| import socket |
| |
| import scapy.compat |
| from scapy.layers.inet import IP, UDP |
| from scapy.layers.inet6 import IPv6 |
| from scapy.layers.l2 import Ether, GRE |
| from scapy.packet import Raw |
| from scapy.data import IP_PROTOS |
| |
| from framework import VppTestCase |
| from util import ppp |
| from vpp_ip_route import VppIpRoute, VppRoutePath |
| from vpp_ip import INVALID_INDEX |
| from config import config |
| import unittest |
| |
| """ TestLB is a subclass of VPPTestCase classes. |
| |
| TestLB class defines Load Balancer test cases for: |
| - IP4 to GRE4 encap on per-port vip case |
| - IP4 to GRE6 encap on per-port vip case |
| - IP6 to GRE4 encap on per-port vip case |
| - IP6 to GRE6 encap on per-port vip case |
| - IP4 to L3DSR encap on vip case |
| - IP4 to L3DSR encap on per-port vip case |
| - IP4 to L3DSR encap on per-port vip with src_ip_sticky case |
| - IP4 to NAT4 encap on per-port vip case |
| - IP6 to NAT6 encap on per-port vip case |
| |
| As stated in comments below, GRE has issues with IPv6. |
| All test cases involving IPv6 are executed, but |
| received packets are not parsed and checked. |
| |
| """ |
| |
| |
| @unittest.skipIf("lb" in config.excluded_plugins, "Exclude LB plugin tests") |
| class TestLB(VppTestCase): |
| """Load Balancer Test Case""" |
| |
| @classmethod |
| def setUpClass(cls): |
| super(TestLB, cls).setUpClass() |
| |
| cls.ass = range(5) |
| cls.packets = range(100) |
| |
| try: |
| cls.create_pg_interfaces(range(2)) |
| cls.interfaces = list(cls.pg_interfaces) |
| |
| for i in cls.interfaces: |
| i.admin_up() |
| i.config_ip4() |
| i.config_ip6() |
| i.disable_ipv6_ra() |
| i.resolve_arp() |
| i.resolve_ndp() |
| |
| dst4 = VppIpRoute( |
| cls, |
| "10.0.0.0", |
| 24, |
| [VppRoutePath(cls.pg1.remote_ip4, INVALID_INDEX)], |
| register=False, |
| ) |
| dst4.add_vpp_config() |
| dst6 = VppIpRoute( |
| cls, |
| "2002::", |
| 16, |
| [VppRoutePath(cls.pg1.remote_ip6, INVALID_INDEX)], |
| register=False, |
| ) |
| dst6.add_vpp_config() |
| cls.vapi.lb_conf(ip4_src_address="39.40.41.42", ip6_src_address="2004::1") |
| except Exception: |
| super(TestLB, cls).tearDownClass() |
| raise |
| |
| @classmethod |
| def tearDownClass(cls): |
| super(TestLB, cls).tearDownClass() |
| |
| def tearDown(self): |
| super(TestLB, self).tearDown() |
| |
| def show_commands_at_teardown(self): |
| self.logger.info(self.vapi.cli("show lb vip verbose")) |
| |
| def getIPv4Flow(self, id): |
| return IP( |
| dst="90.0.%u.%u" % (id / 255, id % 255), |
| src="40.0.%u.%u" % (id / 255, id % 255), |
| ) / UDP(sport=10000 + id, dport=20000) |
| |
| def getIPv6Flow(self, id): |
| return IPv6(dst="2001::%u" % (id), src="fd00:f00d:ffff::%u" % (id)) / UDP( |
| sport=10000 + id, dport=20000 |
| ) |
| |
| def generatePackets(self, src_if, isv4): |
| self.reset_packet_infos() |
| pkts = [] |
| for pktid in self.packets: |
| info = self.create_packet_info(src_if, self.pg1) |
