097fa66b98
Enhance the route add/del APIs to take a set of paths rather than just one. Most unicast routing protocols calcualte all the available paths in one run of the algorithm so updating all the paths at once is beneficial for the client. two knobs control the behaviour: is_multipath - if set the the set of paths passed will be added to those that already exist, otherwise the set will replace them. is_add - add or remove the set is_add=0, is_multipath=1 and an empty set, results in deleting the route. It is also considerably faster to add multiple paths at once, than one at a time: vat# ip_add_del_route 1.1.1.1/32 count 100000 multipath via 10.10.10.11 100000 routes in .572240 secs, 174751.80 routes/sec vat# ip_add_del_route 1.1.1.1/32 count 100000 multipath via 10.10.10.12 100000 routes in .528383 secs, 189256.54 routes/sec vat# ip_add_del_route 1.1.1.1/32 count 100000 multipath via 10.10.10.13 100000 routes in .757131 secs, 132077.52 routes/sec vat# ip_add_del_route 1.1.1.1/32 count 100000 multipath via 10.10.10.14 100000 routes in .878317 secs, 113854.12 routes/sec vat# ip_route_add_del 1.1.1.1/32 count 100000 multipath via 10.10.10.11 via 10.10.10.12 via 10.10.10.13 via 10.10.10.14 100000 routes in .900212 secs, 111084.93 routes/sec Change-Id: I416b93f7684745099c1adb0b33edac58c9339c1a Signed-off-by: Neale Ranns <neale.ranns@cisco.com> Signed-off-by: Ole Troan <ot@cisco.com> Signed-off-by: Paul Vinciguerra <pvinci@vinciconsulting.com>
418 lines
15 KiB
Python
418 lines
15 KiB
Python
#!/usr/bin/env python
|
|
import unittest
|
|
|
|
from framework import VppTestCase, VppTestRunner
|
|
from vpp_ip_route import VppIpRoute, VppRoutePath, FibPathType
|
|
from vpp_l2 import L2_PORT_TYPE
|
|
from vpp_sub_interface import L2_VTR_OP, VppDot1QSubint
|
|
|
|
from scapy.packet import Raw
|
|
from scapy.layers.l2 import Ether, Dot1Q
|
|
from scapy.layers.inet import IP, UDP
|
|
from socket import AF_INET, inet_pton
|
|
|
|
NUM_PKTS = 67
|
|
|
|
|
|
class TestDVR(VppTestCase):
|
|
""" Distributed Virtual Router """
|
|
|
|
@classmethod
|
|
def setUpClass(cls):
|
|
super(TestDVR, cls).setUpClass()
|
|
|
|
@classmethod
|
|
def tearDownClass(cls):
|
|
super(TestDVR, cls).tearDownClass()
|
|
|
|
def setUp(self):
|
|
super(TestDVR, self).setUp()
|
|
|
|
self.create_pg_interfaces(range(4))
|
|
self.create_loopback_interfaces(1)
|
|
|
|
for i in self.pg_interfaces:
|
|
i.admin_up()
|
|
|
|
self.loop0.config_ip4()
|
|
|
|
def tearDown(self):
|
|
for i in self.pg_interfaces:
|
|
i.admin_down()
