aboutsummaryrefslogtreecommitdiffstats
path: root/test
AgeCommit message (Collapse)AuthorFilesLines
2018-02-27make test: refactor vcl test casesDave Wallace2-89/+81
- Reduce replicated code in test cases - Configure separate namespace secrets for thru hoststack test case to validate namespace secret functionality. - Pass per-instance environment variables to Worker class init function. Change-Id: I3cd5d4538f105cbfb09671c4d761541b40714b8f Signed-off-by: Dave Wallace <dwallacelf@gmail.com>
2018-02-26Python: addressing PEP8 deprecationMarco Varlese1-2/+2
PEP8 has been deprecated and python users are being asked to migrate to pycodestyle. Change-Id: I52d5f7b2bf72156216a9966e8322ec58763f24d4 Signed-off-by: Marco Varlese <marco.varlese@suse.com>
2018-02-26update BIER scapy patch to match the scapy repo PRNeale Ranns1-4/+2
Change-Id: I4953b8444b49d1ad445c98a199ae8fd1635e24a5 Signed-off-by: Neale Ranns <nranns@cisco.com>
2018-02-25SCTP: fix connection memory corruptionMarco Varlese1-2/+3
A bug was found when multiple SCTP connections were being opened to the same SCTP server. This patch addresses that problem, removing the use of the 'parent' pointer approach for sub-connection and saving instead within the sub-connection itself the ID representing its position. That facilitates pointer-arithmetic to be computed in the get_connection_from_transport(). Change-Id: Iaa1f4efc501590be1c93e42fd6fe3d6e02f635eb Signed-off-by: Marco Varlese <marco.varlese@suse.com>
2018-02-24LDP: Refactor epoll_ctl wrapper.Dave Wallace1-2/+2
- Add AF_UNIX transaction to sock_test_client/server echo test to verify mixed epoll ldp implementation. - Misc cleanup / refactoring of ldp code. - Fix LDP_DEBUG in test/socket_test.sh Change-Id: Ib524c824728f109007d8c4d07d74603b6c687902 Signed-off-by: Dave Wallace <dwallacelf@gmail.com>
2018-02-22VOM: vhost-use interfacesNeale Ranns1-1/+29
Change-Id: Iee1574d1f0f081ccc4a90fd9825a0b5e254aa642 Signed-off-by: Neale Ranns <neale.ranns@cisco.com> Signed-off-by: Mohsin Kazmi <sykazmi@cisco.com>
2018-02-22make test: tidy worker subprocess outputKlement Sekera1-1/+1
Change-Id: I362765a67762a59775863af12b712abb47445b3a Signed-off-by: Klement Sekera <ksekera@cisco.com>
2018-02-22make test: build test/ext when doing coverageKlement Sekera3-9/+4
This makes VAPI/VOM tests part of code coverage report. Change-Id: I66511b0a59880c2a64daecd37088268bdf5e1269 Signed-off-by: Klement Sekera <ksekera@cisco.com>
2018-02-21make test: Add VCL thru hoststack test case.Dave Wallace1-8/+109
Change-Id: I7deb1fa4624cc1b7d7bc2f68034d4ce7589d4ef1 Signed-off-by: Dave Wallace <dwallacelf@gmail.com>
2018-02-21make test: disable broken kubeproxy testsKlement Sekera1-2/+2
Change-Id: I8de2594596053a7331c81b342c63df2358548ca3 Signed-off-by: Klement Sekera <ksekera@cisco.com>
2018-02-19make test: Add VPP VCL cut-thru test.Dave Wallace2-0/+75
Change-Id: Id3ec196bfeb90b141123adee97f15d9712351680 Signed-off-by: Dave Wallace <dwallacelf@gmail.com>
2018-02-19VCL: config api prefix using env var.Dave Wallace1-0/+3
- Configure vpp api prefix using VCL_API_PREFIX environment variable. - Prepend api prefix to vpp api filename when connecting to vpp. - Fix stale vcl_cfg ptr after heap allocation. - Cleanup misleading warning messages wrt. reading the vcl config file. Change-Id: I908c9b567ff4f6f0c21ae43a4627a1a3202a3290 Signed-off-by: Dave Wallace <dwallacelf@gmail.com>
2018-02-19VOM: acl: Some necessary fixesMohsin Kazmi1-0/+7
It: 1. changes ethertype_rule_t to hold actual objects instead of reference to them. 2. fixes acl_ethertype 'update' function 3. fixes pretty-print of acl-list-update. 4. adds l3-acl update unit test. Change-Id: Iec72212806e96bd0574b46b563de79f0744cb248 Signed-off-by: Mohsin Kazmi <sykazmi@cisco.com>
2018-02-17make test: add test framework debuggingKlement Sekera3-1/+58
