4 from socket import inet_pton, inet_ntop
7 from parameterized import parameterized
9 import scapy.layers.inet6 as inet6
10 from scapy.contrib.mpls import MPLS
11 from scapy.layers.inet6 import IPv6, ICMPv6ND_NS, ICMPv6ND_RS, \
12 ICMPv6ND_RA, ICMPv6NDOptMTU, ICMPv6NDOptSrcLLAddr, ICMPv6NDOptPrefixInfo, \
13 ICMPv6ND_NA, ICMPv6NDOptDstLLAddr, ICMPv6DestUnreach, icmp6types, \
14 ICMPv6TimeExceeded, ICMPv6EchoRequest, ICMPv6EchoReply, \
15 IPv6ExtHdrHopByHop, ICMPv6MLReport2, ICMPv6MLDMultAddrRec
16 from scapy.layers.l2 import Ether, Dot1Q
17 from scapy.packet import Raw
18 from scapy.utils6 import in6_getnsma, in6_getnsmac, in6_ptop, in6_islladdr, \
22 from framework import VppTestCase, VppTestRunner, tag_run_solo
23 from util import ppp, ip6_normalize, mk_ll_addr
24 from vpp_papi import VppEnum
25 from vpp_ip import DpoProto, VppIpPuntPolicer, VppIpPuntRedirect
26 from vpp_ip_route import VppIpRoute, VppRoutePath, find_route, VppIpMRoute, \
27 VppMRoutePath, VppMplsIpBind, \
28 VppMplsRoute, VppMplsTable, VppIpTable, FibPathType, FibPathProto, \
29 VppIpInterfaceAddress, find_route_in_dump, find_mroute_in_dump, \
30 VppIp6LinkLocalAddress
31 from vpp_neighbor import find_nbr, VppNeighbor
32 from vpp_pg_interface import is_ipv6_misc
33 from vpp_sub_interface import VppSubInterface, VppDot1QSubint
34 from vpp_policer import VppPolicer
35 from ipaddress import IPv6Network, IPv6Address
37 AF_INET6 = socket.AF_INET6
47 class TestIPv6ND(VppTestCase):
48 def validate_ra(self, intf, rx, dst_ip=None):
50 dst_ip = intf.remote_ip6
52 # unicasted packets must come to the unicast mac
53 self.assertEqual(rx[Ether].dst, intf.remote_mac)
55 # and from the router's MAC
56 self.assertEqual(rx[Ether].src, intf.local_mac)
58 # the rx'd RA should be addressed to the sender's source
59 self.assertTrue(rx.haslayer(ICMPv6ND_RA))
60 self.assertEqual(in6_ptop(rx[IPv6].dst),
63 # and come from the router's link local
64 self.assertTrue(in6_islladdr(rx[IPv6].src))
65 self.assertEqual(in6_ptop(rx[IPv6].src),
66 in6_ptop(mk_ll_addr(intf.local_mac)))
68 def validate_na(self, intf, rx, dst_ip=None, tgt_ip=None):
70 dst_ip = intf.remote_ip6
72 dst_ip = intf.local_ip6
74 # unicasted packets must come to the unicast mac
75 self.assertEqual(rx[Ether].dst, intf.remote_mac)
77 # and from the router's MAC
78 self.assertEqual(rx[Ether].src, intf.local_mac)
80 # the rx'd NA should be addressed to the sender's source
81 self.assertTrue(rx.haslayer(ICMPv6ND_NA))
82 self.assertEqual(in6_ptop(rx[IPv6].dst),
85 # and come from the target address
87 in6_ptop(rx[IPv6].src), in6_ptop(tgt_ip))
89 # Dest link-layer options should have the router's MAC
90 dll = rx[ICMPv6NDOptDstLLAddr]
91 self.assertEqual(dll.lladdr, intf.local_mac)
93 def validate_ns(self, intf, rx, tgt_ip):
94 nsma = in6_getnsma(inet_pton(AF_INET6, tgt_ip))
95 dst_ip = inet_ntop(AF_INET6, nsma)
98 self.assertEqual(rx[Ether].dst, in6_getnsmac(nsma))
100 # and from the router's MAC
101 self.assertEqual(rx[Ether].src, intf.local_mac)
103 # the rx'd NS should be addressed to an mcast address
104 # derived from the target address
106 in6_ptop(rx[IPv6].dst), in6_ptop(dst_ip))
108 # expect the tgt IP in the NS header
110 self.assertEqual(in6_ptop(ns.tgt), in6_ptop(tgt_ip))
112 # packet is from the router's local address
114 in6_ptop(rx[IPv6].src), intf.local_ip6)
116 # Src link-layer options should have the router's MAC
117 sll = rx[ICMPv6NDOptSrcLLAddr]
118 self.assertEqual(sll.lladdr, intf.local_mac)
120 def send_and_expect_ra(self, intf, pkts, remark, dst_ip=None,
121 filter_out_fn=is_ipv6_misc):
122 intf.add_stream(pkts)
123 self.pg_enable_capture(self.pg_interfaces)
125 rx = intf.get_capture(1, filter_out_fn=filter_out_fn)
127 self.assertEqual(len(rx), 1)
129 self.validate_ra(intf, rx, dst_ip)
131 def send_and_expect_na(self, intf, pkts, remark, dst_ip=None,
133 filter_out_fn=is_ipv6_misc):
134 intf.add_stream(pkts)
135 self.pg_enable_capture(self.pg_interfaces)
137 rx = intf.get_capture(1, filter_out_fn=filter_out_fn)
139 self.assertEqual(len(rx), 1)
141 self.validate_na(intf, rx, dst_ip, tgt_ip)
143 def send_and_expect_ns(self, tx_intf, rx_intf, pkts, tgt_ip,
144 filter_out_fn=is_ipv6_misc):
145 self.vapi.cli("clear trace")
146 tx_intf.add_stream(pkts)
147 self.pg_enable_capture(self.pg_interfaces)
149 rx = rx_intf.get_capture(1, filter_out_fn=filter_out_fn)
151 self.assertEqual(len(rx), 1)
153 self.validate_ns(rx_intf, rx, tgt_ip)
155 def verify_ip(self, rx, smac, dmac, sip, dip):
157 self.assertEqual(ether.dst, dmac)
158 self.assertEqual(ether.src, smac)
161 self.assertEqual(ip.src, sip)
162 self.assertEqual(ip.dst, dip)
166 class TestIPv6(TestIPv6ND):
167 """ IPv6 Test Case """
171 super(TestIPv6, cls).setUpClass()
174 def tearDownClass(cls):
175 super(TestIPv6, cls).tearDownClass()
179 Perform test setup before test case.
182 - create 3 pg interfaces
183 - untagged pg0 interface
184 - Dot1Q subinterface on pg1
185 - Dot1AD subinterface on pg2
187 - put it into UP state
189 - resolve neighbor address using NDP
190 - configure 200 fib entries
192 :ivar list interfaces: pg interfaces and subinterfaces.
193 :ivar dict flows: IPv4 packet flows in test.
195 *TODO:* Create AD sub interface
197 super(TestIPv6, self).setUp()
199 # create 3 pg interfaces
200 self.create_pg_interfaces(range(3))
202 # create 2 subinterfaces for p1 and pg2
203 self.sub_interfaces = [
204 VppDot1QSubint(self, self.pg1, 100),
205 VppDot1QSubint(self, self.pg2, 200)
206 # TODO: VppDot1ADSubint(self, self.pg2, 200, 300, 400)
209 # packet flows mapping pg0 -> pg1.sub, pg2.sub, etc.
211 self.flows[self.pg0] = [self.pg1.sub_if, self.pg2.sub_if]
212 self.flows[self.pg1.sub_if] = [self.pg0, self.pg2.sub_if]
213 self.flows[self.pg2.sub_if] = [self.pg0, self.pg1.sub_if]
216 self.pg_if_packet_sizes = [64, 1500, 9020]
218 self.interfaces = list(self.pg_interfaces)
219 self.interfaces.extend(self.sub_interfaces)
221 # setup all interfaces
222 for i in self.interfaces:
228 """Run standard test teardown and log ``show ip6 neighbors``."""
229 for i in self.interfaces:
232 for i in self.sub_interfaces:
233 i.remove_vpp_config()
235 super(TestIPv6, self).tearDown()
236 if not self.vpp_dead:
237 self.logger.info(self.vapi.cli("show ip6 neighbors"))
238 # info(self.vapi.cli("show ip6 fib")) # many entries
240 def modify_packet(self, src_if, packet_size, pkt):
241 """Add load, set destination IP and extend packet to required packet
242 size for defined interface.
244 :param VppInterface src_if: Interface to create packet for.
245 :param int packet_size: Required packet size.
246 :param Scapy pkt: Packet to be modified.
248 dst_if_idx = int(packet_size / 10 % 2)
249 dst_if = self.flows[src_if][dst_if_idx]
250 info = self.create_packet_info(src_if, dst_if)
251 payload = self.info_to_payload(info)
252 p = pkt / Raw(payload)
253 p[IPv6].dst = dst_if.remote_ip6
255 if isinstance(src_if, VppSubInterface):
256 p = src_if.add_dot1_layer(p)
257 self.extend_packet(p, packet_size)
261 def create_stream(self, src_if):
262 """Create input packet stream for defined interface.
264 :param VppInterface src_if: Interface to create packet stream for.
266 hdr_ext = 4 if isinstance(src_if, VppSubInterface) else 0
267 pkt_tmpl = (Ether(dst=src_if.local_mac, src=src_if.remote_mac) /
268 IPv6(src=src_if.remote_ip6) /
269 inet6.UDP(sport=1234, dport=1234))
271 pkts = [self.modify_packet(src_if, i, pkt_tmpl)
272 for i in moves.range(self.pg_if_packet_sizes[0],
273 self.pg_if_packet_sizes[1], 10)]
274 pkts_b = [self.modify_packet(src_if, i, pkt_tmpl)
275 for i in moves.range(self.pg_if_packet_sizes[1] + hdr_ext,
276 self.pg_if_packet_sizes[2] + hdr_ext,
282 def verify_capture(self, dst_if, capture):
283 """Verify captured input packet stream for defined interface.
285 :param VppInterface dst_if: Interface to verify captured packet stream
287 :param list capture: Captured packet stream.
289 self.logger.info("Verifying capture on interface %s" % dst_if.name)
291 for i in self.interfaces:
292 last_info[i.sw_if_index] = None
294 dst_sw_if_index = dst_if.sw_if_index
295 if hasattr(dst_if, 'parent'):
297 for packet in capture:
299 # Check VLAN tags and Ethernet header
300 packet = dst_if.remove_dot1_layer(packet)
301 self.assertTrue(Dot1Q not in packet)
304 udp = packet[inet6.UDP]
305 payload_info = self.payload_to_info(packet[Raw])
306 packet_index = payload_info.index
307 self.assertEqual(payload_info.dst, dst_sw_if_index)
309 "Got packet on port %s: src=%u (id=%u)" %
310 (dst_if.name, payload_info.src, packet_index))
311 next_info = self.get_next_packet_info_for_interface2(
312 payload_info.src, dst_sw_if_index,
313 last_info[payload_info.src])
314 last_info[payload_info.src] = next_info
315 self.assertTrue(next_info is not None)
316 self.assertEqual(packet_index, next_info.index)
317 saved_packet = next_info.data
318 # Check standard fields
320 ip.src, saved_packet[IPv6].src)
322 ip.dst, saved_packet[IPv6].dst)
324 udp.sport, saved_packet[inet6.UDP].sport)
326 udp.dport, saved_packet[inet6.UDP].dport)
328 self.logger.error(ppp("Unexpected or invalid packet:", packet))
330 for i in self.interfaces:
331 remaining_packet = self.get_next_packet_info_for_interface2(
332 i.sw_if_index, dst_sw_if_index, last_info[i.sw_if_index])
333 self.assertTrue(remaining_packet is None,
334 "Interface %s: Packet expected from interface %s "
335 "didn't arrive" % (dst_if.name, i.name))
337 def test_next_header_anomaly(self):
338 """ IPv6 next header anomaly test
341 - ipv6 next header field = Fragment Header (44)
342 - next header is ICMPv6 Echo Request
343 - wait for reassembly
345 pkt = (Ether(src=self.pg0.local_mac, dst=self.pg0.remote_mac) /
346 IPv6(src=self.pg0.remote_ip6, dst=self.pg0.local_ip6, nh=44) /
349 self.pg0.add_stream(pkt)
352 # wait for reassembly
359 - Create IPv6 stream for pg0 interface
360 - Create IPv6 tagged streams for pg1's and pg2's subinterface.