| payload = self.info_to_payload(info) |
| ip = self.getIPv4Flow(pktid) if isv4 else self.getIPv6Flow(pktid) |
| packet = ( |
| Ether(dst=src_if.local_mac, src=src_if.remote_mac) / ip / Raw(payload) |
| ) |
| self.extend_packet(packet, 128) |
| info.data = packet.copy() |
| pkts.append(packet) |
| return pkts |
| |
| def checkInner(self, gre, isv4): |
| IPver = IP if isv4 else IPv6 |
| self.assertEqual(gre.proto, 0x0800 if isv4 else 0x86DD) |
| self.assertEqual(gre.flags, 0) |
| self.assertEqual(gre.version, 0) |
| inner = IPver(scapy.compat.raw(gre.payload)) |
| payload_info = self.payload_to_info(inner[Raw]) |
| self.info = self.packet_infos[payload_info.index] |
| self.assertEqual(payload_info.src, self.pg0.sw_if_index) |
| self.assertEqual( |
| scapy.compat.raw(inner), scapy.compat.raw(self.info.data[IPver]) |
| ) |
| |
| def checkCapture(self, encap, isv4, src_ip_sticky=False): |
| self.pg0.assert_nothing_captured() |
| out = self.pg1.get_capture(len(self.packets)) |
| |
| load = [0] * len(self.ass) |
| sticky_as = {} |
| self.info = None |
| for p in out: |
| try: |
| asid = 0 |
| gre = None |
| if encap == "gre4": |
| ip = p[IP] |
| asid = int(ip.dst.split(".")[3]) |
| self.assertEqual(ip.version, 4) |
| self.assertEqual(ip.flags, 0) |
| self.assertEqual(ip.src, "39.40.41.42") |
| self.assertEqual(ip.dst, "10.0.0.%u" % asid) |
| self.assertEqual(ip.proto, 47) |
| self.assertEqual(len(ip.options), 0) |
| gre = p[GRE] |
| self.checkInner(gre, isv4) |
| elif encap == "gre6": |
| ip = p[IPv6] |
| asid = ip.dst.split(":") |
| asid = asid[len(asid) - 1] |
| asid = 0 if asid == "" else int(asid) |
| self.assertEqual(ip.version, 6) |
| self.assertEqual(ip.tc, 0) |
| self.assertEqual(ip.fl, 0) |
| self.assertEqual(ip.src, "2004::1") |
| self.assertEqual( |
| socket.inet_pton(socket.AF_INET6, ip.dst), |
| socket.inet_pton(socket.AF_INET6, "2002::%u" % asid), |
| ) |
| self.assertEqual(ip.nh, 47) |
| # self.assertEqual(len(ip.options), 0) |
| gre = GRE(scapy.compat.raw(p[IPv6].payload)) |
| self.checkInner(gre, isv4) |
| elif encap == "l3dsr": |
| ip = p[IP] |
| asid = int(ip.dst.split(".")[3]) |
| self.assertEqual(ip.version, 4) |
| self.assertEqual(ip.flags, 0) |
| self.assertEqual(ip.dst, "10.0.0.%u" % asid) |
| self.assertEqual(ip.tos, 0x1C) |
| self.assertEqual(len(ip.options), 0) |
| self.assert_ip_checksum_valid(p) |
| if ip.proto == IP_PROTOS.tcp: |
| self.assert_tcp_checksum_valid(p) |
| elif ip.proto == IP_PROTOS.udp: |
| self.assert_udp_checksum_valid(p) |
| elif encap == "nat4": |
| ip = p[IP] |
| asid = int(ip.dst.split(".")[3]) |
| self.assertEqual(ip.version, 4) |
| self.assertEqual(ip.flags, 0) |
| self.assertEqual(ip.dst, "10.0.0.%u" % asid) |
| self.assertEqual(ip.proto, 17) |
| self.assertEqual(len(ip.options), 0) |
| udp = p[UDP] |
| self.assertEqual(udp.dport, 3307) |
| elif encap == "nat6": |
| ip = p[IPv6] |
| asid = ip.dst.split(":") |
| asid = asid[len(asid) - 1] |
