# Release Notes {#release_notes} * @subpage release_notes_2106 * @subpage release_notes_2101 * @subpage release_notes_2009 * @subpage release_notes_20051 * @subpage release_notes_2005 * @subpage release_notes_2001 * @subpage release_notes_19083 * @subpage release_notes_19082 * @subpage release_notes_19081 * @subpage release_notes_1908 * @subpage release_notes_19043 * @subpage release_notes_19042 * @subpage release_notes_19041 * @subpage release_notes_1904 * @subpage release_notes_19013 * @subpage release_notes_19012 * @subpage release_notes_19011 * @subpage release_notes_1901 * @subpage release_notes_1810 * @subpage release_notes_1807 * @subpage release_notes_1804 * @subpage release_notes_18012 * @subpage release_notes_18011 * @subpage release_notes_1801 * @subpage release_notes_1710 * @subpage release_notes_1707 * @subpage release_notes_1704 * @subpage release_notes_17011 * @subpage release_notes_1701 * @subpage release_notes_1609 * @subpage release_notes_1606 @page release_notes_2106 Release notes for VPP 21.06 TBD @page release_notes_2101 Release notes for VPP 21.01 TBD @page release_notes_2009 Release notes for VPP 20.09 More than 458 commits since the previous release, including 266 fixes. ## Release Highlights The FD.io VPP 20.09 release added a number of notable new features. In plugins, the I/O layer added support for the Linux AF\_XDP interface with the AF\_XDP plugin. New plugins where added supporting both the Wireguard security protocol and CNAT destination based address translation, and the existing IKEv2 plugin added support for NAT-T. In the cryptography layer, support was added for synchronous software crypto engines, enabling users to allocate dedicated crypto worker threads. The flow layer added support for steering IPSEC ESP/AH flows to worker threads. GRO support was added to the packet coalescing library. This release introduces the new FD.io VPP API change policy to ensure backwards-compatibility. The policy will ensure seamless upgrades to new versions of FD.io VPP in future, provided no "in-progress" or deprecated APIs are in use. Enabling the FD.io community to enjoy the benefits of new releases, while minimizing the work involved in staying current. If you dive into the implementation, you will note that policy in action. A number of modified API messages have had their original versions maintained to ensure compatibility. Reflecting the new policy we added two new sections to the release notes describing: - Newly deprecated API messages: please note that if you are using a deprecated message, they will soon be removed in a subsequent release. Collaborate with the feature maintainer on the best approach to mitigate. - In-progress API messages: They are work-in-progress, and are *not* subject to the policy, and may change or even be removed at any time. Please collaborate with the feature maintainer on plans to productize the message before using in any product. In-progress APIs must eventually become stable or be removed. ## Features - VNET - Crypto Infra - Add chacha20-poly1305 algo (61f49aa38) - Asynchronous crypto engines (2284817ea) - Add asynchronous crypto APIs (0c936b147) - Added support for optimized cryptodev API (ef80ad6bf) - FLOW - Added ability to steer IPSec ESP/AH flows to worker threads (d4c3666b9) - Added the vnet/flow API (d0236f725) - GENEVE - Support geneve interface acting as a bvi (7fc88cf3a) - GSO - Added software GRO support (f382b06fe) - IPSec - Dedicated IPSec interface type (dd4ccf262) - Deprecate old interface API (e6df80de4) - Interface Common - Support configuring RSS steering queues (c4665093c) - Native Virtio Drivers - Add vhost sw\_if\_index filter for sw\_interface\_vhost\_user\_dump (a0e8d9669) - Add modern device support (379aac395) - Add virtio 1.1 api flags (518251bc8) - TAP Drivers - Add gro support (9e2a78564) - Add virtio 1.1 API flag (50bd16559) - TCP - Track reorder with selective acknowledgments (cc4d6d022) - Plugins - AF\_XDP driver - New plugin for Linux AF\_XDP input (4a76d6f6d) - CNat - New plugin for destination based NAT (29f3c7d2e) - Wireguard - New plugin, initial implementation of wireguard protocol (edca1325c) - Crypto - OpenSSL - Add chacha20-poly1305 support to crypto-openssl (1b6ed022e) - DPDK - Device\_id sorted order for cryptodev (5a849e3b3) - Call the meson-based build instead of Makefiles (73903d7e8) - Internet Key Exchange (IKEv2) Protocol - Add support for NAT traversal (NAT-T) (4362baa33) - Add profile dump API (6a9bd8188) - Add support for AES-GCM cipher in IKE (a7b963df2) - Add SA dump API (a340fe1ac) - Network Delay Simulator - Basic reorder support (e6c3e8f0e) - VPP Comms Library - Nest vcl\_mq\_epfd to support epoll\_wait without high CPU usage (4266d4d5f) - Support connected udp listens (1e96617d9) - Support inter worker rpc (40c07ce7a) - Support multi-threads with session migration (a3a489691) - Vector Library - Add recursive macro expander to debug cli (961e3c842) - Binary API Libraries - Add new stream message convention (f5db3711b) - Make VPP api handlers endian independent (e796a1873) - Infrastructure Library - Multiarch support for OCTEONTX2 SoC (e2f5236dc) ## Known issues For the full list of issues please refer to fd.io [JIRA](https://jira.fd.io). ## Fixed issues For the full list of fixed issues please refer to: - fd.io [JIRA](https://jira.fd.io) - git [commit log](https://git.fd.io/vpp/log/?h=stable/2009) ## API changes Description of results: * _Definition changed_: indicates that the API file was modified between releases. * _Only in image_: indicates the API is new for this release. * _Only in file_: indicates the API has been removed in this release. Message Name | Result -------------------------------------------------------------|------------------ adl_allowlist_enable_disable | only in image adl_allowlist_enable_disable_reply | only in image adl_interface_enable_disable | only in image adl_interface_enable_disable_reply | only in image bond_add_member | only in image bond_add_member_reply | only in image bond_create2 | only in image bond_create2_reply | only in image bond_detach_member | only in image bond_detach_member_reply | only in image cnat_add_del_snat_prefix | only in image cnat_add_del_snat_prefix_reply | only in image cnat_session_details | only in image cnat_session_dump | only in image cnat_session_purge | only in image cnat_session_purge_reply | only in image cnat_set_snat_addresses | only in image cnat_set_snat_addresses_reply | only in image cnat_translation_del | only in image cnat_translation_del_reply | only in image cnat_translation_details | only in image cnat_translation_dump | only in image cnat_translation_update | only in image cnat_translation_update_reply | only in image crypto_set_async_dispatch | only in image crypto_set_async_dispatch_reply | only in image crypto_set_handler | only in image crypto_set_handler_reply | only in image crypto_sw_scheduler_set_worker | only in image crypto_sw_scheduler_set_worker_reply | only in image det44_add_del_map | only in image det44_add_del_map_reply | only in image det44_close_session_in | only in image det44_close_session_in_reply | only in image det44_close_session_out | only in image det44_close_session_out_reply | only in image det44_forward | only in image det44_forward_reply | only in image det44_get_timeouts | only in image det44_get_timeouts_reply | only in image det44_interface_add_del_feature | only in image det44_interface_add_del_feature_reply | only in image det44_interface_details | only in image det44_interface_dump | only in image det44_map_details | only in image det44_map_dump | only in image det44_plugin_enable_disable | only in image det44_plugin_enable_disable_reply | only in image det44_reverse | only in image det44_reverse_reply | only in image det44_session_details | only in image det44_session_dump | only in image det44_set_timeouts | only in image det44_set_timeouts_reply | only in image flow_add | only in image flow_add_reply | only in image flow_del | only in image flow_del_reply | only in image flow_disable | only in image flow_disable_reply | only in image flow_enable | only in image flow_enable_reply | only in image geneve_add_del_tunnel2 | only in image geneve_add_del_tunnel2_reply | only in image gtpu_add_del_tunnel | definition changed gtpu_tunnel_details | definition changed gtpu_tunnel_update_tteid | only in image gtpu_tunnel_update_tteid_reply | only in image ikev2_child_sa_details | only in image ikev2_child_sa_dump | only in image ikev2_nonce_get | only in image ikev2_nonce_get_reply | only in image ikev2_profile_details | only in image ikev2_profile_dump | only in image ikev2_profile_set_ts | definition changed ikev2_sa_details | only in image ikev2_sa_dump | only in image ikev2_set_esp_transforms | definition changed ikev2_set_ike_transforms | definition changed ikev2_set_responder | definition changed ikev2_traffic_selector_details | only in image ikev2_traffic_selector_dump | only in image ipsec_itf_create | only in image ipsec_itf_create_reply | only in image ipsec_itf_delete | only in image ipsec_itf_delete_reply | only in image ipsec_itf_details | only in image ipsec_itf_dump | only in image ipsec_set_async_mode | only in image ipsec_set_async_mode_reply | only in image map_domains_get | only in image map_domains_get_reply | only in image nat44_add_del_static_mapping_v2 | only in image nat44_add_del_static_mapping_v2_reply | only in image nat_show_config_2 | only in image nat_show_config_2_reply | only in image nsim_configure2 | only in image nsim_configure2_reply | only in image pg_interface_enable_disable_coalesce | only in image pg_interface_enable_disable_coalesce_reply | only in image sr_policies_with_sl_index_details | only in image sr_policies_with_sl_index_dump | only in image sw_bond_interface_details | only in image sw_bond_interface_dump | only in image sw_member_interface_details | only in image sw_member_interface_dump | only in image trace_details | only in image trace_dump | only in image trace_dump_reply | only in image virtio_pci_create_v2 | only in image virtio_pci_create_v2_reply | only in image wireguard_interface_create | only in image wireguard_interface_create_reply | only in image wireguard_interface_delete | only in image wireguard_interface_delete_reply | only in image wireguard_interface_details | only in image wireguard_interface_dump | only in image wireguard_peer_add | only in image wireguard_peer_add_reply | only in image wireguard_peer_remove | only in image wireguard_peer_remove_reply | only in image wireguard_peers_details | only in image wireguard_peers_dump | only in image Found 123 api message signature differences ### Newly deprecated API messages These messages are still there in the API, but can and probably will disappear in the next release. - bond_create - bond_detach_slave - bond_detach_slave_reply - bond_enslave - cop_interface_enable_disable - cop_interface_enable_disable_reply - cop_whitelist_enable_disable - cop_whitelist_enable_disable_reply - geneve_add_del_tunnel - ipsec_tunnel_if_add_del - ipsec_tunnel_if_set_sa - ipsec_tunnel_if_set_sa_reply - map_domain_dump - nat_det_add_del_map - nat_det_add_del_map_reply - nat_det_close_session_in - nat_det_close_session_in_reply - nat_det_close_session_out - nat_det_close_session_out_reply - nat_det_forward - nat_det_forward_reply - nat_det_map_details - nat_det_map_dump - nat_det_reverse - nat_det_reverse_reply - nat_det_session_details - nat_det_session_dump - nat_show_config - nsim_configure - nsim_configure_reply - sw_interface_bond_dump - sw_interface_slave_dump - virtio_pci_create - virtio_pci_create_reply ### In-progress API messages These messages are provided for testing and experimentation only. They are *not* subject to any compatibility process, and therefore can arbitrarily change or disappear at *any* moment. Also they may have less than satisfactory testing, making them unsuitable for other use than the technology preview. If you are intending to use these messages in production projects, please collaborate with the feature maintainer on their productization. - abf_itf_attach_add_del - abf_itf_attach_add_del_reply - abf_itf_attach_details - abf_itf_attach_dump - abf_plugin_get_version - abf_plugin_get_version_reply - abf_policy_add_del - abf_policy_add_del_reply - abf_policy_details - abf_policy_dump - adl_allowlist_enable_disable - adl_allowlist_enable_disable_reply - adl_interface_enable_disable - adl_interface_enable_disable_reply - af_xdp_create - af_xdp_create_reply - af_xdp_delete - af_xdp_delete_reply - cnat_add_del_snat_prefix - cnat_add_del_snat_prefix_reply - cnat_session_details - cnat_session_dump - cnat_session_purge - cnat_session_purge_reply - cnat_set_snat_addresses - cnat_set_snat_addresses_reply - cnat_translation_del - cnat_translation_del_reply - cnat_translation_details - cnat_translation_dump - cnat_translation_update - cnat_translation_update_reply - crypto_sw_scheduler_set_worker - crypto_sw_scheduler_set_worker_reply - det44_get_timeouts_reply - det44_interface_add_del_feature - det44_interface_add_del_feature_reply - det44_interface_details - det44_interface_dump - det44_plugin_enable_disable - det44_plugin_enable_disable_reply - det44_set_timeouts - det44_set_timeouts_reply - flow_add - flow_add_reply - flow_del - flow_del_reply - flow_disable - flow_disable_reply - flow_enable - flow_enable_reply - gbp_bridge_domain_add - gbp_bridge_domain_add_reply - gbp_bridge_domain_del - gbp_bridge_domain_del_reply - gbp_bridge_domain_details - gbp_bridge_domain_dump - gbp_bridge_domain_dump_reply - gbp_contract_add_del - gbp_contract_add_del_reply - gbp_contract_details - gbp_contract_dump - gbp_endpoint_add - gbp_endpoint_add_reply - gbp_endpoint_del - gbp_endpoint_del_reply - gbp_endpoint_details - gbp_endpoint_dump - gbp_endpoint_group_add - gbp_endpoint_group_add_reply - gbp_endpoint_group_del - gbp_endpoint_group_del_reply - gbp_endpoint_group_details - gbp_endpoint_group_dump - gbp_ext_itf_add_del - gbp_ext_itf_add_del_reply - gbp_ext_itf_details - gbp_ext_itf_dump - gbp_recirc_add_del - gbp_recirc_add_del_reply - gbp_recirc_details - gbp_recirc_dump - gbp_route_domain_add - gbp_route_domain_add_reply - gbp_route_domain_del - gbp_route_domain_del_reply - gbp_route_domain_details - gbp_route_domain_dump - gbp_route_domain_dump_reply - gbp_subnet_add_del - gbp_subnet_add_del_reply - gbp_subnet_details - gbp_subnet_dump - gbp_vxlan_tunnel_add - gbp_vxlan_tunnel_add_reply - gbp_vxlan_tunnel_del - gbp_vxlan_tunnel_del_reply - gbp_vxlan_tunnel_details - gbp_vxlan_tunnel_dump - ikev2_child_sa_details - ikev2_child_sa_dump - ikev2_initiate_del_child_sa - ikev2_initiate_del_child_sa_reply - ikev2_initiate_del_ike_sa - ikev2_initiate_del_ike_sa_reply - ikev2_initiate_rekey_child_sa - ikev2_initiate_rekey_child_sa_reply - ikev2_initiate_sa_init - ikev2_initiate_sa_init_reply - ikev2_nonce_get - ikev2_nonce_get_reply - ikev2_profile_add_del - ikev2_profile_add_del_reply - ikev2_profile_details - ikev2_profile_dump - ikev2_profile_set_auth - ikev2_profile_set_auth_reply - ikev2_profile_set_id - ikev2_profile_set_id_reply - ikev2_profile_set_ipsec_udp_port - ikev2_profile_set_ipsec_udp_port_reply - ikev2_profile_set_liveness - ikev2_profile_set_liveness_reply - ikev2_profile_set_ts - ikev2_profile_set_ts_reply - ikev2_profile_set_udp_encap - ikev2_profile_set_udp_encap_reply - ikev2_sa_details - ikev2_sa_dump - ikev2_set_esp_transforms - ikev2_set_esp_transforms_reply - ikev2_set_ike_transforms - ikev2_set_ike_transforms_reply - ikev2_set_local_key - ikev2_set_local_key_reply - ikev2_set_responder - ikev2_se
#!/usr/bin/env python
import unittest
from scapy.packet import Raw
from scapy.layers.l2 import Ether, Dot1Q, GRE
from scapy.layers.inet import IP, UDP
from scapy.layers.vxlan import VXLAN
from framework import VppTestCase, VppTestRunner
from util import Host, ppp
from vpp_sub_interface import VppDot1QSubint, VppDot1ADSubint
from vpp_gre_interface import VppGreInterface, VppGre6Interface
from vpp_papi_provider import L2_VTR_OP
from collections import namedtuple
Tag = namedtuple('Tag', ['dot1', 'vlan'])
DOT1AD = 0x88A8
DOT1Q = 0x8100
class TestSpan(VppTestCase):
""" SPAN Test Case """
@classmethod
def setUpClass(cls):
super(TestSpan, cls).setUpClass()
# Test variables
cls.hosts_nr = 10 # Number of hosts
cls.pkts_per_burst = 257 # Number of packets per burst
# create 3 pg interfaces
cls.create_pg_interfaces(range(3))
cls.bd_id = 55
cls.sub_if = VppDot1QSubint(cls, cls.pg0, 100)
cls.dst_sub_if = VppDot1QSubint(cls, cls.pg2, 300)
cls.dst_sub_if.set_vtr(L2_VTR_OP.L2_POP_1, tag=300)
