7 from framework import VppTestCase, VppTestRunner
8 from vpp_neighbor import VppNeighbor
10 from scapy.layers.l2 import Ether, getmacbyip
11 from scapy.layers.inet import IP, UDP, ICMP
12 from scapy.layers.inet6 import IPv6, in6_getnsmac, in6_mactoifaceid
13 from scapy.layers.dhcp import DHCP, BOOTP, DHCPTypes
14 from scapy.layers.dhcp6 import DHCP6, DHCP6_Solicit, DHCP6_RelayForward, \
15 DHCP6_RelayReply, DHCP6_Advertise, DHCP6OptRelayMsg, DHCP6OptIfaceId, \
16 DHCP6OptStatusCode, DHCP6OptVSS, DHCP6OptClientLinkLayerAddr, DHCP6_Request
17 from socket import AF_INET, AF_INET6
18 from scapy.utils import inet_pton, inet_ntop
19 from scapy.utils6 import in6_ptop
21 DHCP4_CLIENT_PORT = 68
22 DHCP4_SERVER_PORT = 67
23 DHCP6_CLIENT_PORT = 547
24 DHCP6_SERVER_PORT = 546
29 euid = in6_mactoifaceid(mac)
30 addr = "fe80::" + euid
34 class TestDHCP(VppTestCase):
35 """ DHCP Test Case """
38 super(TestDHCP, self).setUp()
40 # create 3 pg interfaces
41 self.create_pg_interfaces(range(4))
43 # pg0 and 1 are IP configured in VRF 0 and 1.
44 # pg2 and 3 are non IP-configured in VRF 0 and 1
46 for i in self.pg_interfaces[:2]:
48 i.set_table_ip4(table_id)
49 i.set_table_ip6(table_id)
57 for i in self.pg_interfaces[2:]:
59 i.set_table_ip4(table_id)
60 i.set_table_ip6(table_id)
64 super(TestDHCP, self).tearDown()
65 for i in self.pg_interfaces:
70 def send_and_assert_no_replies(self, intf, pkts, remark):
72 self.pg_enable_capture(self.pg_interfaces)
74 for i in self.pg_interfaces:
75 i.assert_nothing_captured(remark=remark)
77 def validate_relay_options(self, pkt, intf, ip_addr, fib_id, oui):
82 for i in dhcp.options:
84 if i[0] == "relay_agent_Information":
86 # There are two sb-options present - each of length 6.
90 self.assertEqual(len(data), 24)
92 self.assertEqual(len(data), 12)
95 # First sub-option is ID 1, len 4, then encoded
96 # sw_if_index. This test uses low valued indicies
98 # The ID space is VPP internal - so no matching value
101 self.assertEqual(ord(data[0]), 1)
102 self.assertEqual(ord(data[1]), 4)
103 self.assertEqual(ord(data[2]), 0)
104 self.assertEqual(ord(data[3]), 0)
105 self.assertEqual(ord(data[4]), 0)
106 self.assertEqual(ord(data[5]), intf._sw_if_index)
109 # next sub-option is the IP address of the client side
111 # sub-option ID=5, length (of a v4 address)=4
113 claddr = socket.inet_pton(AF_INET, ip_addr)
115 self.assertEqual(ord(data[6]), 5)
116 self.assertEqual(ord(data[7]), 4)
117 self.assertEqual(data[8], claddr[0])
118 self.assertEqual(data[9], claddr[1])
119 self.assertEqual(data[10], claddr[2])
120 self.assertEqual(data[11], claddr[3])
123 # sub-option 151 encodes the 3 byte oui
124 # and the 4 byte fib_id
125 self.assertEqual(ord(data[12]), 151)
126 self.assertEqual(ord(data[13]), 8)
127 self.assertEqual(ord(data[14]), 1)
128 self.assertEqual(ord(data[15]), 0)
129 self.assertEqual(ord(data[16]), 0)
130 self.assertEqual(ord(data[17]), oui)
131 self.assertEqual(ord(data[18]), 0)
132 self.assertEqual(ord(data[19]), 0)
133 self.assertEqual(ord(data[20]), 0)
134 self.assertEqual(ord(data[21]), fib_id)
136 # VSS control sub-option
137 self.assertEqual(ord(data[22]), 152)
138 self.assertEqual(ord(data[23]), 0)
141 self.assertTrue(found)
145 def verify_dhcp_offer(self, pkt, intf, fib_id=0, oui=0):
147 self.assertEqual(ether.dst, "ff:ff:ff:ff:ff:ff")
148 self.assertEqual(ether.src, intf.local_mac)
