From 452fabf532691f88b36b79bf2469afde18183de2 Mon Sep 17 00:00:00 2001 From: Patrik Hrnciar Date: Tue, 3 May 2016 14:40:52 +0200 Subject: Add iACL IPv4/IPv6 tests. - IPv4: CSIT-15 - IPv6: CSIT-16 Change-Id: I6e66aa853dfaebf1388f1191dbb63f5216820325 Signed-off-by: Patrik Hrnciar --- resources/libraries/python/Classify.py | 86 ++++++++++++++++ resources/libraries/python/IPv4Setup.py | 2 +- resources/libraries/python/IPv6Util.py | 26 +++++ resources/libraries/python/InterfaceUtil.py | 25 +++++ resources/libraries/robot/iacl.robot | 125 +++++++++++++++++++++++ resources/libraries/robot/traffic.robot | 1 - resources/templates/vat/classify_add_session.vat | 1 + resources/templates/vat/classify_add_table.vat | 1 + resources/templates/vat/input_acl_int.vat | 1 + 9 files changed, 266 insertions(+), 2 deletions(-) create mode 100644 resources/libraries/python/Classify.py create mode 100644 resources/libraries/robot/iacl.robot create mode 100644 resources/templates/vat/classify_add_session.vat create mode 100644 resources/templates/vat/classify_add_table.vat create mode 100644 resources/templates/vat/input_acl_int.vat (limited to 'resources') diff --git a/resources/libraries/python/Classify.py b/resources/libraries/python/Classify.py new file mode 100644 index 0000000000..cf93a04b2b --- /dev/null +++ b/resources/libraries/python/Classify.py @@ -0,0 +1,86 @@ +# Copyright (c) 2016 Cisco and/or its affiliates. +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at: +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + + +from robot.api import logger + +from resources.libraries.python.VatExecutor import VatExecutor, VatTerminal + + +class Classify(object): + """Classify utilities.""" + + @staticmethod + def vpp_create_classify_table(node, ip_version, direction): + """Create classify table. + + :param node: VPP node to create classify table. + :param ip_version: Version of IP protocol. + :param direction: Direction of traffic - src/dst. + :type node: dict + :type ip_version: str + :type direction: str + :return table_index: Classify table index. + :return skip_n: Number of skip vectors. + :return match_n: Number of match vectors. + :rtype table_index: int + :rtype skip_n: int + :rtype match_n: int + """ + output = VatExecutor.cmd_from_template(node, "classify_add_table.vat", + ip_version=ip_version, + direction=direction) + + if output[0]["retval"] == 0: + table_index = output[0]["new_table_index"] + skip_n = output[0]["skip_n_vectors"] + match_n = output[0]["match_n_vectors"] + logger.trace('Classify table with table_index {} created on node {}' + .format(table_index, node['host'])) + else: + raise RuntimeError('Unable to create classify table on node {}' + .format(node['host'])) + + return table_index, skip_n, match_n + + @staticmethod + def vpp_configure_classify_session(node, acl_method, table_index, skip_n, + match_n, ip_version, direction, address): + """Configuration of classify session. + + :param node: VPP node to setup classify session. + :param acl_method: ACL method - deny/permit. + :param table_index: Classify table index. + :param skip_n: Number of skip vectors based on mask. + :param match_n: Number of match vectors based on mask. + :param ip_version: Version of IP protocol. + :param direction: Direction of traffic - src/dst. + :param address: IPv4 or IPv6 address. + :type node: dict + :type acl_method: str + :type table_index: int + :type skip_n: int + :type match_n: int + :type ip_version: str + :type