VPP-719: Accept ARP replies from VRRP hw addr
Check whether an ARP src hw addr starts with 00:00:5e:00:01
before rejecting due to a mismatch between ARP src hw addr
and ethernet frame src addr.
Change-Id: Ia3ecd5d6dba34876aca8d90bc622a0a1397e48fb
Signed-off-by: Matthew Smith <mgsmith@netgate.com>
diff --git a/test/test_neighbor.py b/test/test_neighbor.py
index 48c6a29..67d64a2 100644
--- a/test/test_neighbor.py
+++ b/test/test_neighbor.py
@@ -87,6 +87,24 @@
self.assertEqual(arp.psrc, sip)
self.assertEqual(arp.pdst, dip)
+ def verify_arp_vrrp_resp(self, rx, smac, dmac, sip, dip):
+ ether = rx[Ether]
+ self.assertEqual(ether.dst, dmac)
+ self.assertEqual(ether.src, smac)
+
+ arp = rx[ARP]
+ self.assertEqual(arp.hwtype, 1)
+ self.assertEqual(arp.ptype, 0x800)
+ self.assertEqual(arp.hwlen, 6)
+ self.assertEqual(arp.plen, 4)
+ self.assertEqual(arp.op, arp_opts["is-at"])
+ self.assertNotEqual(arp.hwsrc, smac)
+ self.assertTrue("00:00:5e:00:01" in arp.hwsrc or
+ "00:00:5E:00:01" in arp.hwsrc)
+ self.assertEqual(arp.hwdst, dmac)
+ self.assertEqual(arp.psrc, sip)
+ self.assertEqual(arp.pdst, dip)
+
def verify_ip(self, rx, smac, dmac, sip, dip):
ether = rx[Ether]
self.assertEqual(ether.dst, dmac)
@@ -737,5 +755,62 @@
"10.0.0.1")
self.pg2.unconfig_ip4()
+ def test_arp_vrrp(self):
+ """ ARP reply with VRRP virtual src hw addr """
+
+ #
+ # IP packet destined for pg1 remote host arrives on pg0 resulting
+ # in an ARP request for the address of the remote host on pg1
+ #
+ p0 = (Ether(dst=self.pg0.local_mac, src=self.pg0.remote_mac) /
+ IP(src=self.pg0.remote_ip4, dst=self.pg1.remote_ip4) /
+ UDP(sport=1234, dport=1234) /
+ Raw())
+
+ self.pg0.add_stream(p0)
+ self.pg_enable_capture(self.pg_interfaces)
+ self.pg_start()
+
+ rx1 = self.pg1.get_capture(1)
+
+ self.verify_arp_req(rx1[0],
+ self.pg1.local_mac,
+ self.pg1.local_ip4,
+ self.pg1.remote_ip4)
+
+ #
+ # ARP reply for address of pg1 remote host arrives on pg1 with
+ # the hw src addr set to a value in the VRRP IPv4 range of
+ # MAC addresses
+ #
+ p1 = (Ether(dst=self.pg1.local_mac, src=self.pg1.remote_mac) /
+ ARP(op="is-at", hwdst=self.pg1.local_mac,
+ hwsrc="00:00:5e:00:01:09", pdst=self.pg1.local_ip4,
+ psrc=self.pg1.remote_ip4))
+
+ self.pg1.add_stream(p1)
+ self.pg_enable_capture(self.pg_interfaces)
+ self.pg_start()
+
+ #
+ # IP packet destined for pg1 remote host arrives on pg0 again.
+ # VPP should have an ARP entry for that address now and the packet
+ # should be sent out pg1.
+ #
+ self.pg0.add_stream(p0)
+ self.pg_enable_capture(self.pg_interfaces)
+ self.pg_start()
+
+ rx1 = self.pg1.get_capture(1)
+
+ self.verify_ip(rx1[0],
+ self.pg1.local_mac,
+ "00:00:5e:00:01:09",
+ self.pg0.remote_ip4,
+ self.pg1.remote_ip4)
+
+ self.pg1.admin_down()
+ self.pg1.admin_up()
+
if __name__ == '__main__':
unittest.main(testRunner=VppTestRunner)