151 self.assertEqual(ip.dst, "255.255.255.255")
152 self.assertEqual(ip.src, intf.local_ip4)
155 self.assertEqual(udp.dport, DHCP4_CLIENT_PORT)
156 self.assertEqual(udp.sport, DHCP4_SERVER_PORT)
160 for o in dhcp.options:
162 if o[0] == "message-type" \
163 and DHCPTypes[o[1]] == "offer":
165 self.assertTrue(is_offer)
167 data = self.validate_relay_options(pkt, intf, intf.local_ip4,
170 def verify_dhcp_discover(self, pkt, intf, src_intf=None, fib_id=0, oui=0,
171 dst_mac=None, dst_ip=None):
173 dst_mac = intf.remote_mac
175 dst_ip = intf.remote_ip4
178 self.assertEqual(ether.dst, dst_mac)
179 self.assertEqual(ether.src, intf.local_mac)
182 self.assertEqual(ip.dst, dst_ip)
183 self.assertEqual(ip.src, intf.local_ip4)
186 self.assertEqual(udp.dport, DHCP4_SERVER_PORT)
187 self.assertEqual(udp.sport, DHCP4_CLIENT_PORT)
192 for o in dhcp.options:
194 if o[0] == "message-type" \
195 and DHCPTypes[o[1]] == "discover":
197 self.assertTrue(is_discover)
199 data = self.validate_relay_options(pkt, src_intf,
204 def verify_dhcp6_solicit(self, pkt, intf,
211 dst_mac = intf.remote_mac
213 dst_ip = in6_ptop(intf.remote_ip6)
216 self.assertEqual(ether.dst, dst_mac)
217 self.assertEqual(ether.src, intf.local_mac)
220 self.assertEqual(in6_ptop(ip.dst), dst_ip)
221 self.assertEqual(in6_ptop(ip.src), in6_ptop(intf.local_ip6))
224 self.assertEqual(udp.dport, DHCP6_CLIENT_PORT)
225 self.assertEqual(udp.sport, DHCP6_SERVER_PORT)
227 relay = pkt[DHCP6_RelayForward]
228 self.assertEqual(in6_ptop(relay.peeraddr), in6_ptop(peer_ip))
229 oid = pkt[DHCP6OptIfaceId]
230 cll = pkt[DHCP6OptClientLinkLayerAddr]
231 self.assertEqual(cll.optlen, 8)
232 self.assertEqual(cll.lltype, 1)
233 self.assertEqual(cll.clladdr, peer_mac)
236 vss = pkt[DHCP6OptVSS]
237 self.assertEqual(vss.optlen, 8)
238 self.assertEqual(vss.type, 1)
239 # the OUI and FIB-id are really 3 and 4 bytes resp.
240 # but the tested range is small
241 self.assertEqual(ord(vss.data[0]), 0)
242 self.assertEqual(ord(vss.data[1]), 0)
243 self.assertEqual(ord(vss.data[2]), oui)
244 self.assertEqual(ord(vss.data[3]), 0)
245 self.assertEqual(ord(vss.data[4]), 0)
246 self.assertEqual(ord(vss.data[5]), 0)
247 self.assertEqual(ord(vss.data[6]), fib_id)
249 # the relay message should be an encoded Solicit
250 msg = pkt[DHCP6OptRelayMsg]
251 sol = DHCP6_Solicit()
252 self.assertEqual(msg.optlen, len(str(sol)))
253 self.assertEqual(str(sol), (str(msg[1]))[:msg.optlen])
255 def verify_dhcp6_advert(self, pkt, intf, peer):
257 self.assertEqual(ether.dst, "ff:ff:ff:ff:ff:ff")
258 self.assertEqual(ether.src, intf.local_mac)
261 self.assertEqual(in6_ptop(ip.dst), in6_ptop(peer))
262 self.assertEqual(in6_ptop(ip.src), in6_ptop(intf.local_ip6))
265 self.assertEqual(udp.dport, DHCP6_SERVER_PORT)
266 self.assertEqual(udp.sport, DHCP6_CLIENT_PORT)
268 # not sure why this is not decoding
269 # adv = pkt[DHCP6_Advertise]
271 def test_dhcp_proxy(self):
275 # Verify no response to DHCP request without DHCP config
277 p_disc_vrf0 = (Ether(dst="ff:ff:ff:ff:ff:ff",
278 src=self.pg2.remote_mac) /
279 IP(src="0.0.0.0", dst="255.255.255.255") /
280 UDP(sport=DHCP4_CLIENT_PORT,
281 dport=DHCP4_SERVER_PORT) /
283 DHCP(options=[('message-type', 'discover'), ('end')]))
284 pkts_disc_vrf0 = [p_disc_vrf0]
285 p_disc_vrf1 = (Ether(dst="ff:ff:ff:ff:ff:ff",
286 src=self.pg3.remote_mac) /
