#!/usr/bin/env python import binascii import random import socket import unittest import scapy.compat from scapy.contrib.mpls import MPLS from scapy.layers.inet import IP, UDP, TCP, ICMP, icmptypes, icmpcodes from scapy.layers.l2 import Ether, Dot1Q, ARP from scapy.packet import Raw from six import moves from framework import VppTestCase, VppTestRunner from util import ppp from vpp_ip_route import VppIpRoute, VppRoutePath, VppIpMRoute, \ VppMRoutePath, MRouteItfFlags, MRouteEntryFlags, VppMplsIpBind, \ VppMplsTable, VppIpTable from vpp_sub_interface import VppSubInterface, VppDot1QSubint, VppDot1ADSubint NUM_PKTS = 67 class TestIPv4(VppTestCase): """ IPv4 Test Case """ @classmethod def setUpClass(cls): super(TestIPv4, cls).setUpClass() @classmethod def tearDownClass(cls): super(TestIPv4, cls).tearDownClass() def setUp(self): """ Perform test setup before test case. **Config:** - create 3 pg interfaces - untagged pg0 interface - Dot1Q subinterface on pg1 - Dot1AD subinterface on pg2 - setup interfaces: - put it into UP state - set IPv4 addresses - resolve neighbor address using ARP - configure 200 fib entries :ivar list interfaces: pg interfaces and subinterfaces. :ivar dict flows: IPv4 packet flows in test. """ super(TestIPv4, self).setUp() # create 3 pg interfaces self.create_pg_interfaces(range(3)) # create 2 subinterfaces for pg1 and pg2 self.sub_interfaces = [ VppDot1QSubint(self, self.pg1, 100), VppDot1ADSubint(self, self.pg2, 200, 300, 400)] # packet flows mapping pg0 -> pg1.sub, pg2.sub, etc. self.flows = dict() self.flows[self.pg0] = [self.pg1.sub_if, self.pg2.sub_if] self.flows[self.pg1.sub_if] = [self.pg0, self.pg2.sub_if] self.flows[self.pg2.sub_if] = [self.pg0, self.pg1.sub_if] # packet sizes self.pg_if_packet_sizes = [64, 1500, 9020] self.interfaces = list(self.pg_interfaces) self.interfaces.extend(self.sub_interfaces) # setup all interfaces for i in self.interfaces: i.admin_up() i.config_ip4() i.resolve_arp() # config 2M FIB entries self.config_fib_entries(200) def tearDown(self): """Run standard test teardown and log ``show ip arp``.""" super(TestIPv4, self).tearDown() def show_commands_at_teardown(self): self.logger.info(self.vapi.cli("show ip arp")) # info(self.vapi.cli("show ip fib")) # many entries def config_fib_entries(self, count): """For each interface add to the FIB table *count* routes to "10.0.0.1/32" destination with interface's local address as next-hop address. :param int count: Number of FIB entries. - *TODO:* check if the next-hop address shouldn't be remote address instead of local address. """ n_int = len(self.interfaces) percent = 0 counter = 0.0 dest_addr = socket.inet_pton(socket.AF_INET, "10.0.0.1") dest_addr_len = 32 for i in self.interfaces: next_hop_address = i.local_ip4n for j in range(count / n_int): self.vapi.ip_add_del_route(dst_address=dest_addr, dst_address_length=dest_addr_len, next_hop_address=next_hop_address) counter += 1 if counter / count * 100 > percent: self.logger.info("Configure %d FIB entries .. %d%% done" % (count, percent)) percent += 1 def modify_packet(self, src_if, packet_size, pkt): """Add load, set destination IP and extend packet to required packet size for defined interface. :param VppInterface src_if: Interface to create packet for. :param int packet_size: Required packet size. :param Scapy pkt: Packet to be modified. """ dst_if_idx = packet_size / 10 % 2 dst_if = self.flows[src_if][dst_if_idx] info = self.create_packet_info(src_if, dst_if) payload = self.info_to_payload(info) p = pkt/Raw(payload) p[IP].dst = dst_if.remote_ip4 info.data = p.copy() if isinstance(src_if, VppSubInterface): p = src_if.add_dot1_layer(p) self.extend_packet(p, packet_size) return p def create_stream(self, src_if): """Create input packet stream for defined interface. :param VppInterface src_if: Interface to create packet stream for. """ hdr_ext = 4 if isinstance(src_if, VppSubInterface) else 0 pkt_tmpl = (Ether(dst=src_if.local_mac, src=src_if.remote_mac) / IP(src=src_if.remote_ip4) / UDP(sport=1234, dport=1234)) pkts = [self.modify_packet(src_if, i, pkt_tmpl) for i in moves.range(self.pg_if_packet_sizes[0], self.pg_if_packet_sizes[1], 10)] pkts_b = [self.modify_packet(src_if, i, pkt_tmpl) for i in moves.range(self.pg_if_packet_sizes[1] + hdr_ext, self.pg_if_packet_sizes[2] + hdr_ext, 50)] pkts.extend(pkts_b) return pkts def verify_capture(self, dst_if, capture): """Verify captured input packet stream for defined interface. :param VppInterface dst_if: Interface to verify captured packet stream for. :param list capture: Captured packet stream. """ self.logger.info("Verifying capture on interface %s" % dst_if.name) last_info = dict() for i in self.interfaces: last_info[i.sw_if_index] = None is_sub_if = False dst_sw_if_index = dst_if.sw_if_index if hasattr(dst_if, 'parent'): is_sub_if = True for packet in capture: if is_sub_if: # Check VLAN tags and Ethernet header packet = dst_if.remove_dot1_layer(packet) self.assertTrue(Dot1Q not in packet) try: ip = packet[IP] udp = packet[UDP] payload_info = self.payload_to_info(packet[Raw]) packet_index = payload_info.index self.assertEqual(payload_info.dst, dst_sw_if_index) self.logger.debug( "Got packet on port %s: src=%u (id=%u)" % (dst_if.name, payload_info.src, packet_index)) next_info = self.get_next_packet_info_for_interface2( payload_info.src, dst_sw_if_index, last_info[payload_info.src]) last_info[payload_info.src] = next_info self.assertTrue(next_info is not None) self.assertEqual(packet_index, next_info.index) saved_packet = next_info.data # Check standard fields self.assertEqual(ip.src, saved_packet[IP].src) self.assertEqual(ip.dst, saved_packet[IP].dst) self.assertEqual(udp.sport, saved_packet[UDP].sport) self.assertEqual(udp.dport, saved_packet[UDP].dport) except: self.logger.error(ppp("Unexpected or invalid packet:", packet)) raise for i in self.interfaces: remaining_packet = self.get_next_packet_info_for_interface2( i.sw_if_index, dst_sw_if_index, last_info[i.sw_if_index]) self.assertTrue(remaining_packet is None, "Interface %s: Packet expected from interface %s " "didn't arrive" % (dst_if.name, i.name)) def test_fib(self): """ IPv4 FIB test Test scenario: - Create IPv4 stream for pg0 interface - Create IPv4 tagged streams for pg1's and pg2's sub-interface. - Send and verify received packets on each interface. """ pkts = self.create_stream(self.pg0) self.pg0.add_stream(pkts) for i in self.sub_interfaces: pkts = self.create_stream(i) i.parent.add_stream(pkts) self.pg_enable_capture(self.pg_interfaces) self.pg_start() pkts = self.pg0.get_capture() self.verify_capture(self.pg0, pkts) for i in self.sub_interfaces: pkts = i.parent.get_capture() self.verify_capture(i, pkts) class TestICMPEcho(VppTestCase): """ ICMP Echo Test Case """ @classmethod def setUpClass(cls): super(TestICMPEcho, cls).setUpClass() @classmethod def tearDownClass(cls): super(TestICMPEcho, cls).tearDownClass() def setUp(self): super(TestICMPEcho, self).setUp() # create 1 pg interface self.create_pg_interfaces(range(1)) for i in self.pg_interfaces: i.admin_up() i.config_ip4() i.resolve_arp() def tearDown(self): super(TestICMPEcho, self).tearDown() for i in self.pg_interfaces: i.unconfig_ip4() i.admin_down() def test_icmp_echo(self): """ VPP replies to ICMP Echo Request Test scenario: - Receive ICMP Echo Request message on pg0 interface. - Check outgoing ICMP Echo Reply message on pg0 interface. """ icmp_id = 0xb icmp_seq = 5 icmp_load = '\x0a' * 18 p_echo_request = (Ether(src=self.pg0.remote_mac, dst=self.pg0.local_mac) / IP(src=self.pg0.remote_ip4, dst=self.pg0.local_ip4) / ICMP(id=icmp_id, seq=icmp_seq) / Raw(load=icmp_load)) self.pg0.add_stream(p_echo_request) self.pg_enable_capture(self.pg_interfaces) self.pg_start() rx = self.pg0.get_capture(1) rx = rx[0] ether = rx[Ether] ipv4 = rx[IP] icmp = rx[ICMP] self.assertEqual(ether.src, self.pg0.local_mac) self.assertEqual(ether.dst, self.pg0.remote_mac) self.assertEqual(ipv4.src, self.pg0.local_ip4) self.assertEqual(ipv4.dst, self.pg0.remote_ip4) self.assertEqual(icmptypes[icmp.type], "echo-reply") self.assertEqual(icmp.id, icmp_id) self.assertEqual(icmp.seq, icmp_seq) self.assertEqual(icmp[Raw].load, icmp_load) class TestIPv4FibCrud(VppTestCase): """ FIB - add/update/delete - ip4 routes Test scenario: - add 1k, - del 100, - add new 1k, - del 1.5k ..note:: Python API is too slow to add many routes, needs replacement. """ def config_fib_many_to_one(self, start_dest_addr, next_hop_addr, count): """ :param start_dest_addr: :param next_hop_addr: :param count: :return list: added ips with 32 prefix """ added_ips = [] dest_addr = int(binascii.hexlify(socket.inet_pton(socket.AF_INET, start_dest_addr)), 16) dest_addr_len = 32 n_next_hop_addr = socket.inet_pton(socket.AF_INET, next_hop_addr) for _ in range(count): n_dest_addr = binascii.unhexlify('{:08x}'.format(dest_addr)) self.vapi.ip_add_del_route(dst_address=n_dest_addr, dst_address_length=dest_addr_len, next_hop_address=n_next_hop_addr) added_ips.append(socket.inet_ntoa(n_dest_addr)) dest_addr += 1 return added_ips def unconfig_fib_many_to_one(self, start_dest_addr, next_hop_addr, count): removed_ips = [] dest_addr = int(binascii.hexlify(socket.inet_pton(socket.AF_INET, start_dest_addr)), 16) dest_addr_len = 32 n_next_hop_addr = socket.inet_pton(socket.AF_INET, next_hop_addr) for _ in range(count): n_dest_addr = binascii.unhexlify('{:08x}'.format(dest_addr)) self.vapi.ip_add_del_route(dst_address=n_dest_addr, dst_address_length=dest_addr_len, next_hop_address=n_next_hop_addr, is_add=0) removed_ips.append(socket.inet_ntoa(n_dest_addr)) dest_addr += 1 return removed_ips def create_stream(self, src_if, dst_if, dst_ips, count): pkts = [] for _ in range(count): dst_addr = random.choice(dst_ips) info = self.create_packet_info(src_if, dst_if) payload = self.info_to_payload(info) p = (Ether(dst=src_if.local_mac, src=src_if.remote_mac) / IP(src=src_if.remote_ip4, dst=dst_addr) / UDP(sport=1234, dport=1234) / Raw(payload)) info.data = p.copy() self.extend_packet(p, random.choice(self.pg_if_packet_sizes)) pkts.append(p) return pkts def _find_ip_match(self, find_in, pkt): for p in find_in: if self.payload_to_info(p[Raw]) == \ self.payload_to_info(pkt[Raw]): if p[IP].src != pkt[IP].src: break if p[IP].dst != pkt[IP].dst: break if p[UDP].sport != pkt[UDP].sport: break if p[UDP].dport != pkt[UDP].dport: break return p return None @staticmethod def _match_route_detail(route_detail, ip, address_length=32, table_id=0): if route_detail.address == socket.inet_pton(socket.AF_INET, ip): if route_detail.table_id != table_id: return False elif route_detail.address_length != address_length: return False else: return True else: return False def verify_capture(self, dst_interface, received_pkts, expected_pkts): self.assertEqual(len(received_pkts), len(expected_pkts)) to_verify = list(expected_pkts) for p in received_pkts: self.assertEqual(p.src, dst_interface.local_mac) self.assertEqual(p.dst, dst_interface.remote_mac) x = self._find_ip_match(to_verify, p) to_verify.remove(x) self.assertListEqual(to_verify, []) def verify_route_dump(self, fib_dump, ips): def _ip_in_route_dump(ip, fib_dump): return next((route for route in fib_dump if self._match_route_detail(route, ip)), False) for ip in ips: self.assertTrue(_ip_in_route_dump(ip, fib_dump), 'IP {!s} is not in fib dump.'