4 from socket import inet_pton, inet_ntop
7 from parameterized import parameterized
8 import scapy.layers.inet6 as inet6
9 from scapy.layers.inet import UDP, IP
10 from scapy.contrib.mpls import MPLS
11 from scapy.layers.inet6 import (
18 ICMPv6NDOptPrefixInfo,
29 from scapy.layers.l2 import Ether, Dot1Q, GRE
30 from scapy.packet import Raw
31 from scapy.utils6 import (
39 from framework import VppTestCase
40 from asfframework import VppTestRunner, tag_run_solo
41 from util import ppp, ip6_normalize, mk_ll_addr
42 from vpp_papi import VppEnum
43 from vpp_ip import VppIpPuntPolicer, VppIpPuntRedirect, VppIpPathMtu
44 from vpp_ip_route import (
56 VppIpInterfaceAddress,
59 VppIp6LinkLocalAddress,
62 from vpp_neighbor import find_nbr, VppNeighbor
63 from vpp_ipip_tun_interface import VppIpIpTunInterface
64 from vpp_pg_interface import is_ipv6_misc
65 from vpp_sub_interface import VppSubInterface, VppDot1QSubint
66 from vpp_policer import VppPolicer, PolicerAction
67 from ipaddress import IPv6Network, IPv6Address
68 from vpp_gre_interface import VppGreInterface
69 from vpp_teib import VppTeib
71 AF_INET6 = socket.AF_INET6
81 class TestIPv6ND(VppTestCase):
82 def validate_ra(self, intf, rx, dst_ip=None):
84 dst_ip = intf.remote_ip6
86 # unicasted packets must come to the unicast mac
87 self.assertEqual(rx[Ether].dst, intf.remote_mac)
89 # and from the router's MAC
90 self.assertEqual(rx[Ether].src, intf.local_mac)
92 # the rx'd RA should be addressed to the sender's source
93 self.assertTrue(rx.haslayer(ICMPv6ND_RA))
94 self.assertEqual(in6_ptop(rx[IPv6].dst), in6_ptop(dst_ip))
96 # and come from the router's link local
97 self.assertTrue(in6_islladdr(rx[IPv6].src))
98 self.assertEqual(in6_ptop(rx[IPv6].src), in6_ptop(mk_ll_addr(intf.local_mac)))
100 def validate_na(self, intf, rx, dst_ip=None, tgt_ip=None):
102 dst_ip = intf.remote_ip6
104 dst_ip = intf.local_ip6
106 # unicasted packets must come to the unicast mac
107 self.assertEqual(rx[Ether].dst, intf.remote_mac)
109 # and from the router's MAC
110 self.assertEqual(rx[Ether].src, intf.local_mac)
112 # the rx'd NA should be addressed to the sender's source
113 self.assertTrue(rx.haslayer(ICMPv6ND_NA))
114 self.assertEqual(in6_ptop(rx[IPv6].dst), in6_ptop(dst_ip))
116 # and come from the target address
117 self.assertEqual(in6_ptop(rx[IPv6].src), in6_ptop(tgt_ip))
119 # Dest link-layer options should have the router's MAC
120 dll = rx[ICMPv6NDOptDstLLAddr]
121 self.assertEqual(dll.lladdr, intf.local_mac)
123 def validate_ns(self, intf, rx, tgt_ip):
124 nsma = in6_getnsma(inet_pton(AF_INET6, tgt_ip))
125 dst_ip = inet_ntop(AF_INET6, nsma)
128 self.assertEqual(rx[Ether].dst, in6_getnsmac(nsma))
130 # and from the router's MAC
131 self.assertEqual(rx[Ether].src, intf.local_mac)
133 # the rx'd NS should be addressed to an mcast address
134 # derived from the target address
135 self.assertEqual(in6_ptop(rx[IPv6].dst), in6_ptop(dst_ip))
137 # expect the tgt IP in the NS header
139 self.assertEqual(in6_ptop(ns.tgt), in6_ptop(tgt_ip))
141 # packet is from the router's local address
142 self.assertEqual(in6_ptop(rx[IPv6].src), intf.local_ip6_ll)
144 # Src link-layer options should have the router's MAC
145 sll = rx[ICMPv6NDOptSrcLLAddr]
146 self.assertEqual(sll.lladdr, intf.local_mac)
148 def send_and_expect_ra(
149 self, intf, pkts, remark, dst_ip=None, filter_out_fn=is_ipv6_misc
151 intf.add_stream(pkts)
152 self.pg_enable_capture(self.pg_interfaces)
154 rx = intf.get_capture(1, filter_out_fn=filter_out_fn)
156 self.assertEqual(len(rx), 1)
158 self.validate_ra(intf, rx, dst_ip)
160 def send_and_expect_na(
161 self, intf, pkts, remark, dst_ip=None, tgt_ip=None, filter_out_fn=is_ipv6_misc
163 intf.add_stream(pkts)
164 self.pg_enable_capture(self.pg_interfaces)
166 rx = intf.get_capture(1, filter_out_fn=filter_out_fn)
168 self.assertEqual(len(rx), 1)
170 self.validate_na(intf, rx, dst_ip, tgt_ip)
172 def send_and_expect_ns(
173 self, tx_intf, rx_intf, pkts, tgt_ip, filter_out_fn=is_ipv6_misc
175 self.vapi.cli("clear trace")
176 tx_intf.add_stream(pkts)
177 self.pg_enable_capture(self.pg_interfaces)
179 rx = rx_intf.get_capture(1, filter_out_fn=filter_out_fn)
181 self.assertEqual(len(rx), 1)
183 self.validate_ns(rx_intf, rx, tgt_ip)
185 def verify_ip(self, rx, smac, dmac, sip, dip):
187 self.assertEqual(ether.dst, dmac)
188 self.assertEqual(ether.src, smac)
191 self.assertEqual(ip.src, sip)
192 self.assertEqual(ip.dst, dip)
194 def get_ip6_nd_rx_requests(self, itf):
195 """Get IP6 ND RX request stats for and interface"""
196 return self.statistics["/net/ip6-nd/rx/requests"][:, itf.sw_if_index].sum()
198 def get_ip6_nd_tx_requests(self, itf):
199 """Get IP6 ND TX request stats for and interface"""
200 return self.statistics["/net/ip6-nd/tx/requests"][:, itf.sw_if_index].sum()
202 def get_ip6_nd_rx_replies(self, itf):
203 """Get IP6 ND RX replies stats for and interface"""
204 return self.statistics["/net/ip6-nd/rx/replies"][:, itf.sw_if_index].sum()
206 def get_ip6_nd_tx_replies(self, itf):
207 """Get IP6 ND TX replies stats for and interface"""
208 return self.statistics["/net/ip6-nd/tx/replies"][:, itf.sw_if_index].sum()
212 class TestIPv6(TestIPv6ND):
217 super(TestIPv6, cls).setUpClass()
220 def tearDownClass(cls):
221 super(TestIPv6, cls).tearDownClass()
225 Perform test setup before test case.
228 - create 3 pg interfaces
229 - untagged pg0 interface
230 - Dot1Q subinterface on pg1
231 - Dot1AD subinterface on pg2
233 - put it into UP state
235 - resolve neighbor address using NDP
236 - configure 200 fib entries
238 :ivar list interfaces: pg interfaces and subinterfaces.
239 :ivar dict flows: IPv4 packet flows in test.
241 *TODO:* Create AD sub interface
243 super(TestIPv6, self).setUp()
245 # create 3 pg interfaces
246 self.create_pg_interfaces(range(3))
248 # create 2 subinterfaces for p1 and pg2
249 self.sub_interfaces = [
250 VppDot1QSubint(self, self.pg1, 100),
251 VppDot1QSubint(self, self.pg2, 200),
252 # TODO: VppDot1ADSubint(self, self.pg2, 200, 300, 400)
255 # packet flows mapping pg0 -> pg1.sub, pg2.sub, etc.
257 self.flows[self.pg0] = [self.pg1.sub_if, self.pg2.sub_if]
258 self.flows[self.pg1.sub_if] = [self.pg0, self.pg2.sub_if]
259 self.flows[self.pg2.sub_if] = [self.pg0, self.pg1.sub_if]
262 self.pg_if_packet_sizes = [64, 1500, 9020]
264 self.interfaces = list(self.pg_interfaces)
265 self.interfaces.extend(self.sub_interfaces)
267 # setup all interfaces
268 for i in self.interfaces:
274 """Run standard test teardown and log ``show ip6 neighbors``."""
275 for i in reversed(self.interfaces):
278 for i in self.sub_interfaces:
279 i.remove_vpp_config()
281 super(TestIPv6, self).tearDown()
282 if not self.vpp_dead:
283 self.logger.info(self.vapi.cli("show ip6 neighbors"))
284 # info(self.vapi.cli("show ip6 fib")) # many entries
286 def modify_packet(self, src_if, packet_size, pkt):
287 """Add load, set destination IP and extend packet to required packet
288 size for defined interface.
290 :param VppInterface src_if: Interface to create packet for.
291 :param int packet_size: Required packet size.
292 :param Scapy pkt: Packet to be modified.
294 dst_if_idx = int(packet_size / 10 % 2)
295 dst_if = self.flows[src_if][dst_if_idx]
296 info = self.create_packet_info(src_if, dst_if)
297 payload = self.info_to_payload(info)
298 p = pkt / Raw(payload)
299 p[IPv6].dst = dst_if.remote_ip6
301 if isinstance(src_if, VppSubInterface):
302 p = src_if.add_dot1_layer(p)
303 self.extend_packet(p, packet_size)
307 def create_stream(self, src_if):
308 """Create input packet stream for defined interface.
310 :param VppInterface src_if: Interface to create packet stream for.
312 hdr_ext = 4 if isinstance(src_if, VppSubInterface) else 0
314 Ether(dst=src_if.local_mac, src=src_if.remote_mac)
315 / IPv6(src=src_if.remote_ip6)
316 / inet6.UDP(sport=1234, dport=1234)
320 self.modify_packet(src_if, i, pkt_tmpl)
321 for i in moves.range(
322 self.pg_if_packet_sizes[0], self.pg_if_packet_sizes[1], 10
326 self.modify_packet(src_if, i, pkt_tmpl)
327 for i in moves.range(
328 self.pg_if_packet_sizes[1] + hdr_ext,
329 self.pg_if_packet_sizes[2] + hdr_ext,
337 def verify_capture(self, dst_if, capture):
338 """Verify captured input packet stream for defined interface.
340 :param VppInterface dst_if: Interface to verify captured packet stream
342 :param list capture: Captured packet stream.
344 self.logger.info("Verifying capture on interface %s" % dst_if.name)
346 for i in self.interfaces:
347 last_info[i.sw_if_index] = None
349 dst_sw_if_index = dst_if.sw_if_index
350 if hasattr(dst_if, "parent"):
352 for packet in capture:
354 # Check VLAN tags and Ethernet header
355 packet = dst_if.remove_dot1_layer(packet)
356 self.assertTrue(Dot1Q not in packet)
359 udp = packet[inet6.UDP]
360 payload_info = self.payload_to_info(packet[Raw])
361 packet_index = payload_info.index
362 self.assertEqual(payload_info.dst, dst_sw_if_index)
364 "Got packet on port %s: src=%u (id=%u)"
365 % (dst_if.name, payload_info.src, packet_index)
367 next_info = self.get_next_packet_info_for_interface2(
368 payload_info.src, dst_sw_if_index, last_info[payload_info.src]
370 last_info[payload_info.src] = next_info
371 self.assertTrue(next_info is not None)
372 self.assertEqual(packet_index, next_info.index)
373 saved_packet = next_info.data
374 # Check standard fields
375 self.assertEqual(ip.src, saved_packet[IPv6].src)
376 self.assertEqual(ip.dst, saved_packet[IPv6].dst)
377 self.assertEqual(udp.sport, saved_packet[inet6.UDP].sport)
378 self.assertEqual(udp.dport, saved_packet[inet6.UDP].dport)
380 self.logger.error(ppp("Unexpected or invalid packet:", packet))
382 for i in self.interfaces:
383 remaining_packet = self.get_next_packet_info_for_interface2(
384 i.sw_if_index, dst_sw_if_index, last_info[i.sw_if_index]
387 remaining_packet is None,
388 "Interface %s: Packet expected from interface %s "
389 "didn't arrive" % (dst_if.name, i.name),
392 def test_next_header_anomaly(self):
393 """IPv6 next header anomaly test
396 - ipv6 next header field = Fragment Header (44)
397 - next header is ICMPv6 Echo Request
398 - wait for reassembly
401 Ether(src=self.pg0.local_mac, dst=self.pg0.remote_mac)
402 / IPv6(src=self.pg0.remote_ip6, dst=self.pg0.local_ip6, nh=44)
403 / ICMPv6EchoRequest()
406 self.pg0.add_stream(pkt)
409 # wait for reassembly
416 - Create IPv6 stream for pg0 interface
417 - Create IPv6 tagged streams for pg1's and pg2's subinterface.
418 - Send and verify received packets on each interface.
421 pkts = self.create_stream(self.pg0)
422 self.pg0.add_stream(pkts)
424 for i in self.sub_interfaces:
425 pkts = self.create_stream(i)
426 i.parent.add_stream(pkts)
428 self.pg_enable_capture(self.pg_interfaces)
431 pkts = self.pg0.get_capture()
432 self.verify_capture(self.pg0, pkts)
434 for i in self.sub_interfaces:
435 pkts = i.parent.get_capture()
436 self.verify_capture(i, pkts)
439 """IPv6 Neighbour Solicitation Exceptions
442 - Send an NS Sourced from an address not covered by the link sub-net
443 - Send an NS to an mcast address the router has not joined
444 - Send NS for a target address the router does not onn.
