2019-10-31 13:31:07 -05:00
|
|
|
#!/usr/bin/env python3
|
2018-11-28 19:06:41 -08:00
|
|
|
from __future__ import print_function
|
2018-11-25 10:35:29 -08:00
|
|
|
import binascii
|
2017-03-13 13:39:52 +01:00
|
|
|
import random
|
|
|
|
|
import socket
|
|
|
|
|
import unittest
|
|
|
|
|
import time
|
|
|
|
|
|
|
|
|
|
from scapy.packet import Raw
|
|
|
|
|
from scapy.layers.l2 import Ether
|
2017-06-13 21:15:40 +02:00
|
|
|
from scapy.layers.inet import IP, TCP, UDP
|
2017-03-13 13:39:52 +01:00
|
|
|
from scapy.layers.inet6 import IPv6
|
2023-10-11 12:15:55 +00:00
|
|
|
from scapy.contrib.lacp import SlowProtocol, LACP
|
2017-03-13 13:39:52 +01:00
|
|
|
|
2021-05-31 16:08:53 +02:00
|
|
|
from config import config
|
2023-08-31 00:47:44 -04:00
|
|
|
from framework import VppTestCase
|
|
|
|
|
from asfframework import (
|
|
|
|
|
tag_fixme_vpp_workers,
|
|
|
|
|
tag_fixme_ubuntu2204,
|
|
|
|
|
tag_fixme_debian11,
|
|
|
|
|
tag_run_solo,
|
|
|
|
|
is_distro_ubuntu2204,
|
|
|
|
|
is_distro_debian11,
|
|
|
|
|
VppTestRunner,
|
|
|
|
|
)
|
2017-03-13 13:39:52 +01:00
|
|
|
from vpp_object import VppObject
|
|
|
|
|
from util import ppp
|
|
|
|
|
from ipfix import IPFIX, Set, Template, Data, IPFIXDecoder
|
2017-06-13 21:15:40 +02:00
|
|
|
from vpp_ip_route import VppIpRoute, VppRoutePath
|
2019-10-21 23:13:46 +02:00
|
|
|
from vpp_papi.macaddress import mac_ntop
|
|
|
|
|
from socket import inet_ntop
|
2019-12-09 15:51:44 +01:00
|
|
|
from vpp_papi import VppEnum
|
flowprobe: fix tx flows generated for rewritten traffic
Currently, when IPFIX records generation is enabled for an interface in
the TX direction, some rewritten traffic is being sent from that
interface, and the Ethernet header's location has changed due to
rewriting, generated TX flows will contain fields with wrong and zero
values. For example, that can be observed when traffic is rewritten from
a subinterface to a hardware interface (i.e. when tags are removed). A
TX flow generated in this case will have wrong L2 fields because of an
incorrectly located Ethernet header. And zero L3/L4 fields because the
Ethernet type will match neither IP4 nor IP6.
The same code is executed to generate flows for both input and output
features. And the same mechanism is applied to identify the Ethernet
header in the buffer's data. However, such general code usually works
with the buffer's data conditionally based on the direction. For most
input features, the buffer's current_data will likely point to the IP
header. For most output features, the buffer's current_data will likely
point to the Ethernet header.
With this fix:
- Keep relying on ethernet_buffer_get_header() to locate the Ethernet
header for input features. And start using vlib_buffer_get_current()
to locate the Ethernet header for output features. The function will
account for the Ethernet header's position change in the buffer's
data if there is rewriting.
- After fixing Ethernet header determination in the buffer's data,
L3/L4 fields will contain non-zero but still incorrect data. That is
because IP header determination needs to be fixed too. It currently
relies on the fact that the Ethernet header is always located at the
beginning of the buffer's data and that l2_hdr_sz can be used as an
IP header offset. However, this may not be the case after rewriting.
So start calculating the actual offset of the IP header in the
buffer's data.
- Add a unit test to cover the case.
Type: fix
Change-Id: Icf3f9e6518912d06dff0d5aa48e103b3dc94edb7
Signed-off-by: Alexander Chernavin <achernavin@netgate.com>
2023-11-07 11:25:21 +00:00
|
|
|
from vpp_sub_interface import VppDot1ADSubint
|
2024-03-11 10:38:46 +00:00
|
|
|
from config import config
|
2017-03-13 13:39:52 +01:00
|
|
|
|
|
|
|
|
|
2023-10-17 08:54:33 +00:00
|
|
|
TMPL_COMMON_FIELD_COUNT = 6
|
|
|
|
|
TMPL_L2_FIELD_COUNT = 3
|
|
|
|
|
TMPL_L3_FIELD_COUNT = 4
|
|
|
|
|
TMPL_L4_FIELD_COUNT = 3
|
|
|
|
|
|
2023-10-26 11:18:19 +00:00
|
|
|
IPFIX_TCP_FLAGS_ID = 6
|
|
|
|
|
IPFIX_SRC_TRANS_PORT_ID = 7
|
|
|
|
|
IPFIX_DST_TRANS_PORT_ID = 11
|
flowprobe: fix tx flows generated for rewritten traffic
Currently, when IPFIX records generation is enabled for an interface in
the TX direction, some rewritten traffic is being sent from that
interface, and the Ethernet header's location has changed due to
rewriting, generated TX flows will contain fields with wrong and zero
values. For example, that can be observed when traffic is rewritten from
a subinterface to a hardware interface (i.e. when tags are removed). A
TX flow generated in this case will have wrong L2 fields because of an
incorrectly located Ethernet header. And zero L3/L4 fields because the
Ethernet type will match neither IP4 nor IP6.
The same code is executed to generate flows for both input and output
features. And the same mechanism is applied to identify the Ethernet
header in the buffer's data. However, such general code usually works
with the buffer's data conditionally based on the direction. For most
input features, the buffer's current_data will likely point to the IP
header. For most output features, the buffer's current_data will likely
point to the Ethernet header.
With this fix:
- Keep relying on ethernet_buffer_get_header() to locate the Ethernet
header for input features. And start using vlib_buffer_get_current()
to locate the Ethernet header for output features. The function will
account for the Ethernet header's position change in the buffer's
data if there is rewriting.
- After fixing Ethernet header determination in the buffer's data,
L3/L4 fields will contain non-zero but still incorrect data. That is
because IP header determination needs to be fixed too. It currently
relies on the fact that the Ethernet header is always located at the
beginning of the buffer's data and that l2_hdr_sz can be used as an
IP header offset. However, this may not be the case after rewriting.
So start calculating the actual offset of the IP header in the
buffer's data.
- Add a unit test to cover the case.
Type: fix
Change-Id: Icf3f9e6518912d06dff0d5aa48e103b3dc94edb7
Signed-off-by: Alexander Chernavin <achernavin@netgate.com>
2023-11-07 11:25:21 +00:00
|
|
|
IPFIX_SRC_IP4_ADDR_ID = 8
|
|
|
|
|
IPFIX_DST_IP4_ADDR_ID = 12
|
|
|
|
|
IPFIX_FLOW_DIRECTION_ID = 61
|
2023-10-26 11:18:19 +00:00
|
|
|
|
|
|
|
|
TCP_F_FIN = 0x01
|
|
|
|
|
TCP_F_SYN = 0x02
|
|
|
|
|
TCP_F_RST = 0x04
|
|
|
|
|
TCP_F_PSH = 0x08
|
|
|
|
|
TCP_F_ACK = 0x10
|
|
|
|
|
TCP_F_URG = 0x20
|
|
|
|
|
TCP_F_ECE = 0x40
|
|
|
|
|
TCP_F_CWR = 0x80
|
|
|
|
|
|
2023-10-17 08:54:33 +00:00
|
|
|
|
2017-03-13 13:39:52 +01:00
|
|
|
class VppCFLOW(VppObject):
|
|
|
|
|
"""CFLOW object for IPFIX exporter and Flowprobe feature"""
|
|
|
|
|
|
2022-04-26 19:02:15 +02:00
|
|
|
def __init__(
|
|
|
|
|
self,
|
|
|
|
|
test,
|
|
|
|
|
intf="pg2",
|
|
|
|
|
active=0,
|
|
|
|
|
passive=0,
|
|
|
|
|
timeout=100,
|
|
|
|
|
mtu=1024,
|
|
|
|
|
datapath="l2",
|
|
|
|
|
layer="l2 l3 l4",
|
2022-05-06 11:35:59 +00:00
|
|
|
direction="tx",
|
2022-04-26 19:02:15 +02:00
|
|
|
):
|
2017-03-13 13:39:52 +01:00
|
|
|
self._test = test
|
|
|
|
|
self._intf = intf
|
2022-05-06 11:35:59 +00:00
|
|
|
self._intf_obj = getattr(self._test, intf)
|
2017-03-13 13:39:52 +01:00
|
|
|
self._active = active
|
|
|
|
|
if passive == 0 or passive < active:
|
2022-04-26 19:02:15 +02:00
|
|
|
self._passive = active + 1
|
2017-03-13 13:39:52 +01:00
|
|
|
else:
|
|
|
|
|
self._passive = passive
|
2022-04-26 19:02:15 +02:00
|
|
|
self._datapath = datapath # l2 ip4 ip6
|
|
|
|
|
self._collect = layer # l2 l3 l4
|
2022-05-06 11:35:59 +00:00
|
|
|
self._direction = direction # rx tx both
|
2017-03-13 13:39:52 +01:00
|
|
|
self._timeout = timeout
|
|
|
|
|
self._mtu = mtu
|
|
|
|
|
self._configured = False
|
|
|
|
|
|
|
|
|
|
def add_vpp_config(self):
|
|
|
|
|
self.enable_exporter()
|
2019-12-09 15:51:44 +01:00
|
|
|
l2_flag = 0
|
|
|
|
|
l3_flag = 0
|
|
|
|
|
l4_flag = 0
|
2022-04-26 19:02:15 +02:00
|
|
|
if "l2" in self._collect.lower():
|
|
|
|
|
l2_flag = VppEnum.vl_api_flowprobe_record_flags_t.FLOWPROBE_RECORD_FLAG_L2
|
|
|
|
|
if "l3" in self._collect.lower():
|
|
|
|
|
l3_flag = VppEnum.vl_api_flowprobe_record_flags_t.FLOWPROBE_RECORD_FLAG_L3
|
|
|
|
|
if "l4" in self._collect.lower():
|
|
|
|
|
l4_flag = VppEnum.vl_api_flowprobe_record_flags_t.FLOWPROBE_RECORD_FLAG_L4
|
2022-05-12 14:56:24 +00:00
|
|
|
self._test.vapi.flowprobe_set_params(
|
2019-12-09 15:51:44 +01:00
|
|
|
record_flags=(l2_flag | l3_flag | l4_flag),
|
2022-04-26 19:02:15 +02:00
|
|
|
active_timer=self._active,
|
|
|
|
|
passive_timer=self._passive,
|
|
|
|
|
)
|
2017-03-13 13:39:52 +01:00
|
|
|
self.enable_flowprobe_feature()
|
|
|
|
|
self._test.vapi.cli("ipfix flush")
|
|
|
|
|
self._configured = True
|
|
|
|
|
|
|
|
|
|
def remove_vpp_config(self):
|
|
|
|
|
self.disable_exporter()
|
|
|
|
|
self.disable_flowprobe_feature()
|
|
|
|
|
self._test.vapi.cli("ipfix flush")
|
|
|
|
|
self._configured = False
|
|
|
|
|
|
|
|
|
|
def enable_exporter(self):
|
|
|
|
|
self._test.vapi.set_ipfix_exporter(
|
2019-10-10 14:21:22 +02:00
|
|
|
collector_address=self._test.pg0.remote_ip4,
|
|
|
|
|
src_address=self._test.pg0.local_ip4,
|
2017-03-13 13:39:52 +01:00
|
|
|
path_mtu=self._mtu,
|
2022-04-26 19:02:15 +02:00
|
|
|
template_interval=self._timeout,
|
|
|
|
|
)
|
2017-03-13 13:39:52 +01:00
|
|
|
|
2022-05-06 11:35:59 +00:00
|
|
|
def _enable_disable_flowprobe_feature(self, is_add):
|
|
|
|
|
which_map = {
|
|
|
|
|
"l2": VppEnum.vl_api_flowprobe_which_t.FLOWPROBE_WHICH_L2,
|
|
|
|
|
"ip4": VppEnum.vl_api_flowprobe_which_t.FLOWPROBE_WHICH_IP4,
|
|
|
|
|
"ip6": VppEnum.vl_api_flowprobe_which_t.FLOWPROBE_WHICH_IP6,
|
|
|
|
|
}
|
|
|
|
|
direction_map = {
|
|
|
|
|
"rx": VppEnum.vl_api_flowprobe_direction_t.FLOWPROBE_DIRECTION_RX,
|
|
|
|
|
"tx": VppEnum.vl_api_flowprobe_direction_t.FLOWPROBE_DIRECTION_TX,
|
|
|
|
|
"both": VppEnum.vl_api_flowprobe_direction_t.FLOWPROBE_DIRECTION_BOTH,
|
|
|
|
|
}
|
|
|
|
|
self._test.vapi.flowprobe_interface_add_del(
|
|
|
|
|
is_add=is_add,
|
|
|
|
|
which=which_map[self._datapath],
|
|
|
|
|
direction=direction_map[self._direction],
|
|
|
|
|
sw_if_index=self._intf_obj.sw_if_index,
|
2022-04-26 19:02:15 +02:00
|
|
|
)
|
2017-03-13 13:39:52 +01:00
|
|
|
|
2022-05-06 11:35:59 +00:00
|
|
|
def enable_flowprobe_feature(self):
|
|
|
|
|
self._enable_disable_flowprobe_feature(is_add=True)
|
|
|
|
|
|
2017-03-13 13:39:52 +01:00
|
|
|
def disable_exporter(self):
|
|
|
|
|
self._test.vapi.cli("set ipfix exporter collector 0.0.0.0")
|
|
|
|
|
|
|
|
|
|
def disable_flowprobe_feature(self):
|
2022-05-06 11:35:59 +00:00
|
|
|
self._enable_disable_flowprobe_feature(is_add=False)
|
2017-03-13 13:39:52 +01:00
|
|
|
|
|
|
|
|
def object_id(self):
|
2019-03-14 08:46:52 -07:00
|
|
|
return "ipfix-collector-%s-%s" % (self._src, self.dst)
|
2017-03-13 13:39:52 +01:00
|
|
|
|
|
|
|
|
def query_vpp_config(self):
|
|
|
|
|
return self._configured
|
|
|
|
|
|
2023-10-17 08:54:33 +00:00
|
|
|
def verify_templates(self, decoder=None, timeout=1, count=3, field_count_in=None):
|
2017-03-13 13:39:52 +01:00
|
|
|
templates = []
|
2021-09-08 15:15:59 +02:00
|
|
|
self._test.assertIn(count, (1, 2, 3))
|
|
|
|
|
for _ in range(count):
|
2022-04-26 19:02:15 +02:00
|
|
|
p = self._test.wait_for_cflow_packet(self._test.collector, 2, timeout)
|
2017-03-13 13:39:52 +01:00
|
|
|
self._test.assertTrue(p.haslayer(IPFIX))
|
2023-10-17 08:54:33 +00:00
|
|
|
self._test.assertTrue(p.haslayer(Template))
|
|
|
|
|
if decoder is not None:
|
2017-03-13 13:39:52 +01:00
|
|
|
templates.append(p[Template].templateID)
|
|
|
|
|
decoder.add_template(p.getlayer(Template))
|
2023-10-17 08:54:33 +00:00
|
|
|
if field_count_in is not None:
|
|
|
|
|
self._test.assertIn(p[Template].fieldCount, field_count_in)
|
2017-03-13 13:39:52 +01:00
|
|
|
return templates
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
class MethodHolder(VppTestCase):
|
2022-04-26 19:02:15 +02:00
|
|
|
"""Flow-per-packet plugin: test L2, IP4, IP6 reporting"""
|
2017-03-13 13:39:52 +01:00
|
|
|
|
|
|
|
|
# Test variables
|
|
|
|
|
debug_print = False
|
2017-06-12 08:26:13 +02:00
|
|
|
max_number_of_packets = 10
|
2017-03-13 13:39:52 +01:00
|
|
|
pkts = []
|
|
|
|
|
|
|
|
|
|
@classmethod
|
|
|
|
|
def setUpClass(cls):
|
|
|
|
|
"""
|
|
|
|
|
Perform standard class setup (defined by class method setUpClass in
|
|
|
|
|
class VppTestCase) before running the test case, set test case related
|
|
|
|
|
variables and configure VPP.
