summaryrefslogtreecommitdiffstats
path: root/src/plugins/abf/abf.api
blob: 1cd3da7e5570cf75c2ff7beee855760a3788df70 (plain) 
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141

/* Hey Emacs use -*- mode: C -*- */
/*
 * Copyright (c) 2016 Cisco and/or its affiliates.
 * Licensed under the Apache License, Version 2.0 (the "License");
 * you may not use this file except in compliance with the License.
 * You may obtain a copy of the License at:
 *
 *     http://www.apache.org/licenses/LICENSE-2.0
 *
 * Unless required by applicable law or agreed to in writing, software
 * distributed under the License is distributed on an "AS IS" BASIS,
 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
 * See the License for the specific language governing permissions and
 * limitations under the License.
 */

/** \file
    This file defines the vpp control-plane API messages
    used to control the ABF plugin
*/

option version = "1.0.0";
import "vnet/ip/ip_types.api";
import "vnet/fib/fib_types.api";
import "vnet/interface_types.api";

/** \brief Get the plugin version
    @param client_index - opaque cookie to identify the sender
    @param context - sender context, to match reply w/ request
*/
define abf_plugin_get_version
{
  option status="in_progress";
  u32 client_index;
  u32 context;
};

/** \brief Reply to get the plugin version
    @param context - returned sender context, to match reply w/ request
    @param major - Incremented every time a known breaking behavior change is introduced
    @param minor - Incremented with small changes, may be used to avoid buggy versions
*/
define abf_plugin_get_version_reply
{
  option status="in_progress";
  u32 context;
  u32 major;
  u32 minor;
};

/** \brief A description of an ABF policy
    @param policy_id User chosen Identifier for the policy
    @param acl_index The ACL that the policy will match against
    @param n_paths Number of paths
    @param paths The set of forwarding paths that are being added or removed.
 */
typedef abf_policy
{
  u32 policy_id;
  u32 acl_index;
  u8 n_paths;
  vl_api_fib_path_t paths[n_paths];
};

/** \brief A description of an ABF policy
    @param is_add Is this the addition or removal of paths from the policy
           If the policy does not exist it is created. If the last path
           Is being removed, the policy is deleted
    @param policy The policy
 */
autoreply define abf_policy_add_del
{
  option status="in_progress";
  u32 client_index;
  u32 context;
  bool is_add;
  vl_api_abf_policy_t policy;
};

/** \brief Policy description returned in the dump
 */
define abf_policy_details
{
  option status="in_progress";
  u32 context;
  vl_api_abf_policy_t policy;
};

/** \brief Dump all ABF policies
 */
define abf_policy_dump
{
  option status="in_progress";
  u32 client_index;
  u32 context;
};

/** \brief A description of a policy attachment to an interface
    @param The policy ID to attach
    @param sw_if_index The interface to attach to
    @param priority The priority of the attachment, w.r.t. to other attachments
              on this interface. lower value is 'better'
    @param is_ipv6 Does this attachment apply to IPv6 packets (or IPv4)
*/
typedef abf_itf_attach
{
  u32 policy_id;
  vl_api_interface_index_t sw_if_index;
  u32 priority;
  bool is_ipv6;
};

/** \brief Add or delete a policy attachment to an interface
 */
autoreply define abf_itf_attach_add_del
{
  option status="in_progress";
  u32 client_index;
  u32 context;
  bool is_add;
  vl_api_abf_itf_attach_t attach;
};

/** \brief Attachment details from a dump
 */
define abf_itf_attach_details
{
  option status="in_progress";
  u32 context;
  vl_api_abf_itf_attach_t attach;
};

/** \brief Dump all the policy attachments
 */
define abf_itf_attach_dump
{
  option status="in_progress";
  u32 client_index;
  u32 context;
};
: #fff0f0 } /* Literal.String.Heredoc */ .highlight .si { color: #3333bb; background-color: #fff0f0 } /* Literal.String.Interpol */ .highlight .sx { color: #22bb22; background-color: #f0fff0 } /* Literal.String.Other */ .highlight .sr { color: #008800; background-color: #fff0ff } /* Literal.String.Regex */ .highlight .s1 { color: #dd2200; background-color: #fff0f0 } /* Literal.String.Single */ .highlight .ss { color: #aa6600; background-color: #fff0f0 } /* Literal.String.Symbol */ .highlight .bp { color: #003388 } /* Name.Builtin.Pseudo */ .highlight .fm { color: #0066bb; font-weight: bold } /* Name.Function.Magic */ .highlight .vc { color: #336699 } /* Name.Variable.Class */ .highlight .vg { color: #dd7700 } /* Name.Variable.Global */ .highlight .vi { color: #3333bb } /* Name.Variable.Instance */ .highlight .vm { color: #336699 } /* Name.Variable.Magic */ .highlight .il { color: #0000DD; font-weight: bold } /* Literal.Number.Integer.Long */ } 
#!/usr/bin/env python3

import socket
import unittest
from framework import VppTestCase, VppTestRunner
from template_bd import BridgeDomain

from scapy.layers.l2 import Ether
from scapy.packet import Raw, bind_layers
from scapy.layers.inet6 import IP, IPv6, UDP
from scapy.layers.vxlan import VXLAN

import util
from vpp_ip_route import VppIpRoute, VppRoutePath
from vpp_vxlan_tunnel import VppVxlanTunnel
from vpp_ip import INVALID_INDEX


class TestVxlan6(BridgeDomain, VppTestCase):
    """ VXLAN over IPv6 Test Case """

    def __init__(self, *args):
        BridgeDomain.__init__(self)
        VppTestCase.__init__(self, *args)

    def encapsulate(self, pkt, vni):
        """
        Encapsulate the original payload frame by adding VXLAN header with its
        UDP, IP and Ethernet fields
        """
        return (Ether(src=self.pg0.remote_mac, dst=self.pg0.local_mac) /
                IPv6(src=self.pg0.remote_ip6, dst=self.pg0.local_ip6) /
                UDP(sport=self.dport, dport=self.dport, chksum=0) /
                VXLAN(vni=vni, flags=self.flags) /
                pkt)

    @classmethod
    def ip_range(cls, s, e):
        """ range of remote ip's """
        tmp = cls.pg0.remote_ip6.rsplit(':', 1)[0]
        return ("%s:%x" % (tmp, i) for i in range(s, e))

    def encap_mcast(self, pkt, src_ip, src_mac, vni):
        """
        Encapsulate the original payload frame by adding VXLAN header with its
        UDP, IP and Ethernet fields
        """
        return (Ether(src=src_mac, dst=self.mcast_mac) /
                IPv6(src=src_ip, dst=self.mcast_ip6) /
                UDP(sport=self.dport, dport=self.dport, chksum=0) /
                VXLAN(vni=vni, flags=self.flags) /
                pkt)

    def decapsulate(self, pkt):
        """
        Decapsulate the original payload frame by removing VXLAN header
        """
        # check if is set I flag
        self.assertEqual(pkt[VXLAN].flags, int('0x8', 16))
        return pkt[VXLAN].payload

    # Method for checking VXLAN encapsulation.
    #
    def check_encapsulation(self, pkt, vni, local_only=False, mcast_pkt=False):
        # TODO: add error messages
        # Verify source MAC is VPP_MAC and destination MAC is MY_MAC resolved
        #  by VPP using ARP.
        self.assertEqual(pkt[Ether].src, self.pg0.local_mac)
        if not local_only:
            if not mcast_pkt:
                self.assertEqual(pkt[Ether].dst, self.pg0.remote_mac)
            else:
                self.assertEqual(pkt[Ether].dst, type(self).mcast_mac)
        # Verify VXLAN tunnel source IP is VPP_IP and destination IP is MY_IP.
        self.assertEqual(pkt[IPv6].src, self.pg0.local_ip6)
        if not local_only:
            if not mcast_pkt:
                self.assertEqual(pkt[IPv6].dst, self.pg0.remote_ip6)
            else:
                self.assertEqual(pkt[IPv6].dst, type(self).mcast_ip6)
        # Verify UDP destination port is VXLAN 4789, source UDP port could be
        #  arbitrary.
        self.assertEqual(pkt[UDP].dport, self.dport)
        # Verify UDP checksum
        self.assert_udp_checksum_valid(pkt, ignore_zero_checksum=False)
        # Verify VNI
        self.assertEqual(pkt[VXLAN].vni, vni)

