg} | ${auth_key} | ${tg_spi}
-| | ... | ${dut_spi} | ${tg_tun_ip} | ${dut_tun_ip}
-
-| TC08: VPP process ESP packet in Transport Mode with AES-CBC-192 encryption and SHA-384-192 integrity
-| | [Documentation]
-| | ... | [Top] TG-DUT1.
-| | ... | [Ref] RFC4303.
-| | ... | [Cfg] On DUT1 configure IPsec manual keyed connection with encryption\
-| | ... | algorithm AES-CBC-192 and integrity algorithm SHA-384-192 in transport
-| | ... | mode.
-| | ... | [Ver] Send and receive ESP packet between TG and VPP node.
-| | [Tags] | SKIP_PATCH
-| | ${encr_alg}= | Crypto Alg AES CBC 192
-| | ${auth_alg}= | Integ Alg SHA 384 192
-| | Given Generate keys for IPSec | ${encr_alg} | ${auth_alg}
-| | When Configure manual keyed connection for IPSec
-| | ... | ${dut_node} | ${dut_if} | ${encr_alg} | ${encr_key} | ${auth_alg}
-| | ... | ${auth_key} | ${dut_spi} | ${tg_spi} | ${dut_tun_ip} | ${tg_tun_ip}
-| | ... | is_ipv6=${TRUE}
-| | Then Send IPsec Packet and verify ESP encapsulation in received packet
-| | ... | ${tg_node} | ${tg_if} | ${dut_if_mac}
-| | ... | ${encr_alg} | ${encr_key} | ${auth_alg} | ${auth_key} | ${tg_spi}
-| | ... | ${dut_spi} | ${tg_tun_ip} | ${dut_tun_ip}
-
-| TC09: VPP process ESP packet in Transport Mode with AES-CBC-256 encryption and SHA-384-192 integrity
-| | [Documentation]
-| | ... | [Top] TG-DUT1.
-| | ... | [Ref] RFC4303.
-| | ... | [Cfg] On DUT1 configure IPsec manual keyed connection with encryption\
-| | ... | algorithm AES-CBC-256 and integrity algorithm SHA-384-192 in transport
-| | ... | mode.
-| | ... | [Ver] Send and receive ESP packet between TG and VPP node.
-| | ${encr_alg}= | Crypto Alg AES CBC 256
-| | ${auth_alg}= | Integ Alg SHA 384 192
-| | Given Generate keys for IPSec | ${encr_alg} | ${auth_alg}
-| | When Configure manual keyed connection for IPSec
-| | ... | ${dut_node} | ${dut_if} | ${encr_alg} | ${encr_key} | ${auth_alg}
-| | ... | ${auth_key} | ${dut_spi} | ${tg_spi} | ${dut_tun_ip} | ${tg_tun_ip}
-| | ... | is_ipv6=${TRUE}
-| | Then Send IPsec Packet and verify ESP encapsulation in received packet
-| | ... | ${tg_node} | ${tg_if} | ${dut_if_mac}
-| | ... | ${encr_alg} | ${encr_key} | ${auth_alg} | ${auth_key} | ${tg_spi}
-| | ... | ${dut_spi} | ${tg_tun_ip} | ${dut_tun_ip}
-
-| TC10: VPP process ESP packet in Transport Mode with AES-CBC-128 encryption and SHA-512-256 integrity
-| | [Documentation]
-| | ... | [Top] TG-DUT1.
-| | ... | [Ref] RFC4303.
-| | ... | [Cfg] On DUT1 configure IPsec manual keyed connection with encryption\
-| | ... | algorithm AES-CBC-128 and integrity algorithm SHA-512-256 in transport
-| | ... | mode.
-| | ... | [Ver] Send and receive ESP packet between TG and VPP node.
-| | [Tags] | SKIP_PATCH
-| | ${encr_alg}= | Crypto Alg AES CBC 128
-| | ${auth_alg}= | Integ Alg SHA 512 256
-| | Given Generate keys for IPSec | ${encr_alg} | ${auth_alg}
-| | When Configure manual keyed connection for IPSec
-| | ... | ${dut_node} | ${dut_if} | ${encr_alg} | ${encr_key} | ${auth_alg}
-| | ... | ${auth_key} | ${dut_spi} | ${tg_spi} | ${dut_tun_ip} | ${tg_tun_ip}
-| | ... | is_ipv6=${TRUE}
-| | Then Send IPsec Packet and verify ESP encapsulation in received packet
-| | ... | ${tg_node} | ${tg_if} | ${dut_if_mac}
-| | ... | ${encr_alg} | ${encr_key} | ${auth_alg} | ${auth_key} | ${tg_spi}
-| | ... | ${dut_spi} | ${tg_tun_ip} | ${dut_tun_ip}
-
-| TC11: VPP process ESP packet in Transport Mode with AES-CBC-192 encryption and SHA-512-256 integrity
-| | [Documentation]
-| | ... | [Top] TG-DUT1.
-| | ... | [Ref] RFC4303.
-| | ... | [Cfg] On DUT1 configure IPsec manual keyed connection with encryption\
-| | ... | algorithm AES-CBC-192 and integrity algorithm SHA-512-256 in transport
-| | ... | mode.
-| | ... | [Ver] Send and receive ESP packet between TG and VPP node.
-| | [Tags] | SKIP_PATCH
-| | ${encr_alg}= | Crypto Alg AES CBC 192
-| | ${auth_alg}= | Integ Alg SHA 512 256
-| | Given Generate keys for IPSec | ${encr_alg} | ${auth_alg}
-| | When Configure manual keyed connection for IPSec
-| | ... | ${dut_node} | ${dut_if} | ${encr_alg} | ${encr_key} | ${auth_alg}
-| | ... | ${auth_key} | ${dut_spi} | ${tg_spi} | ${dut_tun_ip} | ${tg_tun_ip}
-| | ... | is_ipv6=${TRUE}
-| | Then Send IPsec Packet and verify ESP encapsulation in received packet
-| | ... | ${tg_node} | ${tg_if} | ${dut_if_mac}
-| | ... | ${encr_alg} | ${encr_key} | ${auth_alg} | ${auth_key} | ${tg_spi}
-| | ... | ${dut_spi} | ${tg_tun_ip} | ${dut_tun_ip}
-
-| TC12: VPP process ESP packet in Transport Mode with AES-CBC-256 encryption and SHA-512-256 integrity
-| | [Documentation]
-| | ... | [Top] TG-DUT1.
-| | ... | [Ref] RFC4303.
-| | ... | [Cfg] On DUT1 configure IPsec manual keyed connection with encryption\
-| | ... | algorithm AES-CBC-256 and integrity algorithm SHA-512-256 in transport
-| | ... | mode.
-| | ... | [Ver] Send and receive ESP packet between TG and VPP node.
-| | ${encr_alg}= | Crypto Alg AES CBC 256
-| | ${auth_alg}= | Integ Alg SHA 512 256
-| | Given Generate keys for IPSec | ${encr_alg} | ${auth_alg}
-| | When Configure manual keyed connection for IPSec
-| | ... | ${dut_node} | ${dut_if} | ${encr_alg} | ${encr_key} | ${auth_alg}
-| | ... | ${auth_key} | ${dut_spi} | ${tg_spi} | ${dut_tun_ip} | ${tg_tun_ip}
-| | ... | is_ipv6=${TRUE}
-| | Then Send IPsec Packet and verify ESP encapsulation in received packet
-| | ... | ${tg_node} | ${tg_if} | ${dut_if_mac}
-| | ... | ${encr_alg} | ${encr_key} | ${auth_alg} | ${auth_key} | ${tg_spi}
-| | ... | ${dut_spi} | ${tg_tun_ip} | ${dut_tun_ip}
-
-| TC13: VPP process ESP packet in Transport Mode with AES-CBC-128 encryption and SHA1-96 integrity - different encryption alogrithms used
-| | [Documentation]
-| | ... | [Top] TG-DUT1.
-| | ... | [Cfg] On DUT1 configure IPsec manual keyed connection with encryption\
-| | ... | algorithm AES-CBC-128 and integrity algorithm SHA1-96 in transport\
-| | ... | mode.
-| | ... | [Ver] Send an ESP packet encrypted by encryption key different from\
-| | ... | encryption key stored on VPP node from TG to VPP node and expect no\
-| | ... | response to be received on TG.
-| | ... | [Ref] RFC4303.
-| | ${encr_alg}= | Crypto Alg AES CBC 128
-| | ${auth_alg}= | Integ Alg SHA1 96
-| | Given Generate keys for IPSec | ${encr_alg} | ${auth_alg}
-| | ${encr_key2}= | And Get Second Random String | ${encr_alg} | Crypto
-| | When Configure manual keyed connection for IPSec
-| | ... | ${dut_node} | ${dut_if} | ${encr_alg} | ${encr_key} | ${auth_alg}
-| | ... | ${auth_key} | ${dut_spi} | ${tg_spi} | ${dut_tun_ip} | ${tg_tun_ip}
-| | ... | is_ipv6=${TRUE}
-| | Then Run Keyword And Expect Error | ESP packet Rx timeout
-| | ... | Send IPsec Packet and verify ESP encapsulation in received packet
-| | ... | ${tg_node} | ${tg_if} | ${dut_if_mac}
-| | ... | ${encr_alg} | ${encr_key2} | ${auth_alg} | ${auth_key} | ${tg_spi}
-| | ... | ${dut_spi} | ${tg_tun_ip} | ${dut_tun_ip}
-
-| TC14: VPP process ESP packet in Transport Mode with AES-CBC-128 encryption and SHA1-96 integrity - different integrity alogrithms used
-| | [Documentation]
-| | ... | [Top] TG-DUT1.
-| | ... | [Cfg] On DUT1 configure IPsec manual keyed connection with encryption\
-| | ... | algorithm AES-CBC-128 and integrity algorithm SHA1-96 in transport\
-| | ... | mode.
-| | ... | [Ver] Send an ESP packet authenticated by integrity key different\
-| | ... | from integrity key stored on VPP node from TG to VPP node and expect\
-| | ... | no response to be received on TG.
-| | ... | [Ref] RFC4303.
-| | ${encr_alg}= | Crypto Alg AES CBC 128
-| | ${auth_alg}= | Integ Alg SHA1 96
-| | Given Generate keys for IPSec | ${encr_alg} | ${auth_alg}
-| | ${auth_key2}= | And Get Second Random String | ${auth_alg} | Integ
-| | When Configure manual keyed connection for IPSec
-| | ... | ${dut_node} | ${dut_if} | ${encr_alg} | ${encr_key} | ${auth_alg}
-| | ... | ${auth_key} | ${dut_spi} | ${tg_spi} | ${dut_tun_ip} | ${tg_tun_ip}
-| | ... | is_ipv6=${TRUE}
-| | Then Run Keyword And Expect Error | ESP packet Rx timeout
-| | ... | Send IPsec Packet and verify ESP encapsulation in received packet
-| | ... | ${tg_node} | ${tg_if} | ${dut_if_mac}
-| | ... | ${encr_alg} | ${encr_key} | ${auth_alg} | ${auth_key2} | ${tg_spi}
-| | ... | ${dut_spi} | ${tg_tun_ip} | ${dut_tun_ip}
-
-| TC15: VPP process ESP packet in Transport Mode with AES-CBC-128 encryption and SHA1-96 integrity - different encryption and integrity alogrithms used
-| | [Documentation]
-| | ... | [Top] TG-DUT1.
-| | ... | [Cfg] On DUT1 configure IPsec manual keyed connection with encryption\
-| | ... | algorithm AES-CBC-128 and integrity algorithm SHA1-96 in transport\
-| | ... | mode.
-| | ... | [Ver] Send an ESP packet authenticated by integrity key and encrypted\
-| | ... | by encryption key different from integrity and encryption keys stored\
-| | ... | on VPP node from TG to VPP node and expect no response to be received\
-| | ... | on TG.
-| | ... | [Ref] RFC4303.
-| | ${encr_alg}= | Crypto Alg AES CBC 128
-| | ${auth_alg}= | Integ Alg SHA1 96
-| | Given Generate keys for IPSec | ${encr_alg} | ${auth_alg}
-| | ${encr_key2}= | And Get Second Random String | ${encr_alg} | Crypto
-| | ${auth_key2}= | And Get Second Random String | ${auth_alg} | Integ
-| | When Configure manual keyed connection for IPSec
-| | ... | ${dut_node} | ${dut_if} | ${encr_alg} | ${encr_key} | ${auth_alg}
-| | ... | ${auth_key} | ${dut_spi} | ${tg_spi} | ${dut_tun_ip} | ${tg_tun_ip}
-| | ... | is_ipv6=${TRUE}
-| | Then Run Keyword And Expect Error | ESP packet Rx timeout
-| | ... | Send IPsec Packet and verify ESP encapsulation in received packet
-| | ... | ${tg_node} | ${tg_if} | ${dut_if_mac}
-| | ... | ${encr_alg} | ${encr_key2} | ${auth_alg} | ${auth_key2} | ${tg_spi}
-| | ... | ${dut_spi} | ${tg_tun_ip} | ${dut_tun_ip}
-
-| TC16: VPP process ESP packet in Transport Mode with AES-CBC-128 encryption and SHA1-96 integrity with update SA keys
-| | [Documentation]
-| | ... | [Top] TG-DUT1.
-| | ... | [Ref] RFC4303.
-| | ... | [Cfg] On DUT1 configure IPsec manual keyed connection with encryption\
-| | ... | algorithm AES-CBC-128 and integrity algorithm SHA1-96 in transport\
-| | ... | mode. Then update SA keys - use new keys.
-| | ... | [Ver] Send and receive ESP packet between TG and VPP node before\
-| | ... | and after SA keys update.
-| | [Tags] | EXPECTED_FAILING
-| | ${encr_alg}= | Crypto Alg AES CBC 128
-| | ${auth_alg}= | Integ Alg SHA1 96
-| | Given Generate keys for IPSec | ${encr_alg} | ${auth_alg}
-| | When Configure manual keyed connection for IPSec
-| | ... | ${dut_node} | ${dut_if} | ${encr_alg} | ${encr_key} | ${auth_alg}
-| | ... | ${auth_key} | ${dut_spi} | ${tg_spi} | ${dut_tun_ip} | ${tg_tun_ip}
-| | ... | is_ipv6=${TRUE}
-| | Then Send IPsec Packet and verify ESP encapsulation in received packet
-| | ... | ${tg_node} | ${tg_if} | ${dut_if_mac}
-| | ... | ${encr_alg} | ${encr_key} | ${auth_alg} | ${auth_key} | ${tg_spi}
-| | ... | ${dut_spi} | ${tg_tun_ip} | ${dut_tun_ip}
-| | ${new_encr_key}= | Given Get Second Random String | ${encr_alg} | Crypto
-| | ${new_auth_key}= | And Get Second Random String | ${auth_alg} | Integ
-| | When Update IPSec SA keys | ${dut_node} | ${l_sa_id} | ${r_sa_id}
-| | ... | ${new_encr_key} | ${new_auth_key}
-| | Then Send IPsec Packet and verify ESP encapsulation in received packet
-| | ... | ${tg_node} | ${tg_if} | ${dut_if_mac}
-| | ... | ${encr_alg} | ${new_encr_key} | ${auth_alg} | ${new_auth_key}
-| | ... | ${tg_spi} | ${dut_spi} | ${tg_tun_ip} | ${dut_tun_ip}
-
-| TC17: VPP process ESP packet in Transport Mode with AES-CBC-128 encryption and SHA1-96 integrity with update SA keys - different encryption alogrithms used
-| | [Documentation]
-| | ... | [Top] TG-DUT1.
-| | ... | [Ref] RFC4303.
-| | ... | [Cfg] On DUT1 configure IPsec manual keyed connection with encryption\
-| | ... | algorithm AES-CBC-128 and integrity algorithm SHA1-96 in transport\
-| | ... | mode. Then update SA keys - use new keys.
-| | ... | [Ver] Send an ESP packet encrypted by encryption key different from\
-| | ... | encryption key stored on VPP node from TG to VPP node and expect no\
-| | ... | response to be received on TG before and after SA keys update.
-| | ${encr_alg}= | Crypto Alg AES CBC 128
-| | ${auth_alg}= | Integ Alg SHA1 96
-| | Given Generate keys for IPSec | ${encr_alg} | ${auth_alg}
-| | When Configure manual keyed connection for IPSec
-| | ... | ${dut_node} | ${dut_if} | ${encr_alg} | ${encr_key} | ${auth_alg}
-| | ... | ${auth_key} | ${dut_spi} | ${tg_spi} | ${dut_tun_ip} | ${tg_tun_ip}
-| | ... | is_ipv6=${TRUE}
-| | ${encr_key2}= | And Get Second Random String | ${encr_alg} | Crypto
-| | Then Run Keyword And Expect Error | ESP packet Rx timeout
-| | ... | Send IPsec Packet and verify ESP encapsulation in received packet
-| | ... | ${tg_node} | ${tg_if} | ${dut_if_mac}
-| | ... | ${encr_alg} | ${encr_key2} | ${auth_alg} | ${auth_key} | ${tg_spi}
-| | ... | ${dut_spi} | ${tg_tun_ip} | ${dut_tun_ip}
-| | ${new_encr_key}= | Given Get Second Random String | ${encr_alg} | Crypto
-| | ${new_auth_key}= | And Get Second Random String | ${auth_alg} | Integ
-| | When Update IPSec SA keys | ${dut_node} | ${l_sa_id} | ${r_sa_id}
-| | ... | ${new_encr_key} | ${new_auth_key}
-| | Then Run Keyword And Expect Error | ESP packet Rx timeout
-| | ... | Send IPsec Packet and verify ESP encapsulation in received packet
-| | ... | ${tg_node} | ${tg_if} | ${dut_if_mac}
-| | ... | ${encr_alg} | ${encr_key2} | ${auth_alg} | ${new_auth_key} | ${tg_spi}
-| | ... | ${dut_spi} | ${tg_tun_ip} | ${dut_tun_ip}
-
-| TC18: VPP process ESP packet in Transport Mode with AES-CBC-128 encryption and SHA1-96 integrity with update SA keys - different integrity alogrithms used
-| | [Documentation]
-| | ... | [Top] TG-DUT1.
-| | ... | [Ref] RFC4303.
-| | ... | [Cfg] On DUT1 configure IPsec manual keyed connection with encryption\
-| | ... | algorithm AES-CBC-128 and integrity algorithm SHA1-96 in transport\
-| | ... | mode. Then update SA keys - use new keys.
-| | ... | [Ver] Send an ESP packet authenticated by integrity key different\
-| | ... | from integrity key stored on VPP node from TG to VPP node and expect\
-| | ... | no response to be received on TG before and after SA keys update.
-| | ${encr_alg}= | Crypto Alg AES CBC 128
-| | ${auth_alg}= | Integ Alg SHA1 96
-| | Given Generate keys for IPSec | ${encr_alg} | ${auth_alg}
-| | When Configure manual keyed connection for IPSec
-| | ... | ${dut_node} | ${dut_if} | ${encr_alg} | ${encr_key} | ${auth_alg}
-| | ... | ${auth_key} | ${dut_spi} | ${tg_spi} | ${dut_tun_ip} | ${tg_tun_ip}
-| | ... | is_ipv6=${TRUE}
-| | ${auth_key2}= | And Get Second Random String | ${auth_alg} | Integ
-| | Then Run Keyword And Expect Error | ESP packet Rx timeout
-| | ... | Send IPsec Packet and verify ESP encapsulation in received packet
-| | ... | ${tg_node} | ${tg_if} | ${dut_if_mac}
-| | ... | ${encr_alg} | ${encr_key} | ${auth_alg} | ${auth_key2} | ${tg_spi}
-| | ... | ${dut_spi} | ${tg_tun_ip} | ${dut_tun_ip}
-| | ${new_encr_key}= | Given Get Second Random String | ${encr_alg} | Crypto
-| | ${new_auth_key}= | And Get Second Random String | ${auth_alg} | Integ
-| | When Update IPSec SA keys | ${dut_node} | ${l_sa_id} | ${r_sa_id}
-| | ... | ${new_encr_key} | ${new_auth_key}
-| | Then Run Keyword And Expect Error | ESP packet Rx timeout
-| | ... | Send IPsec Packet and verify ESP encapsulation in received packet
-| | ... | ${tg_node} | ${tg_if} | ${dut_if_mac}
-| | ... | ${encr_alg} | ${new_encr_key} | ${auth_alg} | ${auth_key2} | ${tg_spi}
-| | ... | ${dut_spi} | ${tg_tun_ip} | ${dut_tun_ip}
-
-| TC19: VPP process ESP packet in Transport Mode with AES-CBC-128 encryption and SHA1-96 integrity with update SA keys - different encryption and integrity alogrithms used
-| | [Documentation]
-| | ... | [Top] TG-DUT1.
-| | ... | [Ref] RFC4303.
-| | ... | [Cfg] On DUT1 configure IPsec manual keyed connection with encryption\
-| | ... | algorithm AES-CBC-128 and integrity algorithm SHA1-96 in transport\
-| | ... | mode. Then update SA keys - use new keys.
-| | ... | [Ver] Send an ESP packet authenticated by integrity key and encrypted\
-| | ... | by encryption key different from integrity and encryption keys stored\
-| | ... | on VPP node from TG to VPP node and expect no response to be received\
-| | ... | on TG before and after SA keys update.
-| | ${encr_alg}= | Crypto Alg AES CBC 128
-| | ${auth_alg}= | Integ Alg SHA1 96
-| | Given Generate keys for IPSec | ${encr_alg} | ${auth_alg}
-| | When Configure manual keyed connection for IPSec
-| | ... | ${dut_node} | ${dut_if} | ${encr_alg} | ${encr_key} | ${auth_alg}
-| | ... | ${auth_key} | ${dut_spi} | ${tg_spi} | ${dut_tun_ip} | ${tg_tun_ip}
-| | ... | is_ipv6=${TRUE}
-| | ${encr_key2}= | And Get Second Random String | ${encr_alg} | Crypto
-| | ${auth_key2}= | And Get Second Random String | ${auth_alg} | Integ
-| | Then Run Keyword And Expect Error | ESP packet Rx timeout
-| | ... | Send IPsec Packet and verify ESP encapsulation in received packet
-| | ... | ${tg_node} | ${tg_if} | ${dut_if_mac}
-| | ... | ${encr_alg} | ${encr_key2} | ${auth_alg} | ${auth_key2} | ${tg_spi}
-| | ... | ${dut_spi} | ${tg_tun_ip} | ${dut_tun_ip}
-| | ${new_encr_key}= | Given Get Second Random String | ${encr_alg} | Crypto
-| | ${new_auth_key}= | And Get Second Random String | ${auth_alg} | Integ
-| | When Update IPSec SA keys | ${dut_node} | ${l_sa_id} | ${r_sa_id}
-| | ... | ${new_encr_key} | ${new_auth_key}
-| | Then Run Keyword And Expect Error | ESP packet Rx timeout
-| | ... | Send IPsec Packet and verify ESP encapsulation in received packet
-| | ... | ${tg_node} | ${tg_if} | ${dut_if_mac}
-| | ... | ${encr_alg} | ${encr_key2} | ${auth_alg} | ${auth_key2} | ${tg_spi}
-| | ... | ${dut_spi} | ${tg_tun_ip} | ${dut_tun_ip}
-
-*** Keywords ***
-| Get Second Random String
-| | [Arguments] | ${req_alg} | ${req_type}
-| | ${req_key_len}= | Run Keyword | Get ${req_type} Alg Key Len | ${req_alg}
-| | ${key}= | Set Variable If | '${req_type}' == 'Crypto' | ${encr_key}
-| | ... | '${req_type}' == 'Integ' | ${auth_key}
-| | :FOR | ${index} | IN RANGE | 100
-| | | ${req_key}= | Generate Random String | ${req_key_len}
-| | | Return From Keyword If | '${req_key}' != '${key}' | ${req_key}
diff --git a/tests/vpp/func/crypto/default/eth2p-ethip6ipsectptlispgpe-ip4base-func.robot b/tests/vpp/func/crypto/default/eth2p-ethip6ipsectptlispgpe-ip4base-func.robot
deleted file mode 100644
index 725db216e4..0000000000
--- a/tests/vpp/func/crypto/default/eth2p-ethip6ipsectptlispgpe-ip4base-func.robot
+++ /dev/null
@@ -1,155 +0,0 @@
-# Copyright (c) 2016 Cisco and/or its affiliates.
-# Licensed under the Apache License, Version 2.0 (the "License");
-# you may not use this file except in compliance with the License.
-# You may obtain a copy of the License at:
-#
-#     http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS,
-# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# See the License for the specific language governing permissions and
-# limitations under the License.
-
-*** Settings ***
-| Library | resources.libraries.python.topology.Topology
-| Library | resources.libraries.python.NodePath
-| Library | resources.libraries.python.Trace
-| Library | resources.libraries.python.IPUtil
-| Library | resources.libraries.python.L2Util
-| Library | resources.libraries.python.LispUtil
-| Library | resources.libraries.python.IPsecUtil
-| Library | resources.libraries.python.VatJsonUtil
-| Library | resources.libraries.python.IPv6Setup
-| Library | String
-| Resource | resources/libraries/robot/shared/traffic.robot
-| Resource | resources/libraries/robot/shared/default.robot
-| Resource | resources/libraries/robot/shared/interfaces.robot
-| Resource | resources/libraries/robot/shared/testing_path.robot
-| Resource | resources/libraries/robot/ip/ip6.robot
-| Resource | resources/libraries/robot/crypto/ipsec.robot
-| Resource | resources/libraries/robot/overlay/lispgpe.robot
-| Resource | resources/libraries/robot/l2/l2_bridge_domain.robot
-# Import configuration and test data:
-| Variables | resources/test_data/lisp/ipv4_lispgpe_ipv6/ipv4_lispgpe_ipsec_ipv6.py
-| ...
-| Force Tags | 3_NODE_SINGLE_LINK_TOPO | VM_ENV | LISP | SKIP_VPP_PATCH
-| ...
-| Test Setup | Set up functional test
-| ...
-| Test Teardown | Tear down functional test
-| ...
-| Documentation | *IPv6 - ip4-ipsec-lispgpe-ip6 - main fib, virt2lisp, phy2lisp*
-| ...
-| ... | *[Top] Network Topologies:* TG-DUT1-DUT2-TG 3-node circular topology\
-| ... | with single links between nodes.
-| ... | *[Enc] Packet Encapsulations:* Eth-IPv6-LISPGPE-IPSec-IPv4-ICMP,\
-| ... | Eth-IPv6-IPSec-LISPGPE-IPv4-ICMP
-| ... | *[Cfg] DUT configuration:* Each DUT is configured with LISP and IPsec.\
-| ... | IPsec is in transport mode. Tests cases are for IPsec configured both\
-| ... | on RLOC interface or lisp_gpe0 interface.
-| ... | *[Ver] TG verification:* Packet is send from TG(if1) across the DUT1 to\
-| ... | DUT2 where it is forwarded to TG(if2).
-| ... | *[Ref] Applicable standard specifications:* RFC6830, RFC4303.
-
-*** Test Cases ***
-| TC01: DUT1 and DUT2 route IPv4 bidirectionally over LISP GPE tunnel using IPsec (transport) on RLOC Int.
-| | [Documentation]
-| | ... | [Top] TG-DUT1-DUT2-TG.
-| | ... | [Enc] Eth-IPv6-LISPGPE-IPSec-IPv4-ICMP on DUT1-DUT2, Eth-IPv4-ICMP\
-| | ... | on TG-DUTn.
-| | ... | [Cfg] Configure IPv6 LISP static adjacencies on DUT1 and DUT2 with\
-| | ... | IPsec in between DUTS.
-| | ... | [Ver] Make TG send ICMPv6 Echo Req between its interfaces across\
-| | ... | both DUTs and LISP GPE tunnel between them; verify IPv4 headers on\
-| | ... | received packets are correct.
-| | ... | [Ref] RFC6830, RFC4303.
-| | ...
-| | ${encr_alg}= | Crypto Alg AES CBC 128
-| | ${auth_alg}= | Integ Alg SHA1 96
-| | Given Setup Topology And Lisp
-| | And Generate keys for IPSec | ${encr_alg} | ${auth_alg}
-| | When Configure manual keyed connection for IPSec
-| | ... | ${dut1_node} | ${dut1_to_dut2} | ${encr_alg} | ${encr_key}
-| | ... | ${auth_alg} | ${auth_key} | ${dut1_spi} | ${dut2_spi}
-| | ... | ${dut1_to_dut2_ip6} | ${dut2_to_dut1_ip6}
-| | And Configure manual keyed connection for IPSec
-| | ... | ${dut2_node} | ${dut2_to_dut1} | ${encr_alg} | ${encr_key}
-| | ... | ${auth_alg} | ${auth_key} | ${dut2_spi} | ${dut1_spi}
-| | ... | ${dut2_to_dut1_ip6} | ${dut1_to_dut2_ip6}
-| | Then Send packet and verify headers
-| | ... | ${tg_node} | ${tg1_ip4} | ${tg2_ip4}
-| | ... | ${tg_to_dut1} | ${tg_to_dut1_mac} | ${dut1_to_tg_mac}
-| | ... | ${tg_to_dut2} | ${dut2_to_tg_mac} | ${tg_to_dut2_mac}
-| | And Send packet and verify headers
-| | ... | ${tg_node} | ${tg2_ip4} | ${tg1_ip4}
-| | ... | ${tg_to_dut2} | ${tg_to_dut2_mac} | ${dut2_to_tg_mac}
-| | ... | ${tg_to_dut1} | ${dut1_to_tg_mac} | ${tg_to_dut1_mac}
-
-| TC02: DUT1 and DUT2 route IPv4 bidirectionally over LISP GPE tunnel using IPsec (transport) on lisp_gpe0 Int.
-| | [Documentation]
-| | ... | [Top] TG-DUT1-DUT2-TG.
-| | ... | [Enc] Eth-IPv6-IPSec-LISPGPE-IPv4-ICMPv4 on DUT1-DUT2, Eth-IPv4-ICMP\
-| | ... | on TG-DUTn.
-| | ... | [Cfg] Configure IPv6 LISP static adjacencies on DUT1 and DUT2 with\
-| | ... | IPsec in between DUTS.
-| | ... | [Ver] Make TG send ICMPv6 Echo Req between its interfaces across\
-| | ... | both DUTs and LISP GPE tunnel between them; verify IPv4 headers on\
-| | ... | received packets are correct.
-| | ... | [Ref] RFC6830, RFC4303.
-| | ...
-| | ${encr_alg}= | Crypto Alg AES CBC 128
-| | ${auth_alg}= | Integ Alg SHA1 96
-| | Given Setup Topology And Lisp
-| | And Generate keys for IPSec | ${encr_alg} | ${auth_alg}
-| | ${lisp_if_idx}= | resources.libraries.python.InterfaceUtil.get sw if index
-| | ... | ${dut1_node} | ${lisp_gpe_int}
-| | When Configure manual keyed connection for IPSec
-| | ... | ${dut1_node} | ${lisp_if_idx} | ${encr_alg} | ${encr_key}
-| | ... | ${auth_alg} | ${auth_key} | ${dut1_spi} | ${dut2_spi}
-| | ... | ${dut1_to_dut2_ip6} | ${dut2_to_dut1_ip6}
-| | And Configure manual keyed connection for IPSec
-| | ... | ${dut2_node} | ${lisp_if_idx} | ${encr_alg} | ${encr_key}
-| | ... | ${auth_alg} | ${auth_key} | ${dut2_spi} | ${dut1_spi}
-| | ... | ${dut2_to_dut1_ip6} | ${dut1_to_dut2_ip6}
-| | Then Send packet and verify headers
-| | ... | ${tg_node} | ${tg1_ip4} | ${tg2_ip4}
-| | ... | ${tg_to_dut1} | ${tg_to_dut1_mac} | ${dut1_to_tg_mac}
-| | ... | ${tg_to_dut2} | ${dut2_to_tg_mac} | ${tg_to_dut2_mac}
-| | And Send packet and verify headers
-| | ... | ${tg_node} | ${tg2_ip4} | ${tg1_ip4}
-| | ... | ${tg_to_dut2} | ${tg_to_dut2_mac} | ${dut2_to_tg_mac}
-| | ... | ${tg_to_dut1} | ${dut1_to_tg_mac} | ${tg_to_dut1_mac}
-
-*** Keywords ***
-| Setup Topology And Lisp
-| | [Documentation] | Setup IPs and neighbors for interfaces on DUT1 and DUT2\
-| | ... | and then setup LISP.
-| | Configure path in 3-node circular topology
-| | ... | ${nodes['TG']} | ${nodes['DUT1']} | ${nodes['DUT2']} | ${nodes['TG']}
-| | Set interfaces in 3-node circular topology up
-| | Vpp Set If IPv6 Addr | ${dut1_node} | ${dut1_to_dut2} | ${dut1_to_dut2_ip6}
-| | ... | ${prefix6}
-| | Vpp Set If IPv6 Addr | ${dut1_node} | ${dut1_to_dut2} | ${dut1_to_dut2_ip6}
-| | ... | ${prefix6}
-| | Vpp Set If IPv6 Addr | ${dut1_node} | ${dut1_to_tg} | ${dut1_to_tg_ip4}
-| | ... | ${prefix4}
-| | Vpp Set If IPv6 Addr | ${dut2_node} | ${dut2_to_dut1} | ${dut2_to_dut1_ip6}
-| | ... | ${prefix6}
-| | Vpp Set If IPv6 Addr | ${dut2_node} | ${dut2_to_tg} | ${dut2_to_tg_ip4}
-| | ... | ${prefix4}
-| | Add IP Neighbor | ${dut2_node} | ${dut2_to_tg} | ${tg2_ip4}
-| | ... | ${tg_to_dut2_mac}
-| | Add IP Neighbor | ${dut1_node} | ${dut1_to_dut2} | ${dut2_to_dut1_ip6}
-| | ... | ${dut2_to_dut1_mac}
-| | Add IP Neighbor | ${dut2_node} | ${dut2_to_dut1} | ${dut1_to_dut2_ip6}
-| | ... | ${dut1_to_dut2_mac}
-| | Add IP Neighbor | ${dut1_node} | ${dut1_to_tg} | ${tg1_ip4}
-| | ... | ${tg_to_dut1_mac}
-| | Vpp All RA Suppress Link Layer | ${nodes}
-| | Configure LISP GPE topology in 3-node circular topology
-| | ... | ${dut1_node} | ${dut1_to_dut2} | ${NONE}
-| | ... | ${dut2_node} | ${dut2_to_dut1} | ${NONE}
-| | ... | ${duts_locator_set} | ${dut1_ip4_eid} | ${dut2_ip4_eid}
-| | ... | ${dut1_to_dut2_ip_static_adjacency}
-| | ... | ${dut2_to_dut1_ip_static_adjacency}
diff --git a/tests/vpp/func/crypto/default/eth2p-ethip6ipsectptlispgpe-ip6base-func.robot b/tests/vpp/func/crypto/default/eth2p-ethip6ipsectptlispgpe-ip6base-func.robot
deleted file mode 100644
index b0454dd717..0000000000
--- a/tests/vpp/func/crypto/default/eth2p-ethip6ipsectptlispgpe-ip6base-func.robot
+++ /dev/null
@@ -1,171 +0,0 @@
-# Copyright (c) 2016 Cisco and/or its affiliates.
-# Licensed under the Apache License, Version 2.0 (the "License");
-# you may not use this file except in compliance with the License.
-# You may obtain a copy of the License at:
-#
-#     http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS,
-# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# See the License for the specific language governing permissions and
-# limitations under the License.
