aboutsummaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
-rw-r--r--NSH_SFC_VER2
-rw-r--r--nsh_sfc_tests/func/__init__.robot20
-rw-r--r--nsh_sfc_tests/func/proxy/eth2p-ethip4-nsh-proxy-inbound-func.robot85
-rw-r--r--nsh_sfc_tests/func/proxy/eth2p-ethip4-nsh-proxy-outbound-func.robot86
-rw-r--r--nsh_sfc_tests/func/sff/eth2p-ethip4-sfc-sff-func.robot85
-rwxr-xr-xnsh_sfc_tests/sfc_scripts/install_sfc.sh114
-rwxr-xr-xnsh_sfc_tests/sfc_scripts/set_nsh_proxy_inbound.sh32
-rwxr-xr-xnsh_sfc_tests/sfc_scripts/set_nsh_proxy_outbound.sh32
-rwxr-xr-xnsh_sfc_tests/sfc_scripts/set_sfc_sff.sh32
-rwxr-xr-xnsh_sfc_tests/sfc_scripts/start_tcpdump.sh11
-rw-r--r--resources/libraries/python/SFC/SFCConstants.py43
-rw-r--r--resources/libraries/python/SFC/SFCTest.py93
-rw-r--r--resources/libraries/python/SFC/SetupSFCTest.py226
-rw-r--r--resources/libraries/python/SFC/TunnelProtocol.py41
-rw-r--r--resources/libraries/python/SFC/VerifyPacket.py223
-rw-r--r--resources/libraries/python/SFC/__init__.py16
-rw-r--r--resources/libraries/robot/nsh_sfc/default.robot67
-rwxr-xr-xresources/traffic_scripts/send_tcp_for_classifier_test.py86
-rwxr-xr-xresources/traffic_scripts/send_vxlan_for_proxy_test.py94
-rwxr-xr-xresources/traffic_scripts/send_vxlangpe_nsh_for_proxy_test.py96
-rwxr-xr-xresources/traffic_scripts/send_vxlangpe_nsh_for_sff_test.py96
21 files changed, 1580 insertions, 0 deletions
diff --git a/NSH_SFC_VER b/NSH_SFC_VER
new file mode 100644
index 0000000000..4a979a5789
--- /dev/null
+++ b/NSH_SFC_VER
@@ -0,0 +1,2 @@
+VPP = 17.07-rc0
+NSH_SFC = 17.07-rc0
diff --git a/nsh_sfc_tests/func/__init__.robot b/nsh_sfc_tests/func/__init__.robot
new file mode 100644
index 0000000000..efebac383e
--- /dev/null
+++ b/nsh_sfc_tests/func/__init__.robot
@@ -0,0 +1,20 @@
+# Copyright (c) 2017 Cisco and/or its affiliates.
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at:
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+
+*** Settings ***
+| Resource | resources/libraries/robot/default.robot
+| Resource | resources/libraries/robot/interfaces.robot
+| Library | resources.libraries.python.SFC.SetupSFCTest
+| Suite Setup | Run Keywords | Setup NSH SFC test | ${nodes}
+| ... | AND | Setup All DUTs | ${nodes}
+| ... | AND | Update All Interface Data On All Nodes | ${nodes}
diff --git a/nsh_sfc_tests/func/proxy/eth2p-ethip4-nsh-proxy-inbound-func.robot b/nsh_sfc_tests/func/proxy/eth2p-ethip4-nsh-proxy-inbound-func.robot
new file mode 100644
index 0000000000..5eef6c0b96
--- /dev/null
+++ b/nsh_sfc_tests/func/proxy/eth2p-ethip4-nsh-proxy-inbound-func.robot
@@ -0,0 +1,85 @@
+# Copyright (c) 2017 Cisco and/or its affiliates.
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at:
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+
+*** Settings ***
+| Library | resources.libraries.python.NodePath
+| Library | resources.libraries.python.Trace
+| Resource | resources/libraries/robot/default.robot
+| Resource | resources/libraries/robot/nsh_sfc/default.robot
+| Resource | resources/libraries/robot/interfaces.robot
+| Resource | resources/libraries/robot/ipv4.robot
+| Force Tags | 3_NODE_SINGLE_LINK_TOPO | VM_ENV | FUNCTEST
+| Suite Setup | Run Keywords
+| ... | Setup all DUTs before test | AND
+| ... | Setup all TGs before traffic script | AND
+| ... | Update All Interface Data On All Nodes | ${nodes} | AND
+| ... | Setup DUT nodes for 'Proxy Inbound' functional testing
+| Test Setup | Run Keywords | Save VPP PIDs | AND
+| ... | Reset VAT History On All DUTs | ${nodes} | AND
+| ... | Clear interface counters on all vpp nodes in topology | ${nodes}
+| Test Teardown | Run Keywords
+| ... | Show packet trace on all DUTs | ${nodes} | AND
+| ... | Show VAT History On All DUTs | ${nodes} | AND
+| ... | Check VPP PID in Teardown
+| Documentation | *NSH SFC Proxy Inbound test cases*
+| ...
+| ... | Test the SFC Proxy Inbound functional. DUT run the VPP with NSH
+| ... | SFC Plugin, TG send a VxLAN-GPE+NSH packet to the DUT,
+| ... | if the packet match the SFC Proxy inbound rules, the SFC Proxy will
+| ... | pop the VxLAN-GPE and NSH protocol, then encapsulate with the
+| ... | VxLAN protocol. DUT will loopback the packet to the TG.
+| ... | The TG will capture this VxLAN packet and check the packet
+| ... | field is correct.
+
+*** Test Cases ***
+| TC01: NSH SFC Proxy Inbound functional test with 152B frame size
+| | [Documentation]
+| | ... | Make TG send 152 Bytes VxLAN-GPE+NSH packet to DUT ingress interface.\
+| | ... | Make TG verify SFC Proxy Inbound functional is correct.
+| | ${frame_size}= | Set Variable | ${152}
+| | Node "${src_node}" interface "${src_port}" send "${frame_size}" Bytes packet to node "${dst_node}" interface "${dst_port}" for "Proxy Inbound" test
+
+| TC02: NSH SFC Proxy Inbound functional test with 256B frame size
+| | [Documentation]
+| | ... | Make TG send 256 Bytes VxLAN-GPE+NSH packet to DUT ingress interface.\
+| | ... | Make TG verify SFC Proxy Inbound functional is correct.
+| | ${frame_size}= | Set Variable | ${256}
+| | Node "${src_node}" interface "${src_port}" send "${frame_size}" Bytes packet to node "${dst_node}" interface "${dst_port}" for "Proxy Inbound" test
+
+| TC03: NSH SFC Proxy Inbound functional test with 512B frame size
+| | [Documentation]
+| | ... | Make TG send 512 Bytes VxLAN-GPE+NSH packet to DUT ingress interface.\
+| | ... | Make TG verify SFC Proxy Inbound functional is correct.
+| | ${frame_size}= | Set Variable | ${512}
+| | Node "${src_node}" interface "${src_port}" send "${frame_size}" Bytes packet to node "${dst_node}" interface "${dst_port}" for "Proxy Inbound" test
+
+| TC04: NSH SFC Proxy Inbound functional test with 1024B frame size
+| | [Documentation]
+| | ... | Make TG send 1024 Bytes VxLAN-GPE+NSH packet to DUT ingress interface.\
+| | ... | Make TG verify SFC Proxy Inbound functional is correct.
+| | ${frame_size}= | Set Variable | ${1024}
+| | Node "${src_node}" interface "${src_port}" send "${frame_size}" Bytes packet to node "${dst_node}" interface "${dst_port}" for "Proxy Inbound" test
+
+| TC05: NSH SFC Proxy Inbound functional test with 1280B frame size
+| | [Documentation]
+| | ... | Make TG send 1280 Bytes VxLAN-GPE+NSH packet to DUT ingress interface.\
+| | ... | Make TG verify SFC Proxy Inbound functional is correct.
+| | ${frame_size}= | Set Variable | ${1280}
+| | Node "${src_node}" interface "${src_port}" send "${frame_size}" Bytes packet to node "${dst_node}" interface "${dst_port}" for "Proxy Inbound" test
+
+| TC06: NSH SFC Proxy Inbound functional test with 1518B frame size
+| | [Documentation]
+| | ... | Make TG send 1518 Bytes VxLAN-GPE+NSH packet to DUT ingress interface.\
+| | ... | Make TG verify SFC Proxy Inbound functional is correct.
+| | ${frame_size}= | Set Variable | ${1518}
+| | Node "${src_node}" interface "${src_port}" send "${frame_size}" Bytes packet to node "${dst_node}" interface "${dst_port}" for "Proxy Inbound" test
diff --git a/nsh_sfc_tests/func/proxy/eth2p-ethip4-nsh-proxy-outbound-func.robot b/nsh_sfc_tests/func/proxy/eth2p-ethip4-nsh-proxy-outbound-func.robot
new file mode 100644
index 0000000000..7fc46317f5
--- /dev/null
+++ b/nsh_sfc_tests/func/proxy/eth2p-ethip4-nsh-proxy-outbound-func.robot
@@ -0,0 +1,86 @@
+# Copyright (c) 2017 Cisco and/or its affiliates.