    @classmethod
    def create_vxlan_flood_test_bd(cls, vni, n_ucast_tunnels, port):
        # Create 10 ucast vxlan tunnels under bd
        start = 10
        end = start + n_ucast_tunnels
        for dest_ip6 in cls.ip_range(start, end):
            # add host route so dest ip will not be resolved
            rip = VppIpRoute(cls, dest_ip6, 128,
                             [VppRoutePath(cls.pg0.remote_ip6, INVALID_INDEX)],
                             register=False)
            rip.add_vpp_config()
            r = VppVxlanTunnel(cls, src=cls.pg0.local_ip6,
                               src_port=port, dst_port=port,
                               dst=dest_ip6, vni=vni)
            r.add_vpp_config()
            cls.vapi.sw_interface_set_l2_bridge(r.sw_if_index, bd_id=vni)

    @classmethod
    def add_mcast_tunnels_load(cls):
        cls.add_del_mcast_tunnels_load(is_add=1)

    @classmethod
    def del_mcast_tunnels_load(cls):
        cls.add_del_mcast_tunnels_load(is_add=0)

    # Class method to start the VXLAN test case.
    #  Overrides setUpClass method in VppTestCase class.
    #  Python try..except statement is used to ensure that the tear down of
    #  the class will be executed even if exception is raised.
    #  @param cls The class pointer.
    @classmethod
    def setUpClass(cls):
        super(TestVxlan6, cls).setUpClass()

        try:
            cls.flags = 0x8

            # Create 2 pg interfaces.
            cls.create_pg_interfaces(range(4))
            for pg in cls.pg_interfaces:
                pg.admin_up()

            # Configure IPv6 addresses on VPP pg0.
            cls.pg0.config_ip6()

            # Resolve MAC address for VPP's IP address on pg0.
            cls.pg0.resolve_ndp()

            # Our Multicast address
            cls.mcast_ip6 = 'ff0e::1'
            cls.mcast_mac = util.mcast_ip_to_mac(cls.mcast_ip6)
        except Exception:
            super(TestVxlan6, cls).tearDownClass()
            raise

    @classmethod
    def tearDownClass(cls):
        super(TestVxlan6, cls).tearDownClass()

    def setUp(self):
        super(TestVxlan6, self).setUp()

    def createVxLANInterfaces(self, port=4789):
        # Create VXLAN VTEP on VPP pg0, and put vxlan_tunnel0 and pg1
        #  into BD.
        self.dport = port

        self.single_tunnel_vni = 0x12345
        self.single_tunnel_bd = 1
        r = VppVxlanTunnel(self, src=self.pg0.local_ip6,
                           dst=self.pg0.remote_ip6,
                           src_port=self.dport, dst_port=self.dport,
                           vni=self.single_tunnel_vni)
        r.add_vpp_config()
        self.vapi.sw_interface_set_l2_bridge(rx_sw_if_index=r.sw_if_index,
                                             bd_id=self.single_tunnel_bd)
        self.vapi.sw_interface_set_l2_bridge(
            rx_sw_if_index=self.pg1.sw_if_index, bd_id=self.single_tunnel_bd)

        # Setup vni 2 to test multicast flooding
        self.n_ucast_tunnels = 10
        self.mcast_flood_bd = 2
        self.create_vxlan_flood_test_bd(self.mcast_flood_bd,
                                        self.n_ucast_tunnels,
                                        self.dport)
        r = VppVxlanTunnel(self, src=self.pg0.local_ip6, dst=self.mcast_ip6,
                           src_port=self.dport, dst_port=self.dport,
                           mcast_sw_if_index=1, vni=self.mcast_flood_bd)
        r.add_vpp_config()
        self.vapi.sw_interface_set_l2_bridge(rx_sw_if_index=r.sw_if_index,
                                             bd_id=self.mcast_flood_bd)
        self.vapi.sw_interface_set_l2_bridge(
            rx_sw_if_index=self.pg2.sw_if_index, bd_id=self.mcast_flood_bd)