361 - Send and verify received packets on each interface.
364 pkts = self.create_stream(self.pg0)
365 self.pg0.add_stream(pkts)
367 for i in self.sub_interfaces:
368 pkts = self.create_stream(i)
369 i.parent.add_stream(pkts)
371 self.pg_enable_capture(self.pg_interfaces)
374 pkts = self.pg0.get_capture()
375 self.verify_capture(self.pg0, pkts)
377 for i in self.sub_interfaces:
378 pkts = i.parent.get_capture()
379 self.verify_capture(i, pkts)
382 """ IPv6 Neighbour Solicitation Exceptions
385 - Send an NS Sourced from an address not covered by the link sub-net
386 - Send an NS to an mcast address the router has not joined
387 - Send NS for a target address the router does not onn.
391 # An NS from a non link source address
393 nsma = in6_getnsma(inet_pton(AF_INET6, self.pg0.local_ip6))
394 d = inet_ntop(AF_INET6, nsma)
396 p = (Ether(dst=in6_getnsmac(nsma)) /
397 IPv6(dst=d, src="2002::2") /
398 ICMPv6ND_NS(tgt=self.pg0.local_ip6) /
399 ICMPv6NDOptSrcLLAddr(
400 lladdr=self.pg0.remote_mac))
403 self.send_and_assert_no_replies(
405 "No response to NS source by address not on sub-net")
408 # An NS for sent to a solicited mcast group the router is
409 # not a member of FAILS
412 nsma = in6_getnsma(inet_pton(AF_INET6, "fd::ffff"))
413 d = inet_ntop(AF_INET6, nsma)
415 p = (Ether(dst=in6_getnsmac(nsma)) /
416 IPv6(dst=d, src=self.pg0.remote_ip6) /
417 ICMPv6ND_NS(tgt=self.pg0.local_ip6) /
418 ICMPv6NDOptSrcLLAddr(
419 lladdr=self.pg0.remote_mac))
422 self.send_and_assert_no_replies(
424 "No response to NS sent to unjoined mcast address")
427 # An NS whose target address is one the router does not own
429 nsma = in6_getnsma(inet_pton(AF_INET6, self.pg0.local_ip6))
430 d = inet_ntop(AF_INET6, nsma)
432 p = (Ether(dst=in6_getnsmac(nsma)) /
433 IPv6(dst=d, src=self.pg0.remote_ip6) /
434 ICMPv6ND_NS(tgt="fd::ffff") /
435 ICMPv6NDOptSrcLLAddr(
436 lladdr=self.pg0.remote_mac))
439 self.send_and_assert_no_replies(self.pg0, pkts,
440 "No response to NS for unknown target")
443 # A neighbor entry that has no associated FIB-entry
445 self.pg0.generate_remote_hosts(4)
446 nd_entry = VppNeighbor(self,
447 self.pg0.sw_if_index,
448 self.pg0.remote_hosts[2].mac,
449 self.pg0.remote_hosts[2].ip6,
451 nd_entry.add_vpp_config()
454 # check we have the neighbor, but no route
456 self.assertTrue(find_nbr(self,
457 self.pg0.sw_if_index,
458 self.pg0._remote_hosts[2].ip6))
459 self.assertFalse(find_route(self,
460 self.pg0._remote_hosts[2].ip6,
464 # send an NS from a link local address to the interface's global
467 p = (Ether(dst=in6_getnsmac(nsma), src=self.pg0.remote_mac) /
469 dst=d, src=self.pg0._remote_hosts[2].ip6_ll) /
470 ICMPv6ND_NS(tgt=self.pg0.local_ip6) /
471 ICMPv6NDOptSrcLLAddr(
472 lladdr=self.pg0.remote_mac))
474 self.send_and_expect_na(self.pg0, p,
475 "NS from link-local",
476 dst_ip=self.pg0._remote_hosts[2].ip6_ll,
477 tgt_ip=self.pg0.local_ip6)
480 # we should have learned an ND entry for the peer's link-local
481 # but not inserted a route to it in the FIB
483 self.assertTrue(find_nbr(self,
484 self.pg0.sw_if_index,
485 self.pg0._remote_hosts[2].ip6_ll))
486 self.assertFalse(find_route(self,
487 self.pg0._remote_hosts[2].ip6_ll,
491 # An NS to the router's own Link-local
493 p = (Ether(dst=in6_getnsmac(nsma), src=self.pg0.remote_mac) /
495 dst=d, src=self.pg0._remote_hosts[3].ip6_ll) /
496 ICMPv6ND_NS(tgt=self.pg0.local_ip6_ll) /
497 ICMPv6NDOptSrcLLAddr(
498 lladdr=self.pg0.remote_mac))
500 self.send_and_expect_na(self.pg0, p,
501 "NS to/from link-local",
502 dst_ip=self.pg0._remote_hosts[3].ip6_ll,
503 tgt_ip=self.pg0.local_ip6_ll)
506 # we should have learned an ND entry for the peer's link-local
507 # but not inserted a route to it in the FIB
509 self.assertTrue(find_nbr(self,
510 self.pg0.sw_if_index,
511 self.pg0._remote_hosts[3].ip6_ll))
512 self.assertFalse(find_route(self,
513 self.pg0._remote_hosts[3].ip6_ll,
516 def test_ns_duplicates(self):
520 # Generate some hosts on the LAN
522 self.pg1.generate_remote_hosts(3)
525 # Add host 1 on pg1 and pg2
527 ns_pg1 = VppNeighbor(self,
528 self.pg1.sw_if_index,
529 self.pg1.remote_hosts[1].mac,
530 self.pg1.remote_hosts[1].ip6)
531 ns_pg1.add_vpp_config()
532 ns_pg2 = VppNeighbor(self,
533 self.pg2.sw_if_index,
535 self.pg1.remote_hosts[1].ip6)
536 ns_pg2.add_vpp_config()
539 # IP packet destined for pg1 remote host arrives on pg1 again.
541 p = (Ether(dst=self.pg0.local_mac,
542 src=self.pg0.remote_mac) /
543 IPv6(src=self.pg0.remote_ip6,
544 dst=self.pg1.remote_hosts[1].ip6) /
545 inet6.UDP(sport=1234, dport=1234) /
548 self.pg0.add_stream(p)
549 self.pg_enable_capture(self.pg_interfaces)
552 rx1 = self.pg1.get_capture(1)
554 self.verify_ip(rx1[0],
556 self.pg1.remote_hosts[1].mac,
558 self.pg1.remote_hosts[1].ip6)
561 # remove the duplicate on pg1
562 # packet stream should generate NSs out of pg1
564 ns_pg1.remove_vpp_config()
566 self.send_and_expect_ns(self.pg0, self.pg1,
567 p, self.pg1.remote_hosts[1].ip6)
572 ns_pg1.add_vpp_config()
574 self.pg0.add_stream(p)
575 self.pg_enable_capture(self.pg_interfaces)
578 rx1 = self.pg1.get_capture(1)
580 self.verify_ip(rx1[0],
582 self.pg1.remote_hosts[1].mac,
584 self.pg1.remote_hosts[1].ip6)
586 def validate_ra(self, intf, rx, dst_ip=None, src_ip=None,
587 mtu=9000, pi_opt=None):
589 dst_ip = intf.remote_ip6
591 src_ip = mk_ll_addr(intf.local_mac)
593 # unicasted packets must come to the unicast mac
594 self.assertEqual(rx[Ether].dst, intf.remote_mac)
596 # and from the router's MAC
597 self.assertEqual(rx[Ether].src, intf.local_mac)
599 # the rx'd RA should be addressed to the sender's source
600 self.assertTrue(rx.haslayer(ICMPv6ND_RA))
601 self.assertEqual(in6_ptop(rx[IPv6].dst),
604 # and come from the router's link local
605 self.assertTrue(in6_islladdr(rx[IPv6].src))
606 self.assertEqual(in6_ptop(rx[IPv6].src), in6_ptop(src_ip))
608 # it should contain the links MTU
610 self.assertEqual(ra[ICMPv6NDOptMTU].mtu, mtu)
612 # it should contain the source's link layer address option
613 sll = ra[ICMPv6NDOptSrcLLAddr]
614 self.assertEqual(sll.lladdr, intf.local_mac)
617 # the RA should not contain prefix information
618 self.assertFalse(ra.haslayer(
619 ICMPv6NDOptPrefixInfo))
621 raos = rx.getlayer(ICMPv6NDOptPrefixInfo, 1)
623 # the options are nested in the scapy packet in way that i cannot
624 # decipher how to decode. this 1st layer of option always returns
625 # nested classes, so a direct obj1=obj2 comparison always fails.
626 # however, the getlayer(.., 2) does give one instance.
627 # so we cheat here and construct a new opt instance for comparison
628 rd = ICMPv6NDOptPrefixInfo(
629 prefixlen=raos.prefixlen,
633 if type(pi_opt) is list:
634 for ii in range(len(pi_opt)):
635 self.assertEqual(pi_opt[ii], rd)
637 ICMPv6NDOptPrefixInfo, ii + 2)
639 self.assertEqual(pi_opt, raos, 'Expected: %s, received: %s'
640 % (pi_opt.show(dump=True),
641 raos.show(dump=True)))
643 def send_and_expect_ra(self, intf, pkts, remark, dst_ip=None,
644 filter_out_fn=is_ipv6_misc,
647 self.vapi.cli("clear trace")
648 intf.add_stream(pkts)
649 self.pg_enable_capture(self.pg_interfaces)
651 rx = intf.get_capture(1, filter_out_fn=filter_out_fn)
653 self.assertEqual(len(rx), 1)
655 self.validate_ra(intf, rx, dst_ip, src_ip=src_ip, pi_opt=opt)
658 """ IPv6 Router Solicitation Exceptions
664 # Before we begin change the IPv6 RA responses to use the unicast
665 # address - that way we will not confuse them with the periodic
666 # RAs which go to the mcast address
667 # Sit and wait for the first periodic RA.
671 self.pg0.ip6_ra_config(send_unicast=1)
674 # An RS from a link source address
675 # - expect an RA in return
677 p = (Ether(dst=self.pg0.local_mac, src=self.pg0.remote_mac) /
678 IPv6(dst=self.pg0.local_ip6, src=self.pg0.remote_ip6) /
681 self.send_and_expect_ra(self.pg0, pkts, "Genuine RS")
684 # For the next RS sent the RA should be rate limited
686 self.send_and_assert_no_replies(self.pg0, pkts, "RA rate limited")
689 # When we reconfigure the IPv6 RA config,
690 # we reset the RA rate limiting,
691 # so we need to do this before each test below so as not to drop
692 # packets for rate limiting reasons. Test this works here.