287 IP(src="0.0.0.0", dst="255.255.255.255") /
288 UDP(sport=DHCP4_CLIENT_PORT,
289 dport=DHCP4_SERVER_PORT) /
291 DHCP(options=[('message-type', 'discover'), ('end')]))
292 pkts_disc_vrf1 = [p_disc_vrf0]
294 self.send_and_assert_no_replies(self.pg2, pkts_disc_vrf0,
295 "DHCP with no configuration")
296 self.send_and_assert_no_replies(self.pg3, pkts_disc_vrf1,
297 "DHCP with no configuration")
300 # Enable DHCP proxy in VRF 0
302 server_addr = self.pg0.remote_ip4n
303 src_addr = self.pg0.local_ip4n
305 self.vapi.dhcp_proxy_config(server_addr,
310 # Discover packets from the client are dropped because there is no
311 # IP address configured on the client facing interface
313 self.send_and_assert_no_replies(self.pg2, pkts_disc_vrf0,
314 "Discover DHCP no relay address")
317 # Inject a response from the server
318 # dropped, because there is no IP addrees on the
319 # client interfce to fill in the option.
321 p = (Ether(dst=self.pg0.local_mac, src=self.pg0.remote_mac) /
322 IP(src=self.pg0.remote_ip4, dst=self.pg0.local_ip4) /
323 UDP(sport=DHCP4_SERVER_PORT, dport=DHCP4_SERVER_PORT) /
325 DHCP(options=[('message-type', 'offer'), ('end')]))
328 self.send_and_assert_no_replies(self.pg2, pkts,
329 "Offer DHCP no relay address")
332 # configure an IP address on the client facing interface
334 self.pg2.config_ip4()
337 # Try again with a discover packet
338 # Rx'd packet should be to the server address and from the configured
340 # UDP source ports are unchanged
341 # we've no option 82 config so that should be absent
343 self.pg2.add_stream(pkts_disc_vrf0)
344 self.pg_enable_capture(self.pg_interfaces)
347 rx = self.pg0.get_capture(1)
350 option_82 = self.verify_dhcp_discover(rx, self.pg0, src_intf=self.pg2)
353 # Create an DHCP offer reply from the server with a correctly formatted
354 # option 82. i.e. send back what we just captured
355 # The offer, sent mcast to the client, still has option 82.
357 p = (Ether(dst=self.pg0.local_mac, src=self.pg0.remote_mac) /
358 IP(src=self.pg0.remote_ip4, dst=self.pg0.local_ip4) /
359 UDP(sport=DHCP4_SERVER_PORT, dport=DHCP4_SERVER_PORT) /
361 DHCP(options=[('message-type', 'offer'),
362 ('relay_agent_Information', option_82),
366 self.pg0.add_stream(pkts)
367 self.pg_enable_capture(self.pg_interfaces)
370 rx = self.pg2.get_capture(1)
373 self.verify_dhcp_offer(rx, self.pg2)
378 # 1. not our IP address = not checked by VPP? so offer is replayed
380 bad_ip = option_82[0:8] + chr(33) + option_82[9:]
382 p = (Ether(dst=self.pg0.local_mac, src=self.pg0.remote_mac) /
383 IP(src=self.pg0.remote_ip4, dst=self.pg0.local_ip4) /
384 UDP(sport=DHCP4_SERVER_PORT, dport=DHCP4_SERVER_PORT) /
386 DHCP(options=[('message-type', 'offer'),
387 ('relay_agent_Information', bad_ip),
390 self.send_and_assert_no_replies(self.pg0, pkts,
391 "DHCP offer option 82 bad address")
393 # 2. Not a sw_if_index VPP knows
394 bad_if_index = option_82[0:2] + chr(33) + option_82[3:]
396 p = (Ether(dst=self.pg0.local_mac, src=self.pg0.remote_mac) /
397 IP(src=self.pg0.remote_ip4, dst=self.pg0.local_ip4) /
398 UDP(sport=DHCP4_SERVER_PORT, dport=DHCP4_SERVER_PORT) /
400 DHCP(options=[('message-type', 'offer'),
401 ('relay_agent_Information', bad_if_index),
404 self.send_and_assert_no_replies(self.pg0, pkts,
405 "DHCP offer option 82 bad if index")
408 # Send a DHCP request in VRF 1. should be dropped.