        # Setup vni 3 to test unicast flooding
        self.ucast_flood_bd = 3
        self.create_vxlan_flood_test_bd(self.ucast_flood_bd,
                                        self.n_ucast_tunnels,
                                        self.dport)
        self.vapi.sw_interface_set_l2_bridge(
            rx_sw_if_index=self.pg3.sw_if_index, bd_id=self.ucast_flood_bd)

        # Set scapy listen custom port for VxLAN
        bind_layers(UDP, VXLAN, dport=self.dport)

    # Method to define VPP actions before tear down of the test case.
    #  Overrides tearDown method in VppTestCase class.
    #  @param self The object pointer.
    def tearDown(self):
        super(TestVxlan6, self).tearDown()

    def show_commands_at_teardown(self):
        self.logger.info(self.vapi.cli("show bridge-domain 1 detail"))
        self.logger.info(self.vapi.cli("show bridge-domain 2 detail"))
        self.logger.info(self.vapi.cli("show bridge-domain 3 detail"))
        self.logger.info(self.vapi.cli("show vxlan tunnel"))

    def encap_fragmented_packet(self):
        frame = (Ether(src='00:00:00:00:00:02', dst='00:00:00:00:00:01') /
                 IP(src='4.3.2.1', dst='1.2.3.4') /
                 UDP(sport=20000, dport=10000) /
                 Raw(b'\xa5' * 1000))

        frags = util.fragment_rfc791(frame, 400)

        self.pg1.add_stream(frags)

        self.pg0.enable_capture()

        self.pg_start()

        out = self.pg0.get_capture(3)

        payload = []
        for pkt in out:
            payload.append(self.decapsulate(pkt))
            self.check_encapsulation(pkt, self.single_tunnel_vni)

        reassembled = util.reassemble4(payload)

        self.assertEqual(Ether(raw(frame))[IP], reassembled[IP])

    """
    Tests with default port (4789)
    """
    def test_decap(self):
        """ Decapsulation test
        from BridgeDoman
        """
        self.createVxLANInterfaces()
        super(TestVxlan6, self).test_decap()

    def test_encap(self):
        """ Encapsulation test
        from BridgeDoman
        """
        self.createVxLANInterfaces()
        super(TestVxlan6, self).test_encap()

    def test_encap_fragmented_packet(self):
        """ Encapsulation test send fragments from pg1
        Verify receipt of encapsulated frames on pg0
        """
        self.createVxLANInterfaces()
        self.encap_fragmented_packet()

    def test_ucast_flood(self):
        """ Unicast flood test
        from BridgeDoman
        """
        self.createVxLANInterfaces()
        super(TestVxlan6, self).test_ucast_flood()

    def test_mcast_flood(self):
        """ Multicast flood test
        from BridgeDoman
        """
        self.createVxLANInterfaces()
        super(TestVxlan6, self).test_mcast_flood()

    def test_mcast_rcv(self):
        """ Multicast receive test
        from BridgeDoman
        """
        self.createVxLANInterfaces()
        super(TestVxlan6, self).test_mcast_rcv()

    """
    Tests with custom port
    """
    def test_decap_custom_port(self):
        """ Decapsulation test custom port
        from BridgeDoman
        """
        self.createVxLANInterfaces(1111)
        super(TestVxlan6, self).test_decap()

    def test_encap_custom_port(self):
        """ Encapsulation test custom port
        from BridgeDoman
        """
        self.createVxLANInterfaces(1111)
        super(TestVxlan6, self).test_encap()

    def test_ucast_flood_custom_port(self):
        """ Unicast flood test custom port
        from BridgeDoman
        """
        self.createVxLANInterfaces(1111)
        super(TestVxlan6, self).test_ucast_flood()

    def test_mcast_flood_custom_port(self):
        """ Multicast flood test custom port
        from BridgeDoman
        """
        self.createVxLANInterfaces(1111)
        super(TestVxlan6, self).test_mcast_flood()

    def test_mcast_rcv_custom_port(self):
        """ Multicast receive test custom port
        from BridgeDoman
        """
        self.createVxLANInterfaces(1111)
        super(TestVxlan6, self).test_mcast_rcv()


if __name__ == '__main__':
    unittest.main(testRunner=VppTestRunner)