7 from framework import VppTestCase, VppTestRunner
8 from vpp_neighbor import VppNeighbor
9 from vpp_ip_route import find_route
10 from util import mk_ll_addr
12 from scapy.layers.l2 import Ether, getmacbyip, ARP
13 from scapy.layers.inet import IP, UDP, ICMP
14 from scapy.layers.inet6 import IPv6, in6_getnsmac, in6_mactoifaceid
15 from scapy.layers.dhcp import DHCP, BOOTP, DHCPTypes
16 from scapy.layers.dhcp6 import DHCP6, DHCP6_Solicit, DHCP6_RelayForward, \
17 DHCP6_RelayReply, DHCP6_Advertise, DHCP6OptRelayMsg, DHCP6OptIfaceId, \
18 DHCP6OptStatusCode, DHCP6OptVSS, DHCP6OptClientLinkLayerAddr, DHCP6_Request
19 from socket import AF_INET, AF_INET6
20 from scapy.utils import inet_pton, inet_ntop
21 from scapy.utils6 import in6_ptop
23 DHCP4_CLIENT_PORT = 68
24 DHCP4_SERVER_PORT = 67
25 DHCP6_CLIENT_PORT = 547
26 DHCP6_SERVER_PORT = 546
29 class TestDHCP(VppTestCase):
30 """ DHCP Test Case """
33 super(TestDHCP, self).setUp()
35 # create 3 pg interfaces
36 self.create_pg_interfaces(range(4))
38 # pg0 and 1 are IP configured in VRF 0 and 1.
39 # pg2 and 3 are non IP-configured in VRF 0 and 1
41 for i in self.pg_interfaces[:2]:
43 i.set_table_ip4(table_id)
44 i.set_table_ip6(table_id)
52 for i in self.pg_interfaces[2:]:
54 i.set_table_ip4(table_id)
55 i.set_table_ip6(table_id)
59 super(TestDHCP, self).tearDown()
60 for i in self.pg_interfaces:
65 def send_and_assert_no_replies(self, intf, pkts, remark):
67 self.pg_enable_capture(self.pg_interfaces)
69 for i in self.pg_interfaces:
70 i.assert_nothing_captured(remark=remark)
72 def verify_dhcp_has_option(self, pkt, option, value):
76 for i in dhcp.options:
79 self.assertEqual(i[1], value)
82 self.assertTrue(found)
84 def validate_relay_options(self, pkt, intf, ip_addr, fib_id, oui):
89 for i in dhcp.options:
91 if i[0] == "relay_agent_Information":
93 # There are two sb-options present - each of length 6.
97 self.assertEqual(len(data), 24)
99 self.assertEqual(len(data), 12)
102 # First sub-option is ID 1, len 4, then encoded
103 # sw_if_index. This test uses low valued indicies
105 # The ID space is VPP internal - so no matching value
108 self.assertEqual(ord(data[0]), 1)
109 self.assertEqual(ord(data[1]), 4)
110 self.assertEqual(ord(data[2]), 0)
111 self.assertEqual(ord(data[3]), 0)
112 self.assertEqual(ord(data[4]), 0)
113 self.assertEqual(ord(data[5]), intf._sw_if_index)
116 # next sub-option is the IP address of the client side
118 # sub-option ID=5, length (of a v4 address)=4
120 claddr = socket.inet_pton(AF_INET, ip_addr)
122 self.assertEqual(ord(data[6]), 5)
123 self.assertEqual(ord(data[7]), 4)
124 self.assertEqual(data[8], claddr[0])
125 self.assertEqual(data[9], claddr[1])
126 self.assertEqual(data[10], claddr[2])
127 self.assertEqual(data[11], claddr[3])
130 # sub-option 151 encodes the 3 byte oui
131 # and the 4 byte fib_id
132 self.assertEqual(ord(data[12]), 151)
133 self.assertEqual(ord(data[13]), 8)
134 self.assertEqual(ord(data[14]), 1)
135 self.assertEqual(ord(data[15]), 0)
136 self.assertEqual(ord(data[16]), 0)
137 self.assertEqual(ord(data[17]), oui)
138 self.assertEqual(ord(data[18]), 0)
139 self.assertEqual(ord(data[19]), 0)
140 self.assertEqual(ord(data[20]), 0)
