aboutsummaryrefslogtreecommitdiffstats
path: root/src/vnet
diff options
context:
space:
mode:
Diffstat (limited to 'src/vnet')
-rw-r--r--src/vnet/gre/test/test_gre.py1275
1 files changed, 1275 insertions, 0 deletions
diff --git a/src/vnet/gre/test/test_gre.py b/src/vnet/gre/test/test_gre.py
new file mode 100644
index 00000000000..7a249998829
--- /dev/null
+++ b/src/vnet/gre/test/test_gre.py
@@ -0,0 +1,1275 @@
+#!/usr/bin/env python3
+
+import unittest
+
+import scapy.compat
+from scapy.packet import Raw
+from scapy.layers.l2 import Ether, Dot1Q, GRE
+from scapy.layers.inet import IP, UDP
+from scapy.layers.inet6 import IPv6
+from scapy.volatile import RandMAC, RandIP
+
+from framework import VppTestCase, VppTestRunner
+from vpp_sub_interface import L2_VTR_OP, VppDot1QSubint
+from vpp_gre_interface import VppGreInterface
+from vpp_teib import VppTeib
+from vpp_ip import DpoProto
+from vpp_ip_route import VppIpRoute, VppRoutePath, VppIpTable, FibPathProto, \
+ VppMplsLabel
+from vpp_mpls_tunnel_interface import VppMPLSTunnelInterface
+from util import ppp, ppc
+from vpp_papi import VppEnum
+
+
+class TestGREInputNodes(VppTestCase):
+ """ GRE Input Nodes Test Case """
+
+ def setUp(self):
+ super(TestGREInputNodes, self).setUp()
+
+ # create 3 pg interfaces - set one in a non-default table.
+ self.create_pg_interfaces(range(1))
+
+ for i in self.pg_interfaces:
+ i.admin_up()
+ i.config_ip4()
+
+ def tearDown(self):
+ for i in self.pg_interfaces:
+ i.unconfig_ip4()
+ i.admin_down()
+ super(TestGREInputNodes, self).tearDown()
+
+ def test_gre_input_node(self):
+ """ GRE gre input nodes not registerd unless configured """
+ pkt = (Ether(dst=self.pg0.local_mac, src=self.pg0.remote_mac) /
+ IP(src=self.pg0.remote_ip4, dst=self.pg0.local_ip4) /
+ GRE())
+
+ self.pg0.add_stream(pkt)
+ self.pg_start()
+ # no tunnel created, gre-input not registered
+ err = self.statistics.get_counter(
+ '/err/ip4-local/unknown ip protocol')[0]
+ self.assertEqual(err, 1)
+ err_count = err
+
+ # create gre tunnel
+ gre_if = VppGreInterface(self, self.pg0.local_ip4, "1.1.1.2")
+ gre_if.add_vpp_config()
+
+ self.pg0.add_stream(pkt)
+ self.pg_start()
+ # tunnel created, gre-input registered
+ err = self.statistics.get_counter(
+ '/err/ip4-local/unknown ip protocol')[0]
+ # expect no new errors
+ self.assertEqual(err, err_count)
+
+
+class TestGRE(VppTestCase):
+ """ GRE Test Case """
+
+ @classmethod
+ def setUpClass(cls):
+ super(TestGRE, cls).setUpClass()
+
+ @classmethod
+ def tearDownClass(cls):
+ super(TestGRE, cls).tearDownClass()
+
+ def setUp(self):
+ super(TestGRE, self).setUp()
+
+ # create 3 pg interfaces - set one in a non-default table.
+ self.create_pg_interfaces(range(5))
+
+ self.tbl = VppIpTable(self, 1)
+ self.tbl.add_vpp_config()
+ self.pg1.set_table_ip4(1)
+
+ for i in self.pg_interfaces:
+ i.admin_up()
+
+ self.pg0.config_ip4()
+ self.pg0.resolve_arp()
+ self.pg1.config_ip4()
+ self.pg1.resolve_arp()
+ self.pg2.config_ip6()
+ self.pg2.resolve_ndp()
+ self.pg3.config_ip4()
+ self.pg3.resolve_arp()
+ self.pg4.config_ip4()
+ self.pg4.resolve_arp()
+
+ def tearDown(self):
+ for i in self.pg_interfaces:
+ i.unconfig_ip4()
+ i.unconfig_ip6()
+ i.admin_down()
+ self.pg1.set_table_ip4(0)
+ super(TestGRE, self).tearDown()
+
+ def create_stream_ip4(self, src_if, src_ip, dst_ip, dscp=0, ecn=0):
+ pkts = []
+ tos = (dscp << 2) | ecn
+ for i in range(0, 257):
+ info = self.create_packet_info(src_if, src_if)
+ payload = self.info_to_payload(info)
+ p = (Ether(dst=src_if.local_mac, src=src_if.remote_mac) /
+ IP(src=src_ip, dst=dst_ip, tos=tos) /
+ UDP(sport=1234, dport=1234) /
+ Raw(payload))
+ info.data = p.copy()
+ pkts.append(p)
+ return pkts
+
+ def create_stream_ip6(self, src_if, src_ip, dst_ip, dscp=0, ecn=0):
+ pkts = []
+ tc = (dscp << 2) | ecn
+ for i in range(0, 257):
+ info = self.create_packet_info(src_if, src_if)
+ payload = self.info_to_payload(info)
+ p = (Ether(dst=src_if.local_mac, src=src_if.remote_mac) /
+ IPv6(src=src_ip, dst=dst_ip, tc=tc) /
+ UDP(sport=1234, dport=1234) /
+ Raw(payload))
+ info.data = p.copy()
+ pkts.append(p)
+ return pkts
+
+ def create_tunnel_stream_4o4(self, src_if,
+ tunnel_src, tunnel_dst,
