summaryrefslogtreecommitdiffstats
path: root/test/test_srv6_as.py
blob: 87cafd1e5ed5e1d2f12db3dfa14aea9fb2e6b633 (plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
262
263
264
265
266
267
268
269
270
271
272
273
274
275
276
277
278
279
280
281
282
283
284
285
286
287
288
289
290
291
292
293
294
295
296
297
298
299
300
301
302
303
304
305
306
307
308
309
310
311
312
313
314
315
316
317
318
319
320
321
322
323
324
325
326
327
328
329
330
331
332
333
334
335
336
337
338
339
340
341
342
343
344
345
346
347
348
349
350
351
352
353
354
355
356
357
358
359
360
361
362
363
364
365
366
367
368
369
370
371
372
373
374
375
376
377
378
379
380
381
382
383
384
385
386
387
388
389
390
391
392
393
394
395
396
397
398
399
400
401
402
403
404
405
406
407
408
409
410
411
412
413
414
415
416
417
418
419
420
421
422
423
424
425
426
427
428
429
430
431
432
433
434
435
436
437
438
439
440
441
442
443
444
445
446
447
448
449
450
451
452
453
454
455
456
457
458
459
460
461
462
463
464
465
466
467
468
469
470
471
472
473
474
475
476
477
478
479
480
481
482
483
484
485
486
487
488
489
490
491
492
493
494
495
496
497
498
499
500
501
502
503
504
505
506
507
508
509
510
511
512
513
514
515
516
517
518
519
520
521
522
523
524
525
526
527
528
529
530
531
532
533
534
535
536
537
538
539
540
541
542
543
544
545
546
547
548
549
550
551
552
553
554
555
556
557
558
559
560
561
562
563
564
565
566
567
568
569
570
571
572
573
574
575
576
577
578
579
580
581
582
583
584
585
586
587
588
589
590
591
592
593
594
595
596
597
598
599
600
601
602
603
604
605
606
607
608
609
610
611
612
613
614
615
616
617
618
619
620
621
622
623
624
625
626
627
628
629
630
631
632
633
634
635
636
637
638
639
640
641
642
643
644
645
646
647
648
649
650
651
652
653
654
655
656
657
658
659
660
661
662
663
664
665
666
667
668
669
670
671
672
673
674
675
676
677
678
679
680
681
682
683
684
685
686
687
688
689
690
691
692
693
694
695
696
697
698
699
700
701
702
703
704
705
706
707
708
709
710
711
712
713
714
715
716
717
718
719
720
721
722
723
724
725
726
727
728
729
730
731
732
733
734
735
736
737
738
739
740
741
742
743
744
745
746
747
748
749
750
751
752
753
754
755
756
757
758
759
760
761
762
763
764
765
766
767
768
769
770
771
772
773
774
775
776
777
778
779
780
781
782
783
784
785
786
787
788
789
790
791
792
793
794
795
796
797
798
799
800
801
802
803
804
805
806
807
808
809
810
811
812
813
814
815
816
817
818
819
820
821
822
823
824
825
826
827
828
829
830
831
832
833
834
835
836
837
838
839
840
841
842
843
844
845
846
847
848
849
850
851
852
853
854
855
856
857
858
859
860
861
862
863
864
865
866
867
868
869
870
871
872
873
874
875
876
877
878
879
880
881
882
883
884
885
886
887
888
889
890
891
892
893
894
895
896
897
898
899
900
901
902
903
904
905
906
907
908
909
910
911
912
913
914
915
916
917
918
919
920
921
922
923
924
925
926
927
928
929
930
931
#!/usr/bin/env python3

import unittest
import binascii
from socket import AF_INET6

from framework import VppTestCase, VppTestRunner
from vpp_ip_route import VppIpRoute, VppRoutePath, FibPathProto, VppIpTable
from vpp_srv6 import (
    SRv6LocalSIDBehaviors,
    VppSRv6LocalSID,
    VppSRv6Policy,
    SRv6PolicyType,
    VppSRv6Steering,
    SRv6PolicySteeringTypes,
)

import scapy.compat
from scapy.packet import Raw
from scapy.layers.l2 import Ether, Dot1Q
from scapy.layers.inet6 import IPv6, UDP, IPv6ExtHdrSegmentRouting
from scapy.layers.inet import IP, UDP

from util import ppp


class TestSRv6As(VppTestCase):
    """SRv6 Static Proxy plugin Test Case"""

    @classmethod
    def setUpClass(self):
        super(TestSRv6As, self).setUpClass()

    @classmethod
    def tearDownClass(cls):
        super(TestSRv6As, cls).tearDownClass()

    def setUp(self):
        """Perform test setup before each test case."""
        super(TestSRv6As, self).setUp()

        # packet sizes, inclusive L2 overhead
        self.pg_packet_sizes = [64, 512, 1518, 9018]

        # reset packet_infos
        self.reset_packet_infos()

    def tearDown(self):
        """Clean up test setup after each test case."""
        self.teardown_interfaces()

        super(TestSRv6As, self).tearDown()

    def configure_interface(
        self, interface, ipv6=False, ipv4=False, ipv6_table_id=0, ipv4_table_id=0
    ):
        """Configure interface.
        :param ipv6: configure IPv6 on interface
        :param ipv4: configure IPv4 on interface
        :param ipv6_table_id: FIB table_id for IPv6
        :param ipv4_table_id: FIB table_id for IPv4
        """
        self.logger.debug("Configuring interface %s" % (interface.name))
        if ipv6:
            self.logger.debug("Configuring IPv6")
            interface.set_table_ip6(ipv6_table_id)
            interface.config_ip6()
            interface.resolve_ndp(timeout=5)
        if ipv4:
            self.logger.debug("Configuring IPv4")
            interface.set_table_ip4(ipv4_table_id)
            interface.config_ip4()
            interface.resolve_arp()
        interface.admin_up()

    def setup_interfaces(self, ipv6=[], ipv4=[], ipv6_table_id=[], ipv4_table_id=[]):
        """Create and configure interfaces.

        :param ipv6: list of interface IPv6 capabilities
        :param ipv4: list of interface IPv4 capabilities
        :param ipv6_table_id: list of intf IPv6 FIB table_ids
        :param ipv4_table_id: list of intf IPv4 FIB table_ids
        :returns: List of created interfaces.
        """
        # how many interfaces?
        if len(ipv6):
            count = len(ipv6)
        else:
            count = len(ipv4)
        self.logger.debug("Creating and configuring %d interfaces" % (count))

        # fill up ipv6 and ipv4 lists if needed
        # not enabled (False) is the default
        if len(ipv6) < count:
            ipv6 += (count - len(ipv6)) * [False]
        if len(ipv4) < count:
            ipv4 += (count - len(ipv4)) * [False]

        # fill up table_id lists if needed
        # table_id 0 (global) is the default
        if len(ipv6_table_id) < count:
            ipv6_table_id += (count - len(ipv6_table_id)) * [0]
        if len(ipv4_table_id) < count:
            ipv4_table_id += (count - len(ipv4_table_id)) * [0]

        # create 'count' pg interfaces
        self.create_pg_interfaces(range(count))

        # setup all interfaces
        for i in range(count):
            intf = self.pg_interfaces[i]
            self.configure_interface(
                intf, ipv6[i], ipv4[i], ipv6_table_id[i], ipv4_table_id[i]
            )

        if any(ipv6):
            self.logger.debug(self.vapi.cli("show ip6 neighbors"))
        if any(ipv4):
            self.logger.debug(self.vapi.cli("show ip4 neighbors"))
        self.logger.debug(self.vapi.cli("show interface"))
        self.logger.debug(self.vapi.cli("show hardware"))

        return self.pg_interfaces

    def teardown_interfaces(self):
        """Unconfigure and bring down interface."""
        self.logger.debug("Tearing down interfaces")
        # tear down all interfaces
        # AFAIK they cannot be deleted
        for i in self.pg_interfaces:
            self.logger.debug("Tear down interface %s" % (i.name))
            i.admin_down()
            i.unconfig()
            i.set_table_ip4(0)
            i.set_table_ip6(0)

    def test_SRv6_End_AS_IPv6_noSRH(self):
        """Test SRv6 End.AS behavior with IPv6 traffic and no SRH rewrite."""
        self.run_SRv6_End_AS_IPv6(
            sid_list=["a1::", "a2::a6", "a3::"],
            test_sid_index=1,
            rewrite_src_addr="a2::",
        )

    def test_SRv6_End_AS_IPv6_SRH(self):
        """Test SRv6 End.AS behavior with IPv6 traffic and SRH rewrite."""
        self.run_SRv6_End_AS_IPv6(
            sid_list=["a1::a6", "a2::", "a3::"],
            test_sid_index=0,
            rewrite_src_addr="a1::",
        )

    def test_SRv6_End_AS_IPv4_noSRH(self):
        """Test SRv6 End.AS behavior with IPv4 traffic and no SRH rewrite."""
        self.run_SRv6_End_AS_IPv4(
            sid_list=["a1::", "a2::a6", "a3::"],
            test_sid_index=1,
            rewrite_src_addr="a2::",
        )

    def test_SRv6_End_AS_IPv4_SRH(self):
        """Test SRv6 End.AS behavior with IPv4 traffic and SRH rewrite."""
        self.run_SRv6_End_AS_IPv4(
            sid_list=["a1::a6", "a2::", "a3::"],
            test_sid_index=0,
            rewrite_src_addr="a1::",
        )

    def test_SRv6_End_AS_L2_noSRH(self):
        """Test SRv6 End.AS behavior with L2 traffic and no SRH rewrite."""
        self.run_SRv6_End_AS_L2(
            sid_list=["a1::", "a2::a6", "a3::"],
            test_sid_index=1,
            rewrite_src_addr="a2::",
        )

    def test_SRv6_End_AS_L2_SRH(self):
        """Test SRv6 End.AS behavior with L2 traffic and SRH rewrite."""
        self.run_SRv6_End_AS_L2(
            sid_list=["a1::a6", "a2::", "a3::"],
            test_sid_index=0,
            rewrite_src_addr="a1::",
        )

    def run_SRv6_End_AS_L2(self, sid_list, test_sid_index, rewrite_src_addr):
        """Run SRv6 End.AS test with L2 traffic."""
        self.rewrite_src_addr = rewrite_src_addr
        self.rewrite_sid_list = sid_list[test_sid_index + 1 : :]

        # send traffic to one destination interface
        # source and destination interfaces are IPv6 only
        self.setup_interfaces(ipv6=[True, False])

        # configure route to next segment
        route = VppIpRoute(
            self,
            sid_list[test_sid_index + 1],
            128,
            [VppRoutePath(self.pg0.remote_ip6, self.pg0.sw_if_index)],
        )
        route.add_vpp_config()

        # configure SRv6 localSID behavior
        cli_str = (
            "sr localsid address "
            + sid_list[test_sid_index]
            + " behavior end.as"
            + " oif "
            + self.pg1.name
            + " iif "
            + self.pg1.name
            + " src "
            + self.rewrite_src_addr
        )
        for s in self.rewrite_sid_list:
            cli_str += " next " + s
        self.vapi.cli(cli_str)

