aboutsummaryrefslogtreecommitdiffstats
path: root/test
AgeCommit message (Collapse)AuthorFilesLines
2020-03-31ipsec: fix udp-encap in transport modeAlexander Chernavin1-2/+51
Now UDP enacapsulation doesn't work in transport mode with crypto algorithms that have iv_sz=8 like AES GCM or 3DES CBC. That happens because the inserted UDP header overlaps with the old IP header and gets filled before the information from the old IP header can be copied to a new IP header. The result is a broken packet: 00:03:39:620863: esp4-encrypt-tun esp: sa-index 3 spi 3464048590 (0xce792fce) seq 31 sa-seq-hi 0 crypto aes-gcm-128 integrity none udp-encap-enabled 00:03:39:620867: adj-midchain-tx ... 00:03:39:620868: ip4-rewrite ... 00:03:39:620869: GigabitEthernet0/8/0-output GigabitEthernet0/8/0 IP4: 08:00:27:a9:6b:d6 -> 08:00:27:5a:dd:0c UDP: 10.255.0.10 -> 10.255.0.20 version 0, header length 0 tos 0x80, ttl 63, length 0, checksum 0x653e (should be 0xffff) dscp CS4 ecn NON_ECN fragment id 0x0000 UDP: 128 -> 0 length 0, checksum 0x0000 00:03:39:620870: GigabitEthernet0/8/0-tx GigabitEthernet0/8/0 tx queue 0 ... IP4: 08:00:27:a9:6b:d6 -> 08:00:27:5a:dd:0c UDP: 10.255.0.10 -> 10.255.0.20 version 0, header length 0 tos 0x80, ttl 63, length 0, checksum 0x653e (should be 0xffff) dscp CS4 ecn NON_ECN fragment id 0x0000 UDP: 128 -> 0 length 0, checksum 0x0000 With this commit, fill UDP header after copying the IP headers in transport mode. Type: fix Change-Id: Ie9a6e562aa05a8378114329d6a9ff395189fa6a8 Signed-off-by: Alexander Chernavin <achernavin@netgate.com>
2020-03-27acl: API cleanupJakub Grajciar3-176/+39
Use consistent API types. Type: fix Signed-off-by: Jakub Grajciar <jgrajcia@cisco.com> Change-Id: I09fa6c1b6917936351bd376b56c414ce24488095 Signed-off-by: Jakub Grajciar <jgrajcia@cisco.com>
2020-03-26acl: revert acl: api cleanupOle Trøan3-39/+176
This reverts commit aad1ee149403994194cf37cef4530b042ba7df3a. Reason for revert: Verify failure. Doesn't build. Type: fix Change-Id: I91b1b26ac43edde4853e4561a0083d0b3a06efee Signed-off-by: Ole Troan <ot@cisco.com>
2020-03-26acl: API cleanupJakub Grajciar3-176/+39
Use consistent API types. Type: fix Signed-off-by: Jakub Grajciar <jgrajcia@cisco.com> Change-Id: If90d753f129312400c4c3669bb86289d0c3e0d99 Signed-off-by: Jakub Grajciar <jgrajcia@cisco.com>
2020-03-26tests: speed up ipsec unit tests executionFilip Tehlar1-54/+1
... by removing duplicit test cacses. There is little value in testing ESN flag when no integ algo is used. This patch removes such test cases. Type: improvement Change-Id: Iae5baa1d39ac32a65d1d28ad57771a87962d8bb3 Signed-off-by: Filip Tehlar <ftehlar@cisco.com>
2020-03-23ipsec: Revert "ipsec: fix chained ESP"Florin Coras1-2/+1
This reverts commit c2c1bfd9b72aec88526c06479b128725eb525866. Reason for revert: Seems it's breaking ipsec esp tests Type: fix Change-Id: Iac590eee23cbf92a10c62dafa789aa9c3b2284dd Signed-off-by: Florin Coras <fcoras@cisco.com>
2020-03-23sr: srv6 API cleanupJakub Grajciar1-121/+0
Use consistent API types. Type: fix Signed-off-by: Jakub Grajciar <jgrajcia@cisco.com> Change-Id: I3c348ad2fca8bb3d9a246af7a2aa9dc9c33f57c3 Signed-off-by: Jakub Grajciar <jgrajcia@cisco.com>
2020-03-23ipsec: fix chained ESPFilip Tehlar1-1/+2
This fixes a special case when buffer chain enters decrypt node and becomes a single buffer after decryption. Type: fix Change-Id: I1d4da029b952baa97400adb7173aa63fd97d916b Signed-off-by: Filip Tehlar <ftehlar@cisco.com>