141 self.assertEqual(ord(data[21]), fib_id)
143 # VSS control sub-option
144 self.assertEqual(ord(data[22]), 152)
145 self.assertEqual(ord(data[23]), 0)
148 self.assertTrue(found)
152 def verify_dhcp_msg_type(self, pkt, name):
155 for o in dhcp.options:
157 if o[0] == "message-type" \
158 and DHCPTypes[o[1]] == name:
160 self.assertTrue(found)
162 def verify_dhcp_offer(self, pkt, intf, fib_id=0, oui=0):
164 self.assertEqual(ether.dst, "ff:ff:ff:ff:ff:ff")
165 self.assertEqual(ether.src, intf.local_mac)
168 self.assertEqual(ip.dst, "255.255.255.255")
169 self.assertEqual(ip.src, intf.local_ip4)
172 self.assertEqual(udp.dport, DHCP4_CLIENT_PORT)
173 self.assertEqual(udp.sport, DHCP4_SERVER_PORT)
175 self.verify_dhcp_msg_type(pkt, "offer")
176 data = self.validate_relay_options(pkt, intf, intf.local_ip4,
179 def verify_orig_dhcp_pkt(self, pkt, intf):
181 self.assertEqual(ether.dst, "ff:ff:ff:ff:ff:ff")
182 self.assertEqual(ether.src, intf.local_mac)
185 self.assertEqual(ip.dst, "255.255.255.255")
186 self.assertEqual(ip.src, "0.0.0.0")
189 self.assertEqual(udp.dport, DHCP4_SERVER_PORT)
190 self.assertEqual(udp.sport, DHCP4_CLIENT_PORT)
192 def verify_orig_dhcp_discover(self, pkt, intf, hostname, client_id=None):
193 self.verify_orig_dhcp_pkt(pkt, intf)
195 self.verify_dhcp_msg_type(pkt, "discover")
196 self.verify_dhcp_has_option(pkt, "hostname", hostname)
198 self.verify_dhcp_has_option(pkt, "client_id", client_id)
200 def verify_orig_dhcp_request(self, pkt, intf, hostname, ip):
201 self.verify_orig_dhcp_pkt(pkt, intf)
203 self.verify_dhcp_msg_type(pkt, "request")
204 self.verify_dhcp_has_option(pkt, "hostname", hostname)
205 self.verify_dhcp_has_option(pkt, "requested_addr", ip)
207 def verify_relayed_dhcp_discover(self, pkt, intf, src_intf=None,
209 dst_mac=None, dst_ip=None):
211 dst_mac = intf.remote_mac
213 dst_ip = intf.remote_ip4
216 self.assertEqual(ether.dst, dst_mac)
217 self.assertEqual(ether.src, intf.local_mac)
220 self.assertEqual(ip.dst, dst_ip)
221 self.assertEqual(ip.src, intf.local_ip4)
224 self.assertEqual(udp.dport, DHCP4_SERVER_PORT)
225 self.assertEqual(udp.sport, DHCP4_CLIENT_PORT)
230 for o in dhcp.options:
232 if o[0] == "message-type" \
233 and DHCPTypes[o[1]] == "discover":
235 self.assertTrue(is_discover)
237 data = self.validate_relay_options(pkt, src_intf,
242 def verify_dhcp6_solicit(self, pkt, intf,
249 dst_mac = intf.remote_mac
251 dst_ip = in6_ptop(intf.remote_ip6)
254 self.assertEqual(ether.dst, dst_mac)
255 self.assertEqual(ether.src, intf.local_mac)
258 self.assertEqual(in6_ptop(ip.dst), dst_ip)
259 self.assertEqual(in6_ptop(ip.src), in6_ptop(intf.local_ip6))
262 self.assertEqual(udp.dport, DHCP6_CLIENT_PORT)
263 self.assertEqual(udp.sport, DHCP6_SERVER_PORT)
265 relay = pkt[DHCP6_RelayForward]
266 self.assertEqual(in6_ptop(relay.peeraddr), in6_ptop(peer_ip))
267 oid = pkt[DHCP6OptIfaceId]
268 cll = pkt[DHCP6OptClientLinkLayerAddr]
269 self.assertEqual(cll.optlen, 8)
270 self.assertEqual(cll.lltype, 1)
271 self.assertEqual(cll.clladdr, peer_mac)
274 vss = pkt[DHCP6OptVSS]
275 self.assertEqual(vss.optlen, 8)
276 self.assertEqual(vss.type, 1)
277 # the OUI and FIB-id are really 3 and 4 bytes resp.