        # log the localsids
        self.logger.debug(self.vapi.cli("show sr localsid"))

        # send one packet per packet size
        count = len(self.pg_packet_sizes)

        # prepare L2 in SRv6 headers
        packet_header1 = self.create_packet_header_IPv6_SRH_L2(
            sidlist=sid_list[::-1], segleft=len(sid_list) - test_sid_index - 1, vlan=0
        )

        # generate packets (pg0->pg1)
        pkts1 = self.create_stream(
            self.pg0, self.pg1, packet_header1, self.pg_packet_sizes, count
        )

        # send packets and verify received packets
        self.send_and_verify_pkts(
            self.pg0, pkts1, self.pg1, self.compare_rx_tx_packet_End_AS_L2_out
        )

        # log the localsid counters
        self.logger.info(self.vapi.cli("show sr localsid"))

        # prepare L2 header for returning packets
        packet_header2 = self.create_packet_header_L2()

        # generate returning packets (pg1->pg0)
        pkts2 = self.create_stream(
            self.pg1, self.pg0, packet_header2, self.pg_packet_sizes, count
        )

        # send packets and verify received packets
        self.send_and_verify_pkts(
            self.pg1, pkts2, self.pg0, self.compare_rx_tx_packet_End_AS_L2_in
        )

        # log the localsid counters
        self.logger.info(self.vapi.cli("show sr localsid"))

        # remove SRv6 localSIDs
        self.vapi.cli("sr localsid del address " + sid_list[test_sid_index])

        # cleanup interfaces
        self.teardown_interfaces()

    def run_SRv6_End_AS_IPv6(self, sid_list, test_sid_index, rewrite_src_addr):
        """Run SRv6 End.AS test with IPv6 traffic."""
        self.rewrite_src_addr = rewrite_src_addr
        self.rewrite_sid_list = sid_list[test_sid_index + 1 : :]

        # send traffic to one destination interface
        # source and destination interfaces are IPv6 only
        self.setup_interfaces(ipv6=[True, True])

        # configure route to next segment
        route = VppIpRoute(
            self,
            sid_list[test_sid_index + 1],
            128,
            [VppRoutePath(self.pg0.remote_ip6, self.pg0.sw_if_index)],
        )
        route.add_vpp_config()

        # configure SRv6 localSID behavior
        cli_str = (
            "sr localsid address "
            + sid_list[test_sid_index]
            + " behavior end.as"
            + " nh "
            + self.pg1.remote_ip6
            + " oif "
            + self.pg1.name
            + " iif "
            + self.pg1.name
            + " src "
            + self.rewrite_src_addr
        )
        for s in self.rewrite_sid_list:
            cli_str += " next " + s
        self.vapi.cli(cli_str)

        # log the localsids
        self.logger.debug(self.vapi.cli("show sr localsid"))

        # send one packet per packet size
        count = len(self.pg_packet_sizes)

        # prepare IPv6 in SRv6 headers
        packet_header1 = self.create_packet_header_IPv6_SRH_IPv6(
            sidlist=sid_list[::-1], segleft=len(sid_list) - test_sid_index - 1
        )

        # generate packets (pg0->pg1)
        pkts1 = self.create_stream(
            self.pg0, self.pg1, packet_header1, self.pg_packet_sizes, count
        )

        # send packets and verify received packets
        self.send_and_verify_pkts(
            self.pg0, pkts1, self.pg1, self.compare_rx_tx_packet_End_AS_IPv6_out
        )

        # log the localsid counters
        self.logger.info(self.vapi.cli("show sr localsid"))

        # prepare IPv6 header for returning packets
        packet_header2 = self.create_packet_header_IPv6()

        # generate returning packets (pg1->pg0)
        pkts2 = self.create_stream(
            self.pg1, self.pg0, packet_header2, self.pg_packet_sizes, count
        )

        # send packets and verify received packets
        self.send_and_verify_pkts(
            self.pg1, pkts2, self.pg0, self.compare_rx_tx_packet_End_AS_IPv6_in
        )

        # log the localsid counters
        self.logger.info(self.vapi.cli("show sr localsid"))

        # remove SRv6 localSIDs
        self.vapi.cli("sr localsid del address " + sid_list[test_sid_index])

        # cleanup interfaces
        self.teardown_interfaces()

    def run_SRv6_End_AS_IPv4(self, sid_list, test_sid_index, rewrite_src_addr):
        """Run SRv6 End.AS test with IPv4 traffic."""
        self.rewrite_src_addr = rewrite_src_addr
        self.rewrite_sid_list = sid_list[test_sid_index + 1 : :]

        # send traffic to one destination interface
        # source and destination interfaces are IPv6 only
        self.setup_interfaces(ipv6=[True, False], ipv4=[True, True])

        # configure route to next segment
        route = VppIpRoute(
            self,
            sid_list[test_sid_index + 1],
            128,
            [VppRoutePath(self.pg0.remote_ip6, self.pg0.sw_if_index)],
        )
        route.add_vpp_config()

        # configure SRv6 localSID behavior
        cli_str = (
            "sr localsid address "
            + sid_list[test_sid_index]
            + " behavior end.as"
            + " nh "
            + self.pg1.remote_ip4
            + " oif "
            + self.pg1.name
            + " iif "
            + self.pg1.name
            + " src "
            + self.rewrite_src_addr
        )
        for s in self.rewrite_sid_list:
            cli_str += " next " + s
        self.vapi.cli(cli_str)

        # log the localsids
        self.logger.debug(self.vapi.cli("show sr localsid"))

        # send one packet per packet size
        count = len(self.pg_packet_sizes)

        # prepare IPv4 in SRv6 headers
        packet_header1 = self.create_packet_header_IPv6_SRH_IPv4(
            sidlist=sid_list[::-1], segleft=len(sid_list) - test_sid_index - 1
        )

        # generate packets (pg0->pg1)
        pkts1 = self.create_stream(
            self.pg0, self.pg1, packet_header1, self.pg_packet_sizes, count
        )

        # send packets and verify received packets
        self.send_and_verify_pkts(
            self.pg0, pkts1, self.pg1, self.compare_rx_tx_packet_End_AS_IPv4_out
        )

        # log the localsid counters
        self.logger.info(self.vapi.cli("show sr localsid"))

        # prepare IPv6 header for returning packets
        packet_header2 = self.create_packet_header_IPv4()

        # generate returning packets (pg1->pg0)
        pkts2 = self.create_stream(
            self.pg1, self.pg0, packet_header2, self.pg_packet_sizes, count
        )

        # send packets and verify received packets
        self.send_and_verify_pkts(
            self.pg1, pkts2, self.pg0, self.compare_rx_tx_packet_End_AS_IPv4_in
        )

        # log the localsid counters
        self.logger.info(self.vapi.cli("show sr localsid"))

        # remove SRv6 localSIDs
        self.vapi.cli("sr localsid del address " + sid_list[test_sid_index])

        # cleanup interfaces
        self.teardown_interfaces()

    def compare_rx_tx_packet_End_AS_IPv6_in(self, tx_pkt, rx_pkt):
        """Compare input and output packet after passing End.AS

        :param tx_pkt: transmitted packet
        :param rx_pkt: received packet
        """

        # get first (outer) IPv6 header of rx'ed packet
        rx_ip = rx_pkt.getlayer(IPv6)
        rx_srh = None

        tx_ip = tx_pkt.getlayer(IPv6)

        # expected segment-list (SRH order)
        tx_seglist = self.rewrite_sid_list[::-1]

        # received ip.src should be equal to SR Policy source
        self.assertEqual(rx_ip.src, self.rewrite_src_addr)
        # received ip.dst should be equal to expected sidlist[lastentry]
        self.assertEqual(rx_ip.dst, tx_seglist[-1])

        if len(tx_seglist) > 1:
            # rx'ed packet should have SRH
            self.assertTrue(rx_pkt.haslayer(IPv6ExtHdrSegmentRouting))
            # get SRH
            rx_srh = rx_pkt.getlayer(IPv6ExtHdrSegmentRouting)
            # rx'ed seglist should be equal to expected seglist
            self.assertEqual(rx_srh.addresses, tx_seglist)
            # segleft should be equal to size expected seglist-1
            self.assertEqual(rx_srh.segleft, len(tx_seglist) - 1)
            # segleft should be equal to lastentry
            self.assertEqual(rx_srh.segleft, rx_srh.lastentry)
            # get payload
            payload = rx_srh.payload
        else:
            # rx'ed packet should NOT have SRH
            self.assertFalse(rx_pkt.haslayer(IPv6ExtHdrSegmentRouting))
            # get payload
            payload = rx_ip.payload

        # the whole rx'ed pkt beyond SRH should be equal to tx'ed pkt
        # except for the hop-limit field
        #   -> update tx'ed hlim to the expected hlim
        tx_ip.hlim = tx_ip.hlim - 1

        self.assertEqual(payload, tx_ip)

        self.logger.debug("packet verification: SUCCESS")

    def compare_rx_tx_packet_End_AS_IPv4_in(self, tx_pkt, rx_pkt):
        """Compare input and output packet after passing End.AS

        :param tx_pkt: transmitted packet
        :param rx_pkt: received packet
        """

        # get first (outer) IPv6 header of rx'ed packet
        rx_ip = rx_pkt.getlayer(IPv6)
        rx_srh = None

        tx_ip = tx_pkt.getlayer(IP)

        # expected segment-list (SRH order)
        tx_seglist = self.rewrite_sid_list[::-1]

        # received ip.src should be equal to SR Policy source
        self.assertEqual(rx_ip.src, self.rewrite_src_addr)
        # received ip.dst should be equal to expected sidlist[lastentry]
        self.assertEqual(rx_ip.dst, tx_seglist[-1])

        if len(tx_seglist) > 1:
            # rx'ed packet should have SRH and IPv4 header
            self.assertTrue(rx_pkt.haslayer(IPv6ExtHdrSegmentRouting))
            self.assertTrue(rx_ip.payload.haslayer(IP))
            # get SRH
            rx_srh = rx_pkt.getlayer(IPv6ExtHdrSegmentRouting)
            # rx'ed seglist should be equal to seglist
            self.assertEqual(rx_srh.addresses, tx_seglist)
            # segleft should be equal to size seglist-1
            self.assertEqual(rx_srh.segleft, len(tx_seglist) - 1)
            # segleft should be equal to lastentry
            self.assertEqual(rx_srh.segleft, rx_srh.lastentry)
            payload = rx_srh.payload
        else:
            # rx'ed packet should NOT have SRH
            self.assertFalse(rx_pkt.haslayer(IPv6ExtHdrSegmentRouting))
            # get payload
            payload = rx_ip.payload

        # the whole rx'ed pkt beyond SRH should be equal to tx'ed pkt
        # except for the ttl field and ip checksum
        #   -> adjust tx'ed ttl to expected ttl
        tx_ip.ttl = tx_ip.ttl - 1
        #   -> set tx'ed ip checksum to None and let scapy recompute
        tx_ip.chksum = None
        # read back the pkt (with str()) to force computing these fields
        # probably other ways to accomplish this are possible
        tx_ip = IP(scapy.compat.raw(tx_ip))

        self.assertEqual(payload, tx_ip)

        self.logger.debug("packet verification: SUCCESS")

    def compare_rx_tx_packet_End_AS_L2_in(self, tx_pkt, rx_pkt):
        """Compare input and output packet after passing End.AS