-
-*** Settings ***
-| Library | resources.libraries.python.topology.Topology
-| Library | resources.libraries.python.NodePath
-| Library | resources.libraries.python.Trace
-| Library | resources.libraries.python.IPUtil
-| Library | resources.libraries.python.L2Util
-| Library | resources.libraries.python.LispUtil
-| Library | resources.libraries.python.VPPUtil
-| Library | resources.libraries.python.IPsecUtil
-| Library | resources.libraries.python.VatJsonUtil
-| Library | resources.libraries.python.IPv6Setup
-| Library | String
-| Resource | resources/libraries/robot/shared/traffic.robot
-| Resource | resources/libraries/robot/shared/default.robot
-| Resource | resources/libraries/robot/shared/interfaces.robot
-| Resource | resources/libraries/robot/shared/testing_path.robot
-| Resource | resources/libraries/robot/ip/ip6.robot
-| Resource | resources/libraries/robot/crypto/ipsec.robot
-| Resource | resources/libraries/robot/overlay/lispgpe.robot
-| Resource | resources/libraries/robot/l2/l2_bridge_domain.robot
-# Import configuration and test data:
-| Variables | resources/test_data/lisp/ipv6_lispgpe_ipv6/ipv6_lispgpe_ipsec_ipv6.py
-| ...
-| Force Tags | 3_NODE_SINGLE_LINK_TOPO | VM_ENV | LISP | SKIP_VPP_PATCH
-| ...
-| Test Setup | Run Keywords | Set up functional test
-| ...        | AND          | Vpp All Ra Suppress Link Layer | ${nodes}
-| ...
-| Test Teardown | Tear down functional test
-| ...
-| Documentation | *IPv6 - ip6-ipsec-lispgpe-ip6 - main fib,
-| ... | vrf (gpe_vni-to-vrf), phy2lisp, virt2lisp*
-| ...
-| ... | *[Top] Network Topologies:* TG-DUT1-DUT2-TG 3-node circular topology\
-| ... | with single links between nodes.
-| ... | *[Enc] Packet Encapsulations:* Eth-IPv6-IPSec-LISPGPE-IPv6-ICMPv6,\
-| ... | *[Cfg] DUT configuration:* Each DUT is configured with LISP and IPsec.\
-| ... | IPsec is in transport mode. Tests cases are for IPsec configured both\
-| ... | on RLOC interface or lisp_gpe0 interface.
-| ... | *[Ver] TG verification:* Packet is send from TG(if1) across the DUT1\
-| ... | to DUT2 where it is forwarded to TG(if2).
-| ... | *[Ref] Applicable standard specifications:* RFC6830, RFC4303.
-
-*** Variables ***
-| ${dut2_spi}= | ${1000}
-| ${dut1_spi}= | ${1001}
-
-| ${ESP_PROTO}= | ${50}
-
-| ${bid}= | 10
-
-*** Test Cases ***
-| TC01: DUT1 and DUT2 route IPv6 bidirectionally over LISP GPE tunnel using IPsec (transport) on RLOC Int.
-| | [Documentation]
-| | ... | [Top] TG-DUT1-DUT2-TG.
-| | ... | [Enc] Eth-IPv6-IPSec-LISPGPE-IPv6-ICMPv6 on DUT1-DUT2,\
-| | ... | Eth-IPv6-ICMPv6 on TG-DUTn.
-| | ... | [Cfg] Configure IPv6 LISP static adjacencies on DUT1 and DUT2 with\
-| | ... | IPsec in between DUTS.
-| | ... | [Ver] Case: ip6-lispgpe-ipsec-ip6 - main fib, phys2lisp\
-| | ... | Make TG send ICMPv6 Echo Req between its interfaces across\
-| | ... | both DUTs and LISP GPE tunnel between them; verify IPv6 headers on\
-| | ... | received packets are correct.
-| | ... | [Ref] RFC6830, RFC4303.
-| | ...
-| | ${encr_alg}= | Crypto Alg AES CBC 128
-| | ${auth_alg}= | Integ Alg SHA1 96
-| | Given Setup Topology
-| | And Configure LISP GPE topology in 3-node circular topology
-| | ... | ${dut1_node} | ${dut1_to_dut2} | ${NONE}
-| | ... | ${dut2_node} | ${dut2_to_dut1} | ${NONE}
-| | ... | ${duts_locator_set} | ${dut1_ip6_eid} | ${dut2_ip6_eid}
-| | ... | ${dut1_to_dut2_ip6_static_adjacency}
-| | ... | ${dut2_to_dut1_ip6_static_adjacency}
-| | And Generate keys for IPSec | ${encr_alg} | ${auth_alg}
-| | When Configure manual keyed connection for IPSec
-| | ... | ${dut1_node} | ${dut1_to_dut2} | ${encr_alg} | ${encr_key}
-| | ... | ${auth_alg} | ${auth_key} | ${dut1_spi} | ${dut2_spi}
-| | ... | ${dut1_to_dut2_ip6} | ${dut2_to_dut1_ip6}
-| | And Configure manual keyed connection for IPSec
-| | ... | ${dut2_node} | ${dut2_to_dut1} | ${encr_alg} | ${encr_key}
-| | ... | ${auth_alg} | ${auth_key} | ${dut2_spi} | ${dut1_spi}
-| | ... | ${dut2_to_dut1_ip6} | ${dut1_to_dut2_ip6}
-| | Then Send packet and verify headers
-| | ... | ${tg_node} | ${tg1_ip6} | ${tg2_ip6}
-| | ... | ${tg_to_dut1} | ${tg_to_dut1_mac} | ${dut1_to_tg_mac}
-| | ... | ${tg_to_dut2} | ${dut2_to_tg_mac} | ${tg_to_dut2_mac}
-| | And Send packet and verify headers
-| | ... | ${tg_node} | ${tg2_ip6} | ${tg1_ip6}
-| | ... | ${tg_to_dut2} | ${tg_to_dut2_mac} | ${dut2_to_tg_mac}
-| | ... | ${tg_to_dut1} | ${dut1_to_tg_mac} | ${tg_to_dut1_mac}
-
-| TC02: DUT1 and DUT2 route IPv6 bidirectionally over LISP GPE tunnel using IPsec (transport) lisp_gpe0 Int.
-| | [Documentation]
-| | ... | [Top] TG-DUT1-DUT2-TG.
-| | ... | [Enc] Eth-IPv6-IPSec-LISPGPE-IPv6-ICMPv6 on DUT1-DUT2,\
-| | ... | Eth-IPv6-ICMPv6 on TG-DUTn.
-| | ... | [Cfg] Configure IPv6 LISP static adjacencies on DUT1 and DUT2 with\
-| | ... | IPsec in between DUTS.
-| | ... | [Ver] Case: ip6-ipsec-lispgpe-ip6 - main fib, phys2lisp\
-| | ... | Make TG send ICMPv6 Echo Req between its interfaces across\
-| | ... | both DUTs and LISP GPE tunnel between them; verify IPv6 headers on\
-| | ... | received packets are correct.
-| | ... | [Ref] RFC6830, RFC4303.
-| | ...
-| | ${encr_alg}= | Crypto Alg AES CBC 128
-| | ${auth_alg}= | Integ Alg SHA1 96
-| | Given Setup Topology
-| | And Configure LISP GPE topology in 3-node circular topology
-| | ... | ${dut1_node} | ${dut1_to_dut2} | ${NONE}
-| | ... | ${dut2_node} | ${dut2_to_dut1} | ${NONE}
-| | ... | ${duts_locator_set} | ${dut1_ip6_eid} | ${dut2_ip6_eid}
-| | ... | ${dut1_to_dut2_ip6_static_adjacency}
-| | ... | ${dut2_to_dut1_ip6_static_adjacency}
-| | ${lisp_if_idx}= | resources.libraries.python.InterfaceUtil.get sw if index
-| | ... | ${dut1_node} | lisp_gpe0
-| | And Generate keys for IPSec | ${encr_alg} | ${auth_alg}
-| | When Configure manual keyed connection for IPSec
-| | ... | ${dut1_node} | ${lisp_if_idx} | ${encr_alg} | ${encr_key}
-| | ... | ${auth_alg} | ${auth_key} | ${dut1_spi} | ${dut2_spi} | ${tg1_ip6}
-| | ... | ${tg2_ip6}
-| | And Configure manual keyed connection for IPSec
-| | ... | ${dut2_node} | ${lisp_if_idx} | ${encr_alg} | ${encr_key}
-| | ... | ${auth_alg} | ${auth_key} | ${dut2_spi} | ${dut1_spi} | ${tg2_ip6}
-| | ... | ${tg1_ip6}
-| | Then Send packet and verify headers
-| | ... | ${tg_node} | ${tg1_ip6} | ${tg2_ip6}
-| | ... | ${tg_to_dut1} | ${tg_to_dut1_mac} | ${dut1_to_tg_mac}
-| | ... | ${tg_to_dut2} | ${dut2_to_tg_mac} | ${tg_to_dut2_mac}
-| | And Send packet and verify headers
-| | ... | ${tg_node} | ${tg2_ip6} | ${tg1_ip6}
-| | ... | ${tg_to_dut2} | ${tg_to_dut2_mac} | ${dut2_to_tg_mac}
-| | ... | ${tg_to_dut1} | ${dut1_to_tg_mac} | ${tg_to_dut1_mac}
-
-*** Keywords ***
-| Setup Topology
-| | Configure path in 3-node circular topology
-| | ... | ${nodes['TG']} | ${nodes['DUT1']} | ${nodes['DUT2']} | ${nodes['TG']}
-| | Set interfaces in 3-node circular topology up
-| | Vpp Set If IPv6 Addr | ${dut1_node} | ${dut1_to_dut2} | ${dut1_to_dut2_ip6}
-| | ... | ${prefix6}
-| | Vpp Set If IPv6 Addr | ${dut1_node} | ${dut1_to_dut2} | ${dut1_to_dut2_ip6}
-| | ... | ${prefix6}
-| | Vpp Set If IPv6 Addr | ${dut1_node} | ${dut1_to_tg} | ${dut1_to_tg_ip6}
-| | ... | ${prefix6}
-| | Vpp Set If IPv6 Addr | ${dut2_node} | ${dut2_to_dut1} | ${dut2_to_dut1_ip6}
-| | ... | ${prefix6}
-| | Vpp Set If IPv6 Addr | ${dut2_node} | ${dut2_to_tg} | ${dut2_to_tg_ip6}
-| | ... | ${prefix6}
-| | Add IP Neighbor | ${dut1_node} | ${dut1_to_tg} | ${tg1_ip6}
-| | ... | ${tg_to_dut1_mac}
-| | Add IP Neighbor | ${dut2_node} | ${dut2_to_tg} | ${tg2_ip6}
-| | ... | ${tg_to_dut2_mac}
-| | Add IP Neighbor | ${dut1_node} | ${dut1_to_dut2} | ${dut2_to_dut1_ip6}
-| | ... | ${dut2_to_dut1_mac}
-| | Add IP Neighbor | ${dut2_node} | ${dut2_to_dut1} | ${dut1_to_dut2_ip6}
-| | ... | ${dut1_to_dut2_mac}
-| | Vpp All RA Suppress Link Layer | ${nodes}
diff --git a/tests/vpp/func/crypto/sw_device/eth2p-ethip4ipsectnlsw-ip4base-func.robot b/tests/vpp/func/crypto/sw_device/eth2p-ethip4ipsectnlsw-ip4base-func.robot
deleted file mode 100644
index 7f6207e3db..0000000000
--- a/tests/vpp/func/crypto/sw_device/eth2p-ethip4ipsectnlsw-ip4base-func.robot
+++ /dev/null
@@ -1,560 +0,0 @@
-# Copyright (c) 2017 Cisco and/or its affiliates.
-# Licensed under the Apache License, Version 2.0 (the "License");
-# you may not use this file except in compliance with the License.
-# You may obtain a copy of the License at:
-#
-#     http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS,
-# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# See the License for the specific language governing permissions and
-# limitations under the License.
-
-*** Settings ***
-| Resource | resources/libraries/robot/crypto/ipsec.robot
-| Library | resources.libraries.python.Trace
-| Force Tags | 3_NODE_SINGLE_LINK_TOPO | 3_NODE_DOUBLE_LINK_TOPO
-| ...        | VM_ENV | HW_ENV | IPSEC | IPSEC_SW
-| ...
-| Test Setup | Set up IPSec SW device functional test | IPv4
-| ...
-| Test Teardown | Tear down IPSec SW device functional test
-| ...
-| Documentation | *IPv4 SW cryptodev IPsec tunnel mode test suite.*
-| ...
-| ... | *[Top] Network topologies:* TG-DUT1 2-node topology with one link\
-| ... | between nodes.
-| ... | *[Cfg] DUT configuration:* With enabled SW crytodev on DUT1 create\
-| ... | loopback interface, configure loopback and physical interface IPv4\
-| ... | addresses, static ARP record, route and IPsec manual keyed connection\
-| ... | in tunnel mode.
-| ... | *[Ver] TG verification:* ESP packet is sent from TG to DUT1. ESP packet\
-| ... | is received on TG from DUT1.
-| ... | *[Ref] Applicable standard specifications:* RFC4303.
-
-*** Variables ***
-| ${tg_spi}= | ${1000}
-| ${dut_spi}= | ${1001}
-| ${ESP_PROTO}= | ${50}
-| ${tg_if_ip4}= | 192.168.100.2
-| ${dut_if_ip4}= | 192.168.100.3
-| ${tg_lo_ip4}= | 192.168.3.3
-| ${dut_lo_ip4}= | 192.168.4.4
-| ${ip4_plen}= | ${24}
-
-*** Test Cases ***
-| TC01: VPP process ESP packet in Tunnel Mode with AES-CBC-128 encryption and SHA1-96 integrity
-| | [Documentation]
-| | ... | [Top] TG-DUT1.
-| | ... | [Ref] RFC4303.
-| | ... | [Cfg] On DUT1 configure IPsec manual keyed connection with encryption\
-| | ... | algorithm AES-CBC-128 and integrity algorithm SHA1-96 in tunnel mode.
-| | ... | [Ver] Send and receive ESP packet between TG and VPP node.
-| | ...
-| | ${encr_alg}= | Crypto Alg AES CBC 128
-| | ${auth_alg}= | Integ Alg SHA1 96
-| | Given Generate keys for IPSec | ${encr_alg} | ${auth_alg}
-| | When Configure manual keyed connection for IPSec
-| | ... | ${dut_node} | ${dut_if} | ${encr_alg} | ${encr_key} | ${auth_alg}
-| | ... | ${auth_key} | ${dut_spi} | ${tg_spi} | ${dut_src_ip} | ${tg_src_ip}
-| | ... | ${dut_tun_ip} | ${tg_tun_ip}
-| | Then Send IPsec Packet and verify ESP encapsulation in received packet
-| | ... | ${tg_node} | ${tg_if} | ${dut_if_mac}
-| | ... | ${encr_alg} | ${encr_key} | ${auth_alg} | ${auth_key} | ${tg_spi}
-| | ... | ${dut_spi} | ${tg_src_ip} | ${dut_src_ip} | ${tg_tun_ip}
-| | ... | ${dut_tun_ip}
-
-| TC02: VPP process ESP packet in Tunnel Mode with AES-CBC-192 encryption and SHA1-96 integrity
-| | [Documentation]
-| | ... | [Top] TG-DUT1.
-| | ... | [Ref] RFC4303.
-| | ... | [Cfg] On DUT1 configure IPsec manual keyed connection with encryption\
-| | ... | algorithm AES-CBC-192 and integrity algorithm SHA1-96 in tunnel mode.
-| | ... | [Ver] Send and receive ESP packet between TG and VPP node.
-| | ...
-| | [Tags] | SKIP_PATCH
-| | ...
-| | ${encr_alg}= | Crypto Alg AES CBC 192
-| | ${auth_alg}= | Integ Alg SHA1 96
-| | Given Generate keys for IPSec | ${encr_alg} | ${auth_alg}
-| | When Configure manual keyed connection for IPSec
-| | ... | ${dut_node} | ${dut_if} | ${encr_alg} | ${encr_key} | ${auth_alg}
-| | ... | ${auth_key} | ${dut_spi} | ${tg_spi} | ${dut_src_ip} | ${tg_src_ip}
-| | ... | ${dut_tun_ip} | ${tg_tun_ip}
-| | Then Send IPsec Packet and verify ESP encapsulation in received packet
-| | ... | ${tg_node} | ${tg_if} | ${dut_if_mac}
-| | ... | ${encr_alg} | ${encr_key} | ${auth_alg} | ${auth_key} | ${tg_spi}
-| | ... | ${dut_spi} | ${tg_src_ip} | ${dut_src_ip} | ${tg_tun_ip}
-| | ... | ${dut_tun_ip}
-
-| TC03: VPP process ESP packet in Tunnel Mode with AES-CBC-256 encryption and SHA1-96 integrity
-| | [Documentation]
-| | ... | [Top] TG-DUT1.
-| | ... | [Ref] RFC4303.
-| | ... | [Cfg] On DUT1 configure IPsec manual keyed connection with encryption\
-| | ... | algorithm AES-CBC-256 and integrity algorithm SHA1-96 in tunnel mode.
-| | ... | [Ver] Send and receive ESP packet between TG and VPP node.
-| | ...
-| | [Tags] | SKIP_PATCH
-| | ...
-| | ${encr_alg}= | Crypto Alg AES CBC 256
-| | ${auth_alg}= | Integ Alg SHA1 96
-| | Given Generate keys for IPSec | ${encr_alg} | ${auth_alg}
-| | When Configure manual keyed connection for IPSec
-| | ... | ${dut_node} | ${dut_if} | ${encr_alg} | ${encr_key} | ${auth_alg}
-| | ... | ${auth_key} | ${dut_spi} | ${tg_spi} | ${dut_src_ip} | ${tg_src_ip}
-| | ... | ${dut_tun_ip} | ${tg_tun_ip}
-| | Then Send IPsec Packet and verify ESP encapsulation in received packet
-| | ... | ${tg_node} | ${tg_if} | ${dut_if_mac}
-| | ... | ${encr_alg} | ${encr_key} | ${auth_alg} | ${auth_key} | ${tg_spi}
-| | ... | ${dut_spi} | ${tg_src_ip} | ${dut_src_ip} | ${tg_tun_ip}
-| | ... | ${dut_tun_ip}
-
-| TC04: VPP process ESP packet in Tunnel Mode with AES-CBC-128 encryption and SHA-256-128 integrity
-| | [Documentation]
-| | ... | [Top] TG-DUT1.
-| | ... | [Ref] RFC4303.
-| | ... | [Cfg] On DUT1 configure IPsec manual keyed connection with encryption\
-| | ... | algorithm AES-CBC-128 and integrity algorithm SHA-256-128 in tunnel\
-| | ... | mode.
-| | ... | [Ver] Send and receive ESP packet between TG and VPP node.
-| | ...
-| | [Tags] | SKIP_PATCH
-| | ...
-| | ${encr_alg}= | Crypto Alg AES CBC 128
-| | ${auth_alg}= | Integ Alg SHA 256 128
-| | Given Generate keys for IPSec | ${encr_alg} | ${auth_alg}
-| | When Configure manual keyed connection for IPSec
-| | ... | ${dut_node} | ${dut_if} | ${encr_alg} | ${encr_key} | ${auth_alg}
-| | ... | ${auth_key} | ${dut_spi} | ${tg_spi} | ${dut_src_ip} | ${tg_src_ip}
-| | ... | ${dut_tun_ip} | ${tg_tun_ip}
-| | Then Send IPsec Packet and verify ESP encapsulation in received packet
-| | ... | ${tg_node} | ${tg_if} | ${dut_if_mac}
-| | ... | ${encr_alg} | ${encr_key} | ${auth_alg} | ${auth_key} | ${tg_spi}
-| | ... | ${dut_spi} | ${tg_src_ip} | ${dut_src_ip} | ${tg_tun_ip}
-| | ... | ${dut_tun_ip}
-
-| TC05: VPP process ESP packet in Tunnel Mode with AES-CBC-192 encryption and SHA-256-128 integrity
-| | [Documentation]
-| | ... | [Top] TG-DUT1.
-| | ... | [Ref] RFC4303.
-| | ... | [Cfg] On DUT1 configure IPsec manual keyed connection with encryption\
-| | ... | algorithm AES-CBC-192 and integrity algorithm SHA-256-128 in tunnel\
-| | ... | mode.
-| | ... | [Ver] Send and receive ESP packet between TG and VPP node.
-| | ...
-| | ${encr_alg}= | Crypto Alg AES CBC 192
-| | ${auth_alg}= | Integ Alg SHA 256 128
-| | Given Generate keys for IPSec | ${encr_alg} | ${auth_alg}
-| | When Configure manual keyed connection for IPSec
-| | ... | ${dut_node} | ${dut_if} | ${encr_alg} | ${encr_key} | ${auth_alg}
-| | ... | ${auth_key} | ${dut_spi} | ${tg_spi} | ${dut_src_ip} | ${tg_src_ip}
-| | ... | ${dut_tun_ip} | ${tg_tun_ip}
-| | Then Send IPsec Packet and verify ESP encapsulation in received packet
-| | ... | ${tg_node} | ${tg_if} | ${dut_if_mac}
-| | ... | ${encr_alg} | ${encr_key} | ${auth_alg} | ${auth_key} | ${tg_spi}
-| | ... | ${dut_spi} | ${tg_src_ip} | ${dut_src_ip} | ${tg_tun_ip}
-| | ... | ${dut_tun_ip}
-
-| TC06: VPP process ESP packet in Tunnel Mode with AES-CBC-256 encryption and SHA-256-128 integrity
-| | [Documentation]
-| | ... | [Top] TG-DUT1.
-| | ... | [Ref] RFC4303.
-| | ... | [Cfg] On DUT1 configure IPsec manual keyed connection with encryption\
-| | ... | algorithm AES-CBC-256 and integrity algorithm SHA-256-128 in tunnel\
-| | ... | mode.
-| | ... | [Ver] Send and receive ESP packet between TG and VPP node.
-| | ...
-| | [Tags] | SKIP_PATCH
-| | ...
-| | ${encr_alg}= | Crypto Alg AES CBC 256
-| | ${auth_alg}= | Integ Alg SHA 256 128
-| | Given Generate keys for IPSec | ${encr_alg} | ${auth_alg}
-| | When Configure manual keyed connection for IPSec
-| | ... | ${dut_node} | ${dut_if} | ${encr_alg} | ${encr_key} | ${auth_alg}
-| | ... | ${auth_key} | ${dut_spi} | ${tg_spi} | ${dut_src_ip} | ${tg_src_ip}
-| | ... | ${dut_tun_ip} | ${tg_tun_ip}
-| | Then Send IPsec Packet and verify ESP encapsulation in received packet
-| | ... | ${tg_node} | ${tg_if} | ${dut_if_mac}
-| | ... | ${encr_alg} | ${encr_key} | ${auth_alg} | ${auth_key} | ${tg_spi}
-| | ... | ${dut_spi} | ${tg_src_ip} | ${dut_src_ip} | ${tg_tun_ip}
-| | ... | ${dut_tun_ip}
-
-| TC07: VPP process ESP packet in Tunnel Mode with AES-CBC-128 encryption and SHA-384-192 integrity
-| | [Documentation]
-| | ... | [Top] TG-DUT1.
-| | ... | [Ref] RFC4303.
-| | ... | [Cfg] On DUT1 configure IPsec manual keyed connection with encryption\
-| | ... | algorithm AES-CBC-128 and integrity algorithm SHA-384-192 in tunnel\
-| | ... | mode.
-| | ... | [Ver] Send and receive ESP packet between TG and VPP node.
-| | ...
-| | [Tags] | SKIP_PATCH
-| | ...
-| | ${encr_alg}= | Crypto Alg AES CBC 128
-| | ${auth_alg}= | Integ Alg SHA 384 192
-| | Given Generate keys for IPSec | ${encr_alg} | ${auth_alg}
-| | When Configure manual keyed connection for IPSec
-| | ... | ${dut_node} | ${dut_if} | ${encr_alg} | ${encr_key} | ${auth_alg}
-| | ... | ${auth_key} | ${dut_spi} | ${tg_spi} | ${dut_src_ip} | ${tg_src_ip}
-| | ... | ${dut_tun_ip} | ${tg_tun_ip}
-| | Then Send IPsec Packet and verify ESP encapsulation in received packet
-| | ... | ${tg_node} | ${tg_if} | ${dut_if_mac}
-| | ... | ${encr_alg} | ${encr_key} | ${auth_alg} | ${auth_key} | ${tg_spi}
-| | ... | ${dut_spi} | ${tg_src_ip} | ${dut_src_ip} | ${tg_tun_ip}
-| | ... | ${dut_tun_ip}
-
-| TC08: VPP process ESP packet in Tunnel Mode with AES-CBC-192 encryption and SHA-384-192 integrity
-| | [Documentation]
-| | ... | [Top] TG-DUT1.
-| | ... | [Ref] RFC4303.
-| | ... | [Cfg] On DUT1 configure IPsec manual keyed connection with encryption\
-| | ... | algorithm AES-CBC-192 and integrity algorithm SHA-384-192 in tunnel\
-| | ... | mode.
-| | ... | [Ver] Send and receive ESP packet between TG and VPP node.
-| | ...
-| | [Tags] | SKIP_PATCH
-| | ...
-| | ${encr_alg}= | Crypto Alg AES CBC 192
-| | ${auth_alg}= | Integ Alg SHA 384 192
-| | Given Generate keys for IPSec | ${encr_alg} | ${auth_alg}
-| | When Configure manual keyed connection for IPSec
-| | ... | ${dut_node} | ${dut_if} | ${encr_alg} | ${encr_key} | ${auth_alg}
-| | ... | ${auth_key} | ${dut_spi} | ${tg_spi} | ${dut_src_ip} | ${tg_src_ip}
-| | ... | ${dut_tun_ip} | ${tg_tun_ip}
-| | Then Send IPsec Packet and verify ESP encapsulation in received packet
-| | ... | ${tg_node} | ${tg_if} | ${dut_if_mac}
-| | ... | ${encr_alg} | ${encr_key} | ${auth_alg} | ${auth_key} | ${tg_spi}
-| | ... | ${dut_spi} | ${tg_src_ip} | ${dut_src_ip} | ${tg_tun_ip}
-| | ... | ${dut_tun_ip}
-
-| TC09: VPP process ESP packet in Tunnel Mode with AES-CBC-256 encryption and SHA-384-192 integrity
-| | [Documentation]
-| | ... | [Top] TG-DUT1.
-| | ... | [Ref] RFC4303.
-| | ... | [Cfg] On DUT1 configure IPsec manual keyed connection with encryption\
-| | ... | algorithm AES-CBC-256 and integrity algorithm SHA-384-192 in tunnel\
-| | ... | mode.
-| | ... | [Ver] Send and receive ESP packet between TG and VPP node.
-| | ...
-| | ${encr_alg}= | Crypto Alg AES CBC 256
-| | ${auth_alg}= | Integ Alg SHA 384 192
-| | Given Generate keys for IPSec | ${encr_alg} | ${auth_alg}
-| | When Configure manual keyed connection for IPSec
-| | ... | ${dut_node} | ${dut_if} | ${encr_alg} | ${encr_key} | ${auth_alg}
-| | ... | ${auth_key} | ${dut_spi} | ${tg_spi} | ${dut_src_ip} | ${tg_src_ip}
-| | ... | ${dut_tun_ip} | ${tg_tun_ip}
-| | Then Send IPsec Packet and verify ESP encapsulation in received packet
-| | ... | ${tg_node} | ${tg_if} | ${dut_if_mac}
-| | ... | ${encr_alg} | ${encr_key} | ${auth_alg} | ${auth_key} | ${tg_spi}
-| | ... | ${dut_spi} | ${tg_src_ip} | ${dut_src_ip} | ${tg_tun_ip}
-| | ... | ${dut_tun_ip}
-
-| TC10: VPP process ESP packet in Tunnel Mode with AES-CBC-128 encryption and SHA-512-256 integrity
-| | [Documentation]
-| | ... | [Top] TG-DUT1.
-| | ... | [Ref] RFC4303.
-| | ... | [Cfg] On DUT1 configure IPsec manual keyed connection with encryption\
-| | ... | algorithm AES-CBC-128 and integrity algorithm SHA-512-256 in tunnel\
-| | ... | mode.
-| | ... | [Ver] Send and receive ESP packet between TG and VPP node.
-| | ...
-| | [Tags] | SKIP_PATCH
-| | ...
-| | ${encr_alg}= | Crypto Alg AES CBC 128
-| | ${auth_alg}= | Integ Alg SHA 512 256
-| | Given Generate keys for IPSec | ${encr_alg} | ${auth_alg}
-| | When Configure manual keyed connection for IPSec
-| | ... | ${dut_node} | ${dut_if} | ${encr_alg} | ${encr_key} | ${auth_alg}
-| | ... | ${auth_key} | ${dut_spi} | ${tg_spi} | ${dut_src_ip} | ${tg_src_ip}
-| | ... | ${dut_tun_ip} | ${tg_tun_ip}
-| | Then Send IPsec Packet and verify ESP encapsulation in received packet
-| | ... | ${tg_node} | ${tg_if} | ${dut_if_mac}
-| | ... | ${encr_alg} | ${encr_key} | ${auth_alg} | ${auth_key} | ${tg_spi}
-| | ... | ${dut_spi} | ${tg_src_ip} | ${dut_src_ip} | ${tg_tun_ip}
-| | ... | ${dut_tun_ip}
-
-| TC11: VPP process ESP packet in Tunnel Mode with AES-CBC-192 encryption and SHA-512-256 integrity
-| | [Documentation]
-| | ... | [Top] TG-DUT1.
-| | ... | [Ref] RFC4303.
-| | ... | [Cfg] On DUT1 configure IPsec manual keyed connection with encryption\
-| | ... | algorithm AES-CBC-192 and integrity algorithm SHA-512-256 in tunnel\
-| | ... | mode.
-| | ... | [Ver] Send and receive ESP packet between TG and VPP node.
-| | ...
-| | [Tags] | SKIP_PATCH
-| | ...
-| | ${encr_alg}= | Crypto Alg AES CBC 192
-| | ${auth_alg}= | Integ Alg SHA 512 256
-| | Given Generate keys for IPSec | ${encr_alg} | ${auth_alg}
-| | When Configure manual keyed connection for IPSec
-| | ... | ${dut_node} | ${dut_if} | ${encr_alg} | ${encr_key} | ${auth_alg}
-| | ... | ${auth_key} | ${dut_spi} | ${tg_spi} | ${dut_src_ip} | ${tg_src_ip}
-| | ... | ${dut_tun_ip} | ${tg_tun_ip}
-| | Then Send IPsec Packet and verify ESP encapsulation in received packet
-| | ... | ${tg_node} | ${tg_if} | ${dut_if_mac}
-| | ... | ${encr_alg} | ${encr_key} | ${auth_alg} | ${auth_key} | ${tg_spi}
-| | ... | ${dut_spi} | ${tg_src_ip} | ${dut_src_ip} | ${tg_tun_ip}
-| | ... | ${dut_tun_ip}
-
-| TC12: VPP process ESP packet in Tunnel Mode with AES-CBC-256 encryption and SHA-512-256 integrity
-| | [Documentation]
-| | ... | [Top] TG-DUT1.
-| | ... | [Ref] RFC4303.
-| | ... | [Cfg] On DUT1 configure IPsec manual keyed connection with encryption\
-| | ... | algorithm AES-CBC-256 and integrity algorithm SHA-512-256 in tunnel\
-| | ... | mode.
-| | ... | [Ver] Send and receive ESP packet between TG and VPP node.
-| | ...
-| | ${encr_alg}= | Crypto Alg AES CBC 256
-| | ${auth_alg}= | Integ Alg SHA 512 256
-| | Given Generate keys for IPSec | ${encr_alg} | ${auth_alg}
-| | When Configure manual keyed connection for IPSec
-| | ... | ${dut_node} | ${dut_if} | ${encr_alg} | ${encr_key} | ${auth_alg}
-| | ... | ${auth_key} | ${dut_spi} | ${tg_spi} | ${dut_src_ip} | ${tg_src_ip}
-| | ... | ${dut_tun_ip} | ${tg_tun_ip}
-| | Then Send IPsec Packet and verify ESP encapsulation in received packet
-| | ... | ${tg_node} | ${tg_if} | ${dut_if_mac}
-| | ... | ${encr_alg} | ${encr_key} | ${auth_alg} | ${auth_key} | ${tg_spi}
-| | ... | ${dut_spi} | ${tg_src_ip} | ${dut_src_ip} | ${tg_tun_ip}
-| | ... | ${dut_tun_ip}
-
-| TC13: VPP process ESP packet in Tunnel Mode with AES-CBC-128 encryption and SHA1-96 integrity - different encryption alogrithms used
-| | [Documentation]
-| | ... | [Top] TG-DUT1.
-| | ... | [Cfg] On DUT1 configure IPsec manual keyed connection with encryption\
-| | ... | algorithm AES-CBC-128 and integrity algorithm SHA1-96 in tunnel mode.
-| | ... | [Ver] Send an ESP packet encrypted by encryption key different from\
-| | ... | encryption key stored on VPP node from TG to VPP node and expect no\
-| | ... | response to be received on TG.
-| | ... | [Ref] RFC4303.
-| | ...
-| | ${encr_alg}= | Crypto Alg AES CBC 128
-| | ${auth_alg}= | Integ Alg SHA1 96
-| | Given Generate keys for IPSec | ${encr_alg} | ${auth_alg}
-| | ${encr_key2}= | And Get Second Random String | ${encr_alg} | Crypto
-| | When Configure manual keyed connection for IPSec
-| | ... | ${dut_node} | ${dut_if} | ${encr_alg} | ${encr_key} | ${auth_alg}
-| | ... | ${auth_key} | ${dut_spi} | ${tg_spi} | ${dut_src_ip} | ${tg_src_ip}
-| | ... | ${dut_tun_ip} | ${tg_tun_ip}
-| | Then Run Keyword And Expect Error | ESP packet Rx timeout
-| | ... | Send IPsec Packet and verify ESP encapsulation in received packet
-| | ... | ${tg_node} | ${tg_if} | ${dut_if_mac}
-| | ... | ${encr_alg} | ${encr_key2} | ${auth_alg} | ${auth_key} | ${tg_spi}
-| | ... | ${dut_spi} | ${tg_src_ip} | ${dut_src_ip} | ${tg_tun_ip}
-| | ... | ${dut_tun_ip}
-
-| TC14: VPP process ESP packet in Tunnel Mode with AES-CBC-128 encryption and SHA1-96 integrity - different integrity alogrithms used
-| | [Documentation]
-| | ... | [Top] TG-DUT1.
-| | ... | [Cfg] On DUT1 configure IPsec manual keyed connection with encryption\
-| | ... | algorithm AES-CBC-128 and integrity algorithm SHA1-96 in tunnel mode.
-| | ... | [Ver] Send an ESP packet authenticated by integrity key different\
-| | ... | from integrity key stored on VPP node from TG to VPP node and expect\
-| | ... | no response to be received on TG.
-| | ... | [Ref] RFC4303.
-| | ...
-| | ${encr_alg}= | Crypto Alg AES CBC 128
-| | ${auth_alg}= | Integ Alg SHA1 96
-| | Given Generate keys for IPSec | ${encr_alg} | ${auth_alg}
-| | ${auth_key2}= | And Get Second Random String | ${auth_alg} | Integ
-| | When Configure manual keyed connection for IPSec
-| | ... | ${dut_node} | ${dut_if} | ${encr_alg} | ${encr_key} | ${auth_alg}
-| | ... | ${auth_key} | ${dut_spi} | ${tg_spi} | ${dut_src_ip} | ${tg_src_ip}
-| | ... | ${dut_tun_ip} | ${tg_tun_ip}
-| | Then Run Keyword And Expect Error | ESP packet Rx timeout
-| | ... | Send IPsec Packet and verify ESP encapsulation in received packet
-| | ... | ${tg_node} | ${tg_if} | ${dut_if_mac}
-| | ... | ${encr_alg} | ${encr_key} | ${auth_alg} | ${auth_key2} | ${tg_spi}
-| | ... | ${dut_spi} | ${tg_src_ip} | ${dut_src_ip} | ${tg_tun_ip}
-| | ... | ${dut_tun_ip}
-
-| TC15: VPP process ESP packet in Tunnel Mode with AES-CBC-128 encryption and SHA1-96 integrity - different encryption and integrity alogrithms used
-| | [Documentation]
-| | ... | [Top] TG-DUT1.
