blob: 2efa9a7e244dbb1de80b7bf6f77859176321d0f1 [file] [log] [blame]
Neale Rannsfca0c242017-01-13 07:57:46 -08001#!/usr/bin/env python
2
3import unittest
4import socket
Neale Ranns3466c302017-02-16 07:45:03 -08005import struct
Neale Rannsfca0c242017-01-13 07:57:46 -08006
John Lo70bfcaf2017-11-14 13:19:26 -05007from framework import VppTestCase, VppTestRunner, running_extended_tests
Neale Ranns3466c302017-02-16 07:45:03 -08008from vpp_neighbor import VppNeighbor
Neale Ranns15002542017-09-10 04:39:11 -07009from vpp_ip_route import find_route, VppIpTable
Neale Ranns2a3ea492017-04-19 05:24:40 -070010from util import mk_ll_addr
Neale Ranns51822bf2017-07-18 09:26:53 -070011from scapy.layers.l2 import Ether, getmacbyip, ARP
Neale Rannsfca0c242017-01-13 07:57:46 -080012from scapy.layers.inet import IP, UDP, ICMP
Neale Ranns2bc94022018-02-25 12:27:18 -080013from scapy.layers.inet6 import IPv6, in6_getnsmac
14from scapy.utils6 import in6_mactoifaceid
Neale Rannsfca0c242017-01-13 07:57:46 -080015from scapy.layers.dhcp import DHCP, BOOTP, DHCPTypes
16from scapy.layers.dhcp6 import DHCP6, DHCP6_Solicit, DHCP6_RelayForward, \
17 DHCP6_RelayReply, DHCP6_Advertise, DHCP6OptRelayMsg, DHCP6OptIfaceId, \
Neale Ranns3466c302017-02-16 07:45:03 -080018 DHCP6OptStatusCode, DHCP6OptVSS, DHCP6OptClientLinkLayerAddr, DHCP6_Request
Neale Rannsfca0c242017-01-13 07:57:46 -080019from socket import AF_INET, AF_INET6
20from scapy.utils import inet_pton, inet_ntop
21from scapy.utils6 import in6_ptop
Ole Troan8006c6a2018-12-17 12:02:26 +010022from vpp_papi import mac_pton
Neale Rannsfca0c242017-01-13 07:57:46 -080023
24DHCP4_CLIENT_PORT = 68
25DHCP4_SERVER_PORT = 67
26DHCP6_CLIENT_PORT = 547
27DHCP6_SERVER_PORT = 546
28
29
Neale Rannsfca0c242017-01-13 07:57:46 -080030class TestDHCP(VppTestCase):
31 """ DHCP Test Case """
32
33 def setUp(self):
34 super(TestDHCP, self).setUp()
35
John Lo70bfcaf2017-11-14 13:19:26 -050036 # create 6 pg interfaces for pg0 to pg5
37 self.create_pg_interfaces(range(6))
Neale Ranns15002542017-09-10 04:39:11 -070038 self.tables = []
Neale Rannsfca0c242017-01-13 07:57:46 -080039
John Lo70bfcaf2017-11-14 13:19:26 -050040 # pg0 to 2 are IP configured in VRF 0, 1 and 2.
41 # pg3 to 5 are non IP-configured in VRF 0, 1 and 2.