New option TEST_DEBUG=1 turns on test framework debugging, which currently consists of printing difference in allocated objects/memory and also creates reference graphs for any unfreed VppPapiProvider/VPP objects - these take a lot of memory and thus should be freed regularly. Change-Id: I29db0c1341009d4b5c5df9222d14f3095883fd0f Signed-off-by: Klement Sekera <ksekera@cisco.com>
2018-02-17make test: detect child crashKlement Sekera1-7/+17
This change causes parent process to detect child crash in seconds instead of waiting for timeout to pass. Change-Id: Ib45e86b7fc97e687d99c554be4212aaeea781dcc Signed-off-by: Klement Sekera <ksekera@cisco.com>
2018-02-16Allow providers to override glean behaviourNeale Ranns3-1/+76
and update glean address on local interface MAC change Change-Id: I530826d60c7e9db2b0fa2d45754139d82c5ea807 Signed-off-by: Neale Ranns <neale.ranns@cisco.com>
2018-02-15Revert "Allow interface types to override glean adjacency behaivour"Ole Trøan3-69/+1
This reverts commit 8b30e471df4d42214619e1d6c50cc8298426b45f. Change-Id: I99edb236eb0a7f8ba3fba333c3481a710ebcb59c Signed-off-by: Ole Troan <ot@cisco.com>
2018-02-15Allow interface types to override glean adjacency behaivourNeale Ranns3-1/+69
update the glean adj on a local interface MAC change Change-Id: Ia5c5cde424ed0fea3431532cc5abf22b364bbab5 Signed-off-by: Neale Ranns <nranns@cisco.com>
2018-02-15Optimize GRE Tunnel and add support for ERSPAN encapJohn Lo4-13/+35
Change GRE tunnel to use the interface type where the same encap node is used as output node for all GRE tunnels, instead of having dedicated output and tx node for each tunnel. This allows for more efficient tunnel creation and deletion at scale tested at 1000's of GRE tunnels. Add support for ERSPAN encap as another tunnel type, in addition to the existing L3 and TEB types. The GRE ERSPAN encap supported is type 2 thus GRE encap need to include sequence number and GRE- ERSPAN tunnel can be created with user secified ERSPAN session ID. The GRE tunnel lookup hash key is updated to inclue tunnel type and session ID, in addition to SIP/DIP and FIB index. Thus, GRE-ERSPAN tunnel can be created, with the appropriate session ID, to be used as output interface for SPAN config to send mirrored packets. Change interface naming so that all GRE tunnels, irrespective of tunnel type, uses "greN" where N is the instance number. Removed interface reuse on tunnel creation and deletion to enable unfied tunnel interface name. Add support of user specified instance on GRE tunnel creation. Thus, N in the "greN" interface name can optionally be specified by user via CLI/API. Optimize GRE tunnel encap DPO stacking to bypass load-balance DPO node since packet output on GRE tunnel always belong to the same flow after 5-tupple hash. Change-Id: Ifa83915744a1a88045c998604777cc3583f4da52 Signed-off-by: John Lo <loj@cisco.com>
2018-02-14session: support local sessions and deprecate redirectsFlorin Coras1-0/+3
Memfd backed shared memory segments can only be negotiated over sockets. For such scenarios, the existing redirect mechanism that establishes cut-through sessions does not work anymore as the two peer application do not share such a socket. This patch adds support for local sessions, as opposed to sessions backed by a transport connection, in a way that is almost transparent to the two applications by reusing the existing binary api messages. Moreover, all segment allocations are now entirely done through the segment manager valloc, so segment overlaps due to independent allocations previously required for redirects are completely avoided. The one notable characteristic of local sessions (cut-through from app perspective) notification messages is that they carry pointers to two event queues, one for each app peer, instead of one. For transport-backed sessions one of the queues can be inferred but for local session they cannot. Change-Id: Ia443fb63e2d9d8e43490275062a708f039038175 Signed-off-by: Florin Coras <fcoras@cisco.com>