-| | ... | [Cfg] On DUT1 configure IPsec manual keyed connection with encryption\
-| | ... | algorithm AES-CBC-128 and integrity algorithm SHA1-96 in tunnel mode.
-| | ... | [Ver] Send an ESP packet authenticated by integrity key and encrypted\
-| | ... | by encryption key different from integrity and encryption keys stored\
-| | ... | on VPP node from TG to VPP node and expect no response to be received\
-| | ... | on TG.
-| | ... | [Ref] RFC4303.
-| | ...
-| | ${encr_alg}= | Crypto Alg AES CBC 128
-| | ${auth_alg}= | Integ Alg SHA1 96
-| | Given Generate keys for IPSec | ${encr_alg} | ${auth_alg}
-| | ${encr_key2}= | And Get Second Random String | ${encr_alg} | Crypto
-| | ${auth_key2}= | And Get Second Random String | ${auth_alg} | Integ
-| | When Configure manual keyed connection for IPSec
-| | ... | ${dut_node} | ${dut_if} | ${encr_alg} | ${encr_key} | ${auth_alg}
-| | ... | ${auth_key} | ${dut_spi} | ${tg_spi} | ${dut_src_ip} | ${tg_src_ip}
-| | ... | ${dut_tun_ip} | ${tg_tun_ip}
-| | Then Run Keyword And Expect Error | ESP packet Rx timeout
-| | ... | Send IPsec Packet and verify ESP encapsulation in received packet
-| | ... | ${tg_node} | ${tg_if} | ${dut_if_mac}
-| | ... | ${encr_alg} | ${encr_key2} | ${auth_alg} | ${auth_key2} | ${tg_spi}
-| | ... | ${dut_spi} | ${tg_src_ip} | ${dut_src_ip} | ${tg_tun_ip}
-| | ... | ${dut_tun_ip}
-
-| TC16: VPP process ESP packet in Tunnel Mode with AES-CBC-128 encryption and SHA1-96 integrity with update SA keys
-| | [Documentation]
-| | ... | [Top] TG-DUT1.
-| | ... | [Ref] RFC4303.
-| | ... | [Cfg] On DUT1 configure IPsec manual keyed connection with encryption\
-| | ... | algorithm AES-CBC-128 and integrity algorithm SHA1-96 in tunnel\
-| | ... | mode. Then update SA keys - use new keys.
-| | ... | [Ver] Send and receive ESP packet between TG and VPP node before\
-| | ... | and after SA keys update.
-| | ...
-| | [Tags] | EXPECTED_FAILING
-| | ...
-| | ${encr_alg}= | Crypto Alg AES CBC 128
-| | ${auth_alg}= | Integ Alg SHA1 96
-| | Given Generate keys for IPSec | ${encr_alg} | ${auth_alg}
-| | When Configure manual keyed connection for IPSec
-| | ... | ${dut_node} | ${dut_if} | ${encr_alg} | ${encr_key} | ${auth_alg}
-| | ... | ${auth_key} | ${dut_spi} | ${tg_spi} | ${dut_src_ip} | ${tg_src_ip}
-| | ... | ${dut_tun_ip} | ${tg_tun_ip}
-| | Then Send IPsec Packet and verify ESP encapsulation in received packet
-| | ... | ${tg_node} | ${tg_if} | ${dut_if_mac}
-| | ... | ${encr_alg} | ${encr_key} | ${auth_alg} | ${auth_key} | ${tg_spi}
-| | ... | ${dut_spi} | ${tg_src_ip} | ${dut_src_ip} | ${tg_tun_ip}
-| | ... | ${dut_tun_ip}
-| | ${new_encr_key}= | Given Get Second Random String | ${encr_alg} | Crypto
-| | ${new_auth_key}= | And Get Second Random String | ${auth_alg} | Integ
-| | When Update IPSec SA keys | ${dut_node} | ${l_sa_id} | ${r_sa_id}
-| | ... | ${new_encr_key} | ${new_auth_key}
-| | Then Send IPsec Packet and verify ESP encapsulation in received packet
-| | ... | ${tg_node} | ${tg_if} | ${dut_if_mac}
-| | ... | ${encr_alg} | ${new_encr_key} | ${auth_alg} | ${new_auth_key}
-| | ... | ${tg_spi} | ${dut_spi} | ${tg_src_ip} | ${dut_src_ip} | ${tg_tun_ip}
-| | ... | ${dut_tun_ip}
-
-| TC17: VPP process ESP packet in Tunnel Mode with AES-CBC-128 encryption and SHA1-96 integrity with update SA keys - different encryption alogrithms used
-| | [Documentation]
-| | ... | [Top] TG-DUT1.
-| | ... | [Ref] RFC4303.
-| | ... | [Cfg] On DUT1 configure IPsec manual keyed connection with encryption\
-| | ... | algorithm AES-CBC-128 and integrity algorithm SHA1-96 in tunnel
-| | ... | mode. Then update SA keys - use new keys.
-| | ... | [Ver] Send an ESP packet encrypted by encryption key different from\
-| | ... | encryption key stored on VPP node from TG to VPP node and expect no\
-| | ... | response to be received on TG before and after SA keys update.
-| | ...
-| | [Tags] | EXPECTED_FAILING
-| | ...
-| | ${encr_alg}= | Crypto Alg AES CBC 128
-| | ${auth_alg}= | Integ Alg SHA1 96
-| | Given Generate keys for IPSec | ${encr_alg} | ${auth_alg}
-| | When Configure manual keyed connection for IPSec
-| | ... | ${dut_node} | ${dut_if} | ${encr_alg} | ${encr_key} | ${auth_alg}
-| | ... | ${auth_key} | ${dut_spi} | ${tg_spi} | ${dut_src_ip} | ${tg_src_ip}
-| | ... | ${dut_tun_ip} | ${tg_tun_ip}
-| | ${encr_key2}= | And Get Second Random String | ${encr_alg} | Crypto
-| | Then Run Keyword And Expect Error | ESP packet Rx timeout
-| | ... | Send IPsec Packet and verify ESP encapsulation in received packet
-| | ... | ${tg_node} | ${tg_if} | ${dut_if_mac}
-| | ... | ${encr_alg} | ${encr_key2} | ${auth_alg} | ${auth_key} | ${tg_spi}
-| | ... | ${dut_spi} | ${tg_src_ip} | ${dut_src_ip} | ${tg_tun_ip}
-| | ... | ${dut_tun_ip}
-| | ${new_encr_key}= | Given Get Second Random String | ${encr_alg} | Crypto
-| | ${new_auth_key}= | And Get Second Random String | ${auth_alg} | Integ
-| | When Update IPSec SA keys | ${dut_node} | ${l_sa_id} | ${r_sa_id}
-| | ... | ${new_encr_key} | ${new_auth_key}
-| | Then Run Keyword And Expect Error | ESP packet Rx timeout
-| | ... | Send IPsec Packet and verify ESP encapsulation in received packet
-| | ... | ${tg_node} | ${tg_if} | ${dut_if_mac}
-| | ... | ${encr_alg} | ${encr_key2} | ${auth_alg} | ${new_auth_key} | ${tg_spi}
-| | ... | ${dut_spi} | ${tg_src_ip} | ${dut_src_ip} | ${tg_tun_ip}
-| | ... | ${dut_tun_ip}
-
-| TC18: VPP process ESP packet in Tunnel Mode with AES-CBC-128 encryption and SHA1-96 integrity with update SA keys - different integrity alogrithms used
-| | [Documentation]
-| | ... | [Top] TG-DUT1.
-| | ... | [Ref] RFC4303.
-| | ... | [Cfg] On DUT1 configure IPsec manual keyed connection with encryption\
-| | ... | algorithm AES-CBC-128 and integrity algorithm SHA1-96 in tunnel\
-| | ... | mode. Then update SA keys - use new keys.
-| | ... | [Ver] Send an ESP packet authenticated by integrity key different\
-| | ... | from integrity key stored on VPP node from TG to VPP node and expect\
-| | ... | no response to be received on TG before and after SA keys update.
-| | ...
-| | [Tags] | EXPECTED_FAILING
-| | ...
-| | ${encr_alg}= | Crypto Alg AES CBC 128
-| | ${auth_alg}= | Integ Alg SHA1 96
-| | Given Generate keys for IPSec | ${encr_alg} | ${auth_alg}
-| | When Configure manual keyed connection for IPSec
-| | ... | ${dut_node} | ${dut_if} | ${encr_alg} | ${encr_key} | ${auth_alg}
-| | ... | ${auth_key} | ${dut_spi} | ${tg_spi} | ${dut_src_ip} | ${tg_src_ip}
-| | ... | ${dut_tun_ip} | ${tg_tun_ip}
-| | ${auth_key2}= | And Get Second Random String | ${auth_alg} | Integ
-| | Then Run Keyword And Expect Error | ESP packet Rx timeout
-| | ... | Send IPsec Packet and verify ESP encapsulation in received packet
-| | ... | ${tg_node} | ${tg_if} | ${dut_if_mac}
-| | ... | ${encr_alg} | ${encr_key} | ${auth_alg} | ${auth_key2} | ${tg_spi}
-| | ... | ${dut_spi} | ${tg_src_ip} | ${dut_src_ip} | ${tg_tun_ip}
-| | ... | ${dut_tun_ip}
-| | ${new_encr_key}= | Given Get Second Random String | ${encr_alg} | Crypto
-| | ${new_auth_key}= | And Get Second Random String | ${auth_alg} | Integ
-| | When Update IPSec SA keys | ${dut_node} | ${l_sa_id} | ${r_sa_id}
-| | ... | ${new_encr_key} | ${new_auth_key}
-| | Then Run Keyword And Expect Error | ESP packet Rx timeout
-| | ... | Send IPsec Packet and verify ESP encapsulation in received packet
-| | ... | ${tg_node} | ${tg_if} | ${dut_if_mac}
-| | ... | ${encr_alg} | ${new_encr_key} | ${auth_alg} | ${auth_key2} | ${tg_spi}
-| | ... | ${dut_spi} | ${tg_src_ip} | ${dut_src_ip} | ${tg_tun_ip}
-| | ... | ${dut_tun_ip}
-
-| TC19: VPP process ESP packet in Tunnel Mode with AES-CBC-128 encryption and SHA1-96 integrity with update SA keys - different encryption and integrity alogrithms used
-| | [Documentation]
-| | ... | [Top] TG-DUT1.
-| | ... | [Ref] RFC4303.
-| | ... | [Cfg] On DUT1 configure IPsec manual keyed connection with encryption\
-| | ... | algorithm AES-CBC-128 and integrity algorithm SHA1-96 in tunnel\
-| | ... | mode. Then update SA keys - use new keys.
-| | ... | [Ver] Send an ESP packet authenticated by integrity key and encrypted\
-| | ... | by encryption key different from integrity and encryption keys stored\
-| | ... | on VPP node from TG to VPP node and expect no response to be received\
-| | ... | on TG before and after SA keys update.
-| | ...
-| | [Tags] | EXPECTED_FAILING
-| | ...
-| | ${encr_alg}= | Crypto Alg AES CBC 128
-| | ${auth_alg}= | Integ Alg SHA1 96
-| | Given Generate keys for IPSec | ${encr_alg} | ${auth_alg}
-| | When Configure manual keyed connection for IPSec
-| | ... | ${dut_node} | ${dut_if} | ${encr_alg} | ${encr_key} | ${auth_alg}
-| | ... | ${auth_key} | ${dut_spi} | ${tg_spi} | ${dut_src_ip} | ${tg_src_ip}
-| | ... | ${dut_tun_ip} | ${tg_tun_ip}
-| | ${encr_key2}= | And Get Second Random String | ${encr_alg} | Crypto
-| | ${auth_key2}= | And Get Second Random String | ${auth_alg} | Integ
-| | Then Run Keyword And Expect Error | ESP packet Rx timeout
-| | ... | Send IPsec Packet and verify ESP encapsulation in received packet
-| | ... | ${tg_node} | ${tg_if} | ${dut_if_mac}
-| | ... | ${encr_alg} | ${encr_key2} | ${auth_alg} | ${auth_key2} | ${tg_spi}
-| | ... | ${dut_spi} | ${tg_src_ip} | ${dut_src_ip} | ${tg_tun_ip}
-| | ... | ${dut_tun_ip}
-| | ${new_encr_key}= | Given Get Second Random String | ${encr_alg} | Crypto
-| | ${new_auth_key}= | And Get Second Random String | ${auth_alg} | Integ
-| | When Update IPSec SA keys | ${dut_node} | ${l_sa_id} | ${r_sa_id}
-| | ... | ${new_encr_key} | ${new_auth_key}
-| | Then Run Keyword And Expect Error | ESP packet Rx timeout
-| | ... | Send IPsec Packet and verify ESP encapsulation in received packet
-| | ... | ${tg_node} | ${tg_if} | ${dut_if_mac}
-| | ... | ${encr_alg} | ${encr_key2} | ${auth_alg} | ${auth_key2} | ${tg_spi}
-| | ... | ${dut_spi} | ${tg_src_ip} | ${dut_src_ip} | ${tg_tun_ip}
-| | ... | ${dut_tun_ip}
-
-*** Keywords ***
-| Get Second Random String
-| | [Arguments] | ${req_alg} | ${req_type}
-| | ...
-| | ${req_key_len}= | Run Keyword | Get ${req_type} Alg Key Len | ${req_alg}
-| | ${key}= | Set Variable If | '${req_type}' == 'Crypto' | ${encr_key}
-| | ... | '${req_type}' == 'Integ' | ${auth_key}
-| | :FOR | ${index} | IN RANGE | 100
-| | | ${req_key}= | Generate Random String | ${req_key_len}
-| | | Return From Keyword If | '${req_key}' != '${key}' | ${req_key}
diff --git a/tests/vpp/func/crypto/sw_device/eth2p-ethip4ipsectptsw-ip4base-func.robot b/tests/vpp/func/crypto/sw_device/eth2p-ethip4ipsectptsw-ip4base-func.robot
deleted file mode 100644
index 85d77be828..0000000000
--- a/tests/vpp/func/crypto/sw_device/eth2p-ethip4ipsectptsw-ip4base-func.robot
+++ /dev/null
@@ -1,535 +0,0 @@
-# Copyright (c) 2016 Cisco and/or its affiliates.
-# Licensed under the Apache License, Version 2.0 (the "License");
-# you may not use this file except in compliance with the License.
-# You may obtain a copy of the License at:
-#
-#     http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS,
-# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# See the License for the specific language governing permissions and
-# limitations under the License.
-
-*** Settings ***
-| Resource | resources/libraries/robot/crypto/ipsec.robot
-| Library | resources.libraries.python.Trace
-| Force Tags | 3_NODE_SINGLE_LINK_TOPO | 3_NODE_DOUBLE_LINK_TOPO
-| ...        | VM_ENV | HW_ENV | IPSEC | IPSEC_SW
-| ...
-| Test Setup | Set up IPSec SW device functional test | IPv4
-| ...
-| Test Teardown | Tear down IPSec SW device functional test
-| ...
-| Documentation | *IPv4 IPsec transport mode test suite.*
-| ...
-| ... | *[Top] Network topologies:* TG-DUT1 2-node topology with one link\
-| ... | between nodes.
-| ... | *[Cfg] DUT configuration:* With enabled SW crytodev on DUT1 create\
-| ... | loopback interface, configure loopback and physical interface IPv4\
-| ... | addresses, static ARP record, route and IPsec manual keyed connection\
-| ... | in transport mode.
-| ... | *[Ver] TG verification:* ESP packet is sent from TG to DUT1. ESP packet\
-| ... | is received on TG from DUT1.
-| ... | *[Ref] Applicable standard specifications:* RFC4303.
-
-*** Variables ***
-| ${tg_spi}= | ${1000}
-| ${dut_spi}= | ${1001}
-| ${ESP_PROTO}= | ${50}
-| ${tg_if_ip4}= | 192.168.100.2
-| ${dut_if_ip4}= | 192.168.100.3
-| ${tg_lo_ip4}= | 192.168.3.3
-| ${dut_lo_ip4}= | 192.168.4.4
-| ${ip4_plen}= | ${24}
-
-*** Test Cases ***
-| TC01: VPP process ESP packet in Transport Mode with AES-CBC-128 encryption and SHA1-96 integrity
-| | [Documentation]
-| | ... | [Top] TG-DUT1.
-| | ... | [Ref] RFC4303.
-| | ... | [Cfg] On DUT1 configure IPsec manual keyed connection with encryption\
-| | ... | algorithm AES-CBC-128 and integrity algorithm SHA1-96 in transport
-| | ... | mode.
-| | ... | [Ver] Send and receive ESP packet between TG and VPP node.
-| | ...
-| | [Tags] | EXPECTED_FAILING
-| | ...
-| | ${encr_alg}= | Crypto Alg AES CBC 128
-| | ${auth_alg}= | Integ Alg SHA1 96
-| | Given Generate keys for IPSec | ${encr_alg} | ${auth_alg}
-| | When Configure manual keyed connection for IPSec
-| | ... | ${dut_node} | ${dut_if} | ${encr_alg} | ${encr_key} | ${auth_alg}
-| | ... | ${auth_key} | ${dut_spi} | ${tg_spi} | ${dut_tun_ip} | ${tg_tun_ip}
-| | Then Send IPsec Packet and verify ESP encapsulation in received packet
-| | ... | ${tg_node} | ${tg_if} | ${dut_if_mac}
-| | ... | ${encr_alg} | ${encr_key} | ${auth_alg} | ${auth_key} | ${tg_spi}
-| | ... | ${dut_spi} | ${tg_tun_ip} | ${dut_tun_ip}
-
-| TC02: VPP process ESP packet in Transport Mode with AES-CBC-192 encryption and SHA1-96 integrity
-| | [Documentation]
-| | ... | [Top] TG-DUT1.
-| | ... | [Ref] RFC4303.
-| | ... | [Cfg] On DUT1 configure IPsec manual keyed connection with encryption\
-| | ... | algorithm AES-CBC-192 and integrity algorithm SHA1-96 in transport
-| | ... | mode.
-| | ... | [Ver] Send and receive ESP packet between TG and VPP node.
-| | ...
-| | [Tags] | SKIP_PATCH | EXPECTED_FAILING
-| | ...
-| | ${encr_alg}= | Crypto Alg AES CBC 192
-| | ${auth_alg}= | Integ Alg SHA1 96
-| | Given Generate keys for IPSec | ${encr_alg} | ${auth_alg}
-| | When Configure manual keyed connection for IPSec
-| | ... | ${dut_node} | ${dut_if} | ${encr_alg} | ${encr_key} | ${auth_alg}
-| | ... | ${auth_key} | ${dut_spi} | ${tg_spi} | ${dut_tun_ip} | ${tg_tun_ip}
-| | Then Send IPsec Packet and verify ESP encapsulation in received packet
-| | ... | ${tg_node} | ${tg_if} | ${dut_if_mac}
-| | ... | ${encr_alg} | ${encr_key} | ${auth_alg} | ${auth_key} | ${tg_spi}
-| | ... | ${dut_spi} | ${tg_tun_ip} | ${dut_tun_ip}
-
-| TC03: VPP process ESP packet in Transport Mode with AES-CBC-256 encryption and SHA1-96 integrity
-| | [Documentation]
-| | ... | [Top] TG-DUT1.
-| | ... | [Ref] RFC4303.
-| | ... | [Cfg] On DUT1 configure IPsec manual keyed connection with encryption\
-| | ... | algorithm AES-CBC-256 and integrity algorithm SHA1-96 in transport
-| | ... | mode.
-| | ... | [Ver] Send and receive ESP packet between TG and VPP node.
-| | ...
-| | [Tags] | SKIP_PATCH | EXPECTED_FAILING
-| | ...
-| | ${encr_alg}= | Crypto Alg AES CBC 256
-| | ${auth_alg}= | Integ Alg SHA1 96
-| | Given Generate keys for IPSec | ${encr_alg} | ${auth_alg}
-| | When Configure manual keyed connection for IPSec
-| | ... | ${dut_node} | ${dut_if} | ${encr_alg} | ${encr_key} | ${auth_alg}
-| | ... | ${auth_key} | ${dut_spi} | ${tg_spi} | ${dut_tun_ip} | ${tg_tun_ip}
-| | Then Send IPsec Packet and verify ESP encapsulation in received packet
-| | ... | ${tg_node} | ${tg_if} | ${dut_if_mac}
-| | ... | ${encr_alg} | ${encr_key} | ${auth_alg} | ${auth_key} | ${tg_spi}
-| | ... | ${dut_spi} | ${tg_tun_ip} | ${dut_tun_ip}
-
-| TC04: VPP process ESP packet in Transport Mode with AES-CBC-128 encryption and SHA-256-128 integrity
-| | [Documentation]
-| | ... | [Top] TG-DUT1.
-| | ... | [Ref] RFC4303.
-| | ... | [Cfg] On DUT1 configure IPsec manual keyed connection with encryption\
-| | ... | algorithm AES-CBC-128 and integrity algorithm SHA-256-128 in transport
-| | ... | mode.
-| | ... | [Ver] Send and receive ESP packet between TG and VPP node.
-| | ...
-| | [Tags] | SKIP_PATCH | EXPECTED_FAILING
-| | ...
-| | ${encr_alg}= | Crypto Alg AES CBC 128
-| | ${auth_alg}= | Integ Alg SHA 256 128
-| | Given Generate keys for IPSec | ${encr_alg} | ${auth_alg}
-| | When Configure manual keyed connection for IPSec
-| | ... | ${dut_node} | ${dut_if} | ${encr_alg} | ${encr_key} | ${auth_alg}
-| | ... | ${auth_key} | ${dut_spi} | ${tg_spi} | ${dut_tun_ip} | ${tg_tun_ip}
-| | Then Send IPsec Packet and verify ESP encapsulation in received packet
-| | ... | ${tg_node} | ${tg_if} | ${dut_if_mac}
-| | ... | ${encr_alg} | ${encr_key} | ${auth_alg} | ${auth_key} | ${tg_spi}
-| | ... | ${dut_spi} | ${tg_tun_ip} | ${dut_tun_ip}
-
-| TC05: VPP process ESP packet in Transport Mode with AES-CBC-192 encryption and SHA-256-128 integrity
-| | [Documentation]
-| | ... | [Top] TG-DUT1.
-| | ... | [Ref] RFC4303.
-| | ... | [Cfg] On DUT1 configure IPsec manual keyed connection with encryption\
-| | ... | algorithm AES-CBC-192 and integrity algorithm SHA-256-128 in transport
-| | ... | mode.
-| | ... | [Ver] Send and receive ESP packet between TG and VPP node.
-| | ...
-| | [Tags] | EXPECTED_FAILING
-| | ...
-| | ${encr_alg}= | Crypto Alg AES CBC 192
-| | ${auth_alg}= | Integ Alg SHA 256 128
-| | Given Generate keys for IPSec | ${encr_alg} | ${auth_alg}
-| | When Configure manual keyed connection for IPSec
-| | ... | ${dut_node} | ${dut_if} | ${encr_alg} | ${encr_key} | ${auth_alg}
-| | ... | ${auth_key} | ${dut_spi} | ${tg_spi} | ${dut_tun_ip} | ${tg_tun_ip}
-| | Then Send IPsec Packet and verify ESP encapsulation in received packet
-| | ... | ${tg_node} | ${tg_if} | ${dut_if_mac}
-| | ... | ${encr_alg} | ${encr_key} | ${auth_alg} | ${auth_key} | ${tg_spi}
-| | ... | ${dut_spi} | ${tg_tun_ip} | ${dut_tun_ip}
-
-| TC06: VPP process ESP packet in Transport Mode with AES-CBC-256 encryption and SHA-256-128 integrity
-| | [Documentation]
-| | ... | [Top] TG-DUT1.
-| | ... | [Ref] RFC4303.
-| | ... | [Cfg] On DUT1 configure IPsec manual keyed connection with encryption\
-| | ... | algorithm AES-CBC-256 and integrity algorithm SHA-256-128 in transport
-| | ... | mode.
-| | ... | [Ver] Send and receive ESP packet between TG and VPP node.
-| | ...
-| | [Tags] | SKIP_PATCH | EXPECTED_FAILING
-| | ...
-| | ${encr_alg}= | Crypto Alg AES CBC 256
-| | ${auth_alg}= | Integ Alg SHA 256 128
-| | Given Generate keys for IPSec | ${encr_alg} | ${auth_alg}
-| | When Configure manual keyed connection for IPSec
-| | ... | ${dut_node} | ${dut_if} | ${encr_alg} | ${encr_key} | ${auth_alg}
-| | ... | ${auth_key} | ${dut_spi} | ${tg_spi} | ${dut_tun_ip} | ${tg_tun_ip}
-| | Then Send IPsec Packet and verify ESP encapsulation in received packet
-| | ... | ${tg_node} | ${tg_if} | ${dut_if_mac}
-| | ... | ${encr_alg} | ${encr_key} | ${auth_alg} | ${auth_key} | ${tg_spi}
-| | ... | ${dut_spi} | ${tg_tun_ip} | ${dut_tun_ip}
-
-| TC07: VPP process ESP packet in Transport Mode with AES-CBC-128 encryption and SHA-384-192 integrity
-| | [Documentation]
-| | ... | [Top] TG-DUT1.
-| | ... | [Ref] RFC4303.
-| | ... | [Cfg] On DUT1 configure IPsec manual keyed connection with encryption\
-| | ... | algorithm AES-CBC-128 and integrity algorithm SHA-384-192 in transport
-| | ... | mode.
-| | ... | [Ver] Send and receive ESP packet between TG and VPP node.
-| | ...
-| | [Tags] | SKIP_PATCH | EXPECTED_FAILING
-| | ...
-| | ${encr_alg}= | Crypto Alg AES CBC 128
-| | ${auth_alg}= | Integ Alg SHA 384 192
-| | Given Generate keys for IPSec | ${encr_alg} | ${auth_alg}
-| | When Configure manual keyed connection for IPSec
-| | ... | ${dut_node} | ${dut_if} | ${encr_alg} | ${encr_key} | ${auth_alg}
-| | ... | ${auth_key} | ${dut_spi} | ${tg_spi} | ${dut_tun_ip} | ${tg_tun_ip}
-| | Then Send IPsec Packet and verify ESP encapsulation in received packet
-| | ... | ${tg_node} | ${tg_if} | ${dut_if_mac}
-| | ... | ${encr_alg} | ${encr_key} | ${auth_alg} | ${auth_key} | ${tg_spi}
-| | ... | ${dut_spi} | ${tg_tun_ip} | ${dut_tun_ip}
-
-| TC08: VPP process ESP packet in Transport Mode with AES-CBC-192 encryption and SHA-384-192 integrity
-| | [Documentation]
-| | ... | [Top] TG-DUT1.
-| | ... | [Ref] RFC4303.
-| | ... | [Cfg] On DUT1 configure IPsec manual keyed connection with encryption\
-| | ... | algorithm AES-CBC-192 and integrity algorithm SHA-384-192 in transport
-| | ... | mode.
-| | ... | [Ver] Send and receive ESP packet between TG and VPP node.
-| | ...
-| | [Tags] | SKIP_PATCH | EXPECTED_FAILING
-| | ...
-| | ${encr_alg}= | Crypto Alg AES CBC 192
-| | ${auth_alg}= | Integ Alg SHA 384 192
-| | Given Generate keys for IPSec | ${encr_alg} | ${auth_alg}
-| | When Configure manual keyed connection for IPSec
-| | ... | ${dut_node} | ${dut_if} | ${encr_alg} | ${encr_key} | ${auth_alg}
-| | ... | ${auth_key} | ${dut_spi} | ${tg_spi} | ${dut_tun_ip} | ${tg_tun_ip}
-| | Then Send IPsec Packet and verify ESP encapsulation in received packet
-| | ... | ${tg_node} | ${tg_if} | ${dut_if_mac}
-| | ... | ${encr_alg} | ${encr_key} | ${auth_alg} | ${auth_key} | ${tg_spi}
-| | ... | ${dut_spi} | ${tg_tun_ip} | ${dut_tun_ip}
-
-| TC09: VPP process ESP packet in Transport Mode with AES-CBC-256 encryption and SHA-384-192 integrity
-| | [Documentation]
-| | ... | [Top] TG-DUT1.
-| | ... | [Ref] RFC4303.
-| | ... | [Cfg] On DUT1 configure IPsec manual keyed connection with encryption\
-| | ... | algorithm AES-CBC-256 and integrity algorithm SHA-384-192 in transport
-| | ... | mode.
-| | ... | [Ver] Send and receive ESP packet between TG and VPP node.
-| | ...
-| | [Tags] | EXPECTED_FAILING
-| | ...
-| | ${encr_alg}= | Crypto Alg AES CBC 256
-| | ${auth_alg}= | Integ Alg SHA 384 192
-| | Given Generate keys for IPSec | ${encr_alg} | ${auth_alg}
-| | When Configure manual keyed connection for IPSec
-| | ... | ${dut_node} | ${dut_if} | ${encr_alg} | ${encr_key} | ${auth_alg}
-| | ... | ${auth_key} | ${dut_spi} | ${tg_spi} | ${dut_tun_ip} | ${tg_tun_ip}
-| | Then Send IPsec Packet and verify ESP encapsulation in received packet
-| | ... | ${tg_node} | ${tg_if} | ${dut_if_mac}
-| | ... | ${encr_alg} | ${encr_key} | ${auth_alg} | ${auth_key} | ${tg_spi}
-| | ... | ${dut_spi} | ${tg_tun_ip} | ${dut_tun_ip}
-
-| TC10: VPP process ESP packet in Transport Mode with AES-CBC-128 encryption and SHA-512-256 integrity
-| | [Documentation]
-| | ... | [Top] TG-DUT1.
-| | ... | [Ref] RFC4303.
-| | ... | [Cfg] On DUT1 configure IPsec manual keyed connection with encryption\
-| | ... | algorithm AES-CBC-128 and integrity algorithm SHA-512-256 in transport
-| | ... | mode.
-| | ... | [Ver] Send and receive ESP packet between TG and VPP node.
-| | ...
-| | [Tags] | SKIP_PATCH | EXPECTED_FAILING
-| | ...
-| | ${encr_alg}= | Crypto Alg AES CBC 128
-| | ${auth_alg}= | Integ Alg SHA 512 256
-| | Given Generate keys for IPSec | ${encr_alg} | ${auth_alg}
-| | When Configure manual keyed connection for IPSec
-| | ... | ${dut_node} | ${dut_if} | ${encr_alg} | ${encr_key} | ${auth_alg}
-| | ... | ${auth_key} | ${dut_spi} | ${tg_spi} | ${dut_tun_ip} | ${tg_tun_ip}
-| | Then Send IPsec Packet and verify ESP encapsulation in received packet
-| | ... | ${tg_node} | ${tg_if} | ${dut_if_mac}
-| | ... | ${encr_alg} | ${encr_key} | ${auth_alg} | ${auth_key} | ${tg_spi}
-| | ... | ${dut_spi} | ${tg_tun_ip} | ${dut_tun_ip}
-
-| TC11: VPP process ESP packet in Transport Mode with AES-CBC-192 encryption and SHA-512-256 integrity
-| | [Documentation]
-| | ... | [Top] TG-DUT1.
-| | ... | [Ref] RFC4303.
-| | ... | [Cfg] On DUT1 configure IPsec manual keyed connection with encryption\
-| | ... | algorithm AES-CBC-192 and integrity algorithm SHA-512-256 in transport
-| | ... | mode.
-| | ... | [Ver] Send and receive ESP packet between TG and VPP node.
-| | ...
-| | [Tags] | SKIP_PATCH | EXPECTED_FAILING
-| | ...
-| | ${encr_alg}= | Crypto Alg AES CBC 192
-| | ${auth_alg}= | Integ Alg SHA 512 256
-| | Given Generate keys for IPSec | ${encr_alg} | ${auth_alg}
-| | When Configure manual keyed connection for IPSec
-| | ... | ${dut_node} | ${dut_if} | ${encr_alg} | ${encr_key} | ${auth_alg}
-| | ... | ${auth_key} | ${dut_spi} | ${tg_spi} | ${dut_tun_ip} | ${tg_tun_ip}
-| | Then Send IPsec Packet and verify ESP encapsulation in received packet
-| | ... | ${tg_node} | ${tg_if} | ${dut_if_mac}
-| | ... | ${encr_alg} | ${encr_key} | ${auth_alg} | ${auth_key} | ${tg_spi}
-| | ... | ${dut_spi} | ${tg_tun_ip} | ${dut_tun_ip}
-
-| TC12: VPP process ESP packet in Transport Mode with AES-CBC-256 encryption and SHA-512-256 integrity
-| | [Documentation]
-| | ... | [Top] TG-DUT1.
-| | ... | [Ref] RFC4303.
-| | ... | [Cfg] On DUT1 configure IPsec manual keyed connection with encryption\
-| | ... | algorithm AES-CBC-256 and integrity algorithm SHA-512-256 in transport
-| | ... | mode.
-| | ... | [Ver] Send and receive ESP packet between TG and VPP node.
-| | ...
-| | [Tags] | EXPECTED_FAILING
-| | ...
-| | ${encr_alg}= | Crypto Alg AES CBC 256
-| | ${auth_alg}= | Integ Alg SHA 512 256
-| | Given Generate keys for IPSec | ${encr_alg} | ${auth_alg}
-| | When Configure manual keyed connection for IPSec
-| | ... | ${dut_node} | ${dut_if} | ${encr_alg} | ${encr_key} | ${auth_alg}
-| | ... | ${auth_key} | ${dut_spi} | ${tg_spi} | ${dut_tun_ip} | ${tg_tun_ip}
-| | Then Send IPsec Packet and verify ESP encapsulation in received packet
-| | ... | ${tg_node} | ${tg_if} | ${dut_if_mac}
-| | ... | ${encr_alg} | ${encr_key} | ${auth_alg} | ${auth_key} | ${tg_spi}
-| | ... | ${dut_spi} | ${tg_tun_ip} | ${dut_tun_ip}
-
-
-| TC13: VPP process ESP packet in Transport Mode with AES-CBC-128 encryption and SHA1-96 integrity - different encryption alogrithms used
-| | [Documentation]
-| | ... | [Top] TG-DUT1.
-| | ... | [Cfg] On DUT1 configure IPsec manual keyed connection with encryption\
-| | ... | algorithm AES-CBC-128 and integrity algorithm SHA1-96 in transport\
-| | ... | mode.
-| | ... | [Ver] Send an ESP packet encrypted by encryption key different from\
-| | ... | encryption key stored on VPP node from TG to VPP node and expect no\
-| | ... | response to be received on TG.
-| | ... | [Ref] RFC4303.
-| | ...
-| | [Tags] | EXPECTED_FAILING
-| | ...
-| | ${encr_alg}= | Crypto Alg AES CBC 128
-| | ${auth_alg}= | Integ Alg SHA1 96
-| | Given Generate keys for IPSec | ${encr_alg} | ${auth_alg}
-| | ${encr_key2}= | And Get Second Random String | ${encr_alg} | Crypto
-| | When Configure manual keyed connection for IPSec
-| | ... | ${dut_node} | ${dut_if} | ${encr_alg} | ${encr_key} | ${auth_alg}
-| | ... | ${auth_key} | ${dut_spi} | ${tg_spi} | ${dut_tun_ip} | ${tg_tun_ip}
-| | Then Run Keyword And Expect Error | ESP packet Rx timeout
-| | ... | Send IPsec Packet and verify ESP encapsulation in received packet
-| | ... | ${tg_node} | ${tg_if} | ${dut_if_mac}
-| | ... | ${encr_alg} | ${encr_key2} | ${auth_alg} | ${auth_key} | ${tg_spi}
-| | ... | ${dut_spi} | ${tg_tun_ip} | ${dut_tun_ip}
-
-| TC14: VPP process ESP packet in Transport Mode with AES-CBC-128 encryption and SHA1-96 integrity - different integrity alogrithms used
-| | [Documentation]
-| | ... | [Top] TG-DUT1.
