7 from framework import VppTestCase, VppTestRunner
8 from vpp_neighbor import VppNeighbor
9 from util import mk_ll_addr
11 from scapy.layers.l2 import Ether, getmacbyip
12 from scapy.layers.inet import IP, UDP, ICMP
13 from scapy.layers.inet6 import IPv6, in6_getnsmac, in6_mactoifaceid
14 from scapy.layers.dhcp import DHCP, BOOTP, DHCPTypes
15 from scapy.layers.dhcp6 import DHCP6, DHCP6_Solicit, DHCP6_RelayForward, \
16 DHCP6_RelayReply, DHCP6_Advertise, DHCP6OptRelayMsg, DHCP6OptIfaceId, \
17 DHCP6OptStatusCode, DHCP6OptVSS, DHCP6OptClientLinkLayerAddr, DHCP6_Request
18 from socket import AF_INET, AF_INET6
19 from scapy.utils import inet_pton, inet_ntop
20 from scapy.utils6 import in6_ptop
22 DHCP4_CLIENT_PORT = 68
23 DHCP4_SERVER_PORT = 67
24 DHCP6_CLIENT_PORT = 547
25 DHCP6_SERVER_PORT = 546
28 class TestDHCP(VppTestCase):
29 """ DHCP Test Case """
32 super(TestDHCP, self).setUp()
34 # create 3 pg interfaces
35 self.create_pg_interfaces(range(4))
37 # pg0 and 1 are IP configured in VRF 0 and 1.
38 # pg2 and 3 are non IP-configured in VRF 0 and 1
40 for i in self.pg_interfaces[:2]:
42 i.set_table_ip4(table_id)
43 i.set_table_ip6(table_id)
51 for i in self.pg_interfaces[2:]:
53 i.set_table_ip4(table_id)
54 i.set_table_ip6(table_id)
58 super(TestDHCP, self).tearDown()
59 for i in self.pg_interfaces:
64 def send_and_assert_no_replies(self, intf, pkts, remark):
66 self.pg_enable_capture(self.pg_interfaces)
68 for i in self.pg_interfaces:
69 i.assert_nothing_captured(remark=remark)
71 def validate_relay_options(self, pkt, intf, ip_addr, fib_id, oui):
76 for i in dhcp.options:
78 if i[0] == "relay_agent_Information":
80 # There are two sb-options present - each of length 6.
84 self.assertEqual(len(data), 24)
86 self.assertEqual(len(data), 12)
89 # First sub-option is ID 1, len 4, then encoded
90 # sw_if_index. This test uses low valued indicies
92 # The ID space is VPP internal - so no matching value
95 self.assertEqual(ord(data[0]), 1)
96 self.assertEqual(ord(data[1]), 4)
97 self.assertEqual(ord(data[2]), 0)
98 self.assertEqual(ord(data[3]), 0)
99 self.assertEqual(ord(data[4]), 0)
100 self.assertEqual(ord(data[5]), intf._sw_if_index)
103 # next sub-option is the IP address of the client side
105 # sub-option ID=5, length (of a v4 address)=4
107 claddr = socket.inet_pton(AF_INET, ip_addr)
109 self.assertEqual(ord(data[6]), 5)
110 self.assertEqual(ord(data[7]), 4)
111 self.assertEqual(data[8], claddr[0])
112 self.assertEqual(data[9], claddr[1])
113 self.assertEqual(data[10], claddr[2])
114 self.assertEqual(data[11], claddr[3])
117 # sub-option 151 encodes the 3 byte oui
118 # and the 4 byte fib_id
119 self.assertEqual(ord(data[12]), 151)
120 self.assertEqual(ord(data[13]), 8)
121 self.assertEqual(ord(data[14]), 1)
122 self.assertEqual(ord(data[15]), 0)
123 self.assertEqual(ord(data[16]), 0)
124 self.assertEqual(ord(data[17]), oui)
125 self.assertEqual(ord(data[18]), 0)
126 self.assertEqual(ord(data[19]), 0)
127 self.assertEqual(ord(data[20]), 0)
128 self.assertEqual(ord(data[21]), fib_id)
130 # VSS control sub-option
131 self.assertEqual(ord(data[22]), 152)
132 self.assertEqual(ord(data[23]), 0)
135 self.assertTrue(found)
139 def verify_dhcp_offer(self, pkt, intf, fib_id=0, oui=0):
141 self.assertEqual(ether.dst, "ff:ff:ff:ff:ff:ff")
142 self.assertEqual(ether.src, intf.local_mac)