2018-02-14make-test: use api custom-dump to reduce log size.Dave Wallace1-1/+1
- Reduce log size by using "api trace custom-dump" instead of "api trace dump". - Fix custom-dump output of cli_inband_t api message to include cli command being executed. New output: DBGvpp# api trace custom-dump /tmp/test vl_api_memclnt_delete_t: index: 2 handle: 0x301d8e10 SCRIPT: memclnt_create name vpp_api_test SCRIPT: sw_interface_dump all SCRIPT: control_ping SCRIPT: exec show run Old output: DBGvpp# api trace dump /tmp/test ---------- trace 0 ----------- vl_api_memclnt_delete_t: index: 33554432 handle: 0x108e1d3000000000 ---------- trace 1 ----------- vl_api_memclnt_create_t: name: vpp_api_test input_queue: 0x808e1d3000000000 context: 0 ctx_quota: 0 ---------- trace 2 ----------- vl_api_sw_interface_dump_t: _vl_msg_id: 61 client_index: 33554432 context: 0 name_filter_valid: 0 ---------- trace 3 ----------- vl_api_control_ping_t: _vl_msg_id: 712 client_index: 33554432 context: 0 ---------- trace 4 ----------- vl_api_cli_inband_t: _vl_msg_id: 715 client_index: 33554432 context: 0 length: 9 Change-Id: If740c861649a3a59b8cc7a777c23c3cf94b8ff87 Signed-off-by: Dave Wallace <dwallacelf@gmail.com>
2018-02-13VOM: ACL: Add Object Model for acl ethertypeMohsin Kazmi1-0/+16
Change-Id: I2b572ebd4b7bb26381f127912a4cc0825c04fc34 Signed-off-by: Mohsin Kazmi <sykazmi@cisco.com>
2018-02-12Improve MTU handlingNeale Ranns2-0/+36
- setting MTU on an interface updates the L3 max bytes too - value cached in the adjacency is also updated - MTU exceeded generates ICMP to sender Change-Id: I343ec71d8e903b529594c4bd0543f04bc7f370b3 Signed-off-by: Neale Ranns <neale.ranns@cisco.com>
2018-02-09GBP pluginNeale Ranns2-0/+396
Group Base Policy (GBP) defines: - endpoints: typically a VM or container that is connected to the virtual switch/router (i.e. to VPP) - endpoint-group: (EPG) a collection of endpoints - policy: rules determining which traffic can pass between EPGs a.k.a a 'contract' Here, policy is implemented via an ACL. EPG classification for transit packets is determined by: - source EPG: from the packet's input interface - destination EPG: from the packet's destination IP address. Change-Id: I7b983844826b5fc3d49e21353ebda9df9b224e25 Signed-off-by: Neale Ranns <neale.ranns@cisco.com>
2018-02-08classifier-based ACL: testcases for L2 ACLs + fix the enabling of outbound ↵Andrew Yourtchenko1-0/+633
L2 ACL There was no test coverage for the L2 ACL (other than indirect by means of ACL plugin tests), so the enabling of the outbound ACL got fumbled throughout the revisions of the refactoring. Fix both issues - the error and the lack of test coverage for L2 ACL. Change-Id: Ib7f42780ef84b4a4f70bd88d7319aeeda866cf06 Signed-off-by: Andrew Yourtchenko <ayourtch@gmail.com>
2018-02-08Geneve - reduce unit-test run timeGabriel Ganne1-2/+2
Reduce the number of tunnels created/destroyed to reduce the load of the tests without changing the code covered. These are functional tests, not performance tests. This reduced the test time down to 10s from 4 minutes on my machine. Change-Id: Ifcaddc0b0628a21392c5cb247196f56bc28a53a2 Signed-off-by: Gabriel Ganne <gabriel.ganne@enea.com>
2018-02-08acl-plugin: add whitelisted ethertype mode (VPP-1163)Andrew Yourtchenko2-7/+103