-| | ... | [Cfg] On DUT1 configure IPsec manual keyed connection with encryption\
-| | ... | algorithm AES-CBC-128 and integrity algorithm SHA1-96 in transport\
-| | ... | mode.
-| | ... | [Ver] Send an ESP packet authenticated by integrity key different\
-| | ... | from integrity key stored on VPP node from TG to VPP node and expect\
-| | ... | no response to be received on TG.
-| | ... | [Ref] RFC4303.
-| | ...
-| | ${encr_alg}= | Crypto Alg AES CBC 128
-| | ${auth_alg}= | Integ Alg SHA1 96
-| | Given Generate keys for IPSec | ${encr_alg} | ${auth_alg}
-| | ${auth_key2}= | And Get Second Random String | ${auth_alg} | Integ
-| | When Configure manual keyed connection for IPSec
-| | ... | ${dut_node} | ${dut_if} | ${encr_alg} | ${encr_key} | ${auth_alg}
-| | ... | ${auth_key} | ${dut_spi} | ${tg_spi} | ${dut_tun_ip} | ${tg_tun_ip}
-| | Then Run Keyword And Expect Error | ESP packet Rx timeout
-| | ... | Send IPsec Packet and verify ESP encapsulation in received packet
-| | ... | ${tg_node} | ${tg_if} | ${dut_if_mac}
-| | ... | ${encr_alg} | ${encr_key} | ${auth_alg} | ${auth_key2} | ${tg_spi}
-| | ... | ${dut_spi} | ${tg_tun_ip} | ${dut_tun_ip}
-
-| TC15: VPP process ESP packet in Transport Mode with AES-CBC-128 encryption and SHA1-96 integrity - different encryption and integrity alogrithms used
-| | [Documentation]
-| | ... | [Top] TG-DUT1.
-| | ... | [Cfg] On DUT1 configure IPsec manual keyed connection with encryption\
-| | ... | algorithm AES-CBC-128 and integrity algorithm SHA1-96 in transport\
-| | ... | mode.
-| | ... | [Ver] Send an ESP packet authenticated by integrity key and encrypted\
-| | ... | by encryption key different from integrity and encryption keys stored\
-| | ... | on VPP node from TG to VPP node and expect no response to be received\
-| | ... | on TG.
-| | ... | [Ref] RFC4303.
-| | ...
-| | ${encr_alg}= | Crypto Alg AES CBC 128
-| | ${auth_alg}= | Integ Alg SHA1 96
-| | Given Generate keys for IPSec | ${encr_alg} | ${auth_alg}
-| | ${encr_key2}= | And Get Second Random String | ${encr_alg} | Crypto
-| | ${auth_key2}= | And Get Second Random String | ${auth_alg} | Integ
-| | When Configure manual keyed connection for IPSec
-| | ... | ${dut_node} | ${dut_if} | ${encr_alg} | ${encr_key} | ${auth_alg}
-| | ... | ${auth_key} | ${dut_spi} | ${tg_spi} | ${dut_tun_ip} | ${tg_tun_ip}
-| | Then Run Keyword And Expect Error | ESP packet Rx timeout
-| | ... | Send IPsec Packet and verify ESP encapsulation in received packet
-| | ... | ${tg_node} | ${tg_if} | ${dut_if_mac}
-| | ... | ${encr_alg} | ${encr_key2} | ${auth_alg} | ${auth_key2} | ${tg_spi}
-| | ... | ${dut_spi} | ${tg_tun_ip} | ${dut_tun_ip}
-
-| TC16: VPP process ESP packet in Transport Mode with AES-CBC-128 encryption and SHA1-96 integrity with update SA keys
-| | [Documentation]
-| | ... | [Top] TG-DUT1.
-| | ... | [Ref] RFC4303.
-| | ... | [Cfg] On DUT1 configure IPsec manual keyed connection with encryption\
-| | ... | algorithm AES-CBC-128 and integrity algorithm SHA1-96 in transport\
-| | ... | mode. Then update SA keys - use new keys.
-| | ... | [Ver] Send and receive ESP packet between TG and VPP node before\
-| | ... | and after SA keys update.
-| | ...
-| | [Tags] | EXPECTED_FAILING
-| | ...
-| | ${encr_alg}= | Crypto Alg AES CBC 128
-| | ${auth_alg}= | Integ Alg SHA1 96
-| | Given Generate keys for IPSec | ${encr_alg} | ${auth_alg}
-| | When Configure manual keyed connection for IPSec
-| | ... | ${dut_node} | ${dut_if} | ${encr_alg} | ${encr_key} | ${auth_alg}
-| | ... | ${auth_key} | ${dut_spi} | ${tg_spi} | ${dut_tun_ip} | ${tg_tun_ip}
-| | Then Send IPsec Packet and verify ESP encapsulation in received packet
-| | ... | ${tg_node} | ${tg_if} | ${dut_if_mac}
-| | ... | ${encr_alg} | ${encr_key} | ${auth_alg} | ${auth_key} | ${tg_spi}
-| | ... | ${dut_spi} | ${tg_tun_ip} | ${dut_tun_ip}
-| | ${new_encr_key}= | Given Get Second Random String | ${encr_alg} | Crypto
-| | ${new_auth_key}= | And Get Second Random String | ${auth_alg} | Integ
-| | When Update IPSec SA keys | ${dut_node} | ${l_sa_id} | ${r_sa_id}
-| | ... | ${new_encr_key} | ${new_auth_key}
-| | Then Send IPsec Packet and verify ESP encapsulation in received packet
-| | ... | ${tg_node} | ${tg_if} | ${dut_if_mac}
-| | ... | ${encr_alg} | ${new_encr_key} | ${auth_alg} | ${new_auth_key}
-| | ... | ${tg_spi} | ${dut_spi} | ${tg_tun_ip} | ${dut_tun_ip}
-
-| TC17: VPP process ESP packet in Transport Mode with AES-CBC-128 encryption and SHA1-96 integrity with update SA keys - different encryption alogrithms used
-| | [Documentation]
-| | ... | [Top] TG-DUT1.
-| | ... | [Ref] RFC4303.
-| | ... | [Cfg] On DUT1 configure IPsec manual keyed connection with encryption\
-| | ... | algorithm AES-CBC-128 and integrity algorithm SHA1-96 in transport\
-| | ... | mode. Then update SA keys - use new keys.
-| | ... | [Ver] Send an ESP packet encrypted by encryption key different from\
-| | ... | encryption key stored on VPP node from TG to VPP node and expect no\
-| | ... | response to be received on TG before and after SA keys update.
-| | ...
-| | [Tags] | EXPECTED_FAILING
-| | ...
-| | ${encr_alg}= | Crypto Alg AES CBC 128
-| | ${auth_alg}= | Integ Alg SHA1 96
-| | Given Generate keys for IPSec | ${encr_alg} | ${auth_alg}
-| | When Configure manual keyed connection for IPSec
-| | ... | ${dut_node} | ${dut_if} | ${encr_alg} | ${encr_key} | ${auth_alg}
-| | ... | ${auth_key} | ${dut_spi} | ${tg_spi} | ${dut_tun_ip} | ${tg_tun_ip}
-| | ${encr_key2}= | And Get Second Random String | ${encr_alg} | Crypto
-| | Then Run Keyword And Expect Error | ESP packet Rx timeout
-| | ... | Send IPsec Packet and verify ESP encapsulation in received packet
-| | ... | ${tg_node} | ${tg_if} | ${dut_if_mac}
-| | ... | ${encr_alg} | ${encr_key2} | ${auth_alg} | ${auth_key} | ${tg_spi}
-| | ... | ${dut_spi} | ${tg_tun_ip} | ${dut_tun_ip}
-| | ${new_encr_key}= | Given Get Second Random String | ${encr_alg} | Crypto
-| | ${new_auth_key}= | And Get Second Random String | ${auth_alg} | Integ
-| | When Update IPSec SA keys | ${dut_node} | ${l_sa_id} | ${r_sa_id}
-| | ... | ${new_encr_key} | ${new_auth_key}
-| | Then Run Keyword And Expect Error | ESP packet Rx timeout
-| | ... | Send IPsec Packet and verify ESP encapsulation in received packet
-| | ... | ${tg_node} | ${tg_if} | ${dut_if_mac}
-| | ... | ${encr_alg} | ${encr_key2} | ${auth_alg} | ${new_auth_key} | ${tg_spi}
-| | ... | ${dut_spi} | ${tg_tun_ip} | ${dut_tun_ip}
-
-| TC18: VPP process ESP packet in Transport Mode with AES-CBC-128 encryption and SHA1-96 integrity with update SA keys - different integrity alogrithms used
-| | [Documentation]
-| | ... | [Top] TG-DUT1.
-| | ... | [Ref] RFC4303.
-| | ... | [Cfg] On DUT1 configure IPsec manual keyed connection with encryption\
-| | ... | algorithm AES-CBC-128 and integrity algorithm SHA1-96 in transport\
-| | ... | mode. Then update SA keys - use new keys.
-| | ... | [Ver] Send an ESP packet authenticated by integrity key different\
-| | ... | from integrity key stored on VPP node from TG to VPP node and expect\
-| | ... | no response to be received on TG before and after SA keys update.
-| | ...
-| | [Tags] | EXPECTED_FAILING
-| | ...
-| | ${encr_alg}= | Crypto Alg AES CBC 128
-| | ${auth_alg}= | Integ Alg SHA1 96
-| | Given Generate keys for IPSec | ${encr_alg} | ${auth_alg}
-| | When Configure manual keyed connection for IPSec
-| | ... | ${dut_node} | ${dut_if} | ${encr_alg} | ${encr_key} | ${auth_alg}
-| | ... | ${auth_key} | ${dut_spi} | ${tg_spi} | ${dut_tun_ip} | ${tg_tun_ip}
-| | ${auth_key2}= | And Get Second Random String | ${auth_alg} | Integ
-| | Then Run Keyword And Expect Error | ESP packet Rx timeout
-| | ... | Send IPsec Packet and verify ESP encapsulation in received packet
-| | ... | ${tg_node} | ${tg_if} | ${dut_if_mac}
-| | ... | ${encr_alg} | ${encr_key} | ${auth_alg} | ${auth_key2} | ${tg_spi}
-| | ... | ${dut_spi} | ${tg_tun_ip} | ${dut_tun_ip}
-| | ${new_encr_key}= | Given Get Second Random String | ${encr_alg} | Crypto
-| | ${new_auth_key}= | And Get Second Random String | ${auth_alg} | Integ
-| | When Update IPSec SA keys | ${dut_node} | ${l_sa_id} | ${r_sa_id}
-| | ... | ${new_encr_key} | ${new_auth_key}
-| | Then Run Keyword And Expect Error | ESP packet Rx timeout
-| | ... | Send IPsec Packet and verify ESP encapsulation in received packet
-| | ... | ${tg_node} | ${tg_if} | ${dut_if_mac}
-| | ... | ${encr_alg} | ${new_encr_key} | ${auth_alg} | ${auth_key2} | ${tg_spi}
-| | ... | ${dut_spi} | ${tg_tun_ip} | ${dut_tun_ip}
-
-| TC19: VPP process ESP packet in Transport Mode with AES-CBC-128 encryption and SHA1-96 integrity with update SA keys - different encryption and integrity alogrithms used
-| | [Documentation]
-| | ... | [Top] TG-DUT1.
-| | ... | [Ref] RFC4303.
-| | ... | [Cfg] On DUT1 configure IPsec manual keyed connection with encryption\
-| | ... | algorithm AES-CBC-128 and integrity algorithm SHA1-96 in transport\
-| | ... | mode. Then update SA keys - use new keys.
-| | ... | [Ver] Send an ESP packet authenticated by integrity key and encrypted\
-| | ... | by encryption key different from integrity and encryption keys stored\
-| | ... | on VPP node from TG to VPP node and expect no response to be received\
-| | ... | on TG before and after SA keys update.
-| | ...
-| | [Tags] | EXPECTED_FAILING
-| | ...
-| | ${encr_alg}= | Crypto Alg AES CBC 128
-| | ${auth_alg}= | Integ Alg SHA1 96
-| | Given Generate keys for IPSec | ${encr_alg} | ${auth_alg}
-| | When Configure manual keyed connection for IPSec
-| | ... | ${dut_node} | ${dut_if} | ${encr_alg} | ${encr_key} | ${auth_alg}
-| | ... | ${auth_key} | ${dut_spi} | ${tg_spi} | ${dut_tun_ip} | ${tg_tun_ip}
-| | ${encr_key2}= | And Get Second Random String | ${encr_alg} | Crypto
-| | ${auth_key2}= | And Get Second Random String | ${auth_alg} | Integ
-| | Then Run Keyword And Expect Error | ESP packet Rx timeout
-| | ... | Send IPsec Packet and verify ESP encapsulation in received packet
-| | ... | ${tg_node} | ${tg_if} | ${dut_if_mac}
-| | ... | ${encr_alg} | ${encr_key2} | ${auth_alg} | ${auth_key2} | ${tg_spi}
-| | ... | ${dut_spi} | ${tg_tun_ip} | ${dut_tun_ip}
-| | ${new_encr_key}= | Given Get Second Random String | ${encr_alg} | Crypto
-| | ${new_auth_key}= | And Get Second Random String | ${auth_alg} | Integ
-| | When Update IPSec SA keys | ${dut_node} | ${l_sa_id} | ${r_sa_id}
-| | ... | ${new_encr_key} | ${new_auth_key}
-| | Then Run Keyword And Expect Error | ESP packet Rx timeout
-| | ... | Send IPsec Packet and verify ESP encapsulation in received packet
-| | ... | ${tg_node} | ${tg_if} | ${dut_if_mac}
-| | ... | ${encr_alg} | ${encr_key2} | ${auth_alg} | ${auth_key2} | ${tg_spi}
-| | ... | ${dut_spi} | ${tg_tun_ip} | ${dut_tun_ip}
-
-*** Keywords ***
-| Get Second Random String
-| | [Arguments] | ${req_alg} | ${req_type}
-| | ...
-| | ${req_key_len}= | Run Keyword | Get ${req_type} Alg Key Len | ${req_alg}
-| | ${key}= | Set Variable If | '${req_type}' == 'Crypto' | ${encr_key}
-| | ... | '${req_type}' == 'Integ' | ${auth_key}
-| | :FOR | ${index} | IN RANGE | 100
-| | | ${req_key}= | Generate Random String | ${req_key_len}
-| | | Return From Keyword If | '${req_key}' != '${key}' | ${req_key}
diff --git a/tests/vpp/func/vm_vhost/__init__.robot b/tests/vpp/func/vm_vhost/__init__.robot
deleted file mode 100644
index 501a130d68..0000000000
--- a/tests/vpp/func/vm_vhost/__init__.robot
+++ /dev/null
@@ -1,12 +0,0 @@
-# Copyright (c) 2017 Cisco and/or its affiliates.
-# Licensed under the Apache License, Version 2.0 (the "License");
-# you may not use this file except in compliance with the License.
-# You may obtain a copy of the License at:
-#
-#     http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS,
-# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# See the License for the specific language governing permissions and
-# limitations under the License.
diff --git a/tests/vpp/func/vm_vhost/ip4/eth2p-ethip4-ip4base-eth-2vhost-1vm.robot b/tests/vpp/func/vm_vhost/ip4/eth2p-ethip4-ip4base-eth-2vhost-1vm.robot
deleted file mode 100644
index 057b5b9de0..0000000000
--- a/tests/vpp/func/vm_vhost/ip4/eth2p-ethip4-ip4base-eth-2vhost-1vm.robot
+++ /dev/null
@@ -1,97 +0,0 @@
-# Copyright (c) 2019 Cisco and/or its affiliates.
-# Licensed under the Apache License, Version 2.0 (the "License");
-# you may not use this file except in compliance with the License.
-# You may obtain a copy of the License at:
-#
-#     http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS,
-# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# See the License for the specific language governing permissions and
-# limitations under the License.
-
-*** Settings ***
-| Library | resources.libraries.python.topology.Topology
-| Library | resources.libraries.python.NodePath
-| Library | resources.libraries.python.Trace
-| Library | resources.libraries.python.IPUtil
-| Library | resources.libraries.python.VPPUtil
-| Library | resources.libraries.python.InterfaceUtil
-| Library | resources.libraries.python.VhostUser
-| Resource | resources/libraries/robot/shared/traffic.robot
-| Resource | resources/libraries/robot/shared/default.robot
-| Resource | resources/libraries/robot/shared/interfaces.robot
-| Resource | resources/libraries/robot/shared/testing_path.robot
-| Resource | resources/libraries/robot/ip/ip4.robot
-| Resource | resources/libraries/robot/l2/l2_bridge_domain.robot
-| Force Tags | VM_ENV | HW_ENV | 3_NODE_DOUBLE_LINK_TOPO
-| Test Setup | Set up functional test
-| Test Teardown | Tear down functional test
-| Documentation | *IPv4 routing test cases with vhost user interface*
-| ...
-| ... | RFC791 IPv4, RFC826 ARP, RFC792 ICMPv4. Encapsulations: Eth-IPv4-ICMPv4
-| ... | on links TG=DUT1. IPv4 routing tests use circular 2-node
-| ... | topology TG - DUT1 - TG with two link between the nodes. DUT is
-| ... | configured with IPv4 routing and static routes. Test sends packets
-| ... | by TG on links to DUT and received on TG link on the other side of
-| ... | circular topology. On receive TG verifies packets IPv4 src-addr,
-| ... | dst-addr and MAC addresses.
-
-*** Variables ***
-| ${net1}= | 10.0.1.0
-| ${net3}= | 10.0.3.0
-| ${net1_ip1}= | 10.0.1.1
-| ${net1_ip2}= | 10.0.1.2
-| ${net2_ip1}= | 10.0.2.1
-| ${net2_ip2}= | 10.0.2.2
-| ${net3_ip1}= | 10.0.3.1
-| ${net3_ip2}= | 10.0.3.2
-| ${prefix_length}= | 24
-| ${fib_table_2}= | 20
-| ${sock1}= | /tmp/sock1
-| ${sock2}= | /tmp/sock2
-
-*** Test Cases ***
-| TC01: IPv4 forward via vhost to another VRF
-| | [Documentation]
-| | ... | Test uses VRF to route IPv4 traffic through 2 vhost user interfaces.
-| | ... | Both have IP addresses from same network. On VM is set bridge to pass
-| | ... | packet from a one vhost user interface to another one.
-| | [Teardown] | Run Keywords
-| | ... | Tear down QEMU | AND
-| | ... | Tear down functional test
-| |
-| | Given Configure path in 2-node circular topology
-| | ... | ${nodes['TG']} | ${nodes['DUT1']} | ${nodes['TG']}
-| | And Set interfaces in 2-node circular topology up
-| | ${vhost1}= | And Vpp Create Vhost User Interface | ${dut_node} | ${sock1}
-| | ${vhost2}= | And Vpp Create Vhost User Interface | ${dut_node} | ${sock2}
-| | And Set Interface State | ${dut_node} | ${vhost1} | up
-| | And Set Interface State | ${dut_node} | ${vhost2} | up
-| | And Add Fib Table | ${dut_node} | ${fib_table_2}
-| | And Assign Interface To Fib Table | ${dut_node}
-| | ... | ${vhost2} | ${fib_table_2}
-| | And Assign Interface To Fib Table | ${dut_node}
-| | ... | ${dut_to_tg_if2} | ${fib_table_2}
-| | And Configure IP addresses on interfaces
-| | ... | ${dut_node} | ${dut_to_tg_if1} | ${net1_ip1} | ${prefix_length}
-| | ... | ${dut_node} | ${vhost1} | ${net2_ip1} | ${prefix_length}
-| | ... | ${dut_node} | ${vhost2} | ${net2_ip2} | ${prefix_length}
-| | ... | ${dut_node} | ${dut_to_tg_if2} | ${net3_ip1} | ${prefix_length}
-| | ${vhost2_mac}= | And Get Vhost User Mac By SW Index
-| | ... | ${dut_node} | ${vhost2}
-| | And Vpp Route Add | ${dut_node} | ${net3} | 24 | gateway=${net2_ip2}
-| | ... | interface=${vhost1} | resolve_attempts=${NONE} | count=${NONE}
-| | And Vpp Route Add | ${dut_node} | ${net1} | 24 | gateway=${net2_ip1}
-| | ... | interface=${vhost2} | resolve_attempts=${NONE} | count=${NONE}
-| | ... | vrf=${fib_table_2}
-| | Add IP Neighbor | ${dut_node} | ${vhost1} | ${net2_ip2} | ${vhost2_mac}
-| | Add IP Neighbor | ${dut_node} | ${dut_to_tg_if2} | ${net3_ip2}
-| | ... | ${tg_to_dut_if2_mac}
-| | When Configure VM for vhost L2BD forwarding
-| | ... | ${dut_node} | ${sock1} | ${sock2}
-| | Then Send packet and verify headers
-| | ... | ${tg_node} | ${net1_ip2} | ${net3_ip2}
-| | ... | ${tg_to_dut_if1} | ${tg_to_dut_if1_mac} | ${dut_to_tg_if1_mac}
-| | ... | ${tg_to_dut_if2} | ${dut_to_tg_if2_mac} | ${tg_to_dut_if2_mac}
diff --git a/tests/vpp/func/vm_vhost/ip4/eth2p-ethip4ipsectptlispgpe-ip4base-eth-2vhost-1vm-func.robot b/tests/vpp/func/vm_vhost/ip4/eth2p-ethip4ipsectptlispgpe-ip4base-eth-2vhost-1vm-func.robot
deleted file mode 100644
index d9a0c3d729..0000000000
--- a/tests/vpp/func/vm_vhost/ip4/eth2p-ethip4ipsectptlispgpe-ip4base-eth-2vhost-1vm-func.robot
+++ /dev/null
@@ -1,209 +0,0 @@
-# Copyright (c) 2016 Cisco and/or its affiliates.
-# Licensed under the Apache License, Version 2.0 (the "License");
-# you may not use this file except in compliance with the License.
-# You may obtain a copy of the License at:
-#
-#     http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS,
-# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# See the License for the specific language governing permissions and
-# limitations under the License.
-
-*** Settings ***
-| Library | resources.libraries.python.topology.Topology
-| Library | resources.libraries.python.NodePath
-| Library | resources.libraries.python.Trace
-| Library | resources.libraries.python.LispUtil
-| Library | resources.libraries.python.VhostUser
-| Library | resources.libraries.python.VPPUtil
-| Library | resources.libraries.python.IPsecUtil
-| Resource | resources/libraries/robot/shared/traffic.robot
-| Resource | resources/libraries/robot/shared/default.robot
-| Resource | resources/libraries/robot/shared/interfaces.robot
-| Resource | resources/libraries/robot/shared/testing_path.robot
-| Resource | resources/libraries/robot/crypto/ipsec.robot
-| Resource | resources/libraries/robot/overlay/lispgpe.robot
-| Resource | resources/libraries/robot/l2/l2_bridge_domain.robot
-| Resource | resources/libraries/robot/overlay/l2lisp.robot
-# Import configuration and test data:
-| Variables | resources/test_data/lisp/ipv4_ipsec_lispgpe_ipv4/ipv4_ipsec_lispgpe_ipv4.py
-| ...
-| Force Tags | 3_NODE_SINGLE_LINK_TOPO | VM_ENV | LISP | SKIP_VPP_PATCH
-| ... | EXPECTED_FAILING
-| ...
-| Test Setup | Set up functional test
-| ...
-| Test Teardown | Tear down LISP functional test with QEMU
-| ...
-| Documentation | *IPv4-ip4-ipsec-lispgpe-ip4 - main fib, vrf (gpe_vni-to-vrf)*
-| ...
-| ... | *[Top] Network Topologies:* TG-DUT1-DUT2-TG 3-node circular topology\
-| ... | with single links between nodes.
-| ... | *[Enc] Packet Encapsulations:* ICMPv4-IPv4-IPSec-LISPGPE-IPv4-ICMPv4.
-| ... | *[Cfg] DUT configuration:* Each DUT is configured with LISP and IPsec.\
-| ... | IPsec is in transport mode. Tests cases are for IPsec configured both\
-| ... | on RLOC interface or lisp_gpe0 interface.
-| ... | *[Ver] TG verification:* Packet is send from TG(if1) across the DUT1\
-| ... | via VM to DUT2 where it is forwarded to TG(if2).
-| ... | *[Ref] Applicable standard specifications:* RFC6830, RFC4303.
-
-*** Variables ***
-| ${dut2_spi}= | ${1000}
-| ${dut1_spi}= | ${1001}
-
-| ${ESP_PROTO}= | ${50}
-
-| ${sock1}= | /tmp/sock1
-| ${sock2}= | /tmp/sock2
-
-| ${bid}= | 10
-
-*** Test Cases ***
-| TC01: DUT1 and DUT2 route IPv4 over Vhost to LISP GPE tunnel using IPsec (transport) on RLOC Int.
-| | [Documentation]
-| | ... | [Top] TG-DUT1-DUT2-TG.
-| | ... | [Enc] Eth-IPv4-IPSec-LISPGPE-IPv4-ICMP on DUT1-DUT2, Eth-IPv4-ICMP\
-| | ... | on TG-DUTn.
-| | ... | [Cfg] Configure IPv4 LISP static adjacencies on DUT1 and DUT2 with\
-| | ... | IPsec in between DUTS. Create Qemu vm on DUT1 and configure bridge\
-| | ... | between two vhosts.
-| | ... | [Ver] Case: ip4-ipsec-lispgpe-ip4 - main fib, virt2lisp\
-| | ... | Make TG send ICMPv4 Echo Req between its interfaces across\
-| | ... | both DUTs and LISP GPE tunnel between them; verify IPv4 headers on\
-| | ... | received packets are correct.
-| | ... | [Ref] RFC6830, RFC4303.
-| | ...
-| | ${encr_alg}= | Crypto Alg AES CBC 128
-| | ${auth_alg}= | Integ Alg SHA1 96
-| | Given Setup 3-node Topology
-| | And Add IP Neighbors
-| | And Setup Qemu DUT1
-| | And Configure LISP GPE topology in 3-node circular topology
-| | ... | ${dut1_node} | ${dut1_to_dut2} | ${NONE}
-| | ... | ${dut2_node} | ${dut2_to_dut1} | ${NONE}
-| | ... | ${duts_locator_set} | ${dut1_ip4_eid} | ${dut2_ip4_eid}
-| | ... | ${dut1_to_dut2_ip4_static_adjacency}
-| | ... | ${dut2_to_dut1_ip4_static_adjacency}
-| | And Generate keys for IPSec | ${encr_alg} | ${auth_alg}
-| | When Configure manual keyed connection for IPSec
-| | ... | ${dut1_node} | ${dut1_to_dut2} | ${encr_alg} | ${encr_key}
-| | ... | ${auth_alg} | ${auth_key} | ${dut1_spi} | ${dut2_spi}
-| | ... | ${dut1_to_dut2_ip4} | ${dut2_to_dut1_ip4}
-| | And Configure manual keyed connection for IPSec
-| | ... | ${dut2_node} | ${dut2_to_dut1} | ${encr_alg} | ${encr_key}
-| | ... | ${auth_alg} | ${auth_key} | ${dut2_spi} | ${dut1_spi}
-| | ... | ${dut2_to_dut1_ip4} | ${dut1_to_dut2_ip4}
-| | Then Send packet and verify headers
-| | ... | ${tg_node} | ${tg1_ip4} | ${tg2_ip4}
-| | ... | ${tg_to_dut1} | ${tg_to_dut1_mac} | ${dst_vhost_mac}
-| | ... | ${tg_to_dut2} | ${dut2_to_tg_mac} | ${tg_to_dut2_mac}
-| | And Send packet and verify headers
-| | ... | ${tg_node} | ${tg2_ip4} | ${tg1_ip4}
-| | ... | ${tg_to_dut2} | ${tg_to_dut2_mac} | ${dut2_to_tg_mac}
-| | ... | ${tg_to_dut1} | ${dut1_to_tg_mac} | ${tg_to_dut1_mac}
-
-| TC02: DUT1 and DUT2 route IPv4 over Vhost to LISP GPE tunnel using IPsec (transport) on lisp_gpe0 Int.
-| | [Documentation]
-| | ... | [Top] TG-DUT1-DUT2-TG.
-| | ... | [Enc] Eth-IPv4-IPSec-LISPGPE-IPv4-ICMPv4 on DUT1-DUT2,\
-| | ... | Eth-IPv4-ICMPv4 on TG-DUTn.
-| | ... | [Cfg] Configure IPv4 LISP static adjacencies on DUT1 and DUT2 with\
-| | ... | IPsec in between DUTS.
-| | ... | [Ver] Case: ip4-ipsec-lispgpe-ip4 - main fib, virt2lisp\
-| | ... | Make TG send ICMPv4 Echo Req between its interfaces across\
-| | ... | both DUTs and LISP GPE tunnel between them; verify IPv4 headers on\
-| | ... | received packets are correct.
-| | ... | [Ref] RFC6830, RFC4303.
-| | ...
-| | ${encr_alg}= | Crypto Alg AES CBC 128
-| | ${auth_alg}= | Integ Alg SHA1 96
-| | Given Setup 3-node Topology
-| | And Add IP Neighbors
-| | And Setup Qemu DUT1
-| | And Configure LISP GPE topology in 3-node circular topology
-| | ... | ${dut1_node} | ${dut1_to_dut2} | ${NONE}
-| | ... | ${dut2_node} | ${dut2_to_dut1} | ${NONE}
-| | ... | ${duts_locator_set} | ${dut1_ip4_eid} | ${dut2_ip4_eid}
-| | ... | ${dut1_to_dut2_ip4_static_adjacency}
-| | ... | ${dut2_to_dut1_ip4_static_adjacency}
-| | ${lisp1_if_idx}= | resources.libraries.python.InterfaceUtil.Get Sw If Index
-| | ... | ${dut1_node} | lisp_gpe0.0
-| | ${lisp2_if_idx}= | resources.libraries.python.InterfaceUtil.Get Sw If Index
-| | ... | ${dut2_node} | lisp_gpe0.0
-| | And Generate keys for IPSec | ${encr_alg} | ${auth_alg}
-| | When Configure manual keyed connection for IPSec
-| | ... | ${dut1_node} | ${lisp1_if_idx} | ${encr_alg} | ${encr_key}
-| | ... | ${auth_alg} | ${auth_key} | ${dut1_spi} | ${dut2_spi}
-| | ... | ${dut1_to_dut2_ip4} | ${dut2_to_dut1_ip4}
-| | And Configure manual keyed connection for IPSec
-| | ... | ${dut2_node} | ${lisp2_if_idx} | ${encr_alg} | ${encr_key}
-| | ... | ${auth_alg} | ${auth_key} | ${dut2_spi} | ${dut1_spi}
-| | ... | ${dut2_to_dut1_ip4} | ${dut1_to_dut2_ip4}
-| | Then Send packet and verify headers
-| | ... | ${tg_node} | ${tg1_ip4} | ${tg2_ip4}
-| | ... | ${tg_to_dut1} | ${tg_to_dut1_mac} | ${dst_vhost_mac}
-| | ... | ${tg_to_dut2} | ${dut2_to_tg_mac} | ${tg_to_dut2_mac}
-| | And Send packet and verify headers
-| | ... | ${tg_node} | ${tg2_ip4} | ${tg1_ip4}
-| | ... | ${tg_to_dut2} | ${tg_to_dut2_mac} | ${dut2_to_tg_mac}
-| | ... | ${tg_to_dut1} | ${dut1_to_tg_mac} | ${tg_to_dut1_mac}
-
-*** Keywords ***
-| Setup 3-node Topology
-| | [Documentation]
-| | ... | Setup 3-node topology for this test suite. Set all physical\
-| | ... | interfaces up and assing IP adresses to them.\
-| | ... | You can specify fib table ID where the DUT-TG interfaces assign to.\
-| | ... | Default is 0.
-| | ...
-| | [Arguments] | ${fib_table}=0
-| | Configure path in 3-node circular topology
-| | ... | ${nodes['TG']} | ${nodes['DUT1']} | ${nodes['DUT2']} | ${nodes['TG']}
-| | Set interfaces in 3-node circular topology up
-| | And Add Fib Table | ${dut1_node} | ${fib_table}
-| | And Add Fib Table | ${dut2_node} | ${fib_table}
-| | Assign Interface To Fib Table | ${dut1_node}
-| | ... | ${dut1_to_tg} | ${fib_table}
-| | Assign Interface To Fib Table | ${dut2_node}
-| | ... | ${dut2_to_tg} | ${fib_table}
-| | Set Interface Address | ${dut1_node} | ${dut1_to_dut2} | ${dut1_to_dut2_ip4}
-| | ... | ${prefix4}
-| | Set Interface Address | ${dut1_node} | ${dut1_to_tg} | ${dut1_to_tg_ip4}
-| | ... | ${prefix4}
-| | Set Interface Address | ${dut2_node} | ${dut2_to_dut1} | ${dut2_to_dut1_ip4}
-| | ... | ${prefix4}
-| | Set Interface Address | ${dut2_node} | ${dut2_to_tg} | ${dut2_to_tg_ip4}
-| | ... | ${prefix4}
-
-| Add IP Neighbors
-| | [Documentation]
-| | ... | Add IP neighbors to physical interfaces on DUTs.
-| | ...
-| | Add IP Neighbor | ${dut1_node} | ${dut1_to_tg} | ${tg1_ip4}
-| | ... | ${tg_to_dut1_mac}
-| | Add IP Neighbor | ${dut2_node} | ${dut2_to_tg} | ${tg2_ip4}
-| | ... | ${tg_to_dut2_mac}
-| | Add IP Neighbor | ${dut1_node} | ${dut1_to_dut2} | ${dut2_to_dut1_ip4}
-| | ... | ${dut2_to_dut1_mac}
-| | Add IP Neighbor | ${dut2_node} | ${dut2_to_dut1} | ${dut1_to_dut2_ip4}
-| | ... | ${dut1_to_dut2_mac}
-
-| Setup Qemu DUT1
-| | [Documentation] | Setup Vhosts on DUT1 and setup IP to one of them. Setup \
-| | ... | Qemu and bridge the vhosts.
-| | ${vhost1}= | And Vpp Create Vhost User Interface | ${dut1_node} | ${sock1}
-| | ${vhost2}= | And Vpp Create Vhost User Interface | ${dut1_node} | ${sock2}
-| | Set Interface Address | ${dut1_node} | ${vhost2} | 6.6.1.9
-| | ... | ${prefix4}
-| | Set Interface State | ${dut1_node} | ${vhost1} | up
-| | Set Interface State | ${dut1_node} | ${vhost2} | up
-| | Create bridge domain | ${dut1_node} | ${bid} | learn=${TRUE}
-| | Add interface to bridge domain | ${dut1_node}
-| | ... | ${dut1_to_tg} | ${bid} | 0
-| | Add interface to bridge domain | ${dut1_node}
-| | ... | ${vhost1} | ${bid} | 0
-| | ${vhost_mac}= | Get Vhost User Mac By SW Index | ${dut1_node} | ${vhost2}
-| | Set test variable | ${dst_vhost_mac} | ${vhost_mac}
-| | Configure VM for vhost L2BD forwarding | ${dut1_node} | ${sock1} | ${sock2}
diff --git a/tests/vpp/func/vm_vhost/ip4/eth2p-ethip4ipsectptlispgpe-ip6base-eth-2vhost-1vm-func.robot b/tests/vpp/func/vm_vhost/ip4/eth2p-ethip4ipsectptlispgpe-ip6base-eth-2vhost-1vm-func.robot
deleted file mode 100644
index 9075201103..0000000000
--- a/tests/vpp/func/vm_vhost/ip4/eth2p-ethip4ipsectptlispgpe-ip6base-eth-2vhost-1vm-func.robot
+++ /dev/null
@@ -1,185 +0,0 @@
-# Copyright (c) 2016 Cisco and/or its affiliates.
-# Licensed under the Apache License, Version 2.0 (the "License");
-# you may not use this file except in compliance with the License.
-# You may obtain a copy of the License at:
-#
-#     http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS,
-# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# See the License for the specific language governing permissions and
-# limitations under the License.
-
-*** Settings ***
-| Library | resources.libraries.python.topology.Topology
-| Library | resources.libraries.python.NodePath
-| Library | resources.libraries.python.Trace
-| Library | resources.libraries.python.IPUtil
-| Library | resources.libraries.python.L2Util
-| Library | resources.libraries.python.LispUtil
-| Library | resources.libraries.python.IPsecUtil
-| Library | resources.libraries.python.VatJsonUtil
-| Library | resources.libraries.python.IPv6Setup
-| Library | resources.libraries.python.VhostUser
-| Library | resources.libraries.python.VPPUtil
-| Library | String
-| Resource | resources/libraries/robot/shared/traffic.robot
-| Resource | resources/libraries/robot/shared/default.robot
-| Resource | resources/libraries/robot/shared/interfaces.robot
-| Resource | resources/libraries/robot/shared/testing_path.robot
-| Resource | resources/libraries/robot/ip/ip6.robot
-| Resource | resources/libraries/robot/crypto/ipsec.robot
-| Resource | resources/libraries/robot/overlay/lispgpe.robot
-| Resource | resources/libraries/robot/l2/l2_bridge_domain.robot
-# Import configuration and test data:
-| Variables | resources/test_data/lisp/ipv6_lispgpe_ipv4/ipv6_lispgpe_ipsec_ipv4.py
-| ...
-| Force Tags | 3_NODE_SINGLE_LINK_TOPO | VM_ENV | LISP | SKIP_VPP_PATCH
-| ...
-| Test Setup | Set up functional test
-| ...
-| Test Teardown | Tear down LISP functional test with QEMU
-| ...
-| Documentation | *IPv6 - ip4-ipsec-lispgpe-ip6 - main fib, vrf, virt2lisp,\
-| ... | phy2lisp*
-| ...
-| ... | *[Top] Network Topologies:* TG-DUT1-DUT2-TG 3-node circular topology\
-| ... | with single links between nodes.
-| ... | *[Enc] Packet Encapsulations:* Eth-IPv4-LISPGPE-IPSec-IPv6-ICMP,\
-| ... | Eth-IPv4-IPSec-LISPGPE-IPv6-ICMP
-| ... | *[Cfg] DUT configuration:* Each DUT is configured with LISP and IPsec.\
-| ... | IPsec is in transport mode. Tests cases are for IPsec configured both\
-| ... | on RLOC interface or lisp_gpe0 interface.
-| ... | *[Ver] TG verification:* Packet is send from TG(if1) across the DUT1\
-| ... | via VM to DUT2 where it is forwarded to TG(if2).
-| ... | *[Ref] Applicable standard specifications:* RFC6830, RFC4303.
-
-*** Test Cases ***
-| TC01: DUT1 and DUT2 route IPv6 over Vhost to LISP GPE tunnel using IPsec (transport) on RLOC Int.
-| | [Documentation]
-| | ... | [Top] TG-DUT1-DUT2-TG.
-| | ... | [Enc] Eth-IPv4-LISPGPE-IPSec-IPv6-ICMP on DUT1-DUT2, Eth-IPv6-ICMP\
-| | ... | on TG-DUTn.
-| | ... | [Cfg] Configure IPv4 LISP static adjacencies on DUT1 and DUT2 with\
-| | ... | IPsec in between DUTS. Create Qemu vm on DUT1 and configure bridge\
-| | ... | between two vhosts.
-| | ... | [Ver] Case: ip4-ipsec-lispgpe-ip6 - main fib, virt2lisp\
-| | ... | Make TG send ICMPv6 Echo Req between its interfaces across\
-| | ... | both DUTs and LISP GPE tunnel between them; verify IPv6 headers on\
-| | ... | received packets are correct.
-| | ... | [Ref] RFC6830, RFC4303.
-| | ...
-| | [Tags] | EXPECTED_FAILING
-| | ...
-| | ${encr_alg}= | Crypto Alg AES CBC 128
-| | ${auth_alg}= | Integ Alg SHA1 96
-| | Given Setup Topology And Lisp
-| | And Setup Qemu DUT1
-| | And Generate keys for IPSec | ${encr_alg} | ${auth_alg}
-| | When Configure manual keyed connection for IPSec
-| | ... | ${dut1_node} | ${dut1_to_dut2} | ${encr_alg} | ${encr_key}
-| | ... | ${auth_alg} | ${auth_key} | ${dut1_spi} | ${dut2_spi}
-| | ... | ${dut1_to_dut2_ip4} | ${dut2_to_dut1_ip4}
-| | And Configure manual keyed connection for IPSec
-| | ... | ${dut2_node} | ${dut2_to_dut1} | ${encr_alg} | ${encr_key}
-| | ... | ${auth_alg} | ${auth_key} | ${dut2_spi} | ${dut1_spi}
-| | ... | ${dut2_to_dut1_ip4} | ${dut1_to_dut2_ip4}
-| | Then Send packet and verify headers
-| | ... | ${tg_node} | ${tg1_ip6} | ${tg2_ip6}
-| | ... | ${tg_to_dut1} | ${tg_to_dut1_mac} | ${dst_vhost_mac}
-| | ... | ${tg_to_dut2} | ${dut2_to_tg_mac} | ${tg_to_dut2_mac}
-| | And Send packet and verify headers
-| | ... | ${tg_node} | ${tg2_ip6} | ${tg1_ip6}
-| | ... | ${tg_to_dut2} | ${tg_to_dut2_mac} | ${dut2_to_tg_mac}
-| | ... | ${tg_to_dut1} | ${dut1_to_tg_mac} | ${tg_to_dut1_mac}
-
-| TC02: DUT1 and DUT2 route IPv6 over Vhost to LISP GPE tunnel using IPsec (transport) on lisp_gpe0 Int.
-| | [Documentation]
-| | ... | [Top] TG-DUT1-DUT2-TG.
-| | ... | [Enc] Eth-IPv4-IPSec-LISPGPE-IPv6-ICMPv6 on DUT1-DUT2,\
-| | ... | Eth-IPv6-ICMPv6, on TG-DUTn.
-| | ... | [Cfg] Configure IPv4 LISP static adjacencies on DUT1 and DUT2 with\
-| | ... | IPsec in between DUTS.
-| | ... | [Ver] Case: ip4-ipsec-lispgpe-ip6 - main fib, virt2lisp\
-| | ... | Make TG send ICMPv6 Echo Req between its interfaces across\
-| | ... | both DUTs and LISP GPE tunnel between them; verify IPv6 headers on\
-| | ... | received packets are correct.
-| | ... | [Ref] RFC6830, RFC4303.
-| | ...
-| | ${encr_alg}= | Crypto Alg AES CBC 128
-| | ${auth_alg}= | Integ Alg SHA1 96
-| | Given Setup Topology And Lisp
-| | And Setup Qemu DUT1
-| | ${lisp1_if_idx}= | resources.libraries.python.InterfaceUtil.get sw if index
-| | ... | ${dut1_node} | ${lisp_gpe_int}
-| | ${lisp2_if_idx}= | resources.libraries.python.InterfaceUtil.get sw if index
-| | ... | ${dut2_node} | ${lisp_gpe_int}
-| | And Generate keys for IPSec | ${encr_alg} | ${auth_alg}
-| | When Configure manual keyed connection for IPSec
-| | ... | ${dut1_node} | ${lisp1_if_idx} | ${encr_alg} | ${encr_key}
-| | ... | ${auth_alg} | ${auth_key} | ${dut1_spi} | ${dut2_spi}
-| | ... | ${dut1_to_dut2_ip4} | ${dut2_to_dut1_ip4}
-| | And Configure manual keyed connection for IPSec
-| | ... | ${dut2_node} | ${lisp2_if_idx} | ${encr_alg} | ${encr_key}
-| | ... | ${auth_alg} | ${auth_key} | ${dut2_spi} | ${dut1_spi}
-| | ... | ${dut2_to_dut1_ip4} | ${dut1_to_dut2_ip4}
-| | Then Send packet and verify headers
-| | ... | ${tg_node} | ${tg1_ip6} | ${tg2_ip6}
-| | ... | ${tg_to_dut1} | ${tg_to_dut1_mac} | ${dst_vhost_mac}
-| | ... | ${tg_to_dut2} | ${dut2_to_tg_mac} | ${tg_to_dut2_mac}
-| | And Send packet and verify headers
-| | ... | ${tg_node} | ${tg2_ip6} | ${tg1_ip6}
-| | ... | ${tg_to_dut2} | ${tg_to_dut2_mac} | ${dut2_to_tg_mac}
-| | ... | ${tg_to_dut1} | ${dut1_to_tg_mac} | ${tg_to_dut1_mac}
-
-*** Keywords ***
-| Setup Topology And Lisp
-| | [Documentation] | Setup IPs and neighbors for interfaces on DUT1 and DUT2\
-| | ... | and then setup LISP.
-| | [Arguments] | ${fib_table}=0 | ${vni_table}=0 | ${ip6}=${FALSE}
-| | Configure path in 3-node circular topology
-| | ... | ${nodes['TG']} | ${nodes['DUT1']} | ${nodes['DUT2']} | ${nodes['TG']}
-| | Set interfaces in 3-node circular topology up
-| | Vpp Set If IPv6 Addr | ${dut1_node} | ${dut1_to_dut2} | ${dut1_to_dut2_ip4}
-| | ... | ${prefix4}
-| | Vpp Set If IPv6 Addr | ${dut1_node} | ${dut1_to_tg} | ${dut1_to_tg_ip6}
-| | ... | ${prefix6}
-| | Vpp Set If IPv6 Addr | ${dut2_node} | ${dut2_to_dut1} | ${dut2_to_dut1_ip4}
-| | ... | ${prefix4}
-| | Vpp Set If IPv6 Addr | ${dut2_node} | ${dut2_to_tg} | ${dut2_to_tg_ip6}
-| | ... | ${prefix6}
-| | Add IP Neighbor | ${dut2_node} | ${dut2_to_tg} | ${tg2_ip6}
-| | ... | ${tg_to_dut2_mac}
-| | Add IP Neighbor | ${dut1_node} | ${dut1_to_dut2} | ${dut2_to_dut1_ip4}
-| | ... | ${dut2_to_dut1_mac}
-| | Add IP Neighbor | ${dut2_node} | ${dut2_to_dut1} | ${dut1_to_dut2_ip4}
-| | ... | ${dut1_to_dut2_mac}
-| | Add IP Neighbor | ${dut1_node} | ${dut1_to_tg} | ${tg1_ip6}
-| | ... | ${tg_to_dut1_mac}
-| | Vpp All RA Suppress Link Layer | ${nodes}
-| | Configure LISP GPE topology in 3-node circular topology
-| | ... | ${dut1_node} | ${dut1_to_dut2} | ${NONE}
-| | ... | ${dut2_node} | ${dut2_to_dut1} | ${NONE}
-| | ... | ${duts_locator_set} | ${dut1_ip6_eid} | ${dut2_ip6_eid}
-| | ... | ${dut1_to_dut2_ip_static_adjacency}
-| | ... | ${dut2_to_dut1_ip_static_adjacency}
-| | ... | ${vni_table} | ${fib_table}
-
-| Setup Qemu DUT1
-| | [Documentation] | Setup Vhosts on DUT1 and setup IP to one of them. Setup\
-| | ... | Qemu and bridge the vhosts.
-| | ${vhost1}= | And Vpp Create Vhost User Interface | ${dut1_node} | ${sock1}
-| | ${vhost2}= | And Vpp Create Vhost User Interface | ${dut1_node} | ${sock2}
-| | Set Interface Address | ${dut1_node} | ${vhost2} | ${vhost_ip} | ${prefix6}
-| | Set Interface State | ${dut1_node} | ${vhost1} | up
-| | Set Interface State | ${dut1_node} | ${vhost2} | up
-| | Vpp RA Suppress Link Layer | ${dut1_node} | ${vhost2}
-| | Create bridge domain | ${dut1_node} | ${bid} | learn=${TRUE}
-| | Add interface to bridge domain | ${dut1_node}
-| | ... | ${dut1_to_tg} | ${bid} | 0
-| | Add interface to bridge domain | ${dut1_node}
-| | ... | ${vhost1} | ${bid} | 0
-| | ${vhost_mac}= | Get Vhost User Mac By SW Index | ${dut1_node} | ${vhost2}
-| | Set test variable | ${dst_vhost_mac} | ${vhost_mac}
-| | Configure VM for vhost L2BD forwarding | ${dut1_node} | ${sock1} | ${sock2}
diff --git a/tests/vpp/func/vm_vhost/ip4/eth2p-ethip4lispgpe-ip4base-eth-2vhost-1vm-func.robot b/tests/vpp/func/vm_vhost/ip4/eth2p-ethip4lispgpe-ip4base-eth-2vhost-1vm-func.robot
deleted file mode 100644
index edd0d1e70e..0000000000
--- a/tests/vpp/func/vm_vhost/ip4/eth2p-ethip4lispgpe-ip4base-eth-2vhost-1vm-func.robot
+++ /dev/null
@@ -1,120 +0,0 @@
-# Copyright (c) 2016 Cisco and/or its affiliates.
-# Licensed under the Apache License, Version 2.0 (the "License");
-# you may not use this file except in compliance with the License.
-# You may obtain a copy of the License at:
-#
-#     http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS,
-# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# See the License for the specific language governing permissions and
-# limitations under the License.
-
-*** Settings ***
-| Library | resources.libraries.python.topology.Topology
-| Library | resources.libraries.python.NodePath
-| Library | resources.libraries.python.Trace
-| Library | resources.libraries.python.IPUtil
-| Library | resources.libraries.python.VPPUtil
-| Library | resources.libraries.python.InterfaceUtil
-| Library | resources.libraries.python.VhostUser
-| Resource | resources/libraries/robot/shared/traffic.robot
-| Resource | resources/libraries/robot/shared/default.robot
-| Resource | resources/libraries/robot/shared/interfaces.robot
-| Resource | resources/libraries/robot/shared/testing_path.robot
-| Resource | resources/libraries/robot/ip/ip4.robot
-| Resource | resources/libraries/robot/l2/l2_bridge_domain.robot
-| Resource | resources/libraries/robot/overlay/lispgpe.robot
-# Import configuration and test data:
-| Variables | resources/test_data/lisp/ipv4_lispgpe_ipv4/ipv4_lispgpe_ipv4.py
-| ...
-| Force Tags | 3_NODE_SINGLE_LINK_TOPO | VM_ENV | LISP
-| ...
-| Test Setup | Set up functional test
-| ...
-| Test Teardown | Tear down LISP functional test with QEMU
-| ...
-| Documentation | *ip4-lispgpe-ip4 encapsulation test cases*
-| ...
-| ... | *[Top] Network Topologies:* TG-DUT1-DUT2-TG 3-node circular topology\
-| ... | with single links between nodes.
-| ... | *[Enc] Packet Encapsulations:* Eth-IPv4-LISP-IPv4-ICMPv4 on DUT1-DUT2,\
-| ... | Eth-IPv4-ICMPv4 on TG-DUTn for IPv4 routing over LISPoIPv4 tunnel.
-| ... | *[Cfg] DUT configuration:* DUT1 and DUT2 are configured with IPv4\
-| ... | routing and static routes. LISPoIPv4 tunnel is configured between\
-| ... | DUT1 and DUT2.
-| ... | *[Ver] TG verification:* Test ICMPv4 Echo Request packets are sent in\
-| ... | both directions by TG on links to DUT1 and DUT2; on receive\
-| ... | TG verifies packets for correctness and their IPv4 src-addr, dst-addr\
-| ... | and MAC addresses.
-| ... | *[Ref] Applicable standard specifications:* RFC6830.
-
-*** Test Cases ***
-| TC01: DUT1 and DUT2 route IPv4 bidirectionally over LISP GPE tunnel using vhost interfaces
-| | [Documentation]
-| | ... | [Top] TG-DUT1-DUT2-TG.
-| | ... | [Enc] Eth-IPv4-LISPGPE-IPv4-ICMPv4 on DUT1-DUT2, Eth-IPv4-ICMPv4 on\
-| | ... | TG-DUTn.
-| | ... | [Cfg] Configure IPv4 LISP static adjacencies on DUT1 and DUT2.
-| | ... | [Ver] Case: ip4-lispgpe-ip4 - main fib, virt2lisp
-| | ... | Make TG send ICMPv4 Echo Req between its interfaces across both\
-| | ... | DUTs and LISP GPE tunnel between them; verify IPv4 headers on\
-| | ... | received packets are correct.
-| | ...
-| | Given Configure path in 3-node circular topology
-| | ... | ${nodes['TG']} | ${nodes['DUT1']} | ${nodes['DUT2']} | ${nodes['TG']}
-| | And Set interfaces in 3-node circular topology up
-| | And Configure IP addresses on interfaces
-| | ... | ${dut1_node} | ${dut1_to_dut2} | ${dut1_to_dut2_ip4} | ${prefix4}
-| | ... | ${dut1_node} | ${dut1_to_tg} | ${dut1_to_tg_ip4} | ${prefix4}
-| | ... | ${dut2_node} | ${dut2_to_dut1} | ${dut2_to_dut1_ip4} | ${prefix4}
-| | ... | ${dut2_node} | ${dut2_to_tg} | ${dut2_to_tg_ip4} | ${prefix4}
-| | And Add Arp On Dut | ${dut1_node} | ${dut1_to_tg} | ${tg1_ip4}
-| | ... | ${tg_to_dut1_mac}
-| | And Add Arp On Dut | ${dut2_node} | ${dut2_to_tg} | ${tg2_ip4}
-| | ... | ${tg_to_dut2_mac}
-| | And Add Arp On Dut | ${dut1_node} | ${dut1_to_dut2} | ${dut2_to_dut1_ip4}
-| | ... | ${dut2_to_dut1_mac}
-| | And Add Arp On Dut | ${dut2_node} | ${dut2_to_dut1} | ${dut1_to_dut2_ip4}
-| | ... | ${dut1_to_dut2_mac}
-| | When Configure LISP GPE topology in 3-node circular topology
-| | ... | ${dut1_node} | ${dut1_to_dut2} | ${NONE}
-| | ... | ${dut2_node} | ${dut2_to_dut1} | ${NONE}
-| | ... | ${duts_locator_set} | ${dut1_ip4_eid} | ${dut2_ip4_eid}
-| | ... | ${dut1_to_dut2_ip4_static_adjacency}
-| | ... | ${dut2_to_dut1_ip4_static_adjacency}
-| | And Setup Qemu DUT1
-| | Then Send packet and verify headers
-| | ... | ${tg_node} | ${tg1_ip4} | ${tg2_ip4}
-| | ... | ${tg_to_dut1} | ${tg_to_dut1_mac} | ${dst_vhost_mac}
-| | ... | ${tg_to_dut2} | ${dut2_to_tg_mac} | ${tg_to_dut2_mac}
-| | And Send packet and verify headers
-| | ... | ${tg_node} | ${tg2_ip4} | ${tg1_ip4}
-| | ... | ${tg_to_dut2} | ${tg_to_dut2_mac} | ${dut2_to_tg_mac}
-| | ... | ${tg_to_dut1} | ${dut1_to_tg_mac} | ${tg_to_dut1_mac}
-
-*** Keywords ***
-| Setup Qemu DUT1
-| | [Documentation] | Setup Vhosts on DUT1 and setup IP on one of them. Setup\
-| | ... | Qemu and bridge the vhosts. Optionally, you can set fib table ID\
-| | ... | where the vhost2 interface should be assigned to.
-| | ...
-| | [Arguments] | ${fib_table}=0
-| | ...
-| | ${vhost1}= | Vpp Create Vhost User Interface | ${dut1_node} | ${sock1}
-| | ${vhost2}= | Vpp Create Vhost User Interface | ${dut1_node} | ${sock2}
-| | And Add Fib Table | ${dut1_node} | ${fib_table}
-| | Assign Interface To Fib Table | ${dut1_node}
-| | ... | ${vhost2} | ${fib_table}
-| | Set Interface Address | ${dut1_node} | ${vhost2} | ${vhost_ip} | ${prefix4}
-| | Set Interface State | ${dut1_node} | ${vhost1} | up
-| | Set Interface State | ${dut1_node} | ${vhost2} | up
-| | Create bridge domain | ${dut1_node} | ${bid} | learn=${TRUE}
-| | Add interface to bridge domain | ${dut1_node}
-| | ... | ${dut1_to_tg} | ${bid} | 0
-| | Add interface to bridge domain | ${dut1_node}
-| | ... | ${vhost1} | ${bid} | 0
-| | ${vhost_mac}= | Get Vhost User Mac By SW Index | ${dut1_node} | ${vhost2}
-| | Set test variable | ${dst_vhost_mac} | ${vhost_mac}
-| | Configure VM for vhost L2BD forwarding | ${dut1_node} | ${sock1} | ${sock2}
diff --git a/tests/vpp/func/vm_vhost/ip4/eth2p-ethip4lispgpe-ip4basevrf-eth-2vhost-1vm-func.robot b/tests/vpp/func/vm_vhost/ip4/eth2p-ethip4lispgpe-ip4basevrf-eth-2vhost-1vm-func.robot
deleted file mode 100644
index bc75a6893b..0000000000
--- a/tests/vpp/func/vm_vhost/ip4/eth2p-ethip4lispgpe-ip4basevrf-eth-2vhost-1vm-func.robot
+++ /dev/null
@@ -1,134 +0,0 @@
-# Copyright (c) 2016 Cisco and/or its affiliates.
-# Licensed under the Apache License, Version 2.0 (the "License");
-# you may not use this file except in compliance with the License.
-# You may obtain a copy of the License at:
-#
-#     http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS,
-# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# See the License for the specific language governing permissions and
-# limitations under the License.
-
-*** Settings ***
-| Library | resources.libraries.python.topology.Topology
-| Library | resources.libraries.python.NodePath
-| Library | resources.libraries.python.Trace
-| Library | resources.libraries.python.IPUtil
-| Library | resources.libraries.python.VPPUtil
-| Library | resources.libraries.python.InterfaceUtil
-| Library | resources.libraries.python.VhostUser
-| Resource | resources/libraries/robot/shared/traffic.robot
-| Resource | resources/libraries/robot/shared/default.robot
-| Resource | resources/libraries/robot/shared/interfaces.robot
-| Resource | resources/libraries/robot/shared/testing_path.robot
-| Resource | resources/libraries/robot/ip/ip4.robot
-| Resource | resources/libraries/robot/l2/l2_bridge_domain.robot
-| Resource | resources/libraries/robot/overlay/lispgpe.robot
-# Import configuration and test data:
-| Variables | resources/test_data/lisp/ipv4_lispgpe_ipv4/ipv4_lispgpe_ipv4.py
-| ...
-| Force Tags | 3_NODE_SINGLE_LINK_TOPO | VM_ENV | LISP
-| ...
-| Test Setup | Set up functional test
-| ...
-| Test Teardown | Tear down LISP functional test with QEMU
-| ...
-| Documentation | *ip4-lispgpe-ip4 encapsulation test cases*
-| ...
-| ... | *[Top] Network Topologies:* TG-DUT1-DUT2-TG 3-node circular topology\
-| ... | with single links between nodes.
-| ... | *[Enc] Packet Encapsulations:* Eth-IPv4-LISP-IPv4-ICMPv4 on DUT1-DUT2,\
-| ... | Eth-IPv4-ICMPv4 on TG-DUTn for IPv4 routing over LISPoIPv4 tunnel.
-| ... | *[Cfg] DUT configuration:* DUT1 and DUT2 are configured with IPv4\
-| ... | routing and static routes. LISPoIPv4 tunnel is configured between\
-| ... | DUT1 and DUT2.
-| ... | *[Ver] TG verification:* Test ICMPv4 Echo Request packets are sent in\
-| ... | both directions by TG on links to DUT1 and DUT2; on receive\
-| ... | TG verifies packets for correctness and their IPv4 src-addr, dst-addr\
-| ... | and MAC addresses.
-| ... | *[Ref] Applicable standard specifications:* RFC6830.
-
-*** Test Cases ***
-| TC01: DUT1 and DUT2 route IPv4 bidirectionally over LISP GPE tunnel using vhost interfaces and VRF is enabled
-| | [Documentation]
-| | ... | [Top] TG-DUT1-DUT2-TG.
-| | ... | [Enc] Eth-IPv4-LISPGPE-IPv4-ICMPv4 on DUT1-DUT2, Eth-IPv4-ICMPv4 on\
-| | ... | TG-DUTn.
-| | ... | [Cfg] Configure IPv4 LISP static adjacencies on DUT1 and DUT2.
-| | ... | [Ver] Case: ip4-lispgpe-ip4 - vrf, virt2lisp
-| | ... | Make TG send ICMPv4 Echo Req between its interfaces across both\
-| | ... | DUTs and LISP GPE tunnel between them; verify IPv4 headers on\
-| | ... | received packets are correct.
-| | ... | [Ref] RFC6830.
-| | ...
-| | Given Configure path in 3-node circular topology
-| | ... | ${nodes['TG']} | ${nodes['DUT1']} | ${nodes['DUT2']} | ${nodes['TG']}
-| | And Set interfaces in 3-node circular topology up
-| | And Add Fib Table | ${dut1_node} | ${fib_table_1}
-| | And Add Fib Table | ${dut2_node} | ${fib_table_1}
-| | And Assign Interface To Fib Table | ${dut1_node}
-| | ... | ${dut1_to_tg} | ${fib_table_1}
-| | And Assign Interface To Fib Table | ${dut2_node}
-| | ... | ${dut2_to_tg} | ${fib_table_1}
-| | And Add IP Neighbors
-| | And Configure IP addresses on interfaces
-| | ... | ${dut1_node} | ${dut1_to_dut2} | ${dut1_to_dut2_ip4} | ${prefix4}
-| | ... | ${dut1_node} | ${dut1_to_tg} | ${dut1_to_tg_ip4} | ${prefix4}
-| | ... | ${dut2_node} | ${dut2_to_dut1} | ${dut2_to_dut1_ip4} | ${prefix4}
-| | ... | ${dut2_node} | ${dut2_to_tg} | ${dut2_to_tg_ip4} | ${prefix4}
-| | When Configure LISP GPE topology in 3-node circular topology
-| | ... | ${dut1_node} | ${dut1_to_dut2} | ${NONE}
-| | ... | ${dut2_node} | ${dut2_to_dut1} | ${NONE}
-| | ... | ${duts_locator_set} | ${dut1_ip4_eid} | ${dut2_ip4_eid}
-| | ... | ${dut1_to_dut2_ip4_static_adjacency}
-| | ... | ${dut2_to_dut1_ip4_static_adjacency}
-| | ... | ${dut1_dut2_vni} | ${fib_table_1}
-| | And Setup Qemu DUT1 | ${fib_table_1}
-| | Then Send packet and verify headers
-| | ... | ${tg_node} | ${tg1_ip4} | ${tg2_ip4}
-| | ... | ${tg_to_dut1} | ${tg_to_dut1_mac} | ${dst_vhost_mac}
-| | ... | ${tg_to_dut2} | ${dut2_to_tg_mac} | ${tg_to_dut2_mac}
-| | And Send packet and verify headers
-| | ... | ${tg_node} | ${tg2_ip4} | ${tg1_ip4}
-| | ... | ${tg_to_dut2} | ${tg_to_dut2_mac} | ${dut2_to_tg_mac}
-| | ... | ${tg_to_dut1} | ${dut1_to_tg_mac} | ${tg_to_dut1_mac}
-
-*** Keywords ***
-| Setup Qemu DUT1
-| | [Documentation] | Setup Vhosts on DUT1 and setup IP on one of them. Setup\
-| | ... | Qemu and bridge the vhosts. Optionally, you can set fib table ID\
-| | ... | where the vhost2 interface should be assigned to.
-| | ...
-| | [Arguments] | ${fib_table}=0
-| | ...
-| | ${vhost1}= | Vpp Create Vhost User Interface | ${dut1_node} | ${sock1}
-| | ${vhost2}= | Vpp Create Vhost User Interface | ${dut1_node} | ${sock2}
-| | And Add Fib Table | ${dut1_node} | ${fib_table}
-| | Assign Interface To Fib Table | ${dut1_node}
-| | ... | ${vhost2} | ${fib_table}
-| | Set Interface Address | ${dut1_node} | ${vhost2} | ${vhost_ip} | ${prefix4}
-| | Set Interface State | ${dut1_node} | ${vhost1} | up
-| | Set Interface State | ${dut1_node} | ${vhost2} | up
-| | Create bridge domain | ${dut1_node} | ${bid} | learn=${TRUE}
-| | Add interface to bridge domain | ${dut1_node}
-| | ... | ${dut1_to_tg} | ${bid} | 0
-| | Add interface to bridge domain | ${dut1_node}
-| | ... | ${vhost1} | ${bid} | 0
-| | ${vhost_mac}= | Get Vhost User Mac By SW Index | ${dut1_node} | ${vhost2}
-| | Set test variable | ${dst_vhost_mac} | ${vhost_mac}
-| | Configure VM for vhost L2BD forwarding | ${dut1_node} | ${sock1} | ${sock2}
-
-| Add IP Neighbors
-| | [Documentation]
-| | ... | Add IP neighbors to physical interfaces on DUTs.
-| | ...
-| | Add IP Neighbor | ${dut1_node} | ${dut1_to_tg} | ${tg1_ip4}
-| | ... | ${tg_to_dut1_mac}
-| | Add IP Neighbor | ${dut2_node} | ${dut2_to_tg} | ${tg2_ip4}
-| | ... | ${tg_to_dut2_mac}
-| | Add IP Neighbor | ${dut1_node} | ${dut1_to_dut2} | ${dut2_to_dut1_ip4}
-| | ... | ${dut2_to_dut1_mac}
-| | Add IP Neighbor | ${dut2_node} | ${dut2_to_dut1} | ${dut1_to_dut2_ip4}
-| | ... | ${dut1_to_dut2_mac}
diff --git a/tests/vpp/func/vm_vhost/ip4/eth2p-ethip4lispgpe-ip6base-eth-2vhost-1vm-func.robot b/tests/vpp/func/vm_vhost/ip4/eth2p-ethip4lispgpe-ip6base-eth-2vhost-1vm-func.robot
deleted file mode 100644
index 2034ad4cf4..0000000000
--- a/tests/vpp/func/vm_vhost/ip4/eth2p-ethip4lispgpe-ip6base-eth-2vhost-1vm-func.robot
+++ /dev/null
@@ -1,116 +0,0 @@
-# Copyright (c) 2016 Cisco and/or its affiliates.
-# Licensed under the Apache License, Version 2.0 (the "License");
-# you may not use this file except in compliance with the License.
-# You may obtain a copy of the License at:
-#
-#     http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS,
-# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# See the License for the specific language governing permissions and
-# limitations under the License.
-
-*** Settings ***
-| Resource | resources/libraries/robot/shared/default.robot
-| Resource | resources/libraries/robot/shared/testing_path.robot
-| Resource | resources/libraries/robot/ip/ip4.robot
-| Resource | resources/libraries/robot/shared/traffic.robot
-| Resource | resources/libraries/robot/overlay/lisp_static_adjacency.robot
-| Resource | resources/libraries/robot/l2/l2_traffic.robot
-| Resource | resources/libraries/robot/overlay/lispgpe.robot
-| Resource | resources/libraries/robot/l2/l2_bridge_domain.robot
-| Library  | resources.libraries.python.IPUtil
-| Library | resources.libraries.python.VhostUser
-| Library  | resources.libraries.python.Trace
-| Library  | resources.libraries.python.VPPUtil
-# import additional Lisp settings from resource file
-| Variables | resources/test_data/lisp/static_adjacency/lisp_static_adjacency.py
-| ...
-| Force Tags | 3_NODE_SINGLE_LINK_TOPO | 3_NODE_DOUBLE_LINK_TOPO
-| ... | VM_ENV | HW_ENV
-| ...
-| Test Setup | Set up functional test
-| ...
-| Test Teardown | Tear down LISP functional test with QEMU
-| ...
-| Documentation | *LISP static adjacency test cases*
-| ...
-| ... | *[Top] Network Topologies:* TG-DUT1-DUT2-TG 3-node circular topology\
-| ... | with single links between nodes.
-| ... | *[Enc] Packet Encapsulations:* Eth-IPv4-LISP-IPv6-ICMPv6 on DUT1-DUT2,\
-| ... | Eth-IPv6-ICMPv6 on TG-DUTn for IPv6 routing over LISPoIPv4 tunnel.
-| ... | *[Cfg] DUT configuration:* DUT1 and DUT2 are configured with IPv6\
-| ... | routing and static routes. LISPoIPv4 tunnel is configured\
-| ... | between DUT1 and DUT2.
-| ... | *[Ver] TG verification:* Test ICMPv6 Echo Request packets\
-| ... | are sent in both directions by TG on links to DUT1 and DUT2; on receive\
-| ... | TG verifies packets for correctness and their IPv6 src-addr,\
-| ... | dst-addr and MAC addresses.
-| ... | *[Ref] Applicable standard specifications:* RFC6830.
-
-*** Test Cases ***
-| TC01: DUT1 and DUT2 route IPv6 bidirectionally over LISP GPE tunnel using vhost interfaces
-| | [Documentation]
-| | ... | [Top] TG-DUT1-DUT2-TG.
-| | ... | [Enc] Eth-IPv4-LISPGPE-IPv6-ICMPv6 on DUT1-DUT2, Eth-IPv6-ICMPv6 on\
-| | ... | TG-DUTn.
-| | ... | [Cfg] Configure IPv4 LISP static adjacencies on DUT1 and DUT2.
-| | ... | [Ver] Case: ip6-lispgpe-ip4 - main fib, virt2lisp
-| | ... | Make TG send ICMPv6 Echo Req between its interfaces across both\
-| | ... | DUTs and LISP GPE tunnel between them; verify IPv6 headers on\
-| | ... | received packets are correct.
-| | ...
-| | Given Configure path in 3-node circular topology
-| | ... | ${nodes['TG']} | ${nodes['DUT1']} | ${nodes['DUT2']} | ${nodes['TG']}
-| | And Set interfaces in 3-node circular topology up
-| | And Configure IP addresses on interfaces
-| | ... | ${dut1_node} | ${dut1_to_dut2} | ${dut1_to_dut2_ip6o4}
-| | ... | ${dut_prefix6o4}
-| | ... | ${dut1_node} | ${dut1_to_tg} | ${dut1_to_tg_ip6o4} | ${tg_prefix6o4}
-| | ... | ${dut2_node} | ${dut2_to_dut1} | ${dut2_to_dut1_ip6o4}
-| | ... | ${dut_prefix6o4}
-| | ... | ${dut2_node} | ${dut2_to_tg} | ${dut2_to_tg_ip6o4} | ${tg_prefix6o4}
-| | And Add Arp On Dut | ${dut1_node} | ${dut1_to_tg} | ${tg1_ip6o4}
-| | ... | ${tg_to_dut1_mac}
-| | And Add Arp On Dut | ${dut2_node} | ${dut2_to_tg} | ${tg2_ip6o4}
-| | ... | ${tg_to_dut2_mac}
-| | And Add Arp On Dut | ${dut1_node} | ${dut1_to_dut2} | ${dut2_to_dut1_ip6o4}
-| | ... | ${dut2_to_dut1_mac}
-| | And Add Arp On Dut | ${dut2_node} | ${dut2_to_dut1} | ${dut1_to_dut2_ip6o4}
-| | ... | ${dut1_to_dut2_mac}
-| | And Vpp All RA Suppress Link Layer | ${nodes}
-| | When Configure LISP GPE topology in 3-node circular topology
-| | ... | ${dut1_node} | ${dut1_to_dut2} | ${NONE}
-| | ... | ${dut2_node} | ${dut2_to_dut1} | ${NONE}
-| | ... | ${duts_locator_set} | ${dut1_ip6o4_eid} | ${dut2_ip6o4_eid}
-| | ... | ${dut1_ip6o4_static_adjacency}
-| | ... | ${dut2_ip6o4_static_adjacency}
-| | And Setup Qemu DUT1
-| | Then Send packet and verify headers
-| | ... | ${tg_node} | ${tg1_ip6o4} | ${tg2_ip6o4}
-| | ... | ${tg_to_dut1} | ${tg_to_dut1_mac} | ${dst_vhost_mac}
-| | ... | ${tg_to_dut2} | ${dut2_to_tg_mac} | ${tg_to_dut2_mac}
-| | And Send packet and verify headers
-| | ... | ${tg_node} | ${tg2_ip6o4} | ${tg1_ip6o4}
-| | ... | ${tg_to_dut2} | ${tg_to_dut2_mac} | ${dut2_to_tg_mac}
-| | ... | ${tg_to_dut1} | ${dut1_to_tg_mac} | ${tg_to_dut1_mac}
-
-*** Keywords ***
-| Setup Qemu DUT1
-| | [Documentation] | Setup Vhosts on DUT1 and setup IP on one of them. Setup\
-| | ... | Qemu and bridge the vhosts.