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at:
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+
+*** Settings ***
+| Library | resources.libraries.python.NodePath
+| Library | resources.libraries.python.Trace
+| Resource | resources/libraries/robot/default.robot
+| Resource | resources/libraries/robot/nsh_sfc/default.robot
+| Resource | resources/libraries/robot/interfaces.robot
+| Resource | resources/libraries/robot/ipv4.robot
+| Force Tags | 3_NODE_SINGLE_LINK_TOPO | VM_ENV | FUNCTEST
+| Suite Setup | Run Keywords
+| ... | Setup all DUTs before test | AND
+| ... | Setup all TGs before traffic script | AND
+| ... | Update All Interface Data On All Nodes | ${nodes} | AND
+| ... | Setup DUT nodes for 'Proxy Outbound' functional testing
+| Test Setup | Run Keywords | Save VPP PIDs | AND
+| ... | Reset VAT History On All DUTs | ${nodes} | AND
+| ... | Clear interface counters on all vpp nodes in topology | ${nodes}
+| Test Teardown | Run Keywords
+| ... | Show packet trace on all DUTs | ${nodes} | AND
+| ... | Show VAT History On All DUTs | ${nodes} | AND
+| ... | Check VPP PID in Teardown
+| Documentation | *NSH SFC Proxy Outbound test cases*
+| ...
+| ... | Test the SFC Proxy Outbound functional. DUT run the VPP with NSH
+| ... | SFC Plugin, TG send a VxLAN packet to the DUT,
+| ... | if the packet match the SFC Proxy outbound rules, the SFC Proxy will
+| ... | push the NSH protocol, then encapsulate with the VxLAN-GPE protocol.
+| ... | DUT will loopback the packet to the TG.
+| ... | The TG will capture this VxLAN-GPE+NSH packet and check the packet
+| ... | field is correct.
+
+
+*** Test Cases ***
+| TC01: NSH SFC Proxy Outbound functional test with 128B frame size
+| | [Documentation]
+| | ... | Make TG send 128 Bytes VxLAN packet to DUT ingress interface.\
+| | ... | Make TG verify SFC Proxy Outbound functional is correct.
+| | ${frame_size}= | Set Variable | ${128}
+| | Node "${src_node}" interface "${src_port}" send "${frame_size}" Bytes packet to node "${dst_node}" interface "${dst_port}" for "Proxy Outbound" test
+
+| TC02: NSH SFC Proxy Outbound functional test with 256B frame size
+| | [Documentation]
+| | ... | Make TG send 256 Bytes VxLAN packet to DUT ingress interface.\
+| | ... | Make TG verify SFC Proxy Outbound functional is correct.
+| | ${frame_size}= | Set Variable | ${256}
+| | Node "${src_node}" interface "${src_port}" send "${frame_size}" Bytes packet to node "${dst_node}" interface "${dst_port}" for "Proxy Outbound" test
+
+| TC03: NSH SFC Proxy Outbound functional test with 512B frame size
+| | [Documentation]
+| | ... | Make TG send 512 Bytes VxLAN packet to DUT ingress interface.\
+| | ... | Make TG verify SFC Proxy Outbound functional is correct.
+| | ${frame_size}= | Set Variable | ${512}
+| | Node "${src_node}" interface "${src_port}" send "${frame_size}" Bytes packet to node "${dst_node}" interface "${dst_port}" for "Proxy Outbound" test
+
+| TC04: NSH SFC Proxy Outbound functional test with 1024B frame size
+| | [Documentation]
+| | ... | Make TG send 1024 Bytes VxLAN packet to DUT ingress interface.\
+| | ... | Make TG verify SFC Proxy Outbound functional is correct.
+| | ${frame_size}= | Set Variable | ${1024}
+| | Node "${src_node}" interface "${src_port}" send "${frame_size}" Bytes packet to node "${dst_node}" interface "${dst_port}" for "Proxy Outbound" test
+
+| TC05: NSH SFC Proxy Outbound functional test with 1280B frame size
+| | [Documentation]
+| | ... | Make TG send 1280 Bytes VxLAN packet to DUT ingress interface.\
+| | ... | Make TG verify SFC Proxy Outbound functional is correct.
+| | ${frame_size}= | Set Variable | ${1280}
+| | Node "${src_node}" interface "${src_port}" send "${frame_size}" Bytes packet to node "${dst_node}" interface "${dst_port}" for "Proxy Outbound" test
+
+| TC06: NSH SFC Proxy Outbound functional test with 1518B frame size
+| | [Documentation]
+| | ... | Make TG send 1518 Bytes VxLAN packet to DUT ingress interface.\
+| | ... | Make TG verify SFC Proxy Outbound functional is correct.
+| | ${frame_size}= | Set Variable | ${1518}
+| | Node "${src_node}" interface "${src_port}" send "${frame_size}" Bytes packet to node "${dst_node}" interface "${dst_port}" for "Proxy Outbound" test
diff --git a/nsh_sfc_tests/func/sff/eth2p-ethip4-sfc-sff-func.robot b/nsh_sfc_tests/func/sff/eth2p-ethip4-sfc-sff-func.robot
new file mode 100644
index 0000000000..c70a92ab51
--- /dev/null
+++ b/nsh_sfc_tests/func/sff/eth2p-ethip4-sfc-sff-func.robot
@@ -0,0 +1,85 @@
+# Copyright (c) 2017 Cisco and/or its affiliates.
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at:
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+
+*** Settings ***
+| Library | resources.libraries.python.NodePath
+| Library | resources.libraries.python.Trace
+| Resource | resources/libraries/robot/default.robot
+| Resource | resources/libraries/robot/nsh_sfc/default.robot
+| Resource | resources/libraries/robot/interfaces.robot
+| Resource | resources/libraries/robot/ipv4.robot
+| Force Tags | 3_NODE_SINGLE_LINK_TOPO | VM_ENV | FUNCTEST
+| Suite Setup | Run Keywords
+| ... | Setup all DUTs before test | AND
+| ... | Setup all TGs before traffic script | AND
+| ... | Update All Interface Data On All Nodes | ${nodes} | AND
+| ... | Setup DUT nodes for 'SFF' functional testing
+| Test Setup | Run Keywords | Save VPP PIDs | AND
+| ... | Reset VAT History On All DUTs | ${nodes} | AND
+| ... | Clear interface counters on all vpp nodes in topology | ${nodes}
+| Test Teardown | Run Keywords
+| ... | Show packet trace on all DUTs | ${nodes} | AND
+| ... | Show VAT History On All DUTs | ${nodes} | AND
+| ... | Check VPP PID in Teardown
+| Documentation | *NSH SFC SFF test cases*
+| ...
+| ... | Test the SFC Service Function Forward functional. DUT run the VPP
+| ... | with NSH SFC Plugin, TG send a VxLAN-GPE+NSH packet to the DUT,
+| ... | if the packet match the SFC SFF rules, the SFC SFF will
+| ... | swap the VxLAN-GPE and NSH protocol.
+| ... | DUT will loopback the packet to the TG.
+| ... | The TG will capture this VxLAN-GPE+NSH packet and check the packet
+| ... | field is correct.
+
+*** Test Cases ***
+| TC01: NSH SFC SFF functional test with 152B frame size
+| | [Documentation]
+| | ... | Make TG send 152 Bytes VxLAN-GPE+NSH packet to DUT ingress interface.\
+| | ... | Make TG verify SFC SFF functional is correct.
+| | ${frame_size}= | Set Variable | ${152}
+| | Node "${src_node}" interface "${src_port}" send "${frame_size}" Bytes packet to node "${dst_node}" interface "${dst_port}" for "SFF" test
+
+| TC02: NSH SFC SFF functional test with 256B frame size
+| | [Documentation]
+| | ... | Make TG send 256 Bytes VxLAN-GPE+NSH packet to DUT ingress interface.\
+| | ... | Make TG verify SFC SFF functional is correct.
+| | ${frame_size}= | Set Variable | ${256}
+| | Node "${src_node}" interface "${src_port}" send "${frame_size}" Bytes packet to node "${dst_node}" interface "${dst_port}" for "SFF" test
+
+| TC03: NSH SFC SFF functional test with 512B frame size
+| | [Documentation]
+| | ... | Make TG send 512 Bytes VxLAN-GPE+NSH packet to DUT ingress interface.\
+| | ... | Make TG verify SFC SFF functional is correct.
+| | ${frame_size}= | Set Variable | ${512}
+| | Node "${src_node}" interface "${src_port}" send "${frame_size}" Bytes packet to node "${dst_node}" interface "${dst_port}" for "SFF" test
+
+| TC04: NSH SFC SFF functional test with 1024B frame size
+| | [Documentation]
+| | ... | Make TG send 1024 Bytes VxLAN-GPE+NSH packet to DUT ingress interface.\
+| | ... | Make TG verify SFC SFF functional is correct.
+| | ${frame_size}= | Set Variable | ${1024}
+| | Node "${src_node}" interface "${src_port}" send "${frame_size}" Bytes packet to node "${dst_node}" interface "${dst_port}" for "SFF" test
+
+| TC05: NSH SFC SFF functional test with 1280B frame size
+| | [Documentation]
+| | ... | Make TG send 1280 Bytes VxLAN-GPE+NSH packet to DUT ingress interface.\
+| | ... | Make TG verify SFC SFF functional is correct.