Currently, ACL plugin largely does not care about the ethertypes other than 0x0800 (IPv4) and 0x86dd (IPv6), the only exception being 0x0806 (ARP), which is dealt with by the MACIP ACLs. The other ethertypes in L2 mode are just let through. This adds a new API message acl_interface_set_etype_whitelist, which allows to flip the mode of a given interface into "ethertype whitelist mode": the caller of this message must supply the two lists (inbound and outbound) of the ethertypes that are to be permitted, the rest of the ethertypes are dropped. The whitelisting for a given interface and direction takes effect only when a policy ACL is also applied. This operates on the same classifier node as the one used for dispatching the policy ACL, thus, if one wishes for most of the reasonable IPv4 deployments to continue to operate within the whitelist mode, they must permit ARP ethertype (0x0806) The empty list for a given direction resets the processing to allow the unknown ethertypes. So, if one wants to just permit the IPv4 and IPv6 and nothing else, one can add their ethertypes to the whitelist. Add the "show acl-plugin interface" corresponding outputs about the whitelists, vat command, and unittests. Change-Id: I4659978c801f36d554b6615e56e424b77876662c Signed-off-by: Andrew Yourtchenko <ayourtch@gmail.com>
2018-02-08acl-plugin: an elog-based tracing implementation for troubleshooting the ↵Andrew Yourtchenko1-0/+3
conn cleaner threads interactions This replaces some of the early-stage commented-out printf()s with an elog-based debug collector. It is aimed to be "better than nothing" initial implementation to be available in the field. It will be refined/updated based on use. This initial code is focused on the main/worker threads interactions, hence uses just the worker tracks. This code adds a developer debug CLI "set acl-plugin session table event-trace 1", which allows to gather the events pertaining to connection cleaning. The CLI is deliberately not part of the online help, as the express declaration that the semantics/trace levels, etc. are subject to change without notice. Change-Id: I3536309f737b73e50639cd5780822dcde667fc2c Signed-off-by: Andrew Yourtchenko <ayourtch@gmail.com>
2018-02-07VXLAN: Allow user to specify a custom vxlan tunnel instance id.Jon Loeliger1-2/+5
If one is not selected by the user, the next available id will be allocated, thus maintaining backward compatibility. Change-Id: I4691ed0638b8072f9cfa9f20b9fe4f981e708800 Signed-off-by: Jon Loeliger <jdl@netgate.com>
2018-02-07classifier-based ACL: refactor + add output ACLAndrew Yourtchenko2-0/+68
For implementation of MACIP ACLs enhancement (VPP-1088), an outbound classifier-based ACL would be needed. There was an existing incomplete code for outbound ACLs, it looked almost exact copy of input ACLs, minus the various enhancements, trying to sync that code seemed error-prone and cumbersome to maintain in the longer run. This change refactors the input+output ACLs processing into a unified routine (thus any changes will have effect on both), and also adds the API to set the output interface ACL, with the same format and semantics as the existing input one (except working on output ACL of course). WARNING: IP outbound ACL in L3 mode clobbers the ip.* fields in the vnet_buffer_opaque_t, since the code is using l2_classify.* The net_buffer (p0)->ip.save_rewrite_length is rescued into l2_classify.pad.l2_len, and used to rewind the header in case of drop, so that ipX_drop prints something sensible. Change-Id: I62f814f1e3650e504474a3a5359edb8a0a8836ed Signed-off-by: Andrew Yourtchenko <ayourtch@gmail.com>
2018-02-06make test: don't test/set parameters in dockerKlement Sekera1-0/+11
Do not set UDS related system parameters if DOCKER_TEST is set to "True" as docker environment doesn't contain the necessary /proc/... entries. Change-Id: Id85e4512c7bba6b3feb6e6fd1fbe1e05aa10a341 Signed-off-by: Klement Sekera <ksekera@cisco.com>
2018-02-06BIER: fix support for longer bit-string lengthsNeale Ranns6-115/+234
Change-Id: I2421197b76be58099e5f8ed5554410adff202109 Signed-off-by: Neale Ranns <neale.ranns@cisco.com>