694 self.pg0.ip6_ra_config(send_unicast=1)
695 self.send_and_expect_ra(self.pg0, pkts, "Rate limit reset RS")
698 # An RS sent from a non-link local source
700 self.pg0.ip6_ra_config(send_unicast=1)
701 p = (Ether(dst=self.pg0.local_mac, src=self.pg0.remote_mac) /
702 IPv6(dst=self.pg0.local_ip6,
706 self.send_and_assert_no_replies(self.pg0, pkts,
707 "RS from non-link source")
710 # Source an RS from a link local address
712 self.pg0.ip6_ra_config(send_unicast=1)
713 ll = mk_ll_addr(self.pg0.remote_mac)
714 p = (Ether(dst=self.pg0.local_mac, src=self.pg0.remote_mac) /
715 IPv6(dst=self.pg0.local_ip6, src=ll) /
718 self.send_and_expect_ra(self.pg0, pkts,
719 "RS sourced from link-local",
723 # Send the RS multicast
725 self.pg0.ip6_ra_config(send_unicast=1)
726 dmac = in6_getnsmac(inet_pton(AF_INET6, "ff02::2"))
727 ll = mk_ll_addr(self.pg0.remote_mac)
728 p = (Ether(dst=dmac, src=self.pg0.remote_mac) /
729 IPv6(dst="ff02::2", src=ll) /
732 self.send_and_expect_ra(self.pg0, pkts,
733 "RS sourced from link-local",
737 # Source from the unspecified address ::. This happens when the RS
738 # is sent before the host has a configured address/sub-net,
739 # i.e. auto-config. Since the sender has no IP address, the reply
740 # comes back mcast - so the capture needs to not filter this.
741 # If we happen to pick up the periodic RA at this point then so be it,
744 self.pg0.ip6_ra_config(send_unicast=1, suppress=1)
745 p = (Ether(dst=dmac, src=self.pg0.remote_mac) /
746 IPv6(dst="ff02::2", src="::") /
749 self.send_and_expect_ra(self.pg0, pkts,
750 "RS sourced from unspecified",
755 # Configure The RA to announce the links prefix
757 self.pg0.ip6_ra_prefix('%s/%s' % (self.pg0.local_ip6,
758 self.pg0.local_ip6_prefix_len))
761 # RAs should now contain the prefix information option
763 opt = ICMPv6NDOptPrefixInfo(
764 prefixlen=self.pg0.local_ip6_prefix_len,
765 prefix=self.pg0.local_ip6,
769 self.pg0.ip6_ra_config(send_unicast=1)
770 ll = mk_ll_addr(self.pg0.remote_mac)
771 p = (Ether(dst=self.pg0.local_mac, src=self.pg0.remote_mac) /
772 IPv6(dst=self.pg0.local_ip6, src=ll) /
774 self.send_and_expect_ra(self.pg0, p,
775 "RA with prefix-info",
780 # Change the prefix info to not off-link
783 self.pg0.ip6_ra_prefix('%s/%s' % (self.pg0.local_ip6,
784 self.pg0.local_ip6_prefix_len),
787 opt = ICMPv6NDOptPrefixInfo(
788 prefixlen=self.pg0.local_ip6_prefix_len,
789 prefix=self.pg0.local_ip6,
793 self.pg0.ip6_ra_config(send_unicast=1)
794 self.send_and_expect_ra(self.pg0, p,
795 "RA with Prefix info with L-flag=0",
800 # Change the prefix info to not off-link, no-autoconfig
801 # L and A flag are clear in the advert
803 self.pg0.ip6_ra_prefix('%s/%s' % (self.pg0.local_ip6,
804 self.pg0.local_ip6_prefix_len),
808 opt = ICMPv6NDOptPrefixInfo(
809 prefixlen=self.pg0.local_ip6_prefix_len,
810 prefix=self.pg0.local_ip6,
814 self.pg0.ip6_ra_config(send_unicast=1)
815 self.send_and_expect_ra(self.pg0, p,
816 "RA with Prefix info with A & L-flag=0",
821 # Change the flag settings back to the defaults
822 # L and A flag are set in the advert
824 self.pg0.ip6_ra_prefix('%s/%s' % (self.pg0.local_ip6,
825 self.pg0.local_ip6_prefix_len))
827 opt = ICMPv6NDOptPrefixInfo(
828 prefixlen=self.pg0.local_ip6_prefix_len,
829 prefix=self.pg0.local_ip6,
833 self.pg0.ip6_ra_config(send_unicast=1)
834 self.send_and_expect_ra(self.pg0, p,
835 "RA with Prefix info",
840 # Change the prefix info to not off-link, no-autoconfig
841 # L and A flag are clear in the advert
843 self.pg0.ip6_ra_prefix('%s/%s' % (self.pg0.local_ip6,
844 self.pg0.local_ip6_prefix_len),
848 opt = ICMPv6NDOptPrefixInfo(
849 prefixlen=self.pg0.local_ip6_prefix_len,
850 prefix=self.pg0.local_ip6,
854 self.pg0.ip6_ra_config(send_unicast=1)
855 self.send_and_expect_ra(self.pg0, p,
856 "RA with Prefix info with A & L-flag=0",
861 # Use the reset to defaults option to revert to defaults
862 # L and A flag are clear in the advert
864 self.pg0.ip6_ra_prefix('%s/%s' % (self.pg0.local_ip6,
865 self.pg0.local_ip6_prefix_len),
868 opt = ICMPv6NDOptPrefixInfo(
869 prefixlen=self.pg0.local_ip6_prefix_len,
870 prefix=self.pg0.local_ip6,
874 self.pg0.ip6_ra_config(send_unicast=1)
875 self.send_and_expect_ra(self.pg0, p,
876 "RA with Prefix reverted to defaults",
881 # Advertise Another prefix. With no L-flag/A-flag
883 self.pg0.ip6_ra_prefix('%s/%s' % (self.pg1.local_ip6,
884 self.pg1.local_ip6_prefix_len),
888 opt = [ICMPv6NDOptPrefixInfo(
889 prefixlen=self.pg0.local_ip6_prefix_len,
890 prefix=self.pg0.local_ip6,
893 ICMPv6NDOptPrefixInfo(
894 prefixlen=self.pg1.local_ip6_prefix_len,
895 prefix=self.pg1.local_ip6,
899 self.pg0.ip6_ra_config(send_unicast=1)
900 ll = mk_ll_addr(self.pg0.remote_mac)
901 p = (Ether(dst=self.pg0.local_mac, src=self.pg0.remote_mac) /
902 IPv6(dst=self.pg0.local_ip6, src=ll) /
904 self.send_and_expect_ra(self.pg0, p,
905 "RA with multiple Prefix infos",
910 # Remove the first prefix-info - expect the second is still in the
913 self.pg0.ip6_ra_prefix('%s/%s' % (self.pg0.local_ip6,
914 self.pg0.local_ip6_prefix_len),
917 opt = ICMPv6NDOptPrefixInfo(
918 prefixlen=self.pg1.local_ip6_prefix_len,
919 prefix=self.pg1.local_ip6,
923 self.pg0.ip6_ra_config(send_unicast=1)
924 self.send_and_expect_ra(self.pg0, p,
925 "RA with Prefix reverted to defaults",
930 # Remove the second prefix-info - expect no prefix-info in the adverts
932 self.pg0.ip6_ra_prefix('%s/%s' % (self.pg1.local_ip6,
933 self.pg1.local_ip6_prefix_len),
937 # change the link's link local, so we know that works too.
939 self.vapi.sw_interface_ip6_set_link_local_address(
940 sw_if_index=self.pg0.sw_if_index,
943 self.pg0.ip6_ra_config(send_unicast=1)
944 self.send_and_expect_ra(self.pg0, p,
945 "RA with Prefix reverted to defaults",
950 # Reset the periodic advertisements back to default values
952 self.pg0.ip6_ra_config(no=1, suppress=1, send_unicast=0)
957 # test one MLD is sent after applying an IPv6 Address on an interface
959 self.pg_enable_capture(self.pg_interfaces)
962 subitf = VppDot1QSubint(self, self.pg1, 99)
967 rxs = self.pg1._get_capture(timeout=4, filter_out_fn=None)
970 # hunt for the MLD on vlan 99
973 # make sure ipv6 packets with hop by hop options have
975 self.assert_packet_checksums_valid(rx)
976 if rx.haslayer(IPv6ExtHdrHopByHop) and \
977 rx.haslayer(Dot1Q) and \
978 rx[Dot1Q].vlan == 99:
979 mld = rx[ICMPv6MLReport2]
981 self.assertEqual(mld.records_number, 4)
984 class TestIPv6RouteLookup(VppTestCase):
985 """ IPv6 Route Lookup Test Case """
988 def route_lookup(self, prefix, exact):
989 return self.vapi.api(self.vapi.papi.ip_route_lookup,
998 super(TestIPv6RouteLookup, cls).setUpClass()
1001 def tearDownClass(cls):
1002 super(TestIPv6RouteLookup, cls).tearDownClass()
1005 super(TestIPv6RouteLookup, self).setUp()
1007 drop_nh = VppRoutePath("::1", 0xffffffff,
1008 type=FibPathType.FIB_PATH_TYPE_DROP)
1011 r = VppIpRoute(self, "2001:1111::", 32, [drop_nh])
1013 self.routes.append(r)
1015 r = VppIpRoute(self, "2001:1111:2222::", 48, [drop_nh])
1017 self.routes.append(r)
1019 r = VppIpRoute(self, "2001:1111:2222::1", 128, [drop_nh])
1021 self.routes.append(r)
1024 # Remove the routes we added
1025 for r in self.routes:
1026 r.remove_vpp_config()
1028 super(TestIPv6RouteLookup, self).tearDown()
1030 def test_exact_match(self):
1031 # Verify we find the host route
1032 prefix = "2001:1111:2222::1/128"
1033 result = self.route_lookup(prefix, True)
1034 assert (prefix == str(result.route.prefix))
1036 # Verify we find a middle prefix route
1037 prefix = "2001:1111:2222::/48"
1038 result = self.route_lookup(prefix, True)
1039 assert (prefix == str(result.route.prefix))
1041 # Verify we do not find an available LPM.
1042 with self.vapi.assert_negative_api_retval():
1043 self.route_lookup("2001::2/128", True)
1045 def test_longest_prefix_match(self):
1046 # verify we find lpm
1047 lpm_prefix = "2001:1111:2222::/48"
1048 result = self.route_lookup("2001:1111:2222::2/128", False)
1049 assert (lpm_prefix == str(result.route.prefix))
1051 # Verify we find the exact when not requested
1052 result = self.route_lookup(lpm_prefix, False)
1053 assert (lpm_prefix == str(result.route.prefix))
1055 # Can't seem to delete the default route so no negative LPM test.