Neale Rannsfca0c242017-01-13 07:57:46 -080042 table_id = 0
Neale Ranns15002542017-09-10 04:39:11 -070043 for table_id in range(1, 4):
44 tbl4 = VppIpTable(self, table_id)
45 tbl4.add_vpp_config()
46 self.tables.append(tbl4)
47 tbl6 = VppIpTable(self, table_id, is_ip6=1)
48 tbl6.add_vpp_config()
49 self.tables.append(tbl6)
50
51 table_id = 0
John Lo70bfcaf2017-11-14 13:19:26 -050052 for i in self.pg_interfaces[:3]:
Neale Rannsfca0c242017-01-13 07:57:46 -080053 i.admin_up()
54 i.set_table_ip4(table_id)
55 i.set_table_ip6(table_id)
56 i.config_ip4()
57 i.resolve_arp()
58 i.config_ip6()
59 i.resolve_ndp()
60 table_id += 1
61
62 table_id = 0
John Lo70bfcaf2017-11-14 13:19:26 -050063 for i in self.pg_interfaces[3:]:
Neale Rannsfca0c242017-01-13 07:57:46 -080064 i.admin_up()
65 i.set_table_ip4(table_id)
66 i.set_table_ip6(table_id)
67 table_id += 1
68
Neale Ranns4008ac92017-02-13 23:20:04 -080069 def tearDown(self):
John Lo70bfcaf2017-11-14 13:19:26 -050070 for i in self.pg_interfaces[:3]:
Neale Ranns4008ac92017-02-13 23:20:04 -080071 i.unconfig_ip4()
72 i.unconfig_ip6()
Neale Ranns15002542017-09-10 04:39:11 -070073
74 for i in self.pg_interfaces:
75 i.set_table_ip4(0)
76 i.set_table_ip6(0)
Neale Ranns4008ac92017-02-13 23:20:04 -080077 i.admin_down()
Neale Ranns15002542017-09-10 04:39:11 -070078 super(TestDHCP, self).tearDown()
Neale Ranns4008ac92017-02-13 23:20:04 -080079
Neale Rannsa2fbf6b2017-07-18 08:23:32 -070080 def verify_dhcp_has_option(self, pkt, option, value):
81 dhcp = pkt[DHCP]
82 found = False
83
84 for i in dhcp.options:
85 if type(i) is tuple:
86 if i[0] == option:
87 self.assertEqual(i[1], value)
88 found = True
89
90 self.assertTrue(found)
91
John Lo70bfcaf2017-11-14 13:19:26 -050092 def validate_relay_options(self, pkt, intf, ip_addr, vpn_id, fib_id, oui):
Neale Rannsfca0c242017-01-13 07:57:46 -080093 dhcp = pkt[DHCP]
94 found = 0
95 data = []
John Lo70bfcaf2017-11-14 13:19:26 -050096 id_len = len(vpn_id)
Neale Rannsfca0c242017-01-13 07:57:46 -080097
98 for i in dhcp.options:
99 if type(i) is tuple:
100 if i[0] == "relay_agent_Information":
101 #
102 # There are two sb-options present - each of length 6.
103 #
104 data = i[1]
Neale Ranns20a175a2017-02-14 07:28:41 -0800105 if oui != 0:
106 self.assertEqual(len(data), 24)
John Lo70bfcaf2017-11-14 13:19:26 -0500107 elif len(vpn_id) > 0:
108 self.assertEqual(len(data), len(vpn_id)+17)
Neale Ranns20a175a2017-02-14 07:28:41 -0800109 else:
110 self.assertEqual(len(data), 12)
Neale Rannsfca0c242017-01-13 07:57:46 -0800111
112 #
113 # First sub-option is ID 1, len 4, then encoded
114 # sw_if_index. This test uses low valued indicies
115 # so [2:4] are 0.
116 # The ID space is VPP internal - so no matching value
117 # scapy
118 #
119 self.assertEqual(ord(data[0]), 1)
120 self.assertEqual(ord(data[1]), 4)
121 self.assertEqual(ord(data[2]), 0)
122 self.assertEqual(ord(data[3]), 0)
123 self.assertEqual(ord(data[4]), 0)
124 self.assertEqual(ord(data[5]), intf._sw_if_index)
125
126 #
127 # next sub-option is the IP address of the client side
128 # interface.