+| | ${frame_size}= | Set Variable | ${1280}
+| | Node "${src_node}" interface "${src_port}" send "${frame_size}" Bytes packet to node "${dst_node}" interface "${dst_port}" for "SFF" test
+
+| TC06: NSH SFC SFF functional test with 1518B frame size
+| | [Documentation]
+| | ... | Make TG send 1518 Bytes VxLAN-GPE+NSH packet to DUT ingress interface.\
+| | ... | Make TG verify SFC SFF functional is correct.
+| | ${frame_size}= | Set Variable | ${1518}
+| | Node "${src_node}" interface "${src_port}" send "${frame_size}" Bytes packet to node "${dst_node}" interface "${dst_port}" for "SFF" test
diff --git a/nsh_sfc_tests/sfc_scripts/install_sfc.sh b/nsh_sfc_tests/sfc_scripts/install_sfc.sh
new file mode 100755
index 0000000000..265d4c153a
--- /dev/null
+++ b/nsh_sfc_tests/sfc_scripts/install_sfc.sh
@@ -0,0 +1,114 @@
+#!/bin/bash
+
+set -x
+
+ROOTDIR=/tmp/openvpp-testing
+PWDDIR=$(pwd)
+
+if_name1=$1
+if_name2=$2
+
+VPP_VERSION=`cat ${ROOTDIR}/NSH_SFC_VER | grep VPP | awk -F'= ' '{print $2}'`
+NSH_SFC_VERSION=`cat ${ROOTDIR}/NSH_SFC_VER | grep NSH_SFC | awk -F'= ' '{print $2}'`
+
+VPP_CODE_DIR=${ROOTDIR}/vpp_codes
+NSH_SFC_CODE_DIR=${ROOTDIR}/nsh_sfc_codes
+
+#at first, we need to stop the vpp service if have
+sudo service vpp stop
+
+#uninstall the vpp and nsh sfc plugin
+#and git clone the vpp and nsh sfc plugin source codes
+#then compile and install them in the dut nodes.
+nsh_need_install=0
+sudo dpkg -l vpp-nsh-plugin >/dev/null 2>&1
+if [ $? -eq 0 ]; then
+ nsh_plugin_version=`dpkg -s vpp-nsh-plugin | grep Version | awk -F' ' '{print $2}'`
+ if [ "${nsh_plugin_version}" \< "${NSH_SFC_VERSION}" ]; then
+ sudo dpkg -P vpp-nsh-plugin vpp-nsh-plugin-dbg vpp-nsh-plugin-dev >/dev/null 2>&1
+ test $? -eq 0 || exit 1
+ nsh_need_install=1
+ fi
+else
+ nsh_need_install=1
+fi
+
+vpp_need_install=0
+sudo dpkg -l vpp >/dev/null 2>&1
+if [ $? -eq 0 ]; then
+ vpp_version=`dpkg -s vpp | grep Version | awk -F' ' '{print $2}'`
+ if [ "${vpp_version}" \< "${VPP_VERSION}" ]; then
+ sudo dpkg -P vpp vpp-dbg vpp-dev vpp-dpdk-dev vpp-dpdk-dkms vpp-lib \
+ vpp-plugins vpp-python-api >/dev/null 2>&1
+ test $? -eq 0 || exit 1
+ vpp_need_install=1
+ fi
+else
+ vpp_need_install=1
+fi
+
+sleep 5
+
+##begin to clone the vpp source code
+if [ ${vpp_need_install} -eq 1 ]; then
+ sudo rm -rf ${VPP_CODE_DIR}
+ sudo mkdir -p ${VPP_CODE_DIR}
+ cd ${VPP_CODE_DIR}
+ git clone -b v${VPP_VERSION} https://gerrit.fd.io/r/vpp
+
+ #compile the vpp code
+ cd ./vpp/build-root/
+ make distclean
+ ./bootstrap.sh
+ make V=0 PLATFORM=vpp TAG=vpp install-deb
+
+ #after that, install vpp
+ sudo dpkg -i *.deb
+ cd ${PWDDIR}
+fi
+
+##begin to clone the nsh sfc source code
+if [ ${nsh_need_install} -eq 1 ]; then
+ sudo rm -rf ${NSH_SFC_CODE_DIR}
+ sudo mkdir -p ${NSH_SFC_CODE_DIR}
+ cd ${NSH_SFC_CODE_DIR}
+ git clone -b v${NSH_SFC_VERSION} https://gerrit.fd.io/r/nsh_sfc
+
+ #compile the nsh sfc code
+ cd ./nsh_sfc/nsh-plugin/
+ sudo rm -rf build
+ sudo ./build.sh
+
+ #after that, install the nsh sfc plugin
+ cd ./packaging/
+ sudo dpkg -i *.deb
+ cd ${PWDDIR}
+fi
+
+#check and setup the hugepages
+SYS_HUGEPAGE=$(cat /sys/kernel/mm/hugepages/hugepages-2048kB/nr_hugepages)
+if [ ${SYS_HUGEPAGE} -lt 1024 ]; then
+ MOUNT=$(mount | grep /mnt/huge)
+ while [ "${MOUNT}" != "" ]
+ do
+ sudo umount /mnt/huge
+ sleep 1
+ MOUNT=$(mount | grep /mnt/huge)
+ done
+
+ echo 2048 | sudo tee /sys/devices/system/node/node0/hugepages/hugepages-2048kB/nr_hugepages
+ echo 2048 | sudo tee /sys/devices/system/node/node1/hugepages/hugepages-2048kB/nr_hugepages
+
+ sudo mkdir -p /mnt/huge
+ sudo mount -t hugetlbfs nodev /mnt/huge/
+ test $? -eq 0 || exit 1
+fi
+
+#check and set the max map count
+SYS_MAP=$(cat /proc/sys/vm/max_map_count)
+if [ ${SYS_MAP} -lt 200000 ]; then
+ echo 200000 | sudo tee /proc/sys/vm/max_map_count
+fi
+
+#after all, we can start the vpp service now
+sudo service vpp start
diff --git a/nsh_sfc_tests/sfc_scripts/set_nsh_proxy_inbound.sh b/nsh_sfc_tests/sfc_scripts/set_nsh_proxy_inbound.sh
new file mode 100755
index 0000000000..7535f0db2b
--- /dev/null
+++ b/nsh_sfc_tests/sfc_scripts/set_nsh_proxy_inbound.sh
@@ -0,0 +1,32 @@
+#!/bin/bash
+
+set -x
+
+sudo service vpp restart
+sleep 5
+
+sudo vppctl set int state $1 up
+sleep 10
+sudo vppctl set int ip table $1 0
+sudo vppctl set int ip address $1 192.168.50.76/24
+
+sudo vppctl create vxlan-gpe tunnel local 192.168.50.76 remote 192.168.50.72 vni 9 next-nsh encap-vrf-id 0 decap-vrf-id 0
+sudo vppctl set int l2 bridge vxlan_gpe_tunnel0 1 1
+
+sudo vppctl create vxlan tunnel src 192.168.50.76 dst 192.168.50.71 vni 1 encap-vrf-id 0 decap-next node nsh-proxy
+sudo vppctl set int l2 bridge vxlan_tunnel0 1 1
+
+sudo vppctl create nsh entry nsp 185 nsi 255 md-type 1 c1 3232248395 c2 9 c3 3232248392 c4 50336437 next-ethernet
+sudo vppctl create nsh entry nsp 185 nsi 254 md-type 1 c1 3232248395 c2 9 c3 3232248392 c4 50336437 next-ethernet
+
+sleep 2
+vxlan_gpe_index=`sudo vppctl sh interfaces | grep "vxlan_gpe_tunnel0" | awk '{print $2}'`
+vxlan_index=`sudo vppctl sh interfaces | grep "vxlan_tunnel0" | awk '{print $2}'`
+sudo vppctl create nsh map nsp 185 nsi 255 mapped-nsp 185 mapped-nsi 255 nsh_action pop encap-vxlan4-intf ${vxlan_index}
+sudo vppctl create nsh map nsp 185 nsi 254 mapped-nsp 185 mapped-nsi 254 nsh_action push encap-vxlan-gpe-intf ${vxlan_gpe_index}
+
+sudo vppctl ip route add 192.168.50.72/24 via 192.168.50.76
+sudo vppctl set ip arp $1 192.168.50.71 $2
+sudo vppctl set ip arp $1 192.168.50.72 $2
+
+sudo vppctl trace add dpdk-input 100
diff --git a/nsh_sfc_tests/sfc_scripts/set_nsh_proxy_outbound.sh b/nsh_sfc_tests/sfc_scripts/set_nsh_proxy_outbound.sh
new file mode 100755
index 0000000000..d52bdf039f
--- /dev/null
+++ b/nsh_sfc_tests/sfc_scripts/set_nsh_proxy_outbound.sh
@@ -0,0 +1,32 @@
+#!/bin/bash
+
+set -x
+
+sudo service vpp restart
+sleep 5
+
+sudo vppctl set int state $1 up
+sleep 10
+sudo vppctl set int ip table $1 0
+sudo vppctl set int ip address $1 192.168.50.76/24
+
+sudo vppctl create vxlan-gpe tunnel local 192.168.50.76 remote 192.168.50.71 vni 9 next-nsh encap-vrf-id 0 decap-vrf-id 0
+sudo vppctl set int l2 bridge vxlan_gpe_tunnel0 1 1
+
+sudo vppctl create vxlan tunnel src 192.168.50.76 dst 192.168.50.72 vni 1 encap-vrf-id 0 decap-next node nsh-proxy
+sudo vppctl set int l2 bridge vxlan_tunnel0 1 1
+
+sudo vppctl create nsh entry nsp 185 nsi 255 md-type 1 c1 3232248395 c2 9 c3 3232248392 c4 50336437 next-ethernet