2020-03-17fib: Always install all routers mcast addressesNeale Ranns2-2/+2
Type: improvement Signed-off-by: Neale Ranns <nranns@cisco.com> Change-Id: Ia8dff15855a81cf29729bdaa3ff28fbe3254fa97
2020-03-16vxlan: vxlan/vxlan.api API cleanupJakub Grajciar4-92/+172
Use consistent API types. Type: fix Signed-off-by: Jakub Grajciar <jgrajcia@cisco.com> Change-Id: I7f6f37ec6eed780322e2488d6eb0f5681945ba09 Signed-off-by: Jakub Grajciar <jgrajcia@cisco.com>
2020-03-13tests: avoid unnecessary rebuildsKlement Sekera1-2/+2
Improve dependency tracking on vapi_test directory so that vapi_c_test rebuild doesn't force vapi_cpp_test rebuild and vice versa. Type: improvement Signed-off-by: Klement Sekera <ksekera@cisco.com> Change-Id: I00094c6374981333858ddbe6ae934cfda3b33a36
2020-03-12vppinfra: refactor clib_timebase_tDave Barach1-1/+6
Add a clib_time_t * argument to clib_timebase_init(...), to encourage client code to share the vlib_main_t's clib_time_t object. Display the current day / date in GMT via the "show time" debug CLI. Fix the test framework so it processes the new "show time" output format. Type: refactor Signed-off-by: Dave Barach <dave@barachs.net> Change-Id: I5e52d57eb164b7cdb6355362d520df6928491711
2020-03-12policer: API cleanupJakub Grajciar4-44/+78
Use consistent API types. Type: fix Signed-off-by: Jakub Grajciar <jgrajcia@cisco.com> Change-Id: Ia14f33992353b419b70b55beed63ab8ed6a2e837 Signed-off-by: Jakub Grajciar <jgrajcia@cisco.com>
2020-03-10tests: add running_gcov_tests to framework.pyDave Barach3-3/+14
Mark a few code coverage tests appropriately: @unittest.skipUnless(running_gcov_tests, "part of code coverage tests") def test_my_coverage_unittest(self): <etc> Almost exactly like "make EXTENDED_TESTS=yes test". Type: feature Signed-off-by: Dave Barach <dave@barachs.net> Change-Id: Ic6d0a097a608ba93442b3d88252f66f8e6805b97
2020-03-09l2: API cleanupJakub Grajciar3-71/+9
Use consistent API types. Type: fix Change-Id: I7ac7cd00606101864fa3422e7b9ea2f1143665dd Signed-off-by: Jakub Grajciar <jgrajcia@cisco.com>
2020-03-05session: API cleanupJakub Grajciar5-10/+9
Use consistent API types. Type: fix Signed-off-by: Jakub Grajciar <jgrajcia@cisco.com> Change-Id: Ib752a3425c076eb53bc5255a48039cbb74b1fcce Signed-off-by: Jakub Grajciar <jgrajcia@cisco.com>
2020-02-26sr: API cleanupJakub Grajciar1-1/+1
Use consistent API types. Type: fix Signed-off-by: Jakub Grajciar <jgrajcia@cisco.com> Change-Id: I6238ec79b916c23c07c3f7e2ac8e635f5a0d6112 Signed-off-by: Jakub Grajciar <jgrajcia@cisco.com>
2020-02-26api: improve api string safetyJakub Grajciar2-0/+69
- Remove vl_api_from_api_string to prevent use of not nul-terminated strings. - Rename vl_api_from_api_to_vec -> vl_api_from_api_to_new_vec to imply a new vector is created. NOT nul terminated. - Add vl_api_from_api_to_new_c_string. Returns nul terminated string in a new vector. - Add vl_api_c_string_to_api_string. Convert nul terminated string to vl_api_string_t - Add vl_api_vec_to_api_string. Convert NON nul terminated vector to vl_api_string_t Type: fix Signed-off-by: Jakub Grajciar <jgrajcia@cisco.com> Change-Id: Iadd59b612c0d960a34ad0dd07a9d17f56435c6ea Signed-off-by: Jakub Grajciar <jgrajcia@cisco.com>
2020-02-25vlib: Punt reason allocation listener enable/disable callbackNeale Ranns1-24/+36