129 # sub-option ID=5, length (of a v4 address)=4
130 #
131 claddr = socket.inet_pton(AF_INET, ip_addr)
132
133 self.assertEqual(ord(data[6]), 5)
134 self.assertEqual(ord(data[7]), 4)
135 self.assertEqual(data[8], claddr[0])
136 self.assertEqual(data[9], claddr[1])
137 self.assertEqual(data[10], claddr[2])
138 self.assertEqual(data[11], claddr[3])
139
Neale Ranns20a175a2017-02-14 07:28:41 -0800140 if oui != 0:
John Lo70bfcaf2017-11-14 13:19:26 -0500141 # sub-option 151 encodes vss_type 1,
142 # the 3 byte oui and the 4 byte fib_id
143 self.assertEqual(id_len, 0)
Neale Ranns20a175a2017-02-14 07:28:41 -0800144 self.assertEqual(ord(data[12]), 151)
145 self.assertEqual(ord(data[13]), 8)
146 self.assertEqual(ord(data[14]), 1)
147 self.assertEqual(ord(data[15]), 0)
148 self.assertEqual(ord(data[16]), 0)
149 self.assertEqual(ord(data[17]), oui)
150 self.assertEqual(ord(data[18]), 0)
151 self.assertEqual(ord(data[19]), 0)
152 self.assertEqual(ord(data[20]), 0)
153 self.assertEqual(ord(data[21]), fib_id)
154
155 # VSS control sub-option
156 self.assertEqual(ord(data[22]), 152)
157 self.assertEqual(ord(data[23]), 0)
158
John Lo70bfcaf2017-11-14 13:19:26 -0500159 if id_len > 0:
160 # sub-option 151 encode vss_type of 0
161 # followerd by vpn_id in ascii
162 self.assertEqual(oui, 0)
163 self.assertEqual(ord(data[12]), 151)
164 self.assertEqual(ord(data[13]), id_len+1)
165 self.assertEqual(ord(data[14]), 0)
166 self.assertEqual(data[15:15+id_len], vpn_id)
167
168 # VSS control sub-option
169 self.assertEqual(ord(data[15+len(vpn_id)]), 152)
170 self.assertEqual(ord(data[16+len(vpn_id)]), 0)
171
Neale Rannsfca0c242017-01-13 07:57:46 -0800172 found = 1
173 self.assertTrue(found)
174
175 return data
176
Neale Rannsa2fbf6b2017-07-18 08:23:32 -0700177 def verify_dhcp_msg_type(self, pkt, name):
178 dhcp = pkt[DHCP]
179 found = False
180 for o in dhcp.options:
181 if type(o) is tuple:
182 if o[0] == "message-type" \
183 and DHCPTypes[o[1]] == name:
184 found = True
185 self.assertTrue(found)
186
John Lo70bfcaf2017-11-14 13:19:26 -0500187 def verify_dhcp_offer(self, pkt, intf, vpn_id="", fib_id=0, oui=0):
Neale Rannsfca0c242017-01-13 07:57:46 -0800188 ether = pkt[Ether]
189 self.assertEqual(ether.dst, "ff:ff:ff:ff:ff:ff")
190 self.assertEqual(ether.src, intf.local_mac)
191
192 ip = pkt[IP]
193 self.assertEqual(ip.dst, "255.255.255.255")
194 self.assertEqual(ip.src, intf.local_ip4)
195
196 udp = pkt[UDP]
197 self.assertEqual(udp.dport, DHCP4_CLIENT_PORT)
198 self.assertEqual(udp.sport, DHCP4_SERVER_PORT)
199
Neale Rannsa2fbf6b2017-07-18 08:23:32 -0700200 self.verify_dhcp_msg_type(pkt, "offer")
Neale Ranns3466c302017-02-16 07:45:03 -0800201 data = self.validate_relay_options(pkt, intf, intf.local_ip4,
John Lo70bfcaf2017-11-14 13:19:26 -0500202 vpn_id, fib_id, oui)
Neale Rannsfca0c242017-01-13 07:57:46 -0800203
Neale Rannsa2fbf6b2017-07-18 08:23:32 -0700204 def verify_orig_dhcp_pkt(self, pkt, intf):
205 ether = pkt[Ether]
206 self.assertEqual(ether.dst, "ff:ff:ff:ff:ff:ff")
207 self.assertEqual(ether.src, intf.local_mac)
208
209 ip = pkt[IP]