|
|
|
|
|
"""
|
|
|
|
|
super(MethodHolder, cls).setUpClass()
|
2024-07-02 18:02:09 +02:00
|
|
|
if (is_distro_debian11 == True) and not hasattr(cls, "vpp"):
|
2022-09-20 21:52:18 -04:00
|
|
|
return
|
2017-03-13 13:39:52 +01:00
|
|
|
try:
|
|
|
|
|
# Create pg interfaces
|
2017-06-13 21:15:40 +02:00
|
|
|
cls.create_pg_interfaces(range(9))
|
2017-03-13 13:39:52 +01:00
|
|
|
|
|
|
|
|
# Packet sizes
|
|
|
|
|
cls.pg_if_packet_sizes = [64, 512, 1518, 9018]
|
|
|
|
|
|
|
|
|
|
# Create BD with MAC learning and unknown unicast flooding disabled
|
|
|
|
|
# and put interfaces to this BD
|
2022-09-16 13:20:07 +02:00
|
|
|
cls.vapi.bridge_domain_add_del_v2(
|
|
|
|
|
bd_id=1, uu_flood=1, learn=1, flood=1, forward=1, is_add=1
|
|
|
|
|
)
|
2019-03-11 19:23:25 +01:00
|
|
|
cls.vapi.sw_interface_set_l2_bridge(
|
2022-04-26 19:02:15 +02:00
|
|
|
rx_sw_if_index=cls.pg1._sw_if_index, bd_id=1
|
|
|
|
|
)
|
2019-03-11 19:23:25 +01:00
|
|
|
cls.vapi.sw_interface_set_l2_bridge(
|
2022-04-26 19:02:15 +02:00
|
|
|
rx_sw_if_index=cls.pg2._sw_if_index, bd_id=1
|
|
|
|
|
)
|
2017-03-13 13:39:52 +01:00
|
|
|
|
|
|
|
|
# Set up all interfaces
|
|
|
|
|
for i in cls.pg_interfaces:
|
|
|
|
|
i.admin_up()
|
|
|
|
|
|
|
|
|
|
cls.pg0.config_ip4()
|
|
|
|
|
cls.pg0.configure_ipv4_neighbors()
|
|
|
|
|
cls.collector = cls.pg0
|
|
|
|
|
|
|
|
|
|
cls.pg1.config_ip4()
|
|
|
|
|
cls.pg1.resolve_arp()
|
|
|
|
|
cls.pg2.config_ip4()
|
|
|
|
|
cls.pg2.resolve_arp()
|
|
|
|
|
cls.pg3.config_ip4()
|
|
|
|
|
cls.pg3.resolve_arp()
|
|
|
|
|
cls.pg4.config_ip4()
|
|
|
|
|
cls.pg4.resolve_arp()
|
2017-06-13 21:15:40 +02:00
|
|
|
cls.pg7.config_ip4()
|
|
|
|
|
cls.pg8.config_ip4()
|
|
|
|
|
cls.pg8.configure_ipv4_neighbors()
|
2017-03-13 13:39:52 +01:00
|
|
|
|
|
|
|
|
cls.pg5.config_ip6()
|
|
|
|
|
cls.pg5.resolve_ndp()
|
|
|
|
|
cls.pg5.disable_ipv6_ra()
|
|
|
|
|
cls.pg6.config_ip6()
|
|
|
|
|
cls.pg6.resolve_ndp()
|
|
|
|
|
cls.pg6.disable_ipv6_ra()
|
|
|
|
|
except Exception:
|
|
|
|
|
super(MethodHolder, cls).tearDownClass()
|
|
|
|
|
raise
|
|
|
|
|
|
2019-01-25 14:05:48 -08:00
|
|
|
@classmethod
|
|
|
|
|
def tearDownClass(cls):
|
|
|
|
|
super(MethodHolder, cls).tearDownClass()
|
|
|
|
|
|
2022-04-26 19:02:15 +02:00
|
|
|
def create_stream(
|
|
|
|
|
self, src_if=None, dst_if=None, packets=None, size=None, ip_ver="v4"
|
|
|
|
|
):
|
2017-03-13 13:39:52 +01:00
|
|
|
"""Create a packet stream to tickle the plugin
|
|
|
|
|
|
|
|
|
|
:param VppInterface src_if: Source interface for packet stream
|
|
|
|
|
:param VppInterface src_if: Dst interface for packet stream
|
|
|
|
|
"""
|
|
|
|
|
if src_if is None:
|
|
|
|
|
src_if = self.pg1
|
|
|
|
|
if dst_if is None:
|
|
|
|
|
dst_if = self.pg2
|
|
|
|
|
self.pkts = []
|
|
|
|
|
if packets is None:
|
|
|
|
|
packets = random.randint(1, self.max_number_of_packets)
|
|
|
|
|
pkt_size = size
|
|
|
|
|
for p in range(0, packets):
|
|
|
|
|
if size is None:
|
|
|
|
|
pkt_size = random.choice(self.pg_if_packet_sizes)
|
|
|
|
|
info = self.create_packet_info(src_if, dst_if)
|
|
|
|
|
payload = self.info_to_payload(info)
|
|
|
|
|
p = Ether(src=src_if.remote_mac, dst=src_if.local_mac)
|
2022-04-26 19:02:15 +02:00
|
|
|
if ip_ver == "v4":
|
2017-03-13 13:39:52 +01:00
|
|
|
p /= IP(src=src_if.remote_ip4, dst=dst_if.remote_ip4)
|
|
|
|
|
else:
|
|
|
|
|
p /= IPv6(src=src_if.remote_ip6, dst=dst_if.remote_ip6)
|
2017-06-13 21:15:40 +02:00
|
|
|
p /= UDP(sport=1234, dport=4321)
|
|
|
|
|
p /= Raw(payload)
|
2017-03-13 13:39:52 +01:00
|
|
|
info.data = p.copy()
|
|
|
|
|
self.extend_packet(p, pkt_size)
|
|
|
|
|
self.pkts.append(p)
|
|
|
|
|
|
|
|
|
|
def verify_cflow_data(self, decoder, capture, cflow):
|
|
|
|
|
octets = 0
|
|
|
|
|
packets = 0
|
|
|
|
|
for p in capture:
|
|
|
|
|
octets += p[IP].len
|
|
|
|
|
packets += 1
|
|
|
|
|
if cflow.haslayer(Data):
|
|
|
|
|
data = decoder.decode_data_set(cflow.getlayer(Set))
|
|
|
|
|
for record in data:
|
2018-11-25 10:35:29 -08:00
|
|
|
self.assertEqual(int(binascii.hexlify(record[1]), 16), octets)
|
|
|
|
|
self.assertEqual(int(binascii.hexlify(record[2]), 16), packets)
|
2017-03-13 13:39:52 +01:00
|
|
|
|
2017-06-12 08:26:13 +02:00
|
|
|
def send_packets(self, src_if=None, dst_if=None):
|
|
|
|
|
if src_if is None:
|
|
|
|
|
src_if = self.pg1
|
|
|
|
|
if dst_if is None:
|
|
|
|
|
dst_if = self.pg2
|
|
|
|
|
self.pg_enable_capture([dst_if])
|
|
|
|
|
src_if.add_stream(self.pkts)
|
|
|
|
|
self.pg_start()
|
|
|
|
|
return dst_if.get_capture(len(self.pkts))
|
|
|
|
|
|
2022-04-26 19:02:15 +02:00
|
|
|
def verify_cflow_data_detail(
|
2023-10-17 08:54:33 +00:00
|
|
|
self,
|
|
|
|
|
decoder,
|
|
|
|
|
capture,
|
|
|
|
|
cflow,
|
|
|
|
|
data_set={1: "octets", 2: "packets"},
|
|
|
|
|
ip_ver="v4",
|
|
|
|
|
field_count=None,
|
2022-04-26 19:02:15 +02:00
|
|
|
):
|
2017-03-13 13:39:52 +01:00
|
|
|
if self.debug_print:
|
2018-11-28 19:06:41 -08:00
|
|
|
print(capture[0].show())
|
2017-03-13 13:39:52 +01:00
|
|
|
if cflow.haslayer(Data):
|
|
|
|
|
data = decoder.decode_data_set(cflow.getlayer(Set))
|
|
|
|
|
if self.debug_print:
|
2018-11-28 19:06:41 -08:00
|
|
|
print(data)
|
2022-04-26 19:02:15 +02:00
|
|
|
if ip_ver == "v4":
|
2023-10-11 12:15:55 +00:00
|
|
|
ip_layer = capture[0][IP] if capture[0].haslayer(IP) else None
|
2017-03-13 13:39:52 +01:00
|
|
|
else:
|
2023-10-11 12:15:55 +00:00
|
|
|
ip_layer = capture[0][IPv6] if capture[0].haslayer(IPv6) else None
|
2017-03-13 13:39:52 +01:00
|
|
|
if data_set is not None:
|
|
|
|
|
for record in data:
|
2019-03-27 11:25:48 -07:00
|
|
|
# skip flow if ingress/egress interface is 0
|
2018-11-25 10:35:29 -08:00
|
|
|
if int(binascii.hexlify(record[10]), 16) == 0:
|
2017-03-13 13:39:52 +01:00
|
|
|
continue
|
2018-11-25 10:35:29 -08:00
|
|
|
if int(binascii.hexlify(record[14]), 16) == 0:
|
2017-03-13 13:39:52 +01:00
|
|
|
continue
|
|
|
|
|
|
|
|
|
|
for field in data_set:
|
|
|
|
|
value = data_set[field]
|
2022-04-26 19:02:15 +02:00
|
|
|
if value == "octets":
|
2017-03-13 13:39:52 +01:00
|
|
|
value = ip_layer.len
|
2022-04-26 19:02:15 +02:00
|
|
|
if ip_ver == "v6":
|
|
|
|
|
value += 40 # ??? is this correct
|
|
|
|
|
elif value == "packets":
|
2017-03-13 13:39:52 +01:00
|
|
|
value = 1
|
2022-04-26 19:02:15 +02:00
|
|
|
elif value == "src_ip":
|
|
|
|
|
if ip_ver == "v4":
|
|
|
|
|
ip = socket.inet_pton(socket.AF_INET, ip_layer.src)
|
2017-03-13 13:39:52 +01:00
|
|
|
else:
|
2022-04-26 19:02:15 +02:00
|
|
|
ip = socket.inet_pton(socket.AF_INET6, ip_layer.src)
|
2018-11-25 10:35:29 -08:00
|
|
|
value = int(binascii.hexlify(ip), 16)
|
2022-04-26 19:02:15 +02:00
|
|
|
elif value == "dst_ip":
|
|
|
|
|
if ip_ver == "v4":
|
|
|
|
|
ip = socket.inet_pton(socket.AF_INET, ip_layer.dst)
|
2017-03-13 13:39:52 +01:00
|
|
|
else:
|
2022-04-26 19:02:15 +02:00
|
|
|
ip = socket.inet_pton(socket.AF_INET6, ip_layer.dst)
|
2018-11-25 10:35:29 -08:00
|
|
|
value = int(binascii.hexlify(ip), 16)
|
2022-04-26 19:02:15 +02:00
|
|
|
elif value == "sport":
|
2017-03-13 13:39:52 +01:00
|
|
|
value = int(capture[0][UDP].sport)
|
2022-04-26 19:02:15 +02:00
|
|
|
elif value == "dport":
|
2017-03-13 13:39:52 +01:00
|
|
|
value = int(capture[0][UDP].dport)
|
2022-04-26 19:02:15 +02:00
|
|
|
self.assertEqual(
|
|
|
|
|
int(binascii.hexlify(record[field]), 16), value
|
|
|
|
|
)
|
2023-10-17 08:54:33 +00:00
|
|
|
if field_count is not None:
|
|
|
|
|
for record in data:
|
|
|
|
|
self.assertEqual(len(record), field_count)
|
2017-03-13 13:39:52 +01:00
|
|
|
|
|
|
|
|
def verify_cflow_data_notimer(self, decoder, capture, cflows):
|
|
|
|
|
idx = 0
|
|
|
|
|
for cflow in cflows:
|
|
|
|
|
if cflow.haslayer(Data):
|
|
|
|
|
data = decoder.decode_data_set(cflow.getlayer(Set))
|
|
|
|
|
else:
|
|
|
|
|
raise Exception("No CFLOW data")
|
|
|
|
|
|
|
|
|
|
for rec in data:
|
|
|
|
|
p = capture[idx]
|
|
|
|
|
idx += 1
|
2022-04-26 19:02:15 +02:00
|
|
|
self.assertEqual(p[IP].len, int(binascii.hexlify(rec[1]), 16))
|
|
|
|
|
self.assertEqual(1, int(binascii.hexlify(rec[2]), 16))
|
2017-03-13 13:39:52 +01:00
|
|
|
self.assertEqual(len(capture), idx)
|
|
|
|
|
|
2021-09-08 15:15:59 +02:00
|
|
|
def wait_for_cflow_packet(self, collector_intf, set_id=2, timeout=1):
|
2022-04-26 19:02:15 +02:00
|
|
|
"""wait for CFLOW packet and verify its correctness
|
2017-03-13 13:39:52 +01:00
|
|
|
|
|
|
|
|
:param timeout: how long to wait
|
|
|
|
|
|
|
|
|
|
"""
|
|
|
|
|
self.logger.info("IPFIX: Waiting for CFLOW packet")
|
|
|
|
|
# self.logger.debug(self.vapi.ppcli("show flow table"))
|
2021-09-08 15:15:59 +02:00
|
|
|
p = collector_intf.wait_for_packet(timeout=timeout)
|
|
|
|
|
self.assertEqual(p[Set].setID, set_id)
|
|
|
|
|
# self.logger.debug(self.vapi.ppcli("show flow table"))
|
|
|
|
|
self.logger.debug(ppp("IPFIX: Got packet:", p))
|
2017-03-13 13:39:52 +01:00
|
|
|
return p
|
|
|
|
|
|
|
|
|
|
|
2021-01-14 10:19:08 +00:00
|
|
|
@tag_run_solo
|
2021-01-29 13:17:19 +00:00
|
|
|
@tag_fixme_vpp_workers
|
2022-09-20 21:52:18 -04:00
|
|
|
@tag_fixme_ubuntu2204
|
|
|
|
|
@tag_fixme_debian11
|
2024-03-11 10:38:46 +00:00
|
|
|
@unittest.skipIf(
|
|
|
|
|
"flowprobe" in config.excluded_plugins, "Exclude Flowprobe plugin tests"