| asid = 0 if asid == "" else int(asid) |
| self.assertEqual(ip.version, 6) |
| self.assertEqual(ip.tc, 0) |
| self.assertEqual(ip.fl, 0) |
| self.assertEqual( |
| socket.inet_pton(socket.AF_INET6, ip.dst), |
| socket.inet_pton(socket.AF_INET6, "2002::%u" % asid), |
| ) |
| self.assertEqual(ip.nh, 17) |
| self.assertGreaterEqual(ip.hlim, 63) |
| udp = UDP(scapy.compat.raw(p[IPv6].payload)) |
| self.assertEqual(udp.dport, 3307) |
| load[asid] += 1 |
| |
| # In case of source ip sticky, check that packets with same |
| # src_ip are routed to same as. |
| if src_ip_sticky and sticky_as.get(ip.src, asid) != asid: |
| raise Exception("Packets with same src_ip are routed to another as") |
| sticky_as[ip.src] = asid |
| |
| except: |
| self.logger.error(ppp("Unexpected or invalid packet:", p)) |
| raise |
| |
| # This is just to roughly check that the balancing algorithm |
| # is not completely biased. |
| for asid in self.ass: |
| if load[asid] < int(len(self.packets) / (len(self.ass) * 2)): |
| self.logger.error( |
| "ASS is not balanced: load[%d] = %d" % (asid, load[asid]) |
| ) |
| raise Exception("Load Balancer algorithm is biased") |
| |
| def test_lb_ip4_gre4(self): |
| """Load Balancer IP4 GRE4 on vip case""" |
| try: |
| self.vapi.cli("lb vip 90.0.0.0/8 encap gre4") |
| for asid in self.ass: |
| self.vapi.cli("lb as 90.0.0.0/8 10.0.0.%u" % (asid)) |
| |
| self.pg0.add_stream(self.generatePackets(self.pg0, isv4=True)) |
| self.pg_enable_capture(self.pg_interfaces) |
| self.pg_start() |
| self.checkCapture(encap="gre4", isv4=True) |
| |
| finally: |
| for asid in self.ass: |
| self.vapi.cli("lb as 90.0.0.0/8 10.0.0.%u del" % (asid)) |
| self.vapi.cli("lb vip 90.0.0.0/8 encap gre4 del") |
| self.vapi.cli("test lb flowtable flush") |
| |
| def test_lb_ip6_gre4(self): |
| """Load Balancer IP6 GRE4 on vip case""" |
| |
| try: |
| self.vapi.cli("lb vip 2001::/16 encap gre4") |
| for asid in self.ass: |
| self.vapi.cli("lb as 2001::/16 10.0.0.%u" % (asid)) |
| |
| self.pg0.add_stream(self.generatePackets(self.pg0, isv4=False)) |
| self.pg_enable_capture(self.pg_interfaces) |
| self.pg_start() |
| |
| self.checkCapture(encap="gre4", isv4=False) |
| finally: |
| for asid in self.ass: |
| self.vapi.cli("lb as 2001::/16 10.0.0.%u del" % (asid)) |
| self.vapi.cli("lb vip 2001::/16 encap gre4 del") |
| self.vapi.cli("test lb flowtable flush") |
| |
| def test_lb_ip4_gre6(self): |
| """Load Balancer IP4 GRE6 on vip case""" |
| try: |
| self.vapi.cli("lb vip 90.0.0.0/8 encap gre6") |
| for asid in self.ass: |
| self.vapi.cli("lb as 90.0.0.0/8 2002::%u" % (asid)) |
| |
| self.pg0.add_stream(self.generatePackets(self.pg0, isv4=True)) |
| self.pg_enable_capture(self.pg_interfaces) |
| self.pg_start() |
| |
| self.checkCapture(encap="gre6", isv4=True) |
| finally: |
| for asid in self.ass: |
| self.vapi.cli("lb as 90.0.0.0/8 2002::%u del" % (asid)) |
| self.vapi.cli("lb vip 90.0.0.0/8 encap gre6 del") |