-| | ...
-| | ${vhost1}= | Vpp Create Vhost User Interface | ${dut1_node} | ${sock1}
-| | ${vhost2}= | Vpp Create Vhost User Interface | ${dut1_node} | ${sock2}
-| | Set Interface Address | ${dut1_node} | ${vhost2} | ${vhost_ip} | ${prefix6}
-| | Set Interface State | ${dut1_node} | ${vhost1} | up
-| | Set Interface State | ${dut1_node} | ${vhost2} | up
-| | Create bridge domain | ${dut1_node} | ${bid} | learn=${TRUE}
-| | Add interface to bridge domain | ${dut1_node}
-| | ... | ${dut1_to_tg} | ${bid} | 0
-| | Add interface to bridge domain | ${dut1_node}
-| | ... | ${vhost1} | ${bid} | 0
-| | ${vhost_mac}= | Get Vhost User Mac By SW Index | ${dut1_node} | ${vhost2}
-| | Set test variable | ${dst_vhost_mac} | ${vhost_mac}
-| | Configure VM for vhost L2BD forwarding | ${dut1_node} | ${sock1} | ${sock2}
diff --git a/tests/vpp/func/vm_vhost/ip6/eth2p-ethip6ipsectptlispgpe-ip4base-eth-2vhost-1vm-func.robot b/tests/vpp/func/vm_vhost/ip6/eth2p-ethip6ipsectptlispgpe-ip4base-eth-2vhost-1vm-func.robot
deleted file mode 100644
index d2083612d0..0000000000
--- a/tests/vpp/func/vm_vhost/ip6/eth2p-ethip6ipsectptlispgpe-ip4base-eth-2vhost-1vm-func.robot
+++ /dev/null
@@ -1,181 +0,0 @@
-# Copyright (c) 2016 Cisco and/or its affiliates.
-# Licensed under the Apache License, Version 2.0 (the "License");
-# you may not use this file except in compliance with the License.
-# You may obtain a copy of the License at:
-#
-#     http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS,
-# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# See the License for the specific language governing permissions and
-# limitations under the License.
-
-*** Settings ***
-| Library | resources.libraries.python.topology.Topology
-| Library | resources.libraries.python.NodePath
-| Library | resources.libraries.python.Trace
-| Library | resources.libraries.python.IPUtil
-| Library | resources.libraries.python.L2Util
-| Library | resources.libraries.python.LispUtil
-| Library | resources.libraries.python.IPsecUtil
-| Library | resources.libraries.python.VatJsonUtil
-| Library | resources.libraries.python.IPv6Setup
-| Library | resources.libraries.python.VhostUser
-| Library  | resources.libraries.python.VPPUtil
-| Library | String
-| Resource | resources/libraries/robot/shared/traffic.robot
-| Resource | resources/libraries/robot/shared/default.robot
-| Resource | resources/libraries/robot/shared/interfaces.robot
-| Resource | resources/libraries/robot/shared/testing_path.robot
-| Resource | resources/libraries/robot/ip/ip6.robot
-| Resource | resources/libraries/robot/crypto/ipsec.robot
-| Resource | resources/libraries/robot/overlay/lispgpe.robot
-| Resource | resources/libraries/robot/l2/l2_bridge_domain.robot
-# Import configuration and test data:
-| Variables | resources/test_data/lisp/ipv4_lispgpe_ipv6/ipv4_lispgpe_ipsec_ipv6.py
-| ...
-| Force Tags | 3_NODE_SINGLE_LINK_TOPO | VM_ENV | LISP | SKIP_VPP_PATCH
-| ...
-| Test Setup | Set up functional test
-| ...
-| Test Teardown | Tear down LISP functional test with QEMU
-| ...
-| Documentation | *IPv6 - ip4-ipsec-lispgpe-ip6 - main fib, virt2lisp, phy2lisp*
-| ...
-| ... | *[Top] Network Topologies:* TG-DUT1-DUT2-TG 3-node circular topology\
-| ... | with single links between nodes.
-| ... | *[Enc] Packet Encapsulations:* Eth-IPv6-LISPGPE-IPSec-IPv4-ICMP,\
-| ... | Eth-IPv6-IPSec-LISPGPE-IPv4-ICMP
-| ... | *[Cfg] DUT configuration:* Each DUT is configured with LISP and IPsec.\
-| ... | IPsec is in transport mode. Test cases are for IPsec configured both\
-| ... | on RLOC interface or lisp_gpe0 interface.
-| ... | *[Ver] TG verification:* Packet is send from TG(if1) across the DUT1 to\
-| ... | DUT2 where it is forwarded to TG(if2).
-| ... | *[Ref] Applicable standard specifications:* RFC6830, RFC4303.
-
-*** Test Cases ***
-| TC01: DUT1 and DUT2 route IPv4 over Vhost to LISP GPE tunnel using IPsec (transport) on RLOC Int.
-| | [Documentation]
-| | ... | [Top] TG-DUT1-DUT2-TG.
-| | ... | [Enc] Eth-IPv6-LISPGPE-IPSec-IPv4-ICMP on DUT1-DUT2, Eth-IPv4-ICMP\
-| | ... | on TG-DUTn.
-| | ... | [Cfg] Configure IPv6 LISP static adjacencies on DUT1 and DUT2 with\
-| | ... | IPsec in between DUTS. Create Qemu vm on DUT1 and configure bridge\
-| | ... | between two vhosts.
-| | ... | [Ver] Case: ip6-ipsec-lispgpe-ip4 - main fib, virt2lisp\
-| | ... | Make TG send ICMPv6 Echo Req between its interfaces across\
-| | ... | both DUTs and LISP GPE tunnel between them; verify IPv6 headers on\
-| | ... | received packets are correct.
-| | ... | [Ref] RFC6830, RFC4303.
-| | ...
-| | ${encr_alg}= | Crypto Alg AES CBC 128
-| | ${auth_alg}= | Integ Alg SHA1 96
-| | Given Setup Topology And Lisp
-| | And Setup Qemu DUT1
-| | And Generate keys for IPSec | ${encr_alg} | ${auth_alg}
-| | When Configure manual keyed connection for IPSec
-| | ... | ${dut1_node} | ${dut1_to_dut2} | ${encr_alg} | ${encr_key}
-| | ... | ${auth_alg} | ${auth_key} | ${dut1_spi} | ${dut2_spi}
-| | ... | ${dut1_to_dut2_ip6} | ${dut2_to_dut1_ip6}
-| | And Configure manual keyed connection for IPSec
-| | ... | ${dut2_node} | ${dut2_to_dut1} | ${encr_alg} | ${encr_key}
-| | ... | ${auth_alg} | ${auth_key} | ${dut2_spi} | ${dut1_spi}
-| | ... | ${dut2_to_dut1_ip6} | ${dut1_to_dut2_ip6}
-| | Then Send packet and verify headers
-| | ... | ${tg_node} | ${tg1_ip4} | ${tg2_ip4}
-| | ... | ${tg_to_dut1} | ${tg_to_dut1_mac} | ${dst_vhost_mac}
-| | ... | ${tg_to_dut2} | ${dut2_to_tg_mac} | ${tg_to_dut2_mac}
-| | And Send packet and verify headers
-| | ... | ${tg_node} | ${tg2_ip4} | ${tg1_ip4}
-| | ... | ${tg_to_dut2} | ${tg_to_dut2_mac} | ${dut2_to_tg_mac}
-| | ... | ${tg_to_dut1} | ${dut1_to_tg_mac} | ${tg_to_dut1_mac}
-
-| TC02: DUT1 and DUT2 route IPv4 over Vhost to LISP GPE tunnel using IPsec (transport) on lisp_gpe0 Int.
-| | [Documentation]
-| | ... | [Top] TG-DUT1-DUT2-TG.
-| | ... | [Enc] Eth-IPv6-IPSec-LISPGPE-IPv6-ICMPv6 on DUT1-DUT2,\
-| | ... | Eth-IPv6-ICMPv6, on TG-DUTn.
-| | ... | [Cfg] Configure IPv6 LISP static adjacencies on DUT1 and DUT2 with\
-| | ... | IPsec in between DUTS.
-| | ... | [Ver] Case: ip6-ipsec-lispgpe-ip4 - main fib, virt2lisp\
-| | ... | Make TG send ICMPv6 Echo Req between its interfaces across\
-| | ... | both DUTs and LISP GPE tunnel between them; verify IPv6 headers on\
-| | ... | received packets are correct.
-| | ... | [Ref] RFC6830, RFC4303.
-| | ...
-| | ${encr_alg}= | Crypto Alg AES CBC 128
-| | ${auth_alg}= | Integ Alg SHA1 96
-| | Given Setup Topology And Lisp
-| | And Setup Qemu DUT1
-| | ${lisp1_if_idx}= | resources.libraries.python.InterfaceUtil.get sw if index
-| | ... | ${dut1_node} | ${lisp_gpe_int}
-| | ${lisp2_if_idx}= | resources.libraries.python.InterfaceUtil.get sw if index
-| | ... | ${dut2_node} | ${lisp_gpe_int}
-| | And Generate keys for IPSec | ${encr_alg} | ${auth_alg}
-| | When Configure manual keyed connection for IPSec
-| | ... | ${dut1_node} | ${lisp1_if_idx} | ${encr_alg} | ${encr_key}
-| | ... | ${auth_alg} | ${auth_key} | ${dut1_spi} | ${dut2_spi}
-| | ... | ${dut1_to_dut2_ip6} | ${dut2_to_dut1_ip6}
-| | And Configure manual keyed connection for IPSec
-| | ... | ${dut2_node} | ${lisp2_if_idx} | ${encr_alg} | ${encr_key}
-| | ... | ${auth_alg} | ${auth_key} | ${dut2_spi} | ${dut1_spi}
-| | ... | ${dut2_to_dut1_ip6} | ${dut1_to_dut2_ip6}
-| | Then Send packet and verify headers
-| | ... | ${tg_node} | ${tg1_ip4} | ${tg2_ip4}
-| | ... | ${tg_to_dut1} | ${tg_to_dut1_mac} | ${dst_vhost_mac}
-| | ... | ${tg_to_dut2} | ${dut2_to_tg_mac} | ${tg_to_dut2_mac}
-| | And Send packet and verify headers
-| | ... | ${tg_node} | ${tg2_ip4} | ${tg1_ip4}
-| | ... | ${tg_to_dut2} | ${tg_to_dut2_mac} | ${dut2_to_tg_mac}
-| | ... | ${tg_to_dut1} | ${dut1_to_tg_mac} | ${tg_to_dut1_mac}
-
-*** Keywords ***
-| Setup Topology And Lisp
-| | [Documentation] | Setup IPs and neighbors for interfaces on DUT1 and DUT2\
-| | ... | and then setup LISP.
-| | Configure path in 3-node circular topology
-| | ... | ${nodes['TG']} | ${nodes['DUT1']} | ${nodes['DUT2']} | ${nodes['TG']}
-| | Set interfaces in 3-node circular topology up
-| | Vpp Set If IPv6 Addr | ${dut1_node} | ${dut1_to_dut2} | ${dut1_to_dut2_ip6}
-| | ... | ${prefix6}
-| | Vpp Set If IPv6 Addr | ${dut1_node} | ${dut1_to_dut2} | ${dut1_to_dut2_ip6}
-| | ... | ${prefix6}
-| | Vpp Set If IPv6 Addr | ${dut1_node} | ${dut1_to_tg} | ${dut1_to_tg_ip4}
-| | ... | ${prefix4}
-| | Vpp Set If IPv6 Addr | ${dut2_node} | ${dut2_to_dut1} | ${dut2_to_dut1_ip6}
-| | ... | ${prefix6}
-| | Vpp Set If IPv6 Addr | ${dut2_node} | ${dut2_to_tg} | ${dut2_to_tg_ip4}
-| | ... | ${prefix4}
-| | Add IP Neighbor | ${dut2_node} | ${dut2_to_tg} | ${tg2_ip4}
-| | ... | ${tg_to_dut2_mac}
-| | Add IP Neighbor | ${dut1_node} | ${dut1_to_dut2} | ${dut2_to_dut1_ip6}
-| | ... | ${dut2_to_dut1_mac}
-| | Add IP Neighbor | ${dut2_node} | ${dut2_to_dut1} | ${dut1_to_dut2_ip6}
-| | ... | ${dut1_to_dut2_mac}
-| | Add IP Neighbor | ${dut1_node} | ${dut1_to_tg} | ${tg1_ip4}
-| | ... | ${tg_to_dut1_mac}
-| | Vpp All RA Suppress Link Layer | ${nodes}
-| | Configure LISP GPE topology in 3-node circular topology
-| | ... | ${dut1_node} | ${dut1_to_dut2} | ${NONE}
-| | ... | ${dut2_node} | ${dut2_to_dut1} | ${NONE}
-| | ... | ${duts_locator_set} | ${dut1_ip4_eid} | ${dut2_ip4_eid}
-| | ... | ${dut1_to_dut2_ip_static_adjacency}
-| | ... | ${dut2_to_dut1_ip_static_adjacency}
-
-| Setup Qemu DUT1
-| | [Documentation] | Setup Vhosts on DUT1 and setup IP to one of them. Setup\
-| | ... | Qemu and bridge the vhosts.
-| | ${vhost1}= | And Vpp Create Vhost User Interface | ${dut1_node} | ${sock1}
-| | ${vhost2}= | And Vpp Create Vhost User Interface | ${dut1_node} | ${sock2}
-| | Set Interface Address | ${dut1_node} | ${vhost2} | ${vhost_ip} | ${prefix4}
-| | Set Interface State | ${dut1_node} | ${vhost1} | up
-| | Set Interface State | ${dut1_node} | ${vhost2} | up
-| | Create bridge domain | ${dut1_node} | ${bid} | learn=${TRUE}
-| | Add interface to bridge domain | ${dut1_node}
-| | ... | ${dut1_to_tg} | ${bid} | 0
-| | Add interface to bridge domain | ${dut1_node}
-| | ... | ${vhost1} | ${bid} | 0
-| | ${vhost_mac}= | Get Vhost User Mac By SW Index | ${dut1_node} | ${vhost2}
-| | Set test variable | ${dst_vhost_mac} | ${vhost_mac}
-| | Configure VM for vhost L2BD forwarding | ${dut1_node} | ${sock1} | ${sock2}
diff --git a/tests/vpp/func/vm_vhost/ip6/eth2p-ethip6ipsectptlispgpe-ip6base-eth-2vhost-1vm-func.robot b/tests/vpp/func/vm_vhost/ip6/eth2p-ethip6ipsectptlispgpe-ip6base-eth-2vhost-1vm-func.robot
deleted file mode 100644
index 69a5b71c57..0000000000
--- a/tests/vpp/func/vm_vhost/ip6/eth2p-ethip6ipsectptlispgpe-ip6base-eth-2vhost-1vm-func.robot
+++ /dev/null
@@ -1,200 +0,0 @@
-# Copyright (c) 2016 Cisco and/or its affiliates.
-# Licensed under the Apache License, Version 2.0 (the "License");
-# you may not use this file except in compliance with the License.
-# You may obtain a copy of the License at:
-#
-#     http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS,
-# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# See the License for the specific language governing permissions and
-# limitations under the License.
-
-*** Settings ***
-| Library | resources.libraries.python.topology.Topology
-| Library | resources.libraries.python.NodePath
-| Library | resources.libraries.python.Trace
-| Library | resources.libraries.python.IPUtil
-| Library | resources.libraries.python.L2Util
-| Library | resources.libraries.python.LispUtil
-| Library | resources.libraries.python.VPPUtil
-| Library | resources.libraries.python.IPsecUtil
-| Library | resources.libraries.python.VatJsonUtil
-| Library | resources.libraries.python.IPv6Setup
-| Library | resources.libraries.python.VhostUser
-| Library | String
-| Resource | resources/libraries/robot/shared/traffic.robot
-| Resource | resources/libraries/robot/shared/default.robot
-| Resource | resources/libraries/robot/shared/interfaces.robot
-| Resource | resources/libraries/robot/shared/testing_path.robot
-| Resource | resources/libraries/robot/ip/ip6.robot
-| Resource | resources/libraries/robot/crypto/ipsec.robot
-| Resource | resources/libraries/robot/overlay/lispgpe.robot
-| Resource | resources/libraries/robot/l2/l2_bridge_domain.robot
-# Import configuration and test data:
-| Variables | resources/test_data/lisp/ipv6_lispgpe_ipv6/ipv6_lispgpe_ipsec_ipv6.py
-| ...
-| Force Tags | 3_NODE_SINGLE_LINK_TOPO | VM_ENV | LISP | SKIP_VPP_PATCH
-| ... | EXPECTED_FAILING
-| ...
-| Test Setup | Run Keywords | Set up functional test
-| ...        | AND          | Vpp All Ra Suppress Link Layer | ${nodes}
-| ...
-| Test Teardown | Tear down LISP functional test with QEMU
-| ...
-| Documentation | *IPv6 - ip6-ipsec-lispgpe-ip6 - main fib,
-| ... | vrf (gpe_vni-to-vrf), phy2lisp, virt2lisp*
-| ...
-| ... | *[Top] Network Topologies:* TG-DUT1-DUT2-TG 3-node circular topology\
-| ... | with single links between nodes.
-| ... | *[Enc] Packet Encapsulations:* Eth-IPv6-IPSec-LISPGPE-IPv6-ICMPv6,\
-| ... | *[Cfg] DUT configuration:* Each DUT is configured with LISP and IPsec.\
-| ... | IPsec is in transport mode. Tests cases are for IPsec configured both\
-| ... | on RLOC interface or lisp_gpe0 interface.
-| ... | *[Ver] TG verification:* Packet is send from TG(if1) across the DUT1\
-| ... | via VM to DUT2 where it is forwarded to TG(if2).
-| ... | *[Ref] Applicable standard specifications:* RFC6830, RFC4303.
-
-*** Variables ***
-| ${dut2_spi}= | ${1000}
-| ${dut1_spi}= | ${1001}
-
-| ${ESP_PROTO}= | ${50}
-
-| ${sock1}= | /tmp/sock1
-| ${sock2}= | /tmp/sock2
-
-| ${bid}= | 10
-
-*** Test Cases ***
-| TC01: DUT1 and DUT2 route IPv6 over Vhost to LISP GPE tunnel using IPsec (transport) on RLOC Int.
-| | [Documentation]
-| | ... | [Top] TG-DUT1-DUT2-TG.
-| | ... | [Enc] Eth-IPv6-IPSec-LISPGPE-IPv6-ICMP on DUT1-DUT2, Eth-IPv6-ICMP\
-| | ... | on TG-DUTn.
-| | ... | [Cfg] Configure IPv6 LISP static adjacencies on DUT1 and DUT2 with\
-| | ... | IPsec in between DUTS. Create Qemu vm on DUT1 and configure bridge\
-| | ... | between two vhosts.
-| | ... | [Ver] Case: ip6-ipsec-lispgpe-ip6 - main fib, virt2lisp\
-| | ... | Make TG send ICMPv6 Echo Req between its interfaces across\
-| | ... | both DUTs and LISP GPE tunnel between them; verify IPv6 headers on\
-| | ... | received packets are correct.
-| | ... | [Ref] RFC6830, RFC4303.
-| | ...
-| | ${encr_alg}= | Crypto Alg AES CBC 128
-| | ${auth_alg}= | Integ Alg SHA1 96
-| | Given Setup Topology
-| | And Setup Qemu DUT1
-| | And Configure LISP GPE topology in 3-node circular topology
-| | ... | ${dut1_node} | ${dut1_to_dut2} | ${NONE}
-| | ... | ${dut2_node} | ${dut2_to_dut1} | ${NONE}
-| | ... | ${duts_locator_set} | ${dut1_ip6_eid} | ${dut2_ip6_eid}
-| | ... | ${dut1_to_dut2_ip6_static_adjacency}
-| | ... | ${dut2_to_dut1_ip6_static_adjacency}
-| | And Generate keys for IPSec | ${encr_alg} | ${auth_alg}
-| | When Configure manual keyed connection for IPSec
-| | ... | ${dut1_node} | ${dut1_to_dut2} | ${encr_alg} | ${encr_key}
-| | ... | ${auth_alg} | ${auth_key} | ${dut1_spi} | ${dut2_spi}
-| | ... | ${dut1_to_dut2_ip6} | ${dut2_to_dut1_ip6}
-| | And Configure manual keyed connection for IPSec
-| | ... | ${dut2_node} | ${dut2_to_dut1} | ${encr_alg} | ${encr_key}
-| | ... | ${auth_alg} | ${auth_key} | ${dut2_spi} | ${dut1_spi}
-| | ... | ${dut2_to_dut1_ip6} | ${dut1_to_dut2_ip6}
-| | Then Send packet and verify headers
-| | ... | ${tg_node} | ${tg1_ip6} | ${tg2_ip6}
-| | ... | ${tg_to_dut1} | ${tg_to_dut1_mac} | ${dst_vhost_mac}
-| | ... | ${tg_to_dut2} | ${dut2_to_tg_mac} | ${tg_to_dut2_mac}
-| | And Send packet and verify headers
-| | ... | ${tg_node} | ${tg2_ip6} | ${tg1_ip6}
-| | ... | ${tg_to_dut2} | ${tg_to_dut2_mac} | ${dut2_to_tg_mac}
-| | ... | ${tg_to_dut1} | ${dut1_to_tg_mac} | ${tg_to_dut1_mac}
-
-| TC02: DUT1 and DUT2 route IPv6 over Vhost to LISP GPE tunnel using IPsec (transport) on lisp_gpe0 Int.
-| | [Documentation]
-| | ... | [Top] TG-DUT1-DUT2-TG.
-| | ... | [Enc] Eth-IPv6-IPSec-LISPGPE-IPv6-ICMPv6 on DUT1-DUT2,\
-| | ... | Eth-IPv6-ICMPv6 on TG-DUTn.
-| | ... | [Cfg] Configure IPv6 LISP static adjacencies on DUT1 and DUT2 with\
-| | ... | IPsec in between DUTS.
-| | ... | [Ver] Case: ip6-ipsec-lispgpe-ip6 - main fib, virt2lisp\
-| | ... | Make TG send ICMPv6 Echo Req between its interfaces across\
-| | ... | both DUTs and LISP GPE tunnel between them; verify IPv6 headers on\
-| | ... | received packets are correct.
-| | ... | [Ref] RFC6830, RFC4303.
-| | ...
-| | ${encr_alg}= | Crypto Alg AES CBC 128
-| | ${auth_alg}= | Integ Alg SHA1 96
-| | Given Setup Topology
-| | And Setup Qemu DUT1
-| | And Configure LISP GPE topology in 3-node circular topology
-| | ... | ${dut1_node} | ${dut1_to_dut2} | ${NONE}
-| | ... | ${dut2_node} | ${dut2_to_dut1} | ${NONE}
-| | ... | ${duts_locator_set} | ${dut1_ip6_eid} | ${dut2_ip6_eid}
-| | ... | ${dut1_to_dut2_ip6_static_adjacency}
-| | ... | ${dut2_to_dut1_ip6_static_adjacency}
-| | ${lisp1_if_idx}= | resources.libraries.python.InterfaceUtil.get sw if index
-| | ... | ${dut1_node} | lisp_gpe0
-| | ${lisp2_if_idx}= | resources.libraries.python.InterfaceUtil.get sw if index
-| | ... | ${dut2_node} | lisp_gpe0
-| | And Generate keys for IPSec | ${encr_alg} | ${auth_alg}
-| | When Configure manual keyed connection for IPSec
-| | ... | ${dut1_node} | ${lisp1_if_idx} | ${encr_alg} | ${encr_key}
-| | ... | ${auth_alg} | ${auth_key} | ${dut1_spi} | ${dut2_spi}
-| | ... | ${dut1_to_dut2_ip6} | ${dut2_to_dut1_ip6}
-| | And Configure manual keyed connection for IPSec
-| | ... | ${dut2_node} | ${lisp2_if_idx} | ${encr_alg} | ${encr_key}
-| | ... | ${auth_alg} | ${auth_key} | ${dut2_spi} | ${dut1_spi}
-| | ... | ${dut2_to_dut1_ip6} | ${dut1_to_dut2_ip6}
-| | Then Send packet and verify headers
-| | ... | ${tg_node} | ${tg1_ip6} | ${tg2_ip6}
-| | ... | ${tg_to_dut1} | ${tg_to_dut1_mac} | ${dst_vhost_mac}
-| | ... | ${tg_to_dut2} | ${dut2_to_tg_mac} | ${tg_to_dut2_mac}
-| | And Send packet and verify headers
-| | ... | ${tg_node} | ${tg2_ip6} | ${tg1_ip6}
-| | ... | ${tg_to_dut2} | ${tg_to_dut2_mac} | ${dut2_to_tg_mac}
-| | ... | ${tg_to_dut1} | ${dut1_to_tg_mac} | ${tg_to_dut1_mac}
-
-*** Keywords ***
-| Setup Topology
-| | Configure path in 3-node circular topology
-| | ... | ${nodes['TG']} | ${nodes['DUT1']} | ${nodes['DUT2']} | ${nodes['TG']}
-| | Set interfaces in 3-node circular topology up
-| | Vpp Set If IPv6 Addr | ${dut1_node} | ${dut1_to_dut2} | ${dut1_to_dut2_ip6}
-| | ... | ${prefix6}
-| | Vpp Set If IPv6 Addr | ${dut1_node} | ${dut1_to_dut2} | ${dut1_to_dut2_ip6}
-| | ... | ${prefix6}
-| | Vpp Set If IPv6 Addr | ${dut1_node} | ${dut1_to_tg} | ${dut1_to_tg_ip6}
-| | ... | ${prefix6}
-| | Vpp Set If IPv6 Addr | ${dut2_node} | ${dut2_to_dut1} | ${dut2_to_dut1_ip6}
-| | ... | ${prefix6}
-| | Vpp Set If IPv6 Addr | ${dut2_node} | ${dut2_to_tg} | ${dut2_to_tg_ip6}
-| | ... | ${prefix6}
-| | Add IP Neighbor | ${dut1_node} | ${dut1_to_tg} | ${tg1_ip6}
-| | ... | ${tg_to_dut1_mac}
-| | Add IP Neighbor | ${dut2_node} | ${dut2_to_tg} | ${tg2_ip6}
-| | ... | ${tg_to_dut2_mac}
-| | Add IP Neighbor | ${dut1_node} | ${dut1_to_dut2} | ${dut2_to_dut1_ip6}
-| | ... | ${dut2_to_dut1_mac}
-| | Add IP Neighbor | ${dut2_node} | ${dut2_to_dut1} | ${dut1_to_dut2_ip6}
-| | ... | ${dut1_to_dut2_mac}
-| | Vpp All RA Suppress Link Layer | ${nodes}
-
-| Setup Qemu DUT1
-| | [Documentation] | Setup Vhosts on DUT1 and setup IP to one of them. Setup \
-| | ... | Qemu and bridge the vhosts.
-| | ${vhost1}= | And Vpp Create Vhost User Interface | ${dut1_node} | ${sock1}
-| | ${vhost2}= | And Vpp Create Vhost User Interface | ${dut1_node} | ${sock2}
-| | Vpp Set If IPv6 Addr | ${dut1_node} | ${vhost2} | 2001:cdba:1::9
-| | ... | ${prefix6}
-| | Set Interface State | ${dut1_node} | ${vhost1} | up
-| | Set Interface State | ${dut1_node} | ${vhost2} | up
-| | Vpp RA Suppress Link Layer | ${dut1_node} | ${vhost2}
-| | Create bridge domain | ${dut1_node} | ${bid} | learn=${TRUE}
-| | Add interface to bridge domain | ${dut1_node}
-| | ... | ${dut1_to_tg} | ${bid} | 0
-| | Add interface to bridge domain | ${dut1_node}
-| | ... | ${vhost1} | ${bid} | 0
-| | ${vhost_mac}= | Get Vhost User Mac By SW Index | ${dut1_node} | ${vhost2}
-| | Set test variable | ${dst_vhost_mac} | ${vhost_mac}
-| | Configure VM for vhost L2BD forwarding | ${dut1_node} | ${sock1} | ${sock2}
diff --git a/tests/vpp/func/vm_vhost/ip6/eth2p-ethip6lispgpe-ip6base-eth-2vhost-1vm-func.robot b/tests/vpp/func/vm_vhost/ip6/eth2p-ethip6lispgpe-ip6base-eth-2vhost-1vm-func.robot
deleted file mode 100644
index c19a2b042b..0000000000
--- a/tests/vpp/func/vm_vhost/ip6/eth2p-ethip6lispgpe-ip6base-eth-2vhost-1vm-func.robot
+++ /dev/null
@@ -1,130 +0,0 @@
-# Copyright (c) 2016 Cisco and/or its affiliates.
-# Licensed under the Apache License, Version 2.0 (the "License");
-# you may not use this file except in compliance with the License.
-# You may obtain a copy of the License at:
-#
-#     http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS,
-# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# See the License for the specific language governing permissions and
-# limitations under the License.
-
-*** Settings ***
-| Library | resources.libraries.python.topology.Topology
-| Library | resources.libraries.python.NodePath
-| Library | resources.libraries.python.Trace
-| Library | resources.libraries.python.IPUtil
-| Library | resources.libraries.python.IPv6Setup
-| Library | resources.libraries.python.VPPUtil
-| Resource | resources/libraries/robot/shared/traffic.robot
-| Resource | resources/libraries/robot/shared/default.robot
-| Resource | resources/libraries/robot/shared/interfaces.robot
-| Resource | resources/libraries/robot/shared/testing_path.robot
-| Resource | resources/libraries/robot/l2/l2_bridge_domain.robot
-| Resource | resources/libraries/robot/overlay/lispgpe.robot
-# Import configuration and test data:
-| Variables | resources/test_data/lisp/ipv6_lispgpe_ipv6/ipv6_lispgpe_ipv6.py
-| ...
-| Force Tags | 3_NODE_SINGLE_LINK_TOPO | VM_ENV | LISP
-| ...
-| Test Setup | Run Keywords | Set up functional test
-| ... | AND | Vpp All Ra Suppress Link Layer | ${nodes}
-| ...
-| Test Teardown | Tear down LISP functional test with QEMU
-| ...
-| Documentation | *ip6-lispgpe-ip6 encapsulation test cases*
-| ...
-| ... | *[Top] Network Topologies:* TG-DUT1-DUT2-TG 3-node circular topology\
-| ... | with single links between nodes.
-| ... | *[Enc] Packet Encapsulations:* Eth-IPv6-LISP-IPv6-ICMPv6 on DUT1-DUT2,\
-| ... | Eth-IPv6-ICMPv6 on TG-DUTn for IPv6 routing over LISPoIPv6 tunnel.
-| ... | *[Cfg] DUT configuration:* DUT1 and DUT2 are configured with IPv6\
-| ... | routing and static routes. LISPoIPv6 tunnel is configured between\
-| ... | DUT1 and DUT2.
-| ... | *[Ver] TG verification:* Test ICMPv6 Echo Request packets are sent in\
-| ... | both directions by TG on links to DUT1 and DUT2; on receive\
-| ... | TG verifies packets for correctness and their IPv6 src-addr, dst-addr\
-| ... | and MAC addresses.
-| ... | *[Ref] Applicable standard specifications:* RFC6830.
-
-*** Test Cases ***
-| TC01: DUT1 and DUT2 route IPv6 bidirectionally over LISP GPE tunnel using vhost interfaces
-| | [Documentation]
-| | ... | [Top] TG-DUT1-DUT2-TG.
-| | ... | [Enc] Eth-IPv6-LISPGPE-IPv6-ICMPv6 on DUT1-DUT2, Eth-IPv6-ICMPv6 on\
-| | ... | TG-DUTn.
-| | ... | [Cfg] Configure IPv6 LISP static adjacencies on DUT1 and DUT2.
-| | ... | [Ver] Case: ip6-ipsec-lispgpe-ip6 - main fib, virt2lisp
-| | ... | Make TG send ICMPv6 Echo Req between its interfaces across both\
-| | ... | DUTs and LISP GPE tunnel between them; verify IPv6 headers on\
-| | ... | received packets are correct.
-| | ...
-| | Given Configure path in 3-node circular topology
-| | ... | ${nodes['TG']} | ${nodes['DUT1']} | ${nodes['DUT2']} | ${nodes['TG']}
-| | And Set interfaces in 3-node circular topology up
-| | And Vpp Set If IPv6 Addr
-| | ... | ${dut1_node} | ${dut1_to_dut2} | ${dut1_to_dut2_ip6} | ${prefix6}
-| | And Vpp Set If IPv6 Addr
-| | ... | ${dut1_node} | ${dut1_to_tg} | ${dut1_to_tg_ip6} | ${prefix6}
-| | And Vpp Set If IPv6 Addr
-| | ... | ${dut2_node} | ${dut2_to_dut1} | ${dut2_to_dut1_ip6} | ${prefix6}
-| | And Vpp Set If IPv6 Addr
-| | ... | ${dut2_node} | ${dut2_to_tg} | ${dut2_to_tg_ip6} | ${prefix6}
-| | And Add IP Neighbors
-| | And Vpp All RA Suppress Link Layer | ${nodes}
-| | When Configure LISP GPE topology in 3-node circular topology
-| | ... | ${dut1_node} | ${dut1_to_dut2} | ${NONE}
-| | ... | ${dut2_node} | ${dut2_to_dut1} | ${NONE}
-| | ... | ${duts_locator_set} | ${dut1_ip6_eid} | ${dut2_ip6_eid}
-| | ... | ${dut1_to_dut2_ip6_static_adjacency}
-| | ... | ${dut2_to_dut1_ip6_static_adjacency}
-| | And Setup Qemu DUT1
-| | Then Send packet and verify headers
-| | ... | ${tg_node} | ${tg1_ip6} | ${tg2_ip6}
-| | ... | ${tg_to_dut1} | ${tg_to_dut1_mac} | ${dst_vhost_mac}
-| | ... | ${tg_to_dut2} | ${dut2_to_tg_mac} | ${tg_to_dut2_mac}
-| | And Send packet and verify headers
-| | ... | ${tg_node} | ${tg2_ip6} | ${tg1_ip6}
-| | ... | ${tg_to_dut2} | ${tg_to_dut2_mac} | ${dut2_to_tg_mac}
-| | ... | ${tg_to_dut1} | ${dut1_to_tg_mac} | ${tg_to_dut1_mac}
-
-*** Keywords ***
-| Setup Qemu DUT1
-| | [Documentation] | Setup Vhosts on DUT1 and setup IP on one of them. Setup\
-| | ... | Qemu and bridge the vhosts. Optionally, you can set fib table ID\
-| | ... | where the vhost2 interface should be assigned to.