|
|
self.loop0.unconfig_ip4()
|
|
|
|
super(TestDVR, self).tearDown()
|
|
|
|
def assert_same_mac_addr(self, tx, rx):
|
|
t_eth = tx[Ether]
|
|
for p in rx:
|
|
r_eth = p[Ether]
|
|
self.assertEqual(t_eth.src, r_eth.src)
|
|
self.assertEqual(t_eth.dst, r_eth.dst)
|
|
|
|
def assert_has_vlan_tag(self, tag, rx):
|
|
for p in rx:
|
|
r_1q = p[Dot1Q]
|
|
self.assertEqual(tag, r_1q.vlan)
|
|
|
|
def assert_has_no_tag(self, rx):
|
|
for p in rx:
|
|
self.assertFalse(p.haslayer(Dot1Q))
|
|
|
|
def test_dvr(self):
|
|
""" Distributed Virtual Router """
|
|
|
|
#
|
|
# A packet destined to an IP address that is L2 bridged via
|
|
# a non-tag interface
|
|
#
|
|
ip_non_tag_bridged = "10.10.10.10"
|
|
ip_tag_bridged = "10.10.10.11"
|
|
any_src_addr = "1.1.1.1"
|
|
|
|
pkt_no_tag = (Ether(src=self.pg0.remote_mac,
|
|
dst=self.loop0.local_mac) /
|
|
IP(src=any_src_addr,
|
|
dst=ip_non_tag_bridged) /
|
|
UDP(sport=1234, dport=1234) /
|
|
Raw('\xa5' * 100))
|
|
pkt_tag = (Ether(src=self.pg0.remote_mac,
|
|
dst=self.loop0.local_mac) /
|
|
IP(src=any_src_addr,
|
|
dst=ip_tag_bridged) /
|
|
UDP(sport=1234, dport=1234) /
|
|
Raw('\xa5' * 100))
|
|
|
|
#
|
|
# Two sub-interfaces so we can test VLAN tag push/pop
|
|
#
|
|
sub_if_on_pg2 = VppDot1QSubint(self, self.pg2, 92)
|
|
sub_if_on_pg3 = VppDot1QSubint(self, self.pg3, 93)
|
|
sub_if_on_pg2.admin_up()
|
|
sub_if_on_pg3.admin_up()
|
|
|
|
#
|
|
# Put all the interfaces into a new bridge domain
|
|
#
|
|
self.vapi.sw_interface_set_l2_bridge(
|
|
rx_sw_if_index=self.pg0.sw_if_index, bd_id=1)
|
|
self.vapi.sw_interface_set_l2_bridge(
|
|
rx_sw_if_index=self.pg1.sw_if_index, bd_id=1)
|
|
self.vapi.sw_interface_set_l2_bridge(
|
|
rx_sw_if_index=sub_if_on_pg2.sw_if_index, bd_id=1)
|
|
self.vapi.sw_interface_set_l2_bridge(
|
|
rx_sw_if_index=sub_if_on_pg3.sw_if_index, bd_id=1)
|
|
self.vapi.sw_interface_set_l2_bridge(
|
|
rx_sw_if_index=self.loop0.sw_if_index, bd_id=1,
|
|
port_type=L2_PORT_TYPE.BVI)
|
|
|
|
self.vapi.l2_interface_vlan_tag_rewrite(
|
|
sw_if_index=sub_if_on_pg2.sw_if_index, vtr_op=L2_VTR_OP.L2_POP_1,
|
|
push_dot1q=92)
|
|
self.vapi.l2_interface_vlan_tag_rewrite(
|
|
sw_if_index=sub_if_on_pg3.sw_if_index, vtr_op=L2_VTR_OP.L2_POP_1,
|
|
push_dot1q=93)
|
|
|
|
#
|
|
# Add routes to bridge the traffic via a tagged an nontagged interface
|
|
#
|
|
route_no_tag = VppIpRoute(
|
|
self, ip_non_tag_bridged, 32,
|
|
[VppRoutePath("0.0.0.0",
|
|
self.pg1.sw_if_index,
|
|
type=FibPathType.FIB_PATH_TYPE_DVR)])
|
|
route_no_tag.add_vpp_config()