278 # but the tested range is small
279 self.assertEqual(ord(vss.data[0]), 0)
280 self.assertEqual(ord(vss.data[1]), 0)
281 self.assertEqual(ord(vss.data[2]), oui)
282 self.assertEqual(ord(vss.data[3]), 0)
283 self.assertEqual(ord(vss.data[4]), 0)
284 self.assertEqual(ord(vss.data[5]), 0)
285 self.assertEqual(ord(vss.data[6]), fib_id)
287 # the relay message should be an encoded Solicit
288 msg = pkt[DHCP6OptRelayMsg]
289 sol = DHCP6_Solicit()
290 self.assertEqual(msg.optlen, len(str(sol)))
291 self.assertEqual(str(sol), (str(msg[1]))[:msg.optlen])
293 def verify_dhcp6_advert(self, pkt, intf, peer):
295 self.assertEqual(ether.dst, "ff:ff:ff:ff:ff:ff")
296 self.assertEqual(ether.src, intf.local_mac)
299 self.assertEqual(in6_ptop(ip.dst), in6_ptop(peer))
300 self.assertEqual(in6_ptop(ip.src), in6_ptop(intf.local_ip6))
303 self.assertEqual(udp.dport, DHCP6_SERVER_PORT)
304 self.assertEqual(udp.sport, DHCP6_CLIENT_PORT)
306 # not sure why this is not decoding
307 # adv = pkt[DHCP6_Advertise]
309 def test_dhcp_proxy(self):
313 # Verify no response to DHCP request without DHCP config
315 p_disc_vrf0 = (Ether(dst="ff:ff:ff:ff:ff:ff",
316 src=self.pg2.remote_mac) /
317 IP(src="0.0.0.0", dst="255.255.255.255") /
318 UDP(sport=DHCP4_CLIENT_PORT,
319 dport=DHCP4_SERVER_PORT) /
321 DHCP(options=[('message-type', 'discover'), ('end')]))
322 pkts_disc_vrf0 = [p_disc_vrf0]
323 p_disc_vrf1 = (Ether(dst="ff:ff:ff:ff:ff:ff",
324 src=self.pg3.remote_mac) /
325 IP(src="0.0.0.0", dst="255.255.255.255") /
326 UDP(sport=DHCP4_CLIENT_PORT,
327 dport=DHCP4_SERVER_PORT) /
329 DHCP(options=[('message-type', 'discover'), ('end')]))
330 pkts_disc_vrf1 = [p_disc_vrf0]
332 self.send_and_assert_no_replies(self.pg2, pkts_disc_vrf0,
333 "DHCP with no configuration")
334 self.send_and_assert_no_replies(self.pg3, pkts_disc_vrf1,
335 "DHCP with no configuration")
338 # Enable DHCP proxy in VRF 0
340 server_addr = self.pg0.remote_ip4n
341 src_addr = self.pg0.local_ip4n
343 self.vapi.dhcp_proxy_config(server_addr,
348 # Discover packets from the client are dropped because there is no
349 # IP address configured on the client facing interface
351 self.send_and_assert_no_replies(self.pg2, pkts_disc_vrf0,
352 "Discover DHCP no relay address")
355 # Inject a response from the server
356 # dropped, because there is no IP addrees on the
357 # client interfce to fill in the option.
359 p = (Ether(dst=self.pg0.local_mac, src=self.pg0.remote_mac) /
360 IP(src=self.pg0.remote_ip4, dst=self.pg0.local_ip4) /
361 UDP(sport=DHCP4_SERVER_PORT, dport=DHCP4_SERVER_PORT) /
363 DHCP(options=[('message-type', 'offer'), ('end')]))
366 self.send_and_assert_no_replies(self.pg2, pkts,
367 "Offer DHCP no relay address")
370 # configure an IP address on the client facing interface
372 self.pg2.config_ip4()
375 # Try again with a discover packet
376 # Rx'd packet should be to the server address and from the configured
378 # UDP source ports are unchanged
379 # we've no option 82 config so that should be absent
381 self.pg2.add_stream(pkts_disc_vrf0)
382 self.pg_enable_capture(self.pg_interfaces)
385 rx = self.pg0.get_capture(1)
388 option_82 = self.verify_relayed_dhcp_discover(rx, self.pg0,
392 # Create an DHCP offer reply from the server with a correctly formatted
393 # option 82. i.e. send back what we just captured
394 # The offer, sent mcast to the client, still has option 82.
396 p = (Ether(dst=self.pg0.local_mac, src=self.pg0.remote_mac) /
397 IP(src=self.pg0.remote_ip4, dst=self.pg0.local_ip4) /
398 UDP(sport=DHCP4_SERVER_PORT, dport=DHCP4_SERVER_PORT) /
400 DHCP(options=[('message-type', 'offer'),
401 ('relay_agent_Information', option_82),
405 self.pg0.add_stream(pkts)
406 self.pg_enable_capture(self.pg_interfaces)
409 rx = self.pg2.get_capture(1)
412 self.verify_dhcp_offer(rx, self.pg2)
417 # 1. not our IP address = not checked by VPP? so offer is replayed
419 bad_ip = option_82[0:8] + chr(33) + option_82[9:]
421 p = (Ether(dst=self.pg0.local_mac, src=self.pg0.remote_mac) /
422 IP(src=self.pg0.remote_ip4, dst=self.pg0.local_ip4) /
423 UDP(sport=DHCP4_SERVER_PORT, dport=DHCP4_SERVER_PORT) /
425 DHCP(options=[('message-type', 'offer'),
426 ('relay_agent_Information', bad_ip),
429 self.send_and_assert_no_replies(self.pg0, pkts,
430 "DHCP offer option 82 bad address")
432 # 2. Not a sw_if_index VPP knows
433 bad_if_index = option_82[0:2] + chr(33) + option_82[3:]
435 p = (Ether(dst=self.pg0.local_mac, src=self.pg0.remote_mac) /
436 IP(src=self.pg0.remote_ip4, dst=self.pg0.local_ip4) /
437 UDP(sport=DHCP4_SERVER_PORT, dport=DHCP4_SERVER_PORT) /
439 DHCP(options=[('message-type', 'offer'),
440 ('relay_agent_Information', bad_if_index),
443 self.send_and_assert_no_replies(self.pg0, pkts,
444 "DHCP offer option 82 bad if index")
447 # Send a DHCP request in VRF 1. should be dropped.