Type: improvement allow clients that allocate punt reasons to pass a callback function that is invoked when the first/last client registers to use/listen on that punt reason. This allows the client to perform some necessary configs that might not otherwise be enabled. IPSec uses this callback to register the ESP proto and UDP handling nodes, that would not otherwise be enabled unless a tunnel was present. Change-Id: I9759349903f21ffeeb253d4271e619e6bf46054b Signed-off-by: Neale Ranns <nranns@cisco.com>
2020-02-21ipsec: IPSec protection for multi-point tunnel interfacesNeale Ranns6-56/+352
Type: feature Signed-off-by: Neale Ranns <nranns@cisco.com> Change-Id: Iaba2ab11bfaa1c8db4023434e3043ac39500f938
2020-02-20ip-neighbor: Fix aging timeoutVladimir Isaev1-1/+22
Before this patch VPP checked age for ARP/NDP records every 1e5 seconds for any configured aging time. This is 27 hours and it looks like misprint because 1e5 is the number of 10us ticks in a second. Also time to wait is now difference between aging time and time alive for nodes in alive state. Type: fix Signed-off-by: Vladimir Isaev <visaev@netgate.com> Change-Id: Ib5baa85032a44402d5f48c1145245260a42c7bae
2020-02-17bfd: use tw_timer_template instead of legacy wheelKlement Sekera1-2/+0
Type: refactor Change-Id: I04e71a64e676910dc4c6cbc1ab54ffb0c29aa5b9 Signed-off-by: Klement Sekera <ksekera@cisco.com>
2020-02-13vrrp: add plugin providing vrrp supportMatthew Smith1-0/+35
Type: feature Add a new plugin to support HA using VRRPv3 (RFC 5798). Change-Id: Iaa2c37e6172f8f41e9165f178f44d481f6e247b9 Signed-off-by: Matthew Smith <mgsmith@netgate.com>
2020-02-11ipsec: add support for chained buffersFilip Tehlar2-51/+30
Type: feature Change-Id: Ie072a7c2bbb1e4a77f7001754f01897efd30fc53 Signed-off-by: Filip Tehlar <ftehlar@cisco.com>
2020-02-11sr: update NH value for Ethernet payloadspcamaril1-1/+1
Upon encapsulation of L2 frames, IETF has replaced the NextHeader value from 59 (IPv6 No Next Header) to 143 (Ethernet). https://www.iana.org/assignments/protocol-numbers/protocol-numbers.xhtml Type: fix Signed-off-by: pcamaril <pcamaril@cisco.com> Change-Id: I88aa5590c81d16700ff7a0bbe6337e113179496e Signed-off-by: pcamaril <pcamaril@cisco.com>
2020-02-11ip: fix ip-local errorsFlorin Coras1-2/+2
Type: fix Signed-off-by: Florin Coras <fcoras@cisco.com> Change-Id: Ie8bc5c9a03e858487cf565b4e9b520e6b496337a
2020-02-10ip-neighbor: fix MLD reports not being sentNeale Ranns1-1/+31
Type: fix Change-Id: I8f81cd6c29ff8cb4f0b4850b8b1f6611d89ddb38 Signed-off-by: Neale Ranns <nranns@cisco.com>
2020-02-07tests: support python 3.8Ole Troan4-8/+7
Make test framework python3 version independence. Type: fix Signed-off-by: Ole Troan <ot@cisco.com> Change-Id: I1ef1eb77b6c1f422ebc4dad0818f87c8e587b34b
2020-02-05stats: fix state counter removalVladimir Isaev1-40/+41
Avoid using vec_del1() for directory vector to keep indexes valid all the time. There are state counters for each slave in LACP bond mode which can be dynamically created and removed. Vector index is used to access these counters. But also vec_del1() is used to remove counter from vector. This function changes the index of the last element, so after this we are unable to access ex-last element using old index. As a result it is not possible to add-del-add two interfaces to the LACP bond: DBGvpp# create bond mode lacp BondEthernet0 DBGvpp# create packet-generator interface pg1 DBGvpp# create packet-generator interface pg2 DBGvpp# bond add BondEthernet0 pg1 DBGvpp# bond add BondEthernet0 pg2 DBGvpp# bond del pg1 DBGvpp# bond del pg2 DBGvpp# bond add BondEthernet0 pg1 DBGvpp# bond add BondEthernet0 pg2 bond add: /if/lacp/1/3/partner-state is already register Type: fix Signed-off-by: Vladimir Isaev <visaev@netgate.com> Change-Id: I2c86e13905eefdef6233369cd4ab5c1b53d123bd
