summaryrefslogtreecommitdiffstats
path: root/test
AgeCommit message (Collapse)AuthorFilesLines
2017-04-06acl-plugin: make the IPv4/IPv6 non-first fragment handling in line with ACL ↵Andrew Yourtchenko2-9/+91
(VPP-682) This fixes the previously-implicit "drop all non-first fragments" behavior to be more in line with security rules: a non-first fragment is treated for the purposes of matching the ACL as a packet with the port match succeeding. This allows to change the behavior to permit the fragmented packets for the default "permit specific rules" ruleset, but also gives the flexibility to block the non-initial fragments by inserting into the begining a bogus rule which would deny the L4 traffic. Also, add a knob which allows to potentially turn this behavior off in case of a dire need (and revert to dropping all non-initial fragments), via a debug CLI. Change-Id: I546b372b65ff2157d9c68b1d32f9e644f1dd71b4 Signed-off-by: Andrew Yourtchenko <ayourtch@gmail.com> (cherry picked from commit 9fc0c26c6b28fd6c8b8142ea52f52eafa7e8c7ac)
2017-04-06BFD-FIB interactionsNeale Ranns3-4/+107
- single-hop BFD: attach a delegate to the appropriate adjacency - multi-hop BFD [not supported yet]: attach a delegate to the FIB entry. adjacency/fib_entry state tracks the BFD session state. when the state is down the object does not contribute forwarding hence and hence dependent objects will not use it. For example, if a route is ECMP via two adjacencies and one of them is BFD down, then only the other is used to forward (i.e. we don't drop half the traffic). Change-Id: I0ef53e20e73b067001a132cd0a3045408811a822 Signed-off-by: Neale Ranns <nranns@cisco.com>
2017-04-05GRE over IPv6Ciara Loftus2-7/+177
Refactors the GRE node to work with both IPv4 and IPv6 transports. Note that this changes the binary configuration API to support both address families; each address uses the same memory for either address type and a flag to indicate which is in use. The CLI and VAT syntax remains unchanged; the code detects whether an IPv4 or an IPv6 address was given. Configuration examples: IPv4 CLI: create gre tunnel src 192.168.1.1 dst 192.168.1.2 IPv6 CLI: create gre tunnel src 2620:124:9000::1 dst 2620:124:9000::2 IPv4 VAT: gre_add_del_tunnel src 192.168.1.1 dst 192.168.1.2 IPv6 VAT: gre_add_del_tunnel src 2620:124:9000::1 dst 2620:124:9000::2 Change-Id: Ica8ee775dc101047fb8cd41617ddc8fafc2741b0 Signed-off-by: Ciara Loftus <ciara.loftus@intel.com>
2017-04-03make test: relax BFD time intervalsKlement Sekera2-8/+10
Increased time intervals mean longer test runs, but also reduce the chance of getting annoying (especially in gerrit) random failures. Now that tests are split into `basic' and `all', the increased runtime of BFD tests (of which majority doesn't run in basic case) doesn't matter too much.. Change-Id: I4a15bb4facad634f123bc9cc6f45eddbf4976fd1 Signed-off-by: Klement Sekera <ksekera@cisco.com>
2017-04-03make test: tweak helper scriptsKlement Sekera2-3/+8
Change-Id: Iee6016757e45c832e8868f0bdcfd4192dd3380c8 Signed-off-by: Klement Sekera <ksekera@cisco.com>
2017-04-02make test: add scripts for easy test loopingKlement Sekera2-0/+122