|
|
|
|
|
)
|
2017-06-13 21:15:40 +02:00
|
|
|
class Flowprobe(MethodHolder):
|
2017-03-13 13:39:52 +01:00
|
|
|
"""Template verification, timer tests"""
|
|
|
|
|
|
2019-01-25 14:05:48 -08:00
|
|
|
@classmethod
|
|
|
|
|
def setUpClass(cls):
|
|
|
|
|
super(Flowprobe, cls).setUpClass()
|
|
|
|
|
|
|
|
|
|
@classmethod
|
|
|
|
|
def tearDownClass(cls):
|
|
|
|
|
super(Flowprobe, cls).tearDownClass()
|
|
|
|
|
|
2017-03-13 13:39:52 +01:00
|
|
|
def test_0001(self):
|
2022-04-26 19:02:15 +02:00
|
|
|
"""timer less than template timeout"""
|
2017-06-13 21:15:40 +02:00
|
|
|
self.logger.info("FFP_TEST_START_0001")
|
2017-03-13 13:39:52 +01:00
|
|
|
self.pg_enable_capture(self.pg_interfaces)
|
|
|
|
|
self.pkts = []
|
|
|
|
|
|
2017-06-12 08:26:13 +02:00
|
|
|
ipfix = VppCFLOW(test=self, active=2)
|
2017-03-13 13:39:52 +01:00
|
|
|
ipfix.add_vpp_config()
|
|
|
|
|
|
|
|
|
|
ipfix_decoder = IPFIXDecoder()
|
|
|
|
|
# template packet should arrive immediately
|
2017-06-12 08:26:13 +02:00
|
|
|
templates = ipfix.verify_templates(ipfix_decoder)
|
2017-03-13 13:39:52 +01:00
|
|
|
|
2017-06-13 21:15:40 +02:00
|
|
|
self.create_stream(packets=1)
|
2017-06-12 08:26:13 +02:00
|
|
|
self.send_packets()
|
2017-06-13 21:15:40 +02:00
|
|
|
capture = self.pg2.get_capture(1)
|
2017-03-13 13:39:52 +01:00
|
|
|
|
|
|
|
|
# make sure the one packet we expect actually showed up
|
2017-06-12 08:26:13 +02:00
|
|
|
cflow = self.wait_for_cflow_packet(self.collector, templates[1], 15)
|
2017-03-13 13:39:52 +01:00
|
|
|
self.verify_cflow_data(ipfix_decoder, capture, cflow)
|
|
|
|
|
|
|
|
|
|
ipfix.remove_vpp_config()
|
2017-06-13 21:15:40 +02:00
|
|
|
self.logger.info("FFP_TEST_FINISH_0001")
|
2017-03-13 13:39:52 +01:00
|
|
|
|
2023-12-22 16:52:56 +01:00
|
|
|
@unittest.skipUnless(
|
|
|
|
|
config.extended, "Test is unstable (assertion error, needs to be fixed"
|
|
|
|
|
)
|
2017-06-12 08:26:13 +02:00
|
|
|
def test_0002(self):
|
2023-12-22 16:52:56 +01:00
|
|
|
"""timer greater than template timeout [UNSTABLE, FIX ME]"""
|
2017-06-13 21:15:40 +02:00
|
|
|
self.logger.info("FFP_TEST_START_0002")
|
2017-03-13 13:39:52 +01:00
|
|
|
self.pg_enable_capture(self.pg_interfaces)
|
|
|
|
|
self.pkts = []
|
|
|
|
|
|
2017-06-12 08:26:13 +02:00
|
|
|
ipfix = VppCFLOW(test=self, timeout=3, active=4)
|
2017-03-13 13:39:52 +01:00
|
|
|
ipfix.add_vpp_config()
|
|
|
|
|
|
|
|
|
|
ipfix_decoder = IPFIXDecoder()
|
|
|
|
|
# template packet should arrive immediately
|
2017-06-12 08:26:13 +02:00
|
|
|
ipfix.verify_templates()
|
2017-03-13 13:39:52 +01:00
|
|
|
|
2017-06-12 08:26:13 +02:00
|
|
|
self.create_stream(packets=2)
|
|
|
|
|
self.send_packets()
|
|
|
|
|
capture = self.pg2.get_capture(2)
|
2017-03-13 13:39:52 +01:00
|
|
|
|
|
|
|
|
# next set of template packet should arrive after 20 seconds
|
|
|
|
|
# template packet should arrive within 20 s
|
2017-06-12 08:26:13 +02:00
|
|
|
templates = ipfix.verify_templates(ipfix_decoder, timeout=5)
|
2017-03-13 13:39:52 +01:00
|
|
|
|
|
|
|
|
# make sure the one packet we expect actually showed up
|
2017-06-12 08:26:13 +02:00
|
|
|
cflow = self.wait_for_cflow_packet(self.collector, templates[1], 15)
|
2017-03-13 13:39:52 +01:00
|
|
|
self.verify_cflow_data(ipfix_decoder, capture, cflow)
|
|
|
|
|
|
|
|
|
|
ipfix.remove_vpp_config()
|
2017-06-13 21:15:40 +02:00
|
|
|
self.logger.info("FFP_TEST_FINISH_0002")
|
|
|
|
|
|
|
|
|
|
def test_cflow_packet(self):
|
|
|
|
|
"""verify cflow packet fields"""
|
|
|
|
|
self.logger.info("FFP_TEST_START_0000")
|
|
|
|
|
self.pg_enable_capture(self.pg_interfaces)
|
|
|
|
|
self.pkts = []
|
|
|
|
|
|
2022-04-26 19:02:15 +02:00
|
|
|
ipfix = VppCFLOW(
|
|
|
|
|
test=self, intf="pg8", datapath="ip4", layer="l2 l3 l4", active=2
|
|
|
|
|
)
|
2017-06-13 21:15:40 +02:00
|
|
|
ipfix.add_vpp_config()
|
|
|
|
|
|
2022-04-26 19:02:15 +02:00
|
|
|
route_9001 = VppIpRoute(
|
|
|
|
|
self,
|
|
|
|
|
"9.0.0.0",
|
|
|
|
|
24,
|
|
|
|
|
[VppRoutePath(self.pg8._remote_hosts[0].ip4, self.pg8.sw_if_index)],
|
|
|
|
|
)
|
2017-06-13 21:15:40 +02:00
|
|
|
route_9001.add_vpp_config()
|
|
|
|
|
|
|
|
|
|
ipfix_decoder = IPFIXDecoder()
|
|
|
|
|
templates = ipfix.verify_templates(ipfix_decoder, count=1)
|
|
|
|
|
|
2022-04-26 19:02:15 +02:00
|
|
|
self.pkts = [
|
|
|
|
|
(
|
|
|
|
|
Ether(dst=self.pg7.local_mac, src=self.pg7.remote_mac)
|
|
|
|
|
/ IP(src=self.pg7.remote_ip4, dst="9.0.0.100")
|
|
|
|
|
/ TCP(sport=1234, dport=4321, flags=80)
|
|
|
|
|
/ Raw(b"\xa5" * 100)
|
|
|
|
|
)
|
|
|
|
|
]
|
2017-06-13 21:15:40 +02:00
|
|
|
|
|
|
|
|
nowUTC = int(time.time())
|
2022-04-26 19:02:15 +02:00
|
|
|
nowUNIX = nowUTC + 2208988800
|
2017-06-13 21:15:40 +02:00
|
|
|
self.send_packets(src_if=self.pg7, dst_if=self.pg8)
|
|
|
|
|
|
|
|
|
|
cflow = self.wait_for_cflow_packet(self.collector, templates[0], 10)
|
|
|
|
|
self.collector.get_capture(2)
|
|
|
|
|
|
|
|
|
|
if cflow[0].haslayer(IPFIX):
|
|
|
|
|
self.assertEqual(cflow[IPFIX].version, 10)
|
|
|
|
|
self.assertEqual(cflow[IPFIX].observationDomainID, 1)
|
|
|
|
|
self.assertEqual(cflow[IPFIX].sequenceNumber, 0)
|
|
|
|
|
self.assertAlmostEqual(cflow[IPFIX].exportTime, nowUTC, delta=5)
|
|
|
|
|
if cflow.haslayer(Data):
|
|
|
|
|
record = ipfix_decoder.decode_data_set(cflow[0].getlayer(Set))[0]
|
|
|
|
|
# ingress interface
|
2018-11-25 10:35:29 -08:00
|
|
|
self.assertEqual(int(binascii.hexlify(record[10]), 16), 8)
|
2017-06-13 21:15:40 +02:00
|
|
|
# egress interface
|
2018-11-25 10:35:29 -08:00
|
|
|
self.assertEqual(int(binascii.hexlify(record[14]), 16), 9)
|
2022-05-06 11:35:59 +00:00
|
|
|
# direction
|
|
|
|
|
self.assertEqual(int(binascii.hexlify(record[61]), 16), 1)
|
2017-06-13 21:15:40 +02:00
|
|
|
# packets
|
2018-11-25 10:35:29 -08:00
|
|
|
self.assertEqual(int(binascii.hexlify(record[2]), 16), 1)
|
2017-06-13 21:15:40 +02:00
|
|
|
# src mac
|
2019-10-21 23:13:46 +02:00
|
|
|
self.assertEqual(mac_ntop(record[56]), self.pg8.local_mac)
|
2017-06-13 21:15:40 +02:00
|
|
|
# dst mac
|
2019-10-21 23:13:46 +02:00
|
|
|
self.assertEqual(mac_ntop(record[80]), self.pg8.remote_mac)
|
2018-11-25 10:35:29 -08:00
|
|
|
flowTimestamp = int(binascii.hexlify(record[156]), 16) >> 32
|
2017-06-13 21:15:40 +02:00
|
|
|
# flow start timestamp
|
|
|
|
|
self.assertAlmostEqual(flowTimestamp, nowUNIX, delta=1)
|
2018-11-25 10:35:29 -08:00
|
|
|
flowTimestamp = int(binascii.hexlify(record[157]), 16) >> 32
|
2017-06-13 21:15:40 +02:00
|
|
|
# flow end timestamp
|
|
|
|
|
self.assertAlmostEqual(flowTimestamp, nowUNIX, delta=1)
|
|
|
|
|
# ethernet type
|
2018-11-25 10:35:29 -08:00
|
|
|
self.assertEqual(int(binascii.hexlify(record[256]), 16), 8)
|
2017-06-13 21:15:40 +02:00
|
|
|
# src ip
|
2022-04-26 19:02:15 +02:00
|
|
|
self.assertEqual(inet_ntop(socket.AF_INET, record[8]), self.pg7.remote_ip4)
|
2017-06-13 21:15:40 +02:00
|
|
|
# dst ip
|
2022-04-26 19:02:15 +02:00
|
|
|
self.assertEqual(inet_ntop(socket.AF_INET, record[12]), "9.0.0.100")
|
2017-06-13 21:15:40 +02:00
|
|
|
# protocol (TCP)
|
2018-11-25 10:35:29 -08:00
|
|
|
self.assertEqual(int(binascii.hexlify(record[4]), 16), 6)
|
2017-06-13 21:15:40 +02:00
|
|
|
# src port
|
2018-11-25 10:35:29 -08:00
|
|
|
self.assertEqual(int(binascii.hexlify(record[7]), 16), 1234)
|
2017-06-13 21:15:40 +02:00
|
|
|
# dst port
|
2018-11-25 10:35:29 -08:00
|
|
|
self.assertEqual(int(binascii.hexlify(record[11]), 16), 4321)
|
2017-06-13 21:15:40 +02:00
|
|
|
# tcp flags
|
2018-11-25 10:35:29 -08:00
|
|
|
self.assertEqual(int(binascii.hexlify(record[6]), 16), 80)
|
2017-06-13 21:15:40 +02:00
|
|
|
|
|
|
|
|
ipfix.remove_vpp_config()
|
|
|
|
|
self.logger.info("FFP_TEST_FINISH_0000")
|
2017-03-13 13:39:52 +01:00
|
|
|
|
2023-10-26 11:18:19 +00:00
|
|
|
def test_flow_entry_reuse(self):
|
|
|
|
|
"""Verify flow entry reuse doesn't accumulate meta info"""
|
|
|
|
|
self.pg_enable_capture(self.pg_interfaces)
|
|
|
|
|
self.pkts = []
|
|
|
|
|
|
|
|
|
|
# enable ip4 datapath for an interface
|
|
|
|
|
# set active and passive timers
|
|
|
|
|
ipfix = VppCFLOW(
|
|
|
|
|
test=self,
|
|
|
|
|
active=2,
|
|
|
|
|
passive=3,
|
|
|
|
|
intf="pg3",
|
|
|
|
|
layer="l3 l4",
|
|
|
|
|
datapath="ip4",
|
|
|
|
|
direction="rx",
|
|
|
|
|
mtu=100,
|
|
|
|
|
)
|
|
|
|
|
ipfix.add_vpp_config()
|
|
|
|
|
|
|
|
|
|
# template packet should arrive immediately
|
|
|
|
|
ipfix_decoder = IPFIXDecoder()
|
|
|
|
|
templates = ipfix.verify_templates(ipfix_decoder, count=1)
|
|
|
|
|
|
|
|
|
|
# make a tcp packet
|
|
|
|
|
self.pkts = [
|
|
|
|
|
(
|
ethernet: check destination mac for L3 in ethernet-input node
When the NIC does not support mac filter, we rely on ethernet-input
node to do the destination mac check, ie, when the interface is in L3,
the mac address for the packet must be the mac address of the
interface where the packet arrives. This works fine in ethernet-input
node when all packets in the frame might have different interfaces, ie,
ETH_INPUT_FRAME_F_SINGLE_SW_IF_ID is not set in the frame. However,
when all packets are having the same interface,
ETH_INPUT_FRAME_F_SINGLE_SW_IF_ID is set, ethernet-input node goes
through the optimized routine eth_input_single_int -> eth_input_process_frame.