447 n_rx_req_pg0 = self.get_ip6_nd_rx_requests(self.pg0)
448 n_tx_rep_pg0 = self.get_ip6_nd_tx_replies(self.pg0)
451 # An NS from a non link source address
453 nsma = in6_getnsma(inet_pton(AF_INET6, self.pg0.local_ip6))
454 d = inet_ntop(AF_INET6, nsma)
457 Ether(dst=in6_getnsmac(nsma))
458 / IPv6(dst=d, src="2002::2")
459 / ICMPv6ND_NS(tgt=self.pg0.local_ip6)
460 / ICMPv6NDOptSrcLLAddr(lladdr=self.pg0.remote_mac)
464 self.send_and_assert_no_replies(
465 self.pg0, pkts, "No response to NS source by address not on sub-net"
467 self.assert_equal(self.get_ip6_nd_rx_requests(self.pg0), n_rx_req_pg0 + 1)
470 # An NS for sent to a solicited mcast group the router is
471 # not a member of FAILS
474 nsma = in6_getnsma(inet_pton(AF_INET6, "fd::ffff"))
475 d = inet_ntop(AF_INET6, nsma)
478 Ether(dst=in6_getnsmac(nsma))
479 / IPv6(dst=d, src=self.pg0.remote_ip6)
480 / ICMPv6ND_NS(tgt=self.pg0.local_ip6)
481 / ICMPv6NDOptSrcLLAddr(lladdr=self.pg0.remote_mac)
485 self.send_and_assert_no_replies(
486 self.pg0, pkts, "No response to NS sent to unjoined mcast address"
490 # An NS whose target address is one the router does not own
492 nsma = in6_getnsma(inet_pton(AF_INET6, self.pg0.local_ip6))
493 d = inet_ntop(AF_INET6, nsma)
496 Ether(dst=in6_getnsmac(nsma))
497 / IPv6(dst=d, src=self.pg0.remote_ip6)
498 / ICMPv6ND_NS(tgt="fd::ffff")
499 / ICMPv6NDOptSrcLLAddr(lladdr=self.pg0.remote_mac)
503 self.send_and_assert_no_replies(
504 self.pg0, pkts, "No response to NS for unknown target"
506 self.assert_equal(self.get_ip6_nd_rx_requests(self.pg0), n_rx_req_pg0 + 2)
509 # A neighbor entry that has no associated FIB-entry
511 self.pg0.generate_remote_hosts(4)
512 nd_entry = VppNeighbor(
514 self.pg0.sw_if_index,
515 self.pg0.remote_hosts[2].mac,
516 self.pg0.remote_hosts[2].ip6,
519 nd_entry.add_vpp_config()
522 # check we have the neighbor, but no route
525 find_nbr(self, self.pg0.sw_if_index, self.pg0._remote_hosts[2].ip6)
527 self.assertFalse(find_route(self, self.pg0._remote_hosts[2].ip6, 128))
530 # send an NS from a link local address to the interface's global
534 Ether(dst=in6_getnsmac(nsma), src=self.pg0.remote_mac)
535 / IPv6(dst=d, src=self.pg0._remote_hosts[2].ip6_ll)
536 / ICMPv6ND_NS(tgt=self.pg0.local_ip6)
537 / ICMPv6NDOptSrcLLAddr(lladdr=self.pg0.remote_mac)
540 self.send_and_expect_na(
543 "NS from link-local",
544 dst_ip=self.pg0._remote_hosts[2].ip6_ll,
545 tgt_ip=self.pg0.local_ip6,
547 self.assert_equal(self.get_ip6_nd_rx_requests(self.pg0), n_rx_req_pg0 + 3)
548 self.assert_equal(self.get_ip6_nd_tx_replies(self.pg0), n_tx_rep_pg0 + 1)
551 # we should have learned an ND entry for the peer's link-local
552 # but not inserted a route to it in the FIB
555 find_nbr(self, self.pg0.sw_if_index, self.pg0._remote_hosts[2].ip6_ll)
557 self.assertFalse(find_route(self, self.pg0._remote_hosts[2].ip6_ll, 128))
560 # An NS to the router's own Link-local
563 Ether(dst=in6_getnsmac(nsma), src=self.pg0.remote_mac)
564 / IPv6(dst=d, src=self.pg0._remote_hosts[3].ip6_ll)
565 / ICMPv6ND_NS(tgt=self.pg0.local_ip6_ll)
566 / ICMPv6NDOptSrcLLAddr(lladdr=self.pg0.remote_mac)
569 self.send_and_expect_na(
572 "NS to/from link-local",
573 dst_ip=self.pg0._remote_hosts[3].ip6_ll,
574 tgt_ip=self.pg0.local_ip6_ll,
578 # do not respond to a NS for the peer's address
581 Ether(dst=in6_getnsmac(nsma), src=self.pg0.remote_mac)
582 / IPv6(dst=d, src=self.pg0._remote_hosts[3].ip6_ll)
583 / ICMPv6ND_NS(tgt=self.pg0._remote_hosts[3].ip6_ll)
584 / ICMPv6NDOptSrcLLAddr(lladdr=self.pg0.remote_mac)
587 self.send_and_assert_no_replies(self.pg0, p)
590 # we should have learned an ND entry for the peer's link-local
591 # but not inserted a route to it in the FIB
594 find_nbr(self, self.pg0.sw_if_index, self.pg0._remote_hosts[3].ip6_ll)
596 self.assertFalse(find_route(self, self.pg0._remote_hosts[3].ip6_ll, 128))
598 def test_nd_incomplete(self):
599 """IP6-ND Incomplete"""
600 self.pg1.generate_remote_hosts(3)
603 Ether(dst=self.pg0.local_mac, src=self.pg0.remote_mac)
604 / IPv6(src=self.pg0.remote_ip6, dst=self.pg1.remote_hosts[1].ip6)
605 / UDP(sport=1234, dport=1234)
610 # a packet to an unresolved destination generates an ND request
612 n_tx_req_pg1 = self.get_ip6_nd_tx_requests(self.pg1)
613 self.send_and_expect_ns(self.pg0, self.pg1, p0, self.pg1.remote_hosts[1].ip6)
614 self.assert_equal(self.get_ip6_nd_tx_requests(self.pg1), n_tx_req_pg1 + 1)
617 # a reply to the request
619 self.assert_equal(self.get_ip6_nd_rx_replies(self.pg1), 0)
621 Ether(dst=self.pg1.local_mac, src=self.pg1.remote_mac)
622 / IPv6(dst=self.pg1.local_ip6, src=self.pg1.remote_hosts[1].ip6)
623 / ICMPv6ND_NA(tgt=self.pg1.remote_hosts[1].ip6)
624 / ICMPv6NDOptSrcLLAddr(lladdr=self.pg1.remote_hosts[1].mac)
626 self.send_and_assert_no_replies(self.pg1, [na])
627 self.assert_equal(self.get_ip6_nd_rx_replies(self.pg1), 1)
629 def test_ns_duplicates(self):
633 # Generate some hosts on the LAN
635 self.pg1.generate_remote_hosts(3)
638 # Add host 1 on pg1 and pg2
640 ns_pg1 = VppNeighbor(
642 self.pg1.sw_if_index,
643 self.pg1.remote_hosts[1].mac,
644 self.pg1.remote_hosts[1].ip6,
646 ns_pg1.add_vpp_config()
647 ns_pg2 = VppNeighbor(
649 self.pg2.sw_if_index,
651 self.pg1.remote_hosts[1].ip6,
653 ns_pg2.add_vpp_config()
656 # IP packet destined for pg1 remote host arrives on pg1 again.
659 Ether(dst=self.pg0.local_mac, src=self.pg0.remote_mac)
660 / IPv6(src=self.pg0.remote_ip6, dst=self.pg1.remote_hosts[1].ip6)
661 / inet6.UDP(sport=1234, dport=1234)
665 self.pg0.add_stream(p)
666 self.pg_enable_capture(self.pg_interfaces)
669 rx1 = self.pg1.get_capture(1)
674 self.pg1.remote_hosts[1].mac,
676 self.pg1.remote_hosts[1].ip6,
680 # remove the duplicate on pg1
681 # packet stream should generate NSs out of pg1
683 ns_pg1.remove_vpp_config()
685 self.send_and_expect_ns(self.pg0, self.pg1, p, self.pg1.remote_hosts[1].ip6)
690 ns_pg1.add_vpp_config()
692 self.pg0.add_stream(p)
693 self.pg_enable_capture(self.pg_interfaces)
696 rx1 = self.pg1.get_capture(1)
701 self.pg1.remote_hosts[1].mac,
703 self.pg1.remote_hosts[1].ip6,
706 def validate_ra(self, intf, rx, dst_ip=None, src_ip=None, mtu=9000, pi_opt=None):
708 dst_ip = intf.remote_ip6
710 src_ip = mk_ll_addr(intf.local_mac)
712 # unicasted packets must come to the unicast mac
713 self.assertEqual(rx[Ether].dst, intf.remote_mac)
715 # and from the router's MAC
716 self.assertEqual(rx[Ether].src, intf.local_mac)
718 # the rx'd RA should be addressed to the sender's source
719 self.assertTrue(rx.haslayer(ICMPv6ND_RA))
720 self.assertEqual(in6_ptop(rx[IPv6].dst), in6_ptop(dst_ip))
722 # and come from the router's link local
723 self.assertTrue(in6_islladdr(rx[IPv6].src))
724 self.assertEqual(in6_ptop(rx[IPv6].src), in6_ptop(src_ip))
726 # it should contain the links MTU
728 self.assertEqual(ra[ICMPv6NDOptMTU].mtu, mtu)
730 # it should contain the source's link layer address option
731 sll = ra[ICMPv6NDOptSrcLLAddr]
732 self.assertEqual(sll.lladdr, intf.local_mac)
735 # the RA should not contain prefix information
736 self.assertFalse(ra.haslayer(ICMPv6NDOptPrefixInfo))
738 raos = rx.getlayer(ICMPv6NDOptPrefixInfo, 1)
740 # the options are nested in the scapy packet in way that i cannot
741 # decipher how to decode. this 1st layer of option always returns
742 # nested classes, so a direct obj1=obj2 comparison always fails.
743 # however, the getlayer(.., 2) does give one instance.
744 # so we cheat here and construct a new opt instance for comparison
745 rd = ICMPv6NDOptPrefixInfo(
746 prefixlen=raos.prefixlen, prefix=raos.prefix, L=raos.L, A=raos.A
748 if type(pi_opt) is list:
749 for ii in range(len(pi_opt)):
750 self.assertEqual(pi_opt[ii], rd)
751 rd = rx.getlayer(ICMPv6NDOptPrefixInfo, ii + 2)
756 "Expected: %s, received: %s"
757 % (pi_opt.show(dump=True), raos.show(dump=True)),
760 def send_and_expect_ra(
766 filter_out_fn=is_ipv6_misc,
770 self.vapi.cli("clear trace")
771 intf.add_stream(pkts)
772 self.pg_enable_capture(self.pg_interfaces)
774 rx = intf.get_capture(1, filter_out_fn=filter_out_fn)
776 self.assertEqual(len(rx), 1)
778 self.validate_ra(intf, rx, dst_ip, src_ip=src_ip, pi_opt=opt)
780 def test_ip6_ra_dump(self):
783 # Dump IPv6 RA for all interfaces
784 ip6_ra_dump = self.vapi.sw_interface_ip6nd_ra_dump(sw_if_index=0xFFFFFFFF)
785 self.assertEqual(len(ip6_ra_dump), len(self.interfaces))
787 for ip6_ra in ip6_ra_dump:
788 self.assertFalse(ip6_ra.send_radv)
789 self.assertEqual(ip6_ra.n_prefixes, 0)
790 self.assertEqual(len(ip6_ra.prefixes), 0)
791 self.assertEqual(ip6_ra.last_radv_time, 0.0)
792 self.assertEqual(ip6_ra.last_multicast_time, 0.0)
793 self.assertEqual(ip6_ra.next_multicast_time, 0.0)
794 self.assertEqual(ip6_ra.n_advertisements_sent, 0)
795 self.assertEqual(ip6_ra.n_solicitations_rcvd, 0)
796 self.assertEqual(ip6_ra.n_solicitations_dropped, 0)
798 # Enable sending IPv6 RA for an interface
799 self.pg0.ip6_ra_config(no=1, suppress=1)
801 # Add IPv6 RA prefixes for the interface
803 "%s/%s" % (self.pg0.local_ip6, self.pg0.local_ip6_prefix_len), strict=False
805 pfx1 = IPv6Network("fafa::/96")
806 self.pg0.ip6_ra_prefix(pfx0, off_link=0, no_autoconfig=0)
807 self.pg0.ip6_ra_prefix(pfx1, off_link=1, no_autoconfig=1)
809 # Wait for multicast IPv6 RA
812 # Dump IPv6 RA for the interface
813 ip6_ra_dump = self.vapi.sw_interface_ip6nd_ra_dump(
814 sw_if_index=self.pg0.sw_if_index
816 self.assertEqual(len(ip6_ra_dump), 1)
817 ip6_ra = ip6_ra_dump[0]
819 self.assertEqual(ip6_ra.sw_if_index, self.pg0.sw_if_index)
820 self.assertTrue(ip6_ra.send_radv)
821 self.assertEqual(ip6_ra.n_prefixes, 2)
822 self.assertEqual(len(ip6_ra.prefixes), 2)
823 self.assertEqual(ip6_ra.last_radv_time, 0.0)
824 self.assertGreater(ip6_ra.last_multicast_time, 0.0)
825 self.assertGreater(ip6_ra.next_multicast_time, 0.0)
826 self.assertGreater(ip6_ra.n_advertisements_sent, 0)
827 self.assertEqual(ip6_ra.n_solicitations_rcvd, 0)
828 self.assertEqual(ip6_ra.n_solicitations_dropped, 0)
830 self.assertEqual(ip6_ra.prefixes[0].prefix, pfx0)
831 self.assertTrue(ip6_ra.prefixes[0].onlink_flag)
832 self.assertTrue(ip6_ra.prefixes[0].autonomous_flag)
833 self.assertFalse(ip6_ra.prefixes[0].no_advertise)
835 self.assertEqual(ip6_ra.prefixes[1].prefix, pfx1)
836 self.assertFalse(ip6_ra.prefixes[1].onlink_flag)
837 self.assertFalse(ip6_ra.prefixes[1].autonomous_flag)
838 self.assertFalse(ip6_ra.prefixes[1].no_advertise)
840 # Reset sending IPv6 RA for the interface
841 self.pg0.ip6_ra_config(suppress=1)
843 # Remove IPv6 RA prefixes for the interface
844 self.pg0.ip6_ra_prefix(pfx0, is_no=1)
845 self.pg0.ip6_ra_prefix(pfx1, is_no=1)
847 # Dump IPv6 RA for the interface
848 ip6_ra_dump = self.vapi.sw_interface_ip6nd_ra_dump(
849 sw_if_index=self.pg0.sw_if_index
851 self.assertEqual(len(ip6_ra_dump), 1)
852 ip6_ra = ip6_ra_dump[0]
854 self.assertEqual(ip6_ra.sw_if_index, self.pg0.sw_if_index)
855 self.assertFalse(ip6_ra.send_radv)
856 self.assertEqual(ip6_ra.n_prefixes, 0)
857 self.assertEqual(len(ip6_ra.prefixes), 0)
860 """IPv6 Router Solicitation Exceptions
865 self.pg0.ip6_ra_config(no=1, suppress=1)
868 # Before we begin change the IPv6 RA responses to use the unicast
869 # address - that way we will not confuse them with the periodic
870 # RAs which go to the mcast address
871 # Sit and wait for the first periodic RA.
875 self.pg0.ip6_ra_config(send_unicast=1)
878 # An RS from a link source address
879 # - expect an RA in return
882 Ether(dst=self.pg0.local_mac, src=self.pg0.remote_mac)
883 / IPv6(dst=self.pg0.local_ip6, src=self.pg0.remote_ip6)
887 self.send_and_expect_ra(self.pg0, pkts, "Genuine RS")
890 # For the next RS sent the RA should be rate limited
892 self.send_and_assert_no_replies(self.pg0, pkts, "RA rate limited")
895 # When we reconfigure the IPv6 RA config,
896 # we reset the RA rate limiting,
897 # so we need to do this before each test below so as not to drop
898 # packets for rate limiting reasons. Test this works here.
900 self.pg0.ip6_ra_config(send_unicast=1)
901 self.send_and_expect_ra(self.pg0, pkts, "Rate limit reset RS")
904 # An RS sent from a non-link local source
906 self.pg0.ip6_ra_config(send_unicast=1)
908 Ether(dst=self.pg0.local_mac, src=self.pg0.remote_mac)
909 / IPv6(dst=self.pg0.local_ip6, src="2002::ffff")
913 self.send_and_assert_no_replies(self.pg0, pkts, "RS from non-link source")
916 # Source an RS from a link local address
918 self.pg0.ip6_ra_config(send_unicast=1)
919 ll = mk_ll_addr(self.pg0.remote_mac)
921 Ether(dst=self.pg0.local_mac, src=self.pg0.remote_mac)
922 / IPv6(dst=self.pg0.local_ip6, src=ll)
926 self.send_and_expect_ra(self.pg0, pkts, "RS sourced from link-local", dst_ip=ll)
929 # Source an RS from a link local address
930 # Ensure suppress also applies to solicited RS
932 self.pg0.ip6_ra_config(send_unicast=1, suppress=1)
933 ll = mk_ll_addr(self.pg0.remote_mac)
935 Ether(dst=self.pg0.local_mac, src=self.pg0.remote_mac)
936 / IPv6(dst=self.pg0.local_ip6, src=ll)
940 self.send_and_assert_no_replies(self.pg0, pkts, "Suppressed RS from link-local")
943 # Send the RS multicast
945 self.pg0.ip6_ra_config(no=1, suppress=1) # Reset suppress flag to zero
946 self.pg0.ip6_ra_config(send_unicast=1)
947 dmac = in6_getnsmac(inet_pton(AF_INET6, "ff02::2"))
948 ll = mk_ll_addr(self.pg0.remote_mac)
950 Ether(dst=dmac, src=self.pg0.remote_mac)
951 / IPv6(dst="ff02::2", src=ll)
955 self.send_and_expect_ra(self.pg0, pkts, "RS sourced from link-local", dst_ip=ll)
958 # Source from the unspecified address ::. This happens when the RS
959 # is sent before the host has a configured address/sub-net,
960 # i.e. auto-config. Since the sender has no IP address, the reply
961 # comes back mcast - so the capture needs to not filter this.
