diff options
| author |   Neale Ranns <nranns@cisco.com> | 2019-12-23 04:10:25 +0000 |
|---|---|---|
| committer | Neale Ranns <nranns@cisco.com> | 2019-12-23 21:39:23 +0000 |
| commit | 4a56f4e48f39f9e0560833115f85270c0c04b57f (patch) | |
| tree | da9d30b72cf953008bd3e15140219ba1240b5ba4 /test/template_ipsec.py | |
| parent | 1de7167e7a12a80cc5996959aeb1fbe4b2853ccb (diff) | |
ipsec: Test and fix IPSec worker hand-off
Type: fix
Change-Id: I5cb9a3845ddbc5f4de4eb4e9c481f606fe5cec9a
Signed-off-by: Neale Ranns <nranns@cisco.com>
Diffstat (limited to 'test/template_ipsec.py')
| -rw-r--r-- | test/template_ipsec.py | 79 |
1 files changed, 70 insertions, 9 deletions
diff --git a/test/template_ipsec.py b/test/template_ipsec.py index 034bc8ecf45..bcfc0d9253a 100644 --- a/test/template_ipsec.py +++ b/test/template_ipsec.py @@ -660,21 +660,21 @@ class IpsecTra46Tests(IpsecTra4Tests, IpsecTra6Tests): class IpsecTun4(object): """ verify methods for Tunnel v4 """ - def verify_counters4(self, p, count, n_frags=None): + def verify_counters4(self, p, count, n_frags=None, worker=None): if not n_frags: n_frags = count if (hasattr(p, "spd_policy_in_any")): - pkts = p.spd_policy_in_any.get_stats()['packets'] + pkts = p.spd_policy_in_any.get_stats(worker)['packets'] self.assertEqual(pkts, count, "incorrect SPD any policy: expected %d != %d" % (count, pkts)) if (hasattr(p, "tun_sa_in")): - pkts = p.tun_sa_in.get_stats()['packets'] + pkts = p.tun_sa_in.get_stats(worker)['packets'] self.assertEqual(pkts, count, "incorrect SA in counts: expected %d != %d" % (count, pkts)) - pkts = p.tun_sa_out.get_stats()['packets'] + pkts = p.tun_sa_out.get_stats(worker)['packets'] self.assertEqual(pkts, count, "incorrect SA out counts: expected %d != %d" % (count, pkts)) @@ -840,14 +840,14 @@ class IpsecTun4Tests(IpsecTun4): class IpsecTun6(object): """ verify methods for Tunnel v6 """ - def verify_counters6(self, p_in, p_out, count): + def verify_counters6(self, p_in, p_out, count, worker=None): if (hasattr(p_in, "tun_sa_in")): - pkts = p_in.tun_sa_in.get_stats()['packets'] + pkts = p_in.tun_sa_in.get_stats(worker)['packets'] self.assertEqual(pkts, count, "incorrect SA in counts: expected %d != %d" % (count, pkts)) if (hasattr(p_out, "tun_sa_out")): - pkts = p_out.tun_sa_out.get_stats()['packets'] + pkts = p_out.tun_sa_out.get_stats(worker)['packets'] self.assertEqual(pkts, count, "incorrect SA out counts: expected %d != %d" % (count, pkts)) @@ -908,8 +908,7 @@ class IpsecTun6(object): dst=p_out.remote_tun_if_host, count=count, payload_size=payload_size) - recv_pkts = self.send_and_expect(self.pg1, send_pkts, - self.tun_if) + recv_pkts = self.send_and_expect(self.pg1, send_pkts, self.tun_if) self.verify_encrypted6(p_out, p_out.vpp_tun_sa, recv_pkts) finally: @@ -1002,6 +1001,68 @@ class IpsecTun6Tests(IpsecTun6): self.verify_tun_66(self.params[socket.AF_INET6], count=257) +class IpsecTun6HandoffTests(IpsecTun6): + """ UT test methods for Tunnel v6 with multiple workers """ + worker_config = "workers 2" + + def test_tun_handoff_66(self): + """ ipsec 6o6 tunnel worker hand-off test """ + N_PKTS = 15 + p = self.params[socket.AF_INET6] + + # inject alternately on worker 0 and 1. all counts on the SA + # should be against worker 0 + for worker in [0, 1, 0, 1]: + send_pkts = self.gen_encrypt_pkts6(p.scapy_tun_sa, self.tun_if, + src=p.remote_tun_if_host, + dst=self.pg1.remote_ip6, + count=N_PKTS) + recv_pkts = self.send_and_expect(self.tun_if, send_pkts, + self.pg1, worker=worker) + self.verify_decrypted6(p, recv_pkts) + + send_pkts = self.gen_pkts6(self.pg1, src=self.pg1.remote_ip6, + dst=p.remote_tun_if_host, + count=N_PKTS) + recv_pkts = self.send_and_expect(self.pg1, send_pkts, + self.tun_if, worker=worker) + self.verify_encrypted6(p, p.vpp_tun_sa, recv_pkts) + + # all counts against the first worker that was used + self.verify_counters6(p, p, 4*N_PKTS, worker=0) + + +class IpsecTun4HandoffTests(IpsecTun4): + """ UT test methods for Tunnel v4 with multiple workers """ + worker_config = "workers 2" + + def test_tun_handooff_44(self): + """ ipsec 4o4 tunnel worker hand-off test """ + N_PKTS = 15 + p = self.params[socket.AF_INET] + + # inject alternately on worker 0 and 1. all counts on the SA + # should be against worker 0 + for worker in [0, 1, 0, 1]: + send_pkts = self.gen_encrypt_pkts(p.scapy_tun_sa, self.tun_if, + src=p.remote_tun_if_host, + dst=self.pg1.remote_ip4, + count=N_PKTS) + recv_pkts = self.send_and_expect(self.tun_if, send_pkts, + self.pg1, worker=worker) + self.verify_decrypted(p, recv_pkts) + + send_pkts = self.gen_pkts(self.pg1, src=self.pg1.remote_ip4, + dst=p.remote_tun_if_host, + count=N_PKTS) + recv_pkts = self.send_and_expect(self.pg1, send_pkts, + self.tun_if, worker=worker) + self.verify_encrypted(p, p.vpp_tun_sa, recv_pkts) + + # all counts against the first worker that was used + self.verify_counters4(p, 4*N_PKTS, worker=0) + + class IpsecTun46Tests(IpsecTun4Tests, IpsecTun6Tests): """ UT test methods for Tunnel v6 & v4 """ pass |