That is where dmac check has a bug when all packets in the frame are
either, ip4, ip6, or mpls without vlan tags. Because without vlan tags,
the code handles all packets in fast path and ignores dmac check.
With vlan tags, the code goes to slow path where dmac check is handled
properly.
The fix is to check if we have a bad dmac in the fast path and force the
code to go to slow path which will handle dmac check properly.
Also do a wholesale correction on all the testcases which do not use
the proper dmac when sending L3 packets.
Type: fix
Change-Id: I73153a805cecdc24c4eefcc781676de04737ae2c
Signed-off-by: Steven Luong <sluong@cisco.com>
2024-04-19 09:49:20 -07:00
|
|
|
Ether(src=self.pg3.remote_mac, dst=self.pg3.local_mac)
|
2023-10-26 11:18:19 +00:00
|
|
|
/ IP(src=self.pg3.remote_ip4, dst=self.pg4.remote_ip4)
|
|
|
|
|
/ TCP(sport=1234, dport=4321)
|
|
|
|
|
/ Raw(b"\xa5" * 50)
|
|
|
|
|
)
|
|
|
|
|
]
|
|
|
|
|
|
|
|
|
|
# send the tcp packet two times, each time with new set of flags
|
|
|
|
|
tcp_flags = (
|
|
|
|
|
TCP_F_SYN | TCP_F_ACK,
|
|
|
|
|
TCP_F_RST | TCP_F_PSH,
|
|
|
|
|
)
|
|
|
|
|
for f in tcp_flags:
|
|
|
|
|
self.pkts[0][TCP].flags = f
|
|
|
|
|
capture = self.send_packets(src_if=self.pg3, dst_if=self.pg4)
|
|
|
|
|
|
|
|
|
|
# verify meta info - packet/octet delta and tcp flags
|
|
|
|
|
cflow = self.wait_for_cflow_packet(self.collector, templates[0], timeout=6)
|
|
|
|
|
self.verify_cflow_data(ipfix_decoder, capture, cflow)
|
|
|
|
|
self.verify_cflow_data_detail(
|
|
|
|
|
ipfix_decoder,
|
|
|
|
|
capture,
|
|
|
|
|
cflow,
|
|
|
|
|
{
|
|
|
|
|
IPFIX_TCP_FLAGS_ID: f,
|
|
|
|
|
IPFIX_SRC_TRANS_PORT_ID: 1234,
|
|
|
|
|
IPFIX_DST_TRANS_PORT_ID: 4321,
|
|
|
|
|
},
|
|
|
|
|
)
|
|
|
|
|
|
|
|
|
|
self.collector.get_capture(3)
|
|
|
|
|
|
|
|
|
|
# cleanup
|
|
|
|
|
ipfix.remove_vpp_config()
|
|
|
|
|
|
2022-05-12 14:56:24 +00:00
|
|
|
def test_interface_dump(self):
|
|
|
|
|
"""Dump interfaces with IPFIX flow record generation enabled"""
|
|
|
|
|
self.logger.info("FFP_TEST_START_0003")
|
|
|
|
|
|
|
|
|
|
# Enable feature for 3 interfaces
|
|
|
|
|
ipfix1 = VppCFLOW(test=self, intf="pg1", datapath="l2", direction="rx")
|
|
|
|
|
ipfix1.add_vpp_config()
|
|
|
|
|
|
|
|
|
|
ipfix2 = VppCFLOW(test=self, intf="pg2", datapath="ip4", direction="tx")
|
|
|
|
|
ipfix2.enable_flowprobe_feature()
|
|
|
|
|
|
|
|
|
|
ipfix3 = VppCFLOW(test=self, intf="pg3", datapath="ip6", direction="both")
|
|
|
|
|
ipfix3.enable_flowprobe_feature()
|
|
|
|
|
|
|
|
|
|
# When request "all", dump should contain all enabled interfaces
|
|
|
|
|
dump = self.vapi.flowprobe_interface_dump()
|
|
|
|
|
self.assertEqual(len(dump), 3)
|
|
|
|
|
|
|
|
|
|
# Verify 1st interface
|
|
|
|
|
self.assertEqual(dump[0].sw_if_index, self.pg1.sw_if_index)
|
|
|
|
|
self.assertEqual(
|
|
|
|
|
dump[0].which, VppEnum.vl_api_flowprobe_which_t.FLOWPROBE_WHICH_L2
|
|
|
|
|
)
|
|
|
|
|
self.assertEqual(
|
|
|
|
|
dump[0].direction,
|
|
|
|
|
VppEnum.vl_api_flowprobe_direction_t.FLOWPROBE_DIRECTION_RX,
|
|
|
|
|
)
|
|
|
|
|
|
|
|
|
|
# Verify 2nd interface
|
|
|
|
|
self.assertEqual(dump[1].sw_if_index, self.pg2.sw_if_index)
|
|
|
|
|
self.assertEqual(
|
|
|
|
|
dump[1].which, VppEnum.vl_api_flowprobe_which_t.FLOWPROBE_WHICH_IP4
|
|
|
|
|
)
|
|
|
|
|
self.assertEqual(
|
|
|
|
|
dump[1].direction,
|
|
|
|
|
VppEnum.vl_api_flowprobe_direction_t.FLOWPROBE_DIRECTION_TX,
|
|
|
|
|
)
|
|
|
|
|
|
|
|
|
|
# Verify 3rd interface
|
|
|
|
|
self.assertEqual(dump[2].sw_if_index, self.pg3.sw_if_index)
|
|
|
|
|
self.assertEqual(
|
|
|
|
|
dump[2].which, VppEnum.vl_api_flowprobe_which_t.FLOWPROBE_WHICH_IP6
|
|
|
|
|
)
|
|
|
|
|
self.assertEqual(
|
|
|
|
|
dump[2].direction,
|
|
|
|
|
VppEnum.vl_api_flowprobe_direction_t.FLOWPROBE_DIRECTION_BOTH,
|
|
|
|
|
)
|
|
|
|
|
|
|
|
|
|
# When request 2nd interface, dump should contain only the specified interface
|
|
|
|
|
dump = self.vapi.flowprobe_interface_dump(sw_if_index=self.pg2.sw_if_index)
|
|
|
|
|
self.assertEqual(len(dump), 1)
|
|
|
|
|
|
|
|
|
|
# Verify 2nd interface
|
|
|
|
|
self.assertEqual(dump[0].sw_if_index, self.pg2.sw_if_index)
|
|
|
|
|
self.assertEqual(
|
|
|
|
|
dump[0].which, VppEnum.vl_api_flowprobe_which_t.FLOWPROBE_WHICH_IP4
|
|
|
|
|
)
|
|
|
|
|
self.assertEqual(
|
|
|
|
|
dump[0].direction,
|
|
|
|
|
VppEnum.vl_api_flowprobe_direction_t.FLOWPROBE_DIRECTION_TX,
|
|
|
|
|
)
|
|
|
|
|
|
|
|
|
|
# When request 99th interface, dump should be empty
|
|
|
|
|
dump = self.vapi.flowprobe_interface_dump(sw_if_index=99)
|
|
|
|
|
self.assertEqual(len(dump), 0)
|
|
|
|
|
|
|
|
|
|
ipfix1.remove_vpp_config()
|
|
|
|
|
ipfix2.remove_vpp_config()
|
|
|
|
|
ipfix3.remove_vpp_config()
|
|
|
|
|
self.logger.info("FFP_TEST_FINISH_0003")
|
|
|
|
|
|
|
|
|
|
def test_get_params(self):
|
|
|
|
|
"""Get IPFIX flow record generation parameters"""
|
|
|
|
|
self.logger.info("FFP_TEST_START_0004")
|
|
|
|
|
|
|
|
|
|
# Enable feature for an interface with custom parameters
|
|
|
|
|
ipfix = VppCFLOW(test=self, active=20, passive=40, layer="l2 l3 l4")
|
|
|
|
|
ipfix.add_vpp_config()
|
|
|
|
|
|
|
|
|
|
# Get and verify parameters
|
|
|
|
|
params = self.vapi.flowprobe_get_params()
|
|
|
|
|
self.assertEqual(params.active_timer, 20)
|
|
|
|
|
self.assertEqual(params.passive_timer, 40)
|
|
|
|
|
record_flags = VppEnum.vl_api_flowprobe_record_flags_t.FLOWPROBE_RECORD_FLAG_L2
|
|
|
|
|
record_flags |= VppEnum.vl_api_flowprobe_record_flags_t.FLOWPROBE_RECORD_FLAG_L3
|
|
|
|
|
record_flags |= VppEnum.vl_api_flowprobe_record_flags_t.FLOWPROBE_RECORD_FLAG_L4
|
|
|
|
|
self.assertEqual(params.record_flags, record_flags)
|
|
|
|
|
|
|
|
|
|
ipfix.remove_vpp_config()
|
|
|
|
|
self.logger.info("FFP_TEST_FINISH_0004")
|
|
|
|
|
|
2017-03-13 13:39:52 +01:00
|
|
|
|
2022-05-06 11:35:59 +00:00
|
|
|
class DatapathTestsHolder(object):
|
2017-06-12 08:26:13 +02:00
|
|
|
"""collect information on Ethernet, IP4 and IP6 datapath (no timers)"""
|
2017-03-13 13:39:52 +01:00
|
|
|
|
2019-01-25 14:05:48 -08:00
|
|
|
@classmethod
|
|
|
|
|
def setUpClass(cls):
|
2022-05-06 11:35:59 +00:00
|
|
|
super(DatapathTestsHolder, cls).setUpClass()
|
2019-01-25 14:05:48 -08:00
|
|
|
|
|
|
|
|
@classmethod
|
|
|
|
|
def tearDownClass(cls):
|
2022-05-06 11:35:59 +00:00
|
|
|
super(DatapathTestsHolder, cls).tearDownClass()
|
2019-01-25 14:05:48 -08:00
|
|
|
|
2017-06-12 08:26:13 +02:00
|
|
|
def test_templatesL2(self):
|
2022-04-26 19:02:15 +02:00
|
|
|
"""verify template on L2 datapath"""
|
2017-03-13 13:39:52 +01:00
|
|
|
self.logger.info("FFP_TEST_START_0000")
|
|
|
|
|
self.pg_enable_capture(self.pg_interfaces)
|
|
|
|
|
|
2022-05-06 11:35:59 +00:00
|
|
|
ipfix = VppCFLOW(
|
|
|
|
|
test=self, intf=self.intf1, layer="l2", direction=self.direction
|
|
|
|
|
)
|
2017-03-13 13:39:52 +01:00
|
|
|
ipfix.add_vpp_config()
|
|
|
|
|
|
|
|
|
|
# template packet should arrive immediately
|
2019-06-24 09:55:46 -04:00
|
|
|
self.vapi.ipfix_flush()
|
2017-06-12 08:26:13 +02:00
|
|
|
ipfix.verify_templates(timeout=3, count=1)
|
|
|
|
|
self.collector.get_capture(1)
|
2017-03-13 13:39:52 +01:00
|
|
|
|
|
|
|
|
ipfix.remove_vpp_config()
|
|
|
|
|
self.logger.info("FFP_TEST_FINISH_0000")
|
|
|
|
|
|
2017-06-12 08:26:13 +02:00
|
|
|
def test_L2onL2(self):
|
2022-04-26 19:02:15 +02:00
|
|
|
"""L2 data on L2 datapath"""
|
2017-03-13 13:39:52 +01:00
|
|
|
self.logger.info("FFP_TEST_START_0001")
|
|
|
|
|
self.pg_enable_capture(self.pg_interfaces)
|
|
|
|
|
self.pkts = []
|
|
|
|
|
|
2022-05-06 11:35:59 +00:00
|
|
|
ipfix = VppCFLOW(
|
|
|
|
|
test=self, intf=self.intf1, layer="l2", direction=self.direction
|
|
|
|
|
)
|
2017-03-13 13:39:52 +01:00
|
|
|
ipfix.add_vpp_config()
|
|
|
|
|
|
|
|
|
|
ipfix_decoder = IPFIXDecoder()
|
|
|
|
|
# template packet should arrive immediately
|
2017-06-12 08:26:13 +02:00
|
|
|
templates = ipfix.verify_templates(ipfix_decoder, count=1)
|
2017-03-13 13:39:52 +01:00
|
|
|
|
|
|
|
|
self.create_stream(packets=1)
|
|
|
|
|
capture = self.send_packets()
|
|
|
|
|
|
|
|
|
|
# make sure the one packet we expect actually showed up
|
2019-06-24 09:55:46 -04:00
|
|
|
self.vapi.ipfix_flush()
|
2017-06-12 08:26:13 +02:00
|
|
|
cflow = self.wait_for_cflow_packet(self.collector, templates[0])
|
2022-04-26 19:02:15 +02:00
|
|
|
self.verify_cflow_data_detail(
|
2022-05-06 11:35:59 +00:00
|
|
|
ipfix_decoder,
|
|
|
|
|
capture,
|
|
|
|
|
cflow,
|
|
|
|
|
{2: "packets", 256: 8, 61: (self.direction == "tx")},
|
2022-04-26 19:02:15 +02:00
|
|
|
)
|
2017-03-13 13:39:52 +01:00
|
|
|
self.collector.get_capture(2)
|
|
|
|
|
|
|
|
|
|
ipfix.remove_vpp_config()
|
|
|
|
|
self.logger.info("FFP_TEST_FINISH_0001")
|
|
|
|
|
|
2017-06-12 08:26:13 +02:00
|
|
|
def test_L3onL2(self):
|
2022-04-26 19:02:15 +02:00
|
|
|
"""L3 data on L2 datapath"""
|
2017-03-13 13:39:52 +01:00
|
|
|
self.logger.info("FFP_TEST_START_0002")
|
|
|
|
|
self.pg_enable_capture(self.pg_interfaces)
|
|
|
|
|
self.pkts = []
|
|
|
|
|
|
2022-05-06 11:35:59 +00:00
|
|
|
ipfix = VppCFLOW(
|
|
|
|
|
test=self, intf=self.intf1, layer="l3", direction=self.direction
|
|
|
|
|
)
|
2017-03-13 13:39:52 +01:00
|
|
|
ipfix.add_vpp_config()
|
|
|
|
|
|
|
|
|
|
ipfix_decoder = IPFIXDecoder()
|
|
|
|
|
# template packet should arrive immediately
|
2017-06-12 08:26:13 +02:00
|
|
|
templates = ipfix.verify_templates(ipfix_decoder, count=2)
|
2017-03-13 13:39:52 +01:00
|
|
|
|
|
|
|
|
self.create_stream(packets=1)
|
|
|
|
|
capture = self.send_packets()
|
|
|
|
|
|
|
|
|
|
# make sure the one packet we expect actually showed up
|
2019-06-24 09:55:46 -04:00
|
|
|
self.vapi.ipfix_flush()
|
2017-06-12 08:26:13 +02:00
|
|
|
cflow = self.wait_for_cflow_packet(self.collector, templates[0])
|
2022-04-26 19:02:15 +02:00
|
|
|
self.verify_cflow_data_detail(
|
|
|
|
|
ipfix_decoder,
|
|
|
|
|
capture,
|
|
|
|
|
cflow,
|
2022-05-06 11:35:59 +00:00
|
|
|
{
|
|
|
|
|
2: "packets",
|
|
|
|
|
4: 17,
|
|
|
|
|
8: "src_ip",
|
|
|
|
|
12: "dst_ip",
|
|
|
|
|
61: (self.direction == "tx"),
|
|
|
|
|
},
|
2022-04-26 19:02:15 +02:00
|
|
|
)
|
2017-03-13 13:39:52 +01:00
|
|
|
|
|
|
|
|
self.collector.get_capture(3)