145 self.assertEqual(ip.dst, "255.255.255.255")
146 self.assertEqual(ip.src, intf.local_ip4)
149 self.assertEqual(udp.dport, DHCP4_CLIENT_PORT)
150 self.assertEqual(udp.sport, DHCP4_SERVER_PORT)
154 for o in dhcp.options:
156 if o[0] == "message-type" \
157 and DHCPTypes[o[1]] == "offer":
159 self.assertTrue(is_offer)
161 data = self.validate_relay_options(pkt, intf, intf.local_ip4,
164 def verify_dhcp_discover(self, pkt, intf, src_intf=None, fib_id=0, oui=0,
165 dst_mac=None, dst_ip=None):
167 dst_mac = intf.remote_mac
169 dst_ip = intf.remote_ip4
172 self.assertEqual(ether.dst, dst_mac)
173 self.assertEqual(ether.src, intf.local_mac)
176 self.assertEqual(ip.dst, dst_ip)
177 self.assertEqual(ip.src, intf.local_ip4)
180 self.assertEqual(udp.dport, DHCP4_SERVER_PORT)
181 self.assertEqual(udp.sport, DHCP4_CLIENT_PORT)
186 for o in dhcp.options:
188 if o[0] == "message-type" \
189 and DHCPTypes[o[1]] == "discover":
191 self.assertTrue(is_discover)
193 data = self.validate_relay_options(pkt, src_intf,
198 def verify_dhcp6_solicit(self, pkt, intf,
205 dst_mac = intf.remote_mac
207 dst_ip = in6_ptop(intf.remote_ip6)
210 self.assertEqual(ether.dst, dst_mac)
211 self.assertEqual(ether.src, intf.local_mac)
214 self.assertEqual(in6_ptop(ip.dst), dst_ip)
215 self.assertEqual(in6_ptop(ip.src), in6_ptop(intf.local_ip6))
218 self.assertEqual(udp.dport, DHCP6_CLIENT_PORT)
219 self.assertEqual(udp.sport, DHCP6_SERVER_PORT)
221 relay = pkt[DHCP6_RelayForward]
222 self.assertEqual(in6_ptop(relay.peeraddr), in6_ptop(peer_ip))
223 oid = pkt[DHCP6OptIfaceId]
224 cll = pkt[DHCP6OptClientLinkLayerAddr]
225 self.assertEqual(cll.optlen, 8)
226 self.assertEqual(cll.lltype, 1)
227 self.assertEqual(cll.clladdr, peer_mac)
230 vss = pkt[DHCP6OptVSS]
231 self.assertEqual(vss.optlen, 8)
232 self.assertEqual(vss.type, 1)
233 # the OUI and FIB-id are really 3 and 4 bytes resp.
234 # but the tested range is small
235 self.assertEqual(ord(vss.data[0]), 0)
236 self.assertEqual(ord(vss.data[1]), 0)
237 self.assertEqual(ord(vss.data[2]), oui)
238 self.assertEqual(ord(vss.data[3]), 0)
239 self.assertEqual(ord(vss.data[4]), 0)
240 self.assertEqual(ord(vss.data[5]), 0)
241 self.assertEqual(ord(vss.data[6]), fib_id)
243 # the relay message should be an encoded Solicit
244 msg = pkt[DHCP6OptRelayMsg]
245 sol = DHCP6_Solicit()
246 self.assertEqual(msg.optlen, len(str(sol)))
247 self.assertEqual(str(sol), (str(msg[1]))[:msg.optlen])
249 def verify_dhcp6_advert(self, pkt, intf, peer):
251 self.assertEqual(ether.dst, "ff:ff:ff:ff:ff:ff")
252 self.assertEqual(ether.src, intf.local_mac)
255 self.assertEqual(in6_ptop(ip.dst), in6_ptop(peer))
256 self.assertEqual(in6_ptop(ip.src), in6_ptop(intf.local_ip6))
259 self.assertEqual(udp.dport, DHCP6_SERVER_PORT)
260 self.assertEqual(udp.sport, DHCP6_CLIENT_PORT)
262 # not sure why this is not decoding
263 # adv = pkt[DHCP6_Advertise]
265 def test_dhcp_proxy(self):
269 # Verify no response to DHCP request without DHCP config
271 p_disc_vrf0 = (Ether(dst="ff:ff:ff:ff:ff:ff",
272 src=self.pg2.remote_mac) /
273 IP(src="0.0.0.0", dst="255.255.255.255") /
274 UDP(sport=DHCP4_CLIENT_PORT,
275 dport=DHCP4_SERVER_PORT) /
277 DHCP(options=[('message-type', 'discover'), ('end')]))
278 pkts_disc_vrf0 = [p_disc_vrf0]
279 p_disc_vrf1 = (Ether(dst="ff:ff:ff:ff:ff:ff",
280 src=self.pg3.remote_mac) /
281 IP(src="0.0.0.0", dst="255.255.255.255") /
282 UDP(sport=DHCP4_CLIENT_PORT,
283 dport=DHCP4_SERVER_PORT) /
285 DHCP(options=[('message-type', 'discover'), ('end')]))
286 pkts_disc_vrf1 = [p_disc_vrf0]
288 self.send_and_assert_no_replies(self.pg2, pkts_disc_vrf0,
289 "DHCP with no configuration")
290 self.send_and_assert_no_replies(self.pg3, pkts_disc_vrf1,
291 "DHCP with no configuration")
294 # Enable DHCP proxy in VRF 0
296 server_addr = self.pg0.remote_ip4n
297 src_addr = self.pg0.local_ip4n
299 self.vapi.dhcp_proxy_config(server_addr,
304 # Discover packets from the client are dropped because there is no
305 # IP address configured on the client facing interface
307 self.send_and_assert_no_replies(self.pg2, pkts_disc_vrf0,
308 "Discover DHCP no relay address")
311 # Inject a response from the server
312 # dropped, because there is no IP addrees on the
313 # client interfce to fill in the option.
315 p = (Ether(dst=self.pg0.local_mac, src=self.pg0.remote_mac) /
316 IP(src=self.pg0.remote_ip4, dst=self.pg0.local_ip4) /
317 UDP(sport=DHCP4_SERVER_PORT, dport=DHCP4_SERVER_PORT) /
319 DHCP(options=[('message-type', 'offer'), ('end')]))
322 self.send_and_assert_no_replies(self.pg2, pkts,
323 "Offer DHCP no relay address")
326 # configure an IP address on the client facing interface
328 self.pg2.config_ip4()
331 # Try again with a discover packet
332 # Rx'd packet should be to the server address and from the configured
334 # UDP source ports are unchanged
335 # we've no option 82 config so that should be absent
337 self.pg2.add_stream(pkts_disc_vrf0)
338 self.pg_enable_capture(self.pg_interfaces)
341 rx = self.pg0.get_capture(1)
344 option_82 = self.verify_dhcp_discover(rx, self.pg0, src_intf=self.pg2)
347 # Create an DHCP offer reply from the server with a correctly formatted
348 # option 82. i.e. send back what we just captured
349 # The offer, sent mcast to the client, still has option 82.
351 p = (Ether(dst=self.pg0.local_mac, src=self.pg0.remote_mac) /
352 IP(src=self.pg0.remote_ip4, dst=self.pg0.local_ip4) /
353 UDP(sport=DHCP4_SERVER_PORT, dport=DHCP4_SERVER_PORT) /
355 DHCP(options=[('message-type', 'offer'),
356 ('relay_agent_Information', option_82),
360 self.pg0.add_stream(pkts)
361 self.pg_enable_capture(self.pg_interfaces)
364 rx = self.pg2.get_capture(1)
367 self.verify_dhcp_offer(rx, self.pg2)
372 # 1. not our IP address = not checked by VPP? so offer is replayed
374 bad_ip = option_82[0:8] + chr(33) + option_82[9:]
376 p = (Ether(dst=self.pg0.local_mac, src=self.pg0.remote_mac) /
377 IP(src=self.pg0.remote_ip4, dst=self.pg0.local_ip4) /
378 UDP(sport=DHCP4_SERVER_PORT, dport=DHCP4_SERVER_PORT) /
380 DHCP(options=[('message-type', 'offer'),
381 ('relay_agent_Information', bad_ip),
384 self.send_and_assert_no_replies(self.pg0, pkts,
385 "DHCP offer option 82 bad address")
387 # 2. Not a sw_if_index VPP knows
388 bad_if_index = option_82[0:2] + chr(33) + option_82[3:]
390 p = (Ether(dst=self.pg0.local_mac, src=self.pg0.remote_mac) /
391 IP(src=self.pg0.remote_ip4, dst=self.pg0.local_ip4) /
392 UDP(sport=DHCP4_SERVER_PORT, dport=DHCP4_SERVER_PORT) /
394 DHCP(options=[('message-type', 'offer'),
395 ('relay_agent_Information', bad_if_index),
398 self.send_and_assert_no_replies(self.pg0, pkts,
399 "DHCP offer option 82 bad if index")
402 # Send a DHCP request in VRF 1. should be dropped.