449 self.send_and_assert_no_replies(self.pg3, pkts_disc_vrf1,
450 "DHCP with no configuration VRF 1")
453 # Delete the DHCP config in VRF 0
454 # Should now drop requests.
456 self.vapi.dhcp_proxy_config(server_addr,
461 self.send_and_assert_no_replies(self.pg2, pkts_disc_vrf0,
462 "DHCP config removed VRF 0")
463 self.send_and_assert_no_replies(self.pg3, pkts_disc_vrf1,
464 "DHCP config removed VRF 1")
467 # Add DHCP config for VRF 1
469 server_addr = self.pg1.remote_ip4n
470 src_addr = self.pg1.local_ip4n
471 self.vapi.dhcp_proxy_config(server_addr,
477 # Confim DHCP requests ok in VRF 1.
478 # - dropped on IP config on client interface
480 self.send_and_assert_no_replies(self.pg3, pkts_disc_vrf1,
481 "DHCP config removed VRF 1")
484 # configure an IP address on the client facing interface
486 self.pg3.config_ip4()
488 self.pg3.add_stream(pkts_disc_vrf1)
489 self.pg_enable_capture(self.pg_interfaces)
492 rx = self.pg1.get_capture(1)
494 self.verify_relayed_dhcp_discover(rx, self.pg1, src_intf=self.pg3)
498 # table=1, fib=id=1, oui=4
499 self.vapi.dhcp_proxy_set_vss(1, 1, 4)
501 self.pg3.add_stream(pkts_disc_vrf1)
502 self.pg_enable_capture(self.pg_interfaces)
505 rx = self.pg1.get_capture(1)
507 self.verify_relayed_dhcp_discover(rx, self.pg1,
512 # Add a second DHCP server in VRF 1
513 # expect clients messages to be relay to both configured servers
515 self.pg1.generate_remote_hosts(2)
516 server_addr2 = socket.inet_pton(AF_INET, self.pg1.remote_hosts[1].ip4)
518 self.vapi.dhcp_proxy_config(server_addr2,
525 # We'll need an ARP entry for the server to send it packets
527 arp_entry = VppNeighbor(self,
528 self.pg1.sw_if_index,
529 self.pg1.remote_hosts[1].mac,
530 self.pg1.remote_hosts[1].ip4)
531 arp_entry.add_vpp_config()
534 # Send a discover from the client. expect two relayed messages
535 # The frist packet is sent to the second server
536 # We're not enforcing that here, it's just the way it is.
538 self.pg3.add_stream(pkts_disc_vrf1)
539 self.pg_enable_capture(self.pg_interfaces)
542 rx = self.pg1.get_capture(2)
544 option_82 = self.verify_relayed_dhcp_discover(
547 dst_mac=self.pg1.remote_hosts[1].mac,
548 dst_ip=self.pg1.remote_hosts[1].ip4,
550 self.verify_relayed_dhcp_discover(rx[1], self.pg1,
555 # Send both packets back. Client gets both.
557 p1 = (Ether(dst=self.pg1.local_mac, src=self.pg1.remote_mac) /
558 IP(src=self.pg1.remote_ip4, dst=self.pg1.local_ip4) /
559 UDP(sport=DHCP4_SERVER_PORT, dport=DHCP4_SERVER_PORT) /
561 DHCP(options=[('message-type', 'offer'),
562 ('relay_agent_Information', option_82),
564 p2 = (Ether(dst=self.pg1.local_mac, src=self.pg1.remote_mac) /
565 IP(src=self.pg1.remote_hosts[1].ip4, dst=self.pg1.local_ip4) /
566 UDP(sport=DHCP4_SERVER_PORT, dport=DHCP4_SERVER_PORT) /
568 DHCP(options=[('message-type', 'offer'),
569 ('relay_agent_Information', option_82),
573 self.pg1.add_stream(pkts)
574 self.pg_enable_capture(self.pg_interfaces)
577 rx = self.pg3.get_capture(2)
579 self.verify_dhcp_offer(rx[0], self.pg3, fib_id=1, oui=4)
580 self.verify_dhcp_offer(rx[1], self.pg3, fib_id=1, oui=4)
583 # Ensure offers from non-servers are dropeed
585 p2 = (Ether(dst=self.pg1.local_mac, src=self.pg1.remote_mac) /
586 IP(src="8.8.8.8", dst=self.pg1.local_ip4) /
587 UDP(sport=DHCP4_SERVER_PORT, dport=DHCP4_SERVER_PORT) /
589 DHCP(options=[('message-type', 'offer'),
590 ('relay_agent_Information', option_82),
592 self.send_and_assert_no_replies(self.pg1, p2,
593 "DHCP offer from non-server")
596 # Ensure only the discover is sent to multiple servers
598 p_req_vrf1 = (Ether(dst="ff:ff:ff:ff:ff:ff",
599 src=self.pg3.remote_mac) /
600 IP(src="0.0.0.0", dst="255.255.255.255") /
601 UDP(sport=DHCP4_CLIENT_PORT,
602 dport=DHCP4_SERVER_PORT) /
604 DHCP(options=[('message-type', 'request'),
607 self.pg3.add_stream(p_req_vrf1)
608 self.pg_enable_capture(self.pg_interfaces)
611 rx = self.pg1.get_capture(1)
614 # Remove the second DHCP server
616 self.vapi.dhcp_proxy_config(server_addr2,
623 # Test we can still relay with the first
625 self.pg3.add_stream(pkts_disc_vrf1)
626 self.pg_enable_capture(self.pg_interfaces)
629 rx = self.pg1.get_capture(1)
631 self.verify_relayed_dhcp_discover(rx, self.pg1,
636 # Remove the VSS config
637 # relayed DHCP has default vlaues in the option.