962 # If we happen to pick up the periodic RA at this point then so be it,
965 self.pg0.ip6_ra_config(send_unicast=1)
967 Ether(dst=dmac, src=self.pg0.remote_mac)
968 / IPv6(dst="ff02::2", src="::")
972 self.send_and_expect_ra(
975 "RS sourced from unspecified",
981 # Configure The RA to announce the links prefix
983 self.pg0.ip6_ra_prefix(
984 "%s/%s" % (self.pg0.local_ip6, self.pg0.local_ip6_prefix_len)
988 # RAs should now contain the prefix information option
990 opt = ICMPv6NDOptPrefixInfo(
991 prefixlen=self.pg0.local_ip6_prefix_len, prefix=self.pg0.local_ip6, L=1, A=1
994 self.pg0.ip6_ra_config(send_unicast=1)
995 ll = mk_ll_addr(self.pg0.remote_mac)
997 Ether(dst=self.pg0.local_mac, src=self.pg0.remote_mac)
998 / IPv6(dst=self.pg0.local_ip6, src=ll)
1001 self.send_and_expect_ra(self.pg0, p, "RA with prefix-info", dst_ip=ll, opt=opt)
1004 # Change the prefix info to not off-link
1007 self.pg0.ip6_ra_prefix(
1008 "%s/%s" % (self.pg0.local_ip6, self.pg0.local_ip6_prefix_len), off_link=1
1011 opt = ICMPv6NDOptPrefixInfo(
1012 prefixlen=self.pg0.local_ip6_prefix_len, prefix=self.pg0.local_ip6, L=0, A=1
1015 self.pg0.ip6_ra_config(send_unicast=1)
1016 self.send_and_expect_ra(
1017 self.pg0, p, "RA with Prefix info with L-flag=0", dst_ip=ll, opt=opt
1021 # Change the prefix info to not off-link, no-autoconfig
1022 # L and A flag are clear in the advert
1024 self.pg0.ip6_ra_prefix(
1025 "%s/%s" % (self.pg0.local_ip6, self.pg0.local_ip6_prefix_len),
1030 opt = ICMPv6NDOptPrefixInfo(
1031 prefixlen=self.pg0.local_ip6_prefix_len, prefix=self.pg0.local_ip6, L=0, A=0
1034 self.pg0.ip6_ra_config(send_unicast=1)
1035 self.send_and_expect_ra(
1036 self.pg0, p, "RA with Prefix info with A & L-flag=0", dst_ip=ll, opt=opt
1040 # Change the flag settings back to the defaults
1041 # L and A flag are set in the advert
1043 self.pg0.ip6_ra_prefix(
1044 "%s/%s" % (self.pg0.local_ip6, self.pg0.local_ip6_prefix_len)
1047 opt = ICMPv6NDOptPrefixInfo(
1048 prefixlen=self.pg0.local_ip6_prefix_len, prefix=self.pg0.local_ip6, L=1, A=1
1051 self.pg0.ip6_ra_config(send_unicast=1)
1052 self.send_and_expect_ra(self.pg0, p, "RA with Prefix info", dst_ip=ll, opt=opt)
1055 # Change the prefix info to not off-link, no-autoconfig
1056 # L and A flag are clear in the advert
1058 self.pg0.ip6_ra_prefix(
1059 "%s/%s" % (self.pg0.local_ip6, self.pg0.local_ip6_prefix_len),
1064 opt = ICMPv6NDOptPrefixInfo(
1065 prefixlen=self.pg0.local_ip6_prefix_len, prefix=self.pg0.local_ip6, L=0, A=0
1068 self.pg0.ip6_ra_config(send_unicast=1)
1069 self.send_and_expect_ra(
1070 self.pg0, p, "RA with Prefix info with A & L-flag=0", dst_ip=ll, opt=opt
1074 # Use the reset to defaults option to revert to defaults
1075 # L and A flag are clear in the advert
1077 self.pg0.ip6_ra_prefix(
1078 "%s/%s" % (self.pg0.local_ip6, self.pg0.local_ip6_prefix_len), use_default=1
1081 opt = ICMPv6NDOptPrefixInfo(
1082 prefixlen=self.pg0.local_ip6_prefix_len, prefix=self.pg0.local_ip6, L=1, A=1
1085 self.pg0.ip6_ra_config(send_unicast=1)
1086 self.send_and_expect_ra(
1087 self.pg0, p, "RA with Prefix reverted to defaults", dst_ip=ll, opt=opt
1091 # Advertise Another prefix. With no L-flag/A-flag
1093 self.pg0.ip6_ra_prefix(
1094 "%s/%s" % (self.pg1.local_ip6, self.pg1.local_ip6_prefix_len),
1100 ICMPv6NDOptPrefixInfo(
1101 prefixlen=self.pg0.local_ip6_prefix_len,
1102 prefix=self.pg0.local_ip6,
1106 ICMPv6NDOptPrefixInfo(
1107 prefixlen=self.pg1.local_ip6_prefix_len,
1108 prefix=self.pg1.local_ip6,
1114 self.pg0.ip6_ra_config(send_unicast=1)
1115 ll = mk_ll_addr(self.pg0.remote_mac)
1117 Ether(dst=self.pg0.local_mac, src=self.pg0.remote_mac)
1118 / IPv6(dst=self.pg0.local_ip6, src=ll)
1121 self.send_and_expect_ra(
1122 self.pg0, p, "RA with multiple Prefix infos", dst_ip=ll, opt=opt
1126 # Remove the first prefix-info - expect the second is still in the
1129 self.pg0.ip6_ra_prefix(
1130 "%s/%s" % (self.pg0.local_ip6, self.pg0.local_ip6_prefix_len), is_no=1
1133 opt = ICMPv6NDOptPrefixInfo(
1134 prefixlen=self.pg1.local_ip6_prefix_len, prefix=self.pg1.local_ip6, L=0, A=0
1137 self.pg0.ip6_ra_config(send_unicast=1)
1138 self.send_and_expect_ra(
1139 self.pg0, p, "RA with Prefix reverted to defaults", dst_ip=ll, opt=opt
1143 # Remove the second prefix-info - expect no prefix-info in the adverts
1145 self.pg0.ip6_ra_prefix(
1146 "%s/%s" % (self.pg1.local_ip6, self.pg1.local_ip6_prefix_len), is_no=1
1150 # change the link's link local, so we know that works too.
1152 self.vapi.sw_interface_ip6_set_link_local_address(
1153 sw_if_index=self.pg0.sw_if_index, ip="fe80::88"
1156 self.pg0.ip6_ra_config(send_unicast=1)
1157 self.send_and_expect_ra(
1160 "RA with Prefix reverted to defaults",
1166 # Reset the periodic advertisements back to default values
1168 self.pg0.ip6_ra_config(suppress=1)
1169 self.pg0.ip6_ra_config(no=1, send_unicast=1)
1174 # test one MLD is sent after applying an IPv6 Address on an interface
1176 self.pg_enable_capture(self.pg_interfaces)
1179 subitf = VppDot1QSubint(self, self.pg1, 99)
1180 self.interfaces.append(subitf)
1181 self.sub_interfaces.append(subitf)
1186 rxs = self.pg1._get_capture(timeout=4, filter_out_fn=None)
1189 # hunt for the MLD on vlan 99
1192 # make sure ipv6 packets with hop by hop options have
1194 self.assert_packet_checksums_valid(rx)
1196 rx.haslayer(IPv6ExtHdrHopByHop)
1197 and rx.haslayer(Dot1Q)
1198 and rx[Dot1Q].vlan == 99
1200 mld = rx[ICMPv6MLReport2]
1202 self.assertEqual(mld.records_number, 4)
1205 class TestIPv6RouteLookup(VppTestCase):
1206 """IPv6 Route Lookup Test Case"""
1210 def route_lookup(self, prefix, exact):
1211 return self.vapi.api(
1212 self.vapi.papi.ip_route_lookup,
1221 def setUpClass(cls):
1222 super(TestIPv6RouteLookup, cls).setUpClass()
1225 def tearDownClass(cls):
1226 super(TestIPv6RouteLookup, cls).tearDownClass()
1229 super(TestIPv6RouteLookup, self).setUp()
1231 drop_nh = VppRoutePath("::1", 0xFFFFFFFF, type=FibPathType.FIB_PATH_TYPE_DROP)
1234 r = VppIpRoute(self, "2001:1111::", 32, [drop_nh])
1236 self.routes.append(r)
1238 r = VppIpRoute(self, "2001:1111:2222::", 48, [drop_nh])
1240 self.routes.append(r)
1242 r = VppIpRoute(self, "2001:1111:2222::1", 128, [drop_nh])
1244 self.routes.append(r)
1247 # Remove the routes we added
1248 for r in self.routes:
1249 r.remove_vpp_config()
1251 super(TestIPv6RouteLookup, self).tearDown()
1253 def test_exact_match(self):
1254 # Verify we find the host route
1255 prefix = "2001:1111:2222::1/128"
1256 result = self.route_lookup(prefix, True)
1257 assert prefix == str(result.route.prefix)
1259 # Verify we find a middle prefix route
1260 prefix = "2001:1111:2222::/48"
1261 result = self.route_lookup(prefix, True)
1262 assert prefix == str(result.route.prefix)
1264 # Verify we do not find an available LPM.
1265 with self.vapi.assert_negative_api_retval():
1266 self.route_lookup("2001::2/128", True)
1268 def test_longest_prefix_match(self):
1269 # verify we find lpm
1270 lpm_prefix = "2001:1111:2222::/48"
1271 result = self.route_lookup("2001:1111:2222::2/128", False)
1272 assert lpm_prefix == str(result.route.prefix)
1274 # Verify we find the exact when not requested
1275 result = self.route_lookup(lpm_prefix, False)
1276 assert lpm_prefix == str(result.route.prefix)
1278 # Can't seem to delete the default route so no negative LPM test.
1281 class TestIPv6IfAddrRoute(VppTestCase):
1282 """IPv6 Interface Addr Route Test Case"""
1285 def setUpClass(cls):
1286 super(TestIPv6IfAddrRoute, cls).setUpClass()
1289 def tearDownClass(cls):
1290 super(TestIPv6IfAddrRoute, cls).tearDownClass()
1293 super(TestIPv6IfAddrRoute, self).setUp()
1295 # create 1 pg interface
1296 self.create_pg_interfaces(range(1))
1298 for i in self.pg_interfaces:
1304 super(TestIPv6IfAddrRoute, self).tearDown()
1305 for i in self.pg_interfaces:
1309 def test_ipv6_ifaddrs_same_prefix(self):
1310 """IPv6 Interface Addresses Same Prefix test
1314 - Verify no route in FIB for prefix 2001:10::/64
1315 - Configure IPv4 address 2001:10::10/64 on an interface
1316 - Verify route in FIB for prefix 2001:10::/64
1317 - Configure IPv4 address 2001:10::20/64 on an interface
1318 - Delete 2001:10::10/64 from interface
1319 - Verify route in FIB for prefix 2001:10::/64
1320 - Delete 2001:10::20/64 from interface
1321 - Verify no route in FIB for prefix 2001:10::/64
1324 addr1 = "2001:10::10"
1325 addr2 = "2001:10::20"
1327 if_addr1 = VppIpInterfaceAddress(self, self.pg0, addr1, 64)
1328 if_addr2 = VppIpInterfaceAddress(self, self.pg0, addr2, 64)
1329 self.assertFalse(if_addr1.query_vpp_config())
1330 self.assertFalse(find_route(self, addr1, 128))
1331 self.assertFalse(find_route(self, addr2, 128))
1333 # configure first address, verify route present
1334 if_addr1.add_vpp_config()
1335 self.assertTrue(if_addr1.query_vpp_config())
1336 self.assertTrue(find_route(self, addr1, 128))
1337 self.assertFalse(find_route(self, addr2, 128))
1339 # configure second address, delete first, verify route not removed
1340 if_addr2.add_vpp_config()
1341 if_addr1.remove_vpp_config()
1342 self.assertFalse(if_addr1.query_vpp_config())
1343 self.assertTrue(if_addr2.query_vpp_config())
1344 self.assertFalse(find_route(self, addr1, 128))
1345 self.assertTrue(find_route(self, addr2, 128))
1347 # delete second address, verify route removed
1348 if_addr2.remove_vpp_config()
1349 self.assertFalse(if_addr1.query_vpp_config())
1350 self.assertFalse(find_route(self, addr1, 128))
1351 self.assertFalse(find_route(self, addr2, 128))
1353 def test_ipv6_ifaddr_del(self):
1354 """Delete an interface address that does not exist"""
1356 loopbacks = self.create_loopback_interfaces(1)
1357 lo = self.lo_interfaces[0]
1363 # try and remove pg0's subnet from lo
1365 with self.vapi.assert_negative_api_retval():
1366 self.vapi.sw_interface_add_del_address(
1367 sw_if_index=lo.sw_if_index, prefix=self.pg0.local_ip6_prefix, is_add=0
1371 class TestICMPv6Echo(VppTestCase):
1372 """ICMPv6 Echo Test Case"""
1375 def setUpClass(cls):
1376 super(TestICMPv6Echo, cls).setUpClass()
1379 def tearDownClass(cls):
1380 super(TestICMPv6Echo, cls).tearDownClass()
1383 super(TestICMPv6Echo, self).setUp()
1385 # create 1 pg interface
1386 self.create_pg_interfaces(range(1))
1388 for i in self.pg_interfaces:
1391 i.resolve_ndp(link_layer=True)
1395 super(TestICMPv6Echo, self).tearDown()
1396 for i in self.pg_interfaces:
1400 def test_icmpv6_echo(self):
1401 """VPP replies to ICMPv6 Echo Request
1405 - Receive ICMPv6 Echo Request message on pg0 interface.
1406 - Check outgoing ICMPv6 Echo Reply message on pg0 interface.