210 self.assertEqual(ip.dst, "255.255.255.255")
211 self.assertEqual(ip.src, "0.0.0.0")
212
213 udp = pkt[UDP]
214 self.assertEqual(udp.dport, DHCP4_SERVER_PORT)
215 self.assertEqual(udp.sport, DHCP4_CLIENT_PORT)
216
Neale Ranns54c6dc42018-01-17 10:29:10 -0800217 def verify_orig_dhcp_discover(self, pkt, intf, hostname, client_id=None,
218 broadcast=1):
Neale Rannsa2fbf6b2017-07-18 08:23:32 -0700219 self.verify_orig_dhcp_pkt(pkt, intf)
220
221 self.verify_dhcp_msg_type(pkt, "discover")
222 self.verify_dhcp_has_option(pkt, "hostname", hostname)
Neale Ranns51822bf2017-07-18 09:26:53 -0700223 if client_id:
224 self.verify_dhcp_has_option(pkt, "client_id", client_id)
Neale Ranns808c5b22017-08-02 05:15:07 -0700225 bootp = pkt[BOOTP]
226 self.assertEqual(bootp.ciaddr, "0.0.0.0")
227 self.assertEqual(bootp.giaddr, "0.0.0.0")
Neale Ranns54c6dc42018-01-17 10:29:10 -0800228 if broadcast:
229 self.assertEqual(bootp.flags, 0x8000)
230 else:
231 self.assertEqual(bootp.flags, 0x0000)
Neale Rannsa2fbf6b2017-07-18 08:23:32 -0700232
Neale Ranns54c6dc42018-01-17 10:29:10 -0800233 def verify_orig_dhcp_request(self, pkt, intf, hostname, ip,
234 broadcast=1):
Neale Rannsa2fbf6b2017-07-18 08:23:32 -0700235 self.verify_orig_dhcp_pkt(pkt, intf)
236
237 self.verify_dhcp_msg_type(pkt, "request")
238 self.verify_dhcp_has_option(pkt, "hostname", hostname)
239 self.verify_dhcp_has_option(pkt, "requested_addr", ip)
Neale Ranns808c5b22017-08-02 05:15:07 -0700240 bootp = pkt[BOOTP]
241 self.assertEqual(bootp.ciaddr, "0.0.0.0")
242 self.assertEqual(bootp.giaddr, "0.0.0.0")
Neale Ranns54c6dc42018-01-17 10:29:10 -0800243 if broadcast:
244 self.assertEqual(bootp.flags, 0x8000)
245 else:
246 self.assertEqual(bootp.flags, 0x0000)
Neale Rannsa2fbf6b2017-07-18 08:23:32 -0700247
248 def verify_relayed_dhcp_discover(self, pkt, intf, src_intf=None,
249 fib_id=0, oui=0,
John Lo70bfcaf2017-11-14 13:19:26 -0500250 vpn_id="",
Neale Rannsa2fbf6b2017-07-18 08:23:32 -0700251 dst_mac=None, dst_ip=None):
Neale Ranns3466c302017-02-16 07:45:03 -0800252 if not dst_mac:
253 dst_mac = intf.remote_mac
254 if not dst_ip:
255 dst_ip = intf.remote_ip4
256
Neale Rannsfca0c242017-01-13 07:57:46 -0800257 ether = pkt[Ether]
Neale Ranns3466c302017-02-16 07:45:03 -0800258 self.assertEqual(ether.dst, dst_mac)
Neale Rannsfca0c242017-01-13 07:57:46 -0800259 self.assertEqual(ether.src, intf.local_mac)
260
261 ip = pkt[IP]
Neale Ranns3466c302017-02-16 07:45:03 -0800262 self.assertEqual(ip.dst, dst_ip)
Neale Rannsfca0c242017-01-13 07:57:46 -0800263 self.assertEqual(ip.src, intf.local_ip4)
264
265 udp = pkt[UDP]
266 self.assertEqual(udp.dport, DHCP4_SERVER_PORT)
267 self.assertEqual(udp.sport, DHCP4_CLIENT_PORT)
268
269 dhcp = pkt[DHCP]
270
271 is_discover = False
272 for o in dhcp.options:
273 if type(o) is tuple:
274 if o[0] == "message-type" \
275 and DHCPTypes[o[1]] == "discover":
276 is_discover = True
277 self.assertTrue(is_discover)
278
Neale Ranns20a175a2017-02-14 07:28:41 -0800279 data = self.validate_relay_options(pkt, src_intf,
280 src_intf.local_ip4,
John Lo70bfcaf2017-11-14 13:19:26 -0500281 vpn_id,
