2020-07-01 13:16:16 +02:00
|
|
|
#!/usr/bin/env python3
|
|
|
|
|
|
|
|
import ipaddress
|
|
|
|
import random
|
|
|
|
import socket
|
|
|
|
import struct
|
|
|
|
import unittest
|
|
|
|
from io import BytesIO
|
|
|
|
|
|
|
|
import scapy.compat
|
2021-05-31 16:08:53 +02:00
|
|
|
from framework import VppTestCase, VppTestRunner
|
2020-07-01 13:16:16 +02:00
|
|
|
from ipfix import IPFIX, Set, Template, Data, IPFIXDecoder
|
2022-04-26 19:02:15 +02:00
|
|
|
from scapy.all import (
|
|
|
|
bind_layers,
|
|
|
|
Packet,
|
|
|
|
ByteEnumField,
|
|
|
|
ShortField,
|
|
|
|
IPField,
|
|
|
|
IntField,
|
|
|
|
LongField,
|
|
|
|
XByteField,
|
|
|
|
FlagsField,
|
|
|
|
FieldLenField,
|
|
|
|
PacketListField,
|
|
|
|
)
|
2020-07-01 13:16:16 +02:00
|
|
|
from scapy.data import IP_PROTOS
|
|
|
|
from scapy.layers.inet import IP, TCP, UDP, ICMP
|
|
|
|
from scapy.layers.inet import IPerror, TCPerror, UDPerror, ICMPerror
|
|
|
|
from scapy.layers.inet6 import ICMPv6DestUnreach, IPerror6, IPv6ExtHdrFragment
|
2022-04-26 19:02:15 +02:00
|
|
|
from scapy.layers.inet6 import (
|
|
|
|
IPv6,
|
|
|
|
ICMPv6EchoRequest,
|
|
|
|
ICMPv6EchoReply,
|
|
|
|
ICMPv6ND_NS,
|
|
|
|
ICMPv6ND_NA,
|
|
|
|
ICMPv6NDOptDstLLAddr,
|
|
|
|
fragment6,
|
|
|
|
)
|
2020-07-01 13:16:16 +02:00
|
|
|
from scapy.layers.l2 import Ether, ARP, GRE
|
|
|
|
from scapy.packet import Raw
|
|
|
|
from syslog_rfc5424_parser import SyslogMessage, ParseError
|
|
|
|
from syslog_rfc5424_parser.constants import SyslogSeverity
|
|
|
|
from util import ip4_range
|
|
|
|
from util import ppc, ppp
|
|
|
|
from vpp_acl import AclRule, VppAcl, VppAclInterface
|
|
|
|
from vpp_ip_route import VppIpRoute, VppRoutePath
|
|
|
|
from vpp_neighbor import VppNeighbor
|
|
|
|
from vpp_papi import VppEnum
|
|
|
|
|
|
|
|
|
2021-03-23 12:57:58 +01:00
|
|
|
class TestNAT66(VppTestCase):
|
2022-04-26 19:02:15 +02:00
|
|
|
"""NAT66 Test Cases"""
|
2020-07-01 13:16:16 +02:00
|
|
|
|
|
|
|
@classmethod
|
|
|
|
def setUpClass(cls):
|
|
|
|
super(TestNAT66, cls).setUpClass()
|
|
|
|
|
2022-04-26 19:02:15 +02:00
|
|
|
cls.nat_addr = "fd01:ff::2"
|
2020-07-01 13:16:16 +02:00
|
|
|
cls.create_pg_interfaces(range(2))
|
|
|
|
cls.interfaces = list(cls.pg_interfaces)
|
|
|
|
|
|
|
|
for i in cls.interfaces:
|
|
|
|
i.admin_up()
|
|
|
|
i.config_ip6()
|
|
|
|
i.configure_ipv6_neighbors()
|
|
|
|
|
2021-03-23 12:57:58 +01:00
|
|
|
@property
|
|
|
|
def config_flags(self):
|
|
|
|
return VppEnum.vl_api_nat_config_flags_t
|
|
|
|
|
|
|
|
def plugin_enable(self):
|
|
|
|
self.vapi.nat66_plugin_enable_disable(enable=1)
|
|
|
|
|
|
|
|
def plugin_disable(self):
|
|
|
|
self.vapi.nat66_plugin_enable_disable(enable=0)
|
|
|
|
|
|
|
|
def setUp(self):
|
|
|
|
super(TestNAT66, self).setUp()
|
|
|
|
self.plugin_enable()
|
|
|
|
|
|
|
|