|
|
|
|
|
|
|
|
|
|
ipfix.remove_vpp_config()
|
|
|
|
|
self.logger.info("FFP_TEST_FINISH_0002")
|
|
|
|
|
|
2023-10-17 08:54:33 +00:00
|
|
|
def test_L234onL2(self):
|
|
|
|
|
"""L2/3/4 data on L2 datapath"""
|
2023-10-11 12:15:55 +00:00
|
|
|
self.pg_enable_capture(self.pg_interfaces)
|
|
|
|
|
self.pkts = []
|
|
|
|
|
|
|
|
|
|
ipfix = VppCFLOW(
|
2023-10-17 08:54:33 +00:00
|
|
|
test=self, intf=self.intf1, layer="l2 l3 l4", direction=self.direction
|
2023-10-11 12:15:55 +00:00
|
|
|
)
|
|
|
|
|
ipfix.add_vpp_config()
|
|
|
|
|
|
|
|
|
|
ipfix_decoder = IPFIXDecoder()
|
|
|
|
|
# template packet should arrive immediately
|
2023-10-17 08:54:33 +00:00
|
|
|
tmpl_l2_field_count = TMPL_COMMON_FIELD_COUNT + TMPL_L2_FIELD_COUNT
|
|
|
|
|
tmpl_ip_field_count = (
|
|
|
|
|
TMPL_COMMON_FIELD_COUNT
|
|
|
|
|
+ TMPL_L2_FIELD_COUNT
|
|
|
|
|
+ TMPL_L3_FIELD_COUNT
|
|
|
|
|
+ TMPL_L4_FIELD_COUNT
|
|
|
|
|
)
|
|
|
|
|
templates = ipfix.verify_templates(
|
|
|
|
|
ipfix_decoder,
|
|
|
|
|
count=3,
|
|
|
|
|
field_count_in=(tmpl_l2_field_count, tmpl_ip_field_count),
|
|
|
|
|
)
|
2023-10-11 12:15:55 +00:00
|
|
|
|
|
|
|
|
# verify IPv4 and IPv6 flows
|
|
|
|
|
for ip_ver in ("v4", "v6"):
|
|
|
|
|
self.create_stream(packets=1, ip_ver=ip_ver)
|
|
|
|
|
capture = self.send_packets()
|
|
|
|
|
|
|
|
|
|
# make sure the one packet we expect actually showed up
|
|
|
|
|
self.vapi.ipfix_flush()
|
|
|
|
|
cflow = self.wait_for_cflow_packet(
|
|
|
|
|
self.collector, templates[1 if ip_ver == "v4" else 2]
|
|
|
|
|
)
|
|
|
|
|
src_ip_id = 8 if ip_ver == "v4" else 27
|
|
|
|
|
dst_ip_id = 12 if ip_ver == "v4" else 28
|
|
|
|
|
self.verify_cflow_data_detail(
|
|
|
|
|
ipfix_decoder,
|
|
|
|
|
capture,
|
|
|
|
|
cflow,
|
|
|
|
|
{
|
|
|
|
|
2: "packets",
|
|
|
|
|
256: 8 if ip_ver == "v4" else 56710,
|
|
|
|
|
4: 17,
|
2023-10-17 08:54:33 +00:00
|
|
|
7: "sport",
|
|
|
|
|
11: "dport",
|
2023-10-11 12:15:55 +00:00
|
|
|
src_ip_id: "src_ip",
|
|
|
|
|
dst_ip_id: "dst_ip",
|
|
|
|
|
61: (self.direction == "tx"),
|
|
|
|
|
},
|
|
|
|
|
ip_ver=ip_ver,
|
2023-10-17 08:54:33 +00:00
|
|
|
field_count=tmpl_ip_field_count,
|
2023-10-11 12:15:55 +00:00
|
|
|
)
|
|
|
|
|
|
|
|
|
|
# verify non-IP flow
|
|
|
|
|
self.pkts = [
|
|
|
|
|
(
|
|
|
|
|
Ether(dst=self.pg2.local_mac, src=self.pg1.remote_mac)
|
|
|
|
|
/ SlowProtocol()
|
|
|
|
|
/ LACP()
|
|
|
|
|
)
|
|
|
|
|
]
|
|
|
|
|
capture = self.send_packets()
|
|
|
|
|
|
|
|
|
|
# make sure the one packet we expect actually showed up
|
|
|
|
|
self.vapi.ipfix_flush()
|
|
|
|
|
cflow = self.wait_for_cflow_packet(self.collector, templates[0])
|
|
|
|
|
self.verify_cflow_data_detail(
|
|
|
|
|
ipfix_decoder,
|
|
|
|
|
capture,
|
|
|
|
|
cflow,
|
|
|
|
|
{2: "packets", 256: 2440, 61: (self.direction == "tx")},
|
2023-10-17 08:54:33 +00:00
|
|
|
field_count=tmpl_l2_field_count,
|
2023-10-11 12:15:55 +00:00
|
|
|
)
|
|
|
|
|
|
|
|
|
|
self.collector.get_capture(6)
|
|
|
|
|
|
|
|
|
|
ipfix.remove_vpp_config()
|
|
|
|
|
|
2017-06-12 08:26:13 +02:00
|
|
|
def test_L4onL2(self):
|
2022-04-26 19:02:15 +02:00
|
|
|
"""L4 data on L2 datapath"""
|
2017-03-13 13:39:52 +01:00
|
|
|
self.logger.info("FFP_TEST_START_0003")
|
|
|
|
|
self.pg_enable_capture(self.pg_interfaces)
|
|
|
|
|
self.pkts = []
|
|
|
|
|
|
2022-05-06 11:35:59 +00:00
|
|
|
ipfix = VppCFLOW(
|
|
|
|
|
test=self, intf=self.intf1, layer="l4", direction=self.direction
|
|
|
|
|
)
|
2017-03-13 13:39:52 +01:00
|
|
|
ipfix.add_vpp_config()
|
|
|
|
|
|
|
|
|
|
ipfix_decoder = IPFIXDecoder()
|
|
|
|
|
# template packet should arrive immediately
|
2017-06-12 08:26:13 +02:00
|
|
|
templates = ipfix.verify_templates(ipfix_decoder, count=2)
|
2017-03-13 13:39:52 +01:00
|
|
|
|
|
|
|
|
self.create_stream(packets=1)
|
|
|
|
|
capture = self.send_packets()
|
|
|
|
|
|
|
|
|
|
# make sure the one packet we expect actually showed up
|
2019-06-24 09:55:46 -04:00
|
|
|
self.vapi.ipfix_flush()
|
2017-06-12 08:26:13 +02:00
|
|
|
cflow = self.wait_for_cflow_packet(self.collector, templates[0])
|
2022-04-26 19:02:15 +02:00
|
|
|
self.verify_cflow_data_detail(
|
2022-05-06 11:35:59 +00:00
|
|
|
ipfix_decoder,
|
|
|
|
|
capture,
|
|
|
|
|
cflow,
|
|
|
|
|
{2: "packets", 7: "sport", 11: "dport", 61: (self.direction == "tx")},
|
2022-04-26 19:02:15 +02:00
|
|
|
)
|
2017-03-13 13:39:52 +01:00
|
|
|
|
|
|
|
|
self.collector.get_capture(3)
|
|
|
|
|
|
|
|
|
|
ipfix.remove_vpp_config()
|
|
|
|
|
self.logger.info("FFP_TEST_FINISH_0003")
|
|
|
|
|
|
2017-06-12 08:26:13 +02:00
|
|
|
def test_templatesIp4(self):
|
2022-04-26 19:02:15 +02:00
|
|
|
"""verify templates on IP4 datapath"""
|
2017-03-13 13:39:52 +01:00
|
|
|
self.logger.info("FFP_TEST_START_0000")
|
|
|
|
|
|
|
|
|
|
self.pg_enable_capture(self.pg_interfaces)
|
|
|
|
|
|
2022-05-06 11:35:59 +00:00
|
|
|
ipfix = VppCFLOW(
|
|
|
|
|
test=self, intf=self.intf1, datapath="ip4", direction=self.direction
|
|
|
|
|
)
|
2017-03-13 13:39:52 +01:00
|
|
|
ipfix.add_vpp_config()
|
|
|
|
|
|
|
|
|
|
# template packet should arrive immediately
|
2019-06-24 09:55:46 -04:00
|
|
|
self.vapi.ipfix_flush()
|
2017-03-13 13:39:52 +01:00
|
|
|
ipfix.verify_templates(timeout=3, count=1)
|
|
|
|
|
self.collector.get_capture(1)
|
|
|
|
|
|
|
|
|
|
ipfix.remove_vpp_config()
|
|
|
|
|
|
|
|
|
|
self.logger.info("FFP_TEST_FINISH_0000")
|
|
|
|
|
|
2017-06-12 08:26:13 +02:00
|
|
|
def test_L2onIP4(self):
|
2022-04-26 19:02:15 +02:00
|
|
|
"""L2 data on IP4 datapath"""
|
2017-03-13 13:39:52 +01:00
|
|
|
self.logger.info("FFP_TEST_START_0001")
|
|
|
|
|
self.pg_enable_capture(self.pg_interfaces)
|
|
|
|
|
self.pkts = []
|
|
|
|
|
|
2022-05-06 11:35:59 +00:00
|
|
|
ipfix = VppCFLOW(
|
|
|
|
|
test=self,
|
|
|
|
|
intf=self.intf2,
|
|
|
|
|
layer="l2",
|
|
|
|
|
datapath="ip4",
|
|
|
|
|
direction=self.direction,
|
|
|
|
|
)
|
2017-03-13 13:39:52 +01:00
|
|
|
ipfix.add_vpp_config()
|
|
|
|
|
|
|
|
|
|
ipfix_decoder = IPFIXDecoder()
|
|
|
|
|
# template packet should arrive immediately
|
2017-06-12 08:26:13 +02:00
|
|
|
templates = ipfix.verify_templates(ipfix_decoder, count=1)
|
2017-03-13 13:39:52 +01:00
|
|
|
|
|
|
|
|
self.create_stream(src_if=self.pg3, dst_if=self.pg4, packets=1)
|
|
|
|
|
capture = self.send_packets(src_if=self.pg3, dst_if=self.pg4)
|
|
|
|
|
|
|
|
|
|
# make sure the one packet we expect actually showed up
|
2019-06-24 09:55:46 -04:00
|
|
|
self.vapi.ipfix_flush()
|
2017-06-12 08:26:13 +02:00
|
|
|
cflow = self.wait_for_cflow_packet(self.collector, templates[0])
|
2022-04-26 19:02:15 +02:00
|
|
|
self.verify_cflow_data_detail(
|
2022-05-06 11:35:59 +00:00
|
|
|
ipfix_decoder,
|
|
|
|
|
capture,
|
|
|
|
|
cflow,
|
|
|
|
|
{2: "packets", 256: 8, 61: (self.direction == "tx")},
|
2022-04-26 19:02:15 +02:00
|
|
|
)
|
2017-03-13 13:39:52 +01:00
|
|
|
|
|
|
|
|
# expected two templates and one cflow packet
|
|
|
|
|
self.collector.get_capture(2)
|
|
|
|
|
|
|
|
|
|
ipfix.remove_vpp_config()
|
|
|
|
|
self.logger.info("FFP_TEST_FINISH_0001")
|
|
|
|
|
|
2017-06-12 08:26:13 +02:00
|
|
|
def test_L3onIP4(self):
|
2022-04-26 19:02:15 +02:00
|
|
|
"""L3 data on IP4 datapath"""
|
2017-03-13 13:39:52 +01:00
|
|
|
self.logger.info("FFP_TEST_START_0002")
|
|
|
|
|
self.pg_enable_capture(self.pg_interfaces)
|
|
|
|
|
self.pkts = []
|
|
|
|
|
|
2022-05-06 11:35:59 +00:00
|
|
|
ipfix = VppCFLOW(
|
|
|
|
|
test=self,
|
|
|
|
|
intf=self.intf2,
|
|
|
|
|
layer="l3",
|
|
|
|
|
datapath="ip4",
|
|
|
|
|
direction=self.direction,
|
|
|
|
|
)
|
2017-03-13 13:39:52 +01:00
|
|
|
ipfix.add_vpp_config()
|
|
|
|
|
|
|
|
|
|
ipfix_decoder = IPFIXDecoder()
|
|
|
|
|
# template packet should arrive immediately
|
2017-06-12 08:26:13 +02:00
|
|
|
templates = ipfix.verify_templates(ipfix_decoder, count=1)
|
2017-03-13 13:39:52 +01:00
|
|
|
|
|
|
|
|
self.create_stream(src_if=self.pg3, dst_if=self.pg4, packets=1)
|
|
|
|
|
capture = self.send_packets(src_if=self.pg3, dst_if=self.pg4)
|
|
|
|
|
|
|
|
|
|
# make sure the one packet we expect actually showed up
|
2019-06-24 09:55:46 -04:00
|
|
|
self.vapi.ipfix_flush()
|
2017-06-12 08:26:13 +02:00
|
|
|
cflow = self.wait_for_cflow_packet(self.collector, templates[0])
|
2022-04-26 19:02:15 +02:00
|
|
|
self.verify_cflow_data_detail(
|
|
|
|
|
ipfix_decoder,
|
|
|
|
|
capture,
|
|
|
|
|
cflow,
|
2022-05-06 11:35:59 +00:00
|
|
|
{
|
|
|
|
|
1: "octets",
|
|
|
|
|
2: "packets",
|
|
|
|
|
8: "src_ip",
|
|
|
|
|
12: "dst_ip",
|
|
|
|
|
61: (self.direction == "tx"),
|
|
|
|
|
},
|
2022-04-26 19:02:15 +02:00
|
|
|
)
|
2017-03-13 13:39:52 +01:00
|
|
|
|
|
|
|
|
# expected two templates and one cflow packet
|
|
|
|
|
self.collector.get_capture(2)
|
|
|
|
|
|
|
|
|
|
ipfix.remove_vpp_config()
|
|
|
|
|
self.logger.info("FFP_TEST_FINISH_0002")
|
|
|
|
|
|
2017-06-12 08:26:13 +02:00
|
|
|
def test_L4onIP4(self):
|
2022-04-26 19:02:15 +02:00
|
|
|
"""L4 data on IP4 datapath"""
|
2017-03-13 13:39:52 +01:00
|
|
|
self.logger.info("FFP_TEST_START_0003")
|
|
|
|
|
self.pg_enable_capture(self.pg_interfaces)
|
|
|
|
|
self.pkts = []
|
|
|
|
|
|
2022-05-06 11:35:59 +00:00
|
|
|
ipfix = VppCFLOW(
|
|
|
|
|
test=self,
|
|
|
|
|
intf=self.intf2,
|
|
|
|
|
layer="l4",
|
|
|
|
|
datapath="ip4",
|
|
|
|
|
direction=self.direction,
|
|
|
|
|
)
|
2017-03-13 13:39:52 +01:00
|
|
|
ipfix.add_vpp_config()
|
|
|
|
|
|
|
|
|
|
ipfix_decoder = IPFIXDecoder()
|
|
|
|
|
# template packet should arrive immediately
|
2017-06-12 08:26:13 +02:00
|
|
|
templates = ipfix.verify_templates(ipfix_decoder, count=1)
|
2017-03-13 13:39:52 +01:00
|
|
|
|
|
|
|
|
self.create_stream(src_if=self.pg3, dst_if=self.pg4, packets=1)
|
|
|
|
|
capture = self.send_packets(src_if=self.pg3, dst_if=self.pg4)
|
|
|
|
|
|
|
|
|
|
# make sure the one packet we expect actually showed up
|
2019-06-24 09:55:46 -04:00
|
|
|
self.vapi.ipfix_flush()
|
2017-06-12 08:26:13 +02:00
|
|
|
cflow = self.wait_for_cflow_packet(self.collector, templates[0])
|
2022-04-26 19:02:15 +02:00
|
|
|
self.verify_cflow_data_detail(
|
2022-05-06 11:35:59 +00:00
|
|
|
ipfix_decoder,
|
|
|
|
|
capture,
|
|
|
|
|
cflow,
|
|
|
|
|
{2: "packets", 7: "sport", 11: "dport", 61: (self.direction == "tx")},