2018-02-05session: segment manager refactorFlorin Coras1-1/+63
- use valloc as a 'central' segment baseva manager - use per segment manager segment pools and use rwlocks to guard them - add session test that exercises segment creation - embed segment manager properties into application since they're shared - fix rw locks Change-Id: I761164c147275d9e8a926f1eda395e090d231f9a Signed-off-by: Florin Coras <fcoras@cisco.com>
2018-02-02make test: use random seedKlement Sekera1-1/+1
This fixes a constant setting of random seed forgotten from testing. Change-Id: Ie3c4db8bb2b4b73ba33de1ffc02cb563391fd31c Signed-off-by: Klement Sekera <ksekera@cisco.com>
2018-02-02Add L3DSR feature in LB pluginHongjun Ni1-8/+36
L3DSR is used to overcome Layer 2 limitations of Direct Server Return Load Balancing. It maps VIP to DSCP bits, and reuse TOS bits to transfer it to server, and then server will get VIP from DSCP-to-VIP mapping. Please refer to https://www.nanog.org/meetings/nanog51/presentations/Monday/NANOG51.Talk45.nanog51-Schaumann.pdf Change-Id: I403ffeadfb04ed0265086eb2dc41f2e17f8f34cb Signed-off-by: Hongjun Ni <hongjun.ni@intel.com>
2018-02-01IPv4/6 reassemblyKlement Sekera13-58/+1392
Change-Id: Ic5dcadd13c88b8a5e7896dab82404509c081614a Signed-off-by: Klement Sekera <ksekera@cisco.com>
2018-01-31NAT66 1:1 mapping (VPP-1108)Matus Fabian2-0/+179
Support the 1:1 translation of source address for IPv6 Change-Id: I934d18e5ec508bf7422d796ee5f172b79c048011 Signed-off-by: Matus Fabian <matfabia@cisco.com>
2018-01-31NAT44: in2out output feature skip translation for already translated packets ↵Matus Fabian1-0/+99
(VPP-1156) Change-Id: I5395245c9e49f741a949ada1f725c34f9379c249 Signed-off-by: Matus Fabian <matfabia@cisco.com>
2018-01-31NAT44: Delete dynamic sessions matching new 1:1NAT (VPP-1158)Matus Fabian1-0/+31
Change-Id: Ib99b597502b8335e57ecfa122b12e2e5aa45ee1a Signed-off-by: Matus Fabian <matfabia@cisco.com>
2018-01-31NAT44: nat44_static_mapping_details protocol=0 if addr_only=0 (VPP-1158)Matus Fabian1-0/+3
Change-Id: I1e3cfc751e7657464fc850dc56ddf763df45f62e Signed-off-by: Matus Fabian <matfabia@cisco.com>
2018-01-26session: move builtin apps to their own folderFlorin Coras2-18/+12
This consolidates builtin apps under session-apps folder. It also removes duplicate builtin echo server/client implementations. Change-Id: I75ed879399c5aa9b75b1eb38b33aedf69dd8df3f Signed-off-by: Florin Coras <fcoras@cisco.com>
2018-01-26NAT44: fix ICMP error translation for endpoint dependent sessions (VPP-1150)Matus Fabian1-0/+36
Change-Id: I85c799f28c4246884107e569a36482af10d9be9d Signed-off-by: Matus Fabian <matfabia@cisco.com>
2018-01-25NAT44: add opaque string tag to static mapping APIs (VPP-1147)Matus Fabian2-4/+29
Change-Id: I620e2081285ca8ac5c2da8efc12fe6f540ea4fd1 Signed-off-by: Matus Fabian <matfabia@cisco.com>
2018-01-25NAT: nat.c refactor (split out CLI) (VPP-1140)Matus Fabian1-2/+12
Moved CLI from nat.c to nat44_cli.c Split "show nat44" to: show nat44 addresses show nat44 interfaces show nat44 static mappings show nat44 interface address show nat44 sessions detail show nat44 deterministic mappings show nat44 deterministic timeouts show nat44 deterministic sessions show nat workers Change-Id: I2d1be8941dd0e4a9e037f4a4d2cd192389beb8ed Signed-off-by: Matus Fabian <matfabia@cisco.com>
2018-01-25make test: verify that /dev/shm is big enoughKlement Sekera2-0/+31
Verify that /dev/shm size is >= 512M, which should be enough for `make test' needs. If the verification fails, try to enlarge it automatically. This helps avoid docker vpp/make test crashes (seen as SIGBUS). Change-Id: I4e23d59ff8bf8befc320fa229fb6c9bfeb809a8f Signed-off-by: Klement Sekera <ksekera@cisco.com>
2018-01-24SCTP stack (RFC4960)Marco Varlese1-0/+91