Allows easy running of test(s) in a loop with configurable action (e.g. git pull) run between test runs and possible email notification on failure. Usage: test-loop.sh [-p <pre-exec-cmd>] [-m <email>] -- <make test options> Example: Run 'make test-debug' in a loop until a failure is encountered, upon which an email is fired to ksekera@cisco.com. In between test runs, update the workspace using via 'git pull' and if anything changed, perform 'git clean' before running another 'make test-debug': test/scripts/test-loop.sh -p test/scripts/git_pull_or_clean.sh \ -m ksekera@cisco.com -- test-debug Change-Id: I114321c6c152d2c7e181e915fc8c51aab1ff3693 Signed-off-by: Klement Sekera <ksekera@cisco.com>
2017-03-30VPP-669: ping: fix coverity check error 165075 + add ping testcaseAndrew Yourtchenko1-0/+118
Fix the bug and add the unit test to start with ping test coverage Change-Id: Ibeacbed1f1660e677faa2dbb2ebe386216693e96 Signed-off-by: Andrew Yourtchenko <ayourtch@gmail.com>
2017-03-29VXLAN:validate mcast encapsulation ip/macEyal Bari2-4/+11
Change-Id: I399257e372f83f4d12dc7873617980af6e46a9bc Signed-off-by: Eyal Bari <ebari@cisco.com>
2017-03-29Sub-net broadcast addresses for IPv4Neale Ranns2-2/+125
Change-Id: Ib2189d01e8bc61de57404159690fb70f89c47277 Signed-off-by: Neale Ranns <nranns@cisco.com>
2017-03-28NAT: Test refactoring to avoid redundant code for verification and creating ↵Martin Gálik1-48/+59
packet streams in additional test cases Change-Id: I2265f8acfa63a7ea920a7cb981819a14806a3d58 Signed-off-by: Martin Gálik <magalik@cisco.com>
2017-03-27make test: properly propagate exit statusKlement Sekera1-1/+2
Change-Id: Ie9f48a0d5e0a9cd08eb8f07d49149eee40f04131 Signed-off-by: Klement Sekera <ksekera@cisco.com>
2017-03-27Mcast rewrite no memcpyNeale Ranns1-2/+0
use a 32bit mask in the adjacency to AND with the IP address and OR into the rewrite. Change-Id: I80b0f246c18fd74f3e43c5d49e25833412f34665 Signed-off-by: Neale Ranns <nranns@cisco.com>
2017-03-24make test: fix broken plugin pathsKlement Sekera1-0/+2
Change-Id: I25a6882ec503fc5bb3694411fbdc2eb1f1e1fafc Signed-off-by: Klement Sekera <ksekera@cisco.com>
2017-03-22make test: support out-of-tree pluginsKlement Sekera2-2/+14
usage: env EXTERN_PLUGINS=/path/to/plugins make test Change-Id: I8eece726dfafeff1cffd921c1e18cd3eb7eb64ed Signed-off-by: Klement Sekera <ksekera@cisco.com>
2017-03-22make test: support out-of-tree testsKlement Sekera2-4/+58
env EXTERN_TESTS="/path/to/extra/tests" make test causes to run the default test set and tests collected from test_*.py files under subtree specified in EXTERN_TESTS. Change-Id: I58c5471dd6010730278a5b47d4318737d920bc28 Signed-off-by: Klement Sekera <ksekera@cisco.com>
2017-03-22SNAT: added actual delete to snat_det_mapMartin1-0/+4
Change-Id: I8187b43129b80fadd90ea493afb922064f79abbe Signed-off-by: Martin <magalik@cisco.com>
2017-03-21ACL plugin 1.2Andrew Yourtchenko1-0/+722
L3 path support, L2+L3 unified processing node, skip IPv6 EH support. Change-Id: Iac37a466ba1c035e5c2997b03c0743bfec5c9a08 Signed-off-by: Andrew Yourtchenko <ayourtch@gmail.com>
2017-03-17Fix IP feature ordering.Neale Ranns6-20/+304
Drop comes before lookup when enabled. is_first_or_last is not required when setting a feature, the anchor is added in find_config_with_features(). Don't make the PG interfaces automatically L3 enabled, this way we can have tests that check the L3 protocol disbaled behaviour. Change-Id: Icef22a920b27ff9cec6ab2da6b05f05c532cb60f Signed-off-by: Neale Ranns <nranns@cisco.com>