+sudo vppctl create nsh entry nsp 185 nsi 254 md-type 1 c1 3232248395 c2 9 c3 3232248392 c4 50336437 next-ethernet
+
+sleep 2
+vxlan_gpe_index=`sudo vppctl sh interfaces | grep "vxlan_gpe_tunnel0" | awk '{print $2}'`
+vxlan_index=`sudo vppctl sh interfaces | grep "vxlan_tunnel0" | awk '{print $2}'`
+sudo vppctl create nsh map nsp 185 nsi 255 mapped-nsp 185 mapped-nsi 255 nsh_action pop encap-vxlan4-intf ${vxlan_index}
+sudo vppctl create nsh map nsp 185 nsi 254 mapped-nsp 185 mapped-nsi 254 nsh_action push encap-vxlan-gpe-intf ${vxlan_gpe_index}
+
+sudo vppctl ip route add 192.168.50.72/24 via 192.168.50.76
+sudo vppctl set ip arp $1 192.168.50.71 $2
+sudo vppctl set ip arp $1 192.168.50.72 $2
+
+sudo vppctl trace add dpdk-input 100
diff --git a/nsh_sfc_tests/sfc_scripts/set_sfc_sff.sh b/nsh_sfc_tests/sfc_scripts/set_sfc_sff.sh
new file mode 100755
index 0000000000..2223e5d039
--- /dev/null
+++ b/nsh_sfc_tests/sfc_scripts/set_sfc_sff.sh
@@ -0,0 +1,32 @@
+#!/bin/bash
+
+set -x
+
+sudo service vpp restart
+sleep 5
+
+sudo vppctl set int state $1 up
+sleep 10
+sudo vppctl set int ip table $1 7
+sudo vppctl set int ip address $1 192.168.50.76/24
+
+sudo vppctl create vxlan-gpe tunnel local 192.168.50.76 remote 192.168.50.71 vni 9 next-nsh encap-vrf-id 7 decap-vrf-id 7
+sudo vppctl set int l2 bridge vxlan_gpe_tunnel0 1 1
+
+sudo vppctl create vxlan-gpe tunnel local 192.168.50.76 remote 192.168.50.72 vni 10 next-nsh encap-vrf-id 7 decap-vrf-id 7
+sudo vppctl set int l2 bridge vxlan_gpe_tunnel1 1 1
+
+sudo vppctl create nsh entry nsp 185 nsi 255 md-type 1 c1 3232248395 c2 9 c3 3232248392 c4 50336437 next-ethernet
+sudo vppctl create nsh entry nsp 185 nsi 254 md-type 1 c1 3232248395 c2 9 c3 3232248392 c4 50336437 next-ethernet
+
+sleep 2
+vxlan_gpe_index0=`sudo vppctl sh interfaces | grep "vxlan_gpe_tunnel0" | awk '{print $2}'`
+vxlan_gpe_index1=`sudo vppctl sh interfaces | grep "vxlan_gpe_tunnel1" | awk '{print $2}'`
+sudo vppctl create nsh map nsp 185 nsi 255 mapped-nsp 185 mapped-nsi 254 nsh_action swap encap-vxlan-gpe-intf ${vxlan_gpe_index0}
+
+sudo vppctl ip route add 192.168.50.71/32 via 192.168.50.76 $1
+sudo vppctl ip route add 192.168.50.72/32 via 192.168.50.76 $1
+sudo vppctl set ip arp fib-id 7 $1 192.168.50.71 $2
+sudo vppctl set ip arp fib-id 7 $1 192.168.50.72 $2
+
+sudo vppctl trace add dpdk-input 100
diff --git a/nsh_sfc_tests/sfc_scripts/start_tcpdump.sh b/nsh_sfc_tests/sfc_scripts/start_tcpdump.sh
new file mode 100755
index 0000000000..9d51e667bd
--- /dev/null
+++ b/nsh_sfc_tests/sfc_scripts/start_tcpdump.sh
@@ -0,0 +1,11 @@
+#!/bin/bash
+
+ROOTDIR=/tmp/openvpp-testing
+PWDDIR=$(pwd)
+
+cd ${ROOTDIR}/nsh_sfc_tests/sfc_scripts/
+sudo rm -f temp_packet.pcap
+
+sudo tcpdump -i $1 -c 1 -w temp_packet.pcap dst host $2 >/dev/null 2>&1 &
+
+cd ${PWDDIR}
diff --git a/resources/libraries/python/SFC/SFCConstants.py b/resources/libraries/python/SFC/SFCConstants.py
new file mode 100644
index 0000000000..33391a1771
--- /dev/null
+++ b/resources/libraries/python/SFC/SFCConstants.py
@@ -0,0 +1,43 @@
+#!/usr/bin/env python
+# Copyright (c) 2017 Cisco and/or its affiliates.
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at:
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+
+"""
+This module define some constants.
+"""
+
+class SFCConstants(object):
+ """
+ Define some constants for the test filed verify.
+ """
+
+ DEF_SRC_PORT = 1234
+ DEF_DST_PORT = 5678
+ UDP_PROTOCOL = 17
+ VxLAN_UDP_PORT = 4789
+ VxLANGPE_UDP_PORT = 4790
+ VxLAN_FLAGS = 0x8
+ VxLAN_DEFAULT_VNI = 1
+ VxLANGPE_FLAGS = 0xc
+ VxLANGPE_NEXT_PROTOCOL = 0x4
+ VxLANGPE_DEFAULT_VNI = 9
+ NSH_FLAGS = 0x0
+ NSH_HEADER_LENGTH = 0x6
+ NSH_DEFAULT_MDTYPE = 0x1
+ NSH_NEXT_PROTOCOL = 0x3
+ NSH_DEFAULT_NSP = 185
+ NSH_DEFAULT_NSI = 255
+ NSH_DEFAULT_C1 = 3232248395
+ NSH_DEFAULT_C2 = 9
+ NSH_DEFAULT_C3 = 3232248392
+ NSH_DEFAULT_C4 = 50336437
diff --git a/resources/libraries/python/SFC/SFCTest.py b/resources/libraries/python/SFC/SFCTest.py
new file mode 100644
index 0000000000..456457f9f6
--- /dev/null
+++ b/resources/libraries/python/SFC/SFCTest.py
@@ -0,0 +1,93 @@
+# Copyright (c) 2017 Cisco and/or its affiliates.
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at:
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+
+"""
+This module implements functionality which configure and start
+the NSH SFC functional test.
+"""
+
+from resources.libraries.python.ssh import SSH
+from resources.libraries.python.constants import Constants as con
+from resources.libraries.python.topology import Topology
+
+class SFCTest(object):
+ """Configure and Start the NSH SFC functional tests."""
+
+ @staticmethod
+ def config_and_start_SFC_test(dut_node, dut_port, adj_mac, testtype):
+ """
+ Start the SFC functional on the dut_node.
+
+ :param dut_node: Will execute the SFC on this node.
+ :param dut_port: The ingress interface on the DUT.
+ :param adj_mac: The adjacency interface MAC.
+ :param testtype: The SFC functional test type.
+ (Classifier, Proxy Inbound, Proxy Outbound, SFF).
+ :type dut_node: dict
+ :type dut_port: str
+ :type adj_mac: str
+ :type testtype: str
+ :returns: none
+ :raises RuntimeError: If the script execute fails.
+ """
+
+ vpp_intf_name = Topology.get_interface_name(dut_node, dut_port)
+
+ ssh = SSH()
+ ssh.connect(dut_node)
+
+ if testtype == "Classifier":
+ exec_shell = "set_sfc_classifier.sh"
+ elif testtype == "Proxy Inbound":
+ exec_shell = "set_nsh_proxy_inbound.sh"
+ elif testtype == "Proxy Outbound":
+ exec_shell = "set_nsh_proxy_outbound.sh"
+ else:
+ exec_shell = "set_sfc_sff.sh"
+
+ cmd = 'cd {0}/nsh_sfc_tests/sfc_scripts/ && sudo ./{1} {2} ' \
+ '{3} {4}'.format(con.REMOTE_FW_DIR, exec_shell, vpp_intf_name,
+ adj_mac, dut_port)
+
+ (ret_code, _, _) = ssh.exec_command(cmd, timeout=600)
+ if ret_code != 0:
+ raise RuntimeError('Failed to execute SFC setup script ' \
+ '{0} at node {1}'.format(exec_shell, dut_node['host']))
+
+ @staticmethod
+ def start_the_tcpdump_on_the_node(from_node, from_port, filter_ip):
+ """
+ Start the tcpdump on the frome_node.
+
+ :param from_node: Will execute the tcpdump on this node.
+ :param from_port: Will capture the packets on this interface.
+ :param filter_ip: filter the dest ip.
+ :type from_node: dict
+ :type from_port: str
+ :type filter_ip: str
+ :returns: none
+ :raises RuntimeError: If the script "start_tcpdump.sh" fails.