+ src_ip, dst_ip):
+ pkts = []
+ for i in range(0, 257):
+ info = self.create_packet_info(src_if, src_if)
+ payload = self.info_to_payload(info)
+ p = (Ether(dst=src_if.local_mac, src=src_if.remote_mac) /
+ IP(src=tunnel_src, dst=tunnel_dst) /
+ GRE() /
+ IP(src=src_ip, dst=dst_ip) /
+ UDP(sport=1234, dport=1234) /
+ Raw(payload))
+ info.data = p.copy()
+ pkts.append(p)
+ return pkts
+
+ def create_tunnel_stream_6o4(self, src_if,
+ tunnel_src, tunnel_dst,
+ src_ip, dst_ip):
+ pkts = []
+ for i in range(0, 257):
+ info = self.create_packet_info(src_if, src_if)
+ payload = self.info_to_payload(info)
+ p = (Ether(dst=src_if.local_mac, src=src_if.remote_mac) /
+ IP(src=tunnel_src, dst=tunnel_dst) /
+ GRE() /
+ IPv6(src=src_ip, dst=dst_ip) /
+ UDP(sport=1234, dport=1234) /
+ Raw(payload))
+ info.data = p.copy()
+ pkts.append(p)
+ return pkts
+
+ def create_tunnel_stream_6o6(self, src_if,
+ tunnel_src, tunnel_dst,
+ src_ip, dst_ip):
+ pkts = []
+ for i in range(0, 257):
+ info = self.create_packet_info(src_if, src_if)
+ payload = self.info_to_payload(info)
+ p = (Ether(dst=src_if.local_mac, src=src_if.remote_mac) /
+ IPv6(src=tunnel_src, dst=tunnel_dst) /
+ GRE() /
+ IPv6(src=src_ip, dst=dst_ip) /
+ UDP(sport=1234, dport=1234) /
+ Raw(payload))
+ info.data = p.copy()
+ pkts.append(p)
+ return pkts
+
+ def create_tunnel_stream_l2o4(self, src_if,
+ tunnel_src, tunnel_dst):
+ pkts = []
+ for i in range(0, 257):
+ info = self.create_packet_info(src_if, src_if)
+ payload = self.info_to_payload(info)
+ p = (Ether(dst=src_if.local_mac, src=src_if.remote_mac) /
+ IP(src=tunnel_src, dst=tunnel_dst) /
+ GRE() /
+ Ether(dst=RandMAC('*:*:*:*:*:*'),
+ src=RandMAC('*:*:*:*:*:*')) /
+ IP(src=scapy.compat.raw(RandIP()),
+ dst=scapy.compat.raw(RandIP())) /
+ UDP(sport=1234, dport=1234) /
+ Raw(payload))
+ info.data = p.copy()
+ pkts.append(p)
+ return pkts
+
+ def create_tunnel_stream_vlano4(self, src_if,
+ tunnel_src, tunnel_dst, vlan):
+ pkts = []
+ for i in range(0, 257):
+ info = self.create_packet_info(src_if, src_if)
+ payload = self.info_to_payload(info)
+ p = (Ether(dst=src_if.local_mac, src=src_if.remote_mac) /
+ IP(src=tunnel_src, dst=tunnel_dst) /
+ GRE() /
+ Ether(dst=RandMAC('*:*:*:*:*:*'),
+ src=RandMAC('*:*:*:*:*:*')) /
+ Dot1Q(vlan=vlan) /
+ IP(src=scapy.compat.raw(RandIP()),
+ dst=scapy.compat.raw(RandIP())) /
+ UDP(sport=1234, dport=1234) /
+ Raw(payload))
+ info.data = p.copy()
+ pkts.append(p)
+ return pkts
+
+ def verify_tunneled_4o4(self, src_if, capture, sent,
+ tunnel_src, tunnel_dst,
+ dscp=0, ecn=0):
+
+ self.assertEqual(len(capture), len(sent))
+ tos = (dscp << 2) | ecn
+
+ for i in range(len(capture)):
+ try:
+ tx = sent[i]
+ rx = capture[i]
+
+ tx_ip = tx[IP]
+ rx_ip = rx[IP]
+
+ self.assertEqual(rx_ip.src, tunnel_src)
+ self.assertEqual(rx_ip.dst, tunnel_dst)
+ self.assertEqual(rx_ip.tos, tos)
+ self.assertEqual(rx_ip.len, len(rx_ip))
+
+ rx_gre = rx[GRE]
+ rx_ip = rx_gre[IP]
+
+ self.assertEqual(rx_ip.src, tx_ip.src)
+ self.assertEqual(rx_ip.dst, tx_ip.dst)
+ # IP processing post pop has decremented the TTL
+ self.assertEqual(rx_ip.ttl + 1, tx_ip.ttl)
+
+ except:
+ self.logger.error(ppp("Rx:", rx))
+ self.logger.error(ppp("Tx:", tx))
+ raise
+
+ def verify_tunneled_6o6(self, src_if, capture, sent,
+ tunnel_src, tunnel_dst,
+ dscp=0, ecn=0):
+
+ self.assertEqual(len(capture), len(sent))
+ tc = (dscp << 2) | ecn
+
+ for i in range(len(capture)):
+ try:
+ tx = sent[i]
+ rx = capture[i]
+
+ tx_ip = tx[IPv6]
+ rx_ip = rx[IPv6]
+
+ self.assertEqual(rx_ip.src, tunnel_src)
+ self.assertEqual(rx_ip.dst, tunnel_dst)
+ self.assertEqual(rx_ip.tc, tc)
+
+ rx_gre = GRE(scapy.compat.raw(rx_ip[IPv6].payload))
+
+ self.assertEqual(rx_ip.plen, len(rx_gre))
+
+ rx_ip = rx_gre[IPv6]
+
+ self.assertEqual(rx_ip.src, tx_ip.src)
+ self.assertEqual(rx_ip.dst, tx_ip.dst)
+
+ except:
+ self.logger.error(ppp("Rx:", rx))
+ self.logger.error(ppp("Tx:", tx))
+ raise
+
+ def verify_tunneled_4o6(self, src_if, capture, sent,
+ tunnel_src, tunnel_dst):
+
+ self.assertEqual(len(capture), len(sent))
+
+ for i in range(len(capture)):
+ try:
+ tx = sent[i]
+ rx = capture[i]
+
+ rx_ip = rx[IPv6]
+
+ self.assertEqual(rx_ip.src, tunnel_src)