410 self.send_and_assert_no_replies(self.pg3, pkts_disc_vrf1,
411 "DHCP with no configuration VRF 1")
414 # Delete the DHCP config in VRF 0
415 # Should now drop requests.
417 self.vapi.dhcp_proxy_config(server_addr,
422 self.send_and_assert_no_replies(self.pg2, pkts_disc_vrf0,
423 "DHCP config removed VRF 0")
424 self.send_and_assert_no_replies(self.pg3, pkts_disc_vrf1,
425 "DHCP config removed VRF 1")
428 # Add DHCP config for VRF 1
430 server_addr = self.pg1.remote_ip4n
431 src_addr = self.pg1.local_ip4n
432 self.vapi.dhcp_proxy_config(server_addr,
438 # Confim DHCP requests ok in VRF 1.
439 # - dropped on IP config on client interface
441 self.send_and_assert_no_replies(self.pg3, pkts_disc_vrf1,
442 "DHCP config removed VRF 1")
445 # configure an IP address on the client facing interface
447 self.pg3.config_ip4()
449 self.pg3.add_stream(pkts_disc_vrf1)
450 self.pg_enable_capture(self.pg_interfaces)
453 rx = self.pg1.get_capture(1)
455 self.verify_dhcp_discover(rx, self.pg1, src_intf=self.pg3)
459 # table=1, fib=id=1, oui=4
460 self.vapi.dhcp_proxy_set_vss(1, 1, 4)
462 self.pg3.add_stream(pkts_disc_vrf1)
463 self.pg_enable_capture(self.pg_interfaces)
466 rx = self.pg1.get_capture(1)
468 self.verify_dhcp_discover(rx, self.pg1, src_intf=self.pg3,
472 # Add a second DHCP server in VRF 1
473 # expect clients messages to be relay to both configured servers
475 self.pg1.generate_remote_hosts(2)
476 server_addr2 = socket.inet_pton(AF_INET, self.pg1.remote_hosts[1].ip4)
478 self.vapi.dhcp_proxy_config(server_addr2,
485 # We'll need an ARP entry for the server to send it packets
487 arp_entry = VppNeighbor(self,
488 self.pg1.sw_if_index,
489 self.pg1.remote_hosts[1].mac,
490 self.pg1.remote_hosts[1].ip4)
491 arp_entry.add_vpp_config()
494 # Send a discover from the client. expect two relayed messages
495 # The frist packet is sent to the second server
496 # We're not enforcing that here, it's just the way it is.
498 self.pg3.add_stream(pkts_disc_vrf1)
499 self.pg_enable_capture(self.pg_interfaces)
502 rx = self.pg1.get_capture(2)
504 option_82 = self.verify_dhcp_discover(
507 dst_mac=self.pg1.remote_hosts[1].mac,
508 dst_ip=self.pg1.remote_hosts[1].ip4,
510 self.verify_dhcp_discover(rx[1], self.pg1, src_intf=self.pg3,
514 # Send both packets back. Client gets both.