        :param tx_pkt: transmitted packet
        :param rx_pkt: received packet
        """

        # get first (outer) IPv6 header of rx'ed packet
        rx_ip = rx_pkt.getlayer(IPv6)
        rx_srh = None

        tx_ether = tx_pkt.getlayer(Ether)

        # expected segment-list (SRH order)
        tx_seglist = self.rewrite_sid_list[::-1]

        # received ip.src should be equal to SR Policy source
        self.assertEqual(rx_ip.src, self.rewrite_src_addr)
        # received ip.dst should be equal to expected sidlist[lastentry]
        self.assertEqual(rx_ip.dst, tx_seglist[-1])

        if len(tx_seglist) > 1:
            # rx'ed packet should have SRH
            self.assertTrue(rx_pkt.haslayer(IPv6ExtHdrSegmentRouting))
            # get SRH
            rx_srh = rx_pkt.getlayer(IPv6ExtHdrSegmentRouting)
            # rx'ed seglist should be equal to seglist
            self.assertEqual(rx_srh.addresses, tx_seglist)
            # segleft should be equal to size seglist-1
            self.assertEqual(rx_srh.segleft, len(tx_seglist) - 1)
            # segleft should be equal to lastentry
            self.assertEqual(rx_srh.segleft, rx_srh.lastentry)
            # nh should be "No Next Header" (143)
            self.assertEqual(rx_srh.nh, 143)
            # get payload
            payload = rx_srh.payload
        else:
            # rx'ed packet should NOT have SRH
            self.assertFalse(rx_pkt.haslayer(IPv6ExtHdrSegmentRouting))
            # get payload
            payload = rx_ip.payload

        # the whole rx'ed pkt beyond SRH should be equal to tx'ed pkt
        self.assertEqual(Ether(scapy.compat.raw(payload)), tx_ether)

        self.logger.debug("packet verification: SUCCESS")

    def compare_rx_tx_packet_End_AS_IPv6_out(self, tx_pkt, rx_pkt):
        """Compare input and output packet after passing End.AS with IPv6

        :param tx_pkt: transmitted packet
        :param rx_pkt: received packet
        """

        # get first (outer) IPv6 header of rx'ed packet
        rx_ip = rx_pkt.getlayer(IPv6)

        tx_ip = tx_pkt.getlayer(IPv6)
        tx_ip2 = tx_pkt.getlayer(IPv6, 2)

        # verify if rx'ed packet has no SRH
        self.assertFalse(rx_pkt.haslayer(IPv6ExtHdrSegmentRouting))

        # the whole rx_ip pkt should be equal to tx_ip2
        # except for the hlim field
        #   -> adjust tx'ed hlim to expected hlim
        tx_ip2.hlim = tx_ip2.hlim - 1

        self.assertEqual(rx_ip, tx_ip2)

        self.logger.debug("packet verification: SUCCESS")

    def compare_rx_tx_packet_End_AS_IPv4_out(self, tx_pkt, rx_pkt):
        """Compare input and output packet after passing End.AS with IPv4

        :param tx_pkt: transmitted packet
        :param rx_pkt: received packet
        """

        # get IPv4 header of rx'ed packet
        rx_ip = rx_pkt.getlayer(IP)

        tx_ip = tx_pkt.getlayer(IPv6)
        tx_ip2 = tx_pkt.getlayer(IP)

        # verify if rx'ed packet has no SRH
        self.assertFalse(rx_pkt.haslayer(IPv6ExtHdrSegmentRouting))

        # the whole rx_ip pkt should be equal to tx_ip2
        # except for the ttl field and ip checksum
        #   -> adjust tx'ed ttl to expected ttl
        tx_ip2.ttl = tx_ip2.ttl - 1
        #   -> set tx'ed ip checksum to None and let scapy recompute
        tx_ip2.chksum = None
        # read back the pkt (with str()) to force computing these fields
        # probably other ways to accomplish this are possible
        tx_ip2 = IP(scapy.compat.raw(tx_ip2))

        self.assertEqual(rx_ip, tx_ip2)

        self.logger.debug("packet verification: SUCCESS")

    def compare_rx_tx_packet_End_AS_L2_out(self, tx_pkt, rx_pkt):
        """Compare input and output packet after passing End.AS with L2

        :param tx_pkt: transmitted packet
        :param rx_pkt: received packet
        """

        # get IPv4 header of rx'ed packet
        rx_eth = rx_pkt.getlayer(Ether)

        tx_ip = tx_pkt.getlayer(IPv6)
        # we can't just get the 2nd Ether layer
        # get the Raw content and dissect it as Ether
        tx_eth1 = Ether(scapy.compat.raw(tx_pkt[Raw]))

        # verify if rx'ed packet has no SRH
        self.assertFalse(rx_pkt.haslayer(IPv6ExtHdrSegmentRouting))

        # the whole rx_eth pkt should be equal to tx_eth1
        self.assertEqual(rx_eth, tx_eth1)

        self.logger.debug("packet verification: SUCCESS")

    def create_stream(self, src_if, dst_if, packet_header, packet_sizes, count):
        """Create SRv6 input packet stream for defined interface.

        :param VppInterface src_if: Interface to create packet stream for
        :param VppInterface dst_if: destination interface of packet stream
        :param packet_header: Layer3 scapy packet headers,
                L2 is added when not provided,
                Raw(payload) with packet_info is added
        :param list packet_sizes: packet stream pckt sizes,sequentially applied
               to packets in stream have
        :param int count: number of packets in packet stream
        :return: list of packets
        """
        self.logger.info("Creating packets")
        pkts = []
        for i in range(0, count - 1):
            payload_info = self.create_packet_info(src_if, dst_if)
            self.logger.debug("Creating packet with index %d" % (payload_info.index))
            payload = self.info_to_payload(payload_info)
            # add L2 header if not yet provided in packet_header
            if packet_header.getlayer(0).name == "Ethernet":
                p = packet_header / Raw(payload)
            else:
                p = (
                    Ether(dst=src_if.local_mac, src=src_if.remote_mac)
                    / packet_header
                    / Raw(payload)
                )
            size = packet_sizes[i % len(packet_sizes)]
            self.logger.debug("Packet size %d" % (size))
            self.extend_packet(p, size)
            # we need to store the packet with the automatic fields computed
            # read back the dumped packet (with str())
            # to force computing these fields
            # probably other ways are possible
            p = Ether(scapy.compat.raw(p))
            payload_info.data = p.copy()
            self.logger.debug(ppp("Created packet:", p))
            pkts.append(p)
        self.logger.info("Done creating packets")
        return pkts

    def send_and_verify_pkts(self, input, pkts, output, compare_func):
        """Send packets and verify received packets using compare_func

        :param input: ingress interface of DUT
        :param pkts: list of packets to transmit
        :param output: egress interface of DUT
        :param compare_func: function to compare in and out packets
        """
        # add traffic stream to input interface
        input.add_stream(pkts)

        # enable capture on all interfaces
        self.pg_enable_capture(self.pg_interfaces)

        # start traffic
        self.logger.info("Starting traffic")
        self.pg_start()

        # get output capture
        self.logger.info("Getting packet capture")
        capture = output.get_capture()

        # assert nothing was captured on input interface
        # input.assert_nothing_captured()

        # verify captured packets
        self.verify_captured_pkts(output, capture, compare_func)

    def create_packet_header_IPv6(self):
        """Create packet header: IPv6 header, UDP header

        :param dst: IPv6 destination address

        IPv6 source address is 1234::1
        IPv6 destination address is 4321::1
        UDP source port and destination port are 1234
        """

        p = IPv6(src="1234::1", dst="4321::1") / UDP(sport=1234, dport=1234)
        return p

    def create_packet_header_IPv6_SRH_IPv6(self, sidlist, segleft):
        """Create packet header: IPv6 encapsulated in SRv6:
        IPv6 header with SRH, IPv6 header, UDP header

        :param list sidlist: segment list of outer IPv6 SRH
        :param int segleft: segments-left field of outer IPv6 SRH

        Outer IPv6 source address is set to 5678::1
        Outer IPv6 destination address is set to sidlist[segleft]
        IPv6 source addresses is 1234::1
        IPv6 destination address is 4321::1
        UDP source port and destination port are 1234
        """

        p = (
            IPv6(src="5678::1", dst=sidlist[segleft])
            / IPv6ExtHdrSegmentRouting(addresses=sidlist, segleft=segleft, nh=41)
            / IPv6(src="1234::1", dst="4321::1")
            / UDP(sport=1234, dport=1234)
        )
        return p

    def create_packet_header_IPv4(self):
        """Create packet header: IPv4 header, UDP header

        :param dst: IPv4 destination address

        IPv4 source address is 123.1.1.1
        IPv4 destination address is 124.1.1.1
        UDP source port and destination port are 1234
        """

        p = IP(src="123.1.1.1", dst="124.1.1.1") / UDP(sport=1234, dport=1234)
        return p

    def create_packet_header_IPv6_SRH_IPv4(self, sidlist, segleft):
        """Create packet header: IPv4 encapsulated in SRv6:
        IPv6 header with SRH, IPv4 header, UDP header

        :param ipv4address dst: inner IPv4 destination address
        :param list sidlist: segment list of outer IPv6 SRH
        :param int segleft: segments-left field of outer IPv6 SRH

        Outer IPv6 destination address is set to sidlist[segleft]
        IPv6 source address is 1234::1
        IPv4 source address is 123.1.1.1
        IPv4 destination address is 124.1.1.1
        UDP source port and destination port are 1234
        """

        p = (
            IPv6(src="1234::1", dst=sidlist[segleft])
            / IPv6ExtHdrSegmentRouting(addresses=sidlist, segleft=segleft, nh=4)
            / IP(src="123.1.1.1", dst="124.1.1.1")
            / UDP(sport=1234, dport=1234)
        )
        return p

    def create_packet_header_L2(self, vlan=0):
        """Create packet header: L2 header

        :param vlan: if vlan!=0 then add 802.1q header
        """
        # Note: the dst addr ('00:55:44:33:22:11') is used in
        # the compare function compare_rx_tx_packet_T_Encaps_L2
        # to detect presence of L2 in SRH payload
        p = Ether(src="00:11:22:33:44:55", dst="00:55:44:33:22:11")
        etype = 0x8137  # IPX
        if vlan:
            # add 802.1q layer
            p /= Dot1Q(vlan=vlan, type=etype)
        else:
            p.type = etype
        return p

    def create_packet_header_IPv6_SRH_L2(self, sidlist, segleft, vlan=0):
        """Create packet header: L2 encapsulated in SRv6:
        IPv6 header with SRH, L2

        :param list sidlist: segment list of outer IPv6 SRH
        :param int segleft: segments-left field of outer IPv6 SRH
        :param vlan: L2 vlan; if vlan!=0 then add 802.1q header

