aboutsummaryrefslogtreecommitdiffstats
path: root/resources/libraries/python
diff options
context:
space:
mode:
Diffstat (limited to 'resources/libraries/python')
-rw-r--r--resources/libraries/python/IPsecUtil.py37
-rw-r--r--resources/libraries/python/InterfaceUtil.py12
-rw-r--r--resources/libraries/python/Policer.py16
-rw-r--r--resources/libraries/python/SRv6.py11
4 files changed, 41 insertions, 35 deletions
diff --git a/resources/libraries/python/IPsecUtil.py b/resources/libraries/python/IPsecUtil.py
index 07caad03dc..214764d233 100644
--- a/resources/libraries/python/IPsecUtil.py
+++ b/resources/libraries/python/IPsecUtil.py
@@ -36,7 +36,8 @@ from resources.libraries.python.VPPUtil import VPPUtil
from resources.libraries.python.FlowUtil import FlowUtil
-IPSEC_UDP_PORT_NONE = 0xffff
+IPSEC_UDP_PORT_DEFAULT = 4500
+IPSEC_REPLAY_WINDOW_DEFAULT = 64
def gen_key(length):
@@ -450,7 +451,7 @@ class IPsecUtil:
src_addr = u""
dst_addr = u""
- cmd = u"ipsec_sad_entry_add"
+ cmd = u"ipsec_sad_entry_add_v2"
err_msg = f"Failed to add Security Association Database entry " \
f"on host {node[u'host']}"
sad_entry = dict(
@@ -471,8 +472,9 @@ class IPsecUtil:
dscp=int(IpDscp.IP_API_DSCP_CS0),
),
protocol=int(IPsecProto.IPSEC_API_PROTO_ESP),
- udp_src_port=4500, # default value in api
- udp_dst_port=4500 # default value in api
+ udp_src_port=IPSEC_UDP_PORT_DEFAULT,
+ udp_dst_port=IPSEC_UDP_PORT_DEFAULT,
+ anti_replay_window_size=IPSEC_REPLAY_WINDOW_DEFAULT,
)
args = dict(entry=sad_entry)
with PapiSocketExecutor(node) as papi_exec:
@@ -547,7 +549,7 @@ class IPsecUtil:
IPsecSadFlags.IPSEC_API_SAD_FLAG_IS_TUNNEL_V6
)
- cmd = u"ipsec_sad_entry_add"
+ cmd = u"ipsec_sad_entry_add_v2"
err_msg = f"Failed to add Security Association Database entry " \
f"on host {node[u'host']}"
@@ -569,8 +571,9 @@ class IPsecUtil:
dscp=int(IpDscp.IP_API_DSCP_CS0),
),
protocol=int(IPsecProto.IPSEC_API_PROTO_ESP),
- udp_src_port=4500, # default value in api
- udp_dst_port=4500, # default value in api
+ udp_src_port=IPSEC_UDP_PORT_DEFAULT,
+ udp_dst_port=IPSEC_UDP_PORT_DEFAULT,
+ anti_replay_window_size=IPSEC_REPLAY_WINDOW_DEFAULT,
)
args = dict(entry=sad_entry)
with PapiSocketExecutor(node, is_async=True) as papi_exec:
@@ -1227,7 +1230,7 @@ class IPsecUtil:
# Configure IPSec SAD entries
ckeys = [bytes()] * existing_tunnels
ikeys = [bytes()] * existing_tunnels
- cmd = u"ipsec_sad_entry_add"
+ cmd = u"ipsec_sad_entry_add_v2"
c_key = dict(
length=0,
data=None
@@ -1255,8 +1258,9 @@ class IPsecUtil:
dscp=int(IpDscp.IP_API_DSCP_CS0),
),
salt=0,
- udp_src_port=IPSEC_UDP_PORT_NONE,
- udp_dst_port=IPSEC_UDP_PORT_NONE,
+ udp_src_port=IPSEC_UDP_PORT_DEFAULT,
+ udp_dst_port=IPSEC_UDP_PORT_DEFAULT,
+ anti_replay_window_size=IPSEC_REPLAY_WINDOW_DEFAULT,
)
args = dict(entry=sad_entry)
for i in range(existing_tunnels, n_tunnels):
@@ -1466,7 +1470,7 @@ class IPsecUtil:
]
)
# Configure IPSec SAD entries
- cmd = u"ipsec_sad_entry_add"
+ cmd = u"ipsec_sad_entry_add_v2"
c_key = dict(
length=0,
data=None
@@ -1494,8 +1498,9 @@ class IPsecUtil:
dscp=int(IpDscp.IP_API_DSCP_CS0),
),
salt=0,
- udp_src_port=IPSEC_UDP_PORT_NONE,
- udp_dst_port=IPSEC_UDP_PORT_NONE,
+ udp_src_port=IPSEC_UDP_PORT_DEFAULT,
+ udp_dst_port=IPSEC_UDP_PORT_DEFAULT,
+ anti_replay_window_size=IPSEC_REPLAY_WINDOW_DEFAULT,
)
args = dict(entry=sad_entry)
for i in range(existing_tunnels, n_tunnels):
@@ -2033,10 +2038,8 @@ class IPsecUtil:
:param node: DUT node.