-| | ...
-| | [Arguments] | ${fib_table}=0
-| | ...
-| | ${vhost1}= | Vpp Create Vhost User Interface | ${dut1_node} | ${sock1}
-| | ${vhost2}= | Vpp Create Vhost User Interface | ${dut1_node} | ${sock2}
-| | And Add Fib Table | ${dut1_node} | ${fib_table} | ipv6={TRUE}
-| | Assign Interface To Fib Table | ${dut1_node}
-| | ... | ${vhost2} | ${fib_table} | ipv6=${TRUE}
-| | Vpp Set If IPv6 Addr | ${dut1_node} | ${vhost2} | ${vhost_ip}
-| | ... | ${prefix6}
-| | Set Interface State | ${dut1_node} | ${vhost1} | up
-| | Set Interface State | ${dut1_node} | ${vhost2} | up
-| | Create bridge domain | ${dut1_node} | ${bid} | learn=${TRUE}
-| | Add interface to bridge domain | ${dut1_node}
-| | ... | ${dut1_to_tg} | ${bid} | 0
-| | Add interface to bridge domain | ${dut1_node}
-| | ... | ${vhost1} | ${bid} | 0
-| | ${vhost_mac}= | Get Vhost User Mac By SW Index | ${dut1_node} | ${vhost2}
-| | Set test variable | ${dst_vhost_mac} | ${vhost_mac}
-| | Configure VM for vhost L2BD forwarding | ${dut1_node} | ${sock1} | ${sock2}
-
-| Add IP Neighbors
-| | [Documentation]
-| | ... | Add IP neighbors to physical interfaces on DUTs.
-| | ...
-| | Add IP Neighbor | ${dut1_node} | ${dut1_to_tg} | ${tg1_ip6}
-| | ... | ${tg_to_dut1_mac}
-| | Add IP Neighbor | ${dut2_node} | ${dut2_to_tg} | ${tg2_ip6}
-| | ... | ${tg_to_dut2_mac}
-| | Add IP Neighbor | ${dut1_node} | ${dut1_to_dut2} | ${dut2_to_dut1_ip6}
-| | ... | ${dut2_to_dut1_mac}
-| | Add IP Neighbor | ${dut2_node} | ${dut2_to_dut1} | ${dut1_to_dut2_ip6}
-| | ... | ${dut1_to_dut2_mac}
diff --git a/tests/vpp/func/vm_vhost/ip6/eth2p-ethip6lispgpe-ip6basevrf-eth-2vhost-1vm-func.robot b/tests/vpp/func/vm_vhost/ip6/eth2p-ethip6lispgpe-ip6basevrf-eth-2vhost-1vm-func.robot
deleted file mode 100644
index 5b0dc9c0d5..0000000000
--- a/tests/vpp/func/vm_vhost/ip6/eth2p-ethip6lispgpe-ip6basevrf-eth-2vhost-1vm-func.robot
+++ /dev/null
@@ -1,139 +0,0 @@
-# Copyright (c) 2016 Cisco and/or its affiliates.
-# Licensed under the Apache License, Version 2.0 (the "License");
-# you may not use this file except in compliance with the License.
-# You may obtain a copy of the License at:
-#
-#     http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS,
-# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# See the License for the specific language governing permissions and
-# limitations under the License.
-
-*** Settings ***
-| Library | resources.libraries.python.topology.Topology
-| Library | resources.libraries.python.NodePath
-| Library | resources.libraries.python.Trace
-| Library | resources.libraries.python.IPUtil
-| Library | resources.libraries.python.IPv6Setup
-| Library | resources.libraries.python.VPPUtil
-| Resource | resources/libraries/robot/shared/traffic.robot
-| Resource | resources/libraries/robot/shared/default.robot
-| Resource | resources/libraries/robot/shared/interfaces.robot
-| Resource | resources/libraries/robot/shared/testing_path.robot
-| Resource | resources/libraries/robot/l2/l2_bridge_domain.robot
-| Resource | resources/libraries/robot/overlay/lispgpe.robot
-# Import configuration and test data:
-| Variables | resources/test_data/lisp/ipv6_lispgpe_ipv6/ipv6_lispgpe_ipv6.py
-| ...
-| Force Tags | 3_NODE_SINGLE_LINK_TOPO | VM_ENV | LISP
-| ...
-| Test Setup | Run Keywords | Set up functional test
-| ... | AND | Vpp All Ra Suppress Link Layer | ${nodes}
-| ...
-| Test Teardown | Tear down LISP functional test with QEMU
-| ...
-| Documentation | *ip6-lispgpe-ip6 encapsulation test cases*
-| ...
-| ... | *[Top] Network Topologies:* TG-DUT1-DUT2-TG 3-node circular topology\
-| ... | with single links between nodes.
-| ... | *[Enc] Packet Encapsulations:* Eth-IPv6-LISP-IPv6-ICMPv6 on DUT1-DUT2,\
-| ... | Eth-IPv6-ICMPv6 on TG-DUTn for IPv6 routing over LISPoIPv6 tunnel.
-| ... | *[Cfg] DUT configuration:* DUT1 and DUT2 are configured with IPv6\
-| ... | routing and static routes. LISPoIPv6 tunnel is configured between\
-| ... | DUT1 and DUT2.
-| ... | *[Ver] TG verification:* Test ICMPv6 Echo Request packets are sent in\
-| ... | both directions by TG on links to DUT1 and DUT2; on receive\
-| ... | TG verifies packets for correctness and their IPv6 src-addr, dst-addr\
-| ... | and MAC addresses.
-| ... | *[Ref] Applicable standard specifications:* RFC6830.
-
-*** Test Cases ***
-| TC01: DUT1 and DUT2 route IPv6 bidirectionally over LISP GPE tunnel using vhost interfaces and VRF is enabled
-| | [Documentation]
-| | ... | [Top] TG-DUT1-DUT2-TG.
-| | ... | [Enc] Eth-IPv6-LISPGPE-IPv6-ICMPv6 on DUT1-DUT2, Eth-IPv6-ICMPv6 on\
-| | ... | TG-DUTn.
-| | ... | [Cfg] Configure IPv6 LISP static adjacencies on DUT1 and DUT2.
-| | ... | [Ver] Case: ip6-lispgpe-ip6 - vrf, virt2lisp
-| | ... | Make TG send ICMPv6 Echo Req between its interfaces across both\
-| | ... | DUTs and LISP GPE tunnel between them; verify IPv6 headers on\
-| | ... | received packets are correct.
-| | ... | [Ref] RFC6830.
-| | ...
-| | ...
-| | Given Configure path in 3-node circular topology
-| | ... | ${nodes['TG']} | ${nodes['DUT1']} | ${nodes['DUT2']} | ${nodes['TG']}
-| | And Set interfaces in 3-node circular topology up
-| | And Add Fib Table | ${dut1_node} | ${fib_table_1} | ipv6=${TRUE}
-| | And Add Fib Table | ${dut2_node} | ${fib_table_1} | ipv6=${TRUE}
-| | And Assign Interface To Fib Table | ${dut1_node}
-| | ... | ${dut1_to_tg} | ${fib_table_1} | ipv6=${TRUE}
-| | And Assign Interface To Fib Table | ${dut2_node}
-| | ... | ${dut2_to_tg} | ${fib_table_1} | ipv6=${TRUE}
-| | And Vpp Set If IPv6 Addr
-| | ... | ${dut1_node} | ${dut1_to_dut2} | ${dut1_to_dut2_ip6} | ${prefix6}
-| | And Vpp Set If IPv6 Addr
-| | ... | ${dut1_node} | ${dut1_to_tg} | ${dut1_to_tg_ip6} | ${prefix6}
-| | And Vpp Set If IPv6 Addr
-| | ... | ${dut2_node} | ${dut2_to_dut1} | ${dut2_to_dut1_ip6} | ${prefix6}
-| | And Vpp Set If IPv6 Addr
-| | ... | ${dut2_node} | ${dut2_to_tg} | ${dut2_to_tg_ip6} | ${prefix6}
-| | And Add IP Neighbors
-| | And Vpp All RA Suppress Link Layer | ${nodes}
-| | When Configure LISP GPE topology in 3-node circular topology
-| | ... | ${dut1_node} | ${dut1_to_dut2} | ${NONE}
-| | ... | ${dut2_node} | ${dut2_to_dut1} | ${NONE}
-| | ... | ${duts_locator_set} | ${dut1_ip6_eid} | ${dut2_ip6_eid}
-| | ... | ${dut1_to_dut2_ip6_static_adjacency}
-| | ... | ${dut2_to_dut1_ip6_static_adjacency}
-| | ... | ${dut1_dut2_vni} | ${fib_table_1}
-| | And Setup Qemu DUT1 | ${fib_table_1}
-| | Then Send packet and verify headers
-| | ... | ${tg_node} | ${tg1_ip6} | ${tg2_ip6}
-| | ... | ${tg_to_dut1} | ${tg_to_dut1_mac} | ${dst_vhost_mac}
-| | ... | ${tg_to_dut2} | ${dut2_to_tg_mac} | ${tg_to_dut2_mac}
-| | And Send packet and verify headers
-| | ... | ${tg_node} | ${tg2_ip6} | ${tg1_ip6}
-| | ... | ${tg_to_dut2} | ${tg_to_dut2_mac} | ${dut2_to_tg_mac}
-| | ... | ${tg_to_dut1} | ${dut1_to_tg_mac} | ${tg_to_dut1_mac}
-
-*** Keywords ***
-| Setup Qemu DUT1
-| | [Documentation] | Setup Vhosts on DUT1 and setup IP on one of them. Setup\
-| | ... | Qemu and bridge the vhosts. Optionally, you can set fib table ID\
-| | ... | where the vhost2 interface should be assigned to.
-| | ...
-| | [Arguments] | ${fib_table}=0
-| | ...
-| | ${vhost1}= | Vpp Create Vhost User Interface | ${dut1_node} | ${sock1}
-| | ${vhost2}= | Vpp Create Vhost User Interface | ${dut1_node} | ${sock2}
-| | And Add Fib Table | ${dut1_node} | ${fib_table} | ipv6=${TRUE}
-| | Assign Interface To Fib Table | ${dut1_node}
-| | ... | ${vhost2} | ${fib_table} | ipv6=${TRUE}
-| | Vpp Set If IPv6 Addr | ${dut1_node} | ${vhost2} | ${vhost_ip}
-| | ... | ${prefix6}
-| | Set Interface State | ${dut1_node} | ${vhost1} | up
-| | Set Interface State | ${dut1_node} | ${vhost2} | up
-| | Create bridge domain | ${dut1_node} | ${bid} | learn=${TRUE}
-| | Add interface to bridge domain | ${dut1_node}
-| | ... | ${dut1_to_tg} | ${bid} | 0
-| | Add interface to bridge domain | ${dut1_node}
-| | ... | ${vhost1} | ${bid} | 0
-| | ${vhost_mac}= | Get Vhost User Mac By SW Index | ${dut1_node} | ${vhost2}
-| | Set test variable | ${dst_vhost_mac} | ${vhost_mac}
-| | Configure VM for vhost L2BD forwarding | ${dut1_node} | ${sock1} | ${sock2}
-
-| Add IP Neighbors
-| | [Documentation]
-| | ... | Add IP neighbors to physical interfaces on DUTs.
-| | ...
-| | Add IP Neighbor | ${dut1_node} | ${dut1_to_tg} | ${tg1_ip6}
-| | ... | ${tg_to_dut1_mac}
-| | Add IP Neighbor | ${dut2_node} | ${dut2_to_tg} | ${tg2_ip6}
-| | ... | ${tg_to_dut2_mac}
-| | Add IP Neighbor | ${dut1_node} | ${dut1_to_dut2} | ${dut2_to_dut1_ip6}
-| | ... | ${dut2_to_dut1_mac}
-| | Add IP Neighbor | ${dut2_node} | ${dut2_to_dut1} | ${dut1_to_dut2_ip6}
-| | ... | ${dut1_to_dut2_mac}
diff --git a/tests/vpp/func/vm_vhost/l2bd/eth2p-dot1q-l2bdbasemaclrn-eth-2vhost-1vm-func.robot b/tests/vpp/func/vm_vhost/l2bd/eth2p-dot1q-l2bdbasemaclrn-eth-2vhost-1vm-func.robot
deleted file mode 100644
index 071aa7902c..0000000000
--- a/tests/vpp/func/vm_vhost/l2bd/eth2p-dot1q-l2bdbasemaclrn-eth-2vhost-1vm-func.robot
+++ /dev/null
@@ -1,141 +0,0 @@
-# Copyright (c) 2016 Cisco and/or its affiliates.
-# Licensed under the Apache License, Version 2.0 (the "License");
-# you may not use this file except in compliance with the License.
-# You may obtain a copy of the License at:
-#
-#     http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS,
-# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# See the License for the specific language governing permissions and
-# limitations under the License.
-
-*** Settings ***
-| Resource | resources/libraries/robot/shared/default.robot
-| Resource | resources/libraries/robot/l2/l2_bridge_domain.robot
-| Resource | resources/libraries/robot/shared/testing_path.robot
-| Resource | resources/libraries/robot/l2/tagging.robot
-| Resource | resources/libraries/robot/l2/l2_traffic.robot
-| Library  | resources.libraries.python.Trace
-| Force Tags | 3_NODE_DOUBLE_LINK_TOPO | HW_ENV | VM_ENV | VPP_VM_ENV
-| Test Setup | Set up functional test
-| Test Teardown | Run Keywords  | Tear down functional test
-| ... | AND | Tear down QEMU
-| Documentation | *L2 bridge domain with VLAN tag over VM test cases*
-| ...
-| ... | *[Top] Network Topologies:* TG=DUT 2-node circular topology
-| ... | with double links between nodes.
-| ... | *[Enc] Packet encapsulations:* Eth-dot1q-IPv4-ICMPv4 or
-| ... | Eth-dot1q-IPv6-ICMPv6 on TG=DUT and on DUT=VM.
-| ... | *[Cfg] DUT configuration:* DUT is configured with two bridge domains
-| ... | (L2BD) with MAC learning enabled; each one with added VLAN
-| ... | sub-interface towards TG and vhost-user interface to local VM. Configure
-| ... | linux bridge on VM to pass traffic between both vhost-user interfaces.
-| ... | *[Ver] TG verification:* Make TG send ICMPv4/ICMPv6 Echo Req between two
-| ... | of its interfaces to be switched by DUT via VM; verify packets are
-| ... | switched between these TG interfaces; on receive TG verifies packets for
-| ... | correctness and their IPv4 src-addr, dst-addr, MAC addresses and
-| ... | VLAN tag.
-| ... | *[Ref] Applicable standard specifications:* IEEE 802.1q.
-
-*** Variables ***
-| ${bd_id1}= | 1
-| ${bd_id2}= | 2
-
-| ${vlan_id1}= | 110
-| ${vlan_wrong}= | 150
-
-| ${sock1}= | /tmp/sock1
-| ${sock2}= | /tmp/sock2
-
-| ${ip4_1}= | 192.168.100.1
-| ${ip4_2}= | 192.168.100.2
-
-| ${ip6_1}= | 3ffe:63::1
-| ${ip6_2}= | 3ffe:63::2
-
-*** Test Cases ***
-| TC01: eth2p-dot1q-l2bdbasemaclrn-eth-2vhost-1vm - ipv4
-| | [Documentation]
-| | ... | [Top] TG=DUT.
-| | ... | [Enc] Eth-dot1q-IPv4-ICMPv4 on TG=DUT and on DUT=VM.
-| | ... | [Cfg] On DUT configure two L2BDs (MAC learning enabled); first L2BD
-| | ... | with Dot1Q tagged interface to TG-if1 and vhost-user interface to
-| | ... | local VM, second one with vhost-user interface to local VM and Dot1Q
-| | ... | tagged interface towards TG-if2. Configure linux bridge on VM to pass
-| | ... | traffic between both vhost-user interfaces.
-| | ... | [Ver] Make TG send ICMPv4 Echo Req tagged with one Dot1q tag
-| | ... | from one of its interfaces to another one via DUT and VM; verify
-| | ... | that packet is received.
-| | ... | [Ref] IEEE 802.1q
-| | ...
-| | Given Configure path in 2-node circular topology
-| | ... | ${nodes['TG']} | ${nodes['DUT1']} | ${nodes['TG']}
-| | And Set interfaces in 2-node circular topology up
-| | ${vlan1_name} | ${vlan1_index}= | When Create vlan sub-interface
-| | ... | ${dut_node} | ${dut_to_tg_if1} | ${vlan_id1}
-| | ${vlan2_name} | ${vlan2_index}= | And Create vlan sub-interface
-| | ... | ${dut_node} | ${dut_to_tg_if2} | ${vlan_id1}
-| | And Configure vhost interfaces for L2BD forwarding
-| | ... | ${dut_node} | ${sock1} | ${sock2}
-| | And Configure VM for vhost L2BD forwarding
-| | ... | ${dut_node} | ${sock1} | ${sock2}
-| | And Add interface to bridge domain | ${dut_node} | ${vlan1_index}
-| | ...                                     | ${bd_id1}
-| | And Add interface to bridge domain | ${dut_node} | ${vhost_if1}
-| | ...                                     | ${bd_id1}
-| | And Add interface to bridge domain | ${dut_node} | ${vlan2_index}
-| | ...                                     | ${bd_id2}
-| | And Add interface to bridge domain | ${dut_node} | ${vhost_if2}
-| | ...                                     | ${bd_id2}
-| | Then Send ICMP packet and verify received packet
-| | ... | ${tg_node} | ${tg_to_dut_if1} | ${tg_to_dut_if2} | ${ip4_1} | ${ip4_2}
-| | ... | encaps=Dot1q | vlan1=${vlan_id1} | encaps_rx=Dot1q
-| | And Send ICMP packet and verify received packet
-| | ... | ${tg_node} | ${tg_to_dut_if2} | ${tg_to_dut_if1} | ${ip4_2} | ${ip4_1}
-| | ... | encaps=Dot1q | vlan1=${vlan_id1} | encaps_rx=Dot1q
-
-| TC01: eth2p-dot1q-l2bdbasemaclrn-eth-2vhost-1vm - ipv6
-| | [Documentation]
-| | ... | [Top] TG=DUT.
-| | ... | [Enc] Eth-dot1q-IPv6-ICMPv6 on TG=DUT and on DUT=VM.
-| | ... | [Cfg] On DUT configure two L2BDs (MAC learning enabled); first L2BD
-| | ... | with Dot1Q tagged interface to TG-if1 and vhost-user interface to
-| | ... | local VM, second one with vhost-user interface to local VM and Dot1Q
-| | ... | tagged interface towards TG-if2. Configure linux bridge on VM to pass
-| | ... | traffic between both vhost-user interfaces.
-| | ... | [Ver] Make TG send ICMPv6 Echo Req tagged with one Dot1q tag
-| | ... | from one of its interfaces to another one via DUT and VM; verify
-| | ... | that packet is received.
-| | ... | [Ref] IEEE 802.1q
-| | ...
-| | Given Configure path in 2-node circular topology
-| | ... | ${nodes['TG']} | ${nodes['DUT1']} | ${nodes['TG']}
-| | And Set interfaces in 2-node circular topology up
-| | ${vlan1_name} | ${vlan1_index}= | When Create vlan sub-interface
-| | ... | ${dut_node} | ${dut_to_tg_if1} | ${vlan_id1}
-| | ${vlan2_name} | ${vlan2_index}= | And Create vlan sub-interface
-| | ... | ${dut_node} | ${dut_to_tg_if2} | ${vlan_id1}
-| | And Configure vhost interfaces for L2BD forwarding
-| | ... | ${dut_node} | ${sock1} | ${sock2}
-| | And Configure VM for vhost L2BD forwarding
-| | ... | ${dut_node} | ${sock1} | ${sock2}
-| | And Add interface to bridge domain | ${dut_node} | ${vlan1_index}
-| | ...                                     | ${bd_id1}
-| | And Add interface to bridge domain | ${dut_node} | ${vhost_if1}
-| | ...                                     | ${bd_id1}
-| | And Add interface to bridge domain | ${dut_node} | ${vlan2_index}
-| | ...                                     | ${bd_id2}
-| | And Add interface to bridge domain | ${dut_node} | ${vhost_if2}
-| | ...                                     | ${bd_id2}
-| | Then Send ICMP packet and verify received packet
-| | ... | ${tg_node} | ${tg_to_dut_if1} | ${tg_to_dut_if2} | ${ip6_1} | ${ip6_2}
-| | ... | encaps=Dot1q | vlan1=${vlan_id1} | encaps_rx=Dot1q
-| | And Send ICMP packet and verify received packet
-| | ... | ${tg_node} | ${tg_to_dut_if2} | ${tg_to_dut_if1} | ${ip6_2} | ${ip6_1}
-| | ... | encaps=Dot1q | vlan1=${vlan_id1} | encaps_rx=Dot1q
-
-
-
-
diff --git a/tests/vpp/func/vm_vhost/l2bd/eth2p-eth-l2bdbasemaclrn-eth-2vhost-1vm-func.robot b/tests/vpp/func/vm_vhost/l2bd/eth2p-eth-l2bdbasemaclrn-eth-2vhost-1vm-func.robot
deleted file mode 100644
index b1626ae93b..0000000000
--- a/tests/vpp/func/vm_vhost/l2bd/eth2p-eth-l2bdbasemaclrn-eth-2vhost-1vm-func.robot
+++ /dev/null
@@ -1,104 +0,0 @@
-# Copyright (c) 2016 Cisco and/or its affiliates.
-# Licensed under the Apache License, Version 2.0 (the "License");
-# you may not use this file except in compliance with the License.
-# You may obtain a copy of the License at:
-#
-#     http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS,
-# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# See the License for the specific language governing permissions and
-# limitations under the License.
-
-*** Settings ***
-| Resource | resources/libraries/robot/shared/default.robot
-| Resource | resources/libraries/robot/l2/l2_bridge_domain.robot
-| Resource | resources/libraries/robot/shared/testing_path.robot
-| Library  | resources.libraries.python.Trace
-| Force Tags | 3_NODE_DOUBLE_LINK_TOPO | HW_ENV | VM_ENV | VPP_VM_ENV
-| Test Setup | Set up functional test
-| Test Teardown | Run Keywords  | Tear down functional test
-| ... | AND | Tear down QEMU
-| Documentation | *L2 bridge-domain test cases*
-| ...
-| ... | *[Top] Network Topologies:* TG=DUT=VM 3-node topology with VM
-| ... | and double parallel links.
-| ... | *[Enc] Packet Encapsulations:* Eth-IPv4-ICMPv4 for L2 switching of
-| ... | IPv4; Eth-IPv6-ICMPv6 for L2 switching of IPv6 use. Both apply
-| ... | to all links.
-| ... | *[Cfg] DUT configuration:* DUT1 is configured with two L2 bridge-domains
-| ... | (L2BD) switching combined with MAC learning enabled.
-| ... | *[Ver] TG verification:* Test ICMPv4 (or ICMPv6) Echo Request packets
-| ... | are sent in both directions by TG on links to DUT1 via VM; on
-| ... | receive TG verifies packets for correctness and their IPv4 (IPv6)
-| ... | src-addr, dst-addr and MAC addresses.
-| ... | *[Ref] Applicable standard specifications:*
-
-*** Variables ***
-| ${bd_id1}= | 1
-| ${bd_id2}= | 2
-
-| ${sock1}= | /tmp/sock1
-| ${sock2}= | /tmp/sock2
-
-*** Test Cases ***
-| TC01: DUT with two L2BDs (MAC learn) switches ICMPv4 between TG and VM links
-| | [Documentation]
-| | ... | [Top] TG=DUT=VM. [Enc] Eth-IPv4-ICMPv4. [Cfg] On DUT1 configure \
-| | ... | two L2BDs with MAC learning, each with vhost-user i/f to local
-| | ... | VM and i/f to TG; configure VM to loop pkts back betwen its two
-| | ... | virtio i/fs. [Ver] Make TG verify ICMPv4 Echo Req pkts are
-| | ... | switched thru DUT1 and VM in both directions and are correct on
-| | ... | receive. [Ref]
-| | ...
-| | Given Configure path in 2-node circular topology
-| | ... | ${nodes['TG']} | ${nodes['DUT1']} | ${nodes['TG']}
-| | And Set interfaces in 2-node circular topology up
-| | When Configure vhost interfaces for L2BD forwarding | ${dut_node}
-| | ... | ${sock1}
-| | ... | ${sock2}
-| | And Create bridge domain | ${dut_node} | ${bd_id1}
-| | And Add interface to bridge domain | ${dut_node} | ${dut_to_tg_if1}
-| | ... | ${bd_id1}
-| | And Add interface to bridge domain | ${dut_node} | ${vhost_if1}
-| | ... | ${bd_id1}
-| | And Create bridge domain | ${dut_node} | ${bd_id2}
-| | And Add interface to bridge domain | ${dut_node} | ${dut_to_tg_if2}
-| | ... | ${bd_id2}
-| | And Add interface to bridge domain | ${dut_node} | ${vhost_if2}
-| | ... | ${bd_id2}
-| | And Configure VM for vhost L2BD forwarding | ${dut_node} | ${sock1}
-| | ... | ${sock2}
-| | Then Send ICMPv4 bidirectionally and verify received packets | ${tg_node}
-| | ... | ${tg_to_dut_if1} | ${tg_to_dut_if2}
-
-| TC02: DUT with two L2BDs (MAC learn) switches ICMPv6 between TG and VM links
-| | [Documentation]
-| | ... | [Top] TG=DUT=VM. [Enc] Eth-IPv6-ICMPv6. [Cfg] On DUT1 configure \
-| | ... | two L2BDs with MAC learning, each with vhost-user i/f to local
-| | ... | VM and i/f to TG; configure VM to loop pkts back betwen its two
-| | ... | virtio i/fs. [Ver] Make TG verify ICMPv6 Echo Req pkts are
-| | ... | switched thru DUT1 and VM in both directions and are correct on
-| | ... | receive. [Ref]
-| | ...
-| | Given Configure path in 2-node circular topology
-| | ... | ${nodes['TG']} | ${nodes['DUT1']} | ${nodes['TG']}
-| | And Set interfaces in 2-node circular topology up
-| | When Configure vhost interfaces for L2BD forwarding | ${dut_node}
-| | ... | ${sock1}
-| | ... | ${sock2}
-| | And Create bridge domain | ${dut_node} | ${bd_id1}
-| | And Add interface to bridge domain | ${dut_node} | ${dut_to_tg_if1}
-| | ... | ${bd_id1}
-| | And Add interface to bridge domain | ${dut_node} | ${vhost_if1}
-| | ... | ${bd_id1}
-| | And Create bridge domain | ${dut_node} | ${bd_id2}
-| | And Add interface to bridge domain | ${dut_node} | ${dut_to_tg_if2}
-| | ... | ${bd_id2}
-| | And Add interface to bridge domain | ${dut_node} | ${vhost_if2}
-| | ... | ${bd_id2}
-| | And Configure VM for vhost L2BD forwarding | ${dut_node} | ${sock1}
-| | ... | ${sock2}
-| | Then Send ICMPv6 bidirectionally and verify received packets | ${tg_node}
-| | ... | ${tg_to_dut_if1} | ${tg_to_dut_if2}
diff --git a/tests/vpp/func/vm_vhost/l2bd/eth2p-eth-l2bdbasemacstc-eth-2vhost-1vm-func.robot b/tests/vpp/func/vm_vhost/l2bd/eth2p-eth-l2bdbasemacstc-eth-2vhost-1vm-func.robot
deleted file mode 100644
index 5b6b73aba3..0000000000
--- a/tests/vpp/func/vm_vhost/l2bd/eth2p-eth-l2bdbasemacstc-eth-2vhost-1vm-func.robot
+++ /dev/null
@@ -1,145 +0,0 @@
-# Copyright (c) 2016 Cisco and/or its affiliates.
-# Licensed under the Apache License, Version 2.0 (the "License");
-# you may not use this file except in compliance with the License.
-# You may obtain a copy of the License at:
-#
-#     http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS,
-# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# See the License for the specific language governing permissions and
-# limitations under the License.
-
-*** Settings ***
-| Resource | resources/libraries/robot/shared/default.robot
-| Resource | resources/libraries/robot/l2/l2_bridge_domain.robot
-| Resource | resources/libraries/robot/shared/testing_path.robot
-| Library  | resources.libraries.python.Trace
-| Force Tags | 3_NODE_DOUBLE_LINK_TOPO | HW_ENV | VM_ENV | VPP_VM_ENV
-| Test Setup | Set up functional test
-| Test Teardown | Run Keywords  | Tear down functional test
-| ... | AND | Tear down QEMU
-| Documentation | *L2 bridge-domain test cases*
-| ...
-| ... | *[Top] Network Topologies:* TG=DUT=VM 3-node topology with VM
-| ... | and double parallel links.
-| ... | *[Enc] Packet Encapsulations:* Eth-IPv4-ICMPv4 for L2 switching of
-| ... | IPv4; Eth-IPv6-ICMPv6 for L2 switching of IPv6 use. Both apply
-| ... | to all links.
-| ... | *[Cfg] DUT configuration:* DUT1 is configured with two L2 bridge-domains
-| ... | (L2BD) switching combined with static MACs.
-| ... | *[Ver] TG verification:* Test ICMPv4 (or ICMPv6) Echo Request packets
-| ... | are sent in both directions by TG on links to DUT1 via VM; on
-| ... | receive TG verifies packets for correctness and their IPv4 (IPv6)
-| ... | src-addr, dst-addr and MAC addresses.
-| ... | *[Ref] Applicable standard specifications:*
-
-*** Variables ***
-| ${bd_id1}= | 1
-| ${bd_id2}= | 2
-
-| ${sock1}= | /tmp/sock1
-| ${sock2}= | /tmp/sock2
-
-*** Test Cases ***
-| TC01: DUT with two L2BDs (static MACs) switches ICMPv4 between TG and VM links
-| | [Documentation]
-| | ... | [Top] TG=DUT=VM. [Enc] Eth-IPv4-ICMPv4. [Cfg] On DUT1 configure \
-| | ... | two L2BDs with static MACs, each with vhost-user i/f to local VM
-| | ... | and i/f to TG; configure VM to loop pkts back betwen its two
-| | ... | virtio i/fs. [Ver] Make TG verify ICMPv4 Echo Req pkts are
-| | ... | switched thru DUT1 and VM in both directions and are correct on
-| | ... | receive. [Ref]
-| | ...
-| | Given Configure path in 2-node circular topology
-| | ... | ${nodes['TG']} | ${nodes['DUT1']} | ${nodes['TG']}
-| | And Set interfaces in 2-node circular topology up
-| | When Configure vhost interfaces for L2BD forwarding | ${dut_node}
-| | ... | ${sock1} | ${sock2}
-| | And Create bridge domain | ${dut_node} | ${bd_id1}
-| | ... | learn=${FALSE}
-| | And Add interface to bridge domain | ${dut_node} | ${dut_to_tg_if1}
-| | ... | ${bd_id1}
-| | And Add interface to bridge domain | ${dut_node} | ${vhost_if1} | ${bd_id1}
-| | And Add destination port to L2FIB | ${tg_node}
-| | ... | ${tg_to_dut_if1}
-| | ... | ${dut_node}
-| | ... | ${dut_to_tg_if1}
-| | ... | ${bd_id1}
-| | And Add destination port to L2FIB | ${tg_node}
-| | ... | ${tg_to_dut_if2}
-| | ... | ${dut_node}
-| | ... | ${vhost_if1}
-| | ... | ${bd_id1}
-| | And Create bridge domain | ${dut_node} | ${bd_id2}
-| | ... | learn=${FALSE}
-| | And Add interface to bridge domain | ${dut_node} | ${dut_to_tg_if2}
-| | ... | ${bd_id2}
-| | And Add interface to bridge domain | ${dut_node} | ${vhost_if2}
-| | ... | ${bd_id2}
-| | And Add destination port to L2FIB | ${tg_node}
-| | ... | ${tg_to_dut_if2}
-| | ... | ${dut_node}
-| | ... | ${dut_to_tg_if2}
-| | ... | ${bd_id2}
-| | And Add destination port to L2FIB | ${tg_node}
-| | ... | ${tg_to_dut_if1}
-| | ... | ${dut_node}
-| | ... | ${vhost_if2}
-| | ... | ${bd_id2}
-| | And Configure VM for vhost L2BD forwarding | ${dut_node} | ${sock1}
-| | ... | ${sock2}
-| | Then Send ICMPv4 bidirectionally and verify received packets
-| | ... | ${tg_node} | ${tg_to_dut_if1} | ${tg_to_dut_if2}
-
-| TC02: DUT with two L2BDs (static MACs) switches ICMPv6 between TG and VM links
-| | [Documentation]
-| | ... | [Top] TG=DUT=VM. [Enc] Eth-IPv6-ICMPv6. [Cfg] On DUT1 configure \
-| | ... | two L2BDs with static MACs, each with vhost-user i/f to local VM
-| | ... | and i/f to TG; configure VM to loop pkts back betwen its two
-| | ... | virtio i/fs. [Ver] Make TG verify ICMPv6 Echo Req pkts are
-| | ... | switched thru DUT1 and VM in both directions and are correct on
-| | ... | receive. [Ref]
-| | ...
-| | Given Configure path in 2-node circular topology
-| | ... | ${nodes['TG']} | ${nodes['DUT1']} | ${nodes['TG']}
-| | And Set interfaces in 2-node circular topology up
-| | When Configure vhost interfaces for L2BD forwarding | ${dut_node}
-| | ... | ${sock1}
-| | ... | ${sock2}
-| | And Create bridge domain | ${dut_node} | ${bd_id1}
-| | ... | learn=${FALSE}
-| | And Add interface to bridge domain | ${dut_node} | ${dut_to_tg_if1}
-| | ... | ${bd_id1}
-| | And Add interface to bridge domain | ${dut_node} | ${vhost_if1}
-| | ... | ${bd_id1}
-| | And Add destination port to L2FIB | ${tg_node}
-| | ... | ${tg_to_dut_if1}
-| | ... | ${dut_node}
-| | ... | ${dut_to_tg_if1}
-| | ... | ${bd_id1}
-| | And Add destination port to L2FIB | ${tg_node}
-| | ... | ${tg_to_dut_if2}
-| | ... | ${dut_node}
-| | ... | ${vhost_if1}
-| | ... | ${bd_id1}
-| | And Create bridge domain | ${dut_node} | ${bd_id2}
-| | ... | learn=${FALSE}
-| | And Add interface to bridge domain | ${dut_node} | ${dut_to_tg_if2}
-| | ... | ${bd_id2}
-| | And Add interface to bridge domain | ${dut_node} | ${vhost_if2} | ${bd_id2}
-| | And Add destination port to L2FIB | ${tg_node}
-| | ... | ${tg_to_dut_if2}
-| | ... | ${dut_node}
-| | ... | ${dut_to_tg_if2}
-| | ... | ${bd_id2}
-| | And Add destination port to L2FIB | ${tg_node}
-| | ... | ${tg_to_dut_if1}
-| | ... | ${dut_node}
-| | ... | ${vhost_if2}
-| | ... | ${bd_id2}
-| | And Configure VM for vhost L2BD forwarding | ${dut_node} | ${sock1}
-| | ... | ${sock2}
-| | Then Send ICMPv6 bidirectionally and verify received packets
-| | ... | ${tg_node} | ${tg_to_dut_if1} | ${tg_to_dut_if2}
diff --git a/tests/vpp/func/vm_vhost/l2bd/eth2p-ethip4-l2bdbase-vhost-client-reconnect-2vm-func.robot b/tests/vpp/func/vm_vhost/l2bd/eth2p-ethip4-l2bdbase-vhost-client-reconnect-2vm-func.robot
deleted file mode 100644
index ec2a82b358..0000000000
--- a/tests/vpp/func/vm_vhost/l2bd/eth2p-ethip4-l2bdbase-vhost-client-reconnect-2vm-func.robot
+++ /dev/null
@@ -1,227 +0,0 @@
-# Copyright (c) 2016 Cisco and/or its affiliates.
