go.ligato.io/vpp-agent/v3@v3.5.0/tests/robot/suites/traffic/acl_traffic/acl_traffic.robot (about) 1 *** Settings *** 2 Library OperatingSystem 3 #Library RequestsLibrary 4 #Library SSHLibrary timeout=60s 5 #Library String 6 7 Resource ../../../variables/${VARIABLES}_variables.robot 8 9 Resource ../../../libraries/all_libs.robot 10 Resource ../../../libraries/pretty_keywords.robot 11 12 Force Tags traffic IPv4 ExpectedFailure 13 Suite Setup Testsuite Setup 14 Suite Teardown Suite Cleanup 15 Test Setup TestSetup 16 Test Teardown TestTeardown 17 18 *** Variables *** 19 ${VARIABLES}= common 20 ${ENV}= common 21 22 ${WAIT_TIMEOUT}= 20s 23 ${SYNC_SLEEP}= 3s 24 ${RESYNC_SLEEP}= 20s 25 26 ${AGENT1_VETH_MAC}= 02:00:00:00:00:01 27 ${AGENT2_VETH_MAC}= 02:00:00:00:00:02 28 ${REPLY_DATA_FOLDER} ${CURDIR}/replyACL 29 ${VARIABLES}= common 30 ${ENV}= common 31 ${ACL1_NAME}= acl1_tcp 32 ${ACL2_NAME}= acl2_tcp 33 ${ACL3_NAME}= acl3_UDP 34 ${ACL4_NAME}= acl4_UDP 35 ${ACL5_NAME}= acl5_ICMP 36 ${ACL6_NAME}= acl6_ICMP 37 ${E_INTF1}= IF_AFPIF_VSWITCH_node_2_node2_veth 38 ${I_INTF1}= IF_AFPIF_VSWITCH_node_1_node1_veth 39 ${E_INTF2}= IF_AFPIF_VSWITCH_node_1_node1_veth 40 ${I_INTF2}= IF_AFPIF_VSWITCH_node_2_node2_veth 41 42 43 ${ACTION_DENY}= 1 44 ${ACTION_PERMIT}= 2 45 ${DEST_NTW}= 10.0.0.0/24 46 ${SRC_NTW}= 10.0.0.0/24 47 ${NO_PORT}= 48 ${TCP_PORT}= 3000 49 ${UDP_PORT}= 3001 50 51 ${AFPACKET_INTERNAL_NAME1}= host-node_1_noeth_1 52 ${AFPACKET_INTERNAL_NAME1}= host-node_2_noeth_2 53 54 *** Test Cases *** 55 Configure Environment 56 [Tags] setup 57 ${DATA_FOLDER}= Catenate SEPARATOR=/ ${CURDIR} ${TEST_DATA_FOLDER} 58 Set Suite Variable ${DATA_FOLDER} 59 Configure Environment 2 acl_basic.conf 60 #Show Interfaces And Other Objects 61 62 Check AfPackets On Vswitch 63 Wait Until Keyword Succeeds ${WAIT_TIMEOUT} ${SYNC_SLEEP} vat_term: Check Afpacket Interface State agent_vpp_1 IF_AFPIF_VSWITCH_node_1_node1_veth enabled=1 64 Wait Until Keyword Succeeds ${WAIT_TIMEOUT} ${SYNC_SLEEP} vat_term: Check Afpacket Interface State agent_vpp_1 IF_AFPIF_VSWITCH_node_2_node2_veth enabled=1 65 66 Create Loopbak Intfs 67 Create loopback interface loop0 on agent_vpp_1 with ip 20.1.1.1/24 and mac 8a:f1:be:90:00:00 68 Create loopback interface loop1 on agent_vpp_1 with ip 30.1.1.1/24 and mac 8a:f1:be:90:20:00 69 70 Check Veth Interface On Agent1 71 Wait Until Keyword Succeeds ${WAIT_TIMEOUT} ${SYNC_SLEEP} linux: Interface With IP Is Created node_1 mac=${AGENT1_VETH_MAC} ipv4=10.0.0.10/24 72 # status check not implemented in linux plugin 73 #linux: Check