+ self.assertEqual(rx_ip.dst, tunnel_dst)
+
+ rx_gre = GRE(scapy.compat.raw(rx_ip[IPv6].payload))
+
+ self.assertEqual(rx_ip.plen, len(rx_gre))
+
+ tx_ip = tx[IP]
+ rx_ip = rx_gre[IP]
+
+ self.assertEqual(rx_ip.src, tx_ip.src)
+ self.assertEqual(rx_ip.dst, tx_ip.dst)
+
+ except:
+ self.logger.error(ppp("Rx:", rx))
+ self.logger.error(ppp("Tx:", tx))
+ raise
+
+ def verify_tunneled_6o4(self, src_if, capture, sent,
+ tunnel_src, tunnel_dst):
+
+ self.assertEqual(len(capture), len(sent))
+
+ for i in range(len(capture)):
+ try:
+ tx = sent[i]
+ rx = capture[i]
+
+ rx_ip = rx[IP]
+
+ self.assertEqual(rx_ip.src, tunnel_src)
+ self.assertEqual(rx_ip.dst, tunnel_dst)
+ self.assertEqual(rx_ip.len, len(rx_ip))
+
+ rx_gre = GRE(scapy.compat.raw(rx_ip[IP].payload))
+ rx_ip = rx_gre[IPv6]
+ tx_ip = tx[IPv6]
+
+ self.assertEqual(rx_ip.src, tx_ip.src)
+ self.assertEqual(rx_ip.dst, tx_ip.dst)
+
+ except:
+ self.logger.error(ppp("Rx:", rx))
+ self.logger.error(ppp("Tx:", tx))
+ raise
+
+ def verify_tunneled_l2o4(self, src_if, capture, sent,
+ tunnel_src, tunnel_dst):
+ self.assertEqual(len(capture), len(sent))
+
+ for i in range(len(capture)):
+ try:
+ tx = sent[i]
+ rx = capture[i]
+
+ tx_ip = tx[IP]
+ rx_ip = rx[IP]
+
+ self.assertEqual(rx_ip.src, tunnel_src)
+ self.assertEqual(rx_ip.dst, tunnel_dst)
+ self.assertEqual(rx_ip.len, len(rx_ip))
+
+ rx_gre = rx[GRE]
+ rx_l2 = rx_gre[Ether]
+ rx_ip = rx_l2[IP]
+ tx_gre = tx[GRE]
+ tx_l2 = tx_gre[Ether]
+ tx_ip = tx_l2[IP]
+
+ self.assertEqual(rx_ip.src, tx_ip.src)
+ self.assertEqual(rx_ip.dst, tx_ip.dst)
+ # bridged, not L3 forwarded, so no TTL decrement
+ self.assertEqual(rx_ip.ttl, tx_ip.ttl)
+
+ except:
+ self.logger.error(ppp("Rx:", rx))
+ self.logger.error(ppp("Tx:", tx))
+ raise
+
+ def verify_tunneled_vlano4(self, src_if, capture, sent,
+ tunnel_src, tunnel_dst, vlan):
+ try:
+ self.assertEqual(len(capture), len(sent))
+ except:
+ ppc("Unexpected packets captured:", capture)
+ raise
+
+ for i in range(len(capture)):
+ try:
+ tx = sent[i]
+ rx = capture[i]
+
+ tx_ip = tx[IP]
+ rx_ip = rx[IP]
+
+ self.assertEqual(rx_ip.src, tunnel_src)
+ self.assertEqual(rx_ip.dst, tunnel_dst)
+
+ rx_gre = rx[GRE]
+ rx_l2 = rx_gre[Ether]
+ rx_vlan = rx_l2[Dot1Q]
+ rx_ip = rx_l2[IP]
+
+ self.assertEqual(rx_vlan.vlan, vlan)
+
+ tx_gre = tx[GRE]
+ tx_l2 = tx_gre[Ether]
+ tx_ip = tx_l2[IP]
+
+ self.assertEqual(rx_ip.src, tx_ip.src)
+ self.assertEqual(rx_ip.dst, tx_ip.dst)
+ # bridged, not L3 forwarded, so no TTL decrement
+ self.assertEqual(rx_ip.ttl, tx_ip.ttl)
+
+ except:
+ self.logger.error(ppp("Rx:", rx))
+ self.logger.error(ppp("Tx:", tx))
+ raise
+
+ def verify_decapped_4o4(self, src_if, capture, sent):
+ self.assertEqual(len(capture), len(sent))
+
+ for i in range(len(capture)):
+ try:
+ tx = sent[i]
+ rx = capture[i]
+
+ tx_ip = tx[IP]
+ rx_ip = rx[IP]
+ tx_gre = tx[GRE]
+ tx_ip = tx_gre[IP]
+
+ self.assertEqual(rx_ip.src, tx_ip.src)
+ self.assertEqual(rx_ip.dst, tx_ip.dst)
+ # IP processing post pop has decremented the TTL
+ self.assertEqual(rx_ip.ttl + 1, tx_ip.ttl)
+
+ except:
+ self.logger.error(ppp("Rx:", rx))
+ self.logger.error(ppp("Tx:", tx))
+ raise
+
+ def verify_decapped_6o4(self, src_if, capture, sent):
+ self.assertEqual(len(capture), len(sent))
+
+ for i in range(len(capture)):
+ try:
+ tx = sent[i]
+ rx = capture[i]
+
+ tx_ip = tx[IP]
+ rx_ip = rx[IPv6]
+ tx_gre = tx[GRE]
+ tx_ip = tx_gre[IPv6]
+
+ self.assertEqual(rx_ip.src, tx_ip.src)
+ self.assertEqual(rx_ip.dst, tx_ip.dst)
+ self.assertEqual(rx_ip.hlim + 1, tx_ip.hlim)
+
+ except:
+ self.logger.error(ppp("Rx:", rx))
+ self.logger.error(ppp("Tx:", tx))
+ raise
+
+ def verify_decapped_6o6(self, src_if, capture, sent):
+ self.assertEqual(len(capture), len(sent))
+
+ for i in range(len(capture)):
+ try:
+ tx = sent[i]
+ rx = capture[i]
+
+ tx_ip = tx[IPv6]
+ rx_ip = rx[IPv6]
+ tx_gre = tx[GRE]
+ tx_ip = tx_gre[IPv6]
+
+ self.assertEqual(rx_ip.src, tx_ip.src)
+ self.assertEqual(rx_ip.dst, tx_ip.dst)
+ self.assertEqual(rx_ip.hlim + 1, tx_ip.hlim)
+
+ except:
+ self.logger.error(ppp("Rx:", rx))
+ self.logger.error(ppp("Tx:", tx))
+ raise
+
+ def test_gre(self):
+ """ GRE IPv4 tunnel Tests """
+
+ #
+ # Create an L3 GRE tunnel.