404 self.send_and_assert_no_replies(self.pg3, pkts_disc_vrf1,
405 "DHCP with no configuration VRF 1")
408 # Delete the DHCP config in VRF 0
409 # Should now drop requests.
411 self.vapi.dhcp_proxy_config(server_addr,
416 self.send_and_assert_no_replies(self.pg2, pkts_disc_vrf0,
417 "DHCP config removed VRF 0")
418 self.send_and_assert_no_replies(self.pg3, pkts_disc_vrf1,
419 "DHCP config removed VRF 1")
422 # Add DHCP config for VRF 1
424 server_addr = self.pg1.remote_ip4n
425 src_addr = self.pg1.local_ip4n
426 self.vapi.dhcp_proxy_config(server_addr,
432 # Confim DHCP requests ok in VRF 1.
433 # - dropped on IP config on client interface
435 self.send_and_assert_no_replies(self.pg3, pkts_disc_vrf1,
436 "DHCP config removed VRF 1")
439 # configure an IP address on the client facing interface
441 self.pg3.config_ip4()
443 self.pg3.add_stream(pkts_disc_vrf1)
444 self.pg_enable_capture(self.pg_interfaces)
447 rx = self.pg1.get_capture(1)
449 self.verify_dhcp_discover(rx, self.pg1, src_intf=self.pg3)
453 # table=1, fib=id=1, oui=4
454 self.vapi.dhcp_proxy_set_vss(1, 1, 4)
456 self.pg3.add_stream(pkts_disc_vrf1)
457 self.pg_enable_capture(self.pg_interfaces)
460 rx = self.pg1.get_capture(1)
462 self.verify_dhcp_discover(rx, self.pg1, src_intf=self.pg3,
466 # Add a second DHCP server in VRF 1
467 # expect clients messages to be relay to both configured servers
469 self.pg1.generate_remote_hosts(2)
470 server_addr2 = socket.inet_pton(AF_INET, self.pg1.remote_hosts[1].ip4)
472 self.vapi.dhcp_proxy_config(server_addr2,
479 # We'll need an ARP entry for the server to send it packets
481 arp_entry = VppNeighbor(self,
482 self.pg1.sw_if_index,
483 self.pg1.remote_hosts[1].mac,
484 self.pg1.remote_hosts[1].ip4)
485 arp_entry.add_vpp_config()
488 # Send a discover from the client. expect two relayed messages
489 # The frist packet is sent to the second server
490 # We're not enforcing that here, it's just the way it is.
492 self.pg3.add_stream(pkts_disc_vrf1)
493 self.pg_enable_capture(self.pg_interfaces)
496 rx = self.pg1.get_capture(2)
498 option_82 = self.verify_dhcp_discover(
501 dst_mac=self.pg1.remote_hosts[1].mac,
502 dst_ip=self.pg1.remote_hosts[1].ip4,
504 self.verify_dhcp_discover(rx[1], self.pg1, src_intf=self.pg3,
508 # Send both packets back. Client gets both.