def tearDown(self):
|
|
|
|
super(TestNAT66, self).tearDown()
|
|
|
|
if not self.vpp_dead:
|
|
|
|
self.plugin_disable()
|
2020-07-01 13:16:16 +02:00
|
|
|
|
|
|
|
def test_static(self):
|
2022-04-26 19:02:15 +02:00
|
|
|
"""1:1 NAT66 test"""
|
2020-07-01 13:16:16 +02:00
|
|
|
flags = self.config_flags.NAT_IS_INSIDE
|
2022-04-26 19:02:15 +02:00
|
|
|
self.vapi.nat66_add_del_interface(
|
|
|
|
is_add=1, flags=flags, sw_if_index=self.pg0.sw_if_index
|
|
|
|
)
|
|
|
|
self.vapi.nat66_add_del_interface(is_add=1, sw_if_index=self.pg1.sw_if_index)
|
2020-07-01 13:16:16 +02:00
|
|
|
self.vapi.nat66_add_del_static_mapping(
|
|
|
|
local_ip_address=self.pg0.remote_ip6,
|
|
|
|
external_ip_address=self.nat_addr,
|
2022-04-26 19:02:15 +02:00
|
|
|
is_add=1,
|
|
|
|
)
|
2020-07-01 13:16:16 +02:00
|
|
|
|
|
|
|
# in2out
|
|
|
|
pkts = []
|
2022-04-26 19:02:15 +02:00
|
|
|
p = (
|
|
|
|
Ether(dst=self.pg0.local_mac, src=self.pg0.remote_mac)
|
|
|
|
/ IPv6(src=self.pg0.remote_ip6, dst=self.pg1.remote_ip6)
|
|
|
|
/ TCP()
|
|
|
|
)
|
2020-07-01 13:16:16 +02:00
|
|
|
pkts.append(p)
|
2022-04-26 19:02:15 +02:00
|
|
|
p = (
|
|
|
|
Ether(dst=self.pg0.local_mac, src=self.pg0.remote_mac)
|
|
|
|
/ IPv6(src=self.pg0.remote_ip6, dst=self.pg1.remote_ip6)
|
|
|
|
/ UDP()
|
|
|
|
)
|
2020-07-01 13:16:16 +02:00
|
|
|
pkts.append(p)
|
2022-04-26 19:02:15 +02:00
|
|
|
p = (
|
|
|
|
Ether(dst=self.pg0.local_mac, src=self.pg0.remote_mac)
|
|
|
|
/ IPv6(src=self.pg0.remote_ip6, dst=self.pg1.remote_ip6)
|
|
|
|
/ ICMPv6EchoRequest()
|
|
|
|
)
|
2020-07-01 13:16:16 +02:00
|
|
|
pkts.append(p)
|
2022-04-26 19:02:15 +02:00
|
|
|
p = (
|
|
|
|
Ether(dst=self.pg0.local_mac, src=self.pg0.remote_mac)
|
|
|
|
/ IPv6(src=self.pg0.remote_ip6, dst=self.pg1.remote_ip6)
|
|
|
|
/ GRE()
|
|
|
|
/ IP()
|
|
|
|
/ TCP()
|
|
|
|
)
|
2020-07-01 13:16:16 +02:00
|
|
|
pkts.append(p)
|
|
|
|
self.pg0.add_stream(pkts)
|
|
|
|
self.pg_enable_capture(self.pg_interfaces)
|
|
|
|
self.pg_start()
|
|
|
|
capture = self.pg1.get_capture(len(pkts))
|
|
|
|
|
|
|
|
for packet in capture:
|
|
|
|
try:
|
|
|
|
self.assertEqual(packet[IPv6].src, self.nat_addr)
|
|
|
|
self.assertEqual(packet[IPv6].dst, self.pg1.remote_ip6)
|
|
|
|
self.assert_packet_checksums_valid(packet)
|
|
|
|
except:
|
|
|
|
self.logger.error(ppp("Unexpected or invalid packet:", packet))
|
|
|
|
raise
|
|
|
|
|
|
|
|
# out2in
|
|
|
|
pkts = []
|
2022-04-26 19:02:15 +02:00
|
|
|
p = (
|
|
|
|
Ether(dst=self.pg1.local_mac, src=self.pg1.remote_mac)
|
|
|
|
/ IPv6(src=self.pg1.remote_ip6, dst=self.nat_addr)
|
|
|
|
/ TCP()
|
|
|
|
)
|
2020-07-01 13:16:16 +02:00
|
|
|
pkts.append(p)
|
2022-04-26 19:02:15 +02:00
|
|
|
p = (
|
|
|
|
Ether(dst=self.pg1.local_mac, src=self.pg1.remote_mac)
|
|
|
|
/ IPv6(src=self.pg1.remote_ip6, dst=self.nat_addr)