Veth Interface State agent_vpp_1 agent1_veth mac=${AGENT1_VETH_MAC} ipv4=10.0.0.10/24 mtu=1500 state=up 74 75 Check Veth Interface On Agent2 76 Wait Until Keyword Succeeds ${WAIT_TIMEOUT} ${SYNC_SLEEP} linux: Interface With IP Is Created node_2 mac=${AGENT2_VETH_MAC} ipv4=10.0.0.11/24 77 # status check not implemented in linux plugin 78 #linux: Check Veth Interface State agent_vpp_1 agent2_veth mac=${AGENT2_VETH_MAC} ipv4=10.0.0.11/24 mtu=1500 state=up 79 80 Check Bridge Domain Is Created 81 Wait Until Keyword Succeeds ${WAIT_TIMEOUT} ${SYNC_SLEEP} vat_term: BD Is Created agent_vpp_1 IF_AFPIF_VSWITCH_node_1_node1_veth IF_AFPIF_VSWITCH_node_2_node2_veth 82 83 Check loop0 Is Created 84 Wait Until Keyword Succeeds ${WAIT_TIMEOUT} ${SYNC_SLEEP} vpp_term: Interface Is Created node=agent_vpp_1 mac=8a:f1:be:90:00:00 85 Wait Until Keyword Succeeds ${WAIT_TIMEOUT} ${SYNC_SLEEP} vat_term: Check Loopback Interface State agent_vpp_1 loop0 enabled=1 mac=8a:f1:be:90:00:00 mtu=1500 ipv4=20.1.1.1/24 86 87 Check loop1 Is Created 88 Wait Until Keyword Succeeds ${WAIT_TIMEOUT} ${SYNC_SLEEP} vpp_term: Interface Is Created node=agent_vpp_1 mac=8a:f1:be:90:20:00 89 Wait Until Keyword Succeeds ${WAIT_TIMEOUT} ${SYNC_SLEEP} vat_term: Check Loopback Interface State agent_vpp_1 loop0 enabled=1 mac=8a:f1:be:90:20:00 mtu=1500 ipv4=30.1.1.1/24 90 91 Create BD fo Loopbacks 92 Create Bridge Domain bd2 With Autolearn On agent_vpp_1 with interfaces loop0, loop1 93 94 #Add Routes 95 # Create Route On agent_vpp_1 With IP 20.0.0.0/24 With Next Hop 10.0.0.10 And Vrf Id 0 96 # Create Route On agent_vpp_1 With IP 10.0.0.0/24 With Next Hop 20.0.0.11 And Vrf Id 0 97 98 Add Tracing on Vpp for AFpackets 99 vpp_term: Add Trace Afpacket agent_vpp_1 100 101 102 Show All Objects 103 Show Interfaces And Other Objects 104 105 Start TCP And UDP Listeners 106 Start UDP and TCP Ping Servers 107 108 Check Ping Agent1 -> Agent2 109 linux: Check Ping node_1 10.0.0.11 110 111 Check Ping Agent2 -> Agent1 112 linux: Check Ping node_2 10.0.0.10 113 114 Ping Loop0 -> Loop1 115 vpp_term: Check Ping Within Interface agent_vpp_1 30.1.1.1 loop0 15 116 117 Ping Loop1 -> Loop0 118 vpp_term: Check Ping Within Interface agent_vpp_1 20.1.1.1 loop1 15 119 120 121 #Check UDP Ping Agent1 -> Agent2 122 # linux: UDPPing node_1 10.0.0.11 ${UDP_PORT} 123 # 124 #Check TCP Ping Agent1 -> Agent2 125 # linux: TCPPing node_1 10.0.0.11 ${TCP_PORT} 126 # 127 #Check UDP Ping Agent2 -> Agent1 128 # linux: UDPPing node_2 10.0.0.10 ${UDP_PORT} 129 # 130 #Check TCP Ping Agent2 -> Agent1 