516 p1 = (Ether(dst=self.pg1.local_mac, src=self.pg1.remote_mac) /
517 IP(src=self.pg1.remote_ip4, dst=self.pg1.local_ip4) /
518 UDP(sport=DHCP4_SERVER_PORT, dport=DHCP4_SERVER_PORT) /
520 DHCP(options=[('message-type', 'offer'),
521 ('relay_agent_Information', option_82),
523 p2 = (Ether(dst=self.pg1.local_mac, src=self.pg1.remote_mac) /
524 IP(src=self.pg1.remote_hosts[1].ip4, dst=self.pg1.local_ip4) /
525 UDP(sport=DHCP4_SERVER_PORT, dport=DHCP4_SERVER_PORT) /
527 DHCP(options=[('message-type', 'offer'),
528 ('relay_agent_Information', option_82),
532 self.pg1.add_stream(pkts)
533 self.pg_enable_capture(self.pg_interfaces)
536 rx = self.pg3.get_capture(2)
538 self.verify_dhcp_offer(rx[0], self.pg3, fib_id=1, oui=4)
539 self.verify_dhcp_offer(rx[1], self.pg3, fib_id=1, oui=4)
542 # Ensure offers from non-servers are dropeed
544 p2 = (Ether(dst=self.pg1.local_mac, src=self.pg1.remote_mac) /
545 IP(src="8.8.8.8", dst=self.pg1.local_ip4) /
546 UDP(sport=DHCP4_SERVER_PORT, dport=DHCP4_SERVER_PORT) /
548 DHCP(options=[('message-type', 'offer'),
549 ('relay_agent_Information', option_82),
551 self.send_and_assert_no_replies(self.pg1, p2,
552 "DHCP offer from non-server")
555 # Ensure only the discover is sent to multiple servers
557 p_req_vrf1 = (Ether(dst="ff:ff:ff:ff:ff:ff",
558 src=self.pg3.remote_mac) /
559 IP(src="0.0.0.0", dst="255.255.255.255") /
560 UDP(sport=DHCP4_CLIENT_PORT,
561 dport=DHCP4_SERVER_PORT) /
563 DHCP(options=[('message-type', 'request'),
566 self.pg3.add_stream(p_req_vrf1)
567 self.pg_enable_capture(self.pg_interfaces)
570 rx = self.pg1.get_capture(1)
573 # Remove the second DHCP server
575 self.vapi.dhcp_proxy_config(server_addr2,
582 # Test we can still relay with the first
584 self.pg3.add_stream(pkts_disc_vrf1)
585 self.pg_enable_capture(self.pg_interfaces)
588 rx = self.pg1.get_capture(1)
590 self.verify_dhcp_discover(rx, self.pg1, src_intf=self.pg3,
594 # Remove the VSS config
595 # relayed DHCP has default vlaues in the option.
597 self.vapi.dhcp_proxy_set_vss(1, 1, 4, is_add=0)
599 self.pg3.add_stream(pkts_disc_vrf1)
600 self.pg_enable_capture(self.pg_interfaces)
603 rx = self.pg1.get_capture(1)
605 self.verify_dhcp_discover(rx, self.pg1, src_intf=self.pg3)
608 # remove DHCP config to cleanup
610 self.vapi.dhcp_proxy_config(server_addr,
616 self.send_and_assert_no_replies(self.pg2, pkts_disc_vrf0,
617 "DHCP cleanup VRF 0")
618 self.send_and_assert_no_replies(self.pg3, pkts_disc_vrf1,
619 "DHCP cleanup VRF 1")
621 def test_dhcp6_proxy(self):
624 # Verify no response to DHCP request without DHCP config
626 dhcp_solicit_dst = "ff02::1:2"
627 dhcp_solicit_src_vrf0 = mk_ll_addr(self.pg2.remote_mac)
628 dhcp_solicit_src_vrf1 = mk_ll_addr(self.pg3.remote_mac)
629 server_addr_vrf0 = self.pg0.remote_ip6n
630 src_addr_vrf0 = self.pg0.local_ip6n
631 server_addr_vrf1 = self.pg1.remote_ip6n
632 src_addr_vrf1 = self.pg1.local_ip6n
634 dmac = in6_getnsmac(inet_pton(socket.AF_INET6, dhcp_solicit_dst))
635 p_solicit_vrf0 = (Ether(dst=dmac, src=self.pg2.remote_mac) /
636 IPv6(src=dhcp_solicit_src_vrf0,
637 dst=dhcp_solicit_dst) /
638 UDP(sport=DHCP6_SERVER_PORT,
639 dport=DHCP6_CLIENT_PORT) /
641 p_solicit_vrf1 = (Ether(dst=dmac, src=self.pg3.remote_mac) /
642 IPv6(src=dhcp_solicit_src_vrf1,
643 dst=dhcp_solicit_dst) /
644 UDP(sport=DHCP6_SERVER_PORT,
645 dport=DHCP6_CLIENT_PORT) /
648 self.send_and_assert_no_replies(self.pg2, p_solicit_vrf0,
649 "DHCP with no configuration")
650 self.send_and_assert_no_replies(self.pg3, p_solicit_vrf1,
651 "DHCP with no configuration")
654 # DHCPv6 config in VRF 0.