# packet flows mapping pg0 -> pg1, pg2 -> pg3, etc.
cls.flows = dict()
cls.flows[cls.pg0] = [cls.pg1]
# packet sizes
cls.pg_if_packet_sizes = [64, 512] # , 1518, 9018]
cls.interfaces = list(cls.pg_interfaces)
# Create host MAC and IPv4 lists
# cls.MY_MACS = dict()
# cls.MY_IP4S = dict()
cls.create_host_lists(cls.hosts_nr)
# setup all interfaces
for i in cls.interfaces:
i.admin_up()
i.config_ip4()
i.resolve_arp()
cls.vxlan = cls.vapi.vxlan_add_del_tunnel(
src_addr=cls.pg2.local_ip4n,
dst_addr=cls.pg2.remote_ip4n,
vni=1111,
is_add=1)
def setUp(self):
super(TestSpan, self).setUp()
self.reset_packet_infos()
def tearDown(self):
super(TestSpan, self).tearDown()
if not self.vpp_dead:
self.logger.info(self.vapi.ppcli("show interface span"))
def xconnect(self, a, b, is_add=1):
self.vapi.sw_interface_set_l2_xconnect(a, b, enable=is_add)
self.vapi.sw_interface_set_l2_xconnect(b, a, enable=is_add)
def bridge(self, sw_if_index, is_add=1):
self.vapi.sw_interface_set_l2_bridge(
sw_if_index, bd_id=self.bd_id, enable=is_add)
def _remove_tag(self, packet, vlan, tag_type):
self.assertEqual(packet.type, tag_type)
payload = packet.payload
self.assertEqual(payload.vlan, vlan)
inner_type = payload.type
payload = payload.payload
packet.remove_payload()
packet.add_payload(payload)
packet.type = inner_type
def remove_tags(self, packet, tags):
for t in tags:
self._remove_tag(packet, t.vlan, t.dot1)
return packet
def decap_gre(self, pkt):
"""
Decapsulate the original payload frame by removing GRE header
"""
self.assertEqual(pkt[Ether].src, self.pg2.local_mac)
self.assertEqual(pkt[Ether].dst, self.pg2.remote_mac)
self.assertEqual(pkt[IP].src, self.pg2.local_ip4)
self.assertEqual(pkt[IP].dst, self.pg2.remote_ip4)
return pkt[GRE].payload
def decap_vxlan(self, pkt):
"""
Decapsulate the original payload frame by removing VXLAN header
"""
self.assertEqual(pkt[Ether].src, self.pg2.local_mac)
self.assertEqual(pkt[Ether].dst, self.pg2.remote_mac)
self.assertEqual(pkt[IP].src, self.pg2.local_ip4)
self.assertEqual(pkt[IP].dst, self.pg2.remote_ip4)
return pkt[VXLAN].payload
@classmethod
def create_host_lists(self, count):
""" Method to create required number of MAC and IPv4 addresses.
Create required number of host MAC addresses and distribute them among
interfaces. Create host IPv4 address for every host MAC address too.
:param count: Number of hosts to create MAC and IPv4 addresses for.
"""
# mapping between packet-generator index and lists of test hosts
self.hosts_by_pg_idx = dict()
for pg_if in self.pg_interfaces:
# self.MY_MACS[i.sw_if_index] = []
# self.MY_IP4S[i.sw_if_index] = []
self.hosts_by_pg_idx[pg_if.sw_if_index] = []
hosts = self.hosts_by_pg_idx[pg_if.sw_if_index]
for j in range(0, count):
host = Host(
"00:00:00:ff:%02x:%02x" % (pg_if.sw_if_index, j),
"172.17.1%02x.%u" % (pg_if.sw_if_index, j))
hosts.append(host)
def create_stream(self, src_if, packet_sizes, do_dot1=False):
pkts = []
for i in range(0, self.pkts_per_burst):
dst_if = self.flows[src_if][0]
pkt_info = self.create_packet_info(src_if, dst_if)
payload = self.info_to_payload(pkt_info)
p = (Ether(dst=src_if.local_mac, src=src_if.remote_mac) /
IP(src=src_if.remote_ip4, dst=dst_if.remote_ip4) /
UDP(sport=1234, dport=1234) /
Raw(payload))
if do_dot1:
p = self.sub_if.add_dot1_layer(p)
pkt_info.data = p.copy()
size = packet_sizes[(i / 2) % len(packet_sizes)]
self.extend_packet(p, size)
pkts.append(p)
return pkts
def verify_capture(self, dst_if, capture_pg1, capture_pg2):
last_info = dict()
for i in self.interfaces:
last_info[i.sw_if_index] = None