131 # linux: TCPPing node_2 10.0.0.10 ${TCP_PORT} 132 133 Show Tracing 134 vpp_term: Show Trace agent_vpp_1 135 136 #Sleep 500s 137 138 #Add ACL1_TCP Disable TCP Port 139 # Put ACL TCP agent_vpp_1 ${ACL1_NAME} ${E_INTF1} ${I_INTF1} ${ACTION_DENY} ${DEST_NTW} ${SRC_NTW} ${TCP_PORT} ${TCP_PORT} ${TCP_PORT} ${TCP_PORT} 140 # Sleep ${SYNC_SLEEP} 141 # 142 #Check ACL1_TCP is created 143 # Check ACL Reply agent_vpp_1 ${ACL1_NAME} ${REPLY_DATA_FOLDER}/reply_acl1_tcp.txt ${REPLY_DATA_FOLDER}/reply_acl1_tcp_term.txt 144 # 145 #ADD ACL1_UDP Disable UDP Port 146 # Put ACL UDP agent_vpp_1 ${ACL3_NAME} ${E_INTF1} ${I_INTF1} ${E_INTF2} ${I_INTF2} ${ACTION_DENY} ${DEST_NTW} ${SRC_NTW} ${UDP_PORT} ${UDP_PORT} ${UDP_PORT} ${UDP_PORT} 147 # Sleep ${SYNC_SLEEP} 148 # 149 #Check ACL1_UDP Is Created 150 # Check ACL Reply agent_vpp_1 ${ACL3_NAME} ${REPLY_DATA_FOLDER}/reply_acl3_UDP.txt ${REPLY_DATA_FOLDER}/reply_acl3_UDP_term.txt 151 # 152 #Show ACLs on VPP 153 # vpp_term: Show ACL agent_vpp_1 154 # 155 #Check UDP Not Ping Agent2 -> Agent1 After Disabling 156 # linux: UDPPingNot node_2 10.0.0.10 ${UDP_PORT} 157 # 158 #Check UDP Not Ping Agent1 -> Agent2 After Disabling 159 # linux: UDPPingNot node_1 10.0.0.11 ${UDP_PORT} 160 # 161 #Check TCP Not Ping Agent1 -> Agent2 162 # linux: TCPPingNot node_1 10.0.0.11 ${TCP_PORT} 163 # 164 #Check TCP Not Ping Agent2 -> Agent1 165 # linux: TCPPingNot node_2 10.0.0.10 ${TCP_PORT} 166 # 167 #Remove Agent Nodes 168 # Remove All Nodes 169 # Sleep ${RESYNC_SLEEP} 170 # 171 #Start Agent Nodes Again 172 # Add Agent VPP Node agent_vpp_1 vswitch=${TRUE} 173 # Add Agent Node node_1 174 # Add Agent Node node_2 175 # Sleep ${SYNC_SLEEP} 176 # 177 #Check AfPackets On Vswitch After Resync 178 # vat_term: Check Afpacket Interface State agent_vpp_1 IF_AFPIF_VSWITCH_node_1_node1_veth enabled=1 179 # vat_term: Check Afpacket Interface State agent_vpp_1 IF_AFPIF_VSWITCH_node_2_node2_veth enabled=1 180 # 181 #Check Veth Interface On Agent1 After Resync 182 # linux: Interface With IP Is Created node_1 mac=${AGENT1_VETH_MAC} ipv4=10.0.0.10/24 183 # # status check not implemented in linux plugin 184 # #linux: Check Veth Interface State agent_vpp_1 agent1_veth mac=${AGENT1_VETH_MAC} ipv4=10.0.0.10/24 mtu=1500 state=up 185 # 186 #Check Veth Interface On Agent2 After Resync 187 # linux: Interface With IP Is Created node_2 mac=${AGENT2_VETH_MAC} ipv4=10.0.0.11/24 188 # # status check not implemented in linux plugin 189 # #linux: Check Veth Interface State agent_vpp_1 agent2_veth mac=${AGENT2_VETH_MAC} ipv4=10.0.0.11/24 