.format(ip)) def verify_not_in_route_dump(self, fib_dump, ips): def _ip_in_route_dump(ip, fib_dump): return next((route for route in fib_dump if self._match_route_detail(route, ip)), False) for ip in ips: self.assertFalse(_ip_in_route_dump(ip, fib_dump), 'IP {!s} is in fib dump.'.format(ip)) @classmethod def setUpClass(cls): """ #. Create and initialize 3 pg interfaces. #. initialize class attributes configured_routes and deleted_routes to store information between tests. """ super(TestIPv4FibCrud, cls).setUpClass() try: # create 3 pg interfaces cls.create_pg_interfaces(range(3)) cls.interfaces = list(cls.pg_interfaces) # setup all interfaces for i in cls.interfaces: i.admin_up() i.config_ip4() i.resolve_arp() cls.configured_routes = [] cls.deleted_routes = [] cls.pg_if_packet_sizes = [64, 512, 1518, 9018] except Exception: super(TestIPv4FibCrud, cls).tearDownClass() raise @classmethod def tearDownClass(cls): super(TestIPv4FibCrud, cls).tearDownClass() def setUp(self): super(TestIPv4FibCrud, self).setUp() self.reset_packet_infos() self.configured_routes = [] self.deleted_routes = [] def test_1_add_routes(self): """ Add 1k routes - add 100 routes check with traffic script. """ # config 1M FIB entries self.configured_routes.extend(self.config_fib_many_to_one( "10.0.0.0", self.pg0.remote_ip4, 100)) fib_dump = self.vapi.ip_fib_dump() self.verify_route_dump(fib_dump, self.configured_routes) self.stream_1 = self.create_stream( self.pg1, self.pg0, self.configured_routes, 100) self.stream_2 = self.create_stream( self.pg2, self.pg0, self.configured_routes, 100) self.pg1.add_stream(self.stream_1) self.pg2.add_stream(self.stream_2) self.pg_enable_capture(self.pg_interfaces) self.pg_start() pkts = self.pg0.get_capture(len(self.stream_1) + len(self.stream_2)) self.verify_capture(self.pg0, pkts, self.stream_1 + self.stream_2) def test_2_del_routes(self): """ Delete 100 routes - delete 10 routes check with traffic script. """ # config 1M FIB entries self.configured_routes.extend(self.config_fib_many_to_one( "10.0.0.0", self.pg0.remote_ip4, 100)) self.deleted_routes.extend(self.unconfig_fib_many_to_one( "10.0.0.10", self.pg0.remote_ip4, 10)) for x in self.deleted_routes: self.configured_routes.remove(x) fib_dump = self.vapi.ip_fib_dump() self.verify_route_dump(fib_dump, self.configured_routes) self.stream_1 = self.create_stream( self.pg1, self.pg0, self.configured_routes, 100) self.stream_2 = self.create_stream( self.pg2, self.pg0, self.configured_routes, 100) self.stream_3 = self.create_stream( self.pg1, self.pg0, self.deleted_routes, 100) self.stream_4 = self.create_stream( self.pg2, self.pg0, self.deleted_routes, 100) self.pg1.add_stream(self.stream_1 + self.stream_3) self.pg2.add_stream(self.stream_2 + self.stream_4) self.pg_enable_capture(self.pg_interfaces) self.pg_start() pkts = self.pg0.get_capture(len(self.stream_1) + len(self.stream_2)) self.verify_capture(self.pg0, pkts, self.stream_1 + self.stream_2) def test_3_add_new_routes(self): """ Add 1k routes - re-add 5 routes check with traffic script. - add 100 routes check with traffic script. """ # config 1M FIB entries