|
|
|
|
#
|
|
# Inject the packet that arrives and leaves on a non-tagged interface
|
|
# Since it's 'bridged' expect that the MAC headed is unchanged.
|
|
#
|
|
rx = self.send_and_expect(self.pg0, pkt_no_tag * NUM_PKTS, self.pg1)
|
|
self.assert_same_mac_addr(pkt_no_tag, rx)
|
|
self.assert_has_no_tag(rx)
|
|
|
|
#
|
|
# Add routes to bridge the traffic via a tagged interface
|
|
#
|
|
route_with_tag = VppIpRoute(
|
|
self, ip_tag_bridged, 32,
|
|
[VppRoutePath("0.0.0.0",
|
|
sub_if_on_pg3.sw_if_index,
|
|
type=FibPathType.FIB_PATH_TYPE_DVR)])
|
|
route_with_tag.add_vpp_config()
|
|
|
|
#
|
|
# Inject the packet that arrives non-tag and leaves on a tagged
|
|
# interface
|
|
#
|
|
rx = self.send_and_expect(self.pg0, pkt_tag * NUM_PKTS, self.pg3)
|
|
self.assert_same_mac_addr(pkt_tag, rx)
|
|
self.assert_has_vlan_tag(93, rx)
|
|
|
|
#
|
|
# Tag to tag
|
|
#
|
|
pkt_tag_to_tag = (Ether(src=self.pg2.remote_mac,
|
|
dst=self.loop0.local_mac) /
|
|
Dot1Q(vlan=92) /
|
|
IP(src=any_src_addr,
|
|
dst=ip_tag_bridged) /
|
|
UDP(sport=1234, dport=1234) /
|
|
Raw('\xa5' * 100))
|
|
|
|
rx = self.send_and_expect(self.pg2,
|
|
pkt_tag_to_tag * NUM_PKTS,
|
|
self.pg3)
|
|
self.assert_same_mac_addr(pkt_tag_to_tag, rx)
|
|
self.assert_has_vlan_tag(93, rx)
|
|
|
|
#
|
|
# Tag to non-Tag
|
|
#
|
|
pkt_tag_to_non_tag = (Ether(src=self.pg2.remote_mac,
|
|
dst=self.loop0.local_mac) /
|
|
Dot1Q(vlan=92) /
|
|
IP(src=any_src_addr,
|
|
dst=ip_non_tag_bridged) /
|
|
UDP(sport=1234, dport=1234) /
|
|
Raw('\xa5' * 100))
|
|
|
|
rx = self.send_and_expect(self.pg2,
|
|
pkt_tag_to_non_tag * NUM_PKTS,
|
|
self.pg1)
|
|
self.assert_same_mac_addr(pkt_tag_to_tag, rx)
|
|
self.assert_has_no_tag(rx)
|
|
|
|
#
|
|
# Add an output L3 ACL that will block the traffic
|
|
#
|
|
rule_1 = ({'is_permit': 0,
|
|
'is_ipv6': 0,
|
|
'proto': 17,
|
|
'srcport_or_icmptype_first': 1234,
|
|
'srcport_or_icmptype_last': 1234,
|
|
'src_ip_prefix_len': 32,
|
|
'src_ip_addr': inet_pton(AF_INET, any_src_addr),
|
|
'dstport_or_icmpcode_first': 1234,
|
|
'dstport_or_icmpcode_last': 1234,
|
|
'dst_ip_prefix_len': 32,
|
|
'dst_ip_addr': inet_pton(AF_INET, ip_non_tag_bridged)})
|
|
acl = self.vapi.acl_add_replace(acl_index=4294967295,
|
|
r=[rule_1])
|
|
|
|
#
|
|
# Apply the ACL on the output interface
|
|
#
|
|
self.vapi.acl_interface_set_acl_list(self.pg1.sw_if_index,
|
|
0,
|
|
[acl.acl_index])
|
|
|
|
#
|
|
# Send packet's that should match the ACL and be dropped
|
|
#
|
|
rx = self.send_and_assert_no_replies(self.pg2,
|
|
pkt_tag_to_non_tag * NUM_PKTS)
|
|
|
|
#
|
|
# cleanup
|
|
#
|
|
self.vapi.acl_interface_set_acl_list(self.pg1.sw_if_index,
|
|
0, [])
|
|
self.vapi.acl_del(acl.acl_index)
|
|
|
|
self.vapi.sw_interface_set_l2_bridge(
|
|
rx_sw_if_index=self.pg0.sw_if_index, bd_id=1, enable=0)
|
|
self.vapi.sw_interface_set_l2_bridge(
|
|
rx_sw_if_index=self.pg1.sw_if_index, bd_id=1, enable=0)
|
|
self.vapi.sw_interface_set_l2_bridge(
|
|
rx_sw_if_index=sub_if_on_pg2.sw_if_index, bd_id=1, enable=0)
|
|
self.vapi.sw_interface_set_l2_bridge(
|
|
rx_sw_if_index=sub_if_on_pg3.sw_if_index, bd_id=1, enable=0)
|
|