        Outer IPv6 destination address is set to sidlist[segleft]
        IPv6 source address is 1234::1
        """
        eth = Ether(src="00:11:22:33:44:55", dst="00:55:44:33:22:11")
        etype = 0x8137  # IPX
        if vlan:
            # add 802.1q layer
            eth /= Dot1Q(vlan=vlan, type=etype)
        else:
            eth.type = etype

        p = (
            IPv6(src="1234::1", dst=sidlist[segleft])
            / IPv6ExtHdrSegmentRouting(addresses=sidlist, segleft=segleft, nh=143)
            / eth
        )
        return p

    def get_payload_info(self, packet):
        """Extract the payload_info from the packet"""
        # in most cases, payload_info is in packet[Raw]
        # but packet[Raw] gives the complete payload
        # (incl L2 header) for the T.Encaps L2 case
        try:
            payload_info = self.payload_to_info(packet[Raw])

        except:
            # remote L2 header from packet[Raw]:
            # take packet[Raw], convert it to an Ether layer
            # and then extract Raw from it
            payload_info = self.payload_to_info(
                Ether(scapy.compat.raw(packet[Raw]))[Raw]
            )

        return payload_info

    def verify_captured_pkts(self, dst_if, capture, compare_func):
        """
        Verify captured packet stream for specified interface.
        Compare ingress with egress packets using the specified compare fn

        :param dst_if: egress interface of DUT
        :param capture: captured packets
        :param compare_func: function to compare in and out packet
        """
        self.logger.info(
            "Verifying capture on interface %s using function %s"
            % (dst_if.name, compare_func.__name__)
        )

        last_info = dict()
        for i in self.pg_interfaces:
            last_info[i.sw_if_index] = None
        dst_sw_if_index = dst_if.sw_if_index

        for packet in capture:
            try:
                # extract payload_info from packet's payload
                payload_info = self.get_payload_info(packet)
                packet_index = payload_info.index

                self.logger.debug("Verifying packet with index %d" % (packet_index))
                # packet should have arrived on the expected interface
                self.assertEqual(payload_info.dst, dst_sw_if_index)
                self.logger.debug(
                    "Got packet on interface %s: src=%u (idx=%u)"
                    % (dst_if.name, payload_info.src, packet_index)
                )

                # search for payload_info with same src and dst if_index
                # this will give us the transmitted packet
                next_info = self.get_next_packet_info_for_interface2(
                    payload_info.src, dst_sw_if_index, last_info[payload_info.src]
                )
                last_info[payload_info.src] = next_info
                # next_info should not be None
                self.assertTrue(next_info is not None)
                # index of tx and rx packets should be equal
                self.assertEqual(packet_index, next_info.index)
                # data field of next_info contains the tx packet
                txed_packet = next_info.data

                self.logger.debug(
                    ppp("Transmitted packet:", txed_packet)
                )  # ppp=Pretty Print Packet

                self.logger.debug(ppp("Received packet:", packet))

                # compare rcvd packet with expected packet using compare_func
                compare_func(txed_packet, packet)

            except:
                self.logger.error(ppp("Unexpected or invalid packet:", packet))
                raise

        # have all expected packets arrived?
        for i in self.pg_interfaces:
            remaining_packet = self.get_next_packet_info_for_interface2(
                i.sw_if_index, dst_sw_if_index, last_info[i.sw_if_index]
            )
            self.assertTrue(
                remaining_packet is None,
                "Interface %s: Packet expected from interface %s "
                "didn't arrive" % (dst_if.name, i.name),
            )