1058 class TestIPv6IfAddrRoute(VppTestCase):
1059 """ IPv6 Interface Addr Route Test Case """
1062 def setUpClass(cls):
1063 super(TestIPv6IfAddrRoute, cls).setUpClass()
1066 def tearDownClass(cls):
1067 super(TestIPv6IfAddrRoute, cls).tearDownClass()
1070 super(TestIPv6IfAddrRoute, self).setUp()
1072 # create 1 pg interface
1073 self.create_pg_interfaces(range(1))
1075 for i in self.pg_interfaces:
1081 super(TestIPv6IfAddrRoute, self).tearDown()
1082 for i in self.pg_interfaces:
1086 def test_ipv6_ifaddrs_same_prefix(self):
1087 """ IPv6 Interface Addresses Same Prefix test
1091 - Verify no route in FIB for prefix 2001:10::/64
1092 - Configure IPv4 address 2001:10::10/64 on an interface
1093 - Verify route in FIB for prefix 2001:10::/64
1094 - Configure IPv4 address 2001:10::20/64 on an interface
1095 - Delete 2001:10::10/64 from interface
1096 - Verify route in FIB for prefix 2001:10::/64
1097 - Delete 2001:10::20/64 from interface
1098 - Verify no route in FIB for prefix 2001:10::/64
1101 addr1 = "2001:10::10"
1102 addr2 = "2001:10::20"
1104 if_addr1 = VppIpInterfaceAddress(self, self.pg0, addr1, 64)
1105 if_addr2 = VppIpInterfaceAddress(self, self.pg0, addr2, 64)
1106 self.assertFalse(if_addr1.query_vpp_config())
1107 self.assertFalse(find_route(self, addr1, 128))
1108 self.assertFalse(find_route(self, addr2, 128))
1110 # configure first address, verify route present
1111 if_addr1.add_vpp_config()
1112 self.assertTrue(if_addr1.query_vpp_config())
1113 self.assertTrue(find_route(self, addr1, 128))
1114 self.assertFalse(find_route(self, addr2, 128))
1116 # configure second address, delete first, verify route not removed
1117 if_addr2.add_vpp_config()
1118 if_addr1.remove_vpp_config()
1119 self.assertFalse(if_addr1.query_vpp_config())
1120 self.assertTrue(if_addr2.query_vpp_config())
1121 self.assertFalse(find_route(self, addr1, 128))
1122 self.assertTrue(find_route(self, addr2, 128))
1124 # delete second address, verify route removed
1125 if_addr2.remove_vpp_config()
1126 self.assertFalse(if_addr1.query_vpp_config())
1127 self.assertFalse(find_route(self, addr1, 128))
1128 self.assertFalse(find_route(self, addr2, 128))
1130 def test_ipv6_ifaddr_del(self):
1131 """ Delete an interface address that does not exist """
1133 loopbacks = self.create_loopback_interfaces(1)
1134 lo = self.lo_interfaces[0]
1140 # try and remove pg0's subnet from lo
1142 with self.vapi.assert_negative_api_retval():
1143 self.vapi.sw_interface_add_del_address(
1144 sw_if_index=lo.sw_if_index,
1145 prefix=self.pg0.local_ip6_prefix,
1149 class TestICMPv6Echo(VppTestCase):
1150 """ ICMPv6 Echo Test Case """
1153 def setUpClass(cls):
1154 super(TestICMPv6Echo, cls).setUpClass()
1157 def tearDownClass(cls):
1158 super(TestICMPv6Echo, cls).tearDownClass()
1161 super(TestICMPv6Echo, self).setUp()
1163 # create 1 pg interface
1164 self.create_pg_interfaces(range(1))
1166 for i in self.pg_interfaces:
1169 i.resolve_ndp(link_layer=True)
1173 super(TestICMPv6Echo, self).tearDown()
1174 for i in self.pg_interfaces:
1178 def test_icmpv6_echo(self):
1179 """ VPP replies to ICMPv6 Echo Request
1183 - Receive ICMPv6 Echo Request message on pg0 interface.
1184 - Check outgoing ICMPv6 Echo Reply message on pg0 interface.
1187 # test both with global and local ipv6 addresses
1188 dsts = (self.pg0.local_ip6, self.pg0.local_ip6_ll)
1194 p.append((Ether(src=self.pg0.remote_mac, dst=self.pg0.local_mac) /
1195 IPv6(src=self.pg0.remote_ip6, dst=dst) /
1196 ICMPv6EchoRequest(id=id, seq=seq, data=data)))
1198 self.pg0.add_stream(p)
1199 self.pg_enable_capture(self.pg_interfaces)
1201 rxs = self.pg0.get_capture(len(dsts))
1203 for rx, dst in zip(rxs, dsts):
1206 icmpv6 = rx[ICMPv6EchoReply]
1207 self.assertEqual(ether.src, self.pg0.local_mac)
1208 self.assertEqual(ether.dst, self.pg0.remote_mac)
1209 self.assertEqual(ipv6.src, dst)
1210 self.assertEqual(ipv6.dst, self.pg0.remote_ip6)
1211 self.assertEqual(icmp6types[icmpv6.type], "Echo Reply")
1212 self.assertEqual(icmpv6.id, id)
1213 self.assertEqual(icmpv6.seq, seq)
1214 self.assertEqual(icmpv6.data, data)
1217 class TestIPv6RD(TestIPv6ND):
1218 """ IPv6 Router Discovery Test Case """
1221 def setUpClass(cls):
1222 super(TestIPv6RD, cls).setUpClass()
1225 def tearDownClass(cls):
1226 super(TestIPv6RD, cls).tearDownClass()
1229 super(TestIPv6RD, self).setUp()
1231 # create 2 pg interfaces
1232 self.create_pg_interfaces(range(2))
1234 self.interfaces = list(self.pg_interfaces)
1236 # setup all interfaces
1237 for i in self.interfaces:
1242 for i in self.interfaces:
1245 super(TestIPv6RD, self).tearDown()
1247 def test_rd_send_router_solicitation(self):
1248 """ Verify router solicitation packets """
1251 self.pg_enable_capture(self.pg_interfaces)
1253 self.vapi.ip6nd_send_router_solicitation(self.pg1.sw_if_index,
1255 rx_list = self.pg1.get_capture(count, timeout=3)
1256 self.assertEqual(len(rx_list), count)
1257 for packet in rx_list:
1258 self.assertEqual(packet.haslayer(IPv6), 1)
1259 self.assertEqual(packet[IPv6].haslayer(
1261 dst = ip6_normalize(packet[IPv6].dst)
1262 dst2 = ip6_normalize("ff02::2")
1263 self.assert_equal(dst, dst2)
1264 src = ip6_normalize(packet[IPv6].src)
1265 src2 = ip6_normalize(self.pg1.local_ip6_ll)
1266 self.assert_equal(src, src2)
1268 bool(packet[ICMPv6ND_RS].haslayer(
1269 ICMPv6NDOptSrcLLAddr)))
1271 packet[ICMPv6NDOptSrcLLAddr].lladdr,
1274 def verify_prefix_info(self, reported_prefix, prefix_option):
1275 prefix = IPv6Network(
1276 text_type(prefix_option.getfieldval("prefix") +
1278 text_type(prefix_option.getfieldval("prefixlen"))),
1280 self.assert_equal(reported_prefix.prefix.network_address,
1281 prefix.network_address)
1282 L = prefix_option.getfieldval("L")
1283 A = prefix_option.getfieldval("A")
1284 option_flags = (L << 7) | (A << 6)
1285 self.assert_equal(reported_prefix.flags, option_flags)
1286 self.assert_equal(reported_prefix.valid_time,
1287 prefix_option.getfieldval("validlifetime"))
1288 self.assert_equal(reported_prefix.preferred_time,
1289 prefix_option.getfieldval("preferredlifetime"))
1291 def test_rd_receive_router_advertisement(self):
1292 """ Verify events triggered by received RA packets """
1294 self.vapi.want_ip6_ra_events(enable=1)
1296 prefix_info_1 = ICMPv6NDOptPrefixInfo(
1300 preferredlifetime=500,
1305 prefix_info_2 = ICMPv6NDOptPrefixInfo(
1309 preferredlifetime=1000,
1314 p = (Ether(dst=self.pg1.local_mac, src=self.pg1.remote_mac) /
1315 IPv6(dst=self.pg1.local_ip6_ll,
1316 src=mk_ll_addr(self.pg1.remote_mac)) /
1320 self.pg1.add_stream([p])
1323 ev = self.vapi.wait_for_event(10, "ip6_ra_event")
1325 self.assert_equal(ev.current_hop_limit, 0)
1326 self.assert_equal(ev.flags, 8)
1327 self.assert_equal(ev.router_lifetime_in_sec, 1800)
1328 self.assert_equal(ev.neighbor_reachable_time_in_msec, 0)
1330 ev.time_in_msec_between_retransmitted_neighbor_solicitations, 0)
1332 self.assert_equal(ev.n_prefixes, 2)
1334 self.verify_prefix_info(ev.prefixes[0], prefix_info_1)
1335 self.verify_prefix_info(ev.prefixes[1], prefix_info_2)
1338 class TestIPv6RDControlPlane(TestIPv6ND):
1339 """ IPv6 Router Discovery Control Plane Test Case """
1342 def setUpClass(cls):
1343 super(TestIPv6RDControlPlane, cls).setUpClass()
1346 def tearDownClass(cls):
1347 super(TestIPv6RDControlPlane, cls).tearDownClass()
1350 super(TestIPv6RDControlPlane, self).setUp()
1352 # create 1 pg interface
1353 self.create_pg_interfaces(range(1))
1355 self.interfaces = list(self.pg_interfaces)
1357 # setup all interfaces
1358 for i in self.interfaces:
1363 super(TestIPv6RDControlPlane, self).tearDown()
1366 def create_ra_packet(pg, routerlifetime=None):
1367 src_ip = pg.remote_ip6_ll
1368 dst_ip = pg.local_ip6
1369 if routerlifetime is not None:
1370 ra = ICMPv6ND_RA(routerlifetime=routerlifetime)
1373 p = (Ether(dst=pg.local_mac, src=pg.remote_mac) /
1374 IPv6(dst=dst_ip, src=src_ip) / ra)
1378 def get_default_routes(fib):
1381 if entry.route.prefix.prefixlen == 0:
1382 for path in entry.route.paths:
1383 if path.sw_if_index != 0xFFFFFFFF:
1385 defaut_route['sw_if_index'] = path.sw_if_index
1386 defaut_route['next_hop'] = path.nh.address.ip6
1387 list.append(defaut_route)
1391 def get_interface_addresses(fib, pg):
1394 if entry.route.prefix.prefixlen == 128:
1395 path = entry.route.paths[0]
1396 if path.sw_if_index == pg.sw_if_index:
1397 list.append(str(entry.route.prefix.network_address))
1400 def wait_for_no_default_route(self, n_tries=50, s_time=1):
1402 fib = self.vapi.ip_route_dump(0, True)
1403 default_routes = self.get_default_routes(fib)
1404 if 0 == len(default_routes):
1406 n_tries = n_tries - 1
1412 """ Test handling of SLAAC addresses and default routes """
1414 fib = self.vapi.ip_route_dump(0, True)
1415 default_routes = self.get_default_routes(fib)
1416 initial_addresses = set(self.get_interface_addresses(fib, self.pg0))
1417 self.assertEqual(default_routes, [])
1418 router_address = IPv6Address(text_type(self.pg0.remote_ip6_ll))
1420 self.vapi.ip6_nd_address_autoconfig(self.pg0.sw_if_index, 1, 1)
1425 packet = (self.create_ra_packet(
1426 self.pg0) / ICMPv6NDOptPrefixInfo(
1430 preferredlifetime=2,
1433 ) / ICMPv6NDOptPrefixInfo(
1437 preferredlifetime=1000,
1441 self.pg0.add_stream([packet])
1444 self.sleep_on_vpp_time(0.1)
1446 fib = self.vapi.ip_route_dump(0, True)
1448 # check FIB for new address
1449 addresses = set(self.get_interface_addresses(fib, self.pg0))
1450 new_addresses = addresses.difference(initial_addresses)
1451 self.assertEqual(len(new_addresses), 1)
1452 prefix = IPv6Network(text_type("%s/%d" % (list(new_addresses)[0], 20)),
1454 self.assertEqual(prefix, IPv6Network(text_type('1::/20')))
1456 # check FIB for new default route
1457 default_routes = self.get_default_routes(fib)
1458 self.assertEqual(len(default_routes), 1)
1459 dr = default_routes[0]
1460 self.assertEqual(dr['sw_if_index'], self.pg0.sw_if_index)
1461 self.assertEqual(dr['next_hop'], router_address)
1463 # send RA to delete default route
1464 packet = self.create_ra_packet(self.pg0, routerlifetime=0)
1465 self.pg0.add_stream([packet])
1468 self.sleep_on_vpp_time(0.1)
1470 # check that default route is deleted
1471 fib = self.vapi.ip_route_dump(0, True)
1472 default_routes = self.get_default_routes(fib)
1473 self.assertEqual(len(default_routes), 0)
1475 self.sleep_on_vpp_time(0.1)
1478 packet = self.create_ra_packet(self.pg0)
1479 self.pg0.add_stream([packet])
1482 self.sleep_on_vpp_time(0.1)
1484 # check FIB for new default route
1485 fib = self.vapi.ip_route_dump(0, True)
1486 default_routes = self.get_default_routes(fib)
1487 self.assertEqual(len(default_routes), 1)
1488 dr = default_routes[0]
1489 self.assertEqual(dr['sw_if_index'], self.pg0.sw_if_index)
1490 self.assertEqual(dr['next_hop'], router_address)
1492 # send RA, updating router lifetime to 1s
1493 packet = self.create_ra_packet(self.pg0, 1)
1494 self.pg0.add_stream([packet])
1497 self.sleep_on_vpp_time(0.1)
1499 # check that default route still exists
1500 fib = self.vapi.ip_route_dump(0, True)
1501 default_routes = self.get_default_routes(fib)
1502 self.assertEqual(len(default_routes), 1)
1503 dr = default_routes[0]
1504 self.assertEqual(dr['sw_if_index'], self.pg0.sw_if_index)
1505 self.assertEqual(dr['next_hop'], router_address)
1507 self.sleep_on_vpp_time(1)
1509 # check that default route is deleted
1510 self.assertTrue(self.wait_for_no_default_route())
1512 # check FIB still contains the SLAAC address
1513 addresses = set(self.get_interface_addresses(fib, self.pg0))
1514 new_addresses = addresses.difference(initial_addresses)
1516 self.assertEqual(len(new_addresses), 1)
1517 prefix = IPv6Network(text_type("%s/%d" % (list(new_addresses)[0], 20)),
1519 self.assertEqual(prefix, IPv6Network(text_type('1::/20')))
1521 self.sleep_on_vpp_time(1)
1523 # check that SLAAC address is deleted
1524 fib = self.vapi.ip_route_dump(0, True)
1525 addresses = set(self.get_interface_addresses(fib, self.pg0))
1526 new_addresses = addresses.difference(initial_addresses)
1527 self.assertEqual(len(new_addresses), 0)
1530 class IPv6NDProxyTest(TestIPv6ND):
1531 """ IPv6 ND ProxyTest Case """
1534 def setUpClass(cls):
1535 super(IPv6NDProxyTest, cls).setUpClass()
1538 def tearDownClass(cls):
1539 super(IPv6NDProxyTest, cls).tearDownClass()
1542 super(IPv6NDProxyTest, self).setUp()
1544 # create 3 pg interfaces
1545 self.create_pg_interfaces(range(3))
1547 # pg0 is the master interface, with the configured subnet
1549 self.pg0.config_ip6()
1550 self.pg0.resolve_ndp()
1552 self.pg1.ip6_enable()
1553 self.pg2.ip6_enable()
1556 super(IPv6NDProxyTest, self).tearDown()
1558 def test_nd_proxy(self):
1559 """ IPv6 Proxy ND """
1562 # Generate some hosts in the subnet that we are proxying
1564 self.pg0.generate_remote_hosts(8)
1566 nsma = in6_getnsma(inet_pton(AF_INET6, self.pg0.local_ip6))
1567 d = inet_ntop(AF_INET6, nsma)
1570 # Send an NS for one of those remote hosts on one of the proxy links
1571 # expect no response since it's from an address that is not
1572 # on the link that has the prefix configured
1574 ns_pg1 = (Ether(dst=in6_getnsmac(nsma), src=self.pg1.remote_mac) /
1576 src=self.pg0._remote_hosts[2].ip6) /
1577 ICMPv6ND_NS(tgt=self.pg0.local_ip6) /
1578 ICMPv6NDOptSrcLLAddr(
1579 lladdr=self.pg0._remote_hosts[2].mac))
1581 self.send_and_assert_no_replies(self.pg1, ns_pg1, "Off link NS")
1584 # Add proxy support for the host
1586 self.vapi.ip6nd_proxy_add_del(
1587 is_add=1, ip=inet_pton(AF_INET6, self.pg0._remote_hosts[2].ip6),
1588 sw_if_index=self.pg1.sw_if_index)
1591 # try that NS again. this time we expect an NA back
1593 self.send_and_expect_na(self.pg1, ns_pg1,
1594 "NS to proxy entry",
1595 dst_ip=self.pg0._remote_hosts[2].ip6,
1596 tgt_ip=self.pg0.local_ip6)
1599 # ... and that we have an entry in the ND cache
1601 self.assertTrue(find_nbr(self,
1602 self.pg1.sw_if_index,
1603 self.pg0._remote_hosts[2].ip6))
1606 # ... and we can route traffic to it
1608 t = (Ether(dst=self.pg0.local_mac, src=self.pg0.remote_mac) /
1609 IPv6(dst=self.pg0._remote_hosts[2].ip6,
1610 src=self.pg0.remote_ip6) /
1611 inet6.UDP(sport=10000, dport=20000) /
1614 self.pg0.add_stream(t)
1615 self.pg_enable_capture(self.pg_interfaces)
1617 rx = self.pg1.get_capture(1)
1620 self.assertEqual(rx[Ether].dst, self.pg0._remote_hosts[2].mac)
1621 self.assertEqual(rx[Ether].src, self.pg1.local_mac)
1623 self.assertEqual(rx[IPv6].src,
1625 self.assertEqual(rx[IPv6].dst,
1629 # Test we proxy for the host on the main interface
1631 ns_pg0 = (Ether(dst=in6_getnsmac(nsma), src=self.pg0.remote_mac) /
1632 IPv6(dst=d, src=self.pg0.remote_ip6) /
1634 tgt=self.pg0._remote_hosts[2].ip6) /
1635 ICMPv6NDOptSrcLLAddr(
1636 lladdr=self.pg0.remote_mac))
1638 self.send_and_expect_na(self.pg0, ns_pg0,
1639 "NS to proxy entry on main",
1640 tgt_ip=self.pg0._remote_hosts[2].ip6,
1641 dst_ip=self.pg0.remote_ip6)
1644 # Setup and resolve proxy for another host on another interface
1646 ns_pg2 = (Ether(dst=in6_getnsmac(nsma), src=self.pg2.remote_mac) /
1648 src=self.pg0._remote_hosts[3].ip6) /
1649 ICMPv6ND_NS(tgt=self.pg0.local_ip6) /
1650 ICMPv6NDOptSrcLLAddr(
1651 lladdr=self.pg0._remote_hosts[2].mac))
1653 self.vapi.ip6nd_proxy_add_del(
1654 is_add=1, ip=inet_pton(AF_INET6, self.pg0._remote_hosts[3].ip6),
1655 sw_if_index=self.pg2.sw_if_index)
1657 self.send_and_expect_na(self.pg2, ns_pg2,
1658 "NS to proxy entry other interface",
1659 dst_ip=self.pg0._remote_hosts[3].ip6,
1660 tgt_ip=self.pg0.local_ip6)
1662 self.assertTrue(find_nbr(self,
1663 self.pg2.sw_if_index,
1664 self.pg0._remote_hosts[3].ip6))
1667 # hosts can communicate. pg2->pg1
1669 t2 = (Ether(dst=self.pg2.local_mac,
1670 src=self.pg0.remote_hosts[3].mac) /
1671 IPv6(dst=self.pg0._remote_hosts[2].ip6,
1672 src=self.pg0._remote_hosts[3].ip6) /
1673 inet6.UDP(sport=10000, dport=20000) /
1676 self.pg2.add_stream(t2)
1677 self.pg_enable_capture(self.pg_interfaces)
1679 rx = self.pg1.get_capture(1)
1682 self.assertEqual(rx[Ether].dst, self.pg0._remote_hosts[2].mac)
1683 self.assertEqual(rx[Ether].src, self.pg1.local_mac)
1685 self.assertEqual(rx[IPv6].src,
1687 self.assertEqual(rx[IPv6].dst,
1691 # remove the proxy configs
1693 self.vapi.ip6nd_proxy_add_del(
1694 ip=inet_pton(AF_INET6, self.pg0._remote_hosts[2].ip6),
1695 sw_if_index=self.pg1.sw_if_index, is_add=0)
1696 self.vapi.ip6nd_proxy_add_del(
1697 ip=inet_pton(AF_INET6, self.pg0._remote_hosts[3].ip6),
1698 sw_if_index=self.pg2.sw_if_index, is_add=0)
1700 self.assertFalse(find_nbr(self,
1701 self.pg2.sw_if_index,
1702 self.pg0._remote_hosts[3].ip6))
1703 self.assertFalse(find_nbr(self,
1704 self.pg1.sw_if_index,
1705 self.pg0._remote_hosts[2].ip6))
1708 # no longer proxy-ing...