639 self.vapi.dhcp_proxy_set_vss(1, 1, 4, is_add=0)
641 self.pg3.add_stream(pkts_disc_vrf1)
642 self.pg_enable_capture(self.pg_interfaces)
645 rx = self.pg1.get_capture(1)
647 self.verify_relayed_dhcp_discover(rx, self.pg1, src_intf=self.pg3)
650 # remove DHCP config to cleanup
652 self.vapi.dhcp_proxy_config(server_addr,
658 self.send_and_assert_no_replies(self.pg2, pkts_disc_vrf0,
659 "DHCP cleanup VRF 0")
660 self.send_and_assert_no_replies(self.pg3, pkts_disc_vrf1,
661 "DHCP cleanup VRF 1")
663 def test_dhcp6_proxy(self):
666 # Verify no response to DHCP request without DHCP config
668 dhcp_solicit_dst = "ff02::1:2"
669 dhcp_solicit_src_vrf0 = mk_ll_addr(self.pg2.remote_mac)
670 dhcp_solicit_src_vrf1 = mk_ll_addr(self.pg3.remote_mac)
671 server_addr_vrf0 = self.pg0.remote_ip6n
672 src_addr_vrf0 = self.pg0.local_ip6n
673 server_addr_vrf1 = self.pg1.remote_ip6n
674 src_addr_vrf1 = self.pg1.local_ip6n
676 dmac = in6_getnsmac(inet_pton(socket.AF_INET6, dhcp_solicit_dst))
677 p_solicit_vrf0 = (Ether(dst=dmac, src=self.pg2.remote_mac) /
678 IPv6(src=dhcp_solicit_src_vrf0,
679 dst=dhcp_solicit_dst) /
680 UDP(sport=DHCP6_SERVER_PORT,
681 dport=DHCP6_CLIENT_PORT) /
683 p_solicit_vrf1 = (Ether(dst=dmac, src=self.pg3.remote_mac) /
684 IPv6(src=dhcp_solicit_src_vrf1,
685 dst=dhcp_solicit_dst) /
686 UDP(sport=DHCP6_SERVER_PORT,
687 dport=DHCP6_CLIENT_PORT) /
690 self.send_and_assert_no_replies(self.pg2, p_solicit_vrf0,
691 "DHCP with no configuration")
692 self.send_and_assert_no_replies(self.pg3, p_solicit_vrf1,
693 "DHCP with no configuration")
696 # DHCPv6 config in VRF 0.