if __name__ == "__main__":
    unittest.main(testRunner=VppTestRunner)
ble_disable': enable_disable, 'pid': os.getpid(), }) def want_l2_macs_events(self, enable_disable=1, scan_delay=0, max_macs_in_event=0, learn_limit=0): return self.api(self.papi.want_l2_macs_events, {'enable_disable': enable_disable, 'scan_delay': scan_delay, 'max_macs_in_event': max_macs_in_event, 'learn_limit': learn_limit, 'pid': os.getpid(), }) def want_dhcp6_reply_events(self, enable_disable=1): return self.api(self.papi.want_dhcp6_reply_events, {'enable_disable': enable_disable, 'pid': os.getpid()}) def want_dhcp6_pd_reply_events(self, enable_disable=1): return self.api(self.papi.want_dhcp6_pd_reply_events, {'enable_disable': enable_disable, 'pid': os.getpid()}) def dhcp6_pd_send_client_message(self, msg_type, sw_if_index, T1, T2, prefixes, server_index=0xFFFFFFFF, irt=0, mrt=0, mrc=1, mrd=0, stop=0, ): return self.api(self.papi.dhcp6_pd_send_client_message, {'sw_if_index': sw_if_index, 'server_index': server_index, 'irt': irt, 'mrt': mrt, 'mrc': mrc, 'mrd': mrd, 'stop': stop, 'msg_type': msg_type, 'T1': T1, 'T2': T2, 'n_prefixes': len(prefixes), 'prefixes': prefixes}) def dhcp6_client_enable_disable(self, sw_if_index, prefix_group='', enable=1): return self.api(self.papi.dhcp6_client_enable_disable, {'sw_if_index': sw_if_index, 'enable': enable}) def dhcp6_pd_client_enable_disable(self, sw_if_index, prefix_group='', enable=1): return self.api(self.papi.dhcp6_pd_client_enable_disable, {'sw_if_index': sw_if_index, 'prefix_group': prefix_group, 'enable': enable}) def ip6_add_del_address_using_prefix(self, sw_if_index, address, prefix_length, prefix_group, is_add=1): return self.api(self.papi.ip6_add_del_address_using_prefix, {'sw_if_index': sw_if_index, 'prefix_group': prefix_group, 'address': address, 'prefix_length': prefix_length, 'is_add': is_add}) def sw_interface_set_mac_address(self, sw_if_index, mac): return self.api(self.papi.sw_interface_set_mac_address, {'sw_if_index': sw_if_index, 'mac_address': mac}) def p2p_ethernet_add(self, sw_if_index, remote_mac, subif_id): """Create p2p ethernet subinterface :param sw_if_index: main (parent) interface :param remote_mac: client (remote) mac address """ return self.api( self.papi.p2p_ethernet_add, {'parent_if_index': sw_if_index, 'remote_mac': remote_mac, 'subif_id': subif_id}) def p2p_ethernet_del(self, sw_if_index, remote_mac): """Delete p2p ethernet subinterface :param sw_if_index: main (parent) interface :param remote_mac: client (remote) mac address """ return self.api( self.papi.p2p_ethernet_del, {'parent_if_index': sw_if_index, 'remote_mac': remote_mac}) def create_vlan_subif(self, sw_if_index, vlan): """ :param vlan: :param sw_if_index: """ return self.api(self.papi.create_vlan_subif, {'sw_if_index': sw_if_index, 'vlan_id': vlan}) def create_loopback(self, mac=''): """ :param mac: (Optional) """ return self.api(self.papi.create_loopback, {'mac_address': mac}) def ip_neighbor_add_del(self, sw_if_index, mac_address, ip_address, is_add=1, flags=0): """ Add neighbor MAC to IPv4 or IPv6 address. :param sw_if_index: :param mac_address: :param dst_address: :param is_add: (Default value = 1) :param flags: (Default value = 0/NONE) """ return self.api( self.papi.ip_neighbor_add_del, { 'is_add': is_add, 'neighbor': { 'sw_if_index': sw_if_index, 'flags': flags, 'mac_address': mac_address, 'ip_address': ip_address } } ) def proxy_arp_add_del(self, low, hi, table_id=0, is_add=1): """ Config Proxy Arp Range. :param low_address: Start address in the rnage to Proxy for :param hi_address: End address in the rnage to Proxy for :param vrf_id: The VRF/table in which to proxy """ return self.api( self.papi.proxy_arp_add_del, {'proxy': { 'table_id': table_id, 'low': low, 'hi': hi, }, 'is_add': is_add}) def proxy_arp_intfc_enable_disable(self, sw_if_index, is_enable=1): """ Enable/Disable an interface for proxy ARP requests :param sw_if_index: Interface :param enable_disable: Enable/Disable """ return self.api( self.papi.proxy_arp_intfc_enable_disable, {'sw_if_index': sw_if_index, 'enable_disable': is_enable } ) def gre_tunnel_add_del(self, src, dst, outer_fib_id=0, tunnel_type=0, instance=0xFFFFFFFF, session_id=0, is_add=1): """ Add a GRE tunnel :param src_address: :param dst_address: :param outer_fib_id: (Default value = 0) :param tunnel_type: (Default value = 0) :param instance: (Default value = 0xFFFFFFFF) :param session_id: (Default value = 0) :param is_add: (Default value = 1) :param is_ipv6: (Default value = 0) """ return self.api( self.papi.gre_tunnel_add_del, {'is_add': is_add, 'tunnel': { 'type': tunnel_type, 'instance': instance, 'src': src, 'dst': dst, 'outer_fib_id': outer_fib_id, 'session_id': session_id} } ) def udp_encap_add(self, src_ip, dst_ip, src_port, dst_port, table_id=0): """ Add a GRE tunnel :param src_ip: :param dst_ip: :param src_port: :param dst_port: :param outer_fib_id: (Default value = 0) """ return self.api( self.papi.udp_encap_add, { 'udp_encap': { 'src_ip': src_ip, 'dst_ip': dst_ip, 'src_port': src_port, 'dst_port': dst_port, 'table_id': table_id } }) def mpls_table_add_del( self, table_id, is_add=1): """ :param table_id :param is_add: (Default value = 1) """ return self.api( self.papi.mpls_table_add_del, {'mt_table_id': table_id, 'mt_is_add': is_add}) def mpls_ip_bind_unbind( self, label, dst_address, dst_address_length, table_id=0, ip_table_id=0, is_ip4=1, is_bind=1): """ """ return self.api( self.papi.mpls_ip_bind_unbind, {'mb_mpls_table_id': table_id, 'mb_label': label, 'mb_ip_table_id': ip_table_id, 'mb_is_bind': is_bind, 'mb_is_ip4': is_ip4, 'mb_address_length': dst_address_length, 'mb_address': dst_address}) def mpls_tunnel_add_del( self, tun_sw_if_index, next_hop_proto_is_ip4, next_hop_address, next_hop_sw_if_index=0xFFFFFFFF, next_hop_table_id=0, next_hop_weight=1, next_hop_n_out_labels=0, next_hop_out_label_stack=[], next_hop_via_label=MPLS_LABEL_INVALID, is_add=1, l2_only=0, is_multicast=0): """ :param dst_address_length: :param next_hop_sw_if_index: (Default value = 0xFFFFFFFF) :param dst_address: :param next_hop_address: :param next_hop_sw_if_index: (Default value = 0xFFFFFFFF) :param vrf_id: (Default value = 0) :param lookup_in_vrf: (Default value = 0) :param classify_table_index: (Default value = 0xFFFFFFFF) :param is_add: (Default value = 1) :param is_drop: (Default value = 0) :param is_ipv6: (Default value = 0) :param is_local: (Default value = 0) :param is_classify: (Default value = 0) :param is_multipath: (Default value = 0) :param is_resolve_host: (Default value = 0) :param is_resolve_attached: (Default value = 0) :param next_hop_weight: (Default value = 1) :param is_multicast: (Default value = 0) """ return self.api( self.papi.mpls_tunnel_add_del, {'mt_sw_if_index': tun_sw_if_index, 'mt_is_add': is_add, 'mt_l2_only': l2_only, 'mt_is_multicast': is_multicast, 'mt_next_hop_proto_is_ip4': next_hop_proto_is_ip4, 'mt_next_hop_weight': next_hop_weight, 'mt_next_hop': next_hop_address, 'mt_next_hop_n_out_labels': next_hop_n_out_labels, 'mt_next_hop_sw_if_index': next_hop_sw_if_index, 'mt_next_hop_table_id': next_hop_table_id, 'mt_next_hop_via_label': next_hop_via_label, 'mt_next_hop_out_label_stack': next_hop_out_label_stack}) def bfd_udp_add(self, sw_if_index, desired_min_tx, required_min_rx, detect_mult, local_addr, peer_addr, is_ipv6=0, bfd_key_id=None, conf_key_id=None): if bfd_key_id is None: return self.api(self.papi.bfd_udp_add, { 'sw_if_index': sw_if_index, 'desired_min_tx': desired_min_tx, 'required_min_rx': required_min_rx, 'local_addr': local_addr, 'peer_addr': peer_addr, 'is_ipv6': is_ipv6, 'detect_mult': detect_mult, }) else: return self.api(self.papi.bfd_udp_add, { 'sw_if_index': sw_if_index, 'desired_min_tx': desired_min_tx, 'required_min_rx': required_min_rx, 'local_addr': local_addr, 'peer_addr': peer_addr, 'is_ipv6': is_ipv6, 'detect_mult': detect_mult, 'is_authenticated': 1, 'bfd_key_id': bfd_key_id, 'conf_key_id': conf_key_id, }) def bfd_udp_mod(self, sw_if_index, desired_min_tx, required_min_rx, detect_mult, local_addr, peer_addr, is_ipv6=0): return self.api(self.papi.bfd_udp_mod, { 'sw_if_index': sw_if_index, 'desired_min_tx': desired_min_tx, 'required_min_rx': required_min_rx, 'local_addr': local_addr, 'peer_addr': peer_addr, 'is_ipv6': is_ipv6, 'detect_mult': detect_mult, }) def bfd_udp_auth_activate(self, sw_if_index, local_addr, peer_addr, is_ipv6=0, bfd_key_id=None, conf_key_id=None, is_delayed=False): return self.api(self.papi.bfd_udp_auth_activate, { 'sw_if_index': sw_if_index, 'local_addr': local_addr, 'peer_addr': peer_addr, 'is_ipv6': is_ipv6, 'is_delayed': 1 if is_delayed else 0, 'bfd_key_id': bfd_key_id, 'conf_key_id': conf_key_id, }) def bfd_udp_session_set_flags(self, admin_up_down, sw_if_index, local_addr, peer_addr, is_ipv6=0): return self.api(self.papi.bfd_udp_session_set_flags, { 'admin_up_down': admin_up_down, 'sw_if_index': sw_if_index, 'local_addr': local_addr, 'peer_addr': peer_addr, 'is_ipv6': is_ipv6, }) def want_bfd_events(self, enable_disable=1): return self.api(self.papi.want_bfd_events, { 'enable_disable': enable_disable, 'pid': os.getpid(), }) def bfd_auth_set_key(self, conf_key_id, auth_type, key): return self.api(self.papi.bfd_auth_set_key, { 'conf_key_id': conf_key_id, 'auth_type': auth_type, 'key': key, 'key_len': len(key), }) def classify_add_del_table( self, is_add, mask, match_n_vectors=1, table_index=0xFFFFFFFF, nbuckets=2, memory_size=2097152, skip_n_vectors=0, next_table_index=0xFFFFFFFF, miss_next_index=0xFFFFFFFF, current_data_flag=0, current_data_offset=0): """ :param is_add: :param mask: :param match_n_vectors: (Default value = 1) :param table_index: (Default value = 0xFFFFFFFF) :param nbuckets: (Default value = 2) :param memory_size: (Default value = 2097152) :param skip_n_vectors: (Default value = 0) :param next_table_index: (Default value = 0xFFFFFFFF) :param miss_next_index: (Default value = 0xFFFFFFFF) :param current_data_flag: (Default value = 0) :param current_data_offset: (Default value = 0) """ mask_len = ((len(mask) - 1) / 16 + 1) * 16 mask = mask + '\0' * (mask_len - len(mask)) return self.api( self.papi.classify_add_del_table, {'is_add': is_add, 'table_index': table_index, 'nbuckets': nbuckets, 'memory_size': memory_size, 'skip_n_vectors': skip_n_vectors, 'match_n_vectors': match_n_vectors, 'next_table_index': next_table_index, 'miss_next_index': miss_next_index, 'current_data_flag': current_data_flag, 'current_data_offset': current_data_offset, 'mask_len': mask_len, 'mask': mask}) def classify_add_del_session( self, is_add, table_index, match, opaque_index=0xFFFFFFFF, hit_next_index=0xFFFFFFFF, advance=0, action=0, metadata=0): """ :param is_add: :param