:type node: dict
"""
- cmds = [
- u"ipsec_sa_v4_dump"
- ]
- PapiSocketExecutor.dump_and_log(node, cmds)
+ cmd = "ipsec_sa_v5_dump"
+ PapiSocketExecutor.dump_and_log(node, [cmd])
@staticmethod
def vpp_ipsec_flow_enale_rss(node, proto, type, function="default"):
diff --git a/resources/libraries/python/InterfaceUtil.py b/resources/libraries/python/InterfaceUtil.py
index 9f023d969d..ff013307bc 100644
--- a/resources/libraries/python/InterfaceUtil.py
+++ b/resources/libraries/python/InterfaceUtil.py
@@ -1066,7 +1066,7 @@ class InterfaceUtil:
:raises RuntimeError: if it is unable to create GTPU interface on the
node.
"""
- cmd = u"gtpu_add_del_tunnel"
+ cmd = u"gtpu_add_del_tunnel_v2"
args = dict(
is_add=True,
src_address=IPAddress.create_ip_address_object(
@@ -1077,8 +1077,10 @@ class InterfaceUtil:
),
mcast_sw_if_index=Constants.BITWISE_NON_ZERO,
encap_vrf_id=0,
- decap_next_index=2,
- teid=teid
+ decap_next_index=2, # ipv4
+ teid=teid,
+ # pdu_extension: Unused, false by default.
+ # qfi: Irrelevant when pdu_extension is not used.
)
err_msg = f"Failed to create GTPU tunnel interface " \
f"on host {node[u'host']}"
@@ -1373,7 +1375,7 @@ class InterfaceUtil:
node, u"set logging class rdma level debug"
)
- cmd = u"rdma_create_v3"
+ cmd = u"rdma_create_v4"
pci_addr = Topology.get_interface_pci_addr(node, if_key)
args = dict(
name=InterfaceUtil.pci_to_eth(node, pci_addr),
@@ -1386,6 +1388,8 @@ class InterfaceUtil:
no_multi_seg=False,
max_pktlen=0,
# TODO: Apply desired RSS flags.
+ # rss4 kept 0 (auto) as API default.
+ # rss6 kept 0 (auto) as API default.
)
err_msg = f"Failed to create RDMA interface on host {node[u'host']}"
with PapiSocketExecutor(node) as papi_exec:
diff --git a/resources/libraries/python/Policer.py b/resources/libraries/python/Policer.py
index 6d3bf86462..28ed0b0aa9 100644
--- a/resources/libraries/python/Policer.py
+++ b/resources/libraries/python/Policer.py
@@ -1,4 +1,4 @@
-# Copyright (c) 2021 Cisco and/or its affiliates.
+# Copyright (c) 2024 Cisco and/or its affiliates.
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at:
@@ -72,7 +72,7 @@ class Policer:
def policer_set_configuration(
node, policer_name, cir, eir, cbs, ebs, rate_type, round_type,
policer_type, conform_action_type, exceed_action_type,
- violate_action_type, color_aware, is_add=True, conform_dscp=None,
+ violate_action_type, color_aware, conform_dscp=None,
exceed_dscp=None, violate_dscp=None):
"""Configure policer on VPP node.
@@ -89,7 +89,6 @@ class Policer:
:param exceed_action_type: Exceed action type.
:param violate_action_type: Violate action type.
:param color_aware: Color-blind (cb) or color-aware (ca).
- :param is_add: Add policer if True, else delete.
:param conform_dscp: DSCP for conform mark_and_transmit action.
:param exceed_dscp: DSCP for exceed mark_and_transmit action.
:param violate_dscp: DSCP for vilate mark_and_transmit action.
@@ -106,7 +105,6 @@ class Policer:
:type exceed_action_type: str
:type violate_action_type: str
:type color_aware: str
- :type is_add: bool
:type conform_dscp: str
:type exceed_dscp: str
:type violate_dscp: str
@@ -130,10 +128,8 @@ class Policer:
else 0
)
- cmd = u"policer_add_del"
- args = dict(
- is_add=is_add,
- name=str(policer_name),
+ cmd = u"policer_add"
+ infos = dict(
cir=int(cir),
eir=int(eir),
cb=int(cbs),
@@ -148,6 +144,10 @@ class Policer:
violate_action=violate_action,
color_aware=bool(color_aware == u"'ca'")
)
+ args = dict(
+ name=str(policer_name),
+ infos=infos,
+ )
err_msg = f"Failed to configure policer {policer_name} " \
f"on host {node['host']}"
diff --git a/resources/libraries/python/SRv6.py b/resources/libraries/python/SRv6.py
index d16c3529c3..0170df5ef6 100644
--- a/resources/libraries/python/SRv6.py
+++ b/resources/libraries/python/SRv6.py
@@ -1,4 +1,4 @@
-# Copyright (c) 2023 Cisco and/or its affiliates.
+# Copyright (c) 2024 Cisco and/or its affiliates.
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at:
@@ -222,15 +222,14 @@ class SRv6:
:type sid_list: list
:type mode: str
"""
- # TODO: Convert to use sr_policy_add_v2.
- # The conversion is not straightforward so it was not done when bumping.
- cmd = u"sr_policy_add"
+ cmd = u"sr_policy_add_v2"
args = dict(
bsid_addr=IPv6Address(bsid).packed,
weight=1,
is_encap=bool(mode == u"encap"),
- is_spray=False,
- sids=SRv6.create_srv6_sid_list(sid_list)
+ type=0, # Neither SPRAY nor TEF are needed yet.
+ sids=SRv6.create_srv6_sid_list(sid_list),
+ # encap_src is optional, do not set yet.
)
err_msg = f"Failed to add SR policy for BindingSID {bsid} " \
f"on host {node[u'host']}"