1409 # test both with global and local ipv6 addresses
1410 dsts = (self.pg0.local_ip6, self.pg0.local_ip6_ll)
1418 Ether(src=self.pg0.remote_mac, dst=self.pg0.local_mac)
1419 / IPv6(src=self.pg0.remote_ip6, dst=dst)
1420 / ICMPv6EchoRequest(id=id, seq=seq, data=data)
1424 self.pg0.add_stream(p)
1425 self.pg_enable_capture(self.pg_interfaces)
1427 rxs = self.pg0.get_capture(len(dsts))
1429 for rx, dst in zip(rxs, dsts):
1432 icmpv6 = rx[ICMPv6EchoReply]
1433 self.assertEqual(ether.src, self.pg0.local_mac)
1434 self.assertEqual(ether.dst, self.pg0.remote_mac)
1435 self.assertEqual(ipv6.src, dst)
1436 self.assertEqual(ipv6.dst, self.pg0.remote_ip6)
1437 self.assertEqual(icmp6types[icmpv6.type], "Echo Reply")
1438 self.assertEqual(icmpv6.id, id)
1439 self.assertEqual(icmpv6.seq, seq)
1440 self.assertEqual(icmpv6.data, data)
1443 class TestIPv6RD(TestIPv6ND):
1444 """IPv6 Router Discovery Test Case"""
1447 def setUpClass(cls):
1448 super(TestIPv6RD, cls).setUpClass()
1451 def tearDownClass(cls):
1452 super(TestIPv6RD, cls).tearDownClass()
1455 super(TestIPv6RD, self).setUp()
1457 # create 2 pg interfaces
1458 self.create_pg_interfaces(range(2))
1460 self.interfaces = list(self.pg_interfaces)
1462 # setup all interfaces
1463 for i in self.interfaces:
1468 for i in self.interfaces:
1471 super(TestIPv6RD, self).tearDown()
1473 def test_rd_send_router_solicitation(self):
1474 """Verify router solicitation packets"""
1477 self.pg_enable_capture(self.pg_interfaces)
1479 self.vapi.ip6nd_send_router_solicitation(self.pg1.sw_if_index, mrc=count)
1480 rx_list = self.pg1.get_capture(count, timeout=3)
1481 self.assertEqual(len(rx_list), count)
1482 for packet in rx_list:
1483 self.assertEqual(packet.haslayer(IPv6), 1)
1484 self.assertEqual(packet[IPv6].haslayer(ICMPv6ND_RS), 1)
1485 dst = ip6_normalize(packet[IPv6].dst)
1486 dst2 = ip6_normalize("ff02::2")
1487 self.assert_equal(dst, dst2)
1488 src = ip6_normalize(packet[IPv6].src)
1489 src2 = ip6_normalize(self.pg1.local_ip6_ll)
1490 self.assert_equal(src, src2)
1491 self.assertTrue(bool(packet[ICMPv6ND_RS].haslayer(ICMPv6NDOptSrcLLAddr)))
1492 self.assert_equal(packet[ICMPv6NDOptSrcLLAddr].lladdr, self.pg1.local_mac)
1494 def verify_prefix_info(self, reported_prefix, prefix_option):
1495 prefix = IPv6Network(
1497 prefix_option.getfieldval("prefix")
1499 + text_type(prefix_option.getfieldval("prefixlen"))
1504 reported_prefix.prefix.network_address, prefix.network_address
1506 L = prefix_option.getfieldval("L")
1507 A = prefix_option.getfieldval("A")
1508 option_flags = (L << 7) | (A << 6)
1509 self.assert_equal(reported_prefix.flags, option_flags)
1511 reported_prefix.valid_time, prefix_option.getfieldval("validlifetime")
1514 reported_prefix.preferred_time,
1515 prefix_option.getfieldval("preferredlifetime"),
1518 def test_rd_receive_router_advertisement(self):
1519 """Verify events triggered by received RA packets"""
1521 self.vapi.want_ip6_ra_events(enable=1)
1523 prefix_info_1 = ICMPv6NDOptPrefixInfo(
1527 preferredlifetime=500,
1532 prefix_info_2 = ICMPv6NDOptPrefixInfo(
1536 preferredlifetime=1000,
1542 Ether(dst=self.pg1.local_mac, src=self.pg1.remote_mac)
1543 / IPv6(dst=self.pg1.local_ip6_ll, src=mk_ll_addr(self.pg1.remote_mac))
1548 self.pg1.add_stream([p])
1551 ev = self.vapi.wait_for_event(10, "ip6_ra_event")
1553 self.assert_equal(ev.current_hop_limit, 0)
1554 self.assert_equal(ev.flags, 8)
1555 self.assert_equal(ev.router_lifetime_in_sec, 1800)
1556 self.assert_equal(ev.neighbor_reachable_time_in_msec, 0)
1558 ev.time_in_msec_between_retransmitted_neighbor_solicitations, 0
1561 self.assert_equal(ev.n_prefixes, 2)
1563 self.verify_prefix_info(ev.prefixes[0], prefix_info_1)
1564 self.verify_prefix_info(ev.prefixes[1], prefix_info_2)
1567 class TestIPv6RDControlPlane(TestIPv6ND):
1568 """IPv6 Router Discovery Control Plane Test Case"""
1571 def setUpClass(cls):
1572 super(TestIPv6RDControlPlane, cls).setUpClass()
1575 def tearDownClass(cls):
1576 super(TestIPv6RDControlPlane, cls).tearDownClass()
1579 super(TestIPv6RDControlPlane, self).setUp()
1581 # create 1 pg interface
1582 self.create_pg_interfaces(range(1))
1584 self.interfaces = list(self.pg_interfaces)
1586 # setup all interfaces
1587 for i in self.interfaces:
1592 super(TestIPv6RDControlPlane, self).tearDown()
1595 def create_ra_packet(pg, routerlifetime=None):
1596 src_ip = pg.remote_ip6_ll
1597 dst_ip = pg.local_ip6
1598 if routerlifetime is not None:
1599 ra = ICMPv6ND_RA(routerlifetime=routerlifetime)
1603 Ether(dst=pg.local_mac, src=pg.remote_mac)
1604 / IPv6(dst=dst_ip, src=src_ip)
1610 def get_default_routes(fib):
1613 if entry.route.prefix.prefixlen == 0:
1614 for path in entry.route.paths:
1615 if path.sw_if_index != 0xFFFFFFFF:
1617 defaut_route["sw_if_index"] = path.sw_if_index
1618 defaut_route["next_hop"] = path.nh.address.ip6
1619 list.append(defaut_route)
1623 def get_interface_addresses(fib, pg):
1626 if entry.route.prefix.prefixlen == 128:
1627 path = entry.route.paths[0]
1628 if path.sw_if_index == pg.sw_if_index:
1629 list.append(str(entry.route.prefix.network_address))
1632 def wait_for_no_default_route(self, n_tries=50, s_time=1):
1634 fib = self.vapi.ip_route_dump(0, True)
1635 default_routes = self.get_default_routes(fib)
1636 if 0 == len(default_routes):
1638 n_tries = n_tries - 1
1644 """Test handling of SLAAC addresses and default routes"""
1646 fib = self.vapi.ip_route_dump(0, True)
1647 default_routes = self.get_default_routes(fib)
1648 initial_addresses = set(self.get_interface_addresses(fib, self.pg0))
1649 self.assertEqual(default_routes, [])
1650 router_address = IPv6Address(text_type(self.pg0.remote_ip6_ll))
1652 self.vapi.ip6_nd_address_autoconfig(self.pg0.sw_if_index, 1, 1)
1658 self.create_ra_packet(self.pg0)
1659 / ICMPv6NDOptPrefixInfo(
1663 preferredlifetime=2,
1667 / ICMPv6NDOptPrefixInfo(
1671 preferredlifetime=1000,
1676 self.pg0.add_stream([packet])
1679 self.sleep_on_vpp_time(0.1)
1681 fib = self.vapi.ip_route_dump(0, True)
1683 # check FIB for new address
1684 addresses = set(self.get_interface_addresses(fib, self.pg0))
1685 new_addresses = addresses.difference(initial_addresses)
1686 self.assertEqual(len(new_addresses), 1)
1687 prefix = IPv6Network(
1688 text_type("%s/%d" % (list(new_addresses)[0], 20)), strict=False
1690 self.assertEqual(prefix, IPv6Network(text_type("1::/20")))
1692 # check FIB for new default route
1693 default_routes = self.get_default_routes(fib)
1694 self.assertEqual(len(default_routes), 1)
1695 dr = default_routes[0]
1696 self.assertEqual(dr["sw_if_index"], self.pg0.sw_if_index)
1697 self.assertEqual(dr["next_hop"], router_address)
1699 # send RA to delete default route
1700 packet = self.create_ra_packet(self.pg0, routerlifetime=0)
1701 self.pg0.add_stream([packet])
1704 self.sleep_on_vpp_time(0.1)
1706 # check that default route is deleted
1707 fib = self.vapi.ip_route_dump(0, True)
1708 default_routes = self.get_default_routes(fib)
1709 self.assertEqual(len(default_routes), 0)
1711 self.sleep_on_vpp_time(0.1)
1714 packet = self.create_ra_packet(self.pg0)
1715 self.pg0.add_stream([packet])
1718 self.sleep_on_vpp_time(0.1)
1720 # check FIB for new default route
1721 fib = self.vapi.ip_route_dump(0, True)
1722 default_routes = self.get_default_routes(fib)
1723 self.assertEqual(len(default_routes), 1)
1724 dr = default_routes[0]
1725 self.assertEqual(dr["sw_if_index"], self.pg0.sw_if_index)
1726 self.assertEqual(dr["next_hop"], router_address)
1728 # send RA, updating router lifetime to 1s
1729 packet = self.create_ra_packet(self.pg0, 1)
1730 self.pg0.add_stream([packet])
1733 self.sleep_on_vpp_time(0.1)
1735 # check that default route still exists
1736 fib = self.vapi.ip_route_dump(0, True)
1737 default_routes = self.get_default_routes(fib)
1738 self.assertEqual(len(default_routes), 1)
1739 dr = default_routes[0]
1740 self.assertEqual(dr["sw_if_index"], self.pg0.sw_if_index)
1741 self.assertEqual(dr["next_hop"], router_address)
1743 self.sleep_on_vpp_time(1)
1745 # check that default route is deleted
1746 self.assertTrue(self.wait_for_no_default_route())
1748 # check FIB still contains the SLAAC address
1749 addresses = set(self.get_interface_addresses(fib, self.pg0))
1750 new_addresses = addresses.difference(initial_addresses)
1752 self.assertEqual(len(new_addresses), 1)
1753 prefix = IPv6Network(
1754 text_type("%s/%d" % (list(new_addresses)[0], 20)), strict=False
1756 self.assertEqual(prefix, IPv6Network(text_type("1::/20")))
1758 self.sleep_on_vpp_time(1)
1760 # check that SLAAC address is deleted
1761 fib = self.vapi.ip_route_dump(0, True)
1762 addresses = set(self.get_interface_addresses(fib, self.pg0))
1763 new_addresses = addresses.difference(initial_addresses)
1764 self.assertEqual(len(new_addresses), 0)
1767 class IPv6NDProxyTest(TestIPv6ND):
1768 """IPv6 ND ProxyTest Case"""
1771 def setUpClass(cls):
1772 super(IPv6NDProxyTest, cls).setUpClass()
1775 def tearDownClass(cls):
1776 super(IPv6NDProxyTest, cls).tearDownClass()
1779 super(IPv6NDProxyTest, self).setUp()
1781 # create 3 pg interfaces
1782 self.create_pg_interfaces(range(3))
1784 # pg0 is the master interface, with the configured subnet
1786 self.pg0.config_ip6()
1787 self.pg0.resolve_ndp()
1789 self.pg1.ip6_enable()
1790 self.pg2.ip6_enable()
1793 super(IPv6NDProxyTest, self).tearDown()
1795 def test_nd_proxy(self):
1799 # Generate some hosts in the subnet that we are proxying
1801 self.pg0.generate_remote_hosts(8)
1803 nsma = in6_getnsma(inet_pton(AF_INET6, self.pg0.local_ip6))
1804 d = inet_ntop(AF_INET6, nsma)
1807 # Send an NS for one of those remote hosts on one of the proxy links
1808 # expect no response since it's from an address that is not
1809 # on the link that has the prefix configured
1812 Ether(dst=in6_getnsmac(nsma), src=self.pg1.remote_mac)
1813 / IPv6(dst=d, src=self.pg0._remote_hosts[2].ip6)
1814 / ICMPv6ND_NS(tgt=self.pg0.local_ip6)
1815 / ICMPv6NDOptSrcLLAddr(lladdr=self.pg0._remote_hosts[2].mac)
1818 self.send_and_assert_no_replies(self.pg1, ns_pg1, "Off link NS")
1821 # Add proxy support for the host
1823 self.vapi.ip6nd_proxy_add_del(
1825 ip=inet_pton(AF_INET6, self.pg0._remote_hosts[2].ip6),
1826 sw_if_index=self.pg1.sw_if_index,
1830 # try that NS again. this time we expect an NA back
1832 self.send_and_expect_na(
1835 "NS to proxy entry",
1836 dst_ip=self.pg0._remote_hosts[2].ip6,
1837 tgt_ip=self.pg0.local_ip6,
1841 # ... and that we have an entry in the ND cache
1844 find_nbr(self, self.pg1.sw_if_index, self.pg0._remote_hosts[2].ip6)
1848 # ... and we can route traffic to it
1851 Ether(dst=self.pg0.local_mac, src=self.pg0.remote_mac)
1852 / IPv6(dst=self.pg0._remote_hosts[2].ip6, src=self.pg0.remote_ip6)
1853 / inet6.UDP(sport=10000, dport=20000)
1854 / Raw(b"\xa5" * 100)
1857 self.pg0.add_stream(t)
1858 self.pg_enable_capture(self.pg_interfaces)
1860 rx = self.pg1.get_capture(1)
1863 self.assertEqual(rx[Ether].dst, self.pg0._remote_hosts[2].mac)
1864 self.assertEqual(rx[Ether].src, self.pg1.local_mac)
1866 self.assertEqual(rx[IPv6].src, t[IPv6].src)
1867 self.assertEqual(rx[IPv6].dst, t[IPv6].dst)
1870 # Test we proxy for the host on the main interface
1873 Ether(dst=in6_getnsmac(nsma), src=self.pg0.remote_mac)
1874 / IPv6(dst=d, src=self.pg0.remote_ip6)
1875 / ICMPv6ND_NS(tgt=self.pg0._remote_hosts[2].ip6)
1876 / ICMPv6NDOptSrcLLAddr(lladdr=self.pg0.remote_mac)
1879 self.send_and_expect_na(
1882 "NS to proxy entry on main",
1883 tgt_ip=self.pg0._remote_hosts[2].ip6,
1884 dst_ip=self.pg0.remote_ip6,
1888 # Setup and resolve proxy for another host on another interface
1891 Ether(dst=in6_getnsmac(nsma), src=self.pg2.remote_mac)
1892 / IPv6(dst=d, src=self.pg0._remote_hosts[3].ip6)
1893 / ICMPv6ND_NS(tgt=self.pg0.local_ip6)
1894 / ICMPv6NDOptSrcLLAddr(lladdr=self.pg0._remote_hosts[2].mac)
1897 self.vapi.ip6nd_proxy_add_del(
1899 ip=inet_pton(AF_INET6, self.pg0._remote_hosts[3].ip6),
1900 sw_if_index=self.pg2.sw_if_index,
1903 self.send_and_expect_na(
1906 "NS to proxy entry other interface",
1907 dst_ip=self.pg0._remote_hosts[3].ip6,
1908 tgt_ip=self.pg0.local_ip6,
1912 find_nbr(self, self.pg2.sw_if_index, self.pg0._remote_hosts[3].ip6)
1916 # hosts can communicate. pg2->pg1
1919 Ether(dst=self.pg2.local_mac, src=self.pg0.remote_hosts[3].mac)
1920 / IPv6(dst=self.pg0._remote_hosts[2].ip6, src=self.pg0._remote_hosts[3].ip6)
1921 / inet6.UDP(sport=10000, dport=20000)
1922 / Raw(b"\xa5" * 100)
1925 self.pg2.add_stream(t2)
1926 self.pg_enable_capture(self.pg_interfaces)
1928 rx = self.pg1.get_capture(1)
1931 self.assertEqual(rx[Ether].dst, self.pg0._remote_hosts[2].mac)
1932 self.assertEqual(rx[Ether].src, self.pg1.local_mac)
1934 self.assertEqual(rx[IPv6].src, t2[IPv6].src)
1935 self.assertEqual(rx[IPv6].dst, t2[IPv6].dst)
1938 # remove the proxy configs
1940 self.vapi.ip6nd_proxy_add_del(
1941 ip=inet_pton(AF_INET6, self.pg0._remote_hosts[2].ip6),
1942 sw_if_index=self.pg1.sw_if_index,
1945 self.vapi.ip6nd_proxy_add_del(
1946 ip=inet_pton(AF_INET6, self.pg0._remote_hosts[3].ip6),
1947 sw_if_index=self.pg2.sw_if_index,
1952 find_nbr(self, self.pg2.sw_if_index, self.pg0._remote_hosts[3].ip6)
1955 find_nbr(self, self.pg1.sw_if_index, self.pg0._remote_hosts[2].ip6)
1959 # no longer proxy-ing...