1710 self.send_and_assert_no_replies(self.pg0, ns_pg0, "Proxy unconfigured")
1711 self.send_and_assert_no_replies(self.pg1, ns_pg1, "Proxy unconfigured")
1712 self.send_and_assert_no_replies(self.pg2, ns_pg2, "Proxy unconfigured")
1715 # no longer forwarding. traffic generates NS out of the glean/main
1718 self.pg2.add_stream(t2)
1719 self.pg_enable_capture(self.pg_interfaces)
1722 rx = self.pg0.get_capture(1)
1724 self.assertTrue(rx[0].haslayer(ICMPv6ND_NS))
1727 class TestIPNull(VppTestCase):
1728 """ IPv6 routes via NULL """
1731 def setUpClass(cls):
1732 super(TestIPNull, cls).setUpClass()
1735 def tearDownClass(cls):
1736 super(TestIPNull, cls).tearDownClass()
1739 super(TestIPNull, self).setUp()
1741 # create 2 pg interfaces
1742 self.create_pg_interfaces(range(1))
1744 for i in self.pg_interfaces:
1750 super(TestIPNull, self).tearDown()
1751 for i in self.pg_interfaces:
1755 def test_ip_null(self):
1756 """ IP NULL route """
1758 p = (Ether(src=self.pg0.remote_mac,
1759 dst=self.pg0.local_mac) /
1760 IPv6(src=self.pg0.remote_ip6, dst="2001::1") /
1761 inet6.UDP(sport=1234, dport=1234) /
1765 # A route via IP NULL that will reply with ICMP unreachables
1767 ip_unreach = VppIpRoute(
1769 [VppRoutePath("::", 0xffffffff,
1770 type=FibPathType.FIB_PATH_TYPE_ICMP_UNREACH)])
1771 ip_unreach.add_vpp_config()
1773 self.pg0.add_stream(p)
1774 self.pg_enable_capture(self.pg_interfaces)
1777 rx = self.pg0.get_capture(1)
1779 icmp = rx[ICMPv6DestUnreach]
1781 # 0 = "No route to destination"
1782 self.assertEqual(icmp.code, 0)
1784 # ICMP is rate limited. pause a bit
1788 # A route via IP NULL that will reply with ICMP prohibited
1790 ip_prohibit = VppIpRoute(
1791 self, "2001::1", 128,
1792 [VppRoutePath("::", 0xffffffff,
1793 type=FibPathType.FIB_PATH_TYPE_ICMP_PROHIBIT)])
1794 ip_prohibit.add_vpp_config()
1796 self.pg0.add_stream(p)
1797 self.pg_enable_capture(self.pg_interfaces)
1800 rx = self.pg0.get_capture(1)
1802 icmp = rx[ICMPv6DestUnreach]
1804 # 1 = "Communication with destination administratively prohibited"
1805 self.assertEqual(icmp.code, 1)
1808 class TestIPDisabled(VppTestCase):
1809 """ IPv6 disabled """
1812 def setUpClass(cls):
1813 super(TestIPDisabled, cls).setUpClass()
1816 def tearDownClass(cls):
1817 super(TestIPDisabled, cls).tearDownClass()
1820 super(TestIPDisabled, self).setUp()
1822 # create 2 pg interfaces
1823 self.create_pg_interfaces(range(2))
1827 self.pg0.config_ip6()
1828 self.pg0.resolve_ndp()
1830 # PG 1 is not IP enabled
1834 super(TestIPDisabled, self).tearDown()
1835 for i in self.pg_interfaces:
1839 def test_ip_disabled(self):
1842 MRouteItfFlags = VppEnum.vl_api_mfib_itf_flags_t
1843 MRouteEntryFlags = VppEnum.vl_api_mfib_entry_flags_t
1846 # one accepting interface, pg0, 2 forwarding interfaces
1848 route_ff_01 = VppIpMRoute(
1852 MRouteEntryFlags.MFIB_API_ENTRY_FLAG_NONE,
1853 [VppMRoutePath(self.pg1.sw_if_index,
1854 MRouteItfFlags.MFIB_API_ITF_FLAG_ACCEPT),
1855 VppMRoutePath(self.pg0.sw_if_index,
1856 MRouteItfFlags.MFIB_API_ITF_FLAG_FORWARD)])
1857 route_ff_01.add_vpp_config()
1859 pu = (Ether(src=self.pg1.remote_mac,
1860 dst=self.pg1.local_mac) /
1861 IPv6(src="2001::1", dst=self.pg0.remote_ip6) /
1862 inet6.UDP(sport=1234, dport=1234) /
1864 pm = (Ether(src=self.pg1.remote_mac,
1865 dst=self.pg1.local_mac) /
1866 IPv6(src="2001::1", dst="ffef::1") /
1867 inet6.UDP(sport=1234, dport=1234) /
1871 # PG1 does not forward IP traffic
1873 self.send_and_assert_no_replies(self.pg1, pu, "IPv6 disabled")
1874 self.send_and_assert_no_replies(self.pg1, pm, "IPv6 disabled")
1879 self.pg1.config_ip6()
1882 # Now we get packets through
1884 self.pg1.add_stream(pu)
1885 self.pg_enable_capture(self.pg_interfaces)
1887 rx = self.pg0.get_capture(1)
1889 self.pg1.add_stream(pm)
1890 self.pg_enable_capture(self.pg_interfaces)
1892 rx = self.pg0.get_capture(1)
1897 self.pg1.unconfig_ip6()
1900 # PG1 does not forward IP traffic
1902 self.send_and_assert_no_replies(self.pg1, pu, "IPv6 disabled")
1903 self.send_and_assert_no_replies(self.pg1, pm, "IPv6 disabled")
1906 class TestIP6LoadBalance(VppTestCase):
1907 """ IPv6 Load-Balancing """
1910 def setUpClass(cls):
1911 super(TestIP6LoadBalance, cls).setUpClass()
1914 def tearDownClass(cls):
1915 super(TestIP6LoadBalance, cls).tearDownClass()
1918 super(TestIP6LoadBalance, self).setUp()
1920 self.create_pg_interfaces(range(5))
1922 mpls_tbl = VppMplsTable(self, 0)
1923 mpls_tbl.add_vpp_config()
1925 for i in self.pg_interfaces:
1932 for i in self.pg_interfaces:
1936 super(TestIP6LoadBalance, self).tearDown()
1938 def pg_send(self, input, pkts):
1939 self.vapi.cli("clear trace")
1940 input.add_stream(pkts)
1941 self.pg_enable_capture(self.pg_interfaces)
1944 def send_and_expect_load_balancing(self, input, pkts, outputs):
1945 self.pg_send(input, pkts)
1948 rx = oo._get_capture(1)
1949 self.assertNotEqual(0, len(rx))
1953 def send_and_expect_one_itf(self, input, pkts, itf):
1954 self.pg_send(input, pkts)
1955 rx = itf.get_capture(len(pkts))
1957 def test_ip6_load_balance(self):
1958 """ IPv6 Load-Balancing """
1961 # An array of packets that differ only in the destination port
1965 # - MPLS non-EOS with an entropy label
1969 port_mpls_neos_pkts = []
1973 # An array of packets that differ only in the source address
1978 for ii in range(NUM_PKTS):
1980 IPv6(dst="3000::1", src="3000:1::1") /
1981 inet6.UDP(sport=1234, dport=1234 + ii) /
1983 port_ip_pkts.append((Ether(src=self.pg0.remote_mac,
1984 dst=self.pg0.local_mac) /
1986 port_mpls_pkts.append((Ether(src=self.pg0.remote_mac,
1987 dst=self.pg0.local_mac) /
1988 MPLS(label=66, ttl=2) /
1990 port_mpls_neos_pkts.append((Ether(src=self.pg0.remote_mac,
1991 dst=self.pg0.local_mac) /
1992 MPLS(label=67, ttl=2) /
1993 MPLS(label=77, ttl=2) /
1995 port_ent_pkts.append((Ether(src=self.pg0.remote_mac,
1996 dst=self.pg0.local_mac) /
1997 MPLS(label=67, ttl=2) /
1998 MPLS(label=14, ttl=2) /
1999 MPLS(label=999, ttl=2) /
2002 IPv6(dst="3000::1", src="3000:1::%d" % ii) /
2003 inet6.UDP(sport=1234, dport=1234) /
2005 src_ip_pkts.append((Ether(src=self.pg0.remote_mac,
2006 dst=self.pg0.local_mac) /
2008 src_mpls_pkts.append((Ether(src=self.pg0.remote_mac,
2009 dst=self.pg0.local_mac) /
2010 MPLS(label=66, ttl=2) /
2014 # A route for the IP packets
2016 route_3000_1 = VppIpRoute(self, "3000::1", 128,
2017 [VppRoutePath(self.pg1.remote_ip6,
2018 self.pg1.sw_if_index),
2019 VppRoutePath(self.pg2.remote_ip6,
2020 self.pg2.sw_if_index)])
2021 route_3000_1.add_vpp_config()
2024 # a local-label for the EOS packets
2026 binding = VppMplsIpBind(self, 66, "3000::1", 128, is_ip6=1)
2027 binding.add_vpp_config()
2030 # An MPLS route for the non-EOS packets
2032 route_67 = VppMplsRoute(self, 67, 0,
2033 [VppRoutePath(self.pg1.remote_ip6,
2034 self.pg1.sw_if_index,
2036 VppRoutePath(self.pg2.remote_ip6,
2037 self.pg2.sw_if_index,
2039 route_67.add_vpp_config()
2042 # inject the packet on pg0 - expect load-balancing across the 2 paths
2043 # - since the default hash config is to use IP src,dst and port
2045 # We are not going to ensure equal amounts of packets across each link,
2046 # since the hash algorithm is statistical and therefore this can never
2047 # be guaranteed. But with 64 different packets we do expect some
2048 # balancing. So instead just ensure there is traffic on each link.
2050 rx = self.send_and_expect_load_balancing(self.pg0, port_ip_pkts,
2051 [self.pg1, self.pg2])
2052 n_ip_pg0 = len(rx[0])
2053 self.send_and_expect_load_balancing(self.pg0, src_ip_pkts,
2054 [self.pg1, self.pg2])
2055 self.send_and_expect_load_balancing(self.pg0, port_mpls_pkts,
2056 [self.pg1, self.pg2])
2057 self.send_and_expect_load_balancing(self.pg0, src_mpls_pkts,
2058 [self.pg1, self.pg2])
2059 rx = self.send_and_expect_load_balancing(self.pg0, port_mpls_neos_pkts,
2060 [self.pg1, self.pg2])
2061 n_mpls_pg0 = len(rx[0])
2064 # change the router ID and expect the distribution changes
2066 self.vapi.set_ip_flow_hash_router_id(router_id=0x11111111)
2068 rx = self.send_and_expect_load_balancing(self.pg0, port_ip_pkts,
2069 [self.pg1, self.pg2])
2070 self.assertNotEqual(n_ip_pg0, len(rx[0]))
2072 rx = self.send_and_expect_load_balancing(self.pg0, src_mpls_pkts,
2073 [self.pg1, self.pg2])
2074 self.assertNotEqual(n_mpls_pg0, len(rx[0]))
2077 # The packets with Entropy label in should not load-balance,
2078 # since the Entropy value is fixed.
2080 self.send_and_expect_one_itf(self.pg0, port_ent_pkts, self.pg1)
2083 # change the flow hash config so it's only IP src,dst
2084 # - now only the stream with differing source address will
2087 self.vapi.set_ip_flow_hash(vrf_id=0, src=1, dst=1, proto=1,
2088 sport=0, dport=0, is_ipv6=1)
2090 self.send_and_expect_load_balancing(self.pg0, src_ip_pkts,
2091 [self.pg1, self.pg2])
2092 self.send_and_expect_load_balancing(self.pg0, src_mpls_pkts,
2093 [self.pg1, self.pg2])
2094 self.send_and_expect_one_itf(self.pg0, port_ip_pkts, self.pg2)
2097 # change the flow hash config back to defaults
2099 self.vapi.set_ip_flow_hash(vrf_id=0, src=1, dst=1, sport=1, dport=1,
2103 # Recursive prefixes
2104 # - testing that 2 stages of load-balancing occurs and there is no
2105 # polarisation (i.e. only 2 of 4 paths are used)
2110 for ii in range(257):
2111 port_pkts.append((Ether(src=self.pg0.remote_mac,
2112 dst=self.pg0.local_mac) /
2115 inet6.UDP(sport=1234,
2117 Raw(b'\xa5' * 100)))
2118 src_pkts.append((Ether(src=self.pg0.remote_mac,
2119 dst=self.pg0.local_mac) /
2121 src="4000:1::%d" % ii) /
2122 inet6.UDP(sport=1234, dport=1234) /
2123 Raw(b'\xa5' * 100)))
2125 route_3000_2 = VppIpRoute(self, "3000::2", 128,
2126 [VppRoutePath(self.pg3.remote_ip6,
2127 self.pg3.sw_if_index),
2128 VppRoutePath(self.pg4.remote_ip6,
2129 self.pg4.sw_if_index)])
2130 route_3000_2.add_vpp_config()
2132 route_4000_1 = VppIpRoute(self, "4000::1", 128,
2133 [VppRoutePath("3000::1",
2135 VppRoutePath("3000::2",
2137 route_4000_1.add_vpp_config()
2140 # inject the packet on pg0 - expect load-balancing across all 4 paths
2142 self.vapi.cli("clear trace")
2143 self.send_and_expect_load_balancing(self.pg0, port_pkts,
2144 [self.pg1, self.pg2,
2145 self.pg3, self.pg4])
2146 self.send_and_expect_load_balancing(self.pg0, src_pkts,
2147 [self.pg1, self.pg2,
2148 self.pg3, self.pg4])
2151 # Recursive prefixes
2152 # - testing that 2 stages of load-balancing no choices
2156 for ii in range(257):
2157 port_pkts.append((Ether(src=self.pg0.remote_mac,
2158 dst=self.pg0.local_mac) /
2161 inet6.UDP(sport=1234,
2163 Raw(b'\xa5' * 100)))
2165 route_5000_2 = VppIpRoute(self, "5000::2", 128,
2166 [VppRoutePath(self.pg3.remote_ip6,
2167 self.pg3.sw_if_index)])
2168 route_5000_2.add_vpp_config()
2170 route_6000_1 = VppIpRoute(self, "6000::1", 128,
2171 [VppRoutePath("5000::2",
2173 route_6000_1.add_vpp_config()
2176 # inject the packet on pg0 - expect load-balancing across all 4 paths
2178 self.vapi.cli("clear trace")
2179 self.send_and_expect_one_itf(self.pg0, port_pkts, self.pg3)
2182 class TestIP6Punt(VppTestCase):
2183 """ IPv6 Punt Police/Redirect """
2186 def setUpClass(cls):
2187 super(TestIP6Punt, cls).setUpClass()
2190 def tearDownClass(cls):
2191 super(TestIP6Punt, cls).tearDownClass()
2194 super(TestIP6Punt, self).setUp()
2196 self.create_pg_interfaces(range(4))
2198 for i in self.pg_interfaces:
2204 super(TestIP6Punt, self).tearDown()
2205 for i in self.pg_interfaces:
2209 def test_ip_punt(self):
2210 """ IP6 punt police and redirect """
2212 p = (Ether(src=self.pg0.remote_mac,
2213 dst=self.pg0.local_mac) /
2214 IPv6(src=self.pg0.remote_ip6,
2215 dst=self.pg0.local_ip6) /
2216 inet6.TCP(sport=1234, dport=1234) /
2222 # Configure a punt redirect via pg1.