655 # Packets still dropped because the client facing interface has no
658 self.vapi.dhcp_proxy_config(server_addr_vrf0,
664 self.send_and_assert_no_replies(self.pg2, p_solicit_vrf0,
665 "DHCP with no configuration")
666 self.send_and_assert_no_replies(self.pg3, p_solicit_vrf1,
667 "DHCP with no configuration")
670 # configure an IP address on the client facing interface
672 self.pg2.config_ip6()
675 # Now the DHCP requests are relayed to the server
677 self.pg2.add_stream(p_solicit_vrf0)
678 self.pg_enable_capture(self.pg_interfaces)
681 rx = self.pg0.get_capture(1)
683 self.verify_dhcp6_solicit(rx[0], self.pg0,
684 dhcp_solicit_src_vrf0,
688 # Exception cases for rejected relay responses
691 # 1 - not a relay reply
692 p_adv_vrf0 = (Ether(dst=self.pg0.local_mac, src=self.pg0.remote_mac) /
693 IPv6(dst=self.pg0.local_ip6, src=self.pg0.remote_ip6) /
694 UDP(sport=DHCP6_SERVER_PORT, dport=DHCP6_SERVER_PORT) /
696 self.send_and_assert_no_replies(self.pg2, p_adv_vrf0,
697 "DHCP6 not a relay reply")
699 # 2 - no relay message option
700 p_adv_vrf0 = (Ether(dst=self.pg0.local_mac, src=self.pg0.remote_mac) /
701 IPv6(dst=self.pg0.local_ip6, src=self.pg0.remote_ip6) /
702 UDP(sport=DHCP6_SERVER_PORT, dport=DHCP6_SERVER_PORT) /
705 self.send_and_assert_no_replies(self.pg2, p_adv_vrf0,
706 "DHCP not a relay message")
709 p_adv_vrf0 = (Ether(dst=self.pg0.local_mac, src=self.pg0.remote_mac) /
710 IPv6(dst=self.pg0.local_ip6, src=self.pg0.remote_ip6) /
711 UDP(sport=DHCP6_SERVER_PORT, dport=DHCP6_SERVER_PORT) /
713 DHCP6OptRelayMsg(optlen=0) /
715 self.send_and_assert_no_replies(self.pg2, p_adv_vrf0,
716 "DHCP6 no circuit ID")
717 # 4 - wrong circuit ID
718 p_adv_vrf0 = (Ether(dst=self.pg0.local_mac, src=self.pg0.remote_mac) /
719 IPv6(dst=self.pg0.local_ip6, src=self.pg0.remote_ip6) /
720 UDP(sport=DHCP6_SERVER_PORT, dport=DHCP6_SERVER_PORT) /
722 DHCP6OptIfaceId(optlen=4, ifaceid='\x00\x00\x00\x05') /
723 DHCP6OptRelayMsg(optlen=0) /
725 self.send_and_assert_no_replies(self.pg2, p_adv_vrf0,
726 "DHCP6 wrong circuit ID")
729 # Send the relay response (the advertisement)
731 p_adv_vrf0 = (Ether(dst=self.pg0.local_mac, src=self.pg0.remote_mac) /
732 IPv6(dst=self.pg0.local_ip6, src=self.pg0.remote_ip6) /
733 UDP(sport=DHCP6_SERVER_PORT, dport=DHCP6_SERVER_PORT) /
735 DHCP6OptIfaceId(optlen=4, ifaceid='\x00\x00\x00\x03') /
736 DHCP6OptRelayMsg(optlen=0) /
737 DHCP6_Advertise(trid=1) /
738 DHCP6OptStatusCode(statuscode=0))
739 pkts_adv_vrf0 = [p_adv_vrf0]
741 self.pg0.add_stream(pkts_adv_vrf0)
742 self.pg_enable_capture(self.pg_interfaces)
745 rx = self.pg2.get_capture(1)
747 self.verify_dhcp6_advert(rx[0], self.pg2, "::")
750 # Send the relay response (the advertisement)
751 # - with peer address
752 p_adv_vrf0 = (Ether(dst=self.pg0.local_mac, src=self.pg0.remote_mac) /