dst_sw_if_index = dst_if.sw_if_index
self.assertEqual(
len(capture_pg1),
len(capture_pg2),
"Different number of outgoing and mirrored packets : %u != %u" %
(len(capture_pg1),
len(capture_pg2)))
for pkt_pg1, pkt_pg2 in zip(capture_pg1, capture_pg2):
try:
ip1 = pkt_pg1[IP]
udp1 = pkt_pg1[UDP]
raw1 = pkt_pg1[Raw]
if pkt_pg1[Ether] != pkt_pg2[Ether]:
self.logger.error("Different ethernet header of "
"outgoing and mirrored packet")
raise
if ip1 != pkt_pg2[IP]:
self.logger.error(
"Different ip header of outgoing and mirrored packet")
raise
if udp1 != pkt_pg2[UDP]:
self.logger.error(
"Different udp header of outgoing and mirrored packet")
raise
if raw1 != pkt_pg2[Raw]:
self.logger.error(
"Different raw data of outgoing and mirrored packet")
raise
payload_info = self.payload_to_info(str(raw1))
packet_index = payload_info.index
self.assertEqual(payload_info.dst, dst_sw_if_index)
self.logger.debug(
"Got packet on port %s: src=%u (id=%u)" %
(dst_if.name, payload_info.src, packet_index))
next_info = self.get_next_packet_info_for_interface2(
payload_info.src, dst_sw_if_index,
last_info[payload_info.src])
last_info[payload_info.src] = next_info
self.assertTrue(next_info is not None)
self.assertEqual(packet_index, next_info.index)
saved_packet = next_info.data
# Check standard fields
self.assertEqual(ip1.src, saved_packet[IP].src)
self.assertEqual(ip1.dst, saved_packet[IP].dst)
self.assertEqual(udp1.sport, saved_packet[UDP].sport)
self.assertEqual(udp1.dport, saved_packet[UDP].dport)
except:
self.logger.error("Unexpected or invalid packets:")
self.logger.error(ppp("pg1 packet:", pkt_pg1))
self.logger.error(ppp("pg2 packet:", pkt_pg2))
raise
for i in self.interfaces:
remaining_packet = self.get_next_packet_info_for_interface2(
i, dst_sw_if_index, last_info[i.sw_if_index])
self.assertTrue(remaining_packet is None,
"Port %u: Packet expected from source %u didn't"
" arrive" % (dst_sw_if_index, i.sw_if_index))
def test_device_span(self):
""" SPAN device rx mirror test
Test scenario:
1. config
3 interfaces, pg0 l2xconnected with pg1
2. sending l2 eth packets between 2 interfaces (pg0, pg1) and
mirrored to pg2
64B, 512B, 1518B, 9018B (ether_size)
burst of packets per interface
"""
# Create bi-directional cross-connects between pg0 and pg1
self.xconnect(self.pg0.sw_if_index, self.pg1.sw_if_index)
# Create incoming packet streams for packet-generator interfaces
pkts = self.create_stream(self.pg0, self.pg_if_packet_sizes)
self.pg0.add_stream(pkts)
# Enable SPAN on pg0 (mirrored to pg2)
self.vapi.sw_interface_span_enable_disable(
self.pg0.sw_if_index, self.pg2.sw_if_index)
self.logger.info(self.vapi.ppcli("show interface span"))
# Enable packet capturing and start packet sending
self.pg_enable_capture(self.pg_interfaces)
self.pg_start()
# Verify packets outgoing packet streams on mirrored interface (pg2)
self.logger.info("Verifying capture on interfaces %s and %s" %
(self.pg1.name, self.pg2.name))
pg2_expected = self.get_packet_count_for_if_idx(self.pg1.sw_if_index)
self.verify_capture(
self.pg1,
self.pg1.get_capture(),
self.pg2.get_capture(pg2_expected))
# Disable SPAN on pg0 (mirrored to pg2)
self.vapi.sw_interface_span_enable_disable(
self.pg0.sw_if_index, self.pg2.sw_if_index, state=0)
self.xconnect(self.pg0.sw_if_index, self.pg1.sw_if_index, is_add=0)
def test_span_l2_rx(self):
""" SPAN l2 rx mirror test """
self.sub_if.admin_up()
self.bridge(self.pg2.sw_if_index)
# Create bi-directional cross-connects between pg0 and pg1
self.xconnect(self.sub_if.sw_if_index, self.pg1.sw_if_index)