== CONTENT == * SCTP chunks definition as per RFC4960; * Helper functions to set/get values to/from the corresponding chunks; * Hooks to the session/application layers; * Complete state-machine handling; * Implementation for unexpected chunk received in a certain state (state-machine error handling) * Support for 1-single connection; * Sample application to test receive/transmit data-path; * Test to validate SCTP stack; Change-Id: I1b55c455ab400be9513f4e094dadfc3181d2ebc9 Signed-off-by: Marco Varlese <marco.varlese@suse.com>
2018-01-24Improve the error reporting for a IP multicast RPF miss.Neale Ranns1-0/+9
now we get: 00:00:04:288925: pg-input ... 00:00:04:289345: ethernet-input ... 00:00:04:289524: ip6-input ... 00:00:04:289553: ip6-mfib-forward-lookup ... 00:00:04:289584: ip6-mfib-forward-rpf entry 14 itf 2 flags Forward, 00:00:04:289754: ip6-drop UDP: 2002::1 -> ff01:2::255 tos 0x00, flow label 0x0, hop limit 64, payload length 21 UDP: 1234 -> 1234 length 21, checksum 0x90d1 00:00:04:289802: error-drop ip4-input: Multicast RPF check failed 08:36:44,517 Count Node Reason 182 ip4-input Multicast RPF check failed 8 ip6-icmp-input neighbor advertisements sent 8 ip6-icmp-input router advertisements sent 8 arp-input ARP replies sent Change-Id: I1b29cda4ec77a88db45bfb25c7473cd64bbf501a Signed-off-by: Neale Ranns <nranns@cisco.com>
2018-01-24NAT44: asymmetrical static mapping and one-armed NAT (VPP-1138)Matus Fabian1-0/+64
One-armed NAT should work for asymmetrical static mappings without adding external address to the NAT44 pool. Change-Id: Ie886b75b55c3b552d1029a50bd967625fde80f09 Signed-off-by: Matus Fabian <matfabia@cisco.com>
2018-01-23For DHCP client configuration control the setting of the broadcast flag in theNeale Ranns2-4/+107
DISCOVER message sent. According to RFC2131: In the case of a client using DHCP for initial configuration (before the client's TCP/IP software has been completely configured), DHCP requires creative use of the client's TCP/IP software and liberal interpretation of RFC 1122. The TCP/IP software SHOULD accept and forward to the IP layer any IP packets delivered to the client's hardware address before the IP address is configured; DHCP servers and BOOTP relay agents may not be able to deliver DHCP messages to clients that cannot accept hardware unicast datagrams before the TCP/IP software is configured. To work around some clients that cannot accept IP unicast datagrams before the TCP/IP software is configured as discussed in the previous paragraph, DHCP uses the 'flags' field [21]. The leftmost bit is defined as the BROADCAST (B) flag. The semantics of this flag are discussed in section 4.1 of this document. The remaining bits of the flags field are reserved for future use. They MUST be set to zero by clients and ignored by servers and relay agents. Figure 2 gives the format of the 'flags' field. this changes means VPP conforms to the: "SHOULD accept and forward to the IP layer any IP packets delivered to the client's hardware address before the IP address is configured" with the caveat that VPP allows DHCP packets destined to the stanard client DHCP port to be delivered. With this enhancement the control-plane is now able to choose the setting of the broadcast flag. Change-Id: Ia4eb2c9bb1e30c29f9192facc645e9533641955a Signed-off-by: Neale Ranns <nranns@cisco.com>
2018-01-22svm: queue sub: Add conditional timed waitMohsin Kazmi2-16/+24
On reviece side svm queue only permits blocking and non-blocking calls. This patch adds timed wait blocking functionality which returns either on signal/event or on given time out. It also preserves the original behavior, so it will not hurt client applications which are using svm queue. Change-Id: Ic10632170330a80afb8bc781d4ccddfe4da2c69a Signed-off-by: Mohsin Kazmi <sykazmi@cisco.com>