Neale Ranns20a175a2017-02-14 07:28:41 -0800282 fib_id, oui)
283 return data
Neale Rannsfca0c242017-01-13 07:57:46 -0800284
285 def verify_dhcp6_solicit(self, pkt, intf,
286 peer_ip, peer_mac,
John Lo70bfcaf2017-11-14 13:19:26 -0500287 vpn_id="",
Neale Rannsfca0c242017-01-13 07:57:46 -0800288 fib_id=0,
Neale Ranns3466c302017-02-16 07:45:03 -0800289 oui=0,
290 dst_mac=None,
291 dst_ip=None):
292 if not dst_mac:
293 dst_mac = intf.remote_mac
294 if not dst_ip:
295 dst_ip = in6_ptop(intf.remote_ip6)
296
Neale Rannsfca0c242017-01-13 07:57:46 -0800297 ether = pkt[Ether]
Neale Ranns3466c302017-02-16 07:45:03 -0800298 self.assertEqual(ether.dst, dst_mac)
Neale Rannsfca0c242017-01-13 07:57:46 -0800299 self.assertEqual(ether.src, intf.local_mac)
300
301 ip = pkt[IPv6]
Neale Ranns3466c302017-02-16 07:45:03 -0800302 self.assertEqual(in6_ptop(ip.dst), dst_ip)
Neale Rannsfca0c242017-01-13 07:57:46 -0800303 self.assertEqual(in6_ptop(ip.src), in6_ptop(intf.local_ip6))
304
305 udp = pkt[UDP]
306 self.assertEqual(udp.dport, DHCP6_CLIENT_PORT)
307 self.assertEqual(udp.sport, DHCP6_SERVER_PORT)
308
309 relay = pkt[DHCP6_RelayForward]
310 self.assertEqual(in6_ptop(relay.peeraddr), in6_ptop(peer_ip))
311 oid = pkt[DHCP6OptIfaceId]
312 cll = pkt[DHCP6OptClientLinkLayerAddr]
313 self.assertEqual(cll.optlen, 8)
314 self.assertEqual(cll.lltype, 1)
315 self.assertEqual(cll.clladdr, peer_mac)
316
John Lo70bfcaf2017-11-14 13:19:26 -0500317 id_len = len(vpn_id)
318
Neale Ranns20a175a2017-02-14 07:28:41 -0800319 if fib_id != 0:
John Lo70bfcaf2017-11-14 13:19:26 -0500320 self.assertEqual(id_len, 0)
Neale Ranns20a175a2017-02-14 07:28:41 -0800321 vss = pkt[DHCP6OptVSS]
322 self.assertEqual(vss.optlen, 8)
323 self.assertEqual(vss.type, 1)
324 # the OUI and FIB-id are really 3 and 4 bytes resp.
325 # but the tested range is small
326 self.assertEqual(ord(vss.data[0]), 0)
327 self.assertEqual(ord(vss.data[1]), 0)
328 self.assertEqual(ord(vss.data[2]), oui)
329 self.assertEqual(ord(vss.data[3]), 0)
330 self.assertEqual(ord(vss.data[4]), 0)
331 self.assertEqual(ord(vss.data[5]), 0)
332 self.assertEqual(ord(vss.data[6]), fib_id)
Neale Rannsfca0c242017-01-13 07:57:46 -0800333
John Lo70bfcaf2017-11-14 13:19:26 -0500334 if id_len > 0:
335 self.assertEqual(oui, 0)
336 vss = pkt[DHCP6OptVSS]
337 self.assertEqual(vss.optlen, id_len+1)
338 self.assertEqual(vss.type, 0)
339 self.assertEqual(vss.data[0:id_len], vpn_id)
340
Neale Rannsfca0c242017-01-13 07:57:46 -0800341 # the relay message should be an encoded Solicit
342 msg = pkt[DHCP6OptRelayMsg]
343 sol = DHCP6_Solicit()
344 self.assertEqual(msg.optlen, len(str(sol)))
345 self.assertEqual(str(sol), (str(msg[1]))[:msg.optlen])
346
347 def verify_dhcp6_advert(self, pkt, intf, peer):
348 ether = pkt[Ether]
349 self.assertEqual(ether.dst, "ff:ff:ff:ff:ff:ff")
350 self.assertEqual(ether.src, intf.local_mac)
351
352 ip = pkt[IPv6]
353 self.assertEqual(in6_ptop(ip.dst), in6_ptop(peer))
354 self.assertEqual(in6_ptop(ip.src), in6_ptop(intf.local_ip6))
355
356 udp = pkt[UDP]
357 self.assertEqual(udp.dport, DHCP6_SERVER_PORT)
358 self.assertEqual(udp.sport, DHCP6_CLIENT_PORT)