1961 self.send_and_assert_no_replies(self.pg0, ns_pg0, "Proxy unconfigured")
1962 self.send_and_assert_no_replies(self.pg1, ns_pg1, "Proxy unconfigured")
1963 self.send_and_assert_no_replies(self.pg2, ns_pg2, "Proxy unconfigured")
1966 # no longer forwarding. traffic generates NS out of the glean/main
1969 self.pg2.add_stream(t2)
1970 self.pg_enable_capture(self.pg_interfaces)
1973 rx = self.pg0.get_capture(1)
1975 self.assertTrue(rx[0].haslayer(ICMPv6ND_NS))
1978 class TestIP6Null(VppTestCase):
1979 """IPv6 routes via NULL"""
1982 def setUpClass(cls):
1983 super(TestIP6Null, cls).setUpClass()
1986 def tearDownClass(cls):
1987 super(TestIP6Null, cls).tearDownClass()
1990 super(TestIP6Null, self).setUp()
1992 # create 2 pg interfaces
1993 self.create_pg_interfaces(range(1))
1995 for i in self.pg_interfaces:
2001 super(TestIP6Null, self).tearDown()
2002 for i in self.pg_interfaces:
2006 def test_ip_null(self):
2010 Ether(src=self.pg0.remote_mac, dst=self.pg0.local_mac)
2011 / IPv6(src=self.pg0.remote_ip6, dst="2001::1")
2012 / inet6.UDP(sport=1234, dport=1234)
2013 / Raw(b"\xa5" * 100)
2017 # A route via IP NULL that will reply with ICMP unreachables
2019 ip_unreach = VppIpRoute(
2025 "::", 0xFFFFFFFF, type=FibPathType.FIB_PATH_TYPE_ICMP_UNREACH
2029 ip_unreach.add_vpp_config()
2031 self.pg0.add_stream(p)
2032 self.pg_enable_capture(self.pg_interfaces)
2035 rx = self.pg0.get_capture(1)
2037 icmp = rx[ICMPv6DestUnreach]
2039 # 0 = "No route to destination"
2040 self.assertEqual(icmp.code, 0)
2042 # ICMP is rate limited. pause a bit
2046 # A route via IP NULL that will reply with ICMP prohibited
2048 ip_prohibit = VppIpRoute(
2054 "::", 0xFFFFFFFF, type=FibPathType.FIB_PATH_TYPE_ICMP_PROHIBIT
2058 ip_prohibit.add_vpp_config()
2060 self.pg0.add_stream(p)
2061 self.pg_enable_capture(self.pg_interfaces)
2064 rx = self.pg0.get_capture(1)
2066 icmp = rx[ICMPv6DestUnreach]
2068 # 1 = "Communication with destination administratively prohibited"
2069 self.assertEqual(icmp.code, 1)
2072 class TestIP6Disabled(VppTestCase):
2076 def setUpClass(cls):
2077 super(TestIP6Disabled, cls).setUpClass()
2080 def tearDownClass(cls):
2081 super(TestIP6Disabled, cls).tearDownClass()
2084 super(TestIP6Disabled, self).setUp()
2086 # create 2 pg interfaces
2087 self.create_pg_interfaces(range(2))
2091 self.pg0.config_ip6()
2092 self.pg0.resolve_ndp()
2094 # PG 1 is not IP enabled
2098 super(TestIP6Disabled, self).tearDown()
2099 for i in self.pg_interfaces:
2103 def test_ip_disabled(self):
2106 MRouteItfFlags = VppEnum.vl_api_mfib_itf_flags_t
2107 MRouteEntryFlags = VppEnum.vl_api_mfib_entry_flags_t
2110 # one accepting interface, pg0, 2 forwarding interfaces
2112 route_ff_01 = VppIpMRoute(
2117 MRouteEntryFlags.MFIB_API_ENTRY_FLAG_NONE,
2120 self.pg1.sw_if_index, MRouteItfFlags.MFIB_API_ITF_FLAG_ACCEPT
2123 self.pg0.sw_if_index, MRouteItfFlags.MFIB_API_ITF_FLAG_FORWARD
2127 route_ff_01.add_vpp_config()
2130 Ether(src=self.pg1.remote_mac, dst=self.pg1.local_mac)
2131 / IPv6(src="2001::1", dst=self.pg0.remote_ip6)
2132 / inet6.UDP(sport=1234, dport=1234)
2133 / Raw(b"\xa5" * 100)
2136 Ether(src=self.pg1.remote_mac, dst=self.pg1.local_mac)
2137 / IPv6(src="2001::1", dst="ffef::1")
2138 / inet6.UDP(sport=1234, dport=1234)
2139 / Raw(b"\xa5" * 100)
2143 # PG1 does not forward IP traffic
2145 self.send_and_assert_no_replies(self.pg1, pu, "IPv6 disabled")
2146 self.send_and_assert_no_replies(self.pg1, pm, "IPv6 disabled")
2151 self.pg1.config_ip6()
2154 # Now we get packets through
2156 self.pg1.add_stream(pu)
2157 self.pg_enable_capture(self.pg_interfaces)
2159 rx = self.pg0.get_capture(1)
2161 self.pg1.add_stream(pm)
2162 self.pg_enable_capture(self.pg_interfaces)
2164 rx = self.pg0.get_capture(1)
2169 self.pg1.unconfig_ip6()
2172 # PG1 does not forward IP traffic
2174 self.send_and_assert_no_replies(self.pg1, pu, "IPv6 disabled")
2175 self.send_and_assert_no_replies(self.pg1, pm, "IPv6 disabled")
2178 class TestIP6LoadBalance(VppTestCase):
2179 """IPv6 Load-Balancing"""
2182 def setUpClass(cls):
2183 super(TestIP6LoadBalance, cls).setUpClass()
2186 def tearDownClass(cls):
2187 super(TestIP6LoadBalance, cls).tearDownClass()
2190 super(TestIP6LoadBalance, self).setUp()
2192 self.create_pg_interfaces(range(5))
2194 mpls_tbl = VppMplsTable(self, 0)
2195 mpls_tbl.add_vpp_config()
2197 for i in self.pg_interfaces:
2204 for i in self.pg_interfaces:
2208 super(TestIP6LoadBalance, self).tearDown()
2210 def test_ip6_load_balance(self):
2211 """IPv6 Load-Balancing"""
2214 # An array of packets that differ only in the destination port
2218 # - MPLS non-EOS with an entropy label
2222 port_mpls_neos_pkts = []
2226 # An array of packets that differ only in the source address
2231 for ii in range(NUM_PKTS):
2233 IPv6(dst="3000::1", src="3000:1::1")
2234 / inet6.UDP(sport=1234, dport=1234 + ii)
2235 / Raw(b"\xa5" * 100)
2237 port_ip_pkts.append(
2238 (Ether(src=self.pg0.remote_mac, dst=self.pg0.local_mac) / port_ip_hdr)
2240 port_mpls_pkts.append(
2242 Ether(src=self.pg0.remote_mac, dst=self.pg0.local_mac)
2243 / MPLS(label=66, ttl=2)
2247 port_mpls_neos_pkts.append(
2249 Ether(src=self.pg0.remote_mac, dst=self.pg0.local_mac)
2250 / MPLS(label=67, ttl=2)
2251 / MPLS(label=77, ttl=2)
2255 port_ent_pkts.append(
2257 Ether(src=self.pg0.remote_mac, dst=self.pg0.local_mac)
2258 / MPLS(label=67, ttl=2)
2259 / MPLS(label=14, ttl=2)
2260 / MPLS(label=999, ttl=2)
2265 IPv6(dst="3000::1", src="3000:1::%d" % ii)
2266 / inet6.UDP(sport=1234, dport=1234)
2267 / Raw(b"\xa5" * 100)
2270 (Ether(src=self.pg0.remote_mac, dst=self.pg0.local_mac) / src_ip_hdr)
2272 src_mpls_pkts.append(
2274 Ether(src=self.pg0.remote_mac, dst=self.pg0.local_mac)
2275 / MPLS(label=66, ttl=2)
2281 # A route for the IP packets
2283 route_3000_1 = VppIpRoute(
2288 VppRoutePath(self.pg1.remote_ip6, self.pg1.sw_if_index),
2289 VppRoutePath(self.pg2.remote_ip6, self.pg2.sw_if_index),
2292 route_3000_1.add_vpp_config()
2295 # a local-label for the EOS packets
2297 binding = VppMplsIpBind(self, 66, "3000::1", 128, is_ip6=1)
2298 binding.add_vpp_config()
2301 # An MPLS route for the non-EOS packets
2303 route_67 = VppMplsRoute(
2308 VppRoutePath(self.pg1.remote_ip6, self.pg1.sw_if_index, labels=[67]),
2309 VppRoutePath(self.pg2.remote_ip6, self.pg2.sw_if_index, labels=[67]),
2312 route_67.add_vpp_config()
2315 # inject the packet on pg0 - expect load-balancing across the 2 paths
2316 # - since the default hash config is to use IP src,dst and port
2318 # We are not going to ensure equal amounts of packets across each link,
2319 # since the hash algorithm is statistical and therefore this can never
2320 # be guaranteed. But with 64 different packets we do expect some
2321 # balancing. So instead just ensure there is traffic on each link.
2323 rx = self.send_and_expect_load_balancing(
2324 self.pg0, port_ip_pkts, [self.pg1, self.pg2]
2326 n_ip_pg0 = len(rx[0])
2327 self.send_and_expect_load_balancing(self.pg0, src_ip_pkts, [self.pg1, self.pg2])
2328 self.send_and_expect_load_balancing(
2329 self.pg0, port_mpls_pkts, [self.pg1, self.pg2]
2331 self.send_and_expect_load_balancing(
2332 self.pg0, src_mpls_pkts, [self.pg1, self.pg2]
2334 rx = self.send_and_expect_load_balancing(
2335 self.pg0, port_mpls_neos_pkts, [self.pg1, self.pg2]
2337 n_mpls_pg0 = len(rx[0])
2340 # change the router ID and expect the distribution changes
2342 self.vapi.set_ip_flow_hash_router_id(router_id=0x11111111)
2344 rx = self.send_and_expect_load_balancing(
2345 self.pg0, port_ip_pkts, [self.pg1, self.pg2]
2347 self.assertNotEqual(n_ip_pg0, len(rx[0]))
2349 rx = self.send_and_expect_load_balancing(
2350 self.pg0, src_mpls_pkts, [self.pg1, self.pg2]
2352 self.assertNotEqual(n_mpls_pg0, len(rx[0]))
2355 # The packets with Entropy label in should not load-balance,
2356 # since the Entropy value is fixed.
2358 self.send_and_expect_only(self.pg0, port_ent_pkts, self.pg1)
2361 # change the flow hash config so it's only IP src,dst
2362 # - now only the stream with differing source address will
2365 self.vapi.set_ip_flow_hash(
2366 vrf_id=0, src=1, dst=1, proto=1, sport=0, dport=0, is_ipv6=1
2369 self.send_and_expect_load_balancing(self.pg0, src_ip_pkts, [self.pg1, self.pg2])
2370 self.send_and_expect_load_balancing(
2371 self.pg0, src_mpls_pkts, [self.pg1, self.pg2]
2373 self.send_and_expect_only(self.pg0, port_ip_pkts, self.pg2)
2376 # change the flow hash config back to defaults
2378 self.vapi.set_ip_flow_hash(
2379 vrf_id=0, src=1, dst=1, sport=1, dport=1, proto=1, is_ipv6=1
2383 # Recursive prefixes
2384 # - testing that 2 stages of load-balancing occurs and there is no
2385 # polarisation (i.e. only 2 of 4 paths are used)
2390 for ii in range(257):
2393 Ether(src=self.pg0.remote_mac, dst=self.pg0.local_mac)
2394 / IPv6(dst="4000::1", src="4000:1::1")
2395 / inet6.UDP(sport=1234, dport=1234 + ii)
2396 / Raw(b"\xa5" * 100)
2401 Ether(src=self.pg0.remote_mac, dst=self.pg0.local_mac)
2402 / IPv6(dst="4000::1", src="4000:1::%d" % ii)
2403 / inet6.UDP(sport=1234, dport=1234)
2404 / Raw(b"\xa5" * 100)
2408 route_3000_2 = VppIpRoute(
2413 VppRoutePath(self.pg3.remote_ip6, self.pg3.sw_if_index),
2414 VppRoutePath(self.pg4.remote_ip6, self.pg4.sw_if_index),
2417 route_3000_2.add_vpp_config()
2419 route_4000_1 = VppIpRoute(
2423 [VppRoutePath("3000::1", 0xFFFFFFFF), VppRoutePath("3000::2", 0xFFFFFFFF)],
2425 route_4000_1.add_vpp_config()
2428 # inject the packet on pg0 - expect load-balancing across all 4 paths
2430 self.vapi.cli("clear trace")
2431 self.send_and_expect_load_balancing(
2432 self.pg0, port_pkts, [self.pg1, self.pg2, self.pg3, self.pg4]
2434 self.send_and_expect_load_balancing(
2435 self.pg0, src_pkts, [self.pg1, self.pg2, self.pg3, self.pg4]
2439 # Recursive prefixes
2440 # - testing that 2 stages of load-balancing no choices
2444 for ii in range(257):
2447 Ether(src=self.pg0.remote_mac, dst=self.pg0.local_mac)
2448 / IPv6(dst="6000::1", src="6000:1::1")
2449 / inet6.UDP(sport=1234, dport=1234 + ii)
2450 / Raw(b"\xa5" * 100)
2454 route_5000_2 = VppIpRoute(
2458 [VppRoutePath(self.pg3.remote_ip6, self.pg3.sw_if_index)],
2460 route_5000_2.add_vpp_config()
2462 route_6000_1 = VppIpRoute(
2463 self, "6000::1", 128, [VppRoutePath("5000::2", 0xFFFFFFFF)]
2465 route_6000_1.add_vpp_config()
2468 # inject the packet on pg0 - expect load-balancing across all 4 paths
2470 self.vapi.cli("clear trace")
2471 self.send_and_expect_only(self.pg0, port_pkts, self.pg3)
2474 class IP6PuntSetup(object):
2475 """Setup for IPv6 Punt Police/Redirect"""
2477 def punt_setup(self):
2478 self.create_pg_interfaces(range(4))
2480 for i in self.pg_interfaces:
2486 Ether(src=self.pg0.remote_mac, dst=self.pg0.local_mac)
2487 / IPv6(src=self.pg0.remote_ip6, dst=self.pg0.local_ip6)
2488 / inet6.TCP(sport=1234, dport=1234)
2489 / Raw(b"\xa5" * 100)
2492 def punt_teardown(self):
2493 for i in self.pg_interfaces:
2498 class TestIP6Punt(IP6PuntSetup, VppTestCase):
2499 """IPv6 Punt Police/Redirect"""
2502 super(TestIP6Punt, self).setUp()
2503 super(TestIP6Punt, self).punt_setup()
2506 super(TestIP6Punt, self).punt_teardown()
2507 super(TestIP6Punt, self).tearDown()
2509 def test_ip_punt(self):
2510 """IP6 punt police and redirect"""
2512 pkts = self.pkt * 1025
2515 # Configure a punt redirect via pg1.
2517 nh_addr = self.pg1.remote_ip6
2518 ip_punt_redirect = VppIpPuntRedirect(
2519 self, self.pg0.sw_if_index, self.pg1.sw_if_index, nh_addr
2521 ip_punt_redirect.add_vpp_config()
2523 self.send_and_expect(self.pg0, pkts, self.pg1)
2528 policer = VppPolicer(self, "ip6-punt", 400, 0, 10, 0, rate_type=1)
2529 policer.add_vpp_config()
2530 ip_punt_policer = VppIpPuntPolicer(self, policer.policer_index, is_ip6=True)
2531 ip_punt_policer.add_vpp_config()
2533 self.vapi.cli("clear trace")
2534 self.pg0.add_stream(pkts)
2535 self.pg_enable_capture(self.pg_interfaces)
2539 # the number of packet received should be greater than 0,
2540 # but not equal to the number sent, since some were policed
2542 rx = self.pg1._get_capture(1)
2543 stats = policer.get_stats()
2545 # Single rate policer - expect conform, violate but no exceed
2546 self.assertGreater(stats["conform_packets"], 0)
2547 self.assertEqual(stats["exceed_packets"], 0)
2548 self.assertGreater(stats["violate_packets"], 0)
2550 self.assertGreater(len(rx), 0)
2551 self.assertLess(len(rx), len(pkts))
2554 # remove the policer. back to full rx
2556 ip_punt_policer.remove_vpp_config()
2557 policer.remove_vpp_config()
2558 self.send_and_expect(self.pg0, pkts, self.pg1)
2561 # remove the redirect. expect full drop.
2563 ip_punt_redirect.remove_vpp_config()
2564 self.send_and_assert_no_replies(self.pg0, pkts, "IP no punt config")
2567 # Add a redirect that is not input port selective
2569 ip_punt_redirect = VppIpPuntRedirect(
2570 self, 0xFFFFFFFF, self.pg1.sw_if_index, nh_addr
2572 ip_punt_redirect.add_vpp_config()
2573 self.send_and_expect(self.pg0, pkts, self.pg1)
2574 ip_punt_redirect.remove_vpp_config()
2576 def test_ip_punt_dump(self):
2577 """IP6 punt redirect dump"""
2580 # Configure a punt redirects
2582 nh_address = self.pg3.remote_ip6
2583 ipr_03 = VppIpPuntRedirect(
2584 self, self.pg0.sw_if_index, self.pg3.sw_if_index, nh_address
2586 ipr_13 = VppIpPuntRedirect(
2587 self, self.pg1.sw_if_index, self.pg3.sw_if_index, nh_address
2589 ipr_23 = VppIpPuntRedirect(
2590 self, self.pg2.sw_if_index, self.pg3.sw_if_index, "0::0"
2592 ipr_03.add_vpp_config()
2593 ipr_13.add_vpp_config()
2594 ipr_23.add_vpp_config()
2597 # Dump pg0 punt redirects
2599 self.assertTrue(ipr_03.query_vpp_config())
2600 self.assertTrue(ipr_13.query_vpp_config())
2601 self.assertTrue(ipr_23.query_vpp_config())
2604 # Dump punt redirects for all interfaces
2606 punts = self.vapi.ip_punt_redirect_dump(0xFFFFFFFF, is_ipv6=1)
2607 self.assertEqual(len(punts), 3)
2609 self.assertEqual(p.punt.tx_sw_if_index, self.pg3.sw_if_index)
2610 self.assertNotEqual(punts[1].punt.nh, self.pg3.remote_ip6)
2611 self.assertEqual(str(punts[2].punt.nh), "::")
2614 class TestIP6PuntHandoff(IP6PuntSetup, VppTestCase):
2615 """IPv6 Punt Police/Redirect"""
2617 vpp_worker_count = 2
2620 super(TestIP6PuntHandoff, self).setUp()
2621 super(TestIP6PuntHandoff, self).punt_setup()
2624 super(TestIP6PuntHandoff, self).punt_teardown()
2625 super(TestIP6PuntHandoff, self).tearDown()
2627 def test_ip_punt(self):
2628 """IP6 punt policer thread handoff"""
2629 pkts = self.pkt * NUM_PKTS
2632 # Configure a punt redirect via pg1.