| self.vapi.cli("test lb flowtable flush") |
| |
| def test_lb_ip6_gre6(self): |
| """Load Balancer IP6 GRE6 on vip case""" |
| try: |
| self.vapi.cli("lb vip 2001::/16 encap gre6") |
| for asid in self.ass: |
| self.vapi.cli("lb as 2001::/16 2002::%u" % (asid)) |
| |
| self.pg0.add_stream(self.generatePackets(self.pg0, isv4=False)) |
| self.pg_enable_capture(self.pg_interfaces) |
| self.pg_start() |
| |
| self.checkCapture(encap="gre6", isv4=False) |
| finally: |
| for asid in self.ass: |
| self.vapi.cli("lb as 2001::/16 2002::%u del" % (asid)) |
| self.vapi.cli("lb vip 2001::/16 encap gre6 del") |
| self.vapi.cli("test lb flowtable flush") |
| |
| def test_lb_ip4_gre4_port(self): |
| """Load Balancer IP4 GRE4 on per-port-vip case""" |
| try: |
| self.vapi.cli("lb vip 90.0.0.0/8 protocol udp port 20000 encap gre4") |
| for asid in self.ass: |
| self.vapi.cli( |
| "lb as 90.0.0.0/8 protocol udp port 20000 10.0.0.%u" % (asid) |
| ) |
| |
| self.pg0.add_stream(self.generatePackets(self.pg0, isv4=True)) |
| self.pg_enable_capture(self.pg_interfaces) |
| self.pg_start() |
| self.checkCapture(encap="gre4", isv4=True) |
| |
| finally: |
| for asid in self.ass: |
| self.vapi.cli( |
| "lb as 90.0.0.0/8 protocol udp port 20000 10.0.0.%u del" % (asid) |
| ) |
| self.vapi.cli("lb vip 90.0.0.0/8 protocol udp port 20000 encap gre4 del") |
| self.vapi.cli("test lb flowtable flush") |
| |
| def test_lb_ip6_gre4_port(self): |
| """Load Balancer IP6 GRE4 on per-port-vip case""" |
| |
| try: |
| self.vapi.cli("lb vip 2001::/16 protocol udp port 20000 encap gre4") |
| for asid in self.ass: |
| self.vapi.cli( |
| "lb as 2001::/16 protocol udp port 20000 10.0.0.%u" % (asid) |
| ) |
| |
| self.pg0.add_stream(self.generatePackets(self.pg0, isv4=False)) |
| self.pg_enable_capture(self.pg_interfaces) |
| self.pg_start() |
| |
| self.checkCapture(encap="gre4", isv4=False) |
| finally: |
| for asid in self.ass: |
| self.vapi.cli( |
| "lb as 2001::/16 protocol udp port 20000 10.0.0.%u del" % (asid) |
| ) |
| self.vapi.cli("lb vip 2001::/16 protocol udp port 20000 encap gre4 del") |
| self.vapi.cli("test lb flowtable flush") |
| |
| def test_lb_ip4_gre6_port(self): |
| """Load Balancer IP4 GRE6 on per-port-vip case""" |
| try: |
| self.vapi.cli("lb vip 90.0.0.0/8 protocol udp port 20000 encap gre6") |
| for asid in self.ass: |
| self.vapi.cli( |
| "lb as 90.0.0.0/8 protocol udp port 20000 2002::%u" % (asid) |
| ) |
| |
| self.pg0.add_stream(self.generatePackets(self.pg0, isv4=True)) |
| self.pg_enable_capture(self.pg_interfaces) |
| self.pg_start() |
| |
| self.checkCapture(encap="gre6", isv4=True) |
| finally: |
| for asid in self.ass: |
| self.vapi.cli( |
| "lb as 90.0.0.0/8 protocol udp port 20000 2002::%u del" % (asid) |
| ) |
| self.vapi.cli("lb vip 90.0.0.0/8 protocol udp port 20000 encap gre6 del") |
| self.vapi.cli("test lb flowtable flush") |
| |
| def test_lb_ip6_gre6_port(self): |
| """Load Balancer IP6 GRE6 on per-port-vip case""" |