2017-03-17Attached hostsNeale Ranns2-12/+166
allow this config to function: set int ip address loop0 169.254.1.1/32 (the default GW address for attached hosts) set int unnumbered af_packet0 use loop0 ('enable' IP on the host interface) ip route add 192.168.1.1/32 via af_packet0 (where to find the host) repeat for each host and host interface. Inter-host communication is throught the /32 routes. To allow this: 1 - attached host routes have the ATTACHED flag set, so the ARP code accepts then as legitimate sources 2 - unnumbered interfaces inherit the source address from the IP interface Change-Id: Ib66c5f0e848c528f79372813adc3a0c11b50717f Signed-off-by: Neale Ranns <nranns@cisco.com>
2017-03-17Adjacency refinement; check the cover's interface against the adjacency'sNeale Ranns1-20/+53
Change-Id: I3fa2f35056b74e479288bb956f2713f727a81c72 Signed-off-by: Neale Ranns <nranns@cisco.com>
2017-03-15Python API: Change from cPython to CFFI.Ole Troan2-2/+2
Change-Id: I03e52466fb3f909ae52b8fba601168f3eadbd972 Signed-off-by: Ole Troan <ot@cisco.com>
2017-03-15No vector allocation during buffer copyNeale Ranns1-9/+38
Change-Id: I7e8556af833ca0e00fadc96dcd2077ff1104541b Signed-off-by: Neale Ranns <nranns@cisco.com>
2017-03-13Add MAC address check in ethernet-input node if interface in L3 modeJohn Lo2-2/+11
Interface can be in promiscuous mode if more than one of its sub- interface is in L2 mode. In promiscuous mode, L3 interface need to verify DMAC of packet to match that of the interface and drop if not. This check was done on sub-interface only and now also added to main interface path. Fix incorrect MAC addresses in the flow-per-pkt plugin test, which caused it to fail. Fix MAC address usage in BFD tests. Change-Id: I12a17ec05c7ab298ad10d400c90d082c97eca521 Signed-off-by: John Lo <loj@cisco.com> Signed-off-by: Klement Sekera <ksekera@cisco.com>
2017-03-13ACL plugin rejects ICMP messages (VPP-624)Pavel Kotucek2-1/+1023
Change-Id: I95113a277b94cce5ff332fcf9f57ec6f385acec0 Signed-off-by: Pavel Kotucek <pkotucek@cisco.com>
2017-03-10Retire vpp_liteDamjan Marion1-1/+3
vpp_lite platform is not needed anymore as same efect can be achieved with following startup.conf config: plugins { plugin dpdk_plugin.so { disable } } Change-Id: I690ea8ceb1c6e1fe32e01e7da54e9958019a93bf Signed-off-by: Damjan Marion <damarion@cisco.com>
2017-03-10Fix MAP-E UT. Add functionality in MAP code to delete the pre-resolved ↵Neale Ranns2-10/+20
next-hops. UT checks for no-leftover-state now pass Change-Id: I9e980ee117c0b6aebc6c7a0fcc153a7c0eaf0c72 Signed-off-by: Neale Ranns <nranns@cisco.com>
2017-03-09make test: temporary disable MAP-E testDamjan Marion1-0/+1
Change-Id: Iee0302a7a4856712f27f97f9cc953b2e9e71698c Signed-off-by: Damjan Marion <damarion@cisco.com>
2017-03-09make test: automatic sanity checkKlement Sekera2-2/+18
Check if vpp_papi is importable before running the tests to avoid confusing python crashes. Change-Id: I6adf406e353bf381d590f2ef988a1ea79b95cf37 Signed-off-by: Klement Sekera <ksekera@cisco.com>
2017-03-09make test: add make test-shell[-debug] targetsKlement Sekera1-0/+13