+ # - set it admin up
+ # - assign an IP Addres
+ # - Add a route via the tunnel
+ #
+ gre_if = VppGreInterface(self,
+ self.pg0.local_ip4,
+ "1.1.1.2")
+ gre_if.add_vpp_config()
+
+ #
+ # The double create (create the same tunnel twice) should fail,
+ # and we should still be able to use the original
+ #
+ try:
+ gre_if.add_vpp_config()
+ except Exception:
+ pass
+ else:
+ self.fail("Double GRE tunnel add does not fail")
+
+ gre_if.admin_up()
+ gre_if.config_ip4()
+
+ route_via_tun = VppIpRoute(self, "4.4.4.4", 32,
+ [VppRoutePath("0.0.0.0",
+ gre_if.sw_if_index)])
+
+ route_via_tun.add_vpp_config()
+
+ #
+ # Send a packet stream that is routed into the tunnel
+ # - they are all dropped since the tunnel's destintation IP
+ # is unresolved - or resolves via the default route - which
+ # which is a drop.
+ #
+ tx = self.create_stream_ip4(self.pg0, "5.5.5.5", "4.4.4.4")
+
+ self.send_and_assert_no_replies(self.pg0, tx)
+
+ #
+ # Add a route that resolves the tunnel's destination
+ #
+ route_tun_dst = VppIpRoute(self, "1.1.1.2", 32,
+ [VppRoutePath(self.pg0.remote_ip4,
+ self.pg0.sw_if_index)])
+ route_tun_dst.add_vpp_config()
+
+ #
+ # Send a packet stream that is routed into the tunnel
+ # - packets are GRE encapped
+ #
+ tx = self.create_stream_ip4(self.pg0, "5.5.5.5", "4.4.4.4")
+ rx = self.send_and_expect(self.pg0, tx, self.pg0)
+ self.verify_tunneled_4o4(self.pg0, rx, tx,
+ self.pg0.local_ip4, "1.1.1.2")
+
+ #
+ # Send tunneled packets that match the created tunnel and
+ # are decapped and forwarded
+ #
+ tx = self.create_tunnel_stream_4o4(self.pg0,
+ "1.1.1.2",
+ self.pg0.local_ip4,
+ self.pg0.local_ip4,
+ self.pg0.remote_ip4)
+ rx = self.send_and_expect(self.pg0, tx, self.pg0)
+ self.verify_decapped_4o4(self.pg0, rx, tx)
+
+ #
+ # Send tunneled packets that do not match the tunnel's src
+ #
+ self.vapi.cli("clear trace")
+ tx = self.create_tunnel_stream_4o4(self.pg0,
+ "1.1.1.3",
+ self.pg0.local_ip4,
+ self.pg0.local_ip4,
+ self.pg0.remote_ip4)
+ self.send_and_assert_no_replies(
+ self.pg0, tx,
+ remark="GRE packets forwarded despite no SRC address match")
+
+ #
+ # Configure IPv6 on the PG interface so we can route IPv6
+ # packets
+ #
+ self.pg0.config_ip6()
+ self.pg0.resolve_ndp()
+
+ #
+ # Send IPv6 tunnel encapslated packets
+ # - dropped since IPv6 is not enabled on the tunnel
+ #
+ tx = self.create_tunnel_stream_6o4(self.pg0,
+ "1.1.1.2",
+ self.pg0.local_ip4,
+ self.pg0.local_ip6,
+ self.pg0.remote_ip6)
+ self.send_and_assert_no_replies(self.pg0, tx,
+ "IPv6 GRE packets forwarded "
+ "despite IPv6 not enabled on tunnel")
+
+ #
+ # Enable IPv6 on the tunnel
+ #
+ gre_if.config_ip6()
+
+ #
+ # Send IPv6 tunnel encapslated packets
+ # - forwarded since IPv6 is enabled on the tunnel
+ #
+ tx = self.create_tunnel_stream_6o4(self.pg0,
+ "1.1.1.2",
+ self.pg0.local_ip4,
+ self.pg0.local_ip6,
+ self.pg0.remote_ip6)
+ rx = self.send_and_expect(self.pg0, tx, self.pg0)
+ self.verify_decapped_6o4(self.pg0, rx, tx)
+
+ #
+ # Send v6 packets for v4 encap
+ #
+ route6_via_tun = VppIpRoute(
+ self, "2001::1", 128,
+ [VppRoutePath("::",
+ gre_if.sw_if_index,
+ proto=DpoProto.DPO_PROTO_IP6)])
+ route6_via_tun.add_vpp_config()
+
+ tx = self.create_stream_ip6(self.pg0, "2001::2", "2001::1")
+ rx = self.send_and_expect(self.pg0, tx, self.pg0)
+
+ self.verify_tunneled_6o4(self.pg0, rx, tx,
+ self.pg0.local_ip4, "1.1.1.2")
+
+ #
+ # add a labelled route through the tunnel
+ #
+ label_via_tun = VppIpRoute(self, "5.4.3.2", 32,
+ [VppRoutePath("0.0.0.0",
+ gre_if.sw_if_index,
+ labels=[VppMplsLabel(33)])])
+ label_via_tun.add_vpp_config()
+
+ tx = self.create_stream_ip4(self.pg0, "5.5.5.5", "5.4.3.2")
+ rx = self.send_and_expect(self.pg0, tx, self.pg0)
+ self.verify_tunneled_4o4(self.pg0, rx, tx,
+ self.pg0.local_ip4, "1.1.1.2")
+
+ #