| try: |
| self.vapi.cli("lb vip 2001::/16 protocol udp port 20000 encap gre6") |
| for asid in self.ass: |
| self.vapi.cli( |
| "lb as 2001::/16 protocol udp port 20000 2002::%u" % (asid) |
| ) |
| |
| self.pg0.add_stream(self.generatePackets(self.pg0, isv4=False)) |
| self.pg_enable_capture(self.pg_interfaces) |
| self.pg_start() |
| |
| self.checkCapture(encap="gre6", isv4=False) |
| finally: |
| for asid in self.ass: |
| self.vapi.cli( |
| "lb as 2001::/16 protocol udp port 20000 2002::%u del" % (asid) |
| ) |
| self.vapi.cli("lb vip 2001::/16 protocol udp port 20000 encap gre6 del") |
| self.vapi.cli("test lb flowtable flush") |
| |
| def test_lb_ip4_l3dsr(self): |
| """Load Balancer IP4 L3DSR on vip case""" |
| try: |
| self.vapi.cli("lb vip 90.0.0.0/8 encap l3dsr dscp 7") |
| for asid in self.ass: |
| self.vapi.cli("lb as 90.0.0.0/8 10.0.0.%u" % (asid)) |
| |
| self.pg0.add_stream(self.generatePackets(self.pg0, isv4=True)) |
| self.pg_enable_capture(self.pg_interfaces) |
| self.pg_start() |
| self.checkCapture(encap="l3dsr", isv4=True) |
| |
| finally: |
| for asid in self.ass: |
| self.vapi.cli("lb as 90.0.0.0/8 10.0.0.%u del" % (asid)) |
| self.vapi.cli("lb vip 90.0.0.0/8 encap l3dsr dscp 7 del") |
| self.vapi.cli("test lb flowtable flush") |
| |
| def test_lb_ip4_l3dsr_src_ip_sticky(self): |
| """Load Balancer IP4 L3DSR on vip with src_ip_sticky case""" |
| try: |
| self.vapi.cli("lb vip 90.0.0.0/8 encap l3dsr dscp 7 src_ip_sticky") |
| for asid in self.ass: |
| self.vapi.cli("lb as 90.0.0.0/8 10.0.0.%u" % (asid)) |
| |
| # Generate duplicated packets |
| pkts = self.generatePackets(self.pg0, isv4=True) |
| pkts = pkts[: len(pkts) // 2] |
| pkts = pkts + pkts |
| |
| self.pg0.add_stream(pkts) |
| self.pg_enable_capture(self.pg_interfaces) |
| self.pg_start() |
| self.checkCapture(encap="l3dsr", isv4=True, src_ip_sticky=True) |
| |
| finally: |
| for asid in self.ass: |
| self.vapi.cli("lb as 90.0.0.0/8 10.0.0.%u del" % (asid)) |
| self.vapi.cli("lb vip 90.0.0.0/8 encap l3dsr dscp 7 src_ip_sticky del") |
| self.vapi.cli("test lb flowtable flush") |
| |
| def test_lb_ip4_l3dsr_port(self): |
| """Load Balancer IP4 L3DSR on per-port-vip case""" |
| try: |
| self.vapi.cli( |
| "lb vip 90.0.0.0/8 protocol udp port 20000 encap l3dsr dscp 7" |
| ) |
| for asid in self.ass: |
| self.vapi.cli( |
| "lb as 90.0.0.0/8 protocol udp port 20000 10.0.0.%u" % (asid) |
| ) |
| |
| self.pg0.add_stream(self.generatePackets(self.pg0, isv4=True)) |
| self.pg_enable_capture(self.pg_interfaces) |
| self.pg_start() |
| self.checkCapture(encap="l3dsr", isv4=True) |
| |
| finally: |
| for asid in self.ass: |
| self.vapi.cli( |
| "lb as 90.0.0.0/8 protocol udp port 20000 10.0.0.%u del" % (asid) |
| ) |
| self.vapi.cli( |
| "lb vip 90.0.0.0/8 protocol udp port 20000 encap l3dsr dscp 7 del" |
| ) |
| self.vapi.cli("test lb flowtable flush") |
| |
| def test_lb_ip4_l3dsr_port_src_ip_sticky(self): |