|
2022-04-26 19:02:15 +02:00
|
|
|
)
|
2017-03-13 13:39:52 +01:00
|
|
|
|
|
|
|
|
# expected two templates and one cflow packet
|
|
|
|
|
self.collector.get_capture(2)
|
|
|
|
|
|
|
|
|
|
ipfix.remove_vpp_config()
|
|
|
|
|
self.logger.info("FFP_TEST_FINISH_0003")
|
|
|
|
|
|
2017-06-12 08:26:13 +02:00
|
|
|
def test_templatesIP6(self):
|
2022-04-26 19:02:15 +02:00
|
|
|
"""verify templates on IP6 datapath"""
|
2017-03-13 13:39:52 +01:00
|
|
|
self.logger.info("FFP_TEST_START_0000")
|
|
|
|
|
self.pg_enable_capture(self.pg_interfaces)
|
|
|
|
|
|
2022-05-06 11:35:59 +00:00
|
|
|
ipfix = VppCFLOW(
|
|
|
|
|
test=self, intf=self.intf1, datapath="ip6", direction=self.direction
|
|
|
|
|
)
|
2017-03-13 13:39:52 +01:00
|
|
|
ipfix.add_vpp_config()
|
|
|
|
|
|
|
|
|
|
# template packet should arrive immediately
|
2017-06-12 08:26:13 +02:00
|
|
|
ipfix.verify_templates(count=1)
|
2017-03-13 13:39:52 +01:00
|
|
|
self.collector.get_capture(1)
|
|
|
|
|
|
|
|
|
|
ipfix.remove_vpp_config()
|
|
|
|
|
|
|
|
|
|
self.logger.info("FFP_TEST_FINISH_0000")
|
|
|
|
|
|
2017-06-12 08:26:13 +02:00
|
|
|
def test_L2onIP6(self):
|
2022-04-26 19:02:15 +02:00
|
|
|
"""L2 data on IP6 datapath"""
|
2017-03-13 13:39:52 +01:00
|
|
|
self.logger.info("FFP_TEST_START_0001")
|
|
|
|
|
self.pg_enable_capture(self.pg_interfaces)
|
|
|
|
|
self.pkts = []
|
|
|
|
|
|
2022-05-06 11:35:59 +00:00
|
|
|
ipfix = VppCFLOW(
|
|
|
|
|
test=self,
|
|
|
|
|
intf=self.intf3,
|
|
|
|
|
layer="l2",
|
|
|
|
|
datapath="ip6",
|
|
|
|
|
direction=self.direction,
|
|
|
|
|
)
|
2017-03-13 13:39:52 +01:00
|
|
|
ipfix.add_vpp_config()
|
|
|
|
|
|
|
|
|
|
ipfix_decoder = IPFIXDecoder()
|
|
|
|
|
# template packet should arrive immediately
|
2017-06-12 08:26:13 +02:00
|
|
|
templates = ipfix.verify_templates(ipfix_decoder, count=1)
|
2017-03-13 13:39:52 +01:00
|
|
|
|
2022-04-26 19:02:15 +02:00
|
|
|
self.create_stream(src_if=self.pg5, dst_if=self.pg6, packets=1, ip_ver="IPv6")
|
2017-03-13 13:39:52 +01:00
|
|
|
capture = self.send_packets(src_if=self.pg5, dst_if=self.pg6)
|
|
|
|
|
|
|
|
|
|
# make sure the one packet we expect actually showed up
|
2019-06-24 09:55:46 -04:00
|
|
|
self.vapi.ipfix_flush()
|
2017-06-12 08:26:13 +02:00
|
|
|
cflow = self.wait_for_cflow_packet(self.collector, templates[0])
|
2022-04-26 19:02:15 +02:00
|
|
|
self.verify_cflow_data_detail(
|
2022-05-06 11:35:59 +00:00
|
|
|
ipfix_decoder,
|
|
|
|
|
capture,
|
|
|
|
|
cflow,
|
|
|
|
|
{2: "packets", 256: 56710, 61: (self.direction == "tx")},
|
|
|
|
|
ip_ver="v6",
|
2022-04-26 19:02:15 +02:00
|
|
|
)
|
2017-03-13 13:39:52 +01:00
|
|
|
|
|
|
|
|
# expected two templates and one cflow packet
|
|
|
|
|
self.collector.get_capture(2)
|
|
|
|
|
|
|
|
|
|
ipfix.remove_vpp_config()
|
|
|
|
|
self.logger.info("FFP_TEST_FINISH_0001")
|
|
|
|
|
|
2017-06-12 08:26:13 +02:00
|
|
|
def test_L3onIP6(self):
|
2022-04-26 19:02:15 +02:00
|
|
|
"""L3 data on IP6 datapath"""
|
2017-03-13 13:39:52 +01:00
|
|
|
self.logger.info("FFP_TEST_START_0002")
|
|
|
|
|
self.pg_enable_capture(self.pg_interfaces)
|
|
|
|
|
self.pkts = []
|
|
|
|
|
|
2022-05-06 11:35:59 +00:00
|
|
|
ipfix = VppCFLOW(
|
|
|
|
|
test=self,
|
|
|
|
|
intf=self.intf3,
|
|
|
|
|
layer="l3",
|
|
|
|
|
datapath="ip6",
|
|
|
|
|
direction=self.direction,
|
|
|
|
|
)
|
2017-03-13 13:39:52 +01:00
|
|
|
ipfix.add_vpp_config()
|
|
|
|
|
|
|
|
|
|
ipfix_decoder = IPFIXDecoder()
|
|
|
|
|
# template packet should arrive immediately
|
2017-06-12 08:26:13 +02:00
|
|
|
templates = ipfix.verify_templates(ipfix_decoder, count=1)
|
2017-03-13 13:39:52 +01:00
|
|
|
|
2022-04-26 19:02:15 +02:00
|
|
|
self.create_stream(src_if=self.pg5, dst_if=self.pg6, packets=1, ip_ver="IPv6")
|
2017-03-13 13:39:52 +01:00
|
|
|
capture = self.send_packets(src_if=self.pg5, dst_if=self.pg6)
|
|
|
|
|
|
|
|
|
|
# make sure the one packet we expect actually showed up
|
2019-06-24 09:55:46 -04:00
|
|
|
self.vapi.ipfix_flush()
|
2017-06-12 08:26:13 +02:00
|
|
|
cflow = self.wait_for_cflow_packet(self.collector, templates[0])
|
2022-04-26 19:02:15 +02:00
|
|
|
self.verify_cflow_data_detail(
|
|
|
|
|
ipfix_decoder,
|
|
|
|
|
capture,
|
|
|
|
|
cflow,
|
2022-05-06 11:35:59 +00:00
|
|
|
{2: "packets", 27: "src_ip", 28: "dst_ip", 61: (self.direction == "tx")},
|
2022-04-26 19:02:15 +02:00
|
|
|
ip_ver="v6",
|
|
|
|
|
)
|
2017-03-13 13:39:52 +01:00
|
|
|
|
|
|
|
|
# expected two templates and one cflow packet
|
|
|
|
|
self.collector.get_capture(2)
|
|
|
|
|
|
|
|
|
|
ipfix.remove_vpp_config()
|
|
|
|
|
self.logger.info("FFP_TEST_FINISH_0002")
|
|
|
|
|
|
2017-06-12 08:26:13 +02:00
|
|
|
def test_L4onIP6(self):
|
2022-04-26 19:02:15 +02:00
|
|
|
"""L4 data on IP6 datapath"""
|
2017-03-13 13:39:52 +01:00
|
|
|
self.logger.info("FFP_TEST_START_0003")
|
|
|
|
|
self.pg_enable_capture(self.pg_interfaces)
|
|
|
|
|
self.pkts = []
|
|
|
|
|
|
2022-05-06 11:35:59 +00:00
|
|
|
ipfix = VppCFLOW(
|
|
|
|
|
test=self,
|
|
|
|
|
intf=self.intf3,
|
|
|
|
|
layer="l4",
|
|
|
|
|
datapath="ip6",
|
|
|
|
|
direction=self.direction,
|
|
|
|
|
)
|
2017-03-13 13:39:52 +01:00
|
|
|
ipfix.add_vpp_config()
|
|
|
|
|
|
|
|
|
|
ipfix_decoder = IPFIXDecoder()
|
|
|
|
|
# template packet should arrive immediately
|
2017-06-12 08:26:13 +02:00
|
|
|
templates = ipfix.verify_templates(ipfix_decoder, count=1)
|
2017-03-13 13:39:52 +01:00
|
|
|
|
2022-04-26 19:02:15 +02:00
|
|
|
self.create_stream(src_if=self.pg5, dst_if=self.pg6, packets=1, ip_ver="IPv6")
|
2017-03-13 13:39:52 +01:00
|
|
|
capture = self.send_packets(src_if=self.pg5, dst_if=self.pg6)
|
|
|
|
|
|
|
|
|
|
# make sure the one packet we expect actually showed up
|
2019-06-24 09:55:46 -04:00
|
|
|
self.vapi.ipfix_flush()
|
2017-06-12 08:26:13 +02:00
|
|
|
cflow = self.wait_for_cflow_packet(self.collector, templates[0])
|
2022-04-26 19:02:15 +02:00
|
|
|
self.verify_cflow_data_detail(
|
|
|
|
|
ipfix_decoder,
|
|
|
|
|
capture,
|
|
|
|
|
cflow,
|
2022-05-06 11:35:59 +00:00
|
|
|
{2: "packets", 7: "sport", 11: "dport", 61: (self.direction == "tx")},
|
2022-04-26 19:02:15 +02:00
|
|
|
ip_ver="v6",
|
|
|
|
|
)
|
2017-03-13 13:39:52 +01:00
|
|
|
|
|
|
|
|
# expected two templates and one cflow packet
|
|
|
|
|
self.collector.get_capture(2)
|
|
|
|
|
|
|
|
|
|
ipfix.remove_vpp_config()
|
|
|
|
|
self.logger.info("FFP_TEST_FINISH_0003")
|
|
|
|
|
|
|
|
|
|
def test_0001(self):
|
2022-04-26 19:02:15 +02:00
|
|
|
"""no timers, one CFLOW packet, 9 Flows inside"""
|
2017-03-13 13:39:52 +01:00
|
|
|
self.logger.info("FFP_TEST_START_0001")
|
|
|
|
|
self.pg_enable_capture(self.pg_interfaces)
|
|
|
|
|
self.pkts = []
|
|
|
|
|
|
2022-05-06 11:35:59 +00:00
|
|
|
ipfix = VppCFLOW(test=self, intf=self.intf1, direction=self.direction)
|
2017-03-13 13:39:52 +01:00
|
|
|
ipfix.add_vpp_config()
|
|
|
|
|
|
|
|
|
|
ipfix_decoder = IPFIXDecoder()
|
|
|
|
|
# template packet should arrive immediately
|
2017-06-12 08:26:13 +02:00
|
|
|
templates = ipfix.verify_templates(ipfix_decoder)
|
2017-03-13 13:39:52 +01:00
|
|
|
|
|
|
|
|
self.create_stream(packets=9)
|
|
|
|
|
capture = self.send_packets()
|
|
|
|
|
|
|
|
|
|
# make sure the one packet we expect actually showed up
|
2019-06-24 09:55:46 -04:00
|
|
|
self.vapi.ipfix_flush()
|
2017-06-12 08:26:13 +02:00
|
|
|
cflow = self.wait_for_cflow_packet(self.collector, templates[1])
|
2017-03-13 13:39:52 +01:00
|
|
|
self.verify_cflow_data_notimer(ipfix_decoder, capture, [cflow])
|
|
|
|
|
self.collector.get_capture(4)
|
|
|
|
|
|
|
|
|
|
ipfix.remove_vpp_config()
|
|
|
|
|
self.logger.info("FFP_TEST_FINISH_0001")
|
|
|
|
|
|
|
|
|
|
def test_0002(self):
|
2022-05-06 11:35:59 +00:00
|
|
|
"""no timers, two CFLOW packets (mtu=260), 3 Flows in each"""
|
2017-03-13 13:39:52 +01:00
|
|
|
self.logger.info("FFP_TEST_START_0002")
|
|
|
|
|
self.pg_enable_capture(self.pg_interfaces)
|
|
|
|
|
self.pkts = []
|
|
|
|
|
|
2022-05-06 11:35:59 +00:00
|
|
|
ipfix = VppCFLOW(test=self, intf=self.intf1, direction=self.direction, mtu=260)
|
2017-03-13 13:39:52 +01:00
|
|
|
ipfix.add_vpp_config()
|
|
|
|
|
|
|
|
|
|
ipfix_decoder = IPFIXDecoder()
|
|
|
|
|
# template packet should arrive immediately
|
2019-06-24 09:55:46 -04:00
|
|
|
self.vapi.ipfix_flush()
|
2017-06-12 08:26:13 +02:00
|
|
|
templates = ipfix.verify_templates(ipfix_decoder)
|
2017-03-13 13:39:52 +01:00
|
|
|
|
|
|
|
|
self.create_stream(packets=6)
|
|
|
|
|
capture = self.send_packets()
|
|
|
|
|
|
|
|
|
|
# make sure the one packet we expect actually showed up
|
|
|
|
|
cflows = []
|
2019-06-24 09:55:46 -04:00
|
|
|
self.vapi.ipfix_flush()
|
2022-04-26 19:02:15 +02:00
|
|
|
cflows.append(self.wait_for_cflow_packet(self.collector, templates[1]))
|
|
|
|
|
cflows.append(self.wait_for_cflow_packet(self.collector, templates[1]))
|
2017-03-13 13:39:52 +01:00
|
|
|
self.verify_cflow_data_notimer(ipfix_decoder, capture, cflows)
|
|
|
|
|
self.collector.get_capture(5)
|
|
|
|
|
|
|
|
|
|
ipfix.remove_vpp_config()
|
|
|
|
|
self.logger.info("FFP_TEST_FINISH_0002")
|
|
|
|
|
|
|
|
|
|
|
2024-03-11 10:38:46 +00:00
|
|
|
@unittest.skipIf(
|
|
|
|
|
"flowprobe" in config.excluded_plugins, "Exclude Flowprobe plugin tests"
|
|
|
|
|
)
|
2022-05-06 11:35:59 +00:00
|
|
|
class DatapathTx(MethodHolder, DatapathTestsHolder):
|
|
|
|
|
"""Collect info on Ethernet, IP4 and IP6 datapath (TX) (no timers)"""
|
|
|
|
|
|
|
|
|
|
intf1 = "pg2"
|
|
|
|
|
intf2 = "pg4"
|
|
|
|
|
intf3 = "pg6"
|
|
|
|
|
direction = "tx"
|
|
|
|
|
|
flowprobe: fix tx flows generated for rewritten traffic
Currently, when IPFIX records generation is enabled for an interface in
the TX direction, some rewritten traffic is being sent from that
interface, and the Ethernet header's location has changed due to
rewriting, generated TX flows will contain fields with wrong and zero
values. For example, that can be observed when traffic is rewritten from
a subinterface to a hardware interface (i.e. when tags are removed). A
TX flow generated in this case will have wrong L2 fields because of an
incorrectly located Ethernet header. And zero L3/L4 fields because the
Ethernet type will match neither IP4 nor IP6.