-# Licensed under the Apache License, Version 2.0 (the "License");
-# you may not use this file except in compliance with the License.
-# You may obtain a copy of the License at:
-#
-#     http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS,
-# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# See the License for the specific language governing permissions and
-# limitations under the License.
-
-*** Settings ***
-| Resource | resources/libraries/robot/shared/default.robot
-| Resource | resources/libraries/robot/l2/l2_bridge_domain.robot
-| Resource | resources/libraries/robot/shared/testing_path.robot
-| Resource | resources/libraries/robot/overlay/vxlan.robot
-| Library  | resources.libraries.python.Trace
-| Force Tags | HW_ENV | VM_ENV | 3_NODE_DOUBLE_LINK_TOPO | VPP_VM_ENV
-| Test Setup | Set up functional test
-| Test Teardown | Run Keywords
-| ... | qemu-1.Qemu Kill | AND
-| ... | qemu-2.Qemu Kill | AND
-| ... | Tear down functional test
-| Documentation | *Vhost-User Interface Traffic Tests*
-| ... | *[Top] Network Topologies:* TG=DUT1 2-node topology with two links
-| ... | between nodes.
-| ... | *[Enc] Packet Encapsulations:* Eth-IPv4-VXLAN-ETH-IP on TG-DUT link.
-| ... | ETH-IP on VirtualEthernet-VM interface.
-| ... | *[Cfg] DUT configuration:* On DUT is running 2 VM with 2 vhost-user
-| ... | interface on each VM. DUT is configured with VXLAN and vhost-user
-| ... | interfaces in bridge-domain (L2BD).
-| ... | *[Cfg] VM configuration:* VM has both vhost-user interfaces added into
-| ... | Linux Bridge.
-| ... | *[Ver] TG verification:*
-| ... | VXLAN packet is send to DUT where is decapsulated and send bridged to
-| ... | vhost-user inteface. VM forwards frame to its second interface and VPP
-| ... | encapsulates it to another VXLAN tunnel. Packets
-| ... | are sent and received by TG on link to DUT.
-
-*** Variables ***
-| ${tg_if1_ip}= | 192.168.0.1
-| ${dut_if1_ip}= | 192.168.0.2
-| ${prefix_length}= | ${24}
-
-| ${sock_vm1_1}= | /tmp/sock1
-| ${sock_vm1_2}= | /tmp/sock2
-| ${sock_vm2_1}= | /tmp/sock3
-| ${sock_vm2_2}= | /tmp/sock4
-
-*** Test Cases ***
-| TC01: Qemu reconnects to VPPs vhost-user when Qemu is killed and restarted
-| | Given Configure path in 2-node circular topology
-| | ... | ${nodes['TG']} | ${nodes['DUT1']} | ${nodes['TG']}
-| | And Set interfaces in 2-node circular topology up
-| | And Set Interface Address | ${dut_node} | ${dut_to_tg_if1} | ${dut_if1_ip}
-| | ... | ${prefix_length}
-| | And Add IP Neighbor | ${dut_node} | ${dut_to_tg_if1} | ${tg_if1_ip}
-| | ... | ${tg_to_dut_if1_mac}
-| | ${vxlan1}= | And Create VXLAN interface | ${dut_node} | ${101}
-| | ... | ${dut_if1_ip} | ${tg_if1_ip}
-| | ${vxlan2}= | And Create VXLAN interface | ${dut_node} | ${102}
-| | ... | ${dut_if1_ip} | ${tg_if1_ip}
-| | ${vxlan3}= | And Create VXLAN interface | ${dut_node} | ${103}
-| | ... | ${dut_if1_ip} | ${tg_if1_ip}
-| | ${vxlan4}= | And Create VXLAN interface | ${dut_node} | ${104}
-| | ... | ${dut_if1_ip} | ${tg_if1_ip}
-| | And Set Interface State | ${dut_node} | ${vxlan1} | up
-| | And Set Interface State | ${dut_node} | ${vxlan2} | up
-| | And Set Interface State | ${dut_node} | ${vxlan3} | up
-| | And Set Interface State | ${dut_node} | ${vxlan4} | up
-| | ${vhost_if1}= | And Vpp Create Vhost User Interface
-| | ... | ${dut_node} | ${sock_vm1_1}
-| | ${vhost_if2}= | And Vpp Create Vhost User Interface
-| | ... | ${dut_node} | ${sock_vm1_2}
-| | ${vhost_if3}= | And Vpp Create Vhost User Interface
-| | ... | ${dut_node} | ${sock_vm2_1}
-| | ${vhost_if4}= | And Vpp Create Vhost User Interface
-| | ... | ${dut_node} | ${sock_vm2_2}
-| | And Set Interface State | ${dut_node} | ${vhost_if1} | up
-| | And Set Interface State | ${dut_node} | ${vhost_if2} | up
-| | And Set Interface State | ${dut_node} | ${vhost_if3} | up
-| | And Set Interface State | ${dut_node} | ${vhost_if4} | up
-| | And Vpp Add L2 Bridge Domain | ${dut_node} | ${101} | ${vxlan1}
-| | ... | ${vhost_if1}
-| | And Vpp Add L2 Bridge Domain | ${dut_node} | ${102} | ${vxlan2}
-| | ... | ${vhost_if2}
-| | And Vpp Add L2 Bridge Domain | ${dut_node} | ${103} | ${vxlan3}
-| | ... | ${vhost_if3}
-| | And Vpp Add L2 Bridge Domain | ${dut_node} | ${104} | ${vxlan4}
-| | ... | ${vhost_if4}
-| | And Configure QEMU vhost and run it VM | ${dut_node} | ${sock_vm1_1}
-| | ... | ${sock_vm1_2} | ${1}
-| | And Configure QEMU vhost and run it VM | ${dut_node} | ${sock_vm2_1}
-| | ... | ${sock_vm2_2} | ${2}
-| | And Check traffic through VM
-| | When Run keyword | qemu-1.Qemu Kill
-| | ${vm1}= | And Run Keyword | qemu-1.Qemu Start
-| | ${vhost_int_1}= | And Get Vhost User If Name By Sock | ${vm1}
-| | ... | ${sock_vm1_1}
-| | ${vhost_int_2}= | And Get Vhost User If Name By Sock | ${vm1}
-| | ... | ${sock_vm1_2}
-| | And Linux Add Bridge | ${vm1} | br0 | ${vhost_int_1} | ${vhost_int_2}
-| | And Set Interface State | ${vm1} | ${vhost_int_1} | up | if_type=name
-| | And Set Interface State | ${vm1} | ${vhost_int_2} | up | if_type=name
-| | Then Check traffic through VM
-
-
-| TC02: VPP reconnects to Qemu vhost-user when Restart VPP and reconfigured
-| | [Tags] | EXPECTED_FAILING
-| | [Documentation]
-| | ... | *Failing:* Qemu doesn't support reconnect prior to version 2.7.
-| | Given Configure path in 2-node circular topology
-| | ... | ${nodes['TG']} | ${nodes['DUT1']} | ${nodes['TG']}
-| | And Set interfaces in 2-node circular topology up
-| | And Set Interface Address | ${dut_node} | ${dut_to_tg_if1} | ${dut_if1_ip}
-| | ... | ${prefix_length}
-| | And Add IP Neighbor | ${dut_node} | ${dut_to_tg_if1} | ${tg_if1_ip}
-| | ... | ${tg_to_dut_if1_mac}
-| | ${vxlan1}= | And Create VXLAN interface | ${dut_node} | ${101}
-| | ... | ${dut_if1_ip} | ${tg_if1_ip}
-| | ${vxlan2}= | And Create VXLAN interface | ${dut_node} | ${102}
-| | ... | ${dut_if1_ip} | ${tg_if1_ip}
-| | ${vxlan3}= | And Create VXLAN interface | ${dut_node} | ${103}
-| | ... | ${dut_if1_ip} | ${tg_if1_ip}
-| | ${vxlan4}= | And Create VXLAN interface | ${dut_node} | ${104}
-| | ... | ${dut_if1_ip} | ${tg_if1_ip}
-| | And Set Interface State | ${dut_node} | ${vxlan1} | up
-| | And Set Interface State | ${dut_node} | ${vxlan2} | up
-| | And Set Interface State | ${dut_node} | ${vxlan3} | up
-| | And Set Interface State | ${dut_node} | ${vxlan4} | up
-| | ${vhost_if1}= | And Vpp Create Vhost User Interface | ${dut_node}
-| | ... | ${sock_vm1_1}
-| | ${vhost_if2}= | And Vpp Create Vhost User Interface | ${dut_node}
-| | ... | ${sock_vm1_2}
-| | ${vhost_if3}= | And Vpp Create Vhost User Interface | ${dut_node}
-| | ... | ${sock_vm2_1}
-| | ${vhost_if4}= | And Vpp Create Vhost User Interface | ${dut_node}
-| | ... | ${sock_vm2_2}
-| | And Set Interface State | ${dut_node} | ${vhost_if1} | up
-| | And Set Interface State | ${dut_node} | ${vhost_if2} | up
-| | And Set Interface State | ${dut_node} | ${vhost_if3} | up
-| | And Set Interface State | ${dut_node} | ${vhost_if4} | up
-| | And Vpp Add L2 Bridge Domain | ${dut_node} | ${101} | ${vxlan1}
-| | ... | ${vhost_if1}
-| | And Vpp Add L2 Bridge Domain | ${dut_node} | ${102} | ${vxlan2}
-| | ... | ${vhost_if2}
-| | And Vpp Add L2 Bridge Domain | ${dut_node} | ${103} | ${vxlan3}
-| | ... | ${vhost_if3}
-| | And Vpp Add L2 Bridge Domain | ${dut_node} | ${104} | ${vxlan4}
-| | ... | ${vhost_if4}
-| | And Configure QEMU vhost and run it VM | ${dut_node} | ${sock_vm1_1}
-| | ... | ${sock_vm1_2} | ${1}
-| | And Configure QEMU vhost and run it VM | ${dut_node} | ${sock_vm2_1}
-| | ... | ${sock_vm2_2} | ${2}
-| | And Check traffic through VM
-| | And Verify VPP PID in Teardown
-| | When Setup All Duts | ${nodes}
-| | And Save VPP PIDs
-| | And Set interfaces in 2-node circular topology up
-| | And Set Interface Address | ${dut_node} | ${dut_to_tg_if1} | ${dut_if1_ip}
-| | ... | ${prefix_length}
-| | And Add IP Neighbor | ${dut_node} | ${dut_to_tg_if1} | ${tg_if1_ip}
-| | ... | ${tg_to_dut_if1_mac}
-| | ${vxlan1}= | And Create VXLAN interface | ${dut_node} | ${101}
-| | ... | ${dut_if1_ip} | ${tg_if1_ip}
-| | ${vxlan2}= | And Create VXLAN interface | ${dut_node} | ${102}
-| | ... | ${dut_if1_ip} | ${tg_if1_ip}
-| | ${vxlan3}= | And Create VXLAN interface | ${dut_node} | ${103}
-| | ... | ${dut_if1_ip} | ${tg_if1_ip}
-| | ${vxlan4}= | And Create VXLAN interface | ${dut_node} | ${104}
-| | ... | ${dut_if1_ip} | ${tg_if1_ip}
-| | And Set Interface State | ${dut_node} | ${vxlan1} | up
-| | And Set Interface State | ${dut_node} | ${vxlan2} | up
-| | And Set Interface State | ${dut_node} | ${vxlan3} | up
-| | And Set Interface State | ${dut_node} | ${vxlan4} | up
-| | ${vhost_if1}= | And Vpp Create Vhost User Interface | ${dut_node}
-| | ... | ${sock_vm1_1}
-| | ${vhost_if2}= | And Vpp Create Vhost User Interface | ${dut_node}
-| | ... | ${sock_vm1_2}
-| | ${vhost_if3}= | And Vpp Create Vhost User Interface | ${dut_node}
-| | ... | ${sock_vm2_1}
-| | ${vhost_if4}= | And Vpp Create Vhost User Interface | ${dut_node}
-| | ... | ${sock_vm2_2}
-| | And Set Interface State | ${dut_node} | ${vhost_if1} | up
-| | And Set Interface State | ${dut_node} | ${vhost_if2} | up
-| | And Set Interface State | ${dut_node} | ${vhost_if3} | up
-| | And Set Interface State | ${dut_node} | ${vhost_if4} | up
-| | And Vpp Add L2 Bridge Domain | ${dut_node} | ${101} | ${vxlan1}
-| | ... | ${vhost_if1}
-| | And Vpp Add L2 Bridge Domain | ${dut_node} | ${102} | ${vxlan2}
-| | ... | ${vhost_if2}
-| | And Vpp Add L2 Bridge Domain | ${dut_node} | ${103} | ${vxlan3}
-| | ... | ${vhost_if3}
-| | And Vpp Add L2 Bridge Domain | ${dut_node} | ${104} | ${vxlan4}
-| | ... | ${vhost_if4}
-| | Then Check traffic through VM
-
-
-*** Keywords ***
-| Configure QEMU vhost and run it VM
-| | [Arguments] | ${dut_node} | ${sock1} | ${sock2} | ${qemu_id}
-| | Import Library | resources.libraries.python.QemuUtils | node=${dut_node} |
-| | ... | qemu_id=${qemu_id} | WITH NAME | qemu-${qemu_id}
-| | Run keyword | qemu-${qemu_id}.Qemu Add Vhost User If | ${sock1}
-| | Run keyword | qemu-${qemu_id}.Qemu Add Vhost User If | ${sock2}
-| | ${vm}= | Run keyword | qemu-${qemu_id}.Qemu Start
-| | ${vhost1}= | Get Vhost User If Name By Sock | ${vm} | ${sock1}
-| | ${vhost2}= | Get Vhost User If Name By Sock | ${vm} | ${sock2}
-| | Linux Add Bridge | ${vm} | br0 | ${vhost1} | ${vhost2}
-| | Set Interface State | ${vm} | ${vhost1} | up | if_type=name
-| | Set Interface State | ${vm} | ${vhost2} | up | if_type=name
-| | Set Test Variable | ${qemu-${qemu_id}} | ${vm}
-
-| Check traffic through VM
-| | [Documentation] | Send VXLAN traffic through both configured VMs.
-| | Send VXLAN encapsulated packet and verify received packet | ${tg_node}
-| | ... | ${tg_to_dut_if1} | ${tg_to_dut_if1}
-| | ... | ${tg_to_dut_if1_mac} | ${dut_to_tg_if1_mac}
-| | ... | ${tg_if1_ip} | ${dut_if1_ip} | ${101}
-| | ... | ${dut_if1_ip} | ${tg_if1_ip} | ${102}
-| | Send VXLAN encapsulated packet and verify received packet | ${tg_node}
-| | ... | ${tg_to_dut_if1} | ${tg_to_dut_if1}
-| | ... | ${tg_to_dut_if1_mac} | ${dut_to_tg_if1_mac}
-| | ... | ${tg_if1_ip} | ${dut_if1_ip} | ${103}
-| | ... | ${dut_if1_ip} | ${tg_if1_ip} | ${104}
diff --git a/tests/vpp/func/vm_vhost/l2bd/eth2p-ethip4vxlan-l2bdbasemaclrn-eth-2vhost-1vm-func.robot b/tests/vpp/func/vm_vhost/l2bd/eth2p-ethip4vxlan-l2bdbasemaclrn-eth-2vhost-1vm-func.robot
deleted file mode 100644
index 73b6e4156a..0000000000
--- a/tests/vpp/func/vm_vhost/l2bd/eth2p-ethip4vxlan-l2bdbasemaclrn-eth-2vhost-1vm-func.robot
+++ /dev/null
@@ -1,112 +0,0 @@
-# Copyright (c) 2016 Cisco and/or its affiliates.
-# Licensed under the Apache License, Version 2.0 (the "License");
-# you may not use this file except in compliance with the License.
-# You may obtain a copy of the License at:
-#
-#     http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS,
-# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# See the License for the specific language governing permissions and
-# limitations under the License.
-
-*** Settings ***
-| Resource | resources/libraries/robot/shared/default.robot
-| Resource | resources/libraries/robot/shared/testing_path.robot
-| Resource | resources/libraries/robot/overlay/vxlan.robot
-| Resource | resources/libraries/robot/l2/l2_traffic.robot
-| Library  | resources.libraries.python.Trace
-| Force Tags | 3_NODE_SINGLE_LINK_TOPO | VM_ENV | HW_ENV | VPP_VM_ENV
-| Test Setup | Set up functional test
-| Test Teardown | Run Keywords | Tear down functional test
-| ... | AND | Run keyword | Tear down QEMU | ${qemu1}
-| ... | AND | Run keyword | Tear down QEMU | ${qemu2}
-| Documentation | *L2BD with VM combined with VXLAN test cases - IPv4*
-| ...
-| ... | *[Top] Network topologies:* TG-DUT1-DUT2-TG 3-node circular topology
-| ... | with single links between nodes.
-| ... | *[Enc] Packet encapsulations:* Eth-IPv4-VXLAN-Eth-IPv4-ICMPv4 on
-| ... | DUT1-DUT2, Eth-IPv4-ICMPv4 on TG-DUTn for L2 switching of IPv4.
-| ... | *[Cfg] DUT configuration:* DUT1 and DUT2 are configured with L2
-| ... | bridge-domain (L2BD) switching combined with MAC learning enabled;
-| ... | VXLAN tunnels are configured between L2BDs on DUT1 and DUT2.
-| ... | *[Ver] TG verification:* Test ICMPv4 Echo Request packets are sent
-| ... | in both directions by TG on links to DUT1 and DUT2; on receive TG
-| ... | verifies packets for correctness and their IPv4 src-addr, dst-addr
-| ... | and MAC addresses.
-| ... | *[Ref] Applicable standard specifications:* RFC7348.
-
-*** Variables ***
-| ${vni_1}= | 23
-
-| ${bd_id1}= | 10
-| ${bd_id2}= | 20
-
-| ${ip4_addr1}= | 172.16.0.1
-| ${ip4_addr2}= | 172.16.0.2
-| ${ip4_prefix}= | 24
-
-| ${sock1}= | /tmp/sock1
-| ${sock2}= | /tmp/sock2
-
-| ${qemu1}= | qemu_instance_1
-| ${qemu2}= | qemu_instance_2
-
-| ${dut1_vhost1}= | dut1_vhost_if1
-| ${dut1_vhost2}= | dut1_vhost_if2
-| ${dut2_vhost1}= | dut2_vhost_if1
-| ${dut2_vhost2}= | dut2_vhost_if2
-
-*** Test Cases ***
-| TC01:DUT1 and DUT2 with two L2BDs and VXLANoIPv4 tunnel switch ICMPv4 between TG links and VM links
-| | [Documentation]
-| | ... | [Top] TG-DUT1-VM-DUT1-DUT2-VM-DUT2-TG.
-| | ... | [Enc] Eth-IPv4-VXLAN-Eth-IPv4-ICMPv4 on DUT1-DUT2; Eth-IPv4-ICMPv4
-| | ... | on TG-DUTn and DUTn=VM.
-| | ... | [Cfg] On both DUTs configure two L2BDs (MAC learning enabled); first
-| | ... | L2BD with untagged interface to TG and vhost-user interface to local
-| | ... | VM, second one with vhost-user interface to local VM and VXLAN
-| | ... | interface towards the other DUT. Configure linux bridge on both VMs
-| | ... | to pass traffic between both vhost-user interfaces.
-| | ... | [Ver] Make TG send ICMPv4 Echo Req between two of its interfaces to
-| | ... | be switched by DUT1 and DUT2; verify packets are switched between
-| | ... | these TG interfaces.
-| | ... | [Ref] RFC7348.
-| | Given Configure path in 3-node circular topology
-| | ... | ${nodes['TG']} | ${nodes['DUT1']} | ${nodes['DUT2']} | ${nodes['TG']}
-| | And Set interfaces in 3-node circular topology up
-| | When Configure vhost interfaces for L2BD forwarding | ${dut1_node}
-| | ...                                                     | ${sock1}
-| | ...                                                     | ${sock2}
-| | ...                                                     | ${dut1_vhost1}
-| | ...                                                     | ${dut1_vhost2}
-| | And Configure vhost interfaces for L2BD forwarding | ${dut2_node}
-| | ...                                                    | ${sock1}
-| | ...                                                    | ${sock2}
-| | ...                                                    | ${dut2_vhost1}
-| | ...                                                    | ${dut2_vhost2}
-| | And Configure VM for vhost L2BD forwarding | ${dut1_node} | ${sock1}
-| | ...                                       | ${sock2} | ${qemu1}
-| | And Configure VM for vhost L2BD forwarding | ${dut2_node} | ${sock1}
-| | ...                                       | ${sock2} | ${qemu2}
-| | And Set Interface Address | ${dut1_node} | ${dut1_to_dut2} | ${ip4_addr1}
-| | ...                       | ${ip4_prefix}
-| | And Set Interface Address | ${dut2_node} | ${dut2_to_dut1} | ${ip4_addr2}
-| | ...                       | ${ip4_prefix}
-| | And VPP IP Probe | ${dut1_node} | ${dut1_to_dut2} | ${ip4_addr2}
-| | And VPP IP Probe | ${dut2_node} | ${dut2_to_dut1} | ${ip4_addr1}
-| | ${dut1s_vxlan}= | And Create VXLAN interface | ${dut1_node} | ${vni_1}
-| |                 | ...                        | ${ip4_addr1} | ${ip4_addr2}
-| | ${dut2s_vxlan}= | And Create VXLAN interface | ${dut2_node} | ${vni_1}
-| |                 | ...                        | ${ip4_addr2} | ${ip4_addr1}
-| | And Add interfaces to L2BD | ${dut1_node} | ${bd_id1}
-| | ...                            | ${dut1_to_tg} | ${${dut1_vhost1}}
-| | And Add interfaces to L2BD | ${dut1_node} | ${bd_id2}
-| | ...                            | ${dut1s_vxlan} | ${${dut1_vhost2}}
-| | And Add interfaces to L2BD | ${dut2_node} | ${bd_id1}
-| | ...                            | ${dut2_to_tg} | ${${dut2_vhost1}}
-| | And Add interfaces to L2BD | ${dut2_node} | ${bd_id2}
-| | ...                            | ${dut2s_vxlan} | ${${dut2_vhost2}}
-| | Then Send ICMPv4 bidirectionally and verify received packets
-| | ... | ${tg_node} | ${tg_to_dut1} | ${tg_to_dut2}
diff --git a/tests/vpp/func/vm_vhost/l2bd/eth2p-ethip6vxlan-l2bdbasemaclrn-eth-2vhost-1vm-func.robot b/tests/vpp/func/vm_vhost/l2bd/eth2p-ethip6vxlan-l2bdbasemaclrn-eth-2vhost-1vm-func.robot
deleted file mode 100644
index f99994a78b..0000000000
--- a/tests/vpp/func/vm_vhost/l2bd/eth2p-ethip6vxlan-l2bdbasemaclrn-eth-2vhost-1vm-func.robot
+++ /dev/null
@@ -1,115 +0,0 @@
-# Copyright (c) 2016 Cisco and/or its affiliates.
-# Licensed under the Apache License, Version 2.0 (the "License");
-# you may not use this file except in compliance with the License.
-# You may obtain a copy of the License at:
-#
-#     http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS,
-# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# See the License for the specific language governing permissions and
-# limitations under the License.
-
-*** Settings ***
-| Resource | resources/libraries/robot/shared/default.robot
-| Resource | resources/libraries/robot/shared/testing_path.robot
-| Resource | resources/libraries/robot/overlay/vxlan.robot
-| Resource | resources/libraries/robot/l2/l2_traffic.robot
-| Library  | resources.libraries.python.Trace
-| Library | resources.libraries.python.IPv6Setup
-| Force Tags | 3_NODE_SINGLE_LINK_TOPO | VM_ENV | HW_ENV
-| Test Setup | Set up functional test
-| Test Teardown | Run Keywords | Tear down functional test
-| ... | AND | Run keyword | Tear down QEMU | ${qemu1}
-| ... | AND | Run keyword | Tear down QEMU | ${qemu2}
-| Documentation | *L2BD with VM combined with VXLAN test cases - IPv6*
-| ...
-| ... | *[Top] Network topologies:* TG-DUT1-DUT2-TG 3-node circular topology
-| ... | with single links between nodes.
-| ... | *[Enc] Packet encapsulations:* Eth-IPv6-VXLAN-Eth-IPv6-ICMPv6 on
-| ... | DUT1-DUT2, Eth-IPv6-ICMPv6 on TG-DUTn for L2 switching of IPv6.
-| ... | *[Cfg] DUT configuration:* DUT1 and DUT2 are configured with L2
-| ... | bridge-domain (L2BD) switching combined with MAC learning enabled;
-| ... | VXLAN tunnels are configured between L2BDs on DUT1 and DUT2.
-| ... | *[Ver] TG verification:* Test ICMPv6 Echo Request packets are sent
-| ... | in both directions by TG on links to DUT1 and DUT2; on receive TG
-| ... | verifies packets for correctness and their IPv6 src-addr, dst-addr
-| ... | and MAC addresses.
-| ... | *[Ref] Applicable standard specifications:* RFC7348.
-
-*** Variables ***
-| ${vni_1}= | 23
-
-| ${bd_id1}= | 10
-| ${bd_id2}= | 20
-
-| ${ip6_addr1}= | 3ffe:64::1
-| ${ip6_addr2}= | 3ffe:64::2
-| ${ip6_prefix}= | 64
-
-| ${sock1}= | /tmp/sock1
-| ${sock2}= | /tmp/sock2
-
-| ${qemu1}= | qemu_instance_1
-| ${qemu2}= | qemu_instance_2
-
-| ${dut1_vhost1}= | dut1_vhost_if1
-| ${dut1_vhost2}= | dut1_vhost_if2
-| ${dut2_vhost1}= | dut2_vhost_if1
-| ${dut2_vhost2}= | dut2_vhost_if2
-
-*** Test Cases ***
-| TC01:DUT1 and DUT2 with two L2BDs and VXLANoIPv6 tunnel switch ICMPv6 between TG links and VM links
-| | [Documentation]
-| | ... | [Top] TG-DUT1-VM-DUT1-DUT2-VM-DUT2-TG.
-| | ... | [Enc] Eth-IPv6-VXLAN-Eth-IPv6-ICMPv6 on DUT1-DUT2; Eth-IPv4-ICMPv4
-| | ... | on TG-DUTn and DUTn=VM.
-| | ... | [Cfg] On both DUTs configure two L2BDs (MAC learning enabled); first
-| | ... | L2BD with untagged interface to TG and vhost-user interface to local
-| | ... | VM, second one with vhost-user interface to local VM and VXLAN
-| | ... | interface towards the other DUT. Configure linux bridge on both VMs
-| | ... | to pass traffic between both vhost-user interfaces.
-| | ... | [Ver] Make TG send ICMPv6 Echo Req between two of its interfaces to
-| | ... | be switched by DUT1 and DUT2; verify packets are switched between
-| | ... | these TG interfaces.
-| | ... | [Ref] RFC7348.
-| | [Tags] | VPP_VM_ENV
-| | Given Configure path in 3-node circular topology
-| | ... | ${nodes['TG']} | ${nodes['DUT1']} | ${nodes['DUT2']} | ${nodes['TG']}
-| | And Set interfaces in 3-node circular topology up
-| | When Configure vhost interfaces for L2BD forwarding | ${dut1_node}
-| | ...                                                     | ${sock1}
-| | ...                                                     | ${sock2}
-| | ...                                                     | ${dut1_vhost1}
-| | ...                                                     | ${dut1_vhost2}
-| | And Configure vhost interfaces for L2BD forwarding | ${dut2_node}
-| | ...                                                    | ${sock1}
-| | ...                                                    | ${sock2}
-| | ...                                                    | ${dut2_vhost1}
-| | ...                                                    | ${dut2_vhost2}
-| | And Configure VM for vhost L2BD forwarding | ${dut1_node} | ${sock1}
-| | ...                                       | ${sock2} | ${qemu1}
-| | And Configure VM for vhost L2BD forwarding | ${dut2_node} | ${sock1}
-| | ...                                       | ${sock2} | ${qemu2}
-| | And Set Interface Address | ${dut1_node} | ${dut1_to_dut2} | ${ip6_addr1}
-| | ...                       | ${ip6_prefix}
-| | And Set Interface Address | ${dut2_node} | ${dut2_to_dut1} | ${ip6_addr2}
-| | ...                       | ${ip6_prefix}
-| | And VPP IP Probe | ${dut1_node} | ${dut1_to_dut2} | ${ip6_addr2}
-| | And VPP IP Probe | ${dut2_node} | ${dut2_to_dut1} | ${ip6_addr1}
-| | And Vpp All RA Suppress Link Layer | ${nodes}
-| | ${dut1s_vxlan}= | And Create VXLAN interface | ${dut1_node} | ${vni_1}
-| |                 | ...                        | ${ip6_addr1} | ${ip6_addr2}
-| | ${dut2s_vxlan}= | And Create VXLAN interface | ${dut2_node} | ${vni_1}
-| |                 | ...                        | ${ip6_addr2} | ${ip6_addr1}
-| | And Add interfaces to L2BD | ${dut1_node} | ${bd_id1}
-| | ...                            | ${dut1_to_tg} | ${${dut1_vhost1}}
-| | And Add interfaces to L2BD | ${dut1_node} | ${bd_id2}
-| | ...                            | ${dut1s_vxlan} | ${${dut1_vhost2}}
-| | And Add interfaces to L2BD | ${dut2_node} | ${bd_id1}
-| | ...                            | ${dut2_to_tg} | ${${dut2_vhost1}}
-| | And Add interfaces to L2BD | ${dut2_node} | ${bd_id2}
-| | ...                            | ${dut2s_vxlan} | ${${dut2_vhost2}}
-| | Then Send ICMPv6 bidirectionally and verify received packets
-| | ... | ${tg_node} | ${tg_to_dut1} | ${tg_to_dut2}
diff --git a/tests/vpp/func/vm_vhost/l2xc/eth2p-eth-l2xcbase-eth-2vhost-1vm-func.robot b/tests/vpp/func/vm_vhost/l2xc/eth2p-eth-l2xcbase-eth-2vhost-1vm-func.robot
deleted file mode 100644
index 2b46b392a4..0000000000
--- a/tests/vpp/func/vm_vhost/l2xc/eth2p-eth-l2xcbase-eth-2vhost-1vm-func.robot
+++ /dev/null
@@ -1,92 +0,0 @@
-# Copyright (c) 2016 Cisco and/or its affiliates.
-# Licensed under the Apache License, Version 2.0 (the "License");
-# you may not use this file except in compliance with the License.
-# You may obtain a copy of the License at:
-#
-#     http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS,
-# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# See the License for the specific language governing permissions and
-# limitations under the License.
-
-*** Settings ***
-| Resource | resources/libraries/robot/shared/default.robot
-| Resource | resources/libraries/robot/l2/l2_xconnect.robot
-| Resource | resources/libraries/robot/l2/l2_traffic.robot
-| Resource | resources/libraries/robot/shared/testing_path.robot
-| Resource | resources/libraries/robot/shared/interfaces.robot
-| Resource | resources/libraries/robot/l2/l2_bridge_domain.robot
-| Library  | resources.libraries.python.Trace
-| Library | resources.libraries.python.NodePath
-| Force Tags | 3_NODE_DOUBLE_LINK_TOPO | HW_ENV | VM_ENV | VPP_VM_ENV
-| Test Setup | Set up functional test
-| Test Teardown | Tear down functional test
-| Documentation | *L2 cross-connect test cases*
-| ...
-| ... | *[Top] Network Topologies:* TG=DUT=VM 3-node topology with VM and
-| ... | double parallel links.
-| ... | *[Enc] Packet Encapsulations:* Eth-IPv4-ICMPv4 for L2 switching of IPv4;
-| ... | Eth-IPv6-ICMPv6 for L2 switching of IPv6 use. Both apply to all links.
-| ... | *[Cfg] DUT configuration:* DUT1 is configured with L2 cross-connect
-| ... | (L2XC) switching.
-| ... | *[Ver] TG verification:* Test ICMPv4 (or ICMPv6) Echo Request packets are
-| ... | sent in both directions by TG on links to DUT1 via VM; on receive TG
-| ... | verifies packets for correctness and their IPv4 (IPv6) src-addr,
-| ... | dst-addr and MAC addresses.
-| ... | *[Ref] Applicable standard specifications:*
-
-*** Variables ***
-| ${sock1}= | /tmp/sock1
-| ${sock2}= | /tmp/sock2
-
-*** Test Cases ***
-| TC01: DUT with two L2XCs switches ICMPv4 between TG and local VM links
-| | [Documentation]
-| | ... | [Top] TG=DUT=VM. [Enc] Eth-IPv4-ICMPv4. [Cfg] On DUT configure \
-| | ... | two L2 cross-connects (L2XC), each with one untagged interface
-| | ... | to TG and untagged i/f to local VM over vhost-user. [Ver] Make
-| | ... | TG send ICMPv4 Echo Reqs in both directions between two of its
-| | ... | i/fs to be switched by DUT to and from VM; verify all packets
-| | ... | are received. [Ref]
-| | ...
-| | [Teardown] | Run Keywords | Tear down QEMU
-| | ... | AND | Tear down functional test
-| | ...
-| | Given Configure path in 2-node circular topology
-| | ... | ${nodes['TG']} | ${nodes['DUT1']} | ${nodes['TG']}
-| | And Set interfaces in 2-node circular topology up
-| | When Configure vhost interfaces for L2BD forwarding | ${dut_node}
-| | ... | ${sock1} | ${sock2}
-| | And Configure L2XC | ${dut_node} | ${dut_to_tg_if1} | ${vhost_if1}
-| | And Configure L2XC | ${dut_node} | ${dut_to_tg_if2} | ${vhost_if2}
-| | And Configure VM for vhost L2BD forwarding | ${dut_node} | ${sock1}
-| | ... | ${sock2}
-| | Then Send ICMPv4 bidirectionally and verify received packets | ${tg_node}
-| | ... | ${tg_to_dut_if1} | ${tg_to_dut_if2}
-
-| TC02: DUT with two L2XCs switches ICMPv6 between TG and local VM links
-| | [Documentation]
-| | ... | [Top] TG=DUT=VM. [Enc] Eth-IPv6-ICMPv6. [Cfg] On DUT configure \
-| | ... | two L2 cross-connects (L2XC), each with one untagged i/f to TG
-| | ... | and untagged i/f to local VM over vhost-user. [Ver] Make TG send
-| | ... | ICMPv6 Echo Reqs in both directions between two of its i/fs to
-| | ... | be switched by DUT to and from VM; verify all packets are
-| | ... | received. [Ref]
-| | ...
-| | [Teardown] | Run Keywords | Tear down QEMU
-| | ... | AND | Tear down functional test
-| | ...
-| | Given Configure path in 2-node circular topology
-| | ... | ${nodes['TG']} | ${nodes['DUT1']} | ${nodes['TG']}
-| | And Set interfaces in 2-node circular topology up
-| | When Configure vhost interfaces for L2BD forwarding | ${dut_node}
-| | ... | ${sock1} | ${sock2}
-| | And Configure L2XC | ${dut_node} | ${dut_to_tg_if1} | ${vhost_if1}
-| | And Configure L2XC | ${dut_node} | ${dut_to_tg_if2} | ${vhost_if2}
-| | And Configure VM for vhost L2BD forwarding | ${dut_node} | ${sock1}
-| | ... | ${sock2}
-| | Then Send ICMPv6 bidirectionally and verify received packets | ${tg_node}
-| | ... | ${tg_to_dut_if1} | ${tg_to_dut_if2}
-