mtu=1500 state=up 190 # 191 #Check Bridge Domain Is Created After Resync 192 # vat_term: BD Is Created agent_vpp_1 IF_AFPIF_VSWITCH_node_1_node1_veth IF_AFPIF_VSWITCH_node_2_node2_veth 193 # 194 #Show All Objects After Resync 195 # Show Interfaces And Other Objects 196 # 197 #Show ACLs on VPP After Resync 198 # vpp_term: Show ACL agent_vpp_1 199 # 200 #Start TCP And UDP Listeners After Resync 201 # Start UDP and TCP Ping Servers 202 # 203 #Check Ping Agent1 -> Agent2 After Resync 204 # linux: Check Ping node_1 10.0.0.11 205 # 206 #Check Ping Agent2 -> Agent1 After Resync 207 # linux: Check Ping node_2 10.0.0.10 208 # 209 #Check UDP Not Ping Agent1 -> Agent2 After Resync 210 # linux: UDPPingNot node_1 10.0.0.11 ${UDP_PORT} 211 # 212 #Check UDP Not Ping Agent2 -> Agent1 After Resync 213 # linux: UDPPingNot node_2 10.0.0.10 ${UDP_PORT} 214 # 215 #Check TCP Not Ping Agent1 -> Agent2 After Resync 216 # linux: TCPPingNot node_1 10.0.0.11 ${TCP_PORT} 217 # 218 #Check TCP Not Ping Agent2 -> Agent1 After Resync 219 # linux: TCPPingNot node_2 10.0.0.10 ${TCP_PORT} 220 221 Done 222 [Tags] debug 223 No Operation 224 225 226 Remove Agent Nodes Again 227 Remove All Nodes 228 229 *** Keywords *** 230 Show Interfaces And Other Objects 231 vpp_term: Show Interfaces agent_vpp_1 232 Write To Machine agent_vpp_1_term show int addr 233 Write To Machine agent_vpp_1_term show h 234 Write To Machine agent_vpp_1_term show br 235 Write To Machine agent_vpp_1_term show br 1 detail 236 Write To Machine agent_vpp_1_term show err 237 vpp_term: Show L2fib agent_vpp_1 238 vpp_term: Show IP Fib Table agent_vpp_1 0 239 vpp_term: Show IP Fib agent_vpp_1 240 vat_term: Interfaces Dump agent_vpp_1 241 Execute In Container agent_vpp_1 ip a 242 Execute In Container node_1 ip a 243 Execute In Container node_2 ip a 244 linux: Check Processes on Node node_1 245 linux: Check Processes on Node node_2 246 Make Datastore Snapshots before_resync 247 248 Start UDP and TCP Ping Servers 249 linux: Run TCP Ping Server On Node node_1 ${TCP_PORT} 250 linux: Run UDP Ping Server On Node node_1 ${UDP_PORT} 251 linux: Run TCP Ping Server On Node node_2 ${TCP_PORT} 252 linux: Run UDP Ping Server On Node node_2 ${UDP_PORT} 253 linux: Check Processes on Node node_1 254 linux: Check Processes on Node node_2 255 Sleep ${SYNC_SLEEP} 256 257 258 TestSetup 259 Make Datastore Snapshots ${TEST_NAME}_test_setup 260 261 TestTeardown 262 Make Datastore Snapshots ${TEST_NAME}_test_teardown 263 264 Suite Cleanup 265 Stop SFC Controller Container 266 Testsuite Teardown