self.vapi.sw_interface_set_l2_bridge(
|
|
rx_sw_if_index=self.loop0.sw_if_index, bd_id=1,
|
|
port_type=L2_PORT_TYPE.BVI, enable=0)
|
|
|
|
#
|
|
# Do a FIB dump to make sure the paths are correctly reported as DVR
|
|
#
|
|
routes = self.vapi.ip_route_dump(0)
|
|
|
|
for r in routes:
|
|
if (ip_tag_bridged == str(r.route.prefix.network_address)):
|
|
self.assertEqual(r.route.paths[0].sw_if_index,
|
|
sub_if_on_pg3.sw_if_index)
|
|
self.assertEqual(r.route.paths[0].type,
|
|
FibPathType.FIB_PATH_TYPE_DVR)
|
|
if (ip_non_tag_bridged == str(r.route.prefix.network_address)):
|
|
self.assertEqual(r.route.paths[0].sw_if_index,
|
|
self.pg1.sw_if_index)
|
|
self.assertEqual(r.route.paths[0].type,
|
|
FibPathType.FIB_PATH_TYPE_DVR)
|
|
|
|
#
|
|
# the explicit route delete is require so it happens before
|
|
# the sbu-interface delete. subinterface delete is required
|
|
# because that object type does not use the object registry
|
|
#
|
|
route_no_tag.remove_vpp_config()
|
|
route_with_tag.remove_vpp_config()
|
|
sub_if_on_pg3.remove_vpp_config()
|
|
sub_if_on_pg2.remove_vpp_config()
|
|
|
|
def test_l2_emulation(self):
|
|
""" L2 Emulation """
|
|
|
|
#
|
|
# non distinct L3 packets, in the tag/non-tag combos
|
|
#
|
|
pkt_no_tag = (Ether(src=self.pg0.remote_mac,
|
|
dst=self.pg1.remote_mac) /
|
|
IP(src="2.2.2.2",
|
|
dst="1.1.1.1") /
|
|
UDP(sport=1234, dport=1234) /
|
|
Raw('\xa5' * 100))
|
|
pkt_to_tag = (Ether(src=self.pg0.remote_mac,
|
|
dst=self.pg2.remote_mac) /
|
|
IP(src="2.2.2.2",
|
|
dst="1.1.1.2") /
|
|
UDP(sport=1234, dport=1234) /
|
|
Raw('\xa5' * 100))
|
|
pkt_from_tag = (Ether(src=self.pg3.remote_mac,
|
|
dst=self.pg2.remote_mac) /
|
|
Dot1Q(vlan=93) /
|
|
IP(src="2.2.2.2",
|
|
dst="1.1.1.1") /
|
|
UDP(sport=1234, dport=1234) /
|
|
Raw('\xa5' * 100))
|
|
pkt_from_to_tag = (Ether(src=self.pg3.remote_mac,
|
|
dst=self.pg2.remote_mac) /
|
|
Dot1Q(vlan=93) /
|
|
IP(src="2.2.2.2",
|
|
dst="1.1.1.2") /
|
|
UDP(sport=1234, dport=1234) /
|
|
Raw('\xa5' * 100))
|
|
pkt_bcast = (Ether(src=self.pg0.remote_mac,
|
|
dst="ff:ff:ff:ff:ff:ff") /
|
|
IP(src="2.2.2.2",
|
|
dst="255.255.255.255") /
|
|
UDP(sport=1234, dport=1234) /
|
|
Raw('\xa5' * 100))
|
|
|
|
#
|
|
# A couple of sub-interfaces for tags
|
|
#
|
|
sub_if_on_pg2 = VppDot1QSubint(self, self.pg2, 92)
|
|
sub_if_on_pg3 = VppDot1QSubint(self, self.pg3, 93)
|
|
sub_if_on_pg2.admin_up()
|
|
sub_if_on_pg3.admin_up()
|
|
|
|
#
|
|
# Put all the interfaces into a new bridge domain
|
|
#
|
|
self.vapi.sw_interface_set_l2_bridge(
|
|
rx_sw_if_index=self.pg0.sw_if_index, bd_id=1)
|
|
self.vapi.sw_interface_set_l2_bridge(
|
|
rx_sw_if_index=self.pg1.sw_if_index, bd_id=1)
|
|
self.vapi.sw_interface_set_l2_bridge(
|
|
rx_sw_if_index=sub_if_on_pg2.sw_if_index, bd_id=1)
|
|
self.vapi.sw_interface_set_l2_bridge(
|
|
rx_sw_if_index=sub_if_on_pg3.sw_if_index, bd_id=1)
|
|
self.vapi.l2_interface_vlan_tag_rewrite(
|
|
sw_if_index=sub_if_on_pg2.sw_if_index, vtr_op=L2_VTR_OP.L2_POP_1,
|
|
push_dot1q=92)
|
|
self.vapi.l2_interface_vlan_tag_rewrite(
|
|
sw_if_index=sub_if_on_pg3.sw_if_index, vtr_op=L2_VTR_OP.L2_POP_1,
|
|
push_dot1q=93)