2634 nh_addr = self.pg1.remote_ip6
2635 ip_punt_redirect = VppIpPuntRedirect(
2636 self, self.pg0.sw_if_index, self.pg1.sw_if_index, nh_addr
2638 ip_punt_redirect.add_vpp_config()
2640 action_tx = PolicerAction(
2641 VppEnum.vl_api_sse2_qos_action_type_t.SSE2_QOS_ACTION_API_TRANSMIT, 0
2644 # This policer drops no packets, we are just
2645 # testing that they get to the right thread.
2647 policer = VppPolicer(
2662 policer.add_vpp_config()
2663 ip_punt_policer = VppIpPuntPolicer(self, policer.policer_index, is_ip6=True)
2664 ip_punt_policer.add_vpp_config()
2666 for worker in [0, 1]:
2667 self.send_and_expect(self.pg0, pkts, self.pg1, worker=worker)
2669 self.logger.debug(self.vapi.cli("show trace max 100"))
2671 # Combined stats, all threads
2672 stats = policer.get_stats()
2674 # Single rate policer - expect conform, violate but no exceed
2675 self.assertGreater(stats["conform_packets"], 0)
2676 self.assertEqual(stats["exceed_packets"], 0)
2677 self.assertGreater(stats["violate_packets"], 0)
2679 # Worker 0, should have done all the policing
2680 stats0 = policer.get_stats(worker=0)
2681 self.assertEqual(stats, stats0)
2683 # Worker 1, should have handed everything off
2684 stats1 = policer.get_stats(worker=1)
2685 self.assertEqual(stats1["conform_packets"], 0)
2686 self.assertEqual(stats1["exceed_packets"], 0)
2687 self.assertEqual(stats1["violate_packets"], 0)
2689 # Bind the policer to worker 1 and repeat
2690 policer.bind_vpp_config(1, True)
2691 for worker in [0, 1]:
2692 self.send_and_expect(self.pg0, pkts, self.pg1, worker=worker)
2693 self.logger.debug(self.vapi.cli("show trace max 100"))
2695 # The 2 workers should now have policed the same amount
2696 stats = policer.get_stats()
2697 stats0 = policer.get_stats(worker=0)
2698 stats1 = policer.get_stats(worker=1)
2700 self.assertGreater(stats0["conform_packets"], 0)
2701 self.assertEqual(stats0["exceed_packets"], 0)
2702 self.assertGreater(stats0["violate_packets"], 0)
2704 self.assertGreater(stats1["conform_packets"], 0)
2705 self.assertEqual(stats1["exceed_packets"], 0)
2706 self.assertGreater(stats1["violate_packets"], 0)
2709 stats0["conform_packets"] + stats1["conform_packets"],
2710 stats["conform_packets"],
2714 stats0["violate_packets"] + stats1["violate_packets"],
2715 stats["violate_packets"],
2718 # Unbind the policer and repeat
2719 policer.bind_vpp_config(1, False)
2720 for worker in [0, 1]:
2721 self.send_and_expect(self.pg0, pkts, self.pg1, worker=worker)
2722 self.logger.debug(self.vapi.cli("show trace max 100"))
2724 # The policer should auto-bind to worker 0 when packets arrive
2725 stats = policer.get_stats()
2726 stats0new = policer.get_stats(worker=0)
2727 stats1new = policer.get_stats(worker=1)
2729 self.assertGreater(stats0new["conform_packets"], stats0["conform_packets"])
2730 self.assertEqual(stats0new["exceed_packets"], 0)
2731 self.assertGreater(stats0new["violate_packets"], stats0["violate_packets"])
2733 self.assertEqual(stats1, stats1new)
2738 ip_punt_policer.remove_vpp_config()
2739 policer.remove_vpp_config()
2740 ip_punt_redirect.remove_vpp_config()
2743 class TestIP6Deag(VppTestCase):
2744 """IPv6 Deaggregate Routes"""
2747 def setUpClass(cls):
2748 super(TestIP6Deag, cls).setUpClass()
2751 def tearDownClass(cls):
2752 super(TestIP6Deag, cls).tearDownClass()
2755 super(TestIP6Deag, self).setUp()
2757 self.create_pg_interfaces(range(3))
2759 for i in self.pg_interfaces:
2765 super(TestIP6Deag, self).tearDown()
2766 for i in self.pg_interfaces:
2770 def test_ip_deag(self):
2771 """IP Deag Routes"""
2774 # Create a table to be used for:
2775 # 1 - another destination address lookup
2776 # 2 - a source address lookup
2778 table_dst = VppIpTable(self, 1, is_ip6=1)
2779 table_src = VppIpTable(self, 2, is_ip6=1)
2780 table_dst.add_vpp_config()
2781 table_src.add_vpp_config()
2784 # Add a route in the default table to point to a deag/
2785 # second lookup in each of these tables
2787 route_to_dst = VppIpRoute(
2788 self, "1::1", 128, [VppRoutePath("::", 0xFFFFFFFF, nh_table_id=1)]
2790 route_to_src = VppIpRoute(
2799 type=FibPathType.FIB_PATH_TYPE_SOURCE_LOOKUP,
2804 route_to_dst.add_vpp_config()
2805 route_to_src.add_vpp_config()
2808 # packets to these destination are dropped, since they'll
2809 # hit the respective default routes in the second table
2812 Ether(src=self.pg0.remote_mac, dst=self.pg0.local_mac)
2813 / IPv6(src="5::5", dst="1::1")
2814 / inet6.TCP(sport=1234, dport=1234)
2815 / Raw(b"\xa5" * 100)
2818 Ether(src=self.pg0.remote_mac, dst=self.pg0.local_mac)
2819 / IPv6(src="2::2", dst="1::2")
2820 / inet6.TCP(sport=1234, dport=1234)
2821 / Raw(b"\xa5" * 100)
2823 pkts_dst = p_dst * 257
2824 pkts_src = p_src * 257
2826 self.send_and_assert_no_replies(self.pg0, pkts_dst, "IP in dst table")
2827 self.send_and_assert_no_replies(self.pg0, pkts_src, "IP in src table")
2830 # add a route in the dst table to forward via pg1
2832 route_in_dst = VppIpRoute(
2836 [VppRoutePath(self.pg1.remote_ip6, self.pg1.sw_if_index)],
2839 route_in_dst.add_vpp_config()
2841 self.send_and_expect(self.pg0, pkts_dst, self.pg1)
2844 # add a route in the src table to forward via pg2
2846 route_in_src = VppIpRoute(
2850 [VppRoutePath(self.pg2.remote_ip6, self.pg2.sw_if_index)],
2853 route_in_src.add_vpp_config()
2854 self.send_and_expect(self.pg0, pkts_src, self.pg2)
2857 # loop in the lookup DP
2859 route_loop = VppIpRoute(self, "3::3", 128, [VppRoutePath("::", 0xFFFFFFFF)])
2860 route_loop.add_vpp_config()
2863 Ether(src=self.pg0.remote_mac, dst=self.pg0.local_mac)
2864 / IPv6(src="3::4", dst="3::3")
2865 / inet6.TCP(sport=1234, dport=1234)
2866 / Raw(b"\xa5" * 100)
2869 self.send_and_assert_no_replies(self.pg0, p_l * 257, "IP lookup loop")
2872 class TestIP6Input(VppTestCase):
2873 """IPv6 Input Exception Test Cases"""
2876 def setUpClass(cls):
2877 super(TestIP6Input, cls).setUpClass()
2880 def tearDownClass(cls):
2881 super(TestIP6Input, cls).tearDownClass()
2884 super(TestIP6Input, self).setUp()
2886 self.create_pg_interfaces(range(2))
2888 for i in self.pg_interfaces:
2894 super(TestIP6Input, self).tearDown()
2895 for i in self.pg_interfaces:
2899 def test_ip_input_icmp_reply(self):
2900 """IP6 Input Exception - Return ICMP (3,0)"""
2902 # hop limit - ICMP replies
2905 Ether(src=self.pg0.remote_mac, dst=self.pg0.local_mac)
2906 / IPv6(src=self.pg0.remote_ip6, dst=self.pg1.remote_ip6, hlim=1)
2907 / inet6.UDP(sport=1234, dport=1234)
2908 / Raw(b"\xa5" * 100)
2911 rxs = self.send_and_expect_some(self.pg0, p_version * NUM_PKTS, self.pg0)
2914 icmp = rx[ICMPv6TimeExceeded]
2915 # 0: "hop limit exceeded in transit",
2916 self.assertEqual((icmp.type, icmp.code), (3, 0))
2918 icmpv6_data = "\x0a" * 18
2920 all_1s = "FFFF:FFFF:FFFF:FFFF:FFFF:FFFF:FFFF:FFFF"
2922 @parameterized.expand(
2924 # Name, src, dst, l4proto, msg, timeout
2926 "src='iface', dst='iface'",
2929 inet6.UDP(sport=1234, dport=1234),
2934 "src='All 0's', dst='iface'",
2937 ICMPv6EchoRequest(id=0xB, seq=5, data=icmpv6_data),
2942 "src='iface', dst='All 0's'",
2945 ICMPv6EchoRequest(id=0xB, seq=5, data=icmpv6_data),
2950 "src='All 1's', dst='iface'",
2953 ICMPv6EchoRequest(id=0xB, seq=5, data=icmpv6_data),
2958 "src='iface', dst='All 1's'",
2961 ICMPv6EchoRequest(id=0xB, seq=5, data=icmpv6_data),
2966 "src='All 1's', dst='All 1's'",
2969 ICMPv6EchoRequest(id=0xB, seq=5, data=icmpv6_data),
2975 def test_ip_input_no_replies(self, name, src, dst, l4, msg, timeout):
2976 self._testMethodDoc = "IPv6 Input Exception - %s" % name
2979 Ether(src=self.pg0.remote_mac, dst=self.pg0.local_mac)
2981 src=src or self.pg0.remote_ip6,
2982 dst=dst or self.pg1.remote_ip6,
2986 / Raw(b"\xa5" * 100)
2989 self.send_and_assert_no_replies(
2990 self.pg0, p_version * NUM_PKTS, remark=msg or "", timeout=timeout
2993 def test_hop_by_hop(self):
2994 """Hop-by-hop header test"""
2997 Ether(src=self.pg0.remote_mac, dst=self.pg0.local_mac)
2998 / IPv6(src=self.pg0.remote_ip6, dst=self.pg0.local_ip6)
2999 / IPv6ExtHdrHopByHop()
3000 / inet6.UDP(sport=1234, dport=1234)
3001 / Raw(b"\xa5" * 100)
3004 self.pg0.add_stream(p)
3005 self.pg_enable_capture(self.pg_interfaces)
3009 class TestIP6Replace(VppTestCase):
3010 """IPv6 Table Replace"""
3013 def setUpClass(cls):
3014 super(TestIP6Replace, cls).setUpClass()
3017 def tearDownClass(cls):
3018 super(TestIP6Replace, cls).tearDownClass()
3021 super(TestIP6Replace, self).setUp()
3023 self.create_pg_interfaces(range(4))
3028 for i in self.pg_interfaces:
3031 i.generate_remote_hosts(2)
3032 self.tables.append(VppIpTable(self, table_id, True).add_vpp_config())
3036 super(TestIP6Replace, self).tearDown()
3037 for i in self.pg_interfaces:
3041 def test_replace(self):
3042 """IP Table Replace"""
3044 MRouteItfFlags = VppEnum.vl_api_mfib_itf_flags_t
3045 MRouteEntryFlags = VppEnum.vl_api_mfib_entry_flags_t
3047 links = [self.pg0, self.pg1, self.pg2, self.pg3]
3048 routes = [[], [], [], []]
3050 # the sizes of 'empty' tables
3051 for t in self.tables:
3052 self.assertEqual(len(t.dump()), 2)
3053 self.assertEqual(len(t.mdump()), 5)
3055 # load up the tables with some routes
3056 for ii, t in enumerate(self.tables):
3057 for jj in range(1, N_ROUTES):
3060 "2001::%d" % jj if jj != 0 else "2001::",
3064 links[ii].remote_hosts[0].ip6, links[ii].sw_if_index
3067 links[ii].remote_hosts[1].ip6, links[ii].sw_if_index
3070 table_id=t.table_id,
3072 multi = VppIpMRoute(
3077 MRouteEntryFlags.MFIB_API_ENTRY_FLAG_NONE,
3080 self.pg0.sw_if_index,
3081 MRouteItfFlags.MFIB_API_ITF_FLAG_ACCEPT,
3082 proto=FibPathProto.FIB_PATH_NH_PROTO_IP6,
3085 self.pg1.sw_if_index,
3086 MRouteItfFlags.MFIB_API_ITF_FLAG_FORWARD,
3087 proto=FibPathProto.FIB_PATH_NH_PROTO_IP6,
3090 self.pg2.sw_if_index,
3091 MRouteItfFlags.MFIB_API_ITF_FLAG_FORWARD,
3092 proto=FibPathProto.FIB_PATH_NH_PROTO_IP6,
3095 self.pg3.sw_if_index,
3096 MRouteItfFlags.MFIB_API_ITF_FLAG_FORWARD,
3097 proto=FibPathProto.FIB_PATH_NH_PROTO_IP6,
3100 table_id=t.table_id,
3102 routes[ii].append({"uni": uni, "multi": multi})
3105 # replace the tables a few times
3108 # replace each table
3109 for t in self.tables:
3112 # all the routes are still there
3113 for ii, t in enumerate(self.tables):
3116 for r in routes[ii]:
3117 self.assertTrue(find_route_in_dump(dump, r["uni"], t))
3118 self.assertTrue(find_mroute_in_dump(mdump, r["multi"], t))
3120 # redownload the even numbered routes
3121 for ii, t in enumerate(self.tables):
3122 for jj in range(0, N_ROUTES, 2):
3123 routes[ii][jj]["uni"].add_vpp_config()
3124 routes[ii][jj]["multi"].add_vpp_config()
3126 # signal each table converged
3127 for t in self.tables:
3130 # we should find the even routes, but not the odd
3131 for ii, t in enumerate(self.tables):
3134 for jj in range(0, N_ROUTES, 2):
3135 self.assertTrue(find_route_in_dump(dump, routes[ii][jj]["uni"], t))
3137 find_mroute_in_dump(mdump, routes[ii][jj]["multi"], t)
3139 for jj in range(1, N_ROUTES - 1, 2):
3140 self.assertFalse(find_route_in_dump(dump, routes[ii][jj]["uni"], t))
3142 find_mroute_in_dump(mdump, routes[ii][jj]["multi"], t)
3145 # reload all the routes
3146 for ii, t in enumerate(self.tables):
3147 for r in routes[ii]:
3148 r["uni"].add_vpp_config()
3149 r["multi"].add_vpp_config()
3151 # all the routes are still there
3152 for ii, t in enumerate(self.tables):
3155 for r in routes[ii]:
3156 self.assertTrue(find_route_in_dump(dump, r["uni"], t))