This starts a bash with the same environment as the test framework uses, allowing easy debugging. Change-Id: I956deda913b73dae5b1e1976417834ae4731f88a Signed-off-by: Klement Sekera <ksekera@cisco.com>
2017-03-09IMplementation for option to not create a FIB table entry when adding a ↵Neale Ranns5-40/+98
neighbor entry Change-Id: I952039e101031ee6a06e63f4c73d8eb359423e1a Signed-off-by: Neale Ranns <nranns@cisco.com>
2017-03-09MAP pre-resolve - use FIB to track pre-resolved next-hopNeale Ranns2-0/+199
Change-Id: I9ea16881caf7aee57f0daf4ac2e8b82c672f87e9 Signed-off-by: Neale Ranns <nranns@cisco.com>
2017-03-09Tests to target holes in adjacency and DPO test coverageNeale Ranns6-15/+281
Change-Id: Ic6ac7e441a7b75baa02f03c1585d1ae00903a399 Signed-off-by: Neale Ranns <nranns@cisco.com>
2017-03-08SNAT: deterministic map dumpMartin2-1/+28
Change-Id: Iead6dc6a0fe15a0b8e148e780c3aeadd0b378824 Signed-off-by: Martin <magalik@cisco.com>
2017-03-08make test: split into basic and extended testsKlement Sekera3-7/+64
Implement plumbing to allow decorating tests as extended, e.g.: @unittest.skipUnless(running_extended_tests(), "part of extended tests") both methods and classes can be decorated this way. Change make test and make test-debug to run only non-extended tests. Introduce make test-all and make test-all-debug to run the full suite. Run full suite as part of make verify. Decorate most BFD tests as extended. Change-Id: I3bc64f59e9fe238f7f767d7e043dc165d03e9dfa Signed-off-by: Klement Sekera <ksekera@cisco.com>
2017-03-08SNAT: user_session_dump is_ip4 and vat unformating addedMartin1-2/+4
Change-Id: I0ffab147c3218a75b7c3bb829983f538c7b637ee Signed-off-by: Martin <magalik@cisco.com>
2017-03-08Proxy ND (RFC4389 - or a sub-set thereof). This allows the 'emulation' of ↵Neale Ranns2-17/+282
bridging. That is hosts in one sub-net reachable via differenet interfaces. Introducate a new API command: ip6 nd proxy <host-address> <interface> this indicates 2 things; 1) that host <host-address> is reachable out of interface <interface>. VPP will thus install that route. 2) NS requests sent to <host-address> will be responeded to (i.e. proxied). Change-Id: I863f967fdb5097ab3b574769c70afdbfc8d5478a Signed-off-by: Neale Ranns <nranns@cisco.com>
2017-03-07DHCP Multiple Servers (VPP-602, VPP-605)Neale Ranns1-44/+312
Multiple DHCP (4 and/or 6) servers can be added and removed through multiple calls to the 'set dhcp server' API. All 4/6/ discover/solicit messages will then be replicated to all servers in the list. The expectation is that the servers/system is configured in such a way that this is viable. If VSS information is providied for the clinet VRF which also has multiple servers configured, then the same VSS information is sent to each server. Likewise the source address of packets sent to from VPP to each server is the same. Change-Id: I3287cb084c84b3f612b78bc69cfcb5b9c1f8934d Signed-off-by: Neale Ranns <nranns@cisco.com>
2017-03-07CGN: Deterministic NAT (VPP-623)Matus Fabian2-0/+100
Inside user is statically mapped to a set of outside ports. Support endpoint dependent mapping to deal with overloading of the outside ports. Change-Id: I8014438744597a976f8ae459283e8b91f63b7f72 Signed-off-by: Matus Fabian <matfabia@cisco.com>
2017-03-07Add setting of tenant VRF id for SNAT addresses (VPP-641)Juraj Sloboda2-3/+74
Change-Id: I9c0bb35ba16e04206ac481495f6638d3763754a1 Signed-off-by: Juraj Sloboda <jsloboda@cisco.com>
2017-03-06make test: reset object registry if vpp diesKlement Sekera2-2/+9
Change-Id: If0e30837e07a21f3912676f5147cb242d3d2b235 Signed-off-by: Klement Sekera <ksekera@cisco.com>
2017-03-06make test: tell vpp to set coredump sizeKlement Sekera2-6/+14
Unless overridden by COREDUMP_SIZE env variable, tell VPP to set coredump size to unlimited, otherwise use $COREDUMP_SIZE as the argument. Change-Id: Ia2a6508207c66a171b33d272c820b1deb4a83e82 Signed-off-by: Klement Sekera <ksekera@cisco.com>
2017-03-06make test: don't run if other vpp process runsKlement Sekera1-2/+22
Check if there are existing vpp processes before running the test suite and refuse to run if there are. This prevents the removal of other test suite temporary files and also makes sure that if the machine is loaded by (zombie) vpp processes, interactive tests (like bfd) won't fail. Change-Id: I88a74098188cb3f51966de5db19d7f80f39e51e2 Signed-off-by: Klement Sekera <ksekera@cisco.com>
2017-03-03IPv6 RA improvementsNeale Ranns4-6/+251
1) tests for RA options 2) memleaks deleteing a ip6_radv_info_t 3) MLD prefix code refactoring Change-Id: I34db103994bd8fbdbbec50b202d72770dd145681 Signed-off-by: Neale Ranns <nranns@cisco.com>
2017-03-03Changing the IP table for an interface is an error if the interface already ↵Neale Ranns6-4/+25
has an address configured (VPP-601) Change-Id: I311fc264f73dd3b2b3ce9d7d1c33cd0515b36c4a Signed-off-by: Neale Ranns <nranns@cisco.com>
2017-03-03python API: work towards python/vpp api separationKlement Sekera1-6/+6
This change improves vpp_papi behaviour by introducing alternate way of calling vpp APIs. The common code is the same: vpp = VPP(...) vpp.connect(...) Calling VPP API is different, instead of deprecated: vpp.show_version() # deprecated one should write vpp.api.show_version() this allows VPP messages like "connect" and "disconnect" to be used, once the old API is dropped (in 17.07). Also part of this patch is a check for name conflict, to prevent VPP object overwriting its own functionality with generated code based on json files. Change-Id: I22e573b6a45f8b2a1f0340c5c2597c194fe42ca4 Signed-off-by: Klement Sekera <ksekera@cisco.com>
2017-03-02SNAT: user's dump and session dump of a certain snat user.magalik2-0/+82
Change-Id: If75a35dbdcb43c1ce0128b8649f2ca3970d3fff5 Signed-off-by: Martin <magalik@cisco.com>
2017-03-02Remove the unused VRF ID parameter from the IP neighbour Add/Del APINeale Ranns4-10/+7
Change-Id: Icf0d72f6af1f98c86f78e586c354515ac69804aa Signed-off-by: Neale Ranns <nranns@cisco.com>
2017-03-02BFD: command line interfaceKlement Sekera4-23/+578
Implement command line interface to the BFD binary APIs. Add corresponding unit tests. Change-Id: Ia0542d0bc4c8d78e6f7b777a08fd94ebfe4d524f Signed-off-by: Klement Sekera <ksekera@cisco.com>
2017-02-27[Proxy] ARP testsNeale Ranns5-0/+587
Change-Id: I40d6d763b55a26cdee0afef85d1acdd19dd10dd6 Signed-off-by: Neale Ranns <nranns@cisco.com>
2017-02-26BFD: echo functionKlement Sekera4-49/+455
Change-Id: Ib1e301d62b687d4e42434239e7cd412065c28da0 Signed-off-by: Klement Sekera <ksekera@cisco.com>