summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorJakub Grajciar <jgrajcia@cisco.com>2019-05-27 12:23:57 +0200
committerDamjan Marion <dmarion@me.com>2019-05-28 15:35:54 +0000
commitf34f1a424ec9d01533c9979863ac259623d05740 (patch)
tree17c65325e69d5b21e65a48e7f89fe005312398f5
parenta618e2082dfcda0aedba19b80e50e29667740602 (diff)
l2tp: l2tp-decap-local don't accept packets unless configured
Change-Id: I2e48eb772dc44912192d0684b8ee631d8d975e9e Signed-off-by: Jakub Grajciar <jgrajcia@cisco.com>
-rw-r--r--src/vnet/l2tp/decap.c8
-rw-r--r--src/vnet/l2tp/l2tp.c9
-rw-r--r--src/vnet/l2tp/l2tp.h3
-rw-r--r--test/test_l2tp.py48
4 files changed, 58 insertions, 10 deletions
diff --git a/src/vnet/l2tp/decap.c b/src/vnet/l2tp/decap.c
index 5fc25f55226..787cc115a7e 100644
--- a/src/vnet/l2tp/decap.c
+++ b/src/vnet/l2tp/decap.c
@@ -292,14 +292,6 @@ VLIB_REGISTER_NODE (l2t_decap_local_node) = {
};
/* *INDENT-ON* */
-#ifndef CLIB_MARCH_VARIANT
-void
-l2tp_decap_init (void)
-{
- ip6_register_protocol (IP_PROTOCOL_L2TP, l2t_decap_local_node.index);
-}
-#endif /* CLIB_MARCH_VARIANT */
-
/*
* fd.io coding-style-patch-verification: ON
*
diff --git a/src/vnet/l2tp/l2tp.c b/src/vnet/l2tp/l2tp.c
index 6758db39c17..42ecfa619a5 100644
--- a/src/vnet/l2tp/l2tp.c
+++ b/src/vnet/l2tp/l2tp.c
@@ -399,6 +399,12 @@ create_l2tpv3_ipv6_tunnel (l2t_main_t * lm,
if (sw_if_index)
*sw_if_index = hi->sw_if_index;
+ if (!lm->proto_registered)
+ {
+ ip6_register_protocol (IP_PROTOCOL_L2TP, l2t_decap_local_node.index);
+ lm->proto_registered = true;
+ }
+
return 0;
}
@@ -729,9 +735,10 @@ l2tp_init (vlib_main_t * vm)
pi = ip_get_protocol_info (im, IP_PROTOCOL_L2TP);
pi->unformat_pg_edit = unformat_pg_l2tp_header;
+ lm->proto_registered = false;
+
/* insure these nodes are included in build */
l2tp_encap_init (vm);
- l2tp_decap_init ();
return 0;
}
diff --git a/src/vnet/l2tp/l2tp.h b/src/vnet/l2tp/l2tp.h
index a91f00c282a..49873380057 100644
--- a/src/vnet/l2tp/l2tp.h
+++ b/src/vnet/l2tp/l2tp.h
@@ -80,6 +80,8 @@ typedef struct
vlib_main_t *vlib_main;
vnet_main_t *vnet_main;
+ bool proto_registered;
+
} l2t_main_t;
/* Packet trace structure */
@@ -118,7 +120,6 @@ typedef struct
uword unformat_pg_l2tp_header (unformat_input_t * input, va_list * args);
void l2tp_encap_init (vlib_main_t * vm);
-void l2tp_decap_init (void);
int create_l2tpv3_ipv6_tunnel (l2t_main_t * lm,
ip6_address_t * client_address,
ip6_address_t * our_address,
diff --git a/test/test_l2tp.py b/test/test_l2tp.py
new file mode 100644
index 00000000000..1d229e6e356
--- /dev/null
+++ b/test/test_l2tp.py
@@ -0,0 +1,48 @@
+#!/usr/bin/env python
+
+import unittest
+
+from scapy.layers.l2 import Ether
+from scapy.layers.inet6 import IPv6
+
+from framework import VppTestCase
+
+
+class TestL2tp(VppTestCase):
+ """ L2TP Test Case """
+
+ @classmethod
+ def setUpClass(cls):
+ super(TestL2tp, cls).setUpClass()
+
+ cls.create_pg_interfaces(range(1))
+ cls.pg0.admin_up()
+ cls.pg0.config_ip6()
+
+ def test_l2tp_decap_local(self):
+ """ L2TP don't accept packets unless configured """
+
+ pkt = (Ether(dst=self.pg0.local_mac, src=self.pg0.remote_mac) /
+ IPv6(src=self.pg0.remote_ip6, dst=self.pg0.local_ip6, nh=115))
+
+ self.pg0.add_stream(pkt)
+ self.pg_start()
+
+ # l2tp should not accept packets
+ err = self.statistics.get_counter(
+ '/err/l2tp-decap-local/l2tpv3 session not found')[0]
+ self.assertEqual(err, 0)
+ err_count = err
+
+ self.vapi.l2tpv3_create_tunnel(client_address=self.pg0.local_ip6n,
+ our_address=self.pg0.remote_ip6n,
+ is_ipv6=1)
+
+ self.pg0.add_stream(pkt)
+ self.pg_start()
+
+ # l2tp accepts packets
+ err = self.statistics.get_counter(
+ '/err/l2tp-decap-local/l2tpv3 session not found')[0]
+ self.assertEqual(err, 1)
+ err_count = err