2224 nh_addr = self.pg1.remote_ip6
2225 ip_punt_redirect = VppIpPuntRedirect(self, self.pg0.sw_if_index,
2226 self.pg1.sw_if_index, nh_addr)
2227 ip_punt_redirect.add_vpp_config()
2229 self.send_and_expect(self.pg0, pkts, self.pg1)
2234 policer = VppPolicer(self, "ip6-punt", 400, 0, 10, 0, rate_type=1)
2235 policer.add_vpp_config()
2236 ip_punt_policer = VppIpPuntPolicer(self, policer.policer_index,
2238 ip_punt_policer.add_vpp_config()
2240 self.vapi.cli("clear trace")
2241 self.pg0.add_stream(pkts)
2242 self.pg_enable_capture(self.pg_interfaces)
2246 # the number of packet received should be greater than 0,
2247 # but not equal to the number sent, since some were policed
2249 rx = self.pg1._get_capture(1)
2250 self.assertGreater(len(rx), 0)
2251 self.assertLess(len(rx), len(pkts))
2254 # remove the policer. back to full rx
2256 ip_punt_policer.remove_vpp_config()
2257 policer.remove_vpp_config()
2258 self.send_and_expect(self.pg0, pkts, self.pg1)
2261 # remove the redirect. expect full drop.
2263 ip_punt_redirect.remove_vpp_config()
2264 self.send_and_assert_no_replies(self.pg0, pkts,
2265 "IP no punt config")
2268 # Add a redirect that is not input port selective
2270 ip_punt_redirect = VppIpPuntRedirect(self, 0xffffffff,
2271 self.pg1.sw_if_index, nh_addr)
2272 ip_punt_redirect.add_vpp_config()
2273 self.send_and_expect(self.pg0, pkts, self.pg1)
2274 ip_punt_redirect.remove_vpp_config()
2276 def test_ip_punt_dump(self):
2277 """ IP6 punt redirect dump"""
2280 # Configure a punt redirects
2282 nh_address = self.pg3.remote_ip6
2283 ipr_03 = VppIpPuntRedirect(self, self.pg0.sw_if_index,
2284 self.pg3.sw_if_index, nh_address)
2285 ipr_13 = VppIpPuntRedirect(self, self.pg1.sw_if_index,
2286 self.pg3.sw_if_index, nh_address)
2287 ipr_23 = VppIpPuntRedirect(self, self.pg2.sw_if_index,
2288 self.pg3.sw_if_index, '0::0')
2289 ipr_03.add_vpp_config()
2290 ipr_13.add_vpp_config()
2291 ipr_23.add_vpp_config()
2294 # Dump pg0 punt redirects
2296 self.assertTrue(ipr_03.query_vpp_config())
2297 self.assertTrue(ipr_13.query_vpp_config())
2298 self.assertTrue(ipr_23.query_vpp_config())
2301 # Dump punt redirects for all interfaces
2303 punts = self.vapi.ip_punt_redirect_dump(0xffffffff, is_ipv6=1)
2304 self.assertEqual(len(punts), 3)
2306 self.assertEqual(p.punt.tx_sw_if_index, self.pg3.sw_if_index)
2307 self.assertNotEqual(punts[1].punt.nh, self.pg3.remote_ip6)
2308 self.assertEqual(str(punts[2].punt.nh), '::')
2311 class TestIPDeag(VppTestCase):
2312 """ IPv6 Deaggregate Routes """
2315 def setUpClass(cls):
2316 super(TestIPDeag, cls).setUpClass()
2319 def tearDownClass(cls):
2320 super(TestIPDeag, cls).tearDownClass()
2323 super(TestIPDeag, self).setUp()
2325 self.create_pg_interfaces(range(3))
2327 for i in self.pg_interfaces:
2333 super(TestIPDeag, self).tearDown()
2334 for i in self.pg_interfaces:
2338 def test_ip_deag(self):
2339 """ IP Deag Routes """
2342 # Create a table to be used for:
2343 # 1 - another destination address lookup
2344 # 2 - a source address lookup
2346 table_dst = VppIpTable(self, 1, is_ip6=1)
2347 table_src = VppIpTable(self, 2, is_ip6=1)
2348 table_dst.add_vpp_config()
2349 table_src.add_vpp_config()
2352 # Add a route in the default table to point to a deag/
2353 # second lookup in each of these tables
2355 route_to_dst = VppIpRoute(self, "1::1", 128,
2359 route_to_src = VppIpRoute(
2364 type=FibPathType.FIB_PATH_TYPE_SOURCE_LOOKUP)])
2366 route_to_dst.add_vpp_config()
2367 route_to_src.add_vpp_config()
2370 # packets to these destination are dropped, since they'll
2371 # hit the respective default routes in the second table
2373 p_dst = (Ether(src=self.pg0.remote_mac,
2374 dst=self.pg0.local_mac) /
2375 IPv6(src="5::5", dst="1::1") /
2376 inet6.TCP(sport=1234, dport=1234) /
2378 p_src = (Ether(src=self.pg0.remote_mac,
2379 dst=self.pg0.local_mac) /
2380 IPv6(src="2::2", dst="1::2") /
2381 inet6.TCP(sport=1234, dport=1234) /
2383 pkts_dst = p_dst * 257
2384 pkts_src = p_src * 257
2386 self.send_and_assert_no_replies(self.pg0, pkts_dst,
2388 self.send_and_assert_no_replies(self.pg0, pkts_src,
2392 # add a route in the dst table to forward via pg1
2394 route_in_dst = VppIpRoute(self, "1::1", 128,
2395 [VppRoutePath(self.pg1.remote_ip6,
2396 self.pg1.sw_if_index)],
2398 route_in_dst.add_vpp_config()
2400 self.send_and_expect(self.pg0, pkts_dst, self.pg1)
2403 # add a route in the src table to forward via pg2
2405 route_in_src = VppIpRoute(self, "2::2", 128,
2406 [VppRoutePath(self.pg2.remote_ip6,
2407 self.pg2.sw_if_index)],
2409 route_in_src.add_vpp_config()
2410 self.send_and_expect(self.pg0, pkts_src, self.pg2)
2413 # loop in the lookup DP
2415 route_loop = VppIpRoute(self, "3::3", 128,
2418 route_loop.add_vpp_config()
2420 p_l = (Ether(src=self.pg0.remote_mac,
2421 dst=self.pg0.local_mac) /
2422 IPv6(src="3::4", dst="3::3") /
2423 inet6.TCP(sport=1234, dport=1234) /
2426 self.send_and_assert_no_replies(self.pg0, p_l * 257,
2430 class TestIP6Input(VppTestCase):
2431 """ IPv6 Input Exception Test Cases """
2434 def setUpClass(cls):
2435 super(TestIP6Input, cls).setUpClass()
2438 def tearDownClass(cls):
2439 super(TestIP6Input, cls).tearDownClass()
2442 super(TestIP6Input, self).setUp()
2444 self.create_pg_interfaces(range(2))
2446 for i in self.pg_interfaces:
2452 super(TestIP6Input, self).tearDown()
2453 for i in self.pg_interfaces:
2457 def test_ip_input_icmp_reply(self):
2458 """ IP6 Input Exception - Return ICMP (3,0) """
2460 # hop limit - ICMP replies
2462 p_version = (Ether(src=self.pg0.remote_mac,
2463 dst=self.pg0.local_mac) /
2464 IPv6(src=self.pg0.remote_ip6,
2465 dst=self.pg1.remote_ip6,
2467 inet6.UDP(sport=1234, dport=1234) /
2470 rx = self.send_and_expect(self.pg0, p_version * NUM_PKTS, self.pg0)
2472 icmp = rx[ICMPv6TimeExceeded]
2474 # 0: "hop limit exceeded in transit",
2475 self.assertEqual((icmp.type, icmp.code), (3, 0))
2477 icmpv6_data = '\x0a' * 18
2479 all_1s = "FFFF:FFFF:FFFF:FFFF:FFFF:FFFF:FFFF:FFFF"
2481 @parameterized.expand([
2482 # Name, src, dst, l4proto, msg, timeout
2483 ("src='iface', dst='iface'", None, None,
2484 inet6.UDP(sport=1234, dport=1234), "funky version", None),
2485 ("src='All 0's', dst='iface'", all_0s, None,
2486 ICMPv6EchoRequest(id=0xb, seq=5, data=icmpv6_data), None, 0.1),
2487 ("src='iface', dst='All 0's'", None, all_0s,
2488 ICMPv6EchoRequest(id=0xb, seq=5, data=icmpv6_data), None, 0.1),
2489 ("src='All 1's', dst='iface'", all_1s, None,
2490 ICMPv6EchoRequest(id=0xb, seq=5, data=icmpv6_data), None, 0.1),
2491 ("src='iface', dst='All 1's'", None, all_1s,
2492 ICMPv6EchoRequest(id=0xb, seq=5, data=icmpv6_data), None, 0.1),
2493 ("src='All 1's', dst='All 1's'", all_1s, all_1s,
2494 ICMPv6EchoRequest(id=0xb, seq=5, data=icmpv6_data), None, 0.1),
2497 def test_ip_input_no_replies(self, name, src, dst, l4, msg, timeout):
2499 self._testMethodDoc = 'IPv6 Input Exception - %s' % name
2501 p_version = (Ether(src=self.pg0.remote_mac,
2502 dst=self.pg0.local_mac) /
2503 IPv6(src=src or self.pg0.remote_ip6,
2504 dst=dst or self.pg1.remote_ip6,
2509 self.send_and_assert_no_replies(self.pg0, p_version * NUM_PKTS,
2513 def test_hop_by_hop(self):
2514 """ Hop-by-hop header test """
2516 p = (Ether(src=self.pg0.remote_mac,
2517 dst=self.pg0.local_mac) /
2518 IPv6(src=self.pg0.remote_ip6, dst=self.pg0.local_ip6) /
2519 IPv6ExtHdrHopByHop() /
2520 inet6.UDP(sport=1234, dport=1234) /
2523 self.pg0.add_stream(p)
2524 self.pg_enable_capture(self.pg_interfaces)
2528 class TestIPReplace(VppTestCase):
2529 """ IPv6 Table Replace """
2532 def setUpClass(cls):
2533 super(TestIPReplace, cls).setUpClass()
2536 def tearDownClass(cls):
2537 super(TestIPReplace, cls).tearDownClass()
2540 super(TestIPReplace, self).setUp()
2542 self.create_pg_interfaces(range(4))
2547 for i in self.pg_interfaces:
2550 i.generate_remote_hosts(2)
2551 self.tables.append(VppIpTable(self, table_id,
2552 True).add_vpp_config())
2556 super(TestIPReplace, self).tearDown()
2557 for i in self.pg_interfaces:
2561 def test_replace(self):
2562 """ IP Table Replace """
2564 MRouteItfFlags = VppEnum.vl_api_mfib_itf_flags_t
2565 MRouteEntryFlags = VppEnum.vl_api_mfib_entry_flags_t
2567 links = [self.pg0, self.pg1, self.pg2, self.pg3]
2568 routes = [[], [], [], []]
2570 # the sizes of 'empty' tables
2571 for t in self.tables:
2572 self.assertEqual(len(t.dump()), 2)
2573 self.assertEqual(len(t.mdump()), 5)
2575 # load up the tables with some routes
2576 for ii, t in enumerate(self.tables):
2577 for jj in range(1, N_ROUTES):
2579 self, "2001::%d" % jj if jj != 0 else "2001::", 128,
