summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
-rw-r--r--test/test_wireguard.py42
1 files changed, 13 insertions, 29 deletions
diff --git a/test/test_wireguard.py b/test/test_wireguard.py
index 7e5ef5b3616..e9caa8d2454 100644
--- a/test/test_wireguard.py
+++ b/test/test_wireguard.py
@@ -42,7 +42,6 @@ from vpp_pg_interface import is_ipv6_misc
from vpp_ip_route import VppIpRoute, VppRoutePath
from vpp_object import VppObject
from vpp_papi import VppEnum
-from framework import tag_fixme_ubuntu2204, tag_fixme_debian11
from framework import is_distro_ubuntu2204, is_distro_debian11
from framework import VppTestCase
from re import compile
@@ -502,8 +501,6 @@ def is_handshake_init(p):
return wg_p[Wireguard].message_type == 1
-@tag_fixme_ubuntu2204
-@tag_fixme_debian11
class TestWg(VppTestCase):
"""Wireguard Test Case"""
@@ -989,36 +986,25 @@ class TestWg(VppTestCase):
rxs = self.send_and_expect(self.pg1, [init_2], self.pg1)
peer_2.consume_cookie(rxs[0])
- # (peer_1) prepare and send a bunch of handshake initiations with correct mac2
- # expect no ratelimiting and a handshake response
+ # (peer_1) (peer_2) prepare and send a bunch of handshake initiations with correct mac2
+ # expect a handshake response and then ratelimiting
+ PEER_1_NUM_TO_REJECT = 2
+ PEER_2_NUM_TO_REJECT = 5
init_1 = peer_1.mk_handshake(self.pg1)
- txs = [init_1] * HANDSHAKE_NUM_BEFORE_RATELIMITING
- rxs = self.send_and_expect_some(self.pg1, txs, self.pg1)
- self.assertEqual(
- self.base_ratelimited4_err,
- self.statistics.get_err_counter(self.ratelimited4_err),
- )
-
- # (peer_1) verify the response
- peer_1.consume_response(rxs[0])
- peer_1.noise_reset()
-
- # (peer_1) send another two handshake initiations with correct mac2
- # expect ratelimiting
- # (peer_2) prepare and send a handshake initiation with correct mac2
- # expect no ratelimiting and a handshake response
+ txs = [init_1] * (HANDSHAKE_NUM_BEFORE_RATELIMITING + PEER_1_NUM_TO_REJECT)
init_2 = peer_2.mk_handshake(self.pg1)
- txs = [init_1, init_2, init_1]
+ txs += [init_2] * (HANDSHAKE_NUM_BEFORE_RATELIMITING + PEER_2_NUM_TO_REJECT)
rxs = self.send_and_expect_some(self.pg1, txs, self.pg1)
- # (peer_1) verify ratelimiting
- self.assertEqual(
- self.base_ratelimited4_err + 2,
- self.statistics.get_err_counter(self.ratelimited4_err),
+ self.assertTrue(
+ self.base_ratelimited4_err + PEER_1_NUM_TO_REJECT
+ < self.statistics.get_err_counter(self.ratelimited4_err)
+ <= self.base_ratelimited4_err + PEER_1_NUM_TO_REJECT + PEER_2_NUM_TO_REJECT
)
- # (peer_2) verify the response
- peer_2.consume_response(rxs[0])
+ # (peer_1) (peer_2) verify the response
+ peer_1.consume_response(rxs[0])
+ peer_2.consume_response(rxs[1])
# clear up under load state
self.sleep(UNDER_LOAD_INTERVAL)
@@ -2393,8 +2379,6 @@ class TestWg(VppTestCase):
wg0.remove_vpp_config()
-@tag_fixme_ubuntu2204
-@tag_fixme_debian11
class WireguardHandoffTests(TestWg):
"""Wireguard Tests in multi worker setup"""