#!/usr/bin/env python3
""" Container integration tests """
import unittest
from config import config
from framework import VppTestCase, VppTestRunner
from scapy.layers.l2 import Ether
from scapy.packet import Raw
from scapy.layers.inet import IP, UDP, TCP
from scapy.packet import Packet
from socket import inet_pton, AF_INET, AF_INET6
from scapy.layers.inet6 import IPv6, ICMPv6Unknown, ICMPv6EchoRequest
from scapy.layers.inet6 import ICMPv6EchoReply, IPv6ExtHdrRouting
from scapy.layers.inet6 import IPv6ExtHdrFragment
from pprint import pprint
from random import randint
from util import L4_Conn
class Conn(L4_Conn):
# for now same as L4_Conn
pass
@unittest.skipUnless(config.extended, "part of extended tests")
class ContainerIntegrationTestCase(VppTestCase):
""" Container integration extended testcases """
@classmethod
def setUpClass(cls):
super(ContainerIntegrationTestCase, cls).setUpClass()
# create pg0 and pg1
cls.create_pg_interfaces(range(2))
for i in cls.pg_interfaces:
i.admin_up()
i.config_ip4()
i.config_ip6()
i.resolve_arp()
i.resolve_ndp()
@classmethod
def tearDownClass(cls):
super(ContainerIntegrationTestCase, cls).tearDownClass()
def tearDown(self):
"""Run standard test teardown and log various show commands
"""
super(ContainerIntegrationTestCase, self).tearDown()
def show_commands_at_teardown(self):
self.logger.info(self.vapi.cli("show ip neighbors"))
def run_basic_conn_test(self, af, acl_side):
""" Basic connectivity test """
conn1 = Conn(self, self.pg0, self.pg1, af, UDP, 42001, 4242)
conn1.send_through(0)
# the return packets should pass
conn1.send_through(1)
def run_negative_conn_test(self, af, acl_side):
""" Packets with local spoofed address """
conn1 = Conn(self, self.pg0, self.pg1, af, UDP, 42001, 4242)
try:
p2 = conn1.send_through(0).command()
except:
# If we asserted while waiting, it's good.
# the conn should have timed out.
p2 = None
self.assert_equal(p2, None, ": packet should have been dropped")
def test_0010_basic_conn_test(self):
""" IPv4 basic connectivity test """
self.run_basic_conn_test(AF_INET, 0)
def test_0011_basic_conn_test(self):
""" IPv6 basic connectivity test """
self.run_basic_conn_test(AF_INET6, 0)
def test_0050_loopback_prepare_test(self):
""" Create loopbacks overlapping with remote addresses """
self.create_loopback_interfaces(2)
for i in range(2):
intf = self.lo_interfaces[i]
intf.admin_up()
intf.local_ip4 = self.pg_interfaces[i].remote_ip4
intf.local_ip4_prefix_len = 32
intf.config_ip4()
intf.local_ip6 = self.pg_interfaces[i].remote_ip6
intf.local_ip6_prefix_len = 128
intf.config_ip6()
def test_0110_basic_conn_test(self):
""" IPv4 local-spoof connectivity test """
self.run_negative_conn_test(AF_INET, 0)
def test_0111_basic_conn_test(self):
""" IPv6 local-spoof connectivity test """
self.run_negative_conn_test(AF_INET, 1)
def test_0200_basic_conn_test(self):
""" Configure container commands """
for i in range(2):
for addr in [self.pg_interfaces[i].remote_ip4,
self.pg_interfaces[i].remote_ip6]:
self.vapi.ppcli("ip container " + addr + " " +
self.pg_interfaces[i].name)
self.vapi.ppcli("stn rule address " + addr +
" interface " + self.pg_interfaces[i].name)
def test_0210_basic_conn_test(self):
""" IPv4 test after configuring container """
self.run_basic_conn_test(AF_INET, 0)
def test_0211_basic_conn_test(self):
""" IPv6 test after configuring container """
self.run_basic_conn_test(AF_INET, 1)
def test_0300_unconfigure_commands(self):
""" Unconfigure container commands """
for i in range(2):
for addr in [self.pg_interfaces[i].remote_ip4,
self.pg_interfaces[i].remote_ip6]:
self.vapi.ppcli("ip container " + addr + " " +
self.pg_interfaces[i].name +
" del")
self.vapi.ppcli("stn rule address " + addr +
" interface " + self.pg_interfaces[i].name +
" del")
def test_0410_spoof_test(self):
""" IPv4 local-spoof after unconfig test """
self.run_negative_conn_test(AF_INET, 0)
def test_0411_spoof_test(self):
""" IPv6 local-spoof after unconfig test """
self.run_negative_conn_test(AF_INET, 1)
