summaryrefslogtreecommitdiffstats
path: root/src/plugins/ikev2/test
diff options
context:
space:
mode:
authorFilip Tehlar <ftehlar@cisco.com>2020-10-30 04:47:44 +0000
committerFilip Tehlar <ftehlar@cisco.com>2020-10-31 02:58:24 +0000
commitd7fc12f07313f9147159f2562f6fcc928af7a963 (patch)
treeb890f17a30d8fde4faca0efdedb1e81bb55e8bd1 /src/plugins/ikev2/test
parent68ad6258374201ba8f0dc052e6f44d6250555249 (diff)
ikev2: add option to disable NAT traversal
Type: feature Ticket: VPP-1935 Change-Id: I705f84047b112279377590157a1c7b4a34f693d2 Signed-off-by: Filip Tehlar <ftehlar@cisco.com>
Diffstat (limited to 'src/plugins/ikev2/test')
-rw-r--r--src/plugins/ikev2/test/test_ikev2.py6
-rw-r--r--src/plugins/ikev2/test/vpp_ikev2.py7
2 files changed, 13 insertions, 0 deletions
diff --git a/src/plugins/ikev2/test/test_ikev2.py b/src/plugins/ikev2/test/test_ikev2.py
index 91cec8e9a62..d065d46e8eb 100644
--- a/src/plugins/ikev2/test/test_ikev2.py
+++ b/src/plugins/ikev2/test/test_ikev2.py
@@ -1393,6 +1393,8 @@ class TestApi(VppTestCase):
p.set_lifetime_data(cfg['lifetime_data'])
if 'tun_itf' in cfg:
p.set_tunnel_interface(cfg['tun_itf'])
+ if 'natt_disabled' in cfg and cfg['natt_disabled']:
+ p.disable_natt()
p.add_vpp_config()
return p
@@ -1431,6 +1433,7 @@ class TestApi(VppTestCase):
conf = {
'p1': {
'name': 'p1',
+ 'natt_disabled': True,
'loc_id': ('fqdn', b'vpp.home'),
'rem_id': ('fqdn', b'roadwarrior.example.com'),
'loc_ts': loc_ts4,
@@ -1534,6 +1537,9 @@ class TestApi(VppTestCase):
self.verify_ike_transforms(ap.ike_ts, cp['ike_ts'])
self.verify_esp_transforms(ap.esp_ts, cp['esp_ts'])
self.verify_auth(ap.auth, cp['auth'])
+ natt_dis = False if 'natt_disabled' not in cp else cp['natt_disabled']
+ self.assertTrue(natt_dis == ap.natt_disabled)
+
if 'lifetime_data' in cp:
self.verify_lifetime_data(ap, cp['lifetime_data'])
self.assertEqual(ap.ipsec_over_udp_port, cp['ipsec_over_udp_port'])
diff --git a/src/plugins/ikev2/test/vpp_ikev2.py b/src/plugins/ikev2/test/vpp_ikev2.py
index 6ae30201450..dd1c3fc986e 100644
--- a/src/plugins/ikev2/test/vpp_ikev2.py
+++ b/src/plugins/ikev2/test/vpp_ikev2.py
@@ -27,6 +27,10 @@ class Profile(VppObject):
self.vapi = test.vapi
self.profile_name = profile_name
self.udp_encap = False
+ self.natt = True
+
+ def disable_natt(self):
+ self.natt = False
def add_auth(self, method, data, is_hex=False):
if isinstance(method, int):
@@ -156,6 +160,9 @@ class Profile(VppObject):
self.vapi.ikev2_set_tunnel_interface(name=self.profile_name,
sw_if_index=self.tun_itf)
+ if not self.natt:
+ self.vapi.ikev2_profile_disable_natt(name=self.profile_name)
+
def query_vpp_config(self):
res = self.vapi.ikev2_profile_dump()
for r in res: