import socket import scapy.compat from scapy.layers.inet import IP, UDP from scapy.layers.inet6 import IPv6 from scapy.layers.l2 import Ether, GRE from scapy.packet import Raw from scapy.data import IP_PROTOS from framework import VppTestCase from util import ppp from vpp_ip_route import VppIpRoute, VppRoutePath from vpp_ip import INVALID_INDEX from config import config import unittest """ TestLB is a subclass of VPPTestCase classes. TestLB class defines Load Balancer test cases for: - IP4 to GRE4 encap on per-port vip case - IP4 to GRE6 encap on per-port vip case - IP6 to GRE4 encap on per-port vip case - IP6 to GRE6 encap on per-port vip case - IP4 to L3DSR encap on vip case - IP4 to L3DSR encap on per-port vip case - IP4 to L3DSR encap on per-port vip with src_ip_sticky case - IP4 to NAT4 encap on per-port vip case - IP6 to NAT6 encap on per-port vip case As stated in comments below, GRE has issues with IPv6. All test cases involving IPv6 are executed, but received packets are not parsed and checked. """ @unittest.skipIf("lb" in config.excluded_plugins, "Exclude LB plugin tests") class TestLB(VppTestCase): """Load Balancer Test Case""" @classmethod def setUpClass(cls): super(TestLB, cls).setUpClass() cls.ass = range(5) cls.packets = range(100) try: cls.create_pg_interfaces(range(2)) cls.interfaces = list(cls.pg_interfaces) for i in cls.interfaces: i.admin_up() i.config_ip4() i.config_ip6() i.disable_ipv6_ra() i.resolve_arp() i.resolve_ndp() dst4 = VppIpRoute( cls, "10.0.0.0", 24, [VppRoutePath(cls.pg1.remote_ip4, INVALID_INDEX)], register=False, ) dst4.add_vpp_config() dst6 = VppIpRoute( cls, "2002::", 16, [VppRoutePath(cls.pg1.remote_ip6, INVALID_INDEX)], register=False, ) dst6.add_vpp_config() cls.vapi.lb_conf(ip4_src_address="39.40.41.42", ip6_src_address="2004::1") except Exception: super(TestLB, cls).tearDownClass() raise @classmethod def tearDownClass(cls): super(TestLB, cls).tearDownClass() def tearDown(self): super(TestLB, self).tearDown() def show_commands_at_teardown(self): self.logger.info(self.vapi.cli("show lb vip verbose")) def getIPv4Flow(self, id): return IP( dst="90.0.%u.%u" % (id / 255, id % 255), src="40.0.%u.%u" % (id / 255, id % 255), ) / UDP(sport=10000 + id, dport=20000) def getIPv6Flow(self, id): return IPv6(dst="2001::%u" % (id), src="fd00:f00d:ffff::%u" % (id)) / UDP( sport=10000 + id, dport=20000 ) def generatePackets(self, src_if, isv4): self.reset_packet_infos() pkts = [] for pktid in self.packets: info = self.create_packet_info(src_if, self.pg1) payload = self.info_to_payload(info) ip = self.getIPv4Flow(pktid) if isv4 else self.getIPv6Flow(pktid) packet = ( Ether(dst=src_if.local_mac, src=src_if.remote_mac) / ip / Raw(payload) ) self.extend_packet(packet, 128) info.data = packet.copy() pkts.append(packet) return pkts def checkInner(self, gre, isv4): IPver = IP if isv4 else IPv6 self.assertEqual(gre.proto, 0x0800 if isv4 else 0x86DD) self.assertEqual(gre.flags, 0) self.assertEqual(gre.version, 0) inner = IPver(scapy.compat.raw(gre.payload)) payload_info = self.payload_to_info(inner[Raw]) self.info = self.packet_infos[payload_info.index] self.assertEqual(payload_info.src, self.pg0.sw_if_index) self.assertEqual( scapy.compat.raw(inner), scapy.compat.raw(self.info.data[IPver]) ) def checkCapture(self, encap, isv4, src_ip_sticky=False): self.pg0.assert_nothing_captured() out = self.pg1.get_capture(len(self.packets)) load = [0] * len(self.ass) sticky_as = {} self.info = None for p in out: try: asid = 0 gre = None if encap == "gre4": ip = p[IP] asid = int(ip.dst.split(".")[3]) self.assertEqual(ip.version, 4) self.assertEqual(ip.flags, 0) self.assertEqual(ip.src, "39.40.41.42") self.assertEqual(ip.dst, "10.0.0.%u" % asid) self.assertEqual(ip.proto, 47) self.assertEqual(len(ip.options), 0) gre = p[GRE] self.checkInner(gre, isv4) elif encap == "gre6": ip = p[IPv6] asid = ip.dst.split(":") asid = asid[len(asid) - 1] asid = 0 if asid == "" else int(asid) self.assertEqual(ip.version, 6) self.assertEqual(ip.tc, 0) self.assertEqual(ip.fl, 0) self.assertEqual(ip.src, "2004::1") self.assertEqual( socket.inet_pton(socket.AF_INET6, ip.dst), socket.inet_pton(socket.AF_INET6, "2002::%u" % asid), ) self.assertEqual(ip.nh, 47) # self.assertEqual(len(ip.options), 0) gre = GRE(scapy.compat.raw(p[IPv6].payload)) self.checkInner(gre, isv4) elif encap == "l3dsr": ip = p[IP] asid = int(ip.dst.split(".")[3]) self.assertEqual(ip.version, 4) self.assertEqual(ip.flags, 0) self.assertEqual(ip.dst, "10.0.0.%u" % asid) self.assertEqual(ip.tos, 0x1C) self.assertEqual(len(ip.options), 0) self.assert_ip_checksum_valid(p) if ip.proto == IP_PROTOS.tcp: self.assert_tcp_checksum_valid(p) elif ip.proto == IP_PROTOS.udp: self.assert_udp_checksum_valid(p) elif encap == "nat4": ip = p[IP] asid = int(ip.dst.split(".")[3]) self.assertEqual(ip.version, 4) self.assertEqual(ip.flags, 0) self.assertEqual(ip.dst, "10.0.0.%u" % asid) self.assertEqual(ip.proto, 17) self.assertEqual(len(ip.options), 0) udp = p[UDP] self.assertEqual(udp.dport, 3307) elif encap == "nat6": ip = p[IPv6] asid = ip.dst.split(":") asid = asid[len(asid) - 1] asid = 0 if asid == "" else int(asid) self.assertEqual(ip.version, 6) self.assertEqual(ip.tc, 0) self.assertEqual(ip.fl, 0) self.assertEqual( socket.inet_pton(socket.AF_INET6, ip.dst), socket.inet_pton(socket.AF_INET6, "2002::%u" % asid), ) self.assertEqual(ip.nh, 17) self.assertGreaterEqual(ip.hlim, 63) udp = UDP(scapy.compat.raw(p[IPv6].payload)) self.assertEqual(udp.dport, 3307) load[asid] += 1 # In case of source ip sticky, check that packets with same # src_ip are routed to same as. if src_ip_sticky and sticky_as.get(ip.src, asid) != asid: raise Exception("Packets with same src_ip are routed to another as") sticky_as[ip.src] = asid except: self.logger.error(ppp("Unexpected or invalid packet:", p)) raise # This is just to roughly check that the balancing algorithm # is not completely biased. for asid in self.ass: if load[asid] < int(len(self.packets) / (len(self.ass) * 2)): self.logger.error( "ASS is not balanced: load[%d] = %d" % (asid, load[asid]) ) raise Exception("Load Balancer algorithm is biased") def test_lb_ip4_gre4(self): """Load Balancer IP4 GRE4 on vip case""" try: self.vapi.cli("lb vip 90.0.0.0/8 encap gre4") for asid in self.ass: self.vapi.cli("lb as 90.0.0.0/8 10.0.0.%u" % (asid)) self.pg0.add_stream(self.generatePackets(self.pg0, isv4=True)) self.pg_enable_capture(self.pg_interfaces) self.pg_start() self.checkCapture(encap="gre4", isv4=True) finally: for asid in self.ass: self.vapi.cli("lb as 90.0.0.0/8 10.0.0.%u del" % (asid)) self.vapi.cli("lb vip 90.0.0.0/8 encap gre4 del") self.vapi.cli("test lb flowtable flush") def test_lb_ip6_gre4(self): """Load Balancer IP6 GRE4 on vip case""" try: self.vapi.cli("lb vip 2001::/16 encap gre4") for asid in self.ass: self.vapi.cli("lb as 2001::/16 10.0.0.%u" % (asid)) self.pg0.add_stream(self.generatePackets(self.pg0, isv4=False)) self.pg_enable_capture(self.pg_interfaces) self.pg_start() self.checkCapture(encap="gre4", isv4=False) finally: for asid in self.ass: self.vapi.cli("lb as 2001::/16 10.0.0.%u del" % (asid)) self.vapi.cli("lb vip 2001::/16 encap gre4 del") self.vapi.cli("test lb flowtable flush") def test_lb_ip4_gre6(self): """Load Balancer IP4 GRE6 on vip case""" try: self.vapi.cli("lb vip 90.0.0.0/8 encap gre6") for asid in self.ass: self.vapi.cli("lb as 90.0.0.0/8 2002::%u" % (asid)) self.pg0.add_stream(self.generatePackets(self.pg0, isv4=True)) self.pg_enable_capture(self.pg_interfaces) self.pg_start() self.checkCapture(encap="gre6", isv4=True) finally: for asid in self.ass: self.vapi.cli("lb as 90.0.0.0/8 2002::%u del" % (asid)) self.vapi.cli("lb vip 90.0.0.0/8 encap gre6 del") self.vapi.cli("test lb flowtable flush") def test_lb_ip6_gre6(self): """Load Balancer IP6 GRE6 on vip case""" try: self.vapi.cli("lb vip 2001::/16 encap gre6") for asid in self.ass: self.vapi.cli("lb as 2001::/16 2002::%u" % (asid)) self.pg0.add_stream(self.generatePackets(self.pg0, isv4=False)) self.pg_enable_capture(self.pg_interfaces) self.pg_start() self.checkCapture(encap="gre6", isv4=False) finally: for asid in self.ass: self.vapi.cli("lb as 2001::/16 2002::%u del" % (asid)) self.vapi.cli("lb vip 2001::/16 encap gre6 del") self.vapi.cli("test lb flowtable flush") def test_lb_ip4_gre4_port(self): """Load Balancer IP4 GRE4 on per-port-vip case""" try: self.vapi.cli("lb vip 90.0.0.0/8 protocol udp port 20000 encap gre4") for asid in self.ass: self.vapi.cli( "lb as 90.0.0.0/8 protocol udp port 20000 10.0.0.%u" % (asid) ) self.pg0.add_stream(self.generatePackets(self.pg0, isv4=True)) self.pg_enable_capture(self.pg_interfaces) self.pg_start() self.checkCapture(encap="gre4", isv4=True) finally: for asid in self.ass: self.vapi.cli( "lb as 90.0.0.0/8 protocol udp port 20000 10.0.0.%u del" % (asid) ) self.vapi.cli("lb vip 90.0.0.0/8 protocol udp port 20000 encap gre4 del") self.vapi.cli("test lb flowtable flush") def test_lb_ip6_gre4_port(self): """Load Balancer IP6 GRE4 on per-port-vip case""" try: self.vapi.cli("lb vip 2001::/16 protocol udp port 20000 encap gre4") for asid in self.ass: self.vapi.cli( "lb as 2001::/16 protocol udp port 20000 10.0.0.%u" % (asid) ) self.pg0.add_stream(self.generatePackets(self.pg0, isv4=False)) self.pg_enable_capture(self.pg_interfaces) self.pg_start() self.checkCapture(encap="gre4", isv4=False) finally: for asid in self.ass: self.vapi.cli( "lb as 2001::/16 protocol udp port 20000 10.0.0.%u del" % (asid) ) self.vapi.cli("lb vip 2001::/16 protocol udp port 20000 encap gre4 del") self.vapi.cli("test lb flowtable flush") def test_lb_ip4_gre6_port(self): """Load Balancer IP4 GRE6 on per-port-vip case""" try: self.vapi.cli("lb vip 90.0.0.0/8 protocol udp port 20000 encap gre6") for asid in self.ass: self.vapi.cli( "lb as 90.0.0.0/8 protocol udp port 20000 2002::%u" % (asid) ) self.pg0.add_stream(self.generatePackets(self.pg0, isv4=True)) self.pg_enable_capture(self.pg_interfaces) self.pg_start() self.checkCapture(encap="gre6", isv4=True) finally: for asid in self.ass: self.vapi.cli( "lb as 90.0.0.0/8 protocol udp port 20000 2002::%u del" % (asid) ) self.vapi.cli("lb vip 90.0.0.0/8 protocol udp port 20000 encap gre6 del") self.vapi.cli("test lb flowtable flush") def test_lb_ip6_gre6_port(self): """Load Balancer IP6 GRE6 on per-port-vip case""" try: self.vapi.cli("lb vip 2001::/16 protocol udp port 20000 encap gre6") for asid in self.ass: self.vapi.cli( "lb as 2001::/16 protocol udp port 20000 2002::%u" % (asid) ) self.pg0.add_stream(self.generatePackets(self.pg0, isv4=False)) self.pg_enable_capture(self.pg_interfaces) self.pg_start() self.checkCapture(encap="gre6", isv4=False) finally: for asid in self.ass: self.vapi.cli( "lb as 2001::/16 protocol udp port 20000 2002::%u del" % (asid) ) self.vapi.cli("lb vip 2001::/16 protocol udp port 20000 encap gre6 del") self.vapi.cli("test lb flowtable flush") def test_lb_ip4_l3dsr(self): """Load Balancer IP4 L3DSR on vip case""" try: self.vapi.cli("lb vip 90.0.0.0/8 encap l3dsr dscp 7") for asid in self.ass: self.vapi.cli("lb as 90.0.0.0/8 10.0.0.%u" % (asid)) self.pg0.add_stream(self.generatePackets(self.pg0, isv4=True)) self.pg_enable_capture(self.pg_interfaces) self.pg_start() self.checkCapture(encap="l3dsr", isv4=True) finally: for asid in self.ass: self.vapi.cli("lb as 90.0.0.0/8 10.0.0.%u del" % (asid)) self.vapi.cli("lb vip 90.0.0.0/8 encap l3dsr dscp 7 del") self.vapi.cli("test lb flowtable flush") def test_lb_ip4_l3dsr_src_ip_sticky(self): """Load Balancer IP4 L3DSR on vip with src_ip_sticky case""" try: self.vapi.cli("lb vip 90.0.0.0/8 encap l3dsr dscp 7 src_ip_sticky") for asid in self.ass: self.vapi.cli("lb as 90.0.0.0/8 10.0.0.%u" % (asid)) # Generate duplicated packets pkts = self.generatePackets(self.pg0, isv4=True) pkts = pkts[: len(pkts) // 2] pkts = pkts + pkts self.pg0.add_stream(pkts) self.pg_enable_capture(self.pg_interfaces) self.pg_start() self.checkCapture(encap="l3dsr", isv4=True, src_ip_sticky=True) finally: for asid in self.ass: self.vapi.cli("lb as 90.0.0.0/8 10.0.0.%u del" % (asid)) self.vapi.cli("lb vip 90.0.0.0/8 encap l3dsr dscp 7 src_ip_sticky del") self.vapi.cli("test lb flowtable flush") def test_lb_ip4_l3dsr_port(self): """Load Balancer IP4 L3DSR on per-port-vip case""" try: self.vapi.cli( "lb vip 90.0.0.0/8 protocol udp port 20000 encap l3dsr dscp 7" ) for asid in self.ass: self.vapi.cli( "lb as 90.0.0.0/8 protocol udp port 20000 10.0.0.%u" % (asid) ) self.pg0.add_stream(self.generatePackets(self.pg0, isv4=True)) self.pg_enable_capture(self.pg_interfaces) self.pg_start() self.checkCapture(encap="l3dsr", isv4=True) finally: for asid in self.ass: self.vapi.cli( "lb as 90.0.0.0/8 protocol udp port 20000 10.0.0.%u del" % (asid) ) self.vapi.cli( "lb vip 90.0.0.0/8 protocol udp port 20000 encap l3dsr dscp 7 del" ) self.vapi.cli("test lb flowtable flush") def test_lb_ip4_l3dsr_port_src_ip_sticky(self): """Load Balancer IP4 L3DSR on per-port-vip with src_ip_sticky case""" try: # This VIP at port 1000 does not receive packets, but is defined # as a dummy to verify that the src_ip_sticky flag can be set # independently for each port. self.vapi.cli( "lb vip 90.0.0.0/8 protocol udp port 10000 encap l3dsr dscp 7" ) self.vapi.cli( "lb vip 90.0.0.0/8 protocol udp port 20000 encap l3dsr dscp 7 src_ip_sticky" ) for asid in self.ass: self.vapi.cli( "lb as 90.0.0.0/8 protocol udp port 20000 10.0.0.%u" % (asid) ) # Generate duplicated packets pkts = self.generatePackets(self.pg0, isv4=True) pkts = pkts[: len(pkts) // 2] pkts = pkts + pkts self.pg0.add_stream(pkts) self.pg_enable_capture(self.pg_interfaces) self.pg_start() self.checkCapture(encap="l3dsr", isv4=True, src_ip_sticky=True) finally: for asid in self.ass: self.vapi.cli( "lb as 90.0.0.0/8 protocol udp port 20000 10.0.0.%u del" % (asid) ) self.vapi.cli( "lb vip 90.0.0.0/8 protocol udp port 20000 encap l3dsr dscp 7 src_ip_sticky del" ) self.vapi.cli( "lb vip 90.0.0.0/8 protocol udp port 10000 encap l3dsr dscp 7 del" ) self.vapi.cli("test lb flowtable flush") def test_lb_ip4_nat4_port(self): """Load Balancer IP4 NAT4 on per-port-vip case""" try: self.vapi.cli( "lb vip 90.0.0.0/8 protocol udp port 20000 encap nat4" " type clusterip target_port 3307" ) for asid in self.ass: self.vapi.cli( "lb as 90.0.0.0/8 protocol udp port 20000 10.0.0.%u" % (asid) ) self.pg0.add_stream(self.generatePackets(self.pg0, isv4=True)) self.pg_enable_capture(self.pg_interfaces) self.pg_start() self.checkCapture(encap="nat4", isv4=True) finally: for asid in self.ass: self.vapi.cli( "lb as 90.0.0.0/8 protocol udp port 20000 10.0.0.%u del" % (asid) ) self.vapi.cli( "lb vip 90.0.0.0/8 protocol udp port 20000 encap nat4" " type clusterip target_port 3307 del" ) self.vapi.cli("test lb flowtable flush") def test_lb_ip6_nat6_port(self): """Load Balancer IP6 NAT6 on per-port-vip case""" try: self.vapi.cli( "lb vip 2001::/16 protocol udp port 20000 encap nat6" " type clusterip target_port 3307" ) for asid in self.ass: self.vapi.cli( "lb as 2001::/16 protocol udp port 20000 2002::%u" % (asid) ) self.pg0.add_stream(self.generatePackets(self.pg0, isv4=False)) self.pg_enable_capture(self.pg_interfaces) self.pg_start() self.checkCapture(encap="nat6", isv4=False) finally: for asid in self.ass: self.vapi.cli( "lb as 2001::/16 protocol udp port 20000 2002::%u del" % (asid) ) self.vapi.cli( "lb vip 2001::/16 protocol udp port 20000 encap nat6" " type clusterip target_port 3307 del" ) self.vapi.cli("test lb flowtable flush")