510 p1 = (Ether(dst=self.pg1.local_mac, src=self.pg1.remote_mac) /
511 IP(src=self.pg1.remote_ip4, dst=self.pg1.local_ip4) /
512 UDP(sport=DHCP4_SERVER_PORT, dport=DHCP4_SERVER_PORT) /
514 DHCP(options=[('message-type', 'offer'),
515 ('relay_agent_Information', option_82),
517 p2 = (Ether(dst=self.pg1.local_mac, src=self.pg1.remote_mac) /
518 IP(src=self.pg1.remote_hosts[1].ip4, dst=self.pg1.local_ip4) /
519 UDP(sport=DHCP4_SERVER_PORT, dport=DHCP4_SERVER_PORT) /
521 DHCP(options=[('message-type', 'offer'),
522 ('relay_agent_Information', option_82),
526 self.pg1.add_stream(pkts)
527 self.pg_enable_capture(self.pg_interfaces)
530 rx = self.pg3.get_capture(2)
532 self.verify_dhcp_offer(rx[0], self.pg3, fib_id=1, oui=4)
533 self.verify_dhcp_offer(rx[1], self.pg3, fib_id=1, oui=4)
536 # Ensure offers from non-servers are dropeed
538 p2 = (Ether(dst=self.pg1.local_mac, src=self.pg1.remote_mac) /
539 IP(src="8.8.8.8", dst=self.pg1.local_ip4) /
540 UDP(sport=DHCP4_SERVER_PORT, dport=DHCP4_SERVER_PORT) /
542 DHCP(options=[('message-type', 'offer'),
543 ('relay_agent_Information', option_82),
545 self.send_and_assert_no_replies(self.pg1, p2,
546 "DHCP offer from non-server")
549 # Ensure only the discover is sent to multiple servers
551 p_req_vrf1 = (Ether(dst="ff:ff:ff:ff:ff:ff",
552 src=self.pg3.remote_mac) /
553 IP(src="0.0.0.0", dst="255.255.255.255") /
554 UDP(sport=DHCP4_CLIENT_PORT,
555 dport=DHCP4_SERVER_PORT) /
557 DHCP(options=[('message-type', 'request'),
560 self.pg3.add_stream(p_req_vrf1)
561 self.pg_enable_capture(self.pg_interfaces)
564 rx = self.pg1.get_capture(1)
567 # Remove the second DHCP server
569 self.vapi.dhcp_proxy_config(server_addr2,
576 # Test we can still relay with the first
578 self.pg3.add_stream(pkts_disc_vrf1)
579 self.pg_enable_capture(self.pg_interfaces)
582 rx = self.pg1.get_capture(1)
584 self.verify_dhcp_discover(rx, self.pg1, src_intf=self.pg3,
588 # Remove the VSS config
589 # relayed DHCP has default vlaues in the option.
591 self.vapi.dhcp_proxy_set_vss(1, 1, 4, is_add=0)
593 self.pg3.add_stream(pkts_disc_vrf1)
594 self.pg_enable_capture(self.pg_interfaces)
597 rx = self.pg1.get_capture(1)
599 self.verify_dhcp_discover(rx, self.pg1, src_intf=self.pg3)
602 # remove DHCP config to cleanup
604 self.vapi.dhcp_proxy_config(server_addr,
610 self.send_and_assert_no_replies(self.pg2, pkts_disc_vrf0,
611 "DHCP cleanup VRF 0")
612 self.send_and_assert_no_replies(self.pg3, pkts_disc_vrf1,
613 "DHCP cleanup VRF 1")
615 def test_dhcp6_proxy(self):
618 # Verify no response to DHCP request without DHCP config
620 dhcp_solicit_dst = "ff02::1:2"
621 dhcp_solicit_src_vrf0 = mk_ll_addr(self.pg2.remote_mac)
622 dhcp_solicit_src_vrf1 = mk_ll_addr(self.pg3.remote_mac)
623 server_addr_vrf0 = self.pg0.remote_ip6n
624 src_addr_vrf0 = self.pg0.local_ip6n
625 server_addr_vrf1 = self.pg1.remote_ip6n
626 src_addr_vrf1 = self.pg1.local_ip6n
628 dmac = in6_getnsmac(inet_pton(socket.AF_INET6, dhcp_solicit_dst))
629 p_solicit_vrf0 = (Ether(dst=dmac, src=self.pg2.remote_mac) /
630 IPv6(src=dhcp_solicit_src_vrf0,
631 dst=dhcp_solicit_dst) /
632 UDP(sport=DHCP6_SERVER_PORT,
633 dport=DHCP6_CLIENT_PORT) /
635 p_solicit_vrf1 = (Ether(dst=dmac, src=self.pg3.remote_mac) /
636 IPv6(src=dhcp_solicit_src_vrf1,
637 dst=dhcp_solicit_dst) /
638 UDP(sport=DHCP6_SERVER_PORT,
639 dport=DHCP6_CLIENT_PORT) /
642 self.send_and_assert_no_replies(self.pg2, p_solicit_vrf0,
643 "DHCP with no configuration")
644 self.send_and_assert_no_replies(self.pg3, p_solicit_vrf1,
645 "DHCP with no configuration")
648 # DHCPv6 config in VRF 0.