2020-02-05ipsec: set l2_len for GRE-TEB tunnel decapJohn Lo1-1/+122
Type: fix Ticket: VPP-1831 Signed-off-by: John Lo <loj@cisco.com> Change-Id: I655964b22021ac38cbced577091a1156286d4fd6
2020-02-04teib: Rename NHRP to TEIBNeale Ranns3-20/+20
Type: refactor The Tunnel Endpoint Informatiob Base (TEIB) is a better description of what it is (a mapping between tunnel endpoint address, in the overlay, and next-hop address, in the underlay) whereas NHRP is one instanc eof a control protocol that might add such endpoints. Signed-off-by: Neale Ranns <nranns@cisco.com> Change-Id: Idcb2ad0b6543d3e5d9f6e96f9d14dafb5ce2aa85
2020-01-30vppinfra: improve clocks_per_second convergenceDave Barach1-0/+2
Apply exponential smoothing to the clock rate update calculation in clib_time_verify_frequency(), with a half-life of 1 minute and a sampling frequency of 16 seconds. Within 5 minutes or so, the calculation converges With each rate recalculation: reset total_cpu_time based on the kernel timebase delta since vpp started, and the new clock rate Improve the "show clock [verbose]" debug CLI command. BFD echo + echo fail tests marked off until the BFD code can be reworked a bit. Type: fix Signed-off-by: Dave Barach <dave@barachs.net> Change-Id: I24e88a78819b12867736c875067b386ef6115c5c
2020-01-30gre: Tunnel encap/decap flagsNeale Ranns3-70/+66
Type: feature common funcitons across IP-in-IP and GRE tunnels for encap/decap functions Signed-off-by: Neale Ranns <nranns@cisco.com> Change-Id: I325b66824878d843af167adfe5a7a96b0ab90566
2020-01-27ipip: Multi-point interfaceNeale Ranns3-13/+130
Type: feature plus fixes for gre Signed-off-by: Neale Ranns <nranns@cisco.com> Change-Id: I0eca5f94b8b8ea0fcfb058162cafea4491708db6
2020-01-27tunnel: Common types for IP tunnelsNeale Ranns3-22/+30
Type: refactor Signed-off-by: Neale Ranns <nranns@cisco.com> Change-Id: I18dcdb7af3e327f6cacdbcb1e52b89f13d6ba6e2
2020-01-27bfd: reset peer discriminator on timeoutKlement Sekera1-0/+11
More RFC compliance. Ticket: VPP-1816 BFD: peer discriminator not reset on timeout Type: fix Change-Id: I68063c18097d282b3527e3fb485c1d0d1fd1b0c8 Signed-off-by: Klement Sekera <ksekera@cisco.com>
2020-01-16tests: fix typo in test doc stringPaul Vinciguerra1-1/+1
Type: test Change-Id: I97e02ebc5989eee794511c1ed6049e300be7d64e Signed-off-by: Paul Vinciguerra <pvinci@vinciconsulting.com>
2020-01-16tests: fix TypeError in run_tests.pyPaul Vinciguerra1-4/+5
Traceback (most recent call last): File "run_tests.py", line 886, in <module> exit_code, suites = parse_results(results) File "run_tests.py", line 732, in parse_results results_per_suite.print_results() File "run_tests.py", line 683, in print_results result.get_testcase_names(failed_test_id) TypeError: 'NoneType' object is not iterable Type: test Change-Id: I2c5ae0b9e11be6bfb4490d9ce057db0b0a84c9bf Signed-off-by: Paul Vinciguerra <pvinci@vinciconsulting.com>
2020-01-14tests: fix worker thread initializationPaul Vinciguerra1-4/+4
from threading.thread __init__: This constructor should always be called with keyword arguments. If a subclass overrides the constructor, it must make sure to invoke the base class constructor (Thread.__init__()) before doing anything else to the thread. Type: test Change-Id: Ifa89202e97053a4baf19e9a0ca0913430d5087a3 Signed-off-by: Paul Vinciguerra <pvinci@vinciconsulting.com>