+ # an MPLS tunnel over the GRE tunnel add a route through
+ # the mpls tunnel
+ #
+ mpls_tun = VppMPLSTunnelInterface(
+ self,
+ [VppRoutePath("0.0.0.0",
+ gre_if.sw_if_index,
+ labels=[VppMplsLabel(44),
+ VppMplsLabel(46)])])
+ mpls_tun.add_vpp_config()
+ mpls_tun.admin_up()
+
+ label_via_mpls = VppIpRoute(self, "5.4.3.1", 32,
+ [VppRoutePath("0.0.0.0",
+ mpls_tun.sw_if_index,
+ labels=[VppMplsLabel(33)])])
+ label_via_mpls.add_vpp_config()
+
+ tx = self.create_stream_ip4(self.pg0, "5.5.5.5", "5.4.3.1")
+ rx = self.send_and_expect(self.pg0, tx, self.pg0)
+ self.verify_tunneled_4o4(self.pg0, rx, tx,
+ self.pg0.local_ip4, "1.1.1.2")
+
+ mpls_tun_l2 = VppMPLSTunnelInterface(
+ self,
+ [VppRoutePath("0.0.0.0",
+ gre_if.sw_if_index,
+ labels=[VppMplsLabel(44),
+ VppMplsLabel(46)])],
+ is_l2=1)
+ mpls_tun_l2.add_vpp_config()
+ mpls_tun_l2.admin_up()
+
+ #
+ # test case cleanup
+ #
+ route_tun_dst.remove_vpp_config()
+ route_via_tun.remove_vpp_config()
+ route6_via_tun.remove_vpp_config()
+ label_via_mpls.remove_vpp_config()
+ label_via_tun.remove_vpp_config()
+ mpls_tun.remove_vpp_config()
+ mpls_tun_l2.remove_vpp_config()
+ gre_if.remove_vpp_config()
+
+ self.pg0.unconfig_ip6()
+
+ def test_gre6(self):
+ """ GRE IPv6 tunnel Tests """
+
+ self.pg1.config_ip6()
+ self.pg1.resolve_ndp()
+
+ #
+ # Create an L3 GRE tunnel.
+ # - set it admin up
+ # - assign an IP Address
+ # - Add a route via the tunnel
+ #
+ gre_if = VppGreInterface(self,
+ self.pg2.local_ip6,
+ "1002::1")
+ gre_if.add_vpp_config()
+ gre_if.admin_up()
+ gre_if.config_ip6()
+
+ route_via_tun = VppIpRoute(self, "4004::1", 128,
+ [VppRoutePath("0::0",
+ gre_if.sw_if_index)])
+
+ route_via_tun.add_vpp_config()
+
+ #
+ # Send a packet stream that is routed into the tunnel
+ # - they are all dropped since the tunnel's destintation IP
+ # is unresolved - or resolves via the default route - which
+ # which is a drop.
+ #
+ tx = self.create_stream_ip6(self.pg2, "5005::1", "4004::1")
+ self.send_and_assert_no_replies(
+ self.pg2, tx,
+ "GRE packets forwarded without DIP resolved")
+
+ #
+ # Add a route that resolves the tunnel's destination
+ #
+ route_tun_dst = VppIpRoute(self, "1002::1", 128,
+ [VppRoutePath(self.pg2.remote_ip6,
+ self.pg2.sw_if_index)])
+ route_tun_dst.add_vpp_config()
+
+ #
+ # Send a packet stream that is routed into the tunnel
+ # - packets are GRE encapped
+ #
+ tx = self.create_stream_ip6(self.pg2, "5005::1", "4004::1")
+ rx = self.send_and_expect(self.pg2, tx, self.pg2)
+ self.verify_tunneled_6o6(self.pg2, rx, tx,
+ self.pg2.local_ip6, "1002::1")
+
+ #
+ # Test decap. decapped packets go out pg1
+ #
+ tx = self.create_tunnel_stream_6o6(self.pg2,
+ "1002::1",
+ self.pg2.local_ip6,
+ "2001::1",
+ self.pg1.remote_ip6)
+ rx = self.send_and_expect(self.pg2, tx, self.pg1)
+
+ #
+ # RX'd packet is UDP over IPv6, test the GRE header is gone.
+ #
+ self.assertFalse(rx[0].haslayer(GRE))
+ self.assertEqual(rx[0][IPv6].dst, self.pg1.remote_ip6)
+
+ #
+ # Send v4 over v6
+ #
+ route4_via_tun = VppIpRoute(self, "1.1.1.1", 32,
+ [VppRoutePath("0.0.0.0",
+ gre_if.sw_if_index)])
+ route4_via_tun.add_vpp_config()
+
+ tx = self.create_stream_ip4(self.pg0, "1.1.1.2", "1.1.1.1")
+ rx = self.send_and_expect(self.pg0, tx, self.pg2)
+
+ self.verify_tunneled_4o6(self.pg0, rx, tx,
+ self.pg2.local_ip6, "1002::1")
+
+ #
+ # test case cleanup
+ #
+ route_tun_dst.remove_vpp_config()
+ route_via_tun.remove_vpp_config()
+ route4_via_tun.remove_vpp_config()
+ gre_if.remove_vpp_config()
+
+ self.pg2.unconfig_ip6()
+ self.pg1.unconfig_ip6()
+
+ def test_gre_vrf(self):
+ """ GRE tunnel VRF Tests """
+
+ e = VppEnum.vl_api_tunnel_encap_decap_flags_t
+
+ #
+ # Create an L3 GRE tunnel whose destination is in the non-default
+ # table. The underlay is thus non-default - the overlay is still
+ # the default.
+ # - set it admin up
+ # - assign an IP Addres
+ #
+ gre_if = VppGreInterface(
+ self, self.pg1.local_ip4,
+ "2.2.2.2",
+ outer_table_id=1,
+ flags=(e.TUNNEL_API_ENCAP_DECAP_FLAG_ENCAP_COPY_DSCP |
+ e.TUNNEL_API_ENCAP_DECAP_FLAG_ENCAP_COPY_ECN))
+
+ gre_if.add_vpp_config()
+ gre_if.admin_up()
+ gre_if.config_ip4()
+
+ #
+ # Add a route via the tunnel - in the overlay
+ #
+ route_via_tun = VppIpRoute(self, "9.9.9.9", 32,
+ [VppRoutePath("0.0.0.0",
+ gre_if.sw_if_index)])
+ route_via_tun.add_vpp_config()
+
+ #
+ # Add a route that resolves the tunnel's destination - in the
+ # underlay table
+ #
+ route_tun_dst = VppIpRoute(self, "2.2.2.2", 32, table_id=1,
+ paths=[VppRoutePath(self.pg1.remote_ip4,
+ self.pg1.sw_if_index)])
+ route_tun_dst.add_vpp_config()
+
+ #
+ # Send a packet stream that is routed into the tunnel
+ # packets are sent in on pg0 which is in the default table
+ # - packets are GRE encapped
+ #
+ self.vapi.cli("clear trace")
+ tx = self.create_stream_ip4(self.pg0, "5.5.5.5", "9.9.9.9",
+ dscp=5, ecn=3)
+ rx = self.send_and_expect(self.pg0, tx, self.pg1)
+ self.verify_tunneled_4o4(self.pg1, rx, tx,
+ self.pg1.local_ip4, "2.2.2.2",
+ dscp=5, ecn=3)
+
+ #
+ # Send tunneled packets that match the created tunnel and
+ # are decapped and forwarded. This tests the decap lookup
+ # does not happen in the encap table
+ #
+ self.vapi.cli("clear trace")
+ tx = self.create_tunnel_stream_4o4(self.pg1,
+ "2.2.2.2",
+ self.pg1.local_ip4,
+ self.pg0.local_ip4,
+ self.pg0.remote_ip4)
+ rx = self.send_and_expect(self.pg1, tx, self.pg0)
+ self.verify_decapped_4o4(self.pg0, rx, tx)
+
+ #
+ # Send tunneled packets that match the created tunnel
+ # but arrive on an interface that is not in the tunnel's
+ # encap VRF, these are dropped.
+ # IP enable the interface so they aren't dropped due to
+ # IP not being enabled.
+ #
+ self.pg2.config_ip4()
+ self.vapi.cli("clear trace")
+ tx = self.create_tunnel_stream_4o4(self.pg2,
+ "2.2.2.2",
+ self.pg1.local_ip4,
+ self.pg0.local_ip4,
+ self.pg0.remote_ip4)
+ rx = self.send_and_assert_no_replies(
+ self.pg2, tx,
+ "GRE decap packets in wrong VRF")
+
+ self.pg2.unconfig_ip4()
+
+ #
+ # test case cleanup
+ #
+ route_tun_dst.remove_vpp_config()
+ route_via_tun.remove_vpp_config()
+ gre_if.remove_vpp_config()
+
+ def test_gre_l2(self):
+ """ GRE tunnel L2 Tests """
+
+ #
+ # Add routes to resolve the tunnel destinations
+ #
+ route_tun1_dst = VppIpRoute(self, "2.2.2.2", 32,
+ [VppRoutePath(self.pg0.remote_ip4,
+ self.pg0.sw_if_index)])
+ route_tun2_dst = VppIpRoute(self, "2.2.2.3", 32,
+ [VppRoutePath(self.pg0.remote_ip4,
+ self.pg0.sw_if_index)])
+
+ route_tun1_dst.add_vpp_config()
+ route_tun2_dst.add_vpp_config()
+
+ #
+ # Create 2 L2 GRE tunnels and x-connect them
+ #
+ gre_if1 = VppGreInterface(self, self.pg0.local_ip4,
+ "2.2.2.2",
+ type=(VppEnum.vl_api_gre_tunnel_type_t.
+ GRE_API_TUNNEL_TYPE_TEB))
+ gre_if2 = VppGreInterface(self, self.pg0.local_ip4,
+ "2.2.2.3",
+ type=(VppEnum.vl_api_gre_tunnel_type_t.
+ GRE_API_TUNNEL_TYPE_TEB))
+ gre_if1.add_vpp_config()
+ gre_if2.add_vpp_config()
+
+ gre_if1.admin_up()
+ gre_if2.admin_up()
+
+ self.vapi.sw_interface_set_l2_xconnect(gre_if1.sw_if_index,
+ gre_if2.sw_if_index,
+ enable=1)
+ self.vapi.sw_interface_set_l2_xconnect(gre_if2.sw_if_index,
+ gre_if1.sw_if_index,
+ enable=1)
+
+ #
+ # Send in tunnel encapped L2. expect out tunnel encapped L2
+ # in both directions
+ #
+ tx = self.create_tunnel_stream_l2o4(self.pg0,
+ "2.2.2.2",
+ self.pg0.local_ip4)
+ rx = self.send_and_expect(self.pg0, tx, self.pg0)
+ self.verify_tunneled_l2o4(self.pg0, rx, tx,
+ self.pg0.local_ip4,
+ "2.2.2.3")
+
+ tx = self.create_tunnel_stream_l2o4(self.pg0,
+ "2.2.2.3",
+ self.pg0.local_ip4)
+ rx = self.send_and_expect(self.pg0, tx, self.pg0)
+ self.verify_tunneled_l2o4(self.pg0, rx, tx,
+ self.pg0.local_ip4,
+ "2.2.2.2")
+
+ self.vapi.sw_interface_set_l2_xconnect(gre_if1.sw_if_index,
+ gre_if2.sw_if_index,
+ enable=0)
+ self.vapi.sw_interface_set_l2_xconnect(gre_if2.sw_if_index,
+ gre_if1.sw_if_index,
+ enable=0)
+
+ #
+ # Create a VLAN sub-interfaces on the GRE TEB interfaces
+ # then x-connect them
+ #
+ gre_if_11 = VppDot1QSubint(self, gre_if1, 11)
+ gre_if_12 = VppDot1QSubint(self, gre_if2, 12)
+
+ # gre_if_11.add_vpp_config()
+ # gre_if_12.add_vpp_config()
+
+ gre_if_11.admin_up()
+ gre_if_12.admin_up()
+
+ self.vapi.sw_interface_set_l2_xconnect(gre_if_11.sw_if_index,
+ gre_if_12.sw_if_index,
+ enable=1)
+ self.vapi.sw_interface_set_l2_xconnect(gre_if_12.sw_if_index,
+ gre_if_11.sw_if_index,
+ enable=1)
+
+ #
+ # Configure both to pop thier respective VLAN tags,
+ # so that during the x-coonect they will subsequently push
+ #
+ self.vapi.l2_interface_vlan_tag_rewrite(
+ sw_if_index=gre_if_12.sw_if_index, vtr_op=L2_VTR_OP.L2_POP_1,
+ push_dot1q=12)
+ self.vapi.l2_interface_vlan_tag_rewrite(
+ sw_if_index=gre_if_11.sw_if_index, vtr_op=L2_VTR_OP.L2_POP_1,
+ push_dot1q=11)
+
+ #
+ # Send traffic in both directiond - expect the VLAN tags to
+ # be swapped.