direction: str + :type address: str + """ + with VatTerminal(node) as vat: + vat.vat_terminal_exec_cmd_from_template("classify_add_session.vat", + acl_method=acl_method, + table_index=table_index, + skip_n=skip_n, + match_n=match_n, + ip_version=ip_version, + direction=direction, + address=address) diff --git a/resources/libraries/python/IPv4Setup.py b/resources/libraries/python/IPv4Setup.py index 50154103ec..577b225ad1 100644 --- a/resources/libraries/python/IPv4Setup.py +++ b/resources/libraries/python/IPv4Setup.py @@ -319,7 +319,7 @@ class IPv4Setup(object): def add_arp_on_dut(node, interface, ip_address, mac_address): """Set ARP cache entree on DUT node. - :param node: Node in the topology. + :param node: VPP Node in the topology. :param interface: Interface name of the node. :param ip_address: IP address of the interface. :param mac_address: MAC address of the interface. diff --git a/resources/libraries/python/IPv6Util.py b/resources/libraries/python/IPv6Util.py index 519026beae..35ec8d5258 100644 --- a/resources/libraries/python/IPv6Util.py +++ b/resources/libraries/python/IPv6Util.py @@ -16,6 +16,8 @@ import re from resources.libraries.python.ssh import SSH +from resources.libraries.python.VatExecutor import VatTerminal +from resources.libraries.python.topology import Topology class IPv6Util(object): @@ -106,3 +108,27 @@ class IPv6Util(object): raise Exception('Node {n} port {p} IPv6 address not found.'.format( n=node['host'], p=interface)) + + @staticmethod + def add_ip_neighbor(node, interface, ip_address, mac_address): + """Add IP neighbor. + + :param node: VPP node to add ip neighbor. + :param interface: Interface name or sw_if_index. + :param ip_address: IP address. + :param mac_address: MAC address. + :type node: dict + :type interface: str or int + :type ip_address: str + :type mac_address: str + """ + if isinstance(interface, basestring): + sw_if_index = Topology.get_interface_sw_index(node, interface) + else: + sw_if_index = interface + + with VatTerminal(node) as vat: + vat.vat_terminal_exec_cmd_from_template("add_ip_neighbor.vat", + sw_if_index=sw_if_index, + ip_address=ip_address, + mac_address=mac_address) diff --git a/resources/libraries/python/InterfaceUtil.py b/resources/libraries/python/InterfaceUtil.py index 35194f2487..3da0e1a204 100644 --- a/resources/libraries/python/InterfaceUtil.py +++ b/resources/libraries/python/InterfaceUtil.py @@ -580,3 +580,28 @@ class InterfaceUtil(object): else: raise RuntimeError('Create loopback failed on node "{}"' .format(node['host'])) + + @staticmethod + def vpp_enable_input_acl_interface(node, interface, ip_version, + table_index): + """Enable input acl on interface. + + :param node: VPP node to setup interface for input acl. + :param interface: Interface to setup input acl. + :param ip_version: Version of IP protocol. + :param table_index: Classify table index. + :type node: dict + :type interface: str or int + :type ip_version: str + :type table_index: int + """ + if isinstance(interface, basestring): + sw_if_index = Topology.get_interface_sw_index(node, interface) + else: + sw_if_index = interface + + with VatTerminal(node) as vat: + vat.vat_terminal_exec_cmd_from_template("input_acl_int.vat", + sw_if_index=sw_if_index, + ip_version=ip_version, + table_index=table_index) diff --git a/resources/libraries/robot/iacl.robot b/resources/libraries/robot/iacl.robot new file mode 100644 index 0000000000..659edb8c30 --- /dev/null +++ b/resources/libraries/robot/iacl.robot @@ -0,0 +1,125 @@ +# Copyright (c) 2016 Cisco and/or its affiliates. +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at: +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +*** Settings *** +| Documentation | Keywords for iACL tests +| Resource | resources/libraries/robot/default.robot +| Library | resources.libraries.python.InterfaceUtil +| Library | resources.libraries.python.NodePath + +*** Keywords *** +| Node path computed for 3-node topology +| | [Arguments] | ${tg_node} | ${dut1_node} | ${dut2_node} | ${tg_node} +| | [Documentation] | *Create interface variables for 3-node topology.* +| | ... +| | ... | *Arguments:* +| | ... | - ${tg_node} - Node attached to the path. Type: dictionary +| | ... | - ${dut1_node} - Node attached to the path. Type: dictionary +| | ... | - ${dut2_node} - Node attached to the path. Type: dictionary +| | ... +| | ... | _Set testcase variables for nodes and interfaces._ +| | ... | - ${tg_node} - Variable for node in path. Type: dictionary +| | ... | - ${dut1_node} - Variable for node in path. Type: dictionary +| | ... | - ${dut2_node} - Variable for node in path. Type: dictionary +| | ... | - ${tg_if1} - First interface of TG node. Type: str +| | ... | - ${tg_if2} - Second interface of TG node. Type: str +| | ... | - ${dut1_if1} - First interface of first DUT node. Type: str +| | ... | - ${dut1_if2} - Second interface of first DUT node. Type: str +| | ... | - ${dut2_if1} - First interface of second DUT node. Type: str +| | ... | - ${dut2_if2} - Second interface of second DUT node. Type: str +| | ... | - ${tg_if1_mac} - MAC address of TG interface (1st). +| | ... | - ${tg_if2_mac} - MAC address of TG interface (2nd). +| | ... | - ${dut1_if1_mac} - MAC address of DUT1 interface (1st). +| | ... | - ${dut1_if2_mac} - MAC address of DUT1 interface (2nd). +| | ... +| | Append Nodes | ${tg_node} | ${dut1_node} | ${dut2_node} | ${tg_node} +| | Compute Path +| | ${tg_if1} | ${tg_node}= | Next Interface +| | ${dut1_if1} | ${dut1_node}= | Next Interface +| | ${dut1_if2} | ${dut1_node}= | Next Interface +| | ${dut2_if1} | ${dut2_node}= | Next Interface +| | ${dut2_if2} | ${dut2_node}= | Next Interface +| | ${tg_if2} | ${tg_node}= | Next Interface +| | ${tg_if1_mac}= | Get interface mac | ${tg_node} | ${tg_if1} +| | ${tg_if2_mac}= | Get interface mac | ${tg_node} | ${tg_if2} +| | ${dut1_if1_mac}= | Get interface mac | ${dut1_node} | ${dut1_if1} +| | ${dut1_if2_mac}= | Get interface mac | ${dut1_node} | ${dut1_if2} +| | Set Test Variable | ${tg_node} +| | Set Test Variable | ${tg_if1} +| | Set Test Variable | ${tg_if2} +| | Set Test Variable | ${dut1_node} +| | Set Test Variable | ${dut1_if1} +| | Set Test Variable | ${dut1_if2} +| | Set Test Variable | ${dut2_node} +| | Set Test Variable | ${dut2_if1} +| | Set Test Variable | ${dut2_if2} +| | Set Test Variable | ${tg_if1_mac} +| | Set Test Variable | ${tg_if2_mac} +| | Set Test Variable | ${dut1_if1_mac} +| | Set Test Variable | ${dut1_if2_mac} + +| Interfaces in path are up +| | [Documentation] | *Set UP state on interfaces in path on nodes.