# Create incoming packet streams for packet-generator interfaces
pkts = self.create_stream(
self.pg0, self.pg_if_packet_sizes, do_dot1=True)
self.pg0.add_stream(pkts)
# Enable SPAN on pg0 (mirrored to pg2)
self.vapi.sw_interface_span_enable_disable(
self.sub_if.sw_if_index, self.pg2.sw_if_index, is_l2=1)
self.logger.info(self.vapi.ppcli("show interface span"))
# Enable packet capturing and start packet sending
self.pg_enable_capture(self.pg_interfaces)
self.pg_start()
# Verify packets outgoing packet streams on mirrored interface (pg2)
self.logger.info("Verifying capture on interfaces %s and %s" %
(self.pg1.name, self.pg2.name))
pg2_expected = self.get_packet_count_for_if_idx(self.pg1.sw_if_index)
pg1_pkts = self.pg1.get_capture()
pg2_pkts = self.pg2.get_capture(pg2_expected)
self.verify_capture(
self.pg1,
pg1_pkts,
pg2_pkts)
self.bridge(self.pg2.sw_if_index, is_add=0)
# Disable SPAN on pg0 (mirrored to pg2)
self.vapi.sw_interface_span_enable_disable(
self.sub_if.sw_if_index, self.pg2.sw_if_index, state=0, is_l2=1)
self.xconnect(self.sub_if.sw_if_index, self.pg1.sw_if_index, is_add=0)
def test_span_l2_rx_dst_vxlan(self):
""" SPAN l2 rx mirror into vxlan test """
self.sub_if.admin_up()
self.vapi.sw_interface_set_flags(self.vxlan.sw_if_index,
admin_up_down=1)
self.bridge(self.vxlan.sw_if_index, is_add=1)
# Create bi-directional cross-connects between pg0 and pg1
self.xconnect(self.sub_if.sw_if_index, self.pg1.sw_if_index)
# Create incoming packet streams for packet-generator interfaces
pkts = self.create_stream(
self.pg0, self.pg_if_packet_sizes, do_dot1=True)
self.pg0.add_stream(pkts)
# Enable SPAN on pg0 sub if (mirrored to vxlan)
self.vapi.sw_interface_span_enable_disable(
self.sub_if.sw_if_index, self.vxlan.sw_if_index, is_l2=1)
self.logger.info(self.vapi.ppcli("show interface span"))
# Enable packet capturing and start packet sending
self.pg_enable_capture(self.pg_interfaces)
self.pg_start()
# Verify packets outgoing packet streams on mirrored interface (pg2)
self.logger.info("Verifying capture on interfaces %s and %s" %
(self.pg1.name, self.pg2.name))
pg2_expected = self.get_packet_count_for_if_idx(self.pg1.sw_if_index)
pg1_pkts = self.pg1.get_capture()
pg2_pkts = [self.decap_vxlan(p)
for p in self.pg2.get_capture(pg2_expected)]
self.verify_capture(
self.pg1,
pg1_pkts,
pg2_pkts)
self.bridge(self.vxlan.sw_if_index, is_add=0)
# Disable SPAN on pg0 sub if (mirrored to vxlan)
self.vapi.sw_interface_span_enable_disable(
self.sub_if.sw_if_index, self.vxlan.sw_if_index, state=0, is_l2=1)
self.xconnect(self.sub_if.sw_if_index, self.pg1.sw_if_index, is_add=0)
def test_span_l2_rx_dst_gre_subif_vtr(self):
""" SPAN l2 rx mirror into gre-subif+vtr """
self.sub_if.admin_up()
gre_if = VppGreInterface(self, self.pg2.local_ip4,
self.pg2.remote_ip4,
is_teb=1)
gre_if.add_vpp_config()
gre_if.admin_up()
gre_sub_if = VppDot1QSubint(self, gre_if, 500)
gre_sub_if.set_vtr(L2_VTR_OP.L2_POP_1, tag=500)
gre_sub_if.admin_up()
self.bridge(gre_sub_if.sw_if_index)
# Create bi-directional cross-connects between pg0 and pg1
self.xconnect(self.sub_if.sw_if_index, self.pg1.sw_if_index, is_add=1)
# Create incoming packet streams for packet-generator interfaces
pkts = self.create_stream(
self.pg0, self.pg_if_packet_sizes, do_dot1=True)
self.pg0.add_stream(pkts)
self.vapi.sw_interface_span_enable_disable(
self.sub_if.sw_if_index, gre_sub_if.sw_if_index, is_l2=1)
# Enable packet capturing and start packet sending
self.pg_enable_capture(self.pg_interfaces)
self.pg_start()