The same code is executed to generate flows for both input and output
features. And the same mechanism is applied to identify the Ethernet
header in the buffer's data. However, such general code usually works
with the buffer's data conditionally based on the direction. For most
input features, the buffer's current_data will likely point to the IP
header. For most output features, the buffer's current_data will likely
point to the Ethernet header.
With this fix:
- Keep relying on ethernet_buffer_get_header() to locate the Ethernet
header for input features. And start using vlib_buffer_get_current()
to locate the Ethernet header for output features. The function will
account for the Ethernet header's position change in the buffer's
data if there is rewriting.
- After fixing Ethernet header determination in the buffer's data,
L3/L4 fields will contain non-zero but still incorrect data. That is
because IP header determination needs to be fixed too. It currently
relies on the fact that the Ethernet header is always located at the
beginning of the buffer's data and that l2_hdr_sz can be used as an
IP header offset. However, this may not be the case after rewriting.
So start calculating the actual offset of the IP header in the
buffer's data.
- Add a unit test to cover the case.
Type: fix
Change-Id: Icf3f9e6518912d06dff0d5aa48e103b3dc94edb7
Signed-off-by: Alexander Chernavin <achernavin@netgate.com>
2023-11-07 11:25:21 +00:00
|
|
|
def test_rewritten_traffic(self):
|
|
|
|
|
"""Rewritten traffic (from subif to ipfix if)"""
|
|
|
|
|
self.pg_enable_capture(self.pg_interfaces)
|
|
|
|
|
self.pkts = []
|
|
|
|
|
|
|
|
|
|
# prepare a sub-interface
|
|
|
|
|
subif = VppDot1ADSubint(self, self.pg7, 0, 300, 400)
|
|
|
|
|
subif.admin_up()
|
|
|
|
|
subif.config_ip4()
|
|
|
|
|
|
|
|
|
|
# enable ip4 datapath for an interface
|
|
|
|
|
ipfix = VppCFLOW(
|
|
|
|
|
test=self,
|
|
|
|
|
intf="pg8",
|
|
|
|
|
datapath="ip4",
|
|
|
|
|
layer="l2 l3 l4",
|
|
|
|
|
direction=self.direction,
|
|
|
|
|
)
|
|
|
|
|
ipfix.add_vpp_config()
|
|
|
|
|
|
|
|
|
|
# template packet should arrive immediately
|
|
|
|
|
ipfix_decoder = IPFIXDecoder()
|
|
|
|
|
templates = ipfix.verify_templates(ipfix_decoder, count=1)
|
|
|
|
|
|
|
|
|
|
# forward some traffic through the ipfix interface
|
|
|
|
|
route = VppIpRoute(
|
|
|
|
|
self,
|
|
|
|
|
"9.0.0.0",
|
|
|
|
|
24,
|
|
|
|
|
[VppRoutePath(self.pg8.remote_ip4, self.pg8.sw_if_index)],
|
|
|
|
|
)
|
|
|
|
|
route.add_vpp_config()
|
|
|
|
|
|
|
|
|
|
# prepare an IPv4 packet (subif => ipfix interface)
|
|
|
|
|
pkt = (
|
|
|
|
|
Ether(src=subif.remote_mac, dst=self.pg7.local_mac)
|
|
|
|
|
/ IP(src=subif.remote_ip4, dst="9.0.0.1")
|
|
|
|
|
/ UDP(sport=1234, dport=4321)
|
|
|
|
|
/ Raw(b"\xa5" * 123)
|
|
|
|
|
)
|
|
|
|
|
self.pkts = [
|
|
|
|
|
subif.add_dot1ad_layer(pkt, 300, 400),
|
|
|
|
|
]
|
|
|
|
|
|
|
|
|
|
# send the packet
|
|
|
|
|
capture = self.send_packets(self.pg7, self.pg8)
|
|
|
|
|
|
|
|
|
|
# wait for a flow and verify it
|
|
|
|
|
self.vapi.ipfix_flush()
|
|
|
|
|
cflow = self.wait_for_cflow_packet(self.collector, templates[0])
|
|
|
|
|
self.verify_cflow_data(ipfix_decoder, capture, cflow)
|
|
|
|
|
self.verify_cflow_data_detail(
|
|
|
|
|
ipfix_decoder,
|
|
|
|
|
capture,
|
|
|
|
|
cflow,
|
|
|
|
|
{
|
|
|
|
|
IPFIX_SRC_IP4_ADDR_ID: "src_ip",
|
|
|
|
|
IPFIX_DST_IP4_ADDR_ID: "dst_ip",
|
|
|
|
|
IPFIX_SRC_TRANS_PORT_ID: "sport",
|
|
|
|
|
IPFIX_DST_TRANS_PORT_ID: "dport",
|
|
|
|
|
IPFIX_FLOW_DIRECTION_ID: (self.direction == "tx"),
|
|
|
|
|
},
|
|
|
|
|
)
|
|
|
|
|
|
|
|
|
|
self.collector.get_capture(2)
|
|
|
|
|
|
|
|
|
|
# cleanup
|
|
|
|
|
route.remove_vpp_config()
|
|
|
|
|
subif.remove_vpp_config()
|
|
|
|
|
ipfix.remove_vpp_config()
|
|
|
|
|
|
2022-05-06 11:35:59 +00:00
|
|
|
|
2024-03-11 10:38:46 +00:00
|
|
|
@unittest.skipIf(
|
|
|
|
|
"flowprobe" in config.excluded_plugins, "Exclude Flowprobe plugin tests"
|
|
|
|
|
)
|
2022-05-06 11:35:59 +00:00
|
|
|
class DatapathRx(MethodHolder, DatapathTestsHolder):
|
|
|
|
|
"""Collect info on Ethernet, IP4 and IP6 datapath (RX) (no timers)"""
|
|
|
|
|
|
|
|
|
|
intf1 = "pg1"
|
|
|
|
|
intf2 = "pg3"
|
|
|
|
|
intf3 = "pg5"
|
|
|
|
|
direction = "rx"
|
|
|
|
|
|
|
|
|
|
|
2021-05-31 16:08:53 +02:00
|
|
|
@unittest.skipUnless(config.extended, "part of extended tests")
|
2024-03-11 10:38:46 +00:00
|
|
|
@unittest.skipIf(
|
|
|
|
|
"flowprobe" in config.excluded_plugins, "Exclude Flowprobe plugin tests"
|
|
|
|
|
)
|
2017-06-12 08:26:13 +02:00
|
|
|
class DisableIPFIX(MethodHolder):
|
2017-03-13 13:39:52 +01:00
|
|
|
"""Disable IPFIX"""
|
|
|
|
|
|
2019-01-25 14:05:48 -08:00
|
|
|
@classmethod
|
|
|
|
|
def setUpClass(cls):
|
|
|
|
|
super(DisableIPFIX, cls).setUpClass()
|
|
|
|
|
|
|
|
|
|
@classmethod
|
|
|
|
|
def tearDownClass(cls):
|
|
|
|
|
super(DisableIPFIX, cls).tearDownClass()
|
|
|
|
|
|
2017-03-13 13:39:52 +01:00
|
|
|
def test_0001(self):
|
2022-04-26 19:02:15 +02:00
|
|
|
"""disable IPFIX after first packets"""
|
2017-03-13 13:39:52 +01:00
|
|
|
self.logger.info("FFP_TEST_START_0001")
|
|
|
|
|
self.pg_enable_capture(self.pg_interfaces)
|
|
|
|
|
self.pkts = []
|
|
|
|
|
|
2017-06-12 08:26:13 +02:00
|
|
|
ipfix = VppCFLOW(test=self)
|
2017-03-13 13:39:52 +01:00
|
|
|
ipfix.add_vpp_config()
|
|
|
|
|
|
|
|
|
|
ipfix_decoder = IPFIXDecoder()
|
|
|
|
|
# template packet should arrive immediately
|
2017-06-12 08:26:13 +02:00
|
|
|
templates = ipfix.verify_templates(ipfix_decoder)
|
2017-03-13 13:39:52 +01:00
|
|
|
|
|
|
|
|
self.create_stream()
|
|
|
|
|
self.send_packets()
|
|
|
|
|
|
|
|
|
|
# make sure the one packet we expect actually showed up
|
2019-06-24 09:55:46 -04:00
|
|
|
self.vapi.ipfix_flush()
|
2017-06-12 08:26:13 +02:00
|
|
|
self.wait_for_cflow_packet(self.collector, templates[1])
|
2017-03-13 13:39:52 +01:00
|
|
|
self.collector.get_capture(4)
|
|
|
|
|
|
2019-03-27 11:25:48 -07:00
|
|
|
# disable IPFIX
|
2017-03-13 13:39:52 +01:00
|
|
|
ipfix.disable_exporter()
|
|
|
|
|
self.pg_enable_capture([self.collector])
|
|
|
|
|
|
|
|
|
|
self.send_packets()
|
|
|
|
|
|
|
|
|
|
# make sure no one packet arrived in 1 minute
|
2019-06-24 09:55:46 -04:00
|
|
|
self.vapi.ipfix_flush()
|
2021-09-08 15:15:59 +02:00
|
|
|
self.sleep(1, "wait before verifying no packets sent")
|
|
|
|
|
self.collector.assert_nothing_captured()
|
2017-03-13 13:39:52 +01:00
|
|
|
|
|
|
|
|
ipfix.remove_vpp_config()
|
|
|
|
|
self.logger.info("FFP_TEST_FINISH_0001")
|
|
|
|
|
|
|
|
|
|
|
2021-05-31 16:08:53 +02:00
|
|
|
@unittest.skipUnless(config.extended, "part of extended tests")
|
2024-03-11 10:38:46 +00:00
|
|
|
@unittest.skipIf(
|
|
|
|
|
"flowprobe" in config.excluded_plugins, "Exclude Flowprobe plugin tests"
|
|
|
|
|
)
|
2017-06-12 08:26:13 +02:00
|
|
|
class ReenableIPFIX(MethodHolder):
|
2017-03-13 13:39:52 +01:00
|
|
|
"""Re-enable IPFIX"""
|
|
|
|
|
|
2019-01-25 14:05:48 -08:00
|
|
|
@classmethod
|
|
|
|
|
def setUpClass(cls):
|
|
|
|
|
super(ReenableIPFIX, cls).setUpClass()
|
|
|
|
|
|
|
|
|
|
@classmethod
|
|
|
|
|
def tearDownClass(cls):
|
|
|
|
|
super(ReenableIPFIX, cls).tearDownClass()
|
|
|
|
|
|
2017-06-12 08:26:13 +02:00
|
|
|
def test_0011(self):
|
2022-04-26 19:02:15 +02:00
|
|
|
"""disable IPFIX after first packets and re-enable after few packets"""
|
2017-03-13 13:39:52 +01:00
|
|
|
self.logger.info("FFP_TEST_START_0001")
|
|
|
|
|
self.pg_enable_capture(self.pg_interfaces)
|
|
|
|
|
self.pkts = []
|
|
|
|
|
|
2017-06-12 08:26:13 +02:00
|
|
|
ipfix = VppCFLOW(test=self)
|
2017-03-13 13:39:52 +01:00
|
|
|
ipfix.add_vpp_config()
|
|
|
|
|
|
|
|
|
|
ipfix_decoder = IPFIXDecoder()
|
|
|
|
|
# template packet should arrive immediately
|
2017-06-12 08:26:13 +02:00
|
|
|
templates = ipfix.verify_templates(ipfix_decoder)
|
2017-03-13 13:39:52 +01:00
|
|
|
|
2017-06-12 08:26:13 +02:00
|
|
|
self.create_stream(packets=5)
|
2017-03-13 13:39:52 +01:00
|
|
|
self.send_packets()
|
|
|
|
|
|
|
|
|
|
# make sure the one packet we expect actually showed up
|
2019-06-24 09:55:46 -04:00
|
|
|
self.vapi.ipfix_flush()
|
2017-06-12 08:26:13 +02:00
|
|
|
self.wait_for_cflow_packet(self.collector, templates[1])
|
2017-03-13 13:39:52 +01:00
|
|
|
self.collector.get_capture(4)
|
|
|
|
|
|
2019-01-25 14:05:48 -08:00
|
|
|
# disable IPFIX
|
2017-03-13 13:39:52 +01:00
|
|
|
ipfix.disable_exporter()
|
2019-06-24 09:55:46 -04:00
|
|
|
self.vapi.ipfix_flush()
|
2017-03-13 13:39:52 +01:00
|
|
|
self.pg_enable_capture([self.collector])
|
|
|
|
|
|
|
|
|
|
self.send_packets()
|
|
|
|
|
|
|
|
|
|
# make sure no one packet arrived in active timer span
|
2019-06-24 09:55:46 -04:00
|
|
|
self.vapi.ipfix_flush()
|
2021-09-08 15:15:59 +02:00
|
|
|
self.sleep(1, "wait before verifying no packets sent")