|
|
|
|
#
|
|
# Disable UU flooding, learning and ARP termination. makes this test
|
|
# easier as unicast packets are dropped if not extracted.
|
|
#
|
|
self.vapi.bridge_flags(bd_id=1, is_set=0,
|
|
flags=(1 << 0) | (1 << 3) | (1 << 4))
|
|
|
|
#
|
|
# Add a DVR route to steer traffic at L3
|
|
#
|
|
route_1 = VppIpRoute(
|
|
self, "1.1.1.1", 32,
|
|
[VppRoutePath("0.0.0.0",
|
|
self.pg1.sw_if_index,
|
|
type=FibPathType.FIB_PATH_TYPE_DVR)])
|
|
route_2 = VppIpRoute(
|
|
self, "1.1.1.2", 32,
|
|
[VppRoutePath("0.0.0.0",
|
|
sub_if_on_pg2.sw_if_index,
|
|
type=FibPathType.FIB_PATH_TYPE_DVR)])
|
|
route_1.add_vpp_config()
|
|
route_2.add_vpp_config()
|
|
|
|
#
|
|
# packets are dropped because bridge does not flood unknown unicast
|
|
#
|
|
self.send_and_assert_no_replies(self.pg0, pkt_no_tag)
|
|
|
|
#
|
|
# Enable L3 extraction on pgs
|
|
#
|
|
self.vapi.l2_emulation(self.pg0.sw_if_index)
|
|
self.vapi.l2_emulation(self.pg1.sw_if_index)
|
|
self.vapi.l2_emulation(sub_if_on_pg2.sw_if_index)
|
|
self.vapi.l2_emulation(sub_if_on_pg3.sw_if_index)
|
|
|
|
#
|
|
# now we expect the packet forward according to the DVR route
|
|
#
|
|
rx = self.send_and_expect(self.pg0, pkt_no_tag * NUM_PKTS, self.pg1)
|
|
self.assert_same_mac_addr(pkt_no_tag, rx)
|
|
self.assert_has_no_tag(rx)
|
|
|
|
rx = self.send_and_expect(self.pg0, pkt_to_tag * NUM_PKTS, self.pg2)
|
|
self.assert_same_mac_addr(pkt_to_tag, rx)
|
|
self.assert_has_vlan_tag(92, rx)
|
|
|
|
rx = self.send_and_expect(self.pg3, pkt_from_tag * NUM_PKTS, self.pg1)
|
|
self.assert_same_mac_addr(pkt_from_tag, rx)
|
|
self.assert_has_no_tag(rx)
|
|
|
|
rx = self.send_and_expect(self.pg3,
|
|
pkt_from_to_tag * NUM_PKTS,
|
|
self.pg2)
|
|
self.assert_same_mac_addr(pkt_from_tag, rx)
|
|
self.assert_has_vlan_tag(92, rx)
|
|
|
|
#
|
|
# but broadcast packets are still flooded
|
|
#
|
|
self.send_and_expect(self.pg0, pkt_bcast * 33, self.pg2)
|
|
|
|
#
|
|
# cleanup
|
|
#
|
|
self.vapi.l2_emulation(self.pg0.sw_if_index,
|
|
enable=0)
|
|
self.vapi.l2_emulation(self.pg1.sw_if_index,
|
|
enable=0)
|
|
self.vapi.l2_emulation(sub_if_on_pg2.sw_if_index,
|
|
enable=0)
|
|
self.vapi.l2_emulation(sub_if_on_pg3.sw_if_index,
|
|
enable=0)
|
|
|
|
self.vapi.sw_interface_set_l2_bridge(
|
|
rx_sw_if_index=self.pg0.sw_if_index, bd_id=1, enable=0)
|
|
self.vapi.sw_interface_set_l2_bridge(
|
|
rx_sw_if_index=self.pg1.sw_if_index, bd_id=1, enable=0)
|
|
self.vapi.sw_interface_set_l2_bridge(
|
|
rx_sw_if_index=sub_if_on_pg2.sw_if_index, bd_id=1, enable=0)
|
|
self.vapi.sw_interface_set_l2_bridge(
|
|
rx_sw_if_index=sub_if_on_pg3.sw_if_index, bd_id=1, enable=0)
|
|
|
|
route_1.remove_vpp_config()
|
|
route_2.remove_vpp_config()
|
|
sub_if_on_pg3.remove_vpp_config()
|
|
sub_if_on_pg2.remove_vpp_config()
|
|
|
|
|
|
if __name__ == '__main__':
|
|
unittest.main(testRunner=VppTestRunner)
|