self.configured_routes.extend(self.config_fib_many_to_one( "10.0.0.0", self.pg0.remote_ip4, 100)) self.deleted_routes.extend(self.unconfig_fib_many_to_one( "10.0.0.10", self.pg0.remote_ip4, 10)) for x in self.deleted_routes: self.configured_routes.remove(x) tmp = self.config_fib_many_to_one( "10.0.0.10", self.pg0.remote_ip4, 5) self.configured_routes.extend(tmp) for x in tmp: self.deleted_routes.remove(x) self.configured_routes.extend(self.config_fib_many_to_one( "10.0.1.0", self.pg0.remote_ip4, 100)) fib_dump = self.vapi.ip_fib_dump() self.verify_route_dump(fib_dump, self.configured_routes) self.stream_1 = self.create_stream( self.pg1, self.pg0, self.configured_routes, 300) self.stream_2 = self.create_stream( self.pg2, self.pg0, self.configured_routes, 300) self.stream_3 = self.create_stream( self.pg1, self.pg0, self.deleted_routes, 100) self.stream_4 = self.create_stream( self.pg2, self.pg0, self.deleted_routes, 100) self.pg1.add_stream(self.stream_1 + self.stream_3) self.pg2.add_stream(self.stream_2 + self.stream_4) self.pg_enable_capture(self.pg_interfaces) self.pg_start() pkts = self.pg0.get_capture(len(self.stream_1) + len(self.stream_2)) self.verify_capture(self.pg0, pkts, self.stream_1 + self.stream_2) def test_4_del_routes(self): """ Delete 1.5k routes - delete 5 routes check with traffic script. - add 100 routes check with traffic script. """ self.deleted_routes.extend(self.unconfig_fib_many_to_one( "10.0.0.0", self.pg0.remote_ip4, 15)) self.deleted_routes.extend(self.unconfig_fib_many_to_one( "10.0.0.20", self.pg0.remote_ip4, 85)) self.deleted_routes.extend(self.unconfig_fib_many_to_one( "10.0.1.0", self.pg0.remote_ip4, 100)) fib_dump = self.vapi.ip_fib_dump() self.verify_not_in_route_dump(fib_dump, self.deleted_routes) class TestIPNull(VppTestCase): """ IPv4 routes via NULL """ @classmethod def setUpClass(cls): super(TestIPNull, cls).setUpClass() @classmethod def tearDownClass(cls): super(TestIPNull, cls).tearDownClass() def setUp(self): super(TestIPNull, self).setUp() # create 2 pg interfaces self.create_pg_interfaces(range(2)) for i in self.pg_interfaces: i.admin_up() i.config_ip4() i.resolve_arp() def tearDown(self): super(TestIPNull, self).tearDown() for i in self.pg_interfaces: i.unconfig_ip4() i.admin_down() def test_ip_null(self): """ IP NULL route """ # # A route via IP NULL that will reply with ICMP unreachables # ip_unreach = VppIpRoute(self, "10.0.0.1", 32, [], is_unreach=1) ip_unreach.add_vpp_config() p_unreach = (Ether(src=self.pg0.remote_mac, dst=self.pg0.local_mac) / IP(src=self.pg0.remote_ip4, dst="10.0.0.1") / UDP(sport=1234, dport=1234) / Raw('\xa5' * 100)) self.pg0.add_stream(p_unreach) self.pg_enable_capture(self.pg_interfaces) self.pg_start() rx = self.pg0.get_capture(1) rx = rx[0] icmp = rx[ICMP] self.assertEqual(icmptypes[icmp.type], "dest-unreach") self.assertEqual(icmpcodes[icmp.type][icmp.code], "host-unreachable") self.assertEqual(icmp.src, self.pg0.remote_ip4) self.assertEqual(icmp.dst, "10.0.0.1") # # ICMP replies are rate limited. so sit and spin. # self.sleep(1) # # A route via IP NULL that will reply with ICMP prohibited # ip_prohibit = VppIpRoute(self, "10.0.0.2", 32, [], is_prohibit=1) ip_prohibit.add_vpp_config() p_prohibit = (Ether(src=self.pg0.remote_mac, dst=self.pg0.local_mac) / IP(src=self.pg0.remote_ip4, dst="10.0.0.2") / UDP(sport=1234, dport=1234) / Raw('\xa5' * 100)) self.pg0.add_stream(p_prohibit) self.pg_enable_capture(self.pg_interfaces) self.pg_start() rx = self.pg0.get_capture(1) rx = rx[0] icmp = rx[ICMP] self.assertEqual(icmptypes[icmp.type], "dest-unreach") self.assertEqual(icmpcodes[icmp.type][icmp.code], "host-prohibited") self.assertEqual(icmp.src, self.pg0.remote_ip4) self.assertEqual(icmp.dst, "10.0.0.2") def test_ip_drop(self): """ IP Drop Routes """ p = (Ether(src=self.pg0.remote_mac, dst=self.pg0.local_mac) / IP(src=self.pg0.remote_ip4, dst="1.1.1.1") / UDP(sport=1234, dport=1234) / Raw('\xa5' * 100)) r1 = VppIpRoute(self, "1.1.1.0", 24, [VppRoutePath(self.pg1.remote_ip4, self.pg1.sw_if_index)]) r1.add_vpp_config() rx = self.send_and_expect(self.pg0, p * NUM_PKTS, self.pg1) # # insert a more specific as a drop # r2 = VppIpRoute(self, "1.1.1.1", 32, [], is_drop=1) r2.add_vpp_config() self.send_and_assert_no_replies(self.pg0, p * NUM_PKTS, "Drop Route") r2.remove_vpp_config() rx = self.send_and_expect(self.pg0, p * NUM_PKTS, self.pg1) class TestIPDisabled(VppTestCase): """ IPv4 disabled """ @classmethod def setUpClass(cls): super(TestIPDisabled, cls).setUpClass() @classmethod def tearDownClass(cls): super(TestIPDisabled, cls).tearDownClass() def setUp(self): super(TestIPDisabled, self).setUp() # create 2 pg interfaces self.create_pg_interfaces(range(2)) # PG0 is IP enalbed self.pg0.admin_up() self.pg0.config_ip4() self.pg0.resolve_arp() # PG 1 is not IP enabled self.pg1.admin_up() def tearDown(self): super(TestIPDisabled, self).tearDown() for i in self.pg_interfaces: i.unconfig_ip4() i.admin_down() def test_ip_disabled(self): """ IP Disabled """ # # An (S,G). # one accepting interface, pg0, 2 forwarding interfaces # route_232_1_1_1 = VppIpMRoute( self, "0.0.0.0", "232.1.1.1", 32, MRouteEntryFlags.MFIB_ENTRY_FLAG_NONE, [VppMRoutePath(self.pg1.sw_if_index, MRouteItfFlags.MFIB_ITF_FLAG_ACCEPT), VppMRoutePath(self.pg0.sw_if_index, MRouteItfFlags.MFIB_ITF_FLAG_FORWARD)]) route_232_1_1_1.add_vpp_config() pu = (Ether(src=self.pg1.remote_mac, dst=self.pg1.local_mac) / IP(src="10.10.10.10", dst=self.pg0.remote_ip4) / UDP(sport=1234, dport=1234) / Raw('\xa5' * 100)) pm = (Ether(src=self.pg1.remote_mac, dst=self.pg1.local_mac) / IP(src="10.10.10.10", dst="232.1.1.1") / UDP(sport=1234, dport=1234) / Raw('\xa5' * 100)) # # PG1 does not forward IP traffic # self.send_and_assert_no_replies(self.pg1, pu, "IP disabled") self.send_and_assert_no_replies(self.pg1, pm, "IP disabled") # # IP enable PG1 # self.pg1.config_ip4() # # Now we get packets through # self.pg1.add_stream(pu) self.pg_enable_capture(self.pg_interfaces) self.pg_start() rx = self.pg0.get_capture(1) self.pg1.add_stream(pm) self.pg_enable_capture(self.pg_interfaces) self.pg_start() rx = self.pg0.get_capture(1) # # Disable PG1 # self.pg1.unconfig_ip4() # # PG1 does not forward IP traffic # self.send_and_assert_no_replies(self.pg1, pu, "IP disabled") self.send_and_assert_no_replies(self.pg1, pm, "IP disabled") class TestIPSubNets(VppTestCase): """ IPv4 Subnets """ @classmethod def setUpClass(cls): super(TestIPSubNets, cls).setUpClass() @classmethod def tearDownClass(cls): super(TestIPSubNets, cls).tearDownClass() def setUp(self): super(TestIPSubNets, self).setUp() # create a 2 pg interfaces self.create_pg_interfaces(range(2)) # pg0 we will use to experiment self.pg0.admin_up() # pg1 is setup normally self.pg1.admin_up() self.pg1.config_ip4() self.pg1.resolve_arp() def tearDown(self): super(TestIPSubNets, self).tearDown() for i in self.pg_interfaces: i.admin_down() def test_ip_sub_nets(self): """ IP Sub Nets """ # # Configure a covering route to forward so we know # when we are dropping # cover_route = VppIpRoute(self, "10.0.0.0", 8, [VppRoutePath(self.pg1.remote_ip4, self.pg1.sw_if_index)]) cover_route.add_vpp_config() p = (Ether(src=self.pg1.remote_mac, dst=self.pg1.local_mac) / IP(dst="10.10.10.10", src=self.pg0.local_ip4) / UDP(sport=1234, dport=1234) / Raw('\xa5' * 100)) self.pg1.add_stream(p) self.pg_enable_capture(self.pg_interfaces) self.pg_start() rx = self.pg1.get_capture(1) # # Configure some non-/24 subnets on an IP interface # ip_addr_n = socket.inet_pton(socket.AF_INET, "10.10.10.10") self.vapi.sw_interface_add_del_address( sw_if_index=self.pg0.sw_if_index, address=ip_addr_n, address_length=16) pn = (Ether(src=self.pg1.remote_mac, dst=self.pg1.local_mac) / IP(dst="10.10.0.0", src=self.pg0.local_ip4) / UDP(sport=1234, dport=1234) / Raw('\xa5' * 100)) pb = (Ether(src=self.pg1.remote_mac, dst=self.pg1.local_mac) / IP(dst="10.10.255.255", src=self.pg0.local_ip4) / UDP(sport=1234, dport=1234) / Raw('\xa5' * 100)) self.send_and_assert_no_replies(self.pg1, pn, "IP Network address") self.send_and_assert_no_replies(self.pg1, pb, "IP Broadcast address") # remove the sub-net and we are forwarding via the cover again self.vapi.sw_interface_add_del_address( sw_if_index=self.pg0.sw_if_index, address=ip_addr_n, address_length=16, is_add=0) self.pg1.add_stream(pn) self.pg_enable_capture(self.pg_interfaces) self.pg_start() rx = self.pg1.get_capture(1) self.pg1.add_stream(pb) self.pg_enable_capture(self.pg_interfaces) self.pg_start() rx = self.pg1.get_capture(1) # # A /31 is a special case where the 'other-side' is an attached host # packets to that peer generate ARP requests # ip_addr_n = socket.inet_pton(socket.AF_INET, "10.10.10.10") self.vapi.sw_interface_add_del_address( sw_if_index=self.pg0.sw_if_index, address=ip_addr_n, address_length=31) pn = (Ether(src=self.pg1.remote_mac, dst=self.pg1.local_mac) / IP(dst="10.10.10.11", src=self.pg0.local_ip4) / UDP(sport=1234, dport=1234) / Raw('\xa5' * 100)) self.pg1.add_stream(pn) self.pg_enable_capture(self.pg_interfaces) self.pg_start() rx = self.pg0.get_capture(1) rx[ARP] # remove the sub-net and we are forwarding via the cover again self.vapi.sw_interface_add_del_address( sw_if_index=self.pg0.sw_if_index, address=ip_addr_n, address_length=31, is_add=0) self.pg1.add_stream(pn) self.pg_enable_capture(self.pg_interfaces) self.pg_start() rx = self.pg1.get_capture(1) class TestIPLoadBalance(VppTestCase): """ IPv4 Load-Balancing """ @classmethod def setUpClass(cls): super(TestIPLoadBalance, cls).setUpClass() @classmethod def tearDownClass(cls): super(TestIPLoadBalance, cls).tearDownClass() def setUp(self): super(TestIPLoadBalance, self).setUp() self.create_pg_interfaces(range(5)) mpls_tbl = VppMplsTable(self, 0) mpls_tbl.add_vpp_config() for i in self.pg_interfaces: i.admin_up() i.config_ip4() i.resolve_arp() i.enable_mpls() def tearDown(self): for i in self.pg_interfaces: i.disable_mpls() i.unconfig_ip4() i.admin_down() super(TestIPLoadBalance, self).tearDown() def send_and_expect_load_balancing(self, input, pkts, outputs): input.add_stream(pkts) self.pg_enable_capture(self.pg_interfaces) self.pg_start() rxs = [] for oo in outputs: rx = oo._get_capture(1) self.assertNotEqual(0, len(rx)) for r in rx: rxs.append(r) return rxs def send_and_expect_one_itf(self, input, pkts, itf): input.add_stream(pkts) self.pg_enable_capture(self.pg_interfaces) self.pg_start() rx = itf.get_capture(len(pkts)) def test_ip_load_balance(self): """ IP Load-Balancing """ # # An array of packets that differ only in the destination port # port_ip_pkts = [] port_mpls_pkts = [] # # An array of packets that differ only in the source address # src_ip_pkts = [] src_mpls_pkts = [] for ii in range(NUM_PKTS): port_ip_hdr = (IP(dst="10.0.0.1", src="20.0.0.1") / UDP(sport=1234, dport=1234 + ii) / Raw('\xa5' * 
#!/usr/bin/env python