+ """
+
+ interface_name = Topology.get_interface_name(from_node, from_port)
+
+ ssh = SSH()
+ ssh.connect(from_node)
+
+ cmd = 'cd {0}/nsh_sfc_tests/sfc_scripts/ && sudo ./start_tcpdump.sh ' \
+ '{1} {2}'.format(con.REMOTE_FW_DIR, interface_name, filter_ip)
+
+ (ret_code, _, _) = ssh.exec_command(cmd, timeout=600)
+ if ret_code != 0:
+ raise RuntimeError('Failed to exec start_tcpdump.sh at node {0}'.
+ format(from_node['host']))
diff --git a/resources/libraries/python/SFC/SetupSFCTest.py b/resources/libraries/python/SFC/SetupSFCTest.py
new file mode 100644
index 0000000000..d481202837
--- /dev/null
+++ b/resources/libraries/python/SFC/SetupSFCTest.py
@@ -0,0 +1,226 @@
+# Copyright (c) 2017 Cisco and/or its affiliates.
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at:
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+
+"""This module exists to provide setup utilities for the framework on topology
+nodes. All tasks required to be run before the actual tests are started is
+supposed to end up here.
+"""
+
+from shlex import split
+from subprocess import Popen, PIPE, call
+from multiprocessing import Pool
+from tempfile import NamedTemporaryFile
+from os.path import basename
+
+from robot.api import logger
+from robot.libraries.BuiltIn import BuiltIn
+
+from resources.libraries.python.ssh import SSH
+from resources.libraries.python.constants import Constants as con
+from resources.libraries.python.topology import NodeType
+from resources.libraries.python.topology import Topology
+
+__all__ = ["SetupSFCTest"]
+
+
+def pack_framework_dir():
+ """Pack the testing WS into temp file, return its name.
+
+ :returns: the temporary package file name.
+ :rtype: str
+ :raises: If execute the tar command failed.
+ """
+
+ tmpfile = NamedTemporaryFile(suffix=".tgz", prefix="SFC-testing-")
+ file_name = tmpfile.name
+ tmpfile.close()
+
+ proc = Popen(
+ split("tar --exclude-vcs --exclude=./tmp -zcf {0} .".format(file_name)),
+ stdout=PIPE, stderr=PIPE)
+ (stdout, stderr) = proc.communicate()
+
+ logger.debug(stdout)
+ logger.debug(stderr)
+
+ return_code = proc.wait()
+ if return_code != 0:
+ raise RuntimeError("Could not pack testing framework.")
+
+ return file_name
+
+
+def copy_tarball_to_node(tarball, node):
+ """Copy tarball file from local host to remote node.
+
+ :param tarball: Path to tarball to upload.
+ :param node: Node in the topology where the tarball will be copied to.
+ :type tarball: str
+ :type node: dict
+ :returns: nothing
+ """
+ logger.console('Copying tarball to {0}'.format(node['host']))
+ ssh = SSH()
+ ssh.connect(node)
+
+ ssh.scp(tarball, "/tmp/")
+
+
+def extract_tarball_at_node(tarball, node):
+ """Extract tarball at given node.
+
+ Extracts tarball using tar on given node to specific CSIT loocation.
+
+ :param tarball: Path to tarball to upload.
+ :param node: Dictionary created from topology.
+ :type tarball: str
+ :type node: dict
+ :returns: nothing
+ :raises: If unpack the file failed.
+ """
+ logger.console('Extracting tarball to {0} on {1}'.format(
+ con.REMOTE_FW_DIR, node['host']))
+ ssh = SSH()
+ ssh.connect(node)
+
+ cmd = 'sudo rm -rf {1}; mkdir {1} ; tar -zxf {0} -C {1}; ' \
+ 'rm -f {0}'.format(tarball, con.REMOTE_FW_DIR)
+ (ret_code, _, stderr) = ssh.exec_command(cmd, timeout=30)
+ if ret_code != 0:
+ logger.error('Unpack error: {0}'.format(stderr))
+ raise RuntimeError('Failed to unpack {0} at node {1}'.format(
+ tarball, node['host']))
+
+
+def create_env_directory_at_node(node):
+ """Create fresh virtualenv to a directory, install pip requirements.
+
+ :param node: Dictionary created from topology, will only install in the TG
+ :type node: dict
+ :returns: nothing
+ """
+ logger.console('Extracting virtualenv, installing requirements.txt '
+ 'on {0}'.format(node['host']))
+ ssh = SSH()
+ ssh.connect(node)
+ (ret_code, stdout, stderr) = ssh.exec_command(
+ 'cd {0} && rm -rf env && '
+ 'virtualenv --system-site-packages --never-download env && '
+ '. env/bin/activate && pip install -r requirements.txt'
+ .format(con.REMOTE_FW_DIR), timeout=100)
+ if ret_code != 0:
+ logger.error('Virtualenv creation error: {0}'.format(stdout + stderr))
+ raise RuntimeError('Virtualenv setup failed')
+ else:
+ logger.console('Virtualenv created on {0}'.format(node['host']))
+
+def install_sfc_test(node):
+ """Prepare the NSH SFC test envrionment.
+
+ :param node: Dictionary created from topology
+ :type node: dict
+ :returns: nothing
+ """
+ logger.console('Install the NSH SFC on {0}'.format(node['host']))
+
+ if_name_list = Topology.get_node_interfaces(node)
+
+ ssh = SSH()
+ ssh.connect(node)
+
+ (ret_code, _, stderr) = ssh.exec_command(
+ 'cd {0}/nsh_sfc_tests/sfc_scripts/ && ./install_sfc.sh {1} {2}'
+ .format(con.REMOTE_FW_DIR, if_name_list[0], if_name_list[1]), \
+ timeout=600)
+
+ if ret_code != 0:
+ logger.error('Install the NSH SFC error: {0}'.format(stderr))
+ raise RuntimeError('Install the NSH SFC failed')
+ else:
+ logger.console('Install the NSH SFC on {0} success!'.
+ format(node['host']))
+
+def setup_node(args):
+ """Run all set-up methods for a node.
+
+ This method is used as map_async parameter. It receives tuple with all
+ parameters as passed to map_async function.
+
+ :param args: All parameters needed to setup one node.
+ :type args: tuple
+ :returns: True - success, False - error
+ :rtype: bool
+ """
+ tarball, remote_tarball, node = args
+ try:
+ copy_tarball_to_node(tarball, node)
+ extract_tarball_at_node(remote_tarball, node)
+ if node['type'] == NodeType.DUT:
+ install_sfc_test(node)
+ if node['type'] == NodeType.TG:
+ create_env_directory_at_node(node)
+ except RuntimeError as exc:
+ logger.error("Node setup failed, error:'{0}'".format(exc.message))
+ return False
+ else:
+ logger.console('Setup of node {0} done'.format(node['host']))
+ return True
+
+def delete_local_tarball(tarball):
+ """Delete local tarball to prevent disk pollution.
+
+ :param tarball: Path to tarball to upload.
+ :type tarball: str
+ :returns: nothing
+ """
+ call(split('sh -c "rm {0} > /dev/null 2>&1"'.format(tarball)))
+
+
+class SetupSFCTest(object):
+ """Setup suite run on topology nodes.
+
+ Many VAT/CLI based tests need the scripts at remote hosts before executing
+ them. This class packs the whole testing directory and copies it over
+ to all nodes in topology under /tmp/
+ """
+
+ @staticmethod
+ def setup_nsh_sfc_test(nodes):
+ """Pack the whole directory and extract in temp on each node."""
+
+ tarball = pack_framework_dir()
+ msg = 'Framework packed to {0}'.format(tarball)
+ logger.console(msg)
+ logger.trace(msg)
+ remote_tarball = "/tmp/{0}".format(basename(tarball))
+
+ # Turn off logging since we use multiprocessing
+ log_level = BuiltIn().set_log_level('NONE')
+ params = ((tarball, remote_tarball, node) for node in nodes.values())
+ pool = Pool(processes=len(nodes))
+ result = pool.map_async(setup_node, params)
+ pool.close()
+ pool.join()
+
+ # Turn on logging
+ BuiltIn().set_log_level(log_level)
+
+ logger.info(
+ 'Executed node setups in parallel, waiting for processes to end')
+ result.wait()
+
+ logger.info('Results: {0}'.format(result.get()))
+
+ logger.trace('Test framework copied to all topology nodes')
+ delete_local_tarball(tarball)
+ logger.console('All nodes are ready')
diff --git a/resources/libraries/python/SFC/TunnelProtocol.py b/resources/libraries/python/SFC/TunnelProtocol.py
new file mode 100644
index 0000000000..4b4377c895
--- /dev/null
+++ b/resources/libraries/python/SFC/TunnelProtocol.py
@@ -0,0 +1,41 @@
+# Copyright (c) 2017 Cisco and/or its affiliates.
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at:
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+
+"""
+This module implements the VxLAN/VXLAN-GPE/NSH protocol
+for the packet analyse.
+"""
+from scapy.all import Packet
+from scapy.all import XByteField, ShortField
+from scapy.all import BitField, XBitField, IntField
+
+class VxLAN(Packet):
+ """Define the vxlan protocol for the packet analysis."""
+ name = "vxlan"
+ fields_desc = [XByteField("flags", 0x08), BitField("reserved", 0, 24),
+ BitField("vni", 0, 24), XByteField("reserved", 0x00)]
+
+class VxLANGPE(Packet):
+ """Define the vxlan-gpe protocol for the packet analysis."""
+ name = "vxlan-gpe"
+ fields_desc = [XByteField("flags", 0x0c), ShortField("reserved", 0),
+ XByteField("nextproto", 0x3), BitField("vni", 0, 24),
+ XByteField("reserved", 0x0)]
+
+class NSH(Packet):
+ """Define the NSH protocol for the packet analysis."""
+ name = "nsh"
+ fields_desc = [XBitField("flags", 0x0, 10), XBitField("length", 0x6, 6),
+ XByteField("MDtype", 0x1), XByteField("nextproto", 0x3),
+ IntField("nsp_nsi", 0), IntField("c1", 0),
+ IntField("c2", 0), IntField("c3", 0), IntField("c4", 0)]
diff --git a/resources/libraries/python/SFC/VerifyPacket.py b/resources/libraries/python/SFC/VerifyPacket.py
new file mode 100644
index 0000000000..66bd09899d
--- /dev/null
+++ b/resources/libraries/python/SFC/VerifyPacket.py
@@ -0,0 +1,223 @@
+#!/usr/bin/env python
+# Copyright (c) 2017 Cisco and/or its affiliates.
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at:
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+
+"""
+This module defines the common functions.
+"""
+
+import ipaddress
+
+from scapy.layers.inet import IP, UDP
+from scapy.all import Raw
+from scapy.utils import rdpcap
+from resources.libraries.python.constants import Constants as con
+from resources.libraries.python.SFC.SFCConstants import SFCConstants as sfccon
+from resources.libraries.python.SFC.TunnelProtocol import VxLAN, VxLANGPE, NSH
+
+from robot.api import logger
+
+def valid_ipv4(ipaddr):
+ """Check if IP address has the correct IPv4 address format.
+
+ :param ipaddr: IP address.
+ :type ipaddr: str
+ :returns: True in case of correct IPv4 address format,
+ otherwise return False.
+ :rtype: bool
+ """
+ try:
+ ipaddress.IPv4Address(unicode(ipaddr))
+ return True
+ except (AttributeError, ipaddress.AddressValueError):
+ return False
+
+
+def valid_ipv6(ipaddr):
+ """Check if IP address has the correct IPv6 address format.
+
+ :param ipaddr: IP address.
+ :type ipaddr: str
+ :returns: True in case of correct IPv6 address format,
+ otherwise return False.
+ :rtype: bool
+ """
+ try:
+ ipaddress.IPv6Address(unicode(ipaddr))
+ return True
+ except (AttributeError, ipaddress.AddressValueError):
+ return False
+
+
+class VerifyPacket(object):
+ """Define some functions for the test filed verify."""
+
+ @staticmethod
+ def check_vxlan_protocol(payload_data):
+ """
+ verify the vxlan protocol in the payload data.
+
+ :param payload_data: the payload data in the packet.
+ :type payload_data: str
+ :returns: none
+ :raises RuntimeError: If the vxlan protocol field verify fails.
+ """
+ # get the vxlan packet and check it
+ vxlan_pkt = VxLAN(payload_data[0:8])
+ if vxlan_pkt.flags != sfccon.VxLAN_FLAGS:
+ raise RuntimeError("Unexpected Vxlan flags: {0}".
+ format(vxlan_pkt.flags))
+
+ if vxlan_pkt.vni != sfccon.VxLAN_DEFAULT_VNI:
+ raise RuntimeError("Unexpected VNI flag: {0}".format(vxlan_pkt.vni))
+
+ @staticmethod
+ def check_vxlangpe_nsh_protocol(payload_data, test_type):
+ """
+ verify the vxlangpe and nsh protocol in the payload data.
+
+ :param payload_data: the payload data in the packet.
+ :param test_type: the functional test type.
+ :type payload_data: str
+ :type test_type: str
+ :returns: none
+ :raises RuntimeError: If the vxlangpe and nsh protocol
+ field verify fails.
+ """
+ # get the vxlan-gpe packet and check it
+ vxlangpe_pkt = VxLANGPE(payload_data[0:8])
+ if vxlangpe_pkt.flags != sfccon.VxLANGPE_FLAGS:
+ raise RuntimeError("Unexpected Vxlan-GPE flags: {0}".
+ format(vxlangpe_pkt.flags))
+
+ if vxlangpe_pkt.nextproto != sfccon.VxLANGPE_NEXT_PROTOCOL:
+ raise RuntimeError("next protocol not the NSH")
+
+ if vxlangpe_pkt.vni != sfccon.VxLANGPE_DEFAULT_VNI:
+ raise RuntimeError("Unexpected VNI flag: {0}".
+ format(vxlangpe_pkt.vni))
+
+ # get the NSH packet and check it
+ nsh_pkt = NSH(payload_data[8:32])
+ if nsh_pkt.flags != sfccon.NSH_FLAGS:
+ raise RuntimeError("Unexpected NSH flags: {0}".
+ format(nsh_pkt.flags))
+
+ if nsh_pkt.length != sfccon.NSH_HEADER_LENGTH:
+ raise RuntimeError("NSH length {0} incorrect".
+ format(nsh_pkt.length))
+
+ if nsh_pkt.MDtype != sfccon.NSH_DEFAULT_MDTYPE:
+ raise RuntimeError("NSH MD-Type {0} incorrect".
+ format(nsh_pkt.MDtype))
+
+ if nsh_pkt.nextproto != sfccon.NSH_NEXT_PROTOCOL:
+ raise RuntimeError("NSH next protocol {0} incorrect".
+ format(nsh_pkt.nextproto))
+
+ if test_type == "Proxy Outbound" or test_type == "SFF":
+ expect_nsi = sfccon.NSH_DEFAULT_NSI - 1
+ else:
+ expect_nsi = sfccon.NSH_DEFAULT_NSI
+
+ nsp_nsi = nsh_pkt.nsp_nsi
+ nsp = nsp_nsi >> 8
+ nsi = nsp_nsi & 0x000000FF
+ if nsp != sfccon.NSH_DEFAULT_NSP:
+ raise RuntimeError("NSH Service Path ID {0} incorrect".format(nsp))
+
+ if nsi != expect_nsi:
+ raise RuntimeError("NSH Service Index {0} incorrect".format(nsi))
+
+ nsh_c1 = nsh_pkt.c1
+ if nsh_c1 != sfccon.NSH_DEFAULT_C1:
+ raise RuntimeError("NSH c1 {0} incorrect".format(nsh_c1))
+
+ nsh_c2 = nsh_pkt.c2
+ if nsh_c2 != sfccon.NSH_DEFAULT_C2:
+ raise RuntimeError("NSH c2 {0} incorrect".format(nsh_c2))
+
+ nsh_c3 = nsh_pkt.c3
+ if nsh_c3 != sfccon.NSH_DEFAULT_C3:
+ raise RuntimeError("NSH c3 {0} incorrect".format(nsh_c3))
+
+ nsh_c4 = nsh_pkt.c4
+ if nsh_c4 != sfccon.NSH_DEFAULT_C4:
+ raise RuntimeError("NSH c4 {0} incorrect".format(nsh_c4))
+
+
+ @staticmethod
+ def check_the_nsh_sfc_packet(frame_size, test_type):
+ """
+ verify the NSH SFC functional test loopback packet field
+ is correct.
+
+ :param frame_size: the origin frame size.
+ :param test_type: the test type.
+ (Classifier, Proxy Inbound, Proxy Outbound, SFF).
+ :type frame_size: Integer
+ :type test_type: str
+ :returns: none
+ :raises RuntimeError: If the packet field verify fails.
+ """
+
+ rx_pcapfile = '{0}/nsh_sfc_tests/sfc_scripts/temp_packet.pcap' \
+ .format(con.REMOTE_FW_DIR)
+
+ logger.trace('read pcap file:{0}'.format(rx_pcapfile))
+
+ packets = rdpcap(rx_pcapfile)
+ if len(packets) < 1:
+ raise RuntimeError("No packet is received!")
+
+ ether = packets[0]
+
+ origin_size = int(frame_size)
+ if test_type == "Classifier":
+ expect_pkt_len = origin_size + 74 - 4
+ elif test_type == "Proxy Inbound":
+ expect_pkt_len = origin_size - 24 - 4
+ elif test_type == "Proxy Outbound":
+ expect_pkt_len = origin_size + 24 - 4
+ else:
+ expect_pkt_len = origin_size - 4
+
+ recv_pkt_len = len(ether)
+ if recv_pkt_len != expect_pkt_len:
+ raise RuntimeError("Received packet size {0} not " \
+ "the expect size {1}".format(recv_pkt_len, \
+ expect_pkt_len))
+
+ if not ether.haslayer(IP):
+ raise RuntimeError("Not a IPv4 packet")
+
+ pkt_proto = ether[IP].proto
+ if pkt_proto != sfccon.UDP_PROTOCOL:
+ raise RuntimeError("Not a UDP packet , {0}".format(pkt_proto))
+
+ if test_type == "Proxy Inbound":
+ expect_udp_port = sfccon.VxLAN_UDP_PORT
+ else:
+ expect_udp_port = sfccon.VxLANGPE_UDP_PORT
+
+ dst_port = ether[UDP].dport
+ if dst_port != expect_udp_port:
+ raise RuntimeError("UDP dest port must be {0}, {1}".