2020-01-13tests: disable the tap test for the time beingAndrew Yourtchenko1-1/+1
TAP tests require root access, which breaks the testing in unprivileged scenario. Disable the test until we find consensus on how to deal with it. Type: test Change-Id: I66ee2b130723233682d858cad0b6e424ab0b2383 Signed-off-by: Andrew Yourtchenko <ayourtch@gmail.com>
2020-01-04ipsec: AH copy destination and source address from templateNeale Ranns2-12/+26
Type: fix Change-Id: I63d4df68eed6589763b5ce62bcd7f3fd867c60e1 Signed-off-by: Neale Ranns <nranns@cisco.com>
2020-01-04ipsec: Targeted unit testingNeale Ranns3-10/+481
Type: fix 1 - big packets; chained buffers and those without enoguh space to add ESP header 2 - IPv6 extension headers in packets that are encrypted/decrypted 3 - Interface protection with SAs that have null algorithms Signed-off-by: Neale Ranns <nranns@cisco.com> Change-Id: Ie330861fb06a9b248d9dcd5c730e21326ac8e973
2020-01-02tests: configure 32 mb physmemDave Barach2-2/+2
Absolutely nothing good happens when we force the kernel to briefly map and then unmap 16gb as vpp starts. Effect exacerbated when TEST_JOBS = 20...40, and so forth. Type: test Signed-off-by: Dave Barach <dave@barachs.net> Change-Id: Id8e3ce1763cad3a0891d5d6c8d2c1e3e610682d7
2020-01-02tests: bfd - move test_poll_response to EXTENDED_TESTSPaul Vinciguerra1-0/+2
test_bfd.BFD4TestCase.test_poll_response providing inconsistent results is the per-patch tests. Type: test Change-Id: I8f1864511526fd330a7da1abfa19be3f565c683a Signed-off-by: Paul Vinciguerra <pvinci@vinciconsulting.com>
2019-12-31ip-neighbor: set link-type ARP on incomplete adjacenciesNeale Ranns1-0/+65
Type: fix Change-Id: I05d74da311d6a86ec4eb3df50d53ecaa9c622f50 Signed-off-by: Neale Ranns <nranns@cisco.com>
2019-12-27tests: test_mpls_v6_ebgp_pic - don't write to stdoutPaul Vinciguerra1-1/+1
Type: test Change-Id: I2cccc68b1b4b6c576580ae0eb5d4511ca2f4663d Signed-off-by: Paul Vinciguerra <pvinci@vinciconsulting.com>
2019-12-26tests: tls - don't print skip info to stdoutPaul Vinciguerra1-3/+6
Type: test Change-Id: Id1bffbfe698113d85c4c6bf432ddf4908ed2b788 Signed-off-by: Paul Vinciguerra <pvinci@vinciconsulting.com>
2019-12-25classify: "classify filter ..." debug CLI cleanupDave Barach1-2/+2
The pcap trace filter initial table index lives in cm->filter_set_by_sw_if_index [0], which corresponds to the "local0" interface. Debug cli makes sure that folks don't accidentally specify the "local0" interface. At least it does now... Fix the "vlib format.c code coverage" test in test/test_vlib.py. Type: fix Change-Id: I35320bc2c8f0c6f1f8c12e3529d1938548185151 Signed-off-by: Dave Barach <dave@barachs.net>
2019-12-24tests: fix skip logic on test_tapPaul Vinciguerra1-2/+2
log.txt message: 17:52:59,969 API call failed, expected 0 return value instead of -13 in tap_create_v2_reply(_0=58, context=77019, retval=-13, sw_if_index=4294967295) Test was failing with log message: tap: tap0: tap_create_if: ioctl(TUNSETIFF): Operation not permitted Type: test Change-Id: I5bcd9d2b0c870ea5eef92b79314b97821399722f Signed-off-by: Paul Vinciguerra <pvinci@vinciconsulting.com>
2019-12-23ipsec: Test and fix IPSec worker hand-offNeale Ranns6-21/+132
Type: fix Change-Id: I5cb9a3845ddbc5f4de4eb4e9c481f606fe5cec9a Signed-off-by: Neale Ranns <nranns@cisco.com>