753 IPv6(dst=self.pg0.local_ip6, src=self.pg0.remote_ip6) /
754 UDP(sport=DHCP6_SERVER_PORT, dport=DHCP6_SERVER_PORT) /
755 DHCP6_RelayReply(peeraddr=dhcp_solicit_src_vrf0) /
756 DHCP6OptIfaceId(optlen=4, ifaceid='\x00\x00\x00\x03') /
757 DHCP6OptRelayMsg(optlen=0) /
758 DHCP6_Advertise(trid=1) /
759 DHCP6OptStatusCode(statuscode=0))
760 pkts_adv_vrf0 = [p_adv_vrf0]
762 self.pg0.add_stream(pkts_adv_vrf0)
763 self.pg_enable_capture(self.pg_interfaces)
766 rx = self.pg2.get_capture(1)
768 self.verify_dhcp6_advert(rx[0], self.pg2, dhcp_solicit_src_vrf0)
771 # Add all the config for VRF 1
773 self.vapi.dhcp_proxy_config(server_addr_vrf1,
778 self.pg3.config_ip6()
783 self.pg3.add_stream(p_solicit_vrf1)
784 self.pg_enable_capture(self.pg_interfaces)
787 rx = self.pg1.get_capture(1)
789 self.verify_dhcp6_solicit(rx[0], self.pg1,
790 dhcp_solicit_src_vrf1,
796 p_adv_vrf1 = (Ether(dst=self.pg1.local_mac, src=self.pg1.remote_mac) /
797 IPv6(dst=self.pg1.local_ip6, src=self.pg1.remote_ip6) /
798 UDP(sport=DHCP6_SERVER_PORT, dport=DHCP6_SERVER_PORT) /
799 DHCP6_RelayReply(peeraddr=dhcp_solicit_src_vrf1) /
800 DHCP6OptIfaceId(optlen=4, ifaceid='\x00\x00\x00\x04') /
801 DHCP6OptRelayMsg(optlen=0) /
802 DHCP6_Advertise(trid=1) /
803 DHCP6OptStatusCode(statuscode=0))
804 pkts_adv_vrf1 = [p_adv_vrf1]
806 self.pg1.add_stream(pkts_adv_vrf1)
807 self.pg_enable_capture(self.pg_interfaces)
810 rx = self.pg3.get_capture(1)
812 self.verify_dhcp6_advert(rx[0], self.pg3, dhcp_solicit_src_vrf1)
816 # table=1, fib=id=1, oui=4
817 self.vapi.dhcp_proxy_set_vss(1, 1, 4, is_ip6=1)
819 self.pg3.add_stream(p_solicit_vrf1)
820 self.pg_enable_capture(self.pg_interfaces)
823 rx = self.pg1.get_capture(1)
825 self.verify_dhcp6_solicit(rx[0], self.pg1,
826 dhcp_solicit_src_vrf1,
832 # Remove the VSS config
833 # relayed DHCP has default vlaues in the option.
835 self.vapi.dhcp_proxy_set_vss(1, 1, 4, is_ip6=1, is_add=0)
837 self.pg3.add_stream(p_solicit_vrf1)
838 self.pg_enable_capture(self.pg_interfaces)
841 rx = self.pg1.get_capture(1)
843 self.verify_dhcp6_solicit(rx[0], self.pg1,
844 dhcp_solicit_src_vrf1,
848 # Add a second DHCP server in VRF 1
849 # expect clients messages to be relay to both configured servers
851 self.pg1.generate_remote_hosts(2)
852 server_addr2 = socket.inet_pton(AF_INET6, self.pg1.remote_hosts[1].ip6)
854 self.vapi.dhcp_proxy_config(server_addr2,
861 # We'll need an ND entry for the server to send it packets
863 nd_entry = VppNeighbor(self,
864 self.pg1.sw_if_index,
865 self.pg1.remote_hosts[1].mac,
866 self.pg1.remote_hosts[1].ip6,
868 nd_entry.add_vpp_config()
871 # Send a discover from the client. expect two relayed messages
872 # The frist packet is sent to the second server
873 # We're not enforcing that here, it's just the way it is.