+ format(expect_udp_port, dst_port))
+
+ payload_data = ether[Raw].load
+
+ if test_type == "Proxy Inbound":
+ VerifyPacket.check_vxlan_protocol(payload_data)
+ else:
+ VerifyPacket.check_vxlangpe_nsh_protocol(payload_data, test_type)
diff --git a/resources/libraries/python/SFC/__init__.py b/resources/libraries/python/SFC/__init__.py
new file mode 100644
index 0000000000..e90d968cca
--- /dev/null
+++ b/resources/libraries/python/SFC/__init__.py
@@ -0,0 +1,16 @@
+# Copyright (c) 2017 Cisco and/or its affiliates.
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at:
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+
+"""
+__init__ file for directory resources/libraries/python/SFC
+"""
diff --git a/resources/libraries/robot/nsh_sfc/default.robot b/resources/libraries/robot/nsh_sfc/default.robot
new file mode 100644
index 0000000000..fc70523cdd
--- /dev/null
+++ b/resources/libraries/robot/nsh_sfc/default.robot
@@ -0,0 +1,67 @@
+# Copyright (c) 2017 Cisco and/or its affiliates.
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at:
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+
+*** Settings ***
+| Variables | resources/libraries/python/topology.py
+| Library | resources.libraries.python.topology.Topology
+| Library | resources.libraries.python.InterfaceUtil
+| Library | resources.libraries.python.SFC.SFCTest
+| Library | Collections
+
+*** Keywords ***
+| Setup DUT nodes for '${type}' functional testing
+| | [Documentation] | Configure and Start the SFC functional test
+| | ... | on the DUT node.
+| | ${testtype}= | Convert to String | ${type}
+| | Append Nodes | ${nodes['TG']} | ${nodes['DUT1']}
+| | Compute Path
+| | ${src_port} | ${src_node}= | First Interface
+| | ${dst_port} | ${dst_node}= | Last Interface
+| | Set Suite Variable | ${src_node}
+| | Set Suite Variable | ${src_port}
+| | Set Suite Variable | ${dst_node}
+| | Set Suite Variable | ${dst_port}
+| | Set Interface State | ${src_node} | ${src_port} | 'up'
+| | Set Interface Ethernet MTU | ${src_node} | ${src_port} | 9000
+| | ${adj_mac}= | Get interface mac | ${src_node} | ${src_port}
+| | Config and Start SFC test | ${dst_node} | ${dst_port}
+| | ... | ${adj_mac} | ${testtype}
+
+| Node "${from_node}" interface "${from_port}" send "${size}" Bytes packet to node "${to_node}" interface "${to_port}" for "${type}" test
+| | [Documentation] | At the first start the tcpdump on the TG node,
+| | ... | then build the packet with the scapy and send the packet to the
+| | ... | DUT node, DUT node will receive the packet on the ingress interface
+| | ... | DUT will loopback packet to the TG after processed. TG will use
+| | ... | the tcpdump to capture the packet and check the packet is correct.
+| | ${filter_dst_ip}= | Set Variable | 192.168.50.71
+| | Start the tcpdump on the Node | ${from_node} | ${from_port} | ${filter_dst_ip}
+| | ${src_ip}= | Set Variable If | "${type}" == "Classifier" | 10.10.12.101 | 192.168.50.72
+| | ${dst_ip}= | Set Variable If | "${type}" == "Classifier" | 10.10.12.100 | 192.168.50.76
+| | ${src_mac}= | Get interface mac | ${from_node} | ${from_port}
+| | ${dst_mac}= | Get interface mac | ${to_node} | ${to_port}
+| | ${from_port_name}= | Get interface name | ${from_node} | ${from_port}
+| | ${to_port_name}= | Get interface name | ${to_node} | ${to_port}
+| | ${timeout}= | Set Variable | 10
+| | ${frame_size}= | Convert To Integer | ${size}
+| | ${args}= | Traffic Script Gen Arg | ${from_port_name} | ${from_port_name}
+| | | ... | ${src_mac} | ${dst_mac} | ${src_ip} | ${dst_ip}
+| | ${args}= | Catenate | ${args} | --framesize ${frame_size}
+| | | ... | --timeout ${timeout} | --testtype "${type}"
+| | Run Keyword If | "${type}" == "Classifier" | Run Traffic Script On Node
+| | | | | ... | send_tcp_for_classifier_test.py | ${from_node} | ${args}
+| | ... | ELSE IF | "${type}" == "Proxy Inbound" | Run Traffic Script On Node
+| | | | | ... | send_vxlangpe_nsh_for_proxy_test.py | ${from_node} | ${args}
+| | ... | ELSE IF | "${type}" == "Proxy Outbound" | Run Traffic Script On Node
+| | | | | ... | send_vxlan_for_proxy_test.py | ${from_node} | ${args}
+| | ... | ELSE | Run Traffic Script On Node | send_vxlangpe_nsh_for_sff_test.py
+| | | | | ... | ${from_node} | ${args}
diff --git a/resources/traffic_scripts/send_tcp_for_classifier_test.py b/resources/traffic_scripts/send_tcp_for_classifier_test.py
new file mode 100755
index 0000000000..f08816eaae
--- /dev/null
+++ b/resources/traffic_scripts/send_tcp_for_classifier_test.py
@@ -0,0 +1,86 @@
+#!/usr/bin/env python
+# Copyright (c) 2017 Cisco and/or its affiliates.
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at:
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+
+"""
+Traffic script that sends an TCP packet
+from TG to DUT.
+"""
+import sys
+import time
+
+from scapy.layers.inet import IP, UDP, TCP
+from scapy.layers.inet6 import IPv6
+from scapy.all import Ether, Packet, Raw
+from scapy.all import sendp
+
+from resources.libraries.python.SFC.VerifyPacket import *
+from resources.libraries.python.SFC.SFCConstants import SFCConstants as sfccon
+from resources.libraries.python.TrafficScriptArg import TrafficScriptArg
+
+from robot.api import logger
+
+def main():
+ """Send TCP packet from one traffic generator interface to DUT.
+
+ :raises: If the IP address is invalid.
+ """
+ args = TrafficScriptArg(
+ ['src_mac', 'dst_mac', 'src_ip', 'dst_ip',
+ 'timeout', 'framesize', 'testtype'])
+
+ src_mac = args.get_arg('src_mac')
+ dst_mac = args.get_arg('dst_mac')
+ src_ip = args.get_arg('src_ip')
+ dst_ip = args.get_arg('dst_ip')
+ tx_if = args.get_arg('tx_if')
+ rx_if = args.get_arg('rx_if')
+ timeout = int(args.get_arg('timeout'))
+ frame_size = int(args.get_arg('framesize'))
+ test_type = args.get_arg('testtype')
+
+ protocol = TCP
+ source_port = sfccon.DEF_SRC_PORT
+ destination_port = sfccon.DEF_DST_PORT
+
+ ip_version = None
+ if valid_ipv4(src_ip) and valid_ipv4(dst_ip):
+ ip_version = IP
+ elif valid_ipv6(src_ip) and valid_ipv6(dst_ip):
+ ip_version = IPv6
+ else:
+ raise ValueError("Invalid IP version!")
+
+ pkt_header = (Ether(src=src_mac, dst=dst_mac) /
+ ip_version(src=src_ip, dst=dst_ip) /
+ protocol(sport=int(source_port), dport=int(destination_port)))
+
+ fsize_no_fcs = frame_size - 4
+ pad_len = max(0, fsize_no_fcs - len(pkt_header))
+ pad_data = "A" * pad_len
+
+ pkt_raw = pkt_header / Raw(load=pad_data)
+
+ sendp(pkt_raw, iface=tx_if, count=3)
+
+ time.sleep(timeout)
+
+ # let us begin to check the NSH SFC loopback packet
+ VerifyPacket.check_the_nsh_sfc_packet(frame_size, test_type)
+
+ # we check all the fields about the loopback packet, this test will pass
+ sys.exit(0)
+
+
+if __name__ == "__main__":
+ main()
diff --git a/resources/traffic_scripts/send_vxlan_for_proxy_test.py b/resources/traffic_scripts/send_vxlan_for_proxy_test.py
new file mode 100755
index 0000000000..4087c7f6d8
--- /dev/null
+++ b/resources/traffic_scripts/send_vxlan_for_proxy_test.py
@@ -0,0 +1,94 @@
+#!/usr/bin/env python
+# Copyright (c) 2017 Cisco and/or its affiliates.
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at:
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+
+"""Traffic script that sends an VxLAN packet
+from TG to DUT.
+"""
+import sys
+import time
+
+from scapy.layers.inet import IP, UDP, TCP
+from scapy.layers.inet6 import IPv6
+from scapy.all import Ether, Packet, Raw
+from scapy.all import sendp
+
+from resources.libraries.python.SFC.VerifyPacket import *
+from resources.libraries.python.SFC.SFCConstants import SFCConstants as sfccon
+from resources.libraries.python.TrafficScriptArg import TrafficScriptArg
+
+from robot.api import logger
+
+def main():
+ """Send VxLAN packet from TG to DUT.
+
+ :raises: If the IP address is invalid.