649 # Packets still dropped because the client facing interface has no
652 self.vapi.dhcp_proxy_config(server_addr_vrf0,
658 self.send_and_assert_no_replies(self.pg2, p_solicit_vrf0,
659 "DHCP with no configuration")
660 self.send_and_assert_no_replies(self.pg3, p_solicit_vrf1,
661 "DHCP with no configuration")
664 # configure an IP address on the client facing interface
666 self.pg2.config_ip6()
669 # Now the DHCP requests are relayed to the server
671 self.pg2.add_stream(p_solicit_vrf0)
672 self.pg_enable_capture(self.pg_interfaces)
675 rx = self.pg0.get_capture(1)
677 self.verify_dhcp6_solicit(rx[0], self.pg0,
678 dhcp_solicit_src_vrf0,
682 # Exception cases for rejected relay responses
685 # 1 - not a relay reply
686 p_adv_vrf0 = (Ether(dst=self.pg0.local_mac, src=self.pg0.remote_mac) /
687 IPv6(dst=self.pg0.local_ip6, src=self.pg0.remote_ip6) /
688 UDP(sport=DHCP6_SERVER_PORT, dport=DHCP6_SERVER_PORT) /
690 self.send_and_assert_no_replies(self.pg2, p_adv_vrf0,
691 "DHCP6 not a relay reply")
693 # 2 - no relay message option
694 p_adv_vrf0 = (Ether(dst=self.pg0.local_mac, src=self.pg0.remote_mac) /
695 IPv6(dst=self.pg0.local_ip6, src=self.pg0.remote_ip6) /
696 UDP(sport=DHCP6_SERVER_PORT, dport=DHCP6_SERVER_PORT) /
699 self.send_and_assert_no_replies(self.pg2, p_adv_vrf0,
700 "DHCP not a relay message")
703 p_adv_vrf0 = (Ether(dst=self.pg0.local_mac, src=self.pg0.remote_mac) /
704 IPv6(dst=self.pg0.local_ip6, src=self.pg0.remote_ip6) /
705 UDP(sport=DHCP6_SERVER_PORT, dport=DHCP6_SERVER_PORT) /
707 DHCP6OptRelayMsg(optlen=0) /
709 self.send_and_assert_no_replies(self.pg2, p_adv_vrf0,
710 "DHCP6 no circuit ID")
711 # 4 - wrong circuit ID
712 p_adv_vrf0 = (Ether(dst=self.pg0.local_mac, src=self.pg0.remote_mac) /
713 IPv6(dst=self.pg0.local_ip6, src=self.pg0.remote_ip6) /
714 UDP(sport=DHCP6_SERVER_PORT, dport=DHCP6_SERVER_PORT) /
716 DHCP6OptIfaceId(optlen=4, ifaceid='\x00\x00\x00\x05') /
717 DHCP6OptRelayMsg(optlen=0) /
719 self.send_and_assert_no_replies(self.pg2, p_adv_vrf0,
720 "DHCP6 wrong circuit ID")
723 # Send the relay response (the advertisement)
725 p_adv_vrf0 = (Ether(dst=self.pg0.local_mac, src=self.pg0.remote_mac) /
726 IPv6(dst=self.pg0.local_ip6, src=self.pg0.remote_ip6) /
727 UDP(sport=DHCP6_SERVER_PORT, dport=DHCP6_SERVER_PORT) /
729 DHCP6OptIfaceId(optlen=4, ifaceid='\x00\x00\x00\x03') /
730 DHCP6OptRelayMsg(optlen=0) /
731 DHCP6_Advertise(trid=1) /
732 DHCP6OptStatusCode(statuscode=0))
733 pkts_adv_vrf0 = [p_adv_vrf0]
735 self.pg0.add_stream(pkts_adv_vrf0)
736 self.pg_enable_capture(self.pg_interfaces)
739 rx = self.pg2.get_capture(1)
741 self.verify_dhcp6_advert(rx[0], self.pg2, "::")
744 # Send the relay response (the advertisement)
745 # - with peer address
746 p_adv_vrf0 = (Ether(dst=self.pg0.local_mac, src=self.pg0.remote_mac) /