table_index: :param match: :param opaque_index: (Default value = 0xFFFFFFFF) :param hit_next_index: (Default value = 0xFFFFFFFF) :param advance: (Default value = 0) :param action: (Default value = 0) :param metadata: (Default value = 0) """ match_len = ((len(match) - 1) / 16 + 1) * 16 match = match + '\0' * (match_len - len(match)) return self.api( self.papi.classify_add_del_session, {'is_add': is_add, 'table_index': table_index, 'hit_next_index': hit_next_index, 'opaque_index': opaque_index, 'advance': advance, 'action': action, 'metadata': metadata, 'match_len': match_len, 'match': match}) def input_acl_set_interface( self, is_add, sw_if_index, ip4_table_index=0xFFFFFFFF, ip6_table_index=0xFFFFFFFF, l2_table_index=0xFFFFFFFF): """ :param is_add: :param sw_if_index: :param ip4_table_index: (Default value = 0xFFFFFFFF) :param ip6_table_index: (Default value = 0xFFFFFFFF) :param l2_table_index: (Default value = 0xFFFFFFFF) """ return self.api( self.papi.input_acl_set_interface, {'sw_if_index': sw_if_index, 'ip4_table_index': ip4_table_index, 'ip6_table_index': ip6_table_index, 'l2_table_index': l2_table_index, 'is_add': is_add}) def output_acl_set_interface( self, is_add, sw_if_index, ip4_table_index=0xFFFFFFFF, ip6_table_index=0xFFFFFFFF, l2_table_index=0xFFFFFFFF): """ :param is_add: :param sw_if_index: :param ip4_table_index: (Default value = 0xFFFFFFFF) :param ip6_table_index: (Default value = 0xFFFFFFFF) :param l2_table_index: (Default value = 0xFFFFFFFF) """ return self.api( self.papi.output_acl_set_interface, {'sw_if_index': sw_if_index, 'ip4_table_index': ip4_table_index, 'ip6_table_index': ip6_table_index, 'l2_table_index': l2_table_index, 'is_add': is_add}) def set_ipfix_exporter( self, collector_address, src_address, path_mtu, template_interval, vrf_id=0, collector_port=4739, udp_checksum=0): return self.api( self.papi.set_ipfix_exporter, { 'collector_address': collector_address, 'collector_port': collector_port, 'src_address': src_address, 'vrf_id': vrf_id, 'path_mtu': path_mtu, 'template_interval': template_interval, 'udp_checksum': udp_checksum, }) def dhcp_proxy_config(self, dhcp_server, dhcp_src_address, rx_table_id=0, server_table_id=0, is_add=1, is_ipv6=0): return self.api( self.papi.dhcp_proxy_config, { 'rx_vrf_id': rx_table_id, 'server_vrf_id': server_table_id, 'is_ipv6': is_ipv6, 'is_add': is_add, 'dhcp_server': dhcp_server, 'dhcp_src_address': dhcp_src_address, }) def dhcp_proxy_set_vss(self, table_id, vss_type=255, vpn_ascii_id="", oui=0, vpn_index=0, is_add=1, is_ip6=0): return self.api( self.papi.dhcp_proxy_set_vss, { 'tbl_id': table_id, 'vss_type': vss_type, 'vpn_ascii_id': vpn_ascii_id, 'oui': oui, 'vpn_index': vpn_index, 'is_add': is_add, 'is_ipv6': is_ip6, }) def dhcp_client_config(self, sw_if_index, hostname, client_id='', is_add=1, set_broadcast_flag=1, want_dhcp_events=0): return self.api( self.papi.dhcp_client_config, { 'is_add': is_add, 'client': { 'sw_if_index': sw_if_index, 'hostname': hostname, 'id': client_id, 'want_dhcp_event': want_dhcp_events, 'set_broadcast_flag': set_broadcast_flag, 'pid': os.getpid()} }) def ip_mroute_add_del(self, src_address, grp_address, grp_address_length, e_flags, next_hop_afi, next_hop_sw_if_index, next_hop_address, i_flags, bier_imp=0, rpf_id=0, table_id=0, is_add=1, is_ipv6=0, is_local=0): """ IP Multicast Route add/del """ return self.api( self.papi.ip_mroute_add_del, {'next_hop_sw_if_index': next_hop_sw_if_index, 'entry_flags': e_flags, 'itf_flags': i_flags, 'table_id': table_id, 'rpf_id': rpf_id, 'is_add': is_add, 'is_ipv6': is_ipv6, 'is_local': is_local, 'bier_imp': bier_imp, 'next_hop_afi': next_hop_afi, 'grp_address_length': grp_address_length, 'grp_address': grp_address, 'src_address': src_address, 'nh_address': next_hop_address}) def lisp_enable_disable(self, is_enabled): return self.api( self.papi.lisp_enable_disable, { 'is_en': is_enabled, }) def lisp_add_del_locator_set(self, ls_name, is_add=1): return self.api( self.papi.lisp_add_del_locator_set, { 'is_add': is_add, 'locator_set_name': ls_name }) def lisp_add_del_locator(self, ls_name, sw_if_index, priority=1, weight=1, is_add=1): return self.api( self.papi.lisp_add_del_locator, { 'is_add': is_add, 'locator_set_name': ls_name, 'sw_if_index': sw_if_index, 'priority': priority, 'weight': weight }) def lisp_locator_dump(self, is_index_set, ls_name=None, ls_index=0): return self.api( self.papi.lisp_locator_dump, { 'is_index_set': is_index_set, 'ls_name': ls_name, 'ls_index': ls_index, }) def lisp_add_del_local_eid(self, ls_name, eid_type, eid, prefix_len, vni=0, key_id=0, key="", is_add=1): return self.api( self.papi.lisp_add_del_local_eid, { 'locator_set_name': ls_name, 'is_add': is_add, 'eid_type': eid_type, 'eid': eid, 'prefix_len': prefix_len, 'vni': vni, 'key_id': key_id, 'key': key }) def lisp_eid_table_dump(self, eid_set=0, prefix_length=0, vni=0, eid_type=0, eid=None, filter_opt=0): return self.api( self.papi.lisp_eid_table_dump, { 'eid_set': eid_set, 'prefix_length': prefix_length, 'vni': vni, 'eid_type': eid_type, 'eid': eid, 'filter': filter_opt, }) def lisp_add_del_remote_mapping(self, eid_type, eid, eid_prefix_len=0, vni=0, rlocs=[], rlocs_num=0, is_src_dst=0, is_add=1): return self.api( self.papi.lisp_add_del_remote_mapping, { 'is_add': is_add, 'eid_type': eid_type, 'eid': eid, 'eid_len': eid_prefix_len, 'rloc_num': rlocs_num, 'rlocs': rlocs, 'vni': vni, 'is_src_dst': is_src_dst, }) def lisp_add_del_adjacency(self, leid, reid, leid_len, reid_len, eid_type, is_add=1, vni=0): return self.api( self.papi.lisp_add_del_adjacency, { 'is_add': is_add, 'vni': vni, 'eid_type': eid_type, 'leid': leid, 'reid': reid, 'leid_len': leid_len, 'reid_len': reid_len, }) def gtpu_add_del_tunnel( self, src_addr, dst_addr, is_add=1, is_ipv6=0, mcast_sw_if_index=0xFFFFFFFF, encap_vrf_id=0, decap_next_index=0xFFFFFFFF, teid=0): """ :param is_add: (Default value = 1) :param is_ipv6: (Default value = 0) :param src_addr: :param dst_addr: :param mcast_sw_if_index: (Default value = 0xFFFFFFFF) :param encap_vrf_id: (Default value = 0) :param decap_next_index: (Default value = 0xFFFFFFFF) :param teid: (Default value = 0) """ return self.api(self.papi.gtpu_add_del_tunnel, {'is_add': is_add, 'is_ipv6': is_ipv6, 'src_address': src_addr, 'dst_address': dst_addr, 'mcast_sw_if_index': mcast_sw_if_index, 'encap_vrf_id': encap_vrf_id, 'decap_next_index': decap_next_index, 'teid': teid}) def vxlan_gpe_add_del_tunnel( self, src_addr, dst_addr, mcast_sw_if_index=0xFFFFFFFF, is_add=1, is_ipv6=0, encap_vrf_id=0, decap_vrf_id=0, protocol=3, vni=0): """ :param local: :param remote: :param is_add: (Default value = 1) :param is_ipv6: (Default value = 0) :param encap_vrf_id: (Default value = 0) :param decap_vrf_id: (Default value = 0) :param mcast_sw_if_index: (Default value = 0xFFFFFFFF) :param protocol: (Default value = 3) :param vni: (Default value = 0) """ return self.api(self.papi.vxlan_gpe_add_del_tunnel, {'is_add': is_add, 'is_ipv6': is_ipv6, 'local': src_addr, 'remote': dst_addr, 'mcast_sw_if_index': mcast_sw_if_index, 'encap_vrf_id': encap_vrf_id, 'decap_vrf_id': decap_vrf_id, 'protocol': protocol, 'vni': vni}) def vxlan_gbp_tunnel_add_del( self, src, dst, mcast_sw_if_index=0xFFFFFFFF, is_add=1, is_ipv6=0, encap_table_id=0, vni=0, mode=1, instance=0xFFFFFFFF): """ :param dst_addr: :param src_addr: :param is_add: (Default value = 1) :param is_ipv6: (Default value = 0) :param encap_table_id: (Default value = 0) :param decap_next_index: (Default value = 0xFFFFFFFF) :param mcast_sw_if_index: (Default value = 0xFFFFFFFF) :param vni: (Default value = 0) :param instance: (Default value = 0xFFFFFFFF) """ return self.api(self.papi.vxlan_gbp_tunnel_add_del, {'is_add': is_add, 'tunnel': { 'src': src, 'dst': dst, 'mcast_sw_if_index': mcast_sw_if_index, 'encap_table_id': encap_table_id, 'vni': vni, 'instance': instance, "mode": mode}}) def vxlan_gbp_tunnel_dump(self, sw_if_index=0xffffffff): return self.api(self.papi.vxlan_gbp_tunnel_dump, {'sw_if_index': sw_if_index, '_no_type_conversion': True}) def pppoe_add_del_session( self, client_ip, client_mac, session_id=0, is_add=1, is_ipv6=0, decap_vrf_id=0): """ :param is_add: (Default value = 1) :param is_ipv6: (Default value = 0) :param client_ip: :param session_id: (Default value = 0) :param client_mac: :param decap_vrf_id: (Default value = 0) """ return self.api(self.papi.pppoe_add_del_session, {'is_add': is_add, 'is_ipv6': is_ipv6, 'session_id': session_id, 'client_ip': client_ip, 'decap_vrf_id': decap_vrf_id, 'client_mac': client_mac}) def sr_mpls_policy_add(self, bsid, weight, type, segments): return self.api(self.papi.sr_mpls_policy_add, {'bsid': bsid, 'weight': weight, 'type': type, 'n_segments': len(segments), 'segments': segments}) def sr_mpls_policy_del(self, bsid): return self.api(self.papi.sr_mpls_policy_del, {'bsid': bsid}) def sr_localsid_add_del(self, localsid, behavior, nh_addr4, nh_addr6, is_del=0, end_psp=0, sw_if_index=0xFFFFFFFF, vlan_index=0, fib_table=0, ): """ Add/del IPv6 SR local-SID. :param localsid: :param behavior: END=1; END.X=2; END.DX2=4; END.DX6=5; :param behavior: END.DX4=6; END.DT6=7; END.DT4=8 :param nh_addr4: :param nh_addr6: :param is_del: (Default value = 0) :param end_psp: (Default value = 0) :param sw_if_index: (Default value = 0xFFFFFFFF) :param vlan_index: (Default value = 0) :param fib_table: (Default value = 0) """ return self.api( self.papi.sr_localsid_add_del, {'is_del': is_del, 'localsid': localsid, 'end_psp': end_psp, 'behavior': behavior, 'sw_if_index': sw_if_index, 'vlan_index': vlan_index, 'fib_table': fib_table, 'nh_addr4': nh_addr4, 'nh_addr6': nh_addr6 } ) def sr_policy_add( self, bsid_addr, weight=1, is_encap=1, type=0, fib_table=0, n_segments=0, segments=[]): """ :param bsid_addr: bindingSID of the SR Policy :param weight: weight of the sid list. optional. (default: 1) :param is_encap: (bool) whether SR policy should Encap or SRH insert \ (default: Encap) :param type: type/behavior of the SR policy. (default or spray) \ (default: default) :param fib_table: VRF where to install the FIB entry for the BSID \ (default: 0) :param n_segments: number of segments \ (default: 0) :param segments: a vector of IPv6 address composing the segment list \ (default: []) """ return self.api( self.papi.sr_policy_add, {'bsid_addr': bsid_addr, 'weight': weight, 'is_encap': is_encap, 'type': type, 'fib_table': fib_table, 'n_segments': n_segments, 'segments': segments } ) def sr_policy_del( self, bsid_addr, sr_policy_index=0): """ :param bsid: bindingSID of the SR Policy :param sr_policy_index: index of the sr policy (default: 0) """ return self.api( self.papi.sr_policy_del, {'bsid_addr': bsid_addr, 'sr_policy_index': sr_policy_index }) def sr_steering_add_del( self, is_del, bsid_addr, sr_policy_index, table_id, prefix_addr, mask_width, sw_if_index, traffic_type): """ Steer traffic L2 and L3 traffic through a given SR policy :param is_del: delete or add :param bsid_addr: bindingSID of the SR Policy (alt to sr_policy_index) :param sr_policy: is the index of the SR Policy (alt to bsid) :param table_id: is the VRF where to install the FIB entry for the BSID :param prefix_addr: is the IPv4/v6 address for L3 traffic type :param mask_width: is the mask for L3 traffic type :param sw_if_index: is the incoming interface for L2 traffic :param traffic_type: type of traffic (IPv4: 4, IPv6: 6, L2: 2) """ return self.api( self.papi.sr_steering_add_del, {'is_del': is_del, 'bsid_addr': bsid_addr, 'sr_policy_index': sr_policy_index, 'table_id': table_id, 'prefix_addr': prefix_addr, 'mask_width': mask_width, 'sw_if_index': sw_if_index, 'traffic_type': traffic_type }) def acl_add_replace(self, acl_index, r, tag='', expected_retval=0): """Add/replace an ACL :param int acl_index: ACL index to replace, 2^32-1 to create new ACL. :param acl_rule r: ACL rules array. :param str tag: symbolic tag (description) for this ACL. :param int count: number of rules. """ return self.api(self.papi.acl_add_replace, {'acl_index': acl_index, 'r': r, 'count': len(r), 'tag': tag}, expected_retval=expected_retval) def acl_del(self, acl_index, expected_retval=0): """ :param acl_index: :return: """ return self.api(self.papi.acl_del, {'acl_index': acl_index}, expected_retval=expected_retval) def acl_interface_set_acl_list(self, sw_if_index, n_input, acls, expected_retval=0): return self.api(self.papi.acl_interface_set_acl_list, {'sw_if_index': sw_if_index, 'count': len(acls), 'n_input': n_input, 'acls': acls}, expected_retval=expected_retval) def acl_interface_set_etype_whitelist(self, sw_if_index, n_input, whitelist, expected_retval=0): return self.api(self.papi.acl_interface_set_etype_whitelist, {'sw_if_index': sw_if_index, 'count': len(whitelist), 'n_input': n_input, 'whitelist': whitelist}, expected_retval=expected_retval) def acl_interface_add_del(self, sw_if_index, acl_index, is_add=1): """ Add/Delete ACL to/from interface :param sw_if_index: :param acl_index: :param is_add: (Default value = 1) """ return self.api(self.papi.acl_interface_add_del, {'is_add': is_add, 'is_input': 1, 'sw_if_index': sw_if_index, 'acl_index': acl_index}) def acl_dump(self, acl_index, expected_retval=0): return self.api(self.papi.acl_dump, {'acl_index': acl_index}, expected_retval=expected_retval) def acl_interface_list_dump(self, sw_if_index=0xFFFFFFFF, expected_retval=0): return self.api(self.papi.acl_interface_list_dump, {'sw_if_index': sw_if_index}, expected_retval=expected_retval) def macip_acl_add(self, rules, tag=""): """ Add MACIP acl :param rules: list of rules for given acl :param tag: acl tag """ return self.api(self.papi.macip_acl_add, {'r': rules, 'count': len(rules), 'tag': tag}) def macip_acl_add_replace(self, rules, acl_index=0xFFFFFFFF, tag=""): """ Add MACIP acl :param rules: list of rules for given acl :param tag: acl tag """ return self.api(self.papi.macip_acl_add_replace, {'acl_index': acl_index, 'r': rules, 'count': len(rules), 'tag': tag}) def macip_acl_interface_add_del(self, sw_if_index, acl_index, is_add=1): """ Add MACIP acl to interface :param sw_if_index: :param acl_index: :param is_add: (Default value = 1) """ return self.api(self.papi.macip_acl_interface_add_del, {'is_add': is_add, 'sw_if_index': sw_if_index, 'acl_index': acl_index}) def macip_acl_dump(self, acl_index=4294967295): """ Return MACIP acl dump """ return self.api( self.papi.macip_acl_dump, {'acl_index': acl_index}) def policer_add_del(self, name, cir, eir, cb, eb, is_add=1, rate_type=0, round_type=0, ptype=0, color_aware=0, conform_action_type=1, conform_dscp=0, exceed_action_type=0, exceed_dscp=0, violate_action_type=0, violate_dscp=0): return self.api(self.papi.policer_add_del, {'name': name, 'cir': cir, 'eir': eir, 'cb': cb, 'eb': eb, 'is_add': is_add, 'rate_type': rate_type, 'round_type': round_type, 'type': ptype, 'color_aware': color_aware, 'conform_action_type': conform_action_type, 'conform_dscp': conform_dscp, 'exceed_action_type': exceed_action_type, 'exceed_dscp': exceed_dscp, 'violate_action_type': violate_action_type, 'violate_dscp': violate_dscp}) def ip_punt_police(self, policer_index, is_ip6=0, is_add=1): return self.api(self.papi.ip_punt_police, {'policer_index': policer_index, 'is_add': is_add, 'is_ip6': is_ip6}) def ip_punt_redirect(self, rx_sw_if_index, tx_sw_if_index, address, is_add=1): return self.api(self.papi.ip_punt_redirect, {'punt': {'rx_sw_if_index': rx_sw_if_index, 'tx_sw_if_index': tx_sw_if_index, 'nh': address}, 'is_add': is_add}) def ip_punt_redirect_dump(self, sw_if_index, is_ipv6=0): return self.api(self.papi.ip_punt_redirect_dump, {'sw_if_index': sw_if_index, 'is_ipv6': is_ipv6}) def bier_table_add_del(self, bti, mpls_label, is_add=1): """ BIER Table add/del """ return self.api( self.papi.bier_table_add_del, {'bt_tbl_id': {"bt_set": bti.set_id, "bt_sub_domain": bti.sub_domain_id, "bt_hdr_len_id": bti.hdr_len_id}, 'bt_label': mpls_label, 'bt_is_add': is_add}) def bier_table_dump(self): return self.api(self.papi.bier_table_dump, {}) def bier_route_add_del(self, bti, bp, paths, is_add=1, is_replace=0): """ BIER Route add/del """ return self.api( self.papi.bier_route_add_del, {'br_tbl_id': {"bt_set": bti.set_id, "bt_sub_domain": bti.sub_domain_id, "bt_hdr_len_id": bti.hdr_len_id}, 'br_bp': bp, 'br_n_paths': len(paths), 'br_paths': paths, 'br_is_add': is_add, 'br_is_replace': is_replace}) def bier_route_dump(self, bti): return self.api( self.papi.bier_route_dump, {'br_tbl_id': {"bt_set": bti.set_id, "bt_sub_domain": bti.sub_domain_id, "bt_hdr_len_id": bti.hdr_len_id}}) def bier_imp_add(self, bti, src, ibytes, is_add=1): """ BIER Imposition Add """ return self.api( self.papi.bier_imp_add, {'bi_tbl_id': {"bt_set": bti.set_id, "bt_sub_domain": bti.sub_domain_id, "bt_hdr_len_id": bti.hdr_len_id}, 'bi_src': src, 'bi_n_bytes': len(ibytes), 'bi_bytes': ibytes}) def bier_imp_del(self, bi_index): """ BIER Imposition del """ return self.api( self.papi.bier_imp_del, {'bi_index': bi_index}) def bier_imp_dump(self): return self.api(self.papi.bier_imp_dump, {}) def bier_disp_table_add_del(self, bdti, is_add=1): """ BIER Disposition Table add/del """ return self.api( self.papi.bier_disp_table_add_del, {'bdt_tbl_id': bdti, 'bdt_is_add': is_add}) def bier_disp_table_dump(self): return self.api(self.papi.bier_disp_table_dump, {}) def bier_disp_entry_add_del(self, bdti, bp, payload_proto, next_hop_afi, next_hop, next_hop_tbl_id=0, next_hop_rpf_id=~0, next_hop_is_ip4=1, is_add=1): """ BIER Route add/del """ lstack = [] while (len(lstack) < 16): lstack.append({}) return self.api( self.papi.bier_disp_entry_add_del, {'bde_tbl_id': bdti, 'bde_bp': bp, 'bde_payload_proto': payload_proto, 'bde_n_paths': 1, 'bde_paths': [{'next_hop': next_hop, 'table_id': next_hop_tbl_id, 'afi': next_hop_afi, 'rpf_id': next_hop_rpf_id, 'n_labels': 0, 'label_stack': lstack}], 'bde_is_add': is_add}) def bier_disp_entry_dump(self, bdti): return self.api( self.papi.bier_disp_entry_dump, {'bde_tbl_id': bdti}) def session_enable_disable(self, is_enabled): return self.api( self.papi.session_enable_disable, {'is_enable': is_enabled}) def ipsec_spd_add_del(self, spd_id, is_add=1): """ SPD add/del - Wrapper to add or del ipsec SPD Sample CLI : 'ipsec spd add 1' :param spd_id - SPD ID to be created in the vpp . mandatory :param is_add - create (1) or delete(0) SPD (Default 1 - add) . optional :returns: reply from the API """ return self.api( self.papi.ipsec_spd_add_del, { 'spd_id': spd_id, 'is_add': is_add}) def ipsec_spds_dump(self): return self.api(self.papi.ipsec_spds_dump, {}) def ipsec_interface_add_del_spd(self, spd_id, sw_if_index, is_add=1): """ IPSEC interface SPD add/del - \ Wrapper to associate/disassociate SPD to interface in VPP Sample CLI : 'set interface ipsec spd GigabitEthernet0/6/0 1' :param spd_id - SPD ID to associate with the interface . mandatory :param sw_if_index - Interface Index which needs to ipsec \ association mandatory :param is_add - add(1) or del(0) association with interface \ (Default 1 - add) . optional :returns: reply from the API """ return self.api( self.papi.ipsec_interface_add_del_spd, {'spd_id': spd_id, 'sw_if_index': sw_if_index, 'is_add': is_add}) def ipsec_spd_interface_dump(self, spd_index=None): return self.api(self.papi.ipsec_spd_interface_dump, {'spd_index': spd_index if spd_index else 0, 'spd_index_valid': 1 if spd_index else 0}) def ipsec_sad_entry_add_del(self, sad_id, spi, integrity_algorithm, integrity_key, crypto_algorithm, crypto_key, protocol, tunnel_src_address='', tunnel_dst_address='', flags=0, salt=0, is_add=1): """ IPSEC SA add/del :param sad_id: security association ID :param spi: security param index of the SA in decimal :param integrity_algorithm: :param integrity_key: :param crypto_algorithm: :param crypto_key: :param protocol: AH(0) or ESP(1) protocol :param tunnel_src_address: tunnel mode outer src address :param tunnel_dst_address: tunnel mode outer dst address :param is_add: :param is_tunnel: :** reference /vpp/src/vnet/ipsec/ipsec.h file for enum values of crypto and ipsec algorithms """ return self.api( self.papi.ipsec_sad_entry_add_del, { 'is_add': is_add, 'entry': { 'sad_id': sad_id, 'spi': spi, 'tunnel_src': tunnel_src_address, 'tunnel_dst': tunnel_dst_address, 'protocol': protocol, 'integrity_algorithm': integrity_algorithm, 'integrity_key': { 'length': len(integrity_key), 'data': integrity_key, }, 'crypto_algorithm': crypto_algorithm, 'crypto_key': { 'length': len(crypto_key), 'data': crypto_key, }, 'flags': flags, 'salt': salt, } }) def ipsec_sa_dump(self, sa_id=None): return self.api(self.papi.ipsec_sa_dump, {'sa_id': sa_id if sa_id else 0xffffffff}) def ipsec_spd_entry_add_del(self, spd_id, sa_id, local_address_start, local_address_stop, remote_address_start, remote_address_stop, local_port_start=0, local_port_stop=65535, remote_port_start=0, remote_port_stop=65535, protocol=0, policy=0, priority=100, is_outbound=1, is_add=1, is_ipv6=0, is_ip_any=0): """ IPSEC policy SPD add/del - Wrapper to configure ipsec SPD policy entries in VPP :param spd_id: SPD ID for the policy :param local_address_start: local-ip-range start address :param local_address_stop : local-ip-range stop address :param remote_address_start: remote-ip-range start address :param remote_address_stop : remote-ip-range stop address :param local_port_start: (Default value = 0) :param local_port_stop: (Default value = 65535) :param remote_port_start: (Default