+ #
+ tx = self.create_tunnel_stream_vlano4(self.pg0,
+ "2.2.2.2",
+ self.pg0.local_ip4,
+ 11)
+ rx = self.send_and_expect(self.pg0, tx, self.pg0)
+ self.verify_tunneled_vlano4(self.pg0, rx, tx,
+ self.pg0.local_ip4,
+ "2.2.2.3",
+ 12)
+
+ tx = self.create_tunnel_stream_vlano4(self.pg0,
+ "2.2.2.3",
+ self.pg0.local_ip4,
+ 12)
+ rx = self.send_and_expect(self.pg0, tx, self.pg0)
+ self.verify_tunneled_vlano4(self.pg0, rx, tx,
+ self.pg0.local_ip4,
+ "2.2.2.2",
+ 11)
+
+ #
+ # Cleanup Test resources
+ #
+ gre_if_11.remove_vpp_config()
+ gre_if_12.remove_vpp_config()
+ gre_if1.remove_vpp_config()
+ gre_if2.remove_vpp_config()
+ route_tun1_dst.add_vpp_config()
+ route_tun2_dst.add_vpp_config()
+
+ def test_gre_loop(self):
+ """ GRE tunnel loop Tests """
+
+ #
+ # Create an L3 GRE tunnel.
+ # - set it admin up
+ # - assign an IP Addres
+ #
+ gre_if = VppGreInterface(self,
+ self.pg0.local_ip4,
+ "1.1.1.2")
+ gre_if.add_vpp_config()
+ gre_if.admin_up()
+ gre_if.config_ip4()
+
+ #
+ # add a route to the tunnel's destination that points
+ # through the tunnel, hence forming a loop in the forwarding
+ # graph
+ #
+ route_dst = VppIpRoute(self, "1.1.1.2", 32,
+ [VppRoutePath("0.0.0.0",
+ gre_if.sw_if_index)])
+ route_dst.add_vpp_config()
+
+ #
+ # packets to the tunnels destination should be dropped
+ #
+ tx = self.create_stream_ip4(self.pg0, "1.1.1.1", "1.1.1.2")
+ self.send_and_assert_no_replies(self.pg2, tx)
+
+ self.logger.info(self.vapi.ppcli("sh adj 7"))
+
+ #
+ # break the loop
+ #
+ route_dst.modify([VppRoutePath(self.pg1.remote_ip4,
+ self.pg1.sw_if_index)])
+ route_dst.add_vpp_config()
+
+ rx = self.send_and_expect(self.pg0, tx, self.pg1)
+
+ #
+ # a good route throught the tunnel to check it restacked
+ #
+ route_via_tun_2 = VppIpRoute(self, "2.2.2.2", 32,
+ [VppRoutePath("0.0.0.0",
+ gre_if.sw_if_index)])
+ route_via_tun_2.add_vpp_config()
+
+ tx = self.create_stream_ip4(self.pg0, "2.2.2.3", "2.2.2.2")
+ rx = self.send_and_expect(self.pg0, tx, self.pg1)
+ self.verify_tunneled_4o4(self.pg1, rx, tx,
+ self.pg0.local_ip4, "1.1.1.2")
+
+ #
+ # cleanup
+ #
+ route_via_tun_2.remove_vpp_config()
+ gre_if.remove_vpp_config()
+
+ def test_mgre(self):
+ """ mGRE IPv4 tunnel Tests """
+
+ for itf in self.pg_interfaces[3:]:
+ #
+ # one underlay nh for each overlay/tunnel peer
+ #
+ itf.generate_remote_hosts(4)
+ itf.configure_ipv4_neighbors()
+
+ #
+ # Create an L3 GRE tunnel.
+ # - set it admin up
+ # - assign an IP Addres
+ # - Add a route via the tunnel
+ #
+ gre_if = VppGreInterface(self,
+ itf.local_ip4,
+ "0.0.0.0",
+ mode=(VppEnum.vl_api_tunnel_mode_t.