|
|
|
|
/ UDP()
|
|
|
|
)
|
2020-07-01 13:16:16 +02:00
|
|
|
pkts.append(p)
|
2022-04-26 19:02:15 +02:00
|
|
|
p = (
|
|
|
|
Ether(dst=self.pg1.local_mac, src=self.pg1.remote_mac)
|
|
|
|
/ IPv6(src=self.pg1.remote_ip6, dst=self.nat_addr)
|
|
|
|
/ ICMPv6EchoReply()
|
|
|
|
)
|
2020-07-01 13:16:16 +02:00
|
|
|
pkts.append(p)
|
2022-04-26 19:02:15 +02:00
|
|
|
p = (
|
|
|
|
Ether(dst=self.pg1.local_mac, src=self.pg1.remote_mac)
|
|
|
|
/ IPv6(src=self.pg1.remote_ip6, dst=self.nat_addr)
|
|
|
|
/ GRE()
|
|
|
|
/ IP()
|
|
|
|
/ TCP()
|
|
|
|
)
|
2020-07-01 13:16:16 +02:00
|
|
|
pkts.append(p)
|
|
|
|
self.pg1.add_stream(pkts)
|
|
|
|
self.pg_enable_capture(self.pg_interfaces)
|
|
|
|
self.pg_start()
|
|
|
|
capture = self.pg0.get_capture(len(pkts))
|
|
|
|
for packet in capture:
|
|
|
|
try:
|
|
|
|
self.assertEqual(packet[IPv6].src, self.pg1.remote_ip6)
|
|
|
|
self.assertEqual(packet[IPv6].dst, self.pg0.remote_ip6)
|
|
|
|
self.assert_packet_checksums_valid(packet)
|
|
|
|
except:
|
|
|
|
self.logger.error(ppp("Unexpected or invalid packet:", packet))
|
|
|
|
raise
|
|
|
|
|
|
|
|
sm = self.vapi.nat66_static_mapping_dump()
|
|
|
|
self.assertEqual(len(sm), 1)
|
|
|
|
self.assertEqual(sm[0].total_pkts, 8)
|
|
|
|
|
|
|
|
def test_check_no_translate(self):
|
2022-04-26 19:02:15 +02:00
|
|
|
"""NAT66 translate only when egress interface is outside interface"""
|
2020-07-01 13:16:16 +02:00
|
|
|
flags = self.config_flags.NAT_IS_INSIDE
|
2022-04-26 19:02:15 +02:00
|
|
|
self.vapi.nat66_add_del_interface(
|
|
|
|
is_add=1, flags=flags, sw_if_index=self.pg0.sw_if_index
|
|
|
|
)
|
|
|
|
self.vapi.nat66_add_del_interface(
|
|
|
|
is_add=1, flags=flags, sw_if_index=self.pg1.sw_if_index
|
|
|
|
)
|
2020-07-01 13:16:16 +02:00
|
|
|
self.vapi.nat66_add_del_static_mapping(
|
|
|
|
local_ip_address=self.pg0.remote_ip6,
|
|
|
|
external_ip_address=self.nat_addr,
|
2022-04-26 19:02:15 +02:00
|
|
|
is_add=1,
|
|
|
|
)
|
2020-07-01 13:16:16 +02:00
|
|
|
|
|
|
|
# in2out
|
2022-04-26 19:02:15 +02:00
|
|
|
p = (
|
|
|
|
Ether(dst=self.pg0.local_mac, src=self.pg0.remote_mac)
|
|
|
|
/ IPv6(src=self.pg0.remote_ip6, dst=self.pg1.remote_ip6)
|
|
|
|
/ UDP()
|
|
|
|
)
|
2020-07-01 13:16:16 +02:00
|
|
|
self.pg0.add_stream([p])
|
|
|
|
self.pg_enable_capture(self.pg_interfaces)
|
|
|
|
self.pg_start()
|
|
|
|
capture = self.pg1.get_capture(1)
|
|
|
|
packet = capture[0]
|
|
|
|
try:
|
|
|
|
self.assertEqual(packet[IPv6].src, self.pg0.remote_ip6)
|
|
|
|
self.assertEqual(packet[IPv6].dst, self.pg1.remote_ip6)
|
|
|
|
except:
|
|
|
|
self.logger.error(ppp("Unexpected or invalid packet:", packet))
|
|
|
|
raise
|
|
|
|
|
|
|
|
|
2022-04-26 19:02:15 +02:00
|
|
|
if __name__ == "__main__":
|
2020-07-01 13:16:16 +02:00
|
|
|
unittest.main(testRunner=VppTestRunner)
|