value = 0) :param remote_port_stop: (Default value = 65535) :param protocol: Any(0), AH(51) & ESP(50) protocol (Default value = 0) :param sa_id: Security Association ID for mapping it to SPD :param policy: bypass(0), discard(1), resolve(2) or protect(3) action (Default value = 0) :param priority: value for the spd action (Default value = 100) :param is_outbound: flag for inbound(0) or outbound(1) (Default value = 1) :param is_add: (Default value = 1) """ return self.api( self.papi.ipsec_spd_entry_add_del, { 'is_add': is_add, 'entry': { 'spd_id': spd_id, 'sa_id': sa_id, 'local_address_start': local_address_start, 'local_address_stop': local_address_stop, 'remote_address_start': remote_address_start, 'remote_address_stop': remote_address_stop, 'local_port_start': local_port_start, 'local_port_stop': local_port_stop, 'remote_port_start': remote_port_start, 'remote_port_stop': remote_port_stop, 'protocol': protocol, 'policy': policy, 'priority': priority, 'is_outbound': is_outbound, 'is_ip_any': is_ip_any } }) def ipsec_spd_dump(self, spd_id, sa_id=0xffffffff): return self.api(self.papi.ipsec_spd_dump, {'spd_id': spd_id, 'sa_id': sa_id}) def ipsec_tunnel_if_add_del(self, local_ip, remote_ip, local_spi, remote_spi, crypto_alg, local_crypto_key, remote_crypto_key, integ_alg, local_integ_key, remote_integ_key, is_add=1, esn=0, salt=0, anti_replay=1, renumber=0, show_instance=0): return self.api( self.papi.ipsec_tunnel_if_add_del, { 'local_ip': local_ip, 'remote_ip': remote_ip, 'local_spi': local_spi, 'remote_spi': remote_spi, 'crypto_alg': crypto_alg, 'local_crypto_key_len': len(local_crypto_key), 'local_crypto_key': local_crypto_key, 'remote_crypto_key_len': len(remote_crypto_key), 'remote_crypto_key': remote_crypto_key, 'integ_alg': integ_alg, 'local_integ_key_len': len(local_integ_key), 'local_integ_key': local_integ_key, 'remote_integ_key_len': len(remote_integ_key), 'remote_integ_key': remote_integ_key, 'is_add': is_add, 'esn': esn, 'anti_replay': anti_replay, 'renumber': renumber, 'show_instance': show_instance, 'salt': salt }) def ipsec_gre_tunnel_add_del(self, local_ip, remote_ip, sa_out, sa_in, is_add=1): return self.api(self.papi.ipsec_gre_tunnel_add_del, { 'is_add': is_add, 'tunnel': { 'src': local_ip, 'dst': remote_ip, 'local_sa_id': sa_out, 'remote_sa_id': sa_in } }) def ipsec_select_backend(self, protocol, index): return self.api(self.papi.ipsec_select_backend, {'protocol': protocol, 'index': index}) def ipsec_backend_dump(self): return self.api(self.papi.ipsec_backend_dump, {}) def app_namespace_add_del(self, namespace_id, ip4_fib_id=0, ip6_fib_id=0, sw_if_index=0xFFFFFFFF, secret=0): return self.api( self.papi.app_namespace_add_del, {'secret': secret, 'sw_if_index': sw_if_index, 'ip4_fib_id': ip4_fib_id, 'ip6_fib_id': ip6_fib_id, 'namespace_id': namespace_id, 'namespace_id_len': len(namespace_id)}) def punt_socket_register(self, reg, pathname, header_version=1): """ Register punt socket """ return self.api(self.papi.punt_socket_register, {'header_version': header_version, 'punt': reg, 'pathname': pathname}) def punt_socket_deregister(self, reg): """ Unregister punt socket """ return self.api(self.papi.punt_socket_deregister, {'punt': reg}) def gbp_endpoint_add(self, sw_if_index, ips, mac, sclass, flags, tun_src, tun_dst): """ GBP endpoint Add """ return self.api(self.papi.gbp_endpoint_add, {'endpoint': { 'sw_if_index': sw_if_index, 'ips': ips, 'n_ips': len(ips), 'mac': mac, 'sclass': sclass, 'flags': flags, 'tun': { 'src': tun_src, 'dst': tun_dst, }}}) def gbp_endpoint_del(self, handle): """ GBP endpoint Del """ return self.api(self.papi.gbp_endpoint_del, {'handle': handle}) def gbp_endpoint_dump(self): """ GBP endpoint Dump """ return self.api(self.papi.gbp_endpoint_dump, {'_no_type_conversion': True}) def gbp_endpoint_group_add(self, vnid, sclass, bd, rd, uplink_sw_if_index, retention): """ GBP endpoint group Add """ return self.api(self.papi.gbp_endpoint_group_add, {'epg': { 'uplink_sw_if_index': uplink_sw_if_index, 'bd_id': bd, 'rd_id': rd, 'vnid': vnid, 'sclass': sclass, 'retention': retention }}) def gbp_endpoint_group_del(self, sclass): """ GBP endpoint group Del """ return self.api(self.papi.gbp_endpoint_group_del, {'sclass': sclass}) def gbp_bridge_domain_add(self, bd_id, flags, bvi_sw_if_index, uu_fwd_sw_if_index, bm_flood_sw_if_index): """ GBP bridge-domain Add """ return self.api(self.papi.gbp_bridge_domain_add, {'bd': { 'flags': flags, 'bvi_sw_if_index': bvi_sw_if_index, 'uu_fwd_sw_if_index': uu_fwd_sw_if_index, 'bm_flood_sw_if_index': bm_flood_sw_if_index, 'bd_id': bd_id }}) def gbp_bridge_domain_del(self, bd_id): """ GBP bridge-domain Del """ return self.api(self.papi.gbp_bridge_domain_del, {'bd_id': bd_id}) def gbp_route_domain_add(self, rd_id, ip4_table_id, ip6_table_id, ip4_uu_sw_if_index, ip6_uu_sw_if_index): """ GBP route-domain Add """ return self.api(self.papi.gbp_route_domain_add, {'rd': { 'ip4_table_id': ip4_table_id, 'ip6_table_id': ip6_table_id, 'ip4_uu_sw_if_index': ip4_uu_sw_if_index, 'ip6_uu_sw_if_index': ip6_uu_sw_if_index, 'rd_id': rd_id }}) def gbp_route_domain_del(self, rd_id): """ GBP route-domain Del """ return self.api(self.papi.gbp_route_domain_del, {'rd_id': rd_id}) def gbp_recirc_add_del(self, is_add, sw_if_index, sclass, is_ext): """ GBP recirc Add/Del """ return self.api(self.papi.gbp_recirc_add_del, {'is_add': is_add, 'recirc': { 'is_ext': is_ext, 'sw_if_index': sw_if_index, 'sclass': sclass}}) def gbp_recirc_dump(self): """ GBP recirc Dump """ return self.api(self.papi.gbp_recirc_dump, {}) def gbp_ext_itf_add_del(self, is_add, sw_if_index, bd_id, rd_id): """ GBP recirc Add/Del """ return self.api(self.papi.gbp_ext_itf_add_del, {'is_add': is_add, 'ext_itf': { 'sw_if_index': sw_if_index, 'bd_id': bd_id, 'rd_id': rd_id}}) def gbp_ext_itf_dump(self): """ GBP recirc Dump """ return self.api(self.papi.gbp_ext_itf_dump, {}) def gbp_subnet_add_del(self, is_add, rd_id, prefix, type, sw_if_index=0xffffffff, sclass=0xffff): """ GBP Subnet Add/Del """ return self.api(self.papi.gbp_subnet_add_del, {'is_add': is_add, 'subnet': { 'type': type, 'sw_if_index': sw_if_index, 'sclass': sclass, 'prefix': prefix, 'rd_id': rd_id}}) def gbp_subnet_dump(self): """ GBP Subnet Dump """ return self.api(self.papi.gbp_subnet_dump, {'_no_type_conversion': True}) def gbp_contract_add_del(self, is_add, sclass, dclass, acl_index, rules, allowed_ethertypes): """ GBP contract Add/Del """ return self.api(self.papi.gbp_contract_add_del, {'is_add': is_add, 'contract': { 'acl_index': acl_index, 'sclass': sclass, 'dclass': dclass, 'n_rules': len(rules), 'rules': rules, 'n_ether_types': len(allowed_ethertypes), 'allowed_ethertypes': allowed_ethertypes}}) def gbp_contract_dump(self): """ GBP contract Dump """ return self.api(self.papi.gbp_contract_dump, {}) def gbp_vxlan_tunnel_add(self, vni, bd_rd_id, mode, src): """ GBP VXLAN tunnel add """ return self.api(self.papi.gbp_vxlan_tunnel_add, { 'tunnel': { 'vni': vni, 'mode': mode, 'bd_rd_id': bd_rd_id, 'src': src } }) def gbp_vxlan_tunnel_del(self, vni): """ GBP VXLAN tunnel del """ return self.api(self.papi.gbp_vxlan_tunnel_del, { 'vni': vni, }) def gbp_vxlan_tunnel_dump(self): """ GBP VXLAN tunnel add/del """ return self.api(self.papi.gbp_vxlan_tunnel_dump, {}) def qos_egress_map_update(self, id, outputs): """ QOS egress map update """ return self.api(self.papi.qos_egress_map_update, {'map_id': id, 'rows': outputs}) def qos_egress_map_delete(self, id): """ QOS egress map delete """ return self.api(self.papi.qos_egress_map_delete, {'map_id': id}) def qos_mark_enable_disable(self, sw_if_index, output_source, map_id, enable): """ QOS Mark Enable/Disable """ return self.api(self.papi.qos_mark_enable_disable, {'map_id': map_id, 'sw_if_index': sw_if_index, 'output_source': output_source, 'enable': enable}) def igmp_enable_disable(self, sw_if_index, enable, host): """ Enable/disable IGMP on a given interface """ return self.api(self.papi.igmp_enable_disable, {'enable': enable, 'mode': host, 'sw_if_index': sw_if_index}) def igmp_proxy_device_add_del(self, vrf_id, sw_if_index, add): """ Add/del IGMP proxy device """ return self.api(self.papi.igmp_proxy_device_add_del, {'vrf_id': vrf_id, 'sw_if_index': sw_if_index, 'add': add}) def igmp_proxy_device_add_del_interface(self, vrf_id, sw_if_index, add): """ Add/del interface to/from IGMP proxy device """ return self.api(self.papi.igmp_proxy_device_add_del_interface, {'vrf_id': vrf_id, 'sw_if_index': sw_if_index, 'add': add}) def igmp_listen(self, filter, sw_if_index, saddrs, gaddr): """ Listen for new (S,G) on specified interface :param enable: add/del :param sw_if_index: interface sw index :param saddr: source ip4 addr :param gaddr: group ip4 addr """ return self.api(self.papi.igmp_listen, { 'group': { 'filter': filter, 'sw_if_index': sw_if_index, 'n_srcs': len(saddrs), 'saddrs': saddrs, 'gaddr': gaddr } }) def igmp_clear_interface(self, sw_if_index): """ Remove all (S,G)s from specified interface doesn't send IGMP report! """ return self.api( self.papi.igmp_clear_interface, { 'sw_if_index': sw_if_index}) def want_igmp_events(self, enable=1): return self.api(self.papi.want_igmp_events, {'enable': enable, 'pid': os.getpid()}) def bond_create( self, mode, lb, use_custom_mac, mac_address='', interface_id=0xFFFFFFFF): """ :param mode: mode :param lb: load balance :param use_custom_mac: use custom mac :param mac_address: mac address :param interface_id: custom interface ID """ return self.api( self.papi.bond_create, {'mode': mode, 'lb': lb, 'use_custom_mac': use_custom_mac, 'mac_address': mac_address, 'id': interface_id }) def pipe_delete(self, parent_sw_if_index): return self.api(self.papi.pipe_delete, {'parent_sw_if_index': parent_sw_if_index}) def memif_create( self, role, mode, rx_queues=None, tx_queues=None, _id=None, socket_id=None, secret=None, ring_size=None, buffer_size=None, hw_addr=None): return self.api(self.papi.memif_create, {'role': role, 'mode': mode, 'rx_queues': rx_queues, 'tx_queues': tx_queues, 'id': _id, 'socket_id': socket_id, 'secret': secret, 'ring_size': ring_size, 'buffer_size': buffer_size, 'hw_addr': hw_addr}) def svs_table_add_del(self, af, table_id, is_add=1): return self.api(self.papi.svs_table_add_del, { 'table_id': table_id, 'is_add': is_add, 'af': af, }) def svs_route_add_del(self, table_id, prefix, src_table_id, is_add=1): return self.api(self.papi.svs_route_add_del, { 'table_id': table_id, 'source_table_id': src_table_id, 'prefix': prefix, 'is_add': is_add, }) def svs_enable_disable(self, af, table_id, sw_if_index, is_enable=1): return self.api(self.papi.svs_enable_disable, { 'af': af, 'table_id': table_id, 'sw_if_index': sw_if_index, 'is_enable': is_enable, })