# Verify packets outgoing packet streams on mirrored interface (pg2)
self.logger.info("Verifying capture on interfaces %s and %s" %
(self.pg1.name, self.pg2.name))
pg2_expected = self.get_packet_count_for_if_idx(self.pg1.sw_if_index)
pg1_pkts = self.pg1.get_capture()
pg2_pkts = self.pg2.get_capture(pg2_expected)
pg2_decaped = [self.remove_tags(self.decap_gre(
p), [Tag(dot1=DOT1Q, vlan=500)]) for p in pg2_pkts]
self.verify_capture(
self.pg1,
pg1_pkts,
pg2_decaped)
self.bridge(gre_sub_if.sw_if_index, is_add=0)
# Disable SPAN on pg0 sub if
self.vapi.sw_interface_span_enable_disable(
self.sub_if.sw_if_index, gre_sub_if.sw_if_index, state=0,
is_l2=1)
gre_if.remove_vpp_config()
self.xconnect(self.sub_if.sw_if_index, self.pg1.sw_if_index, is_add=0)
def test_span_l2_rx_dst_vtr(self):
""" SPAN l2 rx mirror into subif+vtr """
self.sub_if.admin_up()
self.dst_sub_if.admin_up()
self.bridge(self.dst_sub_if.sw_if_index)
# Create bi-directional cross-connects between pg0 and pg1
self.xconnect(self.sub_if.sw_if_index, self.pg1.sw_if_index, is_add=1)
# Create incoming packet streams for packet-generator interfaces
pkts = self.create_stream(
self.pg0, self.pg_if_packet_sizes, do_dot1=True)
self.pg0.add_stream(pkts)
self.vapi.sw_interface_span_enable_disable(
self.sub_if.sw_if_index, self.dst_sub_if.sw_if_index, is_l2=1)
# Enable packet capturing and start packet sending
self.pg_enable_capture(self.pg_interfaces)
self.pg_start()
# Verify packets outgoing packet streams on mirrored interface (pg2)
self.logger.info("Verifying capture on interfaces %s and %s" %
(self.pg1.name, self.pg2.name))
pg2_expected = self.get_packet_count_for_if_idx(self.pg1.sw_if_index)
pg1_pkts = self.pg1.get_capture()
pg2_pkts = self.pg2.get_capture(pg2_expected)
pg2_untagged = [self.remove_tags(p, [Tag(dot1=DOT1Q, vlan=300)])
for p in pg2_pkts]
self.verify_capture(
self.pg1,
pg1_pkts,
pg2_untagged)
self.bridge(self.dst_sub_if.sw_if_index, is_add=0)
# Disable SPAN on pg0 sub if (mirrored to vxlan)
self.vapi.sw_interface_span_enable_disable(
self.sub_if.sw_if_index, self.dst_sub_if.sw_if_index, state=0,
is_l2=1)
self.xconnect(self.sub_if.sw_if_index, self.pg1.sw_if_index, is_add=0)
def test_l2_tx_span(self):
""" SPAN l2 tx mirror test """
self.sub_if.admin_up()
self.bridge(self.pg2.sw_if_index)
# Create bi-directional cross-connects between pg0 and pg1
self.xconnect(self.sub_if.sw_if_index, self.pg1.sw_if_index)
# Create incoming packet streams for packet-generator interfaces
pkts = self.create_stream(
self.pg0, self.pg_if_packet_sizes, do_dot1=True)
self.pg0.add_stream(pkts)
# Enable SPAN on pg0 (mirrored to pg2)
self.vapi.sw_interface_span_enable_disable(
self.pg1.sw_if_index, self.pg2.sw_if_index, is_l2=1, state=2)
self.logger.info(self.vapi.ppcli("show interface span"))
# Enable packet capturing and start packet sending
self.pg_enable_capture(self.pg_interfaces)
self.pg_start()
# Verify packets outgoing packet streams on mirrored interface (pg2)
self.logger.info("Verifying capture on interfaces %s and %s" %
(self.pg1.name, self.pg2.name))
pg2_expected = self.get_packet_count_for_if_idx(self.pg1.sw_if_index)
pg1_pkts = self.pg1.get_capture()
pg2_pkts = self.pg2.get_capture(pg2_expected)
self.verify_capture(
self.pg1,
pg1_pkts,
pg2_pkts)
self.bridge(self.pg2.sw_if_index, is_add=0)
# Disable SPAN on pg0 (mirrored to pg2)
self.vapi.sw_interface_span_enable_disable(
self.pg1.sw_if_index, self.pg2.sw_if_index, state=0, is_l2=1)
self.xconnect(self.sub_if.sw_if_index, self.pg1.sw_if_index, is_add=0)
if __name__ == '__main__':
unittest.main(testRunner=VppTestRunner)