2580 [VppRoutePath(links[ii].remote_hosts[0].ip6,
2581 links[ii].sw_if_index),
2582 VppRoutePath(links[ii].remote_hosts[1].ip6,
2583 links[ii].sw_if_index)],
2584 table_id=t.table_id).add_vpp_config()
2585 multi = VppIpMRoute(
2587 "ff:2001::%d" % jj, 128,
2588 MRouteEntryFlags.MFIB_API_ENTRY_FLAG_NONE,
2589 [VppMRoutePath(self.pg0.sw_if_index,
2590 MRouteItfFlags.MFIB_API_ITF_FLAG_ACCEPT,
2591 proto=FibPathProto.FIB_PATH_NH_PROTO_IP6),
2592 VppMRoutePath(self.pg1.sw_if_index,
2593 MRouteItfFlags.MFIB_API_ITF_FLAG_FORWARD,
2594 proto=FibPathProto.FIB_PATH_NH_PROTO_IP6),
2595 VppMRoutePath(self.pg2.sw_if_index,
2596 MRouteItfFlags.MFIB_API_ITF_FLAG_FORWARD,
2597 proto=FibPathProto.FIB_PATH_NH_PROTO_IP6),
2598 VppMRoutePath(self.pg3.sw_if_index,
2599 MRouteItfFlags.MFIB_API_ITF_FLAG_FORWARD,
2600 proto=FibPathProto.FIB_PATH_NH_PROTO_IP6)],
2601 table_id=t.table_id).add_vpp_config()
2602 routes[ii].append({'uni': uni,
2606 # replace the tables a few times
2609 # replace each table
2610 for t in self.tables:
2613 # all the routes are still there
2614 for ii, t in enumerate(self.tables):
2617 for r in routes[ii]:
2618 self.assertTrue(find_route_in_dump(dump, r['uni'], t))
2619 self.assertTrue(find_mroute_in_dump(mdump, r['multi'], t))
2621 # redownload the even numbered routes
2622 for ii, t in enumerate(self.tables):
2623 for jj in range(0, N_ROUTES, 2):
2624 routes[ii][jj]['uni'].add_vpp_config()
2625 routes[ii][jj]['multi'].add_vpp_config()
2627 # signal each table converged
2628 for t in self.tables:
2631 # we should find the even routes, but not the odd
2632 for ii, t in enumerate(self.tables):
2635 for jj in range(0, N_ROUTES, 2):
2636 self.assertTrue(find_route_in_dump(
2637 dump, routes[ii][jj]['uni'], t))
2638 self.assertTrue(find_mroute_in_dump(
2639 mdump, routes[ii][jj]['multi'], t))
2640 for jj in range(1, N_ROUTES - 1, 2):
2641 self.assertFalse(find_route_in_dump(
2642 dump, routes[ii][jj]['uni'], t))
2643 self.assertFalse(find_mroute_in_dump(
2644 mdump, routes[ii][jj]['multi'], t))
2646 # reload all the routes
2647 for ii, t in enumerate(self.tables):
2648 for r in routes[ii]:
2649 r['uni'].add_vpp_config()
2650 r['multi'].add_vpp_config()
2652 # all the routes are still there
2653 for ii, t in enumerate(self.tables):
2656 for r in routes[ii]:
2657 self.assertTrue(find_route_in_dump(dump, r['uni'], t))
2658 self.assertTrue(find_mroute_in_dump(mdump, r['multi'], t))
2661 # finally flush the tables for good measure
2663 for t in self.tables:
2665 self.assertEqual(len(t.dump()), 2)
2666 self.assertEqual(len(t.mdump()), 5)
2669 class TestIP6Replace(VppTestCase):
2670 """ IPv4 Interface Address Replace """
2673 def setUpClass(cls):
2674 super(TestIP6Replace, cls).setUpClass()
2677 def tearDownClass(cls):
2678 super(TestIP6Replace, cls).tearDownClass()
2681 super(TestIP6Replace, self).setUp()
2683 self.create_pg_interfaces(range(4))
2685 for i in self.pg_interfaces:
2689 super(TestIP6Replace, self).tearDown()
2690 for i in self.pg_interfaces:
2693 def get_n_pfxs(self, intf):
2694 return len(self.vapi.ip_address_dump(intf.sw_if_index, True))
2696 def test_replace(self):
2697 """ IP interface address replace """
2699 intf_pfxs = [[], [], [], []]
2701 # add prefixes to each of the interfaces
2702 for i in range(len(self.pg_interfaces)):
2703 intf = self.pg_interfaces[i]
2706 addr = "2001:16:%d::1" % intf.sw_if_index
2707 a = VppIpInterfaceAddress(self, intf, addr, 64).add_vpp_config()
2708 intf_pfxs[i].append(a)
2710 # 2001:16:x::2/64 - a different address in the same subnet as above
2711 addr = "2001:16:%d::2" % intf.sw_if_index
2712 a = VppIpInterfaceAddress(self, intf, addr, 64).add_vpp_config()
2713 intf_pfxs[i].append(a)
2715 # 2001:15:x::2/64 - a different address and subnet
2716 addr = "2001:15:%d::2" % intf.sw_if_index
2717 a = VppIpInterfaceAddress(self, intf, addr, 64).add_vpp_config()
2718 intf_pfxs[i].append(a)
2720 # a dump should n_address in it
2721 for intf in self.pg_interfaces:
2722 self.assertEqual(self.get_n_pfxs(intf), 3)
2725 # remove all the address thru a replace
2727 self.vapi.sw_interface_address_replace_begin()
2728 self.vapi.sw_interface_address_replace_end()
2729 for intf in self.pg_interfaces:
2730 self.assertEqual(self.get_n_pfxs(intf), 0)
2733 # add all the interface addresses back
2738 for intf in self.pg_interfaces:
2739 self.assertEqual(self.get_n_pfxs(intf), 3)
2742 # replace again, but this time update/re-add the address on the first
2745 self.vapi.sw_interface_address_replace_begin()
2747 for p in intf_pfxs[:2]:
2751 self.vapi.sw_interface_address_replace_end()
2753 # on the first two the address still exist,
2754 # on the other two they do not
2755 for intf in self.pg_interfaces[:2]:
2756 self.assertEqual(self.get_n_pfxs(intf), 3)
2757 for p in intf_pfxs[:2]:
2759 self.assertTrue(v.query_vpp_config())
2760 for intf in self.pg_interfaces[2:]:
2761 self.assertEqual(self.get_n_pfxs(intf), 0)
2764 # add all the interface addresses back on the last two
2766 for p in intf_pfxs[2:]:
2769 for intf in self.pg_interfaces:
2770 self.assertEqual(self.get_n_pfxs(intf), 3)
2773 # replace again, this time add different prefixes on all the interfaces
2775 self.vapi.sw_interface_address_replace_begin()
2778 for intf in self.pg_interfaces:
2780 addr = "2001:18:%d::1" % intf.sw_if_index
2781 pfxs.append(VppIpInterfaceAddress(self, intf, addr,
2782 64).add_vpp_config())
2784 self.vapi.sw_interface_address_replace_end()
2786 # only .18 should exist on each interface
2787 for intf in self.pg_interfaces:
2788 self.assertEqual(self.get_n_pfxs(intf), 1)
2790 self.assertTrue(pfx.query_vpp_config())
2795 self.vapi.sw_interface_address_replace_begin()
2796 self.vapi.sw_interface_address_replace_end()
2797 for intf in self.pg_interfaces:
2798 self.assertEqual(self.get_n_pfxs(intf), 0)
2801 # add prefixes to each interface. post-begin add the prefix from
2802 # interface X onto interface Y. this would normally be an error
2803 # since it would generate a 'duplicate address' warning. but in
2804 # this case, since what is newly downloaded is sane, it's ok
2806 for intf in self.pg_interfaces:
2808 addr = "2001:18:%d::1" % intf.sw_if_index
2809 VppIpInterfaceAddress(self, intf, addr, 64).add_vpp_config()
2811 self.vapi.sw_interface_address_replace_begin()
2814 for intf in self.pg_interfaces:
2816 addr = "2001:18:%d::1" % (intf.sw_if_index + 1)
2817 pfxs.append(VppIpInterfaceAddress(self, intf,
2818 addr, 64).add_vpp_config())
2820 self.vapi.sw_interface_address_replace_end()
2822 self.logger.info(self.vapi.cli("sh int addr"))
2824 for intf in self.pg_interfaces:
2825 self.assertEqual(self.get_n_pfxs(intf), 1)
2827 self.assertTrue(pfx.query_vpp_config())
2830 class TestIP6LinkLocal(VppTestCase):
2831 """ IPv6 Link Local """
2834 def setUpClass(cls):
2835 super(TestIP6LinkLocal, cls).setUpClass()
2838 def tearDownClass(cls):
2839 super(TestIP6LinkLocal, cls).tearDownClass()
2842 super(TestIP6LinkLocal, self).setUp()
2844 self.create_pg_interfaces(range(2))
2846 for i in self.pg_interfaces:
2850 super(TestIP6LinkLocal, self).tearDown()
2851 for i in self.pg_interfaces:
2854 def test_ip6_ll(self):
2855 """ IPv6 Link Local """
2858 # two APIs to add a link local address.
2859 # 1 - just like any other prefix
2860 # 2 - with the special set LL API
2864 # First with the API to set a 'normal' prefix
2870 VppIpInterfaceAddress(self, self.pg0, ll1, 128).add_vpp_config()
2873 # should be able to ping the ll
2875 p_echo_request_1 = (Ether(src=self.pg0.remote_mac,
2876 dst=self.pg0.local_mac) /
2879 ICMPv6EchoRequest())
2881 self.send_and_expect(self.pg0, [p_echo_request_1], self.pg0)
2884 # change the link-local on pg0
2886 v_ll3 = VppIpInterfaceAddress(self, self.pg0,
2887 ll3, 128).add_vpp_config()
2889 p_echo_request_3 = (Ether(src=self.pg0.remote_mac,
2890 dst=self.pg0.local_mac) /
2893 ICMPv6EchoRequest())
2895 self.send_and_expect(self.pg0, [p_echo_request_3], self.pg0)
2898 # set a normal v6 prefix on the link
2900 self.pg0.config_ip6()
2902 self.send_and_expect(self.pg0, [p_echo_request_3], self.pg0)
2904 # the link-local cannot be removed
2905 with self.vapi.assert_negative_api_retval():
2906 v_ll3.remove_vpp_config()
2909 # Use the specific link-local API on pg1
2911 VppIp6LinkLocalAddress(self, self.pg1, ll1).add_vpp_config()
2912 self.send_and_expect(self.pg1, [p_echo_request_1], self.pg1)
2914 VppIp6LinkLocalAddress(self, self.pg1, ll3).add_vpp_config()
2915 self.send_and_expect(self.pg1, [p_echo_request_3], self.pg1)
2918 if __name__ == '__main__':
2919 unittest.main(testRunner=VppTestRunner)
Code Review / vpp.git / blob