697 # Packets still dropped because the client facing interface has no
700 self.vapi.dhcp_proxy_config(server_addr_vrf0,
706 self.send_and_assert_no_replies(self.pg2, p_solicit_vrf0,
707 "DHCP with no configuration")
708 self.send_and_assert_no_replies(self.pg3, p_solicit_vrf1,
709 "DHCP with no configuration")
712 # configure an IP address on the client facing interface
714 self.pg2.config_ip6()
717 # Now the DHCP requests are relayed to the server
719 self.pg2.add_stream(p_solicit_vrf0)
720 self.pg_enable_capture(self.pg_interfaces)
723 rx = self.pg0.get_capture(1)
725 self.verify_dhcp6_solicit(rx[0], self.pg0,
726 dhcp_solicit_src_vrf0,
730 # Exception cases for rejected relay responses
733 # 1 - not a relay reply
734 p_adv_vrf0 = (Ether(dst=self.pg0.local_mac, src=self.pg0.remote_mac) /
735 IPv6(dst=self.pg0.local_ip6, src=self.pg0.remote_ip6) /
736 UDP(sport=DHCP6_SERVER_PORT, dport=DHCP6_SERVER_PORT) /
738 self.send_and_assert_no_replies(self.pg2, p_adv_vrf0,
739 "DHCP6 not a relay reply")
741 # 2 - no relay message option
742 p_adv_vrf0 = (Ether(dst=self.pg0.local_mac, src=self.pg0.remote_mac) /
743 IPv6(dst=self.pg0.local_ip6, src=self.pg0.remote_ip6) /
744 UDP(sport=DHCP6_SERVER_PORT, dport=DHCP6_SERVER_PORT) /
747 self.send_and_assert_no_replies(self.pg2, p_adv_vrf0,
748 "DHCP not a relay message")
751 p_adv_vrf0 = (Ether(dst=self.pg0.local_mac, src=self.pg0.remote_mac) /
752 IPv6(dst=self.pg0.local_ip6, src=self.pg0.remote_ip6) /
753 UDP(sport=DHCP6_SERVER_PORT, dport=DHCP6_SERVER_PORT) /
755 DHCP6OptRelayMsg(optlen=0) /
757 self.send_and_assert_no_replies(self.pg2, p_adv_vrf0,
758 "DHCP6 no circuit ID")
759 # 4 - wrong circuit ID
760 p_adv_vrf0 = (Ether(dst=self.pg0.local_mac, src=self.pg0.remote_mac) /
761 IPv6(dst=self.pg0.local_ip6, src=self.pg0.remote_ip6) /
762 UDP(sport=DHCP6_SERVER_PORT, dport=DHCP6_SERVER_PORT) /
764 DHCP6OptIfaceId(optlen=4, ifaceid='\x00\x00\x00\x05') /
765 DHCP6OptRelayMsg(optlen=0) /
767 self.send_and_assert_no_replies(self.pg2, p_adv_vrf0,
768 "DHCP6 wrong circuit ID")
771 # Send the relay response (the advertisement)
773 p_adv_vrf0 = (Ether(dst=self.pg0.local_mac, src=self.pg0.remote_mac) /
774 IPv6(dst=self.pg0.local_ip6, src=self.pg0.remote_ip6) /
775 UDP(sport=DHCP6_SERVER_PORT, dport=DHCP6_SERVER_PORT) /
777 DHCP6OptIfaceId(optlen=4, ifaceid='\x00\x00\x00\x03') /
778 DHCP6OptRelayMsg(optlen=0) /
779 DHCP6_Advertise(trid=1) /
780 DHCP6OptStatusCode(statuscode=0))
781 pkts_adv_vrf0 = [p_adv_vrf0]
783 self.pg0.add_stream(pkts_adv_vrf0)
784 self.pg_enable_capture(self.pg_interfaces)
787 rx = self.pg2.get_capture(1)
789 self.verify_dhcp6_advert(rx[0], self.pg2, "::")
792 # Send the relay response (the advertisement)
793 # - with peer address
794 p_adv_vrf0 = (Ether(dst=self.pg0.local_mac, src=self.pg0.remote_mac) /
795 IPv6(dst=self.pg0.local_ip6, src=self.pg0.remote_ip6) /
796 UDP(sport=DHCP6_SERVER_PORT, dport=DHCP6_SERVER_PORT) /
797 DHCP6_RelayReply(peeraddr=dhcp_solicit_src_vrf0) /
798 DHCP6OptIfaceId(optlen=4, ifaceid='\x00\x00\x00\x03') /
799 DHCP6OptRelayMsg(optlen=0) /
800 DHCP6_Advertise(trid=1) /
801 DHCP6OptStatusCode(statuscode=0))
802 pkts_adv_vrf0 = [p_adv_vrf0]
804 self.pg0.add_stream(pkts_adv_vrf0)
805 self.pg_enable_capture(self.pg_interfaces)
808 rx = self.pg2.get_capture(1)
810 self.verify_dhcp6_advert(rx[0], self.pg2, dhcp_solicit_src_vrf0)
813 # Add all the config for VRF 1
815 self.vapi.dhcp_proxy_config(server_addr_vrf1,
820 self.pg3.config_ip6()
825 self.pg3.add_stream(p_solicit_vrf1)
826 self.pg_enable_capture(self.pg_interfaces)
829 rx = self.pg1.get_capture(1)
831 self.verify_dhcp6_solicit(rx[0], self.pg1,
832 dhcp_solicit_src_vrf1,
838 p_adv_vrf1 = (Ether(dst=self.pg1.local_mac, src=self.pg1.remote_mac) /
839 IPv6(dst=self.pg1.local_ip6, src=self.pg1.remote_ip6) /
840 UDP(sport=DHCP6_SERVER_PORT, dport=DHCP6_SERVER_PORT) /
841 DHCP6_RelayReply(peeraddr=dhcp_solicit_src_vrf1) /
842 DHCP6OptIfaceId(optlen=4, ifaceid='\x00\x00\x00\x04') /
843 DHCP6OptRelayMsg(optlen=0) /
844 DHCP6_Advertise(trid=1) /
845 DHCP6OptStatusCode(statuscode=0))
846 pkts_adv_vrf1 = [p_adv_vrf1]
848 self.pg1.add_stream(pkts_adv_vrf1)
849 self.pg_enable_capture(self.pg_interfaces)
852 rx = self.pg3.get_capture(1)
854 self.verify_dhcp6_advert(rx[0], self.pg3, dhcp_solicit_src_vrf1)
858 # table=1, fib=id=1, oui=4
859 self.vapi.dhcp_proxy_set_vss(1, 1, 4, is_ip6=1)
861 self.pg3.add_stream(p_solicit_vrf1)
862 self.pg_enable_capture(self.pg_interfaces)
865 rx = self.pg1.get_capture(1)
867 self.verify_dhcp6_solicit(rx[0], self.pg1,
868 dhcp_solicit_src_vrf1,
874 # Remove the VSS config
875 # relayed DHCP has default vlaues in the option.