3157 self.assertTrue(find_mroute_in_dump(mdump, r["multi"], t))
3160 # finally flush the tables for good measure
3162 for t in self.tables:
3164 self.assertEqual(len(t.dump()), 2)
3165 self.assertEqual(len(t.mdump()), 5)
3168 class TestIP6AddrReplace(VppTestCase):
3169 """IPv6 Interface Address Replace"""
3172 def setUpClass(cls):
3173 super(TestIP6AddrReplace, cls).setUpClass()
3176 def tearDownClass(cls):
3177 super(TestIP6AddrReplace, cls).tearDownClass()
3180 super(TestIP6AddrReplace, self).setUp()
3182 self.create_pg_interfaces(range(4))
3184 for i in self.pg_interfaces:
3188 super(TestIP6AddrReplace, self).tearDown()
3189 for i in self.pg_interfaces:
3192 def get_n_pfxs(self, intf):
3193 return len(self.vapi.ip_address_dump(intf.sw_if_index, True))
3195 def test_replace(self):
3196 """IP interface address replace"""
3198 intf_pfxs = [[], [], [], []]
3200 # add prefixes to each of the interfaces
3201 for i in range(len(self.pg_interfaces)):
3202 intf = self.pg_interfaces[i]
3205 addr = "2001:16:%d::1" % intf.sw_if_index
3206 a = VppIpInterfaceAddress(self, intf, addr, 64).add_vpp_config()
3207 intf_pfxs[i].append(a)
3209 # 2001:16:x::2/64 - a different address in the same subnet as above
3210 addr = "2001:16:%d::2" % intf.sw_if_index
3211 a = VppIpInterfaceAddress(self, intf, addr, 64).add_vpp_config()
3212 intf_pfxs[i].append(a)
3214 # 2001:15:x::2/64 - a different address and subnet
3215 addr = "2001:15:%d::2" % intf.sw_if_index
3216 a = VppIpInterfaceAddress(self, intf, addr, 64).add_vpp_config()
3217 intf_pfxs[i].append(a)
3219 # a dump should n_address in it
3220 for intf in self.pg_interfaces:
3221 self.assertEqual(self.get_n_pfxs(intf), 3)
3224 # remove all the address thru a replace
3226 self.vapi.sw_interface_address_replace_begin()
3227 self.vapi.sw_interface_address_replace_end()
3228 for intf in self.pg_interfaces:
3229 self.assertEqual(self.get_n_pfxs(intf), 0)
3232 # add all the interface addresses back
3237 for intf in self.pg_interfaces:
3238 self.assertEqual(self.get_n_pfxs(intf), 3)
3241 # replace again, but this time update/re-add the address on the first
3244 self.vapi.sw_interface_address_replace_begin()
3246 for p in intf_pfxs[:2]:
3250 self.vapi.sw_interface_address_replace_end()
3252 # on the first two the address still exist,
3253 # on the other two they do not
3254 for intf in self.pg_interfaces[:2]:
3255 self.assertEqual(self.get_n_pfxs(intf), 3)
3256 for p in intf_pfxs[:2]:
3258 self.assertTrue(v.query_vpp_config())
3259 for intf in self.pg_interfaces[2:]:
3260 self.assertEqual(self.get_n_pfxs(intf), 0)
3263 # add all the interface addresses back on the last two
3265 for p in intf_pfxs[2:]:
3268 for intf in self.pg_interfaces:
3269 self.assertEqual(self.get_n_pfxs(intf), 3)
3272 # replace again, this time add different prefixes on all the interfaces
3274 self.vapi.sw_interface_address_replace_begin()
3277 for intf in self.pg_interfaces:
3279 addr = "2001:18:%d::1" % intf.sw_if_index
3280 pfxs.append(VppIpInterfaceAddress(self, intf, addr, 64).add_vpp_config())
3282 self.vapi.sw_interface_address_replace_end()
3284 # only .18 should exist on each interface
3285 for intf in self.pg_interfaces:
3286 self.assertEqual(self.get_n_pfxs(intf), 1)
3288 self.assertTrue(pfx.query_vpp_config())
3293 self.vapi.sw_interface_address_replace_begin()
3294 self.vapi.sw_interface_address_replace_end()
3295 for intf in self.pg_interfaces:
3296 self.assertEqual(self.get_n_pfxs(intf), 0)
3299 # add prefixes to each interface. post-begin add the prefix from
3300 # interface X onto interface Y. this would normally be an error
3301 # since it would generate a 'duplicate address' warning. but in
3302 # this case, since what is newly downloaded is sane, it's ok
3304 for intf in self.pg_interfaces:
3306 addr = "2001:18:%d::1" % intf.sw_if_index
3307 VppIpInterfaceAddress(self, intf, addr, 64).add_vpp_config()
3309 self.vapi.sw_interface_address_replace_begin()
3312 for intf in self.pg_interfaces:
3314 addr = "2001:18:%d::1" % (intf.sw_if_index + 1)
3315 pfxs.append(VppIpInterfaceAddress(self, intf, addr, 64).add_vpp_config())
3317 self.vapi.sw_interface_address_replace_end()
3319 self.logger.info(self.vapi.cli("sh int addr"))
3321 for intf in self.pg_interfaces:
3322 self.assertEqual(self.get_n_pfxs(intf), 1)
3324 self.assertTrue(pfx.query_vpp_config())
3327 class TestIP6LinkLocal(VppTestCase):
3328 """IPv6 Link Local"""
3331 def setUpClass(cls):
3332 super(TestIP6LinkLocal, cls).setUpClass()
3335 def tearDownClass(cls):
3336 super(TestIP6LinkLocal, cls).tearDownClass()
3339 super(TestIP6LinkLocal, self).setUp()
3341 self.create_pg_interfaces(range(2))
3343 for i in self.pg_interfaces:
3347 super(TestIP6LinkLocal, self).tearDown()
3348 for i in self.pg_interfaces:
3351 def test_ip6_ll(self):
3352 """IPv6 Link Local"""
3355 # two APIs to add a link local address.
3356 # 1 - just like any other prefix
3357 # 2 - with the special set LL API
3361 # First with the API to set a 'normal' prefix
3368 self, self.pg0.sw_if_index, self.pg0.remote_mac, ll2
3371 VppIpInterfaceAddress(self, self.pg0, ll1, 128).add_vpp_config()
3374 # should be able to ping the ll
3376 p_echo_request_1 = (
3377 Ether(src=self.pg0.remote_mac, dst=self.pg0.local_mac)
3378 / IPv6(src=ll2, dst=ll1)
3379 / ICMPv6EchoRequest()
3382 self.send_and_expect(self.pg0, [p_echo_request_1], self.pg0)
3385 # change the link-local on pg0
3387 v_ll3 = VppIpInterfaceAddress(self, self.pg0, ll3, 128).add_vpp_config()
3389 p_echo_request_3 = (
3390 Ether(src=self.pg0.remote_mac, dst=self.pg0.local_mac)
3391 / IPv6(src=ll2, dst=ll3)
3392 / ICMPv6EchoRequest()
3395 self.send_and_expect(self.pg0, [p_echo_request_3], self.pg0)
3398 # set a normal v6 prefix on the link
3400 self.pg0.config_ip6()
3402 self.send_and_expect(self.pg0, [p_echo_request_3], self.pg0)
3404 # the link-local cannot be removed
3405 with self.vapi.assert_negative_api_retval():
3406 v_ll3.remove_vpp_config()
3409 # Use the specific link-local API on pg1
3411 VppIp6LinkLocalAddress(self, self.pg1, ll1).add_vpp_config()
3412 self.send_and_expect(self.pg1, [p_echo_request_1], self.pg1)
3414 VppIp6LinkLocalAddress(self, self.pg1, ll3).add_vpp_config()
3415 self.send_and_expect(self.pg1, [p_echo_request_3], self.pg1)
3417 def test_ip6_ll_p2p(self):
3418 """IPv6 Link Local P2P (GRE)"""
3420 self.pg0.config_ip4()
3421 self.pg0.resolve_arp()
3422 gre_if = VppGreInterface(
3423 self, self.pg0.local_ip4, self.pg0.remote_ip4
3430 VppIpInterfaceAddress(self, gre_if, ll1, 128).add_vpp_config()
3432 self.logger.info(self.vapi.cli("sh ip6-ll gre0 fe80:2::2"))
3434 p_echo_request_1 = (
3435 Ether(src=self.pg0.remote_mac, dst=self.pg0.local_mac)
3436 / IP(src=self.pg0.remote_ip4, dst=self.pg0.local_ip4)
3438 / IPv6(src=ll2, dst=ll1)
3439 / ICMPv6EchoRequest()
3441 self.send_and_expect(self.pg0, [p_echo_request_1], self.pg0)
3443 self.pg0.unconfig_ip4()
3444 gre_if.remove_vpp_config()
3446 def test_ip6_ll_p2mp(self):
3447 """IPv6 Link Local P2MP (GRE)"""
3449 self.pg0.config_ip4()
3450 self.pg0.resolve_arp()
3452 gre_if = VppGreInterface(
3456 mode=(VppEnum.vl_api_tunnel_mode_t.TUNNEL_API_MODE_MP),
3463 VppIpInterfaceAddress(self, gre_if, ll1, 128).add_vpp_config()
3465 p_echo_request_1 = (
3466 Ether(src=self.pg0.remote_mac, dst=self.pg0.local_mac)
3467 / IP(src=self.pg0.remote_ip4, dst=self.pg0.local_ip4)
3469 / IPv6(src=ll2, dst=ll1)
3470 / ICMPv6EchoRequest()
3473 # no route back at this point
3474 self.send_and_assert_no_replies(self.pg0, [p_echo_request_1])
3476 # add teib entry for the peer
3477 teib = VppTeib(self, gre_if, ll2, self.pg0.remote_ip4)
3478 teib.add_vpp_config()
3480 self.logger.info(self.vapi.cli("sh ip6-ll gre0 %s" % ll2))
3481 self.send_and_expect(self.pg0, [p_echo_request_1], self.pg0)
3484 self.pg0.unconfig_ip4()
3487 class TestIPv6PathMTU(VppTestCase):
3491 super(TestIPv6PathMTU, self).setUp()
3493 self.create_pg_interfaces(range(2))
3495 # setup all interfaces
3496 for i in self.pg_interfaces:
3502 super(TestIPv6PathMTU, self).tearDown()
3503 for i in self.pg_interfaces:
3507 def test_path_mtu_local(self):
3508 """Path MTU for attached neighbour"""
3510 self.vapi.cli("set log class ip level debug")
3512 # The goal here is not test that fragmentation works correctly,
3513 # that's done elsewhere, the intent is to ensure that the Path MTU
3514 # settings are honoured.
3518 # IPv6 will only frag locally generated packets, so use tunnelled
3519 # packets post encap
3521 tun = VppIpIpTunInterface(
3522 self, self.pg1, self.pg1.local_ip6, self.pg1.remote_ip6
3524 tun.add_vpp_config()
3528 # set the interface MTU to a reasonable value
3529 self.vapi.sw_interface_set_mtu(self.pg1.sw_if_index, [2800, 0, 0, 0])
3532 Ether(dst=self.pg0.local_mac, src=self.pg0.remote_mac)
3533 / IPv6(src=self.pg0.remote_ip6, dst=tun.remote_ip6)
3534 / UDP(sport=1234, dport=5678)
3535 / Raw(b"0xa" * 2000)
3538 Ether(dst=self.pg0.local_mac, src=self.pg0.remote_mac)
3539 / IPv6(src=self.pg0.remote_ip6, dst=tun.remote_ip6)
3540 / UDP(sport=1234, dport=5678)
3541 / Raw(b"0xa" * 1000)
3544 Ether(dst=self.pg0.local_mac, src=self.pg0.remote_mac)
3545 / IPv6(src=self.pg0.remote_ip6, dst=tun.remote_ip6)
3546 / UDP(sport=1234, dport=5678)
3551 self, self.pg1.sw_if_index, self.pg1.remote_mac, self.pg1.remote_ip6
3554 # this is now the interface MTU frags
3555 self.send_and_expect(self.pg0, [p_6k], self.pg1, n_rx=4)
3556 self.send_and_expect(self.pg0, [p_2k], self.pg1, n_rx=2)
3557 self.send_and_expect(self.pg0, [p_1k], self.pg1)
3559 # drop the path MTU for this neighbour to below the interface MTU
3561 pmtu = VppIpPathMtu(self, self.pg1.remote_ip6, 1300).add_vpp_config()
3563 # print/format the adj delegate and trackers
3564 self.logger.info(self.vapi.cli("sh ip pmtu"))
3565 self.logger.info(self.vapi.cli("sh adj 7"))
3567 self.send_and_expect(self.pg0, [p_2k], self.pg1, n_rx=3)
3568 self.send_and_expect(self.pg0, [p_1k], self.pg1, n_rx=2)
3570 # increase the path MTU to more than the interface
3571 # expect to use the interface MTU
3574 self.send_and_expect(self.pg0, [p_2k], self.pg1, n_rx=2)
3575 self.send_and_expect(self.pg0, [p_1k], self.pg1)
3577 # go back to an MTU from the path
3580 self.send_and_expect(self.pg0, [p_2k], self.pg1, n_rx=3)
3581 self.send_and_expect(self.pg0, [p_1k], self.pg1, n_rx=2)
3583 # raise the interface's MTU
3584 # should still use that of the path
3585 self.vapi.sw_interface_set_mtu(self.pg1.sw_if_index, [2000, 0, 0, 0])
3586 self.send_and_expect(self.pg0, [p_2k], self.pg1, n_rx=3)
3587 self.send_and_expect(self.pg0, [p_1k], self.pg1, n_rx=2)
3589 # set path high and interface low
3591 self.vapi.sw_interface_set_mtu(self.pg1.sw_if_index, [1300, 0, 0, 0])
3592 self.send_and_expect(self.pg0, [p_2k], self.pg1, n_rx=3)
3593 self.send_and_expect(self.pg0, [p_1k], self.pg1, n_rx=2)
3595 # remove the path MTU
3596 self.vapi.sw_interface_set_mtu(self.pg1.sw_if_index, [2800, 0, 0, 0])
3599 self.send_and_expect(self.pg0, [p_2k], self.pg1, n_rx=2)
3600 self.send_and_expect(self.pg0, [p_1k], self.pg1)
3602 def test_path_mtu_remote(self):
3603 """Path MTU for remote neighbour"""
3605 self.vapi.cli("set log class ip level debug")
3607 # The goal here is not test that fragmentation works correctly,
3608 # that's done elsewhere, the intent is to ensure that the Path MTU
3609 # settings are honoured.
