aboutsummaryrefslogtreecommitdiffstats
path: root/test/test_vhost.py
blob: e8cb27d6ed4e1ca033f0b8a9754d77a9ca851e66 (plain) 
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123

#!/usr/bin/env python3

import unittest

from framework import VppTestCase, VppTestRunner

from vpp_vhost_interface import VppVhostInterface


class TesVhostInterface(VppTestCase):
    """Vhost User Test Case

    """
    @classmethod
    def setUpClass(cls):
        super(TesVhostInterface, cls).setUpClass()

    @classmethod
    def tearDownClass(cls):
        super(TesVhostInterface, cls).tearDownClass()

    def tearDown(self):
        super(TesVhostInterface, self).tearDown()
        if not self.vpp_dead:
            if_dump = self.vapi.sw_interface_vhost_user_dump()
            for ifc in if_dump:
                self.vapi.delete_vhost_user_if(ifc.sw_if_index)

    def test_vhost(self):
        """ Vhost User add/delete interface test """
        self.logger.info("Vhost User add interfaces")

        # create interface 1 (VirtualEthernet0/0/0)
        vhost_if1 = VppVhostInterface(self, sock_filename='/tmp/sock1')
        vhost_if1.add_vpp_config()
        vhost_if1.admin_up()

        # create interface 2 (VirtualEthernet0/0/1)
        vhost_if2 = VppVhostInterface(self, sock_filename='/tmp/sock2')
        vhost_if2.add_vpp_config()
        vhost_if2.admin_up()

        # verify both interfaces in the show
        ifs = self.vapi.cli("show interface")
        self.assertIn('VirtualEthernet0/0/0', ifs)
        self.assertIn('VirtualEthernet0/0/1', ifs)

        # verify they are in the dump also
        if_dump = self.vapi.sw_interface_vhost_user_dump()
        self.assertTrue(vhost_if1.is_interface_config_in_dump(if_dump))
        self.assertTrue(vhost_if2.is_interface_config_in_dump(if_dump))

        # delete VirtualEthernet0/0/1
        self.logger.info("Deleting VirtualEthernet0/0/1")
        vhost_if2.remove_vpp_config()

        self.logger.info("Verifying VirtualEthernet0/0/1 is deleted")

        ifs = self.vapi.cli("show interface")
        # verify VirtualEthernet0/0/0 still in the show
        self.assertIn('VirtualEthernet0/0/0', ifs)

        # verify VirtualEthernet0/0/1 not in the show
        self.assertNotIn('VirtualEthernet0/0/1', ifs)

        # verify VirtualEthernet0/0/1 is not in the dump
        if_dump = self.vapi.sw_interface_vhost_user_dump()
        self.assertFalse(vhost_if2.is_interface_config_in_dump(if_dump))

        # verify VirtualEthernet0/0/0 is still in the dump
        self.assertTrue(vhost_if1.is_interface_config_in_dump(if_dump))

        # delete VirtualEthernet0/0/0
        self.logger.info("Deleting VirtualEthernet0/0/0")
        vhost_if1.remove_vpp_config()

        self.logger.info("Verifying VirtualEthernet0/0/0 is deleted")

        # verify VirtualEthernet0/0/0 not in the show
        ifs = self.vapi.cli("show interface")
        self.assertNotIn('VirtualEthernet0/0/0', ifs)

        # verify VirtualEthernet0/0/0 is not in the dump
        if_dump = self.vapi.sw_interface_vhost_user_dump()
        self.assertFalse(vhost_if1.is_interface_config_in_dump(if_dump))

    def test_vhost_interface_state(self):
        """ Vhost User interface states and events test """

        self.vapi.want_interface_events()

        # clear outstanding events
        # (like delete interface events from other tests)
        self.vapi.collect_events()

        vhost_if = VppVhostInterface(self, sock_filename='/tmp/sock1')