import unittest

from framework import VppTestCase, VppTestRunner
from vpp_ip import DpoProto
from vpp_ip_route import VppIpMRoute, VppMRoutePath, VppMFibSignal, \
    MRouteItfFlags, MRouteEntryFlags, VppIpTable

from scapy.packet import Raw
from scapy.layers.l2 import Ether
from scapy.layers.inet import IP, UDP, getmacbyip
from scapy.layers.inet6 import IPv6, getmacbyip6

#
# The number of packets sent is set to 91 so that when we replicate more than 3
# times, which we do for some entries, we will generate more than 256 packets
# to the next node in the VLIB graph. Thus we are testing the code's
# correctness handling this over-flow.
# It's also an odd number so we hit any single loops.
#
N_PKTS_IN_STREAM = 91


class TestMFIB(VppTestCase):
    """ MFIB Test Case """

    def setUp(self):
        super(TestMFIB, self).setUp()

    def test_mfib(self):
        """ MFIB Unit Tests """
        error = self.vapi.cli("test mfib")

        if error:
            self.logger.critical(error)
        self.assertEqual(error.find("Failed"), -1)


class TestIPMcast(VppTestCase):
    """ IP Multicast Test Case """

    def setUp(self):
        super(TestIPMcast, self).setUp()

        # create 8 pg interfaces
        self.create_pg_interfaces(range(9))

        # setup interfaces
        for i in self.pg_interfaces[:8]:
            i.admin_up()
            i.config_ip4()
            i.config_ip6()
            i.resolve_arp()
            i.resolve_ndp()

        # one more in a vrf
        tbl4 = VppIpTable(self, 10)
        tbl4.add_vpp_config()
        self.pg8.set_table_ip4(10)
        self.pg8.config_ip4()

        tbl6 = VppIpTable(self, 10, is_ip6=1)
        tbl6.add_vpp_config()
        self.pg8.set_table_ip6(10)
        self.pg8.config_ip6()

    def tearDown(self):
        for i in self.pg_interfaces:
            i.unconfig_ip4()
            i.unconfig_ip6()
            i.admin_down()

        self.pg8.set_table_ip4(0)
        self.pg8.set_table_ip6(0)
        super(TestIPMcast, self).tearDown()

    def create_stream_ip4(self, src_if, src_ip, dst_ip, payload_size=0):
        pkts = []
        # default to small packet sizes
        p = (Ether(dst=src_if.local_mac, src=src_if.remote_mac) /
             IP(src=src_ip, dst=dst_ip) /
             UDP(sport=1234, dport=1234))
        if not payload_size:
            payload_size = 64 - len(p)
            p = p / Raw('\xa5' * payload_size)

        for i in range(0, N_PKTS_IN_STREAM):
            pkts.append(p)
        return pkts

    def create_stream_ip6(self, src_if, src_ip, dst_ip):
        pkts = []
        for i in range(0, N_PKTS_IN_STREAM):
            info = self.create_packet_info(src_if, src_if)
            payload = self.info_to_payload(info)
            p = (Ether(dst=src_if.local_mac, src=src_if.remote_mac) /
                 IPv6(src=src_ip, dst=dst_ip) /
                 UDP(sport=1234, dport=1234) /
                 Raw(payload))
            info.data = p.copy()
            pkts.append(p)
        return pkts

    def verify_filter(self, capture, sent):
        if not len(capture) == len(sent):
            # filter out any IPv6 RAs from the captur
            for p in capture:
                if (p.haslayer(IPv6)):
                    capture.remove(p)
        return capture

    def verify_capture_ip4(self, rx_if, sent, dst_mac=None):
        rxd = rx_if.get_capture(len(sent))

        try:
            capture = self.verify_filter(rxd, sent)

            self.assertEqual(len(capture), len(sent))

            for i in range(len(capture)):
                tx = sent[i]
                rx = capture[i]

                eth = rx[Ether]
                self.assertEqual(eth.type, 0x800)

                tx_ip = tx[IP]
                rx_ip = rx[IP]

                if dst_mac is None:
                    dst_mac = getmacbyip(rx_ip.dst)

                # check the MAC address on the RX'd packet is correctly formed
                self.assertEqual(eth.dst, dst_mac)

                self.assertEqual(rx_ip.src, tx_ip.src)
                self.assertEqual(rx_ip.dst, tx_ip.dst)
                # IP processing post pop has decremented the TTL
                self.assertEqual(rx_ip.ttl + 1, tx_ip.ttl)

        except:
            raise

    def verify_capture_ip6(self, rx_if, sent):
        capture = rx_if.get_capture(len(sent))

        self.assertEqual(len(capture), len(sent))

        for i in range(len(capture)):
            tx = sent[i]
            rx = capture[i]

            eth = rx[Ether]
            self.assertEqual(eth.type, 0x86DD)

            tx_ip