3614 self, tun_dst, 64, [VppRoutePath(self.pg1.remote_ip6, self.pg1.sw_if_index)]
3618 # IPv6 will only frag locally generated packets, so use tunnelled
3619 # packets post encap
3621 tun = VppIpIpTunInterface(self, self.pg1, self.pg1.local_ip6, tun_dst)
3622 tun.add_vpp_config()
3626 # set the interface MTU to a reasonable value
3627 self.vapi.sw_interface_set_mtu(self.pg1.sw_if_index, [2800, 0, 0, 0])
3630 Ether(dst=self.pg0.local_mac, src=self.pg0.remote_mac)
3631 / IPv6(src=self.pg0.remote_ip6, dst=tun.remote_ip6)
3632 / UDP(sport=1234, dport=5678)
3633 / Raw(b"0xa" * 1000)
3636 Ether(dst=self.pg0.local_mac, src=self.pg0.remote_mac)
3637 / IPv6(src=self.pg0.remote_ip6, dst=tun.remote_ip6)
3638 / UDP(sport=1234, dport=5678)
3643 self, self.pg1.sw_if_index, self.pg1.remote_mac, self.pg1.remote_ip6
3646 # this is now the interface MTU frags
3647 self.send_and_expect(self.pg0, [p_2k], self.pg1, n_rx=2)
3648 self.send_and_expect(self.pg0, [p_1k], self.pg1)
3650 # drop the path MTU for this neighbour to below the interface MTU
3652 pmtu = VppIpPathMtu(self, tun_dst, 1300).add_vpp_config()
3654 # print/format the fib entry/dpo
3655 self.logger.info(self.vapi.cli("sh ip6 fib 2001::1"))
3657 self.send_and_expect(self.pg0, [p_2k], self.pg1, n_rx=3)
3658 self.send_and_expect(self.pg0, [p_1k], self.pg1, n_rx=2)
3660 # increase the path MTU to more than the interface
3661 # expect to use the interface MTU
3664 self.send_and_expect(self.pg0, [p_2k], self.pg1, n_rx=2)
3665 self.send_and_expect(self.pg0, [p_1k], self.pg1)
3667 # go back to an MTU from the path
3670 self.send_and_expect(self.pg0, [p_2k], self.pg1, n_rx=3)
3671 self.send_and_expect(self.pg0, [p_1k], self.pg1, n_rx=2)
3673 # raise the interface's MTU
3674 # should still use that of the path
3675 self.vapi.sw_interface_set_mtu(self.pg1.sw_if_index, [2000, 0, 0, 0])
3676 self.send_and_expect(self.pg0, [p_2k], self.pg1, n_rx=3)
3677 self.send_and_expect(self.pg0, [p_1k], self.pg1, n_rx=2)
3679 # turn the tun_dst into an attached neighbour
3680 route.modify([VppRoutePath("::", self.pg1.sw_if_index)])
3682 self, self.pg1.sw_if_index, self.pg1.remote_mac, tun_dst
3685 self.send_and_expect(self.pg0, [p_2k], self.pg1, n_rx=3)
3686 self.send_and_expect(self.pg0, [p_1k], self.pg1, n_rx=2)
3688 # add back to not attached
3689 nbr2.remove_vpp_config()
3690 route.modify([VppRoutePath(self.pg1.remote_ip6, self.pg1.sw_if_index)])
3692 # set path high and interface low
3694 self.vapi.sw_interface_set_mtu(self.pg1.sw_if_index, [1300, 0, 0, 0])
3695 self.send_and_expect(self.pg0, [p_2k], self.pg1, n_rx=3)
3696 self.send_and_expect(self.pg0, [p_1k], self.pg1, n_rx=2)
3698 # remove the path MTU
3699 self.vapi.sw_interface_set_mtu(self.pg1.sw_if_index, [2800, 0, 0, 0])
3700 pmtu.remove_vpp_config()
3701 self.send_and_expect(self.pg0, [p_2k], self.pg1, n_rx=2)
3702 self.send_and_expect(self.pg0, [p_1k], self.pg1)
3705 class TestIPFibSource(VppTestCase):
3706 """IPv6 Table FibSource"""
3709 def setUpClass(cls):
3710 super(TestIPFibSource, cls).setUpClass()
3713 def tearDownClass(cls):
3714 super(TestIPFibSource, cls).tearDownClass()
3717 super(TestIPFibSource, self).setUp()
3719 self.create_pg_interfaces(range(2))
3721 for i in self.pg_interfaces:
3725 i.generate_remote_hosts(2)
3726 i.configure_ipv6_neighbors()
3729 super(TestIPFibSource, self).tearDown()
3730 for i in self.pg_interfaces:
3734 def test_fib_source(self):
3735 """IP Table FibSource"""
3737 routes = self.vapi.ip_route_v2_dump(0, True)
3739 # 2 interfaces (4 routes) + 2 specials + 4 neighbours = 10 routes
3740 self.assertEqual(len(routes), 10)
3742 # dump all the sources in the FIB
3743 sources = self.vapi.fib_source_dump()
3744 for source in sources:
3745 if source.src.name == "API":
3746 api_source = source.src
3747 if source.src.name == "interface":
3748 intf_source = source.src
3749 if source.src.name == "adjacency":
3750 adj_source = source.src
3751 if source.src.name == "special":
3752 special_source = source.src
3753 if source.src.name == "default-route":
3754 dr_source = source.src
3756 # dump the individual route types
3757 routes = self.vapi.ip_route_v2_dump(0, True, src=adj_source.id)
3758 self.assertEqual(len(routes), 4)
3759 routes = self.vapi.ip_route_v2_dump(0, True, src=intf_source.id)
3760 self.assertEqual(len(routes), 4)
3761 routes = self.vapi.ip_route_v2_dump(0, True, src=special_source.id)
3762 self.assertEqual(len(routes), 1)
3763 routes = self.vapi.ip_route_v2_dump(0, True, src=dr_source.id)
3764 self.assertEqual(len(routes), 1)
3766 # add a new soure that'a better than the API
3767 self.vapi.fib_source_add(
3768 src={"name": "bgp", "priority": api_source.priority - 1}
3771 # dump all the sources to check our new one is there
3772 sources = self.vapi.fib_source_dump()
3774 for source in sources:
3775 if source.src.name == "bgp":
3776 bgp_source = source.src
3778 self.assertTrue(bgp_source)
3779 self.assertEqual(bgp_source.priority, api_source.priority - 1)
3781 # add a route with the default API source
3786 [VppRoutePath(self.pg0.remote_ip6, self.pg0.sw_if_index)],
3793 [VppRoutePath(self.pg1.remote_ip6, self.pg1.sw_if_index)],
3797 # ensure the BGP source takes priority
3799 Ether(src=self.pg0.remote_mac, dst=self.pg0.local_mac)
3800 / IPv6(src=self.pg0.remote_ip6, dst="2001::1")
3801 / inet6.UDP(sport=1234, dport=1234)
3802 / Raw(b"\xa5" * 100)
3805 self.send_and_expect(self.pg0, [p], self.pg1)
3807 r2.remove_vpp_config()
3808 r1.remove_vpp_config()
3810 self.assertFalse(find_route(self, "2001::1", 128))
3813 class TestIPxAF(VppTestCase):
3817 def setUpClass(cls):
3818 super(TestIPxAF, cls).setUpClass()
3821 def tearDownClass(cls):
3822 super(TestIPxAF, cls).tearDownClass()
3825 super(TestIPxAF, self).setUp()
3827 self.create_pg_interfaces(range(2))
3829 for i in self.pg_interfaces:
3837 super(TestIPxAF, self).tearDown()
3838 for i in self.pg_interfaces:
3843 def test_x_af(self):
3844 """Cross AF routing"""
3847 # a v4 route via a v6 attached next-hop
3852 [VppRoutePath(self.pg1.remote_ip6, self.pg1.sw_if_index)],
3856 Ether(src=self.pg0.remote_mac, dst=self.pg0.local_mac)
3857 / IP(src=self.pg0.remote_ip4, dst="1.1.1.1")
3858 / UDP(sport=1234, dport=1234)
3859 / Raw(b"\xa5" * 100)
3861 rxs = self.send_and_expect(self.pg0, p * N_PKTS, self.pg1)
3864 self.assertEqual(rx[IP].dst, "1.1.1.1")
3866 # a v6 route via a v4 attached next-hop
3871 [VppRoutePath(self.pg1.remote_ip4, self.pg1.sw_if_index)],
3875 Ether(src=self.pg0.remote_mac, dst=self.pg0.local_mac)
3876 / IPv6(src=self.pg0.remote_ip6, dst="2001::1")
3877 / UDP(sport=1234, dport=1234)
3878 / Raw(b"\xa5" * 100)
3880 rxs = self.send_and_expect(self.pg0, p * N_PKTS, self.pg1)
3883 self.assertEqual(rx[IPv6].dst, "2001::1")
3885 # a recursive v4 route via a v6 next-hop (from above)
3887 self, "2.2.2.2", 32, [VppRoutePath("2001::1", 0xFFFFFFFF)]
3891 Ether(src=self.pg0.remote_mac, dst=self.pg0.local_mac)
3892 / IP(src=self.pg0.remote_ip4, dst="2.2.2.2")
3893 / UDP(sport=1234, dport=1234)
3894 / Raw(b"\xa5" * 100)
3896 rxs = self.send_and_expect(self.pg0, p * N_PKTS, self.pg1)
3898 # a recursive v4 route via a v6 next-hop
3900 self, "2.2.2.3", 32, [VppRoutePath(self.pg1.remote_ip6, 0xFFFFFFFF)]
3904 Ether(src=self.pg0.remote_mac, dst=self.pg0.local_mac)
3905 / IP(src=self.pg0.remote_ip4, dst="2.2.2.3")
3906 / UDP(sport=1234, dport=1234)
3907 / Raw(b"\xa5" * 100)
3909 rxs = self.send_and_expect(self.pg0, p * N_PKTS, self.pg1)
3911 # a recursive v6 route via a v4 next-hop
3913 self, "3001::1", 128, [VppRoutePath(self.pg1.remote_ip4, 0xFFFFFFFF)]
3917 Ether(src=self.pg0.remote_mac, dst=self.pg0.local_mac)
3918 / IPv6(src=self.pg0.remote_ip6, dst="3001::1")
3919 / UDP(sport=1234, dport=1234)
3920 / Raw(b"\xa5" * 100)
3922 rxs = self.send_and_expect(self.pg0, p * N_PKTS, self.pg1)
3925 self.assertEqual(rx[IPv6].dst, "3001::1")
3928 self, "3001::2", 128, [VppRoutePath("1.1.1.1", 0xFFFFFFFF)]
3932 Ether(src=self.pg0.remote_mac, dst=self.pg0.local_mac)
3933 / IPv6(src=self.pg0.remote_ip6, dst="3001::2")
3934 / UDP(sport=1234, dport=1234)
3935 / Raw(b"\xa5" * 100)
3937 rxs = self.send_and_expect(self.pg0, p * N_PKTS, self.pg1)
3940 self.assertEqual(rx[IPv6].dst, "3001::2")
3943 class TestIPv6Punt(VppTestCase):
3944 """IPv6 Punt Police/Redirect"""
3947 super(TestIPv6Punt, self).setUp()
3948 self.create_pg_interfaces(range(4))
3950 for i in self.pg_interfaces:
3956 super(TestIPv6Punt, self).tearDown()
3957 for i in self.pg_interfaces:
3961 def test_ip6_punt(self):
3962 """IPv6 punt police and redirect"""
3964 # use UDP packet that have a port we need to explicitly
3965 # register to get punted.
3966 pt_l4 = VppEnum.vl_api_punt_type_t.PUNT_API_TYPE_L4
3967 af_ip6 = VppEnum.vl_api_address_family_t.ADDRESS_IP6
3968 udp_proto = VppEnum.vl_api_ip_proto_t.IP_API_PROTO_UDP
3974 "protocol": udp_proto,
3980 self.vapi.set_punt(is_add=1, punt=punt_udp)
3983 Ether(src=self.pg0.remote_mac, dst=self.pg0.local_mac)
3984 / IPv6(src=self.pg0.remote_ip6, dst=self.pg0.local_ip6)
3985 / UDP(sport=1234, dport=7654)
3986 / Raw(b"\xa5" * 100)
3990 # Configure a punt redirect via pg1.
3992 nh_addr = self.pg1.remote_ip6
3993 ip_punt_redirect = VppIpPuntRedirect(
3994 self, self.pg0.sw_if_index, self.pg1.sw_if_index, nh_addr
3996 ip_punt_redirect.add_vpp_config()
3998 self.send_and_expect(self.pg0, pkts, self.pg1)
4003 policer = VppPolicer(self, "ip6-punt", 400, 0, 10, 0, rate_type=1)
4004 policer.add_vpp_config()
4005 ip_punt_policer = VppIpPuntPolicer(self, policer.policer_index, is_ip6=True)
4006 ip_punt_policer.add_vpp_config()
4008 self.vapi.cli("clear trace")
4009 self.pg0.add_stream(pkts)
4010 self.pg_enable_capture(self.pg_interfaces)
4014 # the number of packet received should be greater than 0,
4015 # but not equal to the number sent, since some were policed
4017 rx = self.pg1._get_capture(1)
4019 stats = policer.get_stats()
4021 # Single rate policer - expect conform, violate but no exceed
4022 self.assertGreater(stats["conform_packets"], 0)
4023 self.assertEqual(stats["exceed_packets"], 0)
4024 self.assertGreater(stats["violate_packets"], 0)
4026 self.assertGreater(len(rx), 0)
4027 self.assertLess(len(rx), len(pkts))
4030 # remove the policer. back to full rx
4032 ip_punt_policer.remove_vpp_config()
4033 policer.remove_vpp_config()
4034 self.send_and_expect(self.pg0, pkts, self.pg1)
4037 # remove the redirect. expect full drop.
4039 ip_punt_redirect.remove_vpp_config()
4040 self.send_and_assert_no_replies(self.pg0, pkts, "IP no punt config")
4043 # Add a redirect that is not input port selective
4045 ip_punt_redirect = VppIpPuntRedirect(
4046 self, 0xFFFFFFFF, self.pg1.sw_if_index, nh_addr
4048 ip_punt_redirect.add_vpp_config()
4049 self.send_and_expect(self.pg0, pkts, self.pg1)
4050 ip_punt_redirect.remove_vpp_config()
4052 def test_ip6_punt_dump(self):
4053 """IPv6 punt redirect dump"""
4056 # Configure a punt redirects
4058 nh_address = self.pg3.remote_ip6
4059 ipr_03 = VppIpPuntRedirect(
4060 self, self.pg0.sw_if_index, self.pg3.sw_if_index, nh_address
4062 ipr_13 = VppIpPuntRedirect(
4063 self, self.pg1.sw_if_index, self.pg3.sw_if_index, nh_address
4065 ipr_23 = VppIpPuntRedirect(
4066 self, self.pg2.sw_if_index, self.pg3.sw_if_index, "::"
4068 ipr_03.add_vpp_config()
4069 ipr_13.add_vpp_config()
4070 ipr_23.add_vpp_config()
4073 # Dump pg0 punt redirects
4075 self.assertTrue(ipr_03.query_vpp_config())
4076 self.assertTrue(ipr_13.query_vpp_config())
4077 self.assertTrue(ipr_23.query_vpp_config())
4080 # Dump punt redirects for all interfaces
4082 punts = self.vapi.ip_punt_redirect_dump(sw_if_index=0xFFFFFFFF, is_ipv6=True)
4083 self.assertEqual(len(punts), 3)
4085 self.assertEqual(p.punt.tx_sw_if_index, self.pg3.sw_if_index)
4086 self.assertNotEqual(punts[1].punt.nh, self.pg3.remote_ip6)
4087 self.assertEqual(str(punts[2].punt.nh), "::")
4090 class TestIP6InterfaceRx(VppTestCase):
4091 """IPv6 Interface Receive"""
4094 def setUpClass(cls):
4095 super(TestIP6InterfaceRx, cls).setUpClass()
4098 def tearDownClass(cls):
4099 super(TestIP6InterfaceRx, cls).tearDownClass()
4102 super(TestIP6InterfaceRx, self).setUp()
4104 self.create_pg_interfaces(range(3))
4108 for i in self.pg_interfaces:
4112 table = VppIpTable(self, table_id, is_ip6=1)
4113 table.add_vpp_config()
4115 i.set_table_ip6(table_id)
4121 for i in self.pg_interfaces:
4126 super(TestIP6InterfaceRx, self).tearDown()
4128 def test_interface_rx(self):
4129 """IPv6 Interface Receive"""
4132 # add a route in the default table to receive ...
4134 route_to_dst = VppIpRoute(
4141 self.pg1.sw_if_index,
4142 type=FibPathType.FIB_PATH_TYPE_INTERFACE_RX,
4146 route_to_dst.add_vpp_config()
4149 # packets to these destination are dropped, since they'll
4150 # hit the respective default routes in table 1
4153 Ether(src=self.pg0.remote_mac, dst=self.pg0.local_mac)
4154 / IPv6(src="5::5", dst="1::1")
4155 / inet6.TCP(sport=1234, dport=1234)
4156 / Raw(b"\xa5" * 100)
4158 pkts_dst = p_dst * 10
4160 self.send_and_assert_no_replies(self.pg0, pkts_dst, "IP in table 1")
4163 # add a route in the dst table to forward via pg1
4165 route_in_dst = VppIpRoute(
4169 [VppRoutePath(self.pg1.remote_ip6, self.pg1.sw_if_index)],
4172 route_in_dst.add_vpp_config()
4174 self.send_and_expect(self.pg0, pkts_dst, self.pg1)
4177 # add a route in the default table to receive ...
4179 route_to_dst = VppIpRoute(
4186 self.pg2.sw_if_index,
4187 type=FibPathType.FIB_PATH_TYPE_INTERFACE_RX,
4192 route_to_dst.add_vpp_config()
4195 # packets to these destination are dropped, since they'll
4196 # hit the respective default routes in table 2
4199 Ether(src=self.pg0.remote_mac, dst=self.pg0.local_mac)
4200 / IPv6(src="6::6", dst="1::2")
4201 / inet6.TCP(sport=1234, dport=1234)
4202 / Raw(b"\xa5" * 100)
4204 pkts_dst = p_dst * 10
4206 self.send_and_assert_no_replies(self.pg0, pkts_dst, "IP in table 2")
4209 # add a route in the table 2 to forward via pg2
4211 route_in_dst = VppIpRoute(
4215 [VppRoutePath(self.pg2.remote_ip6, self.pg2.sw_if_index)],
4218 route_in_dst.add_vpp_config()
4220 self.send_and_expect(self.pg0, pkts_dst, self.pg2)
4223 if __name__ == "__main__":
4224 unittest.main(testRunner=VppTestRunner)
Code Review / vpp.git / blob