| """Load Balancer IP4 L3DSR on per-port-vip with src_ip_sticky case""" |
| try: |
| # This VIP at port 1000 does not receive packets, but is defined |
| # as a dummy to verify that the src_ip_sticky flag can be set |
| # independently for each port. |
| self.vapi.cli( |
| "lb vip 90.0.0.0/8 protocol udp port 10000 encap l3dsr dscp 7" |
| ) |
| self.vapi.cli( |
| "lb vip 90.0.0.0/8 protocol udp port 20000 encap l3dsr dscp 7 src_ip_sticky" |
| ) |
| for asid in self.ass: |
| self.vapi.cli( |
| "lb as 90.0.0.0/8 protocol udp port 20000 10.0.0.%u" % (asid) |
| ) |
| |
| # Generate duplicated packets |
| pkts = self.generatePackets(self.pg0, isv4=True) |
| pkts = pkts[: len(pkts) // 2] |
| pkts = pkts + pkts |
| |
| self.pg0.add_stream(pkts) |
| self.pg_enable_capture(self.pg_interfaces) |
| self.pg_start() |
| self.checkCapture(encap="l3dsr", isv4=True, src_ip_sticky=True) |
| |
| finally: |
| for asid in self.ass: |
| self.vapi.cli( |
| "lb as 90.0.0.0/8 protocol udp port 20000 10.0.0.%u del" % (asid) |
| ) |
| self.vapi.cli( |
| "lb vip 90.0.0.0/8 protocol udp port 20000 encap l3dsr dscp 7 src_ip_sticky del" |
| ) |
| self.vapi.cli( |
| "lb vip 90.0.0.0/8 protocol udp port 10000 encap l3dsr dscp 7 del" |
| ) |
| self.vapi.cli("test lb flowtable flush") |
| |
| def test_lb_ip4_nat4_port(self): |
| """Load Balancer IP4 NAT4 on per-port-vip case""" |
| try: |
| self.vapi.cli( |
| "lb vip 90.0.0.0/8 protocol udp port 20000 encap nat4" |
| " type clusterip target_port 3307" |
| ) |
| for asid in self.ass: |
| self.vapi.cli( |
| "lb as 90.0.0.0/8 protocol udp port 20000 10.0.0.%u" % (asid) |
| ) |
| |
| self.pg0.add_stream(self.generatePackets(self.pg0, isv4=True)) |
| self.pg_enable_capture(self.pg_interfaces) |
| self.pg_start() |
| self.checkCapture(encap="nat4", isv4=True) |
| |
| finally: |
| for asid in self.ass: |
| self.vapi.cli( |
| "lb as 90.0.0.0/8 protocol udp port 20000 10.0.0.%u del" % (asid) |
| ) |
| self.vapi.cli( |
| "lb vip 90.0.0.0/8 protocol udp port 20000 encap nat4" |
| " type clusterip target_port 3307 del" |
| ) |
| self.vapi.cli("test lb flowtable flush") |
| |
| def test_lb_ip6_nat6_port(self): |
| """Load Balancer IP6 NAT6 on per-port-vip case""" |
| try: |
| self.vapi.cli( |
| "lb vip 2001::/16 protocol udp port 20000 encap nat6" |
| " type clusterip target_port 3307" |
| ) |
| for asid in self.ass: |
| self.vapi.cli( |
| "lb as 2001::/16 protocol udp port 20000 2002::%u" % (asid) |
| ) |
| |
| self.pg0.add_stream(self.generatePackets(self.pg0, isv4=False)) |
| self.pg_enable_capture(self.pg_interfaces) |
| self.pg_start() |
| self.checkCapture(encap="nat6", isv4=False) |
| |
| finally: |
| for asid in self.ass: |
| self.vapi.cli( |
| "lb as 2001::/16 protocol udp port 20000 2002::%u del" % (asid) |
| ) |
| self.vapi.cli( |
| "lb vip 2001::/16 protocol udp port 20000 encap nat6" |
| " type clusterip target_port 3307 del" |
| ) |
| self.vapi.cli("test lb flowtable flush") |