877 self.vapi.dhcp_proxy_set_vss(1, 1, 4, is_ip6=1, is_add=0)
879 self.pg3.add_stream(p_solicit_vrf1)
880 self.pg_enable_capture(self.pg_interfaces)
883 rx = self.pg1.get_capture(1)
885 self.verify_dhcp6_solicit(rx[0], self.pg1,
886 dhcp_solicit_src_vrf1,
890 # Add a second DHCP server in VRF 1
891 # expect clients messages to be relay to both configured servers
893 self.pg1.generate_remote_hosts(2)
894 server_addr2 = socket.inet_pton(AF_INET6, self.pg1.remote_hosts[1].ip6)
896 self.vapi.dhcp_proxy_config(server_addr2,
903 # We'll need an ND entry for the server to send it packets
905 nd_entry = VppNeighbor(self,
906 self.pg1.sw_if_index,
907 self.pg1.remote_hosts[1].mac,
908 self.pg1.remote_hosts[1].ip6,
910 nd_entry.add_vpp_config()
913 # Send a discover from the client. expect two relayed messages
914 # The frist packet is sent to the second server
915 # We're not enforcing that here, it's just the way it is.
917 self.pg3.add_stream(p_solicit_vrf1)
918 self.pg_enable_capture(self.pg_interfaces)
921 rx = self.pg1.get_capture(2)
923 self.verify_dhcp6_solicit(rx[0], self.pg1,
924 dhcp_solicit_src_vrf1,
926 self.verify_dhcp6_solicit(rx[1], self.pg1,
927 dhcp_solicit_src_vrf1,
929 dst_mac=self.pg1.remote_hosts[1].mac,
930 dst_ip=self.pg1.remote_hosts[1].ip6)
933 # Send both packets back. Client gets both.
935 p1 = (Ether(dst=self.pg1.local_mac, src=self.pg1.remote_mac) /
936 IPv6(dst=self.pg1.local_ip6, src=self.pg1.remote_ip6) /
937 UDP(sport=DHCP6_SERVER_PORT, dport=DHCP6_SERVER_PORT) /
938 DHCP6_RelayReply(peeraddr=dhcp_solicit_src_vrf1) /
939 DHCP6OptIfaceId(optlen=4, ifaceid='\x00\x00\x00\x04') /
940 DHCP6OptRelayMsg(optlen=0) /
941 DHCP6_Advertise(trid=1) /
942 DHCP6OptStatusCode(statuscode=0))
943 p2 = (Ether(dst=self.pg1.local_mac, src=self.pg1.remote_hosts[1].mac) /
944 IPv6(dst=self.pg1.local_ip6, src=self.pg1._remote_hosts[1].ip6) /
945 UDP(sport=DHCP6_SERVER_PORT, dport=DHCP6_SERVER_PORT) /
946 DHCP6_RelayReply(peeraddr=dhcp_solicit_src_vrf1) /
947 DHCP6OptIfaceId(optlen=4, ifaceid='\x00\x00\x00\x04') /
948 DHCP6OptRelayMsg(optlen=0) /
949 DHCP6_Advertise(trid=1) /
950 DHCP6OptStatusCode(statuscode=0))
954 self.pg1.add_stream(pkts)
955 self.pg_enable_capture(self.pg_interfaces)
958 rx = self.pg3.get_capture(2)
960 self.verify_dhcp6_advert(rx[0], self.pg3, dhcp_solicit_src_vrf1)
961 self.verify_dhcp6_advert(rx[1], self.pg3, dhcp_solicit_src_vrf1)
964 # Ensure only solicit messages are duplicated
966 p_request_vrf1 = (Ether(dst=dmac, src=self.pg3.remote_mac) /
967 IPv6(src=dhcp_solicit_src_vrf1,
968 dst=dhcp_solicit_dst) /
969 UDP(sport=DHCP6_SERVER_PORT,
970 dport=DHCP6_CLIENT_PORT) /
973 self.pg3.add_stream(p_request_vrf1)
974 self.pg_enable_capture(self.pg_interfaces)
977 rx = self.pg1.get_capture(1)
980 # Test we drop DHCP packets from addresses that are not configured as
983 p2 = (Ether(dst=self.pg1.local_mac, src=self.pg1.remote_hosts[1].mac) /
984 IPv6(dst=self.pg1.local_ip6, src="3001::1") /
985 UDP(sport=DHCP6_SERVER_PORT, dport=DHCP6_SERVER_PORT) /
986 DHCP6_RelayReply(peeraddr=dhcp_solicit_src_vrf1) /
987 DHCP6OptIfaceId(optlen=4, ifaceid='\x00\x00\x00\x04') /
988 DHCP6OptRelayMsg(optlen=0) /