875 self.pg3.add_stream(p_solicit_vrf1)
876 self.pg_enable_capture(self.pg_interfaces)
879 rx = self.pg1.get_capture(2)
881 self.verify_dhcp6_solicit(rx[0], self.pg1,
882 dhcp_solicit_src_vrf1,
884 self.verify_dhcp6_solicit(rx[1], self.pg1,
885 dhcp_solicit_src_vrf1,
887 dst_mac=self.pg1.remote_hosts[1].mac,
888 dst_ip=self.pg1.remote_hosts[1].ip6)
891 # Send both packets back. Client gets both.
893 p1 = (Ether(dst=self.pg1.local_mac, src=self.pg1.remote_mac) /
894 IPv6(dst=self.pg1.local_ip6, src=self.pg1.remote_ip6) /
895 UDP(sport=DHCP6_SERVER_PORT, dport=DHCP6_SERVER_PORT) /
896 DHCP6_RelayReply(peeraddr=dhcp_solicit_src_vrf1) /
897 DHCP6OptIfaceId(optlen=4, ifaceid='\x00\x00\x00\x04') /
898 DHCP6OptRelayMsg(optlen=0) /
899 DHCP6_Advertise(trid=1) /
900 DHCP6OptStatusCode(statuscode=0))
901 p2 = (Ether(dst=self.pg1.local_mac, src=self.pg1.remote_hosts[1].mac) /
902 IPv6(dst=self.pg1.local_ip6, src=self.pg1._remote_hosts[1].ip6) /
903 UDP(sport=DHCP6_SERVER_PORT, dport=DHCP6_SERVER_PORT) /
904 DHCP6_RelayReply(peeraddr=dhcp_solicit_src_vrf1) /
905 DHCP6OptIfaceId(optlen=4, ifaceid='\x00\x00\x00\x04') /
906 DHCP6OptRelayMsg(optlen=0) /
907 DHCP6_Advertise(trid=1) /
908 DHCP6OptStatusCode(statuscode=0))
912 self.pg1.add_stream(pkts)
913 self.pg_enable_capture(self.pg_interfaces)
916 rx = self.pg3.get_capture(2)
918 self.verify_dhcp6_advert(rx[0], self.pg3, dhcp_solicit_src_vrf1)
919 self.verify_dhcp6_advert(rx[1], self.pg3, dhcp_solicit_src_vrf1)
922 # Ensure only solicit messages are duplicated
924 p_request_vrf1 = (Ether(dst=dmac, src=self.pg3.remote_mac) /
925 IPv6(src=dhcp_solicit_src_vrf1,
926 dst=dhcp_solicit_dst) /
927 UDP(sport=DHCP6_SERVER_PORT,
928 dport=DHCP6_CLIENT_PORT) /
931 self.pg3.add_stream(p_request_vrf1)
932 self.pg_enable_capture(self.pg_interfaces)
935 rx = self.pg1.get_capture(1)
938 # Test we drop DHCP packets from addresses that are not configured as
941 p2 = (Ether(dst=self.pg1.local_mac, src=self.pg1.remote_hosts[1].mac) /
942 IPv6(dst=self.pg1.local_ip6, src="3001::1") /
943 UDP(sport=DHCP6_SERVER_PORT, dport=DHCP6_SERVER_PORT) /
944 DHCP6_RelayReply(peeraddr=dhcp_solicit_src_vrf1) /
945 DHCP6OptIfaceId(optlen=4, ifaceid='\x00\x00\x00\x04') /
946 DHCP6OptRelayMsg(optlen=0) /
947 DHCP6_Advertise(trid=1) /
948 DHCP6OptStatusCode(statuscode=0))
949 self.send_and_assert_no_replies(self.pg1, p2,
950 "DHCP6 not from server")
953 # Remove the second DHCP server
955 self.vapi.dhcp_proxy_config(server_addr2,
963 # Test we can still relay with the first
965 self.pg3.add_stream(p_solicit_vrf1)
966 self.pg_enable_capture(self.pg_interfaces)
969 rx = self.pg1.get_capture(1)
971 self.verify_dhcp6_solicit(rx[0], self.pg1,
972 dhcp_solicit_src_vrf1,
978 self.vapi.dhcp_proxy_config(server_addr_vrf1,
984 self.vapi.dhcp_proxy_config(server_addr_vrf0,
992 self.vapi.dhcp_proxy_config(server_addr_vrf0,
999 if __name__ == '__main__':
1000 unittest.main(testRunner=VppTestRunner)
Code Review / vpp.git / blob