|
|
|
|
|
self.collector.assert_nothing_captured()
|
2017-06-12 08:26:13 +02:00
|
|
|
self.pg2.get_capture(5)
|
2017-03-13 13:39:52 +01:00
|
|
|
|
|
|
|
|
# enable IPFIX
|
|
|
|
|
ipfix.enable_exporter()
|
|
|
|
|
|
2017-06-12 08:26:13 +02:00
|
|
|
capture = self.collector.get_capture(4)
|
|
|
|
|
nr_templates = 0
|
|
|
|
|
nr_data = 0
|
|
|
|
|
for p in capture:
|
|
|
|
|
self.assertTrue(p.haslayer(IPFIX))
|
|
|
|
|
if p.haslayer(Template):
|
|
|
|
|
nr_templates += 1
|
|
|
|
|
self.assertTrue(nr_templates, 3)
|
|
|
|
|
for p in capture:
|
|
|
|
|
self.assertTrue(p.haslayer(IPFIX))
|
|
|
|
|
if p.haslayer(Data):
|
|
|
|
|
nr_data += 1
|
|
|
|
|
self.assertTrue(nr_templates, 1)
|
2017-03-13 13:39:52 +01:00
|
|
|
|
|
|
|
|
ipfix.remove_vpp_config()
|
|
|
|
|
self.logger.info("FFP_TEST_FINISH_0001")
|
|
|
|
|
|
|
|
|
|
|
2021-05-31 16:08:53 +02:00
|
|
|
@unittest.skipUnless(config.extended, "part of extended tests")
|
2024-03-11 10:38:46 +00:00
|
|
|
@unittest.skipIf(
|
|
|
|
|
"flowprobe" in config.excluded_plugins, "Exclude Flowprobe plugin tests"
|
|
|
|
|
)
|
2017-06-12 08:26:13 +02:00
|
|
|
class DisableFP(MethodHolder):
|
2017-03-13 13:39:52 +01:00
|
|
|
"""Disable Flowprobe feature"""
|
|
|
|
|
|
2019-01-25 14:05:48 -08:00
|
|
|
@classmethod
|
|
|
|
|
def setUpClass(cls):
|
|
|
|
|
super(DisableFP, cls).setUpClass()
|
|
|
|
|
|
|
|
|
|
@classmethod
|
|
|
|
|
def tearDownClass(cls):
|
|
|
|
|
super(DisableFP, cls).tearDownClass()
|
|
|
|
|
|
2017-03-13 13:39:52 +01:00
|
|
|
def test_0001(self):
|
2022-04-26 19:02:15 +02:00
|
|
|
"""disable flowprobe feature after first packets"""
|
2017-03-13 13:39:52 +01:00
|
|
|
self.logger.info("FFP_TEST_START_0001")
|
|
|
|
|
self.pg_enable_capture(self.pg_interfaces)
|
|
|
|
|
self.pkts = []
|
2017-06-12 08:26:13 +02:00
|
|
|
ipfix = VppCFLOW(test=self)
|
2017-03-13 13:39:52 +01:00
|
|
|
ipfix.add_vpp_config()
|
|
|
|
|
|
|
|
|
|
ipfix_decoder = IPFIXDecoder()
|
|
|
|
|
# template packet should arrive immediately
|
2017-06-12 08:26:13 +02:00
|
|
|
templates = ipfix.verify_templates(ipfix_decoder)
|
2017-03-13 13:39:52 +01:00
|
|
|
|
|
|
|
|
self.create_stream()
|
|
|
|
|
self.send_packets()
|
|
|
|
|
|
|
|
|
|
# make sure the one packet we expect actually showed up
|
2019-06-24 09:55:46 -04:00
|
|
|
self.vapi.ipfix_flush()
|
2017-06-12 08:26:13 +02:00
|
|
|
self.wait_for_cflow_packet(self.collector, templates[1])
|
2017-03-13 13:39:52 +01:00
|
|
|
self.collector.get_capture(4)
|
|
|
|
|
|
2019-03-27 11:25:48 -07:00
|
|
|
# disable IPFIX
|
2017-03-13 13:39:52 +01:00
|
|
|
ipfix.disable_flowprobe_feature()
|
|
|
|
|
self.pg_enable_capture([self.collector])
|
|
|
|
|
|
|
|
|
|
self.send_packets()
|
|
|
|
|
|
|
|
|
|
# make sure no one packet arrived in active timer span
|
2019-06-24 09:55:46 -04:00
|
|
|
self.vapi.ipfix_flush()
|
2021-09-08 15:15:59 +02:00
|
|
|
self.sleep(1, "wait before verifying no packets sent")
|
|
|
|
|
self.collector.assert_nothing_captured()
|
2017-03-13 13:39:52 +01:00
|
|
|
|
2023-08-31 00:47:44 -04:00
|
|
|
# enable FPP feature so the remove_vpp_config() doesn't fail
|
|
|
|
|
# due to missing feature on interface.
|
|
|
|
|
ipfix.enable_flowprobe_feature()
|
|
|
|
|
|
2017-03-13 13:39:52 +01:00
|
|
|
ipfix.remove_vpp_config()
|
|
|
|
|
self.logger.info("FFP_TEST_FINISH_0001")
|
|
|
|
|
|
2023-10-03 12:45:51 +00:00
|
|
|
def test_no_leftover_flows_after_disabling(self):
|
|
|
|
|
"""disable flowprobe feature and expect no leftover flows"""
|
|
|
|
|
self.pg_enable_capture(self.pg_interfaces)
|
|
|
|
|
self.pkts = []
|
|
|
|
|
|
|
|
|
|
# enable ip4 datapath for an interface
|
|
|
|
|
# set active and passive timers
|
|
|
|
|
ipfix = VppCFLOW(
|
|
|
|
|
test=self,
|
|
|
|
|
active=3,
|
|
|
|
|
passive=4,
|
|
|
|
|
intf="pg3",
|
|
|
|
|
layer="l3",
|
|
|
|
|
datapath="ip4",
|
|
|
|
|
direction="rx",
|
|
|
|
|
mtu=100,
|
|
|
|
|
)
|
|
|
|
|
ipfix.add_vpp_config()
|
|
|
|
|
|
|
|
|
|
# template packet should arrive immediately
|
|
|
|
|
ipfix.verify_templates(count=1)
|
|
|
|
|
|
|
|
|
|
# send some ip4 packets
|
|
|
|
|
self.create_stream(src_if=self.pg3, dst_if=self.pg4, packets=5)
|
|
|
|
|
self.send_packets(src_if=self.pg3, dst_if=self.pg4)
|
|
|
|
|
|
|
|
|
|
# disable feature for the interface
|
|
|
|
|
# currently stored ip4 flows should be removed
|
|
|
|
|
ipfix.disable_flowprobe_feature()
|
|
|
|
|
|
|
|
|
|
# no leftover ip4 flows are expected
|
|
|
|
|
self.pg_enable_capture([self.collector])
|
|
|
|
|
self.sleep(12, "wait for leftover ip4 flows during three passive intervals")
|
|
|
|
|
self.collector.assert_nothing_captured()
|
|
|
|
|
|
2023-10-26 11:48:06 +00:00
|
|
|
# re-enable feature for the interface
|
|
|
|
|
ipfix.enable_flowprobe_feature()
|
|
|
|
|
|
|
|
|
|
# template packet should arrive immediately
|
|
|
|
|
ipfix_decoder = IPFIXDecoder()
|
|
|
|
|
self.vapi.ipfix_flush()
|
|
|
|
|
templates = ipfix.verify_templates(ipfix_decoder, count=1)
|
|
|
|
|
|
|
|
|
|
# send some ip4 packets
|
|
|
|
|
self.create_stream(src_if=self.pg3, dst_if=self.pg4, packets=5)
|
|
|
|
|
capture = self.send_packets(src_if=self.pg3, dst_if=self.pg4)
|
|
|
|
|
|
|
|
|
|
# verify meta info - packet/octet delta
|
|
|
|
|
self.vapi.ipfix_flush()
|
|
|
|
|
cflow = self.wait_for_cflow_packet(self.collector, templates[0], timeout=8)
|
|
|
|
|
self.verify_cflow_data(ipfix_decoder, capture, cflow)
|
|
|
|
|
|
|
|
|
|
self.collector.get_capture(2)
|
|
|
|
|
|
2023-10-03 12:45:51 +00:00
|
|
|
# cleanup
|
2023-10-26 11:48:06 +00:00
|
|
|
ipfix.remove_vpp_config()
|
2023-10-03 12:45:51 +00:00
|
|
|
|
2017-03-13 13:39:52 +01:00
|
|
|
|
2021-05-31 16:08:53 +02:00
|
|
|
@unittest.skipUnless(config.extended, "part of extended tests")
|
2024-03-11 10:38:46 +00:00
|
|
|
@unittest.skipIf(
|
|
|
|
|
"flowprobe" in config.excluded_plugins, "Exclude Flowprobe plugin tests"
|
|
|
|
|
)
|
2017-06-12 08:26:13 +02:00
|
|
|
class ReenableFP(MethodHolder):
|
2017-03-13 13:39:52 +01:00
|
|
|
"""Re-enable Flowprobe feature"""
|
|
|
|
|
|
2019-01-25 14:05:48 -08:00
|
|
|
@classmethod
|
|
|
|
|
def setUpClass(cls):
|
|
|
|
|
super(ReenableFP, cls).setUpClass()
|
|
|
|
|
|
|
|
|
|
@classmethod
|
|
|
|
|
def tearDownClass(cls):
|
|
|
|
|
super(ReenableFP, cls).tearDownClass()
|
|
|
|
|
|
2017-03-13 13:39:52 +01:00
|
|
|
def test_0001(self):
|
2022-04-26 19:02:15 +02:00
|
|
|
"""disable flowprobe feature after first packets and re-enable
|
|
|
|
|
after few packets"""
|
2017-03-13 13:39:52 +01:00
|
|
|
self.logger.info("FFP_TEST_START_0001")
|
|
|
|
|
self.pg_enable_capture(self.pg_interfaces)
|
|
|
|
|
self.pkts = []
|
|
|
|
|
|
2017-06-12 08:26:13 +02:00
|
|
|
ipfix = VppCFLOW(test=self)
|
2017-03-13 13:39:52 +01:00
|
|
|
ipfix.add_vpp_config()
|
|
|
|
|
|
|
|
|
|
ipfix_decoder = IPFIXDecoder()
|
|
|
|
|
# template packet should arrive immediately
|
2019-06-24 09:55:46 -04:00
|
|
|
self.vapi.ipfix_flush()
|
2017-03-13 13:39:52 +01:00
|
|
|
templates = ipfix.verify_templates(ipfix_decoder, timeout=3)
|
|
|
|
|
|
|
|
|
|
self.create_stream()
|
|
|
|
|
self.send_packets()
|
|
|
|
|
|
|
|
|
|
# make sure the one packet we expect actually showed up
|
2019-06-24 09:55:46 -04:00
|
|
|
self.vapi.ipfix_flush()
|
2017-06-12 08:26:13 +02:00
|
|
|
self.wait_for_cflow_packet(self.collector, templates[1], 5)
|
2017-03-13 13:39:52 +01:00
|
|
|
self.collector.get_capture(4)
|
|
|
|
|
|
2019-03-27 11:25:48 -07:00
|
|
|
# disable FPP feature
|
2017-03-13 13:39:52 +01:00
|
|
|
ipfix.disable_flowprobe_feature()
|
|
|
|
|
self.pg_enable_capture([self.collector])
|
|
|
|
|
|
|
|
|
|
self.send_packets()
|
|
|
|
|
|
|
|
|
|
# make sure no one packet arrived in active timer span
|
2019-06-24 09:55:46 -04:00
|
|
|
self.vapi.ipfix_flush()
|
2021-09-08 15:15:59 +02:00
|
|
|
self.sleep(5, "wait before verifying no packets sent")
|
|
|
|
|
self.collector.assert_nothing_captured()
|
2017-03-13 13:39:52 +01:00
|
|
|
|
|
|
|
|
# enable FPP feature
|
|
|
|
|
ipfix.enable_flowprobe_feature()
|
2019-06-24 09:55:46 -04:00
|
|
|
self.vapi.ipfix_flush()
|
2017-03-13 13:39:52 +01:00
|
|
|
templates = ipfix.verify_templates(ipfix_decoder, timeout=3)
|
|
|
|
|
|
|
|
|
|
self.send_packets()
|
|
|
|
|
|
|
|
|
|
# make sure the next packets (templates and data) we expect actually
|
|
|
|
|
# showed up
|
2019-06-24 09:55:46 -04:00
|
|
|
self.vapi.ipfix_flush()
|
2017-06-12 08:26:13 +02:00
|
|
|
self.wait_for_cflow_packet(self.collector, templates[1], 5)
|
2017-03-13 13:39:52 +01:00
|
|
|
self.collector.get_capture(4)
|
|
|
|
|
|
|
|
|
|
ipfix.remove_vpp_config()
|
|
|
|
|
self.logger.info("FFP_TEST_FINISH_0001")
|
|
|
|
|
|
|
|
|
|
|
2022-04-26 19:02:15 +02:00
|
|
|
if __name__ == "__main__":
|
2017-03-13 13:39:52 +01:00
|
|
|
unittest.main(testRunner=VppTestRunner)
|