989 DHCP6_Advertise(trid=1) /
990 DHCP6OptStatusCode(statuscode=0))
991 self.send_and_assert_no_replies(self.pg1, p2,
992 "DHCP6 not from server")
995 # Remove the second DHCP server
997 self.vapi.dhcp_proxy_config(server_addr2,
1005 # Test we can still relay with the first
1007 self.pg3.add_stream(p_solicit_vrf1)
1008 self.pg_enable_capture(self.pg_interfaces)
1011 rx = self.pg1.get_capture(1)
1013 self.verify_dhcp6_solicit(rx[0], self.pg1,
1014 dhcp_solicit_src_vrf1,
1015 self.pg3.remote_mac)
1020 self.vapi.dhcp_proxy_config(server_addr_vrf1,
1026 self.vapi.dhcp_proxy_config(server_addr_vrf0,
1034 self.vapi.dhcp_proxy_config(server_addr_vrf0,
1041 def test_dhcp_client(self):
1044 hostname = 'universal-dp'
1046 self.pg_enable_capture(self.pg_interfaces)
1049 # Configure DHCP client on PG2 and capture the discover sent
1051 self.vapi.dhcp_client(self.pg2.sw_if_index, hostname)
1053 rx = self.pg2.get_capture(1)
1055 self.verify_orig_dhcp_discover(rx[0], self.pg2, hostname)
1058 # Sned back on offer, expect the request
1060 p = (Ether(dst=self.pg2.local_mac, src=self.pg2.remote_mac) /
1061 IP(src=self.pg2.remote_ip4, dst="255.255.255.255") /
1062 UDP(sport=DHCP4_SERVER_PORT, dport=DHCP4_CLIENT_PORT) /
1064 yiaddr=self.pg2.local_ip4) /
1065 DHCP(options=[('message-type', 'offer'), ('end')]))
1067 self.pg2.add_stream(p)
1068 self.pg_enable_capture(self.pg_interfaces)
1071 rx = self.pg2.get_capture(1)
1072 self.verify_orig_dhcp_request(rx[0], self.pg2, hostname,
1076 # Send an acknowloedgement
1078 p = (Ether(dst=self.pg2.local_mac, src=self.pg2.remote_mac) /
1079 IP(src=self.pg2.remote_ip4, dst="255.255.255.255") /
1080 UDP(sport=DHCP4_SERVER_PORT, dport=DHCP4_CLIENT_PORT) /
1082 yiaddr=self.pg2.local_ip4) /
1083 DHCP(options=[('message-type', 'ack'),
1084 ('subnet_mask', "255.255.255.0"),
1085 ('router', self.pg2.remote_ip4),
1086 ('server_id', self.pg2.remote_ip4),
1087 ('lease_time', 43200),
1090 self.pg2.add_stream(p)
1091 self.pg_enable_capture(self.pg_interfaces)
1095 # We'll get an ARP request for the router address
1097 rx = self.pg2.get_capture(1)
1099 self.assertEqual(rx[0][ARP].pdst, self.pg2.remote_ip4)
1100 self.pg_enable_capture(self.pg_interfaces)
1103 # At the end of this procedure there should be a connected route
1106 self.assertTrue(find_route(self, self.pg2.local_ip4, 32))
1108 # remove the left over ARP entry
1109 self.vapi.ip_neighbor_add_del(self.pg2.sw_if_index,
1110 self.pg2.remote_mac,
1111 self.pg2.remote_ip4,
1114 # remove the DHCP config
1116 self.vapi.dhcp_client(self.pg2.sw_if_index, hostname, is_add=0)
1119 # and now the route should be gone
1121 self.assertFalse(find_route(self, self.pg2.local_ip4, 32))
1124 # Start the procedure again. this time have VPP send the clientiid
1126 self.vapi.dhcp_client(self.pg2.sw_if_index, hostname,
1127 client_id=self.pg2.local_mac)
1129 rx = self.pg2.get_capture(1)
1131 self.verify_orig_dhcp_discover(rx[0], self.pg2, hostname,
1135 # remove the DHCP config
1137 self.vapi.dhcp_client(self.pg2.sw_if_index, hostname, is_add=0)
1139 if __name__ == '__main__':
1140 unittest.main(testRunner=VppTestRunner)
Code Review / vpp.git / blob