747 IPv6(dst=self.pg0.local_ip6, src=self.pg0.remote_ip6) /
748 UDP(sport=DHCP6_SERVER_PORT, dport=DHCP6_SERVER_PORT) /
749 DHCP6_RelayReply(peeraddr=dhcp_solicit_src_vrf0) /
750 DHCP6OptIfaceId(optlen=4, ifaceid='\x00\x00\x00\x03') /
751 DHCP6OptRelayMsg(optlen=0) /
752 DHCP6_Advertise(trid=1) /
753 DHCP6OptStatusCode(statuscode=0))
754 pkts_adv_vrf0 = [p_adv_vrf0]
756 self.pg0.add_stream(pkts_adv_vrf0)
757 self.pg_enable_capture(self.pg_interfaces)
760 rx = self.pg2.get_capture(1)
762 self.verify_dhcp6_advert(rx[0], self.pg2, dhcp_solicit_src_vrf0)
765 # Add all the config for VRF 1
767 self.vapi.dhcp_proxy_config(server_addr_vrf1,
772 self.pg3.config_ip6()
777 self.pg3.add_stream(p_solicit_vrf1)
778 self.pg_enable_capture(self.pg_interfaces)
781 rx = self.pg1.get_capture(1)
783 self.verify_dhcp6_solicit(rx[0], self.pg1,
784 dhcp_solicit_src_vrf1,
790 p_adv_vrf1 = (Ether(dst=self.pg1.local_mac, src=self.pg1.remote_mac) /
791 IPv6(dst=self.pg1.local_ip6, src=self.pg1.remote_ip6) /
792 UDP(sport=DHCP6_SERVER_PORT, dport=DHCP6_SERVER_PORT) /
793 DHCP6_RelayReply(peeraddr=dhcp_solicit_src_vrf1) /
794 DHCP6OptIfaceId(optlen=4, ifaceid='\x00\x00\x00\x04') /
795 DHCP6OptRelayMsg(optlen=0) /
796 DHCP6_Advertise(trid=1) /
797 DHCP6OptStatusCode(statuscode=0))
798 pkts_adv_vrf1 = [p_adv_vrf1]
800 self.pg1.add_stream(pkts_adv_vrf1)
801 self.pg_enable_capture(self.pg_interfaces)
804 rx = self.pg3.get_capture(1)
806 self.verify_dhcp6_advert(rx[0], self.pg3, dhcp_solicit_src_vrf1)
810 # table=1, fib=id=1, oui=4
811 self.vapi.dhcp_proxy_set_vss(1, 1, 4, is_ip6=1)
813 self.pg3.add_stream(p_solicit_vrf1)
814 self.pg_enable_capture(self.pg_interfaces)
817 rx = self.pg1.get_capture(1)
819 self.verify_dhcp6_solicit(rx[0], self.pg1,
820 dhcp_solicit_src_vrf1,
826 # Remove the VSS config
827 # relayed DHCP has default vlaues in the option.
829 self.vapi.dhcp_proxy_set_vss(1, 1, 4, is_ip6=1, is_add=0)
831 self.pg3.add_stream(p_solicit_vrf1)
832 self.pg_enable_capture(self.pg_interfaces)
835 rx = self.pg1.get_capture(1)
837 self.verify_dhcp6_solicit(rx[0], self.pg1,
838 dhcp_solicit_src_vrf1,
842 # Add a second DHCP server in VRF 1
843 # expect clients messages to be relay to both configured servers
845 self.pg1.generate_remote_hosts(2)
846 server_addr2 = socket.inet_pton(AF_INET6, self.pg1.remote_hosts[1].ip6)
848 self.vapi.dhcp_proxy_config(server_addr2,
855 # We'll need an ND entry for the server to send it packets
857 nd_entry = VppNeighbor(self,
858 self.pg1.sw_if_index,
859 self.pg1.remote_hosts[1].mac,
860 self.pg1.remote_hosts[1].ip6,
862 nd_entry.add_vpp_config()
865 # Send a discover from the client. expect two relayed messages
866 # The frist packet is sent to the second server
867 # We're not enforcing that here, it's just the way it is.