+ TUNNEL_API_MODE_MP))
+ gre_if.add_vpp_config()
+ gre_if.admin_up()
+ gre_if.config_ip4()
+ gre_if.generate_remote_hosts(4)
+
+ self.logger.info(self.vapi.cli("sh adj"))
+ self.logger.info(self.vapi.cli("sh ip fib"))
+
+ #
+ # ensure we don't match to the tunnel if the source address
+ # is all zeros
+ #
+ tx = self.create_tunnel_stream_4o4(self.pg0,
+ "0.0.0.0",
+ itf.local_ip4,
+ self.pg0.local_ip4,
+ self.pg0.remote_ip4)
+ self.send_and_assert_no_replies(self.pg0, tx)
+
+ #
+ # for-each peer
+ #
+ for ii in range(1, 4):
+ route_addr = "4.4.4.%d" % ii
+
+ #
+ # route traffic via the peer
+ #
+ route_via_tun = VppIpRoute(
+ self, route_addr, 32,
+ [VppRoutePath(gre_if._remote_hosts[ii].ip4,
+ gre_if.sw_if_index)])
+ route_via_tun.add_vpp_config()
+
+ #
+ # Add a TEIB entry resolves the peer
+ #
+ teib = VppTeib(self, gre_if,
+ gre_if._remote_hosts[ii].ip4,
+ itf._remote_hosts[ii].ip4)
+ teib.add_vpp_config()
+
+ #
+ # Send a packet stream that is routed into the tunnel
+ # - packets are GRE encapped
+ #
+ tx_e = self.create_stream_ip4(self.pg0, "5.5.5.5", route_addr)
+ rx = self.send_and_expect(self.pg0, tx_e, itf)
+ self.verify_tunneled_4o4(self.pg0, rx, tx_e,
+ itf.local_ip4,
+ itf._remote_hosts[ii].ip4)
+
+ tx_i = self.create_tunnel_stream_4o4(self.pg0,
+ itf._remote_hosts[ii].ip4,
+ itf.local_ip4,
+ self.pg0.local_ip4,
+ self.pg0.remote_ip4)
+ rx = self.send_and_expect(self.pg0, tx_i, self.pg0)
+ self.verify_decapped_4o4(self.pg0, rx, tx_i)
+
+ #
+ # delete and re-add the TEIB
+ #
+ teib.remove_vpp_config()
+ self.send_and_assert_no_replies(self.pg0, tx_e)
+ self.send_and_assert_no_replies(self.pg0, tx_i)
+
+ teib.add_vpp_config()
+ rx = self.send_and_expect(self.pg0, tx_e, itf)
+ self.verify_tunneled_4o4(self.pg0, rx, tx_e,
+ itf.local_ip4,
+ itf._remote_hosts[ii].ip4)
+ rx = self.send_and_expect(self.pg0, tx_i, self.pg0)
+ self.verify_decapped_4o4(self.pg0, rx, tx_i)
+
+ gre_if.admin_down()
+ gre_if.unconfig_ip4()
+
+ def test_mgre6(self):
+ """ mGRE IPv6 tunnel Tests """
+
+ self.pg0.config_ip6()
+ self.pg0.resolve_ndp()
+
+ e = VppEnum.vl_api_tunnel_encap_decap_flags_t
+
+ for itf in self.pg_interfaces[3:]:
+ #
+ # one underlay nh for each overlay/tunnel peer
+ #
+ itf.config_ip6()
+ itf.generate_remote_hosts(4)
+ itf.configure_ipv6_neighbors()
+
+ #
+ # Create an L3 GRE tunnel.
+ # - set it admin up
+ # - assign an IP Addres
+ # - Add a route via the tunnel
+ #
+ gre_if = VppGreInterface(
+ self,
+ itf.local_ip6,
+ "::",
+ mode=(VppEnum.vl_api_tunnel_mode_t.
+ TUNNEL_API_MODE_MP),
+ flags=e.TUNNEL_API_ENCAP_DECAP_FLAG_ENCAP_COPY_DSCP)
+
+ gre_if.add_vpp_config()
+ gre_if.admin_up()
+ gre_if.config_ip6()
+ gre_if.generate_remote_hosts(4)
+
+ #
+ # for-each peer
+ #
+ for ii in range(1, 4):
+ route_addr = "4::%d" % ii
+
+ #
+ # Add a TEIB entry resolves the peer
+ #
+ teib = VppTeib(self, gre_if,
+ gre_if._remote_hosts[ii].ip6,
+ itf._remote_hosts[ii].ip6)
+ teib.add_vpp_config()
+
+ #
+ # route traffic via the peer
+ #
+ route_via_tun = VppIpRoute(
+ self, route_addr, 128,
+ [VppRoutePath(gre_if._remote_hosts[ii].ip6,
+ gre_if.sw_if_index)])
+ route_via_tun.add_vpp_config()
+
+ #
+ # Send a packet stream that is routed into the tunnel
+ # - packets are GRE encapped
+ #
+ tx_e = self.create_stream_ip6(self.pg0, "5::5", route_addr,
+ dscp=2, ecn=1)
+ rx = self.send_and_expect(self.pg0, tx_e, itf)
+ self.verify_tunneled_6o6(self.pg0, rx, tx_e,
+ itf.local_ip6,
+ itf._remote_hosts[ii].ip6,
+ dscp=2)
+ tx_i = self.create_tunnel_stream_6o6(self.pg0,
+ itf._remote_hosts[ii].ip6,
+ itf.local_ip6,
+ self.pg0.local_ip6,
+ self.pg0.remote_ip6)
+ rx = self.send_and_expect(self.pg0, tx_i, self.pg0)
+ self.verify_decapped_6o6(self.pg0, rx, tx_i)
+
+ #
+ # delete and re-add the TEIB
+ #
+ teib.remove_vpp_config()
+ self.send_and_assert_no_replies(self.pg0, tx_e)
+
+ teib.add_vpp_config()
+ rx = self.send_and_expect(self.pg0, tx_e, itf)
+ self.verify_tunneled_6o6(self.pg0, rx, tx_e,
+ itf.local_ip6,
+ itf._remote_hosts[ii].ip6,
+ dscp=2)
+ rx = self.send_and_expect(self.pg0, tx_i, self.pg0)
+ self.verify_decapped_6o6(self.pg0, rx, tx_i)
+
+ gre_if.admin_down()
+ gre_if.unconfig_ip4()
+ itf.unconfig_ip6()
+ self.pg0.unconfig_ip6()
+
+
+if __name__ == '__main__':
+ unittest.main(testRunner=VppTestRunner)