* +| | ... +| | Set Interface State | ${tg_node} | ${tg_if1} | up +| | Set Interface State | ${tg_node} | ${tg_if2} | up +| | Set Interface State | ${dut1_node} | ${dut1_if1} | up +| | Set Interface State | ${dut1_node} | ${dut1_if2} | up +| | Set Interface State | ${dut2_node} | ${dut2_if1} | up +| | Set Interface State | ${dut2_node} | ${dut2_if2} | up +| | Vpp Node Interfaces Ready Wait | ${dut1_node} +| | Vpp Node Interfaces Ready Wait | ${dut2_node} + +| IPv4 Addresses set on the node interfaces +| | [Arguments] | ${dut_node} | ${int1} | ${ip_addr1} | ${int2} | ${ip_addr2} +| | ... | ${prefix_length} +| | [Documentation] | Setup IPv4 adresses on the node interfaces +| | ... +| | ... | *Arguments* +| | ... | - ${dut_node} - VPP node. +| | ... | - ${int1} - First node interface. +| | ... | - ${ip_addr1} - First IP address. +| | ... | - ${int2} - Second node interface. +| | ... | - ${ip_addr2} - Second IP address. +| | ... | - ${prefix_length} - IP prefix length. +| | ... +| | ... | *Example* +| | ... | \| IPv4 Addresses set on the node interfaces \ +| | ... | \| ${dut1_node} \| ${dut1_if1} \| ${dut1_if1_ip} \ +| | ... | \| ${dut1_if2} \| ${dut1_if2_ip} \| ${prefix_length} \| +| | ... +| | Set Interface Address | ${dut_node} | ${int1} | ${ip_addr1} +| | ... | ${prefix_length} +| | Set Interface Address | ${dut_node} | ${int2} | ${ip_addr2} +| | ... | ${prefix_length} + +| IPv6 Addresses set on the node interfaces +| | [Arguments] | ${dut_node} | ${int1} | ${ip_addr1} | ${int2} | ${ip_addr2} +| | ... | ${prefix_length} +| | [Documentation] | Setup IPv6 adresses on the node interfaces +| | ... +| | ... | *Arguments* +| | ... | - ${dut_node} - VPP node. +| | ... | - ${int1} - First node interface. +| | ... | - ${ip_addr1} - First IP address. +| | ... | - ${int2} - Second node interface. +| | ... | - ${ip_addr2} - Second IP address. +| | ... | - ${prefix_length} - IP prefix length. +| | ... +| | ... | *Example* +| | ... | \| IPv6 Addresses set on the node interfaces \ +| | ... | \| ${dut1_node} \| ${dut1_if1} \| ${dut1_if1_ip} \ +| | ... | \| ${dut1_if2} \| ${dut1_if2_ip} \| ${prefix_length} \| +| | ... +| | Vpp Set If Ipv6 Addr | ${dut_node} | ${int1} | ${ip_addr1} | ${prefix_length} +| | Vpp Set If Ipv6 Addr | ${dut_node} | ${int2} | ${ip_addr2} | ${prefix_length} diff --git a/resources/libraries/robot/traffic.robot b/resources/libraries/robot/traffic.robot index b97a6d4360..fc1fa363fe 100644 --- a/resources/libraries/robot/traffic.robot +++ b/resources/libraries/robot/traffic.robot @@ -105,4 +105,3 @@ | | Run Keyword And Expect Error | ICMP echo Rx timeout | | | ... | Run Traffic Script On Node | send_icmp_check_headers.py | | ... | ${tg_node} | ${args} -l \ No newline at end of file diff --git a/resources/templates/vat/classify_add_session.vat b/resources/templates/vat/classify_add_session.vat new file mode 100644 index 0000000000..e68b46f965 --- /dev/null +++ b/resources/templates/vat/classify_add_session.vat @@ -0,0 +1 @@ +classify_add_del_session acl-hit-next {acl_method} table-index {table_index} skip_n {skip_n} match_n {match_n} match l3 {ip_version} {direction} {address} \ No newline at end of file diff --git a/resources/templates/vat/classify_add_table.vat b/resources/templates/vat/classify_add_table.vat new file mode 100644 index 0000000000..fea8926a68 --- /dev/null +++ b/resources/templates/vat/classify_add_table.vat @@ -0,0 +1 @@ +classify_add_del_table mask l3 {ip_version} {direction} \ No newline at end of file diff --git a/resources/templates/vat/input_acl_int.vat b/resources/templates/vat/input_acl_int.vat new file mode 100644 index 0000000000..c9d7441796 --- /dev/null +++ b/resources/templates/vat/input_acl_int.vat @@ -0,0 +1 @@ +input_acl_set_interface sw_if_index {sw_if_index} {ip_version}-table {table_index} \ No newline at end of file -- cgit 1.2.3-korg