869 self.pg3.add_stream(p_solicit_vrf1)
870 self.pg_enable_capture(self.pg_interfaces)
873 rx = self.pg1.get_capture(2)
875 self.verify_dhcp6_solicit(rx[0], self.pg1,
876 dhcp_solicit_src_vrf1,
878 self.verify_dhcp6_solicit(rx[1], self.pg1,
879 dhcp_solicit_src_vrf1,
881 dst_mac=self.pg1.remote_hosts[1].mac,
882 dst_ip=self.pg1.remote_hosts[1].ip6)
885 # Send both packets back. Client gets both.
887 p1 = (Ether(dst=self.pg1.local_mac, src=self.pg1.remote_mac) /
888 IPv6(dst=self.pg1.local_ip6, src=self.pg1.remote_ip6) /
889 UDP(sport=DHCP6_SERVER_PORT, dport=DHCP6_SERVER_PORT) /
890 DHCP6_RelayReply(peeraddr=dhcp_solicit_src_vrf1) /
891 DHCP6OptIfaceId(optlen=4, ifaceid='\x00\x00\x00\x04') /
892 DHCP6OptRelayMsg(optlen=0) /
893 DHCP6_Advertise(trid=1) /
894 DHCP6OptStatusCode(statuscode=0))
895 p2 = (Ether(dst=self.pg1.local_mac, src=self.pg1.remote_hosts[1].mac) /
896 IPv6(dst=self.pg1.local_ip6, src=self.pg1._remote_hosts[1].ip6) /
897 UDP(sport=DHCP6_SERVER_PORT, dport=DHCP6_SERVER_PORT) /
898 DHCP6_RelayReply(peeraddr=dhcp_solicit_src_vrf1) /
899 DHCP6OptIfaceId(optlen=4, ifaceid='\x00\x00\x00\x04') /
900 DHCP6OptRelayMsg(optlen=0) /
901 DHCP6_Advertise(trid=1) /
902 DHCP6OptStatusCode(statuscode=0))
906 self.pg1.add_stream(pkts)
907 self.pg_enable_capture(self.pg_interfaces)
910 rx = self.pg3.get_capture(2)
912 self.verify_dhcp6_advert(rx[0], self.pg3, dhcp_solicit_src_vrf1)
913 self.verify_dhcp6_advert(rx[1], self.pg3, dhcp_solicit_src_vrf1)
916 # Ensure only solicit messages are duplicated
918 p_request_vrf1 = (Ether(dst=dmac, src=self.pg3.remote_mac) /
919 IPv6(src=dhcp_solicit_src_vrf1,
920 dst=dhcp_solicit_dst) /
921 UDP(sport=DHCP6_SERVER_PORT,
922 dport=DHCP6_CLIENT_PORT) /
925 self.pg3.add_stream(p_request_vrf1)
926 self.pg_enable_capture(self.pg_interfaces)
929 rx = self.pg1.get_capture(1)
932 # Test we drop DHCP packets from addresses that are not configured as
935 p2 = (Ether(dst=self.pg1.local_mac, src=self.pg1.remote_hosts[1].mac) /
936 IPv6(dst=self.pg1.local_ip6, src="3001::1") /
937 UDP(sport=DHCP6_SERVER_PORT, dport=DHCP6_SERVER_PORT) /
938 DHCP6_RelayReply(peeraddr=dhcp_solicit_src_vrf1) /
939 DHCP6OptIfaceId(optlen=4, ifaceid='\x00\x00\x00\x04') /
940 DHCP6OptRelayMsg(optlen=0) /
941 DHCP6_Advertise(trid=1) /
942 DHCP6OptStatusCode(statuscode=0))
943 self.send_and_assert_no_replies(self.pg1, p2,
944 "DHCP6 not from server")
947 # Remove the second DHCP server
949 self.vapi.dhcp_proxy_config(server_addr2,
957 # Test we can still relay with the first
959 self.pg3.add_stream(p_solicit_vrf1)
960 self.pg_enable_capture(self.pg_interfaces)
963 rx = self.pg1.get_capture(1)
965 self.verify_dhcp6_solicit(rx[0], self.pg1,
966 dhcp_solicit_src_vrf1,
972 self.vapi.dhcp_proxy_config(server_addr_vrf1,
978 self.vapi.dhcp_proxy_config(server_addr_vrf0,
986 self.vapi.dhcp_proxy_config(server_addr_vrf0,
993 if __name__ == '__main__':
994 unittest.main(testRunner=VppTestRunner)
Code Review / vpp.git / blob