+ """
+ args = TrafficScriptArg(
+ ['src_mac', 'dst_mac', 'src_ip', 'dst_ip',
+ 'timeout', 'framesize', 'testtype'])
+
+ src_mac = args.get_arg('src_mac')
+ dst_mac = args.get_arg('dst_mac')
+ src_ip = args.get_arg('src_ip')
+ dst_ip = args.get_arg('dst_ip')
+ tx_if = args.get_arg('tx_if')
+ rx_if = args.get_arg('rx_if')
+ timeout = int(args.get_arg('timeout'))
+ frame_size = int(args.get_arg('framesize'))
+ test_type = args.get_arg('testtype')
+
+ protocol = TCP
+ source_port = sfccon.DEF_SRC_PORT
+ destination_port = sfccon.DEF_DST_PORT
+
+ ip_version = None
+ if valid_ipv4(src_ip) and valid_ipv4(dst_ip):
+ ip_version = IP
+ elif valid_ipv6(src_ip) and valid_ipv6(dst_ip):
+ ip_version = IPv6
+ else:
+ raise ValueError("Invalid IP version!")
+
+ innerpkt = (Ether(src=src_mac, dst=dst_mac) /
+ ip_version(src=src_ip, dst=dst_ip) /
+ protocol(sport=int(source_port), dport=int(destination_port)))
+
+ vxlan = '\x08\x00\x00\x00\x00\x00\x01\x00'
+
+ raw_data = vxlan + str(innerpkt)
+
+ pkt_header = (Ether(src=src_mac, dst=dst_mac) /
+ ip_version(src=src_ip, dst=dst_ip) /
+ UDP(sport=int(source_port), dport=4789) /
+ Raw(load=raw_data))
+
+ fsize_no_fcs = frame_size - 4
+ pad_len = max(0, fsize_no_fcs - len(pkt_header))
+ pad_data = "A" * pad_len
+
+ pkt_raw = pkt_header / Raw(load=pad_data)
+
+ sendp(pkt_raw, iface=tx_if, count=3)
+
+ time.sleep(timeout)
+
+ # let us begin to check the proxy outbound packet
+ VerifyPacket.check_the_nsh_sfc_packet(frame_size, test_type)
+
+ # we check all the fields about the proxy outbound, this test will pass
+ sys.exit(0)
+
+
+if __name__ == "__main__":
+ main()
diff --git a/resources/traffic_scripts/send_vxlangpe_nsh_for_proxy_test.py b/resources/traffic_scripts/send_vxlangpe_nsh_for_proxy_test.py
new file mode 100755
index 0000000000..ea1f9b15a7
--- /dev/null
+++ b/resources/traffic_scripts/send_vxlangpe_nsh_for_proxy_test.py
@@ -0,0 +1,96 @@
+#!/usr/bin/env python
+# Copyright (c) 2017 Cisco and/or its affiliates.
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at:
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+
+"""Traffic script that sends an VxLAN-GPE+NSH packet
+from TG to DUT.
+"""
+import sys
+import time
+
+from scapy.layers.inet import IP, UDP, TCP
+from scapy.layers.inet6 import IPv6
+from scapy.all import Ether, Packet, Raw
+from scapy.all import sendp
+
+from resources.libraries.python.SFC.VerifyPacket import *
+from resources.libraries.python.SFC.SFCConstants import SFCConstants as sfccon
+from resources.libraries.python.TrafficScriptArg import TrafficScriptArg
+
+from robot.api import logger
+
+def main():
+ """Send VxLAN-GPE+NSH packet from TG to DUT.
+
+ :raises: If the IP address is invalid.
+ """
+ args = TrafficScriptArg(
+ ['src_mac', 'dst_mac', 'src_ip', 'dst_ip',
+ 'timeout', 'framesize', 'testtype'])
+
+ src_mac = args.get_arg('src_mac')
+ dst_mac = args.get_arg('dst_mac')
+ src_ip = args.get_arg('src_ip')
+ dst_ip = args.get_arg('dst_ip')
+ tx_if = args.get_arg('tx_if')
+ rx_if = args.get_arg('rx_if')
+ timeout = int(args.get_arg('timeout'))
+ frame_size = int(args.get_arg('framesize'))
+ test_type = args.get_arg('testtype')
+
+ protocol = TCP
+ source_port = sfccon.DEF_SRC_PORT
+ destination_port = sfccon.DEF_DST_PORT
+
+ ip_version = None
+ if valid_ipv4(src_ip) and valid_ipv4(dst_ip):
+ ip_version = IP
+ elif valid_ipv6(src_ip) and valid_ipv6(dst_ip):
+ ip_version = IPv6
+ else:
+ raise ValueError("Invalid IP version!")
+
+ innerpkt = (Ether(src=src_mac, dst=dst_mac) /
+ ip_version(src=src_ip, dst=dst_ip) /
+ protocol(sport=int(source_port), dport=int(destination_port)))
+
+ vxlangpe_nsh = '\x0c\x00\x00\x04\x00\x00\x09\x00\x00\x06' \
+ '\x01\x03\x00\x00\xb9\xff\xC0\xA8\x32\x4B' \
+ '\x00\x00\x00\x09\xC0\xA8\x32\x48\x03\x00\x12\xB5'
+
+ raw_data = vxlangpe_nsh + str(innerpkt)
+
+ pkt_header = (Ether(src=src_mac, dst=dst_mac) /
+ ip_version(src=src_ip, dst=dst_ip) /
+ UDP(sport=int(source_port), dport=4790) /
+ Raw(load=raw_data))
+
+ fsize_no_fcs = frame_size - 4
+ pad_len = max(0, fsize_no_fcs - len(pkt_header))
+ pad_data = "A" * pad_len
+
+ pkt_raw = pkt_header / Raw(load=pad_data)
+
+ sendp(pkt_raw, iface=tx_if, count=3)
+
+ time.sleep(timeout)
+
+ # let us begin to check the proxy inbound packet
+ VerifyPacket.check_the_nsh_sfc_packet(frame_size, test_type)
+
+ # we check all the fields about the proxy inbound, this test will pass
+ sys.exit(0)
+
+
+if __name__ == "__main__":
+ main()
diff --git a/resources/traffic_scripts/send_vxlangpe_nsh_for_sff_test.py b/resources/traffic_scripts/send_vxlangpe_nsh_for_sff_test.py
new file mode 100755
index 0000000000..b82e2a8938
--- /dev/null
+++ b/resources/traffic_scripts/send_vxlangpe_nsh_for_sff_test.py
@@ -0,0 +1,96 @@
+#!/usr/bin/env python
+# Copyright (c) 2017 Cisco and/or its affiliates.
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at:
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+
+"""Traffic script that sends an VxLAN-GPE+NSH packet
+from TG to DUT.
+"""
+import sys
+import time
+
+from scapy.layers.inet import IP, UDP, TCP
+from scapy.layers.inet6 import IPv6
+from scapy.all import Ether, Packet, Raw
+from scapy.all import sendp
+
+from resources.libraries.python.SFC.VerifyPacket import *
+from resources.libraries.python.SFC.SFCConstants import SFCConstants as sfccon
+from resources.libraries.python.TrafficScriptArg import TrafficScriptArg
+
+from robot.api import logger
+
+def main():
+ """Send VxLAN-GPE+NSH packet from TG to DUT.
+
+ :raises: If the IP address is invalid.
+ """
+ args = TrafficScriptArg(
+ ['src_mac', 'dst_mac', 'src_ip', 'dst_ip',
+ 'timeout', 'framesize', 'testtype'])
+
+ src_mac = args.get_arg('src_mac')
+ dst_mac = args.get_arg('dst_mac')
+ src_ip = args.get_arg('src_ip')
+ dst_ip = args.get_arg('dst_ip')
+ tx_if = args.get_arg('tx_if')
+ rx_if = args.get_arg('rx_if')
+ timeout = int(args.get_arg('timeout'))
+ frame_size = int(args.get_arg('framesize'))
+ test_type = args.get_arg('testtype')
+
+ protocol = TCP
+ source_port = sfccon.DEF_SRC_PORT
+ destination_port = sfccon.DEF_DST_PORT
+
+ ip_version = None
+ if valid_ipv4(src_ip) and valid_ipv4(dst_ip):
+ ip_version = IP
+ elif valid_ipv6(src_ip) and valid_ipv6(dst_ip):
+ ip_version = IPv6
+ else:
+ raise ValueError("Invalid IP version!")
+
+ innerpkt = (Ether(src=src_mac, dst=dst_mac) /
+ ip_version(src=src_ip, dst=dst_ip) /
+ protocol(sport=int(source_port), dport=int(destination_port)))
+
+ vxlangpe_nsh = '\x0c\x00\x00\x04\x00\x00\x0a\x00\x00\x06' \
+ '\x01\x03\x00\x00\xb9\xff\xC0\xA8\x32\x4B' \
+ '\x00\x00\x00\x09\xC0\xA8\x32\x48\x03\x00\x12\xB5'
+
+ raw_data = vxlangpe_nsh + str(innerpkt)
+
+ pkt_header = (Ether(src=src_mac, dst=dst_mac) /
+ ip_version(src=src_ip, dst=dst_ip) /
+ UDP(sport=int(source_port), dport=4790) /
+ Raw(load=raw_data))
+
+ fsize_no_fcs = frame_size - 4
+ pad_len = max(0, fsize_no_fcs - len(pkt_header))
+ pad_data = "A" * pad_len
+
+ pkt_raw = pkt_header / Raw(load=pad_data)
+
+ sendp(pkt_raw, iface=tx_if, count=3)
+
+ time.sleep(timeout)
+
+ # let us begin to check the sfc sff packet
+ VerifyPacket.check_the_nsh_sfc_packet(frame_size, test_type)
+
+ # we check all the fields about the sfc sff, this test will pass
+ sys.exit(0)
+
+
+if __name__ == "__main__":
+ main()