        # create vhost interface
        vhost_if.add_vpp_config()
        self.sleep(0.1)
        events = self.vapi.collect_events()
        # creating interface does now create events
        self.assert_equal(len(events), 1, "number of events")

        vhost_if.admin_up()
        vhost_if.assert_interface_state(1, 0, expect_event=True)

        vhost_if.admin_down()
        vhost_if.assert_interface_state(0, 0, expect_event=True)

        # delete vhost interface
        vhost_if.remove_vpp_config()
        event = self.vapi.wait_for_event(timeout=1)
        self.assert_equal(event.sw_if_index, vhost_if.sw_if_index,
                          "sw_if_index")
        self.assert_equal(event.deleted, 1, "deleted flag")

        # verify there are no more events
        events = self.vapi.collect_events()
        self.assert_equal(len(events), 0, "number of events")

if __name__ == '__main__':
    unittest.main(testRunner=VppTestRunner)
an class="k">raise RuntimeError(f"Not an ESP packet received: {pkt_recv!r}") ip_pkt = pkt_recv[ip_layer] d_pkt = sa_in.decrypt(ip_pkt) if d_pkt[ip_layer].dst != dst_ip: raise RuntimeError( f"Decrypted packet has invalid destination address: " f"{d_pkt[ip_layer].dst} should be: {dst_ip}" ) if d_pkt[ip_layer].src != src_ip: raise RuntimeError( f"Decrypted packet has invalid source address: " f"{d_pkt[ip_layer].src} should be: {src_ip}" ) if ip_layer == IP and d_pkt[ip_layer].proto != 61: raise RuntimeError( f"Decrypted packet has invalid IP protocol: " f"{d_pkt[ip_layer].proto} should be: 61" ) def check_ip(pkt_recv, ip_layer, src_ip, dst_ip): """Check received IP/IPv6 packet. :param pkt_recv: Received packet to verify. :param ip_layer: Scapy IP layer. :param src_ip: Source IP/IPv6 address. :param dst_ip: Destination IP/IPv6 address. :type pkt_recv: scapy.Ether :type ip_layer: scapy.layers.inet.IP or scapy.layers.inet6.IPv6 :type src_ip: str :type dst_ip: str :raises RuntimeError: If received packet is invalid. """ if not pkt_recv.haslayer(ip_layer): raise RuntimeError( f"Not an {ip_layer.name} packet received: {pkt_recv!r}" ) if pkt_recv[ip_layer].dst != dst_ip: raise RuntimeError( f"Received packet has invalid destination address: " f"{pkt_recv[ip_layer.name].dst} should be: {dst_ip}" ) if pkt_recv[ip_layer].src != src_ip: raise RuntimeError( f"Received packet has invalid destination address: " f"{pkt_recv[ip_layer.name].dst} should be: {src_ip}" ) if ip_layer == IP and pkt_recv[ip_layer].proto != 61: raise RuntimeError( f"Received packet has invalid IP protocol: " f"{pkt_recv[ip_layer].proto} should be: 61" ) def main(): """Send and receive IPsec packet.""" args = TrafficScriptArg( [ u"tx_src_mac", u"tx_dst_mac", u"rx_src_mac", u"rx_dst_mac", u"src_ip", u"dst_ip", u"crypto_alg", u"crypto_key", u"integ_alg", u"integ_key", u"l_spi", u"r_spi" ], [u"src_tun", u"dst_tun"] ) tx_txq = TxQueue(args.get_arg(u"tx_if")) tx_rxq = RxQueue(args.get_arg(u"tx_if")) rx_txq = TxQueue(args.get_arg(u"rx_if")) rx_rxq = RxQueue(args.get_arg(u"rx_if")) tx_src_mac = args.get_arg(u"tx_src_mac") tx_dst_mac = args.get_arg(u"tx_dst_mac") rx_src_mac = args.get_arg(u"rx_src_mac") rx_dst_mac = args.get_arg(u"rx_dst_mac") src_ip = args.get_arg(u"src_ip") dst_ip = args.get_arg(u"dst_ip") src_tun = args.get_arg(u"src_tun") dst_tun = args.get_arg(u"dst_tun") crypto_alg = args.get_arg(u"crypto_alg") crypto_key = args.get_arg(u"crypto_key") integ_alg = args.get_arg(u"integ_alg") integ_key = args.get_arg(u"integ_key") l_spi = int(args.get_arg(u"l_spi")) r_spi = int(args.get_arg(u"r_spi")) ip_layer = IP if ip_address(src_ip).version == 4 else IPv6 ip_pkt = ip_layer(src=src_ip, dst=dst_ip, proto=61) if ip_layer == IP \ else ip_layer(src=src_ip, dst=dst_ip) tunnel_out = ip_layer(src=src_tun, dst=dst_tun) if src_tun and dst_tun \ else None tunnel_in = ip_layer(src=dst_tun, dst=src_tun) if src_tun and dst_tun \ else None if not (src_tun and dst_tun): src_tun = src_ip sa_in = SecurityAssociation( ESP, spi=r_spi, crypt_algo=crypto_alg, crypt_key=crypto_key.encode(encoding=u"utf-8"), auth_algo=integ_alg, auth_key=integ_key.encode(encoding=u"utf-8"), tunnel_header=tunnel_in ) sa_out = SecurityAssociation( ESP, spi=l_spi, crypt_algo=crypto_alg, crypt_key=crypto_key.encode(encoding=u"utf-8"), auth_algo=integ_alg, auth_key=integ_key.encode(encoding=u"utf-8"), tunnel_header=tunnel_out ) sent_packets = list() tx_pkt_send = ( Ether(src=tx_src_mac, dst=tx_dst_mac) / sa_out.encrypt(ip_pkt)) tx_pkt_send /= Raw() size_limit = 78 if ip_layer == IPv6 else 64 if len(tx_pkt_send) < (size_limit - 14): tx_pkt_send[Raw].load += (b"\0" * (size_limit - 14 - len(tx_pkt_send))) sent_packets.append(tx_pkt_send) tx_txq.send(tx_pkt_send) while True: rx_pkt_recv = rx_rxq.recv(2) if rx_pkt_recv is None: raise RuntimeError(f"{ip_layer.name} packet Rx timeout") if rx_pkt_recv.haslayer(ICMPv6ND_NS): # read another packet in the queue if the current one is ICMPv6ND_NS continue if rx_pkt_recv.haslayer(ICMPv6MLReport2): # read another packet in the queue if the current one is # ICMPv6MLReport2 continue if rx_pkt_recv.haslayer(ICMPv6ND_RA): # read another packet in the queue if the current one is # ICMPv6ND_RA continue # otherwise process the current packet break check_ip( rx_pkt_recv, ip_layer, src_ip, dst_ip ) rx_ip_pkt = ip_layer(src=dst_ip, dst=src_ip, proto=61) if ip_layer == IP \ else ip_layer(src=dst_ip, dst=src_ip) rx_pkt_send = ( Ether(src=rx_dst_mac, dst=rx_src_mac) / rx_ip_pkt) rx_pkt_send /= Raw() if len(rx_pkt_send) < size_limit: rx_pkt_send[Raw].load += (b"\0" * (size_limit - len(rx_pkt_send))) rx_txq.send(rx_pkt_send) while True: tx_pkt_recv = tx_rxq.recv(2, ignore=sent_packets) if tx_pkt_recv is None: raise RuntimeError(f"{ip_layer.name} packet Rx timeout") if tx_pkt_recv.haslayer(ICMPv6ND_NS): # read another packet in the queue if the current one is ICMPv6ND_NS continue if tx_pkt_recv.haslayer(ICMPv6MLReport2): # read another packet in the queue if the current one is # ICMPv6MLReport2 continue if tx_pkt_recv.haslayer(ICMPv6ND_RA): # read another packet in the queue if the current one is # ICMPv6ND_RA continue break check_ipsec(tx_pkt_recv, ip_layer, src_tun, dst_ip, src_ip, sa_in) if __name__ == u"__main__": main()