359
360 # not sure why this is not decoding
361 # adv = pkt[DHCP6_Advertise]
362
Neale Rannsf6e9b012019-01-25 06:37:15 -0800363 def wait_for_no_route(self, address, length,
364 n_tries=50, s_time=1):
365 while (n_tries):
366 if not find_route(self, address, length):
367 return True
368 n_tries = n_tries - 1
369 self.sleep(s_time)
370
371 return False
372
Neale Rannsfca0c242017-01-13 07:57:46 -0800373 def test_dhcp_proxy(self):
374 """ DHCPv4 Proxy """
375
376 #
377 # Verify no response to DHCP request without DHCP config
378 #
379 p_disc_vrf0 = (Ether(dst="ff:ff:ff:ff:ff:ff",
John Lo70bfcaf2017-11-14 13:19:26 -0500380 src=self.pg3.remote_mac) /
Neale Rannsfca0c242017-01-13 07:57:46 -0800381 IP(src="0.0.0.0", dst="255.255.255.255") /
382 UDP(sport=DHCP4_CLIENT_PORT,
383 dport=DHCP4_SERVER_PORT) /
384 BOOTP(op=1) /
385 DHCP(options=[('message-type', 'discover'), ('end')]))
386 pkts_disc_vrf0 = [p_disc_vrf0]
387 p_disc_vrf1 = (Ether(dst="ff:ff:ff:ff:ff:ff",
John Lo70bfcaf2017-11-14 13:19:26 -0500388 src=self.pg4.remote_mac) /
Neale Rannsfca0c242017-01-13 07:57:46 -0800389 IP(src="0.0.0.0", dst="255.255.255.255") /
390 UDP(sport=DHCP4_CLIENT_PORT,
391 dport=DHCP4_SERVER_PORT) /
392 BOOTP(op=1) /
393 DHCP(options=[('message-type', 'discover'), ('end')]))
John Lo70bfcaf2017-11-14 13:19:26 -0500394 pkts_disc_vrf1 = [p_disc_vrf1]
395 p_disc_vrf2 = (Ether(dst="ff:ff:ff:ff:ff:ff",
396 src=self.pg5.remote_mac) /
397 IP(src="0.0.0.0", dst="255.255.255.255") /
398 UDP(sport=DHCP4_CLIENT_PORT,
399 dport=DHCP4_SERVER_PORT) /
400 BOOTP(op=1) /
401 DHCP(options=[('message-type', 'discover'), ('end')]))
402 pkts_disc_vrf2 = [p_disc_vrf2]
Neale Rannsfca0c242017-01-13 07:57:46 -0800403
John Lo70bfcaf2017-11-14 13:19:26 -0500404 self.send_and_assert_no_replies(self.pg3, pkts_disc_vrf0,
Neale Rannsfca0c242017-01-13 07:57:46 -0800405 "DHCP with no configuration")
John Lo70bfcaf2017-11-14 13:19:26 -0500406 self.send_and_assert_no_replies(self.pg4, pkts_disc_vrf1,
407 "DHCP with no configuration")
408 self.send_and_assert_no_replies(self.pg5, pkts_disc_vrf2,
Neale Rannsfca0c242017-01-13 07:57:46 -0800409 "DHCP with no configuration")
410
411 #
412 # Enable DHCP proxy in VRF 0
413 #
414 server_addr = self.pg0.remote_ip4n
415 src_addr = self.pg0.local_ip4n
416
417 self.vapi.dhcp_proxy_config(server_addr,
418 src_addr,
419 rx_table_id=0)
420
421 #
Neale Ranns20a175a2017-02-14 07:28:41 -0800422 # Discover packets from the client are dropped because there is no
423 # IP address configured on the client facing interface
Neale Rannsfca0c242017-01-13 07:57:46 -0800424 #
John Lo70bfcaf2017-11-14 13:19:26 -0500425 self.send_and_assert_no_replies(self.pg3, pkts_disc_vrf0,
Neale Ranns20a175a2017-02-14 07:28:41 -0800426 "Discover DHCP no relay address")
Neale Rannsfca0c242017-01-13 07:57:46 -0800427
428 #
429 # Inject a response from the server
Neale Ranns20a175a2017-02-14 07:28:41 -0800430 # dropped, because there is no IP addrees on the
Neale Ranns2dd68522017-02-16 03:38:59 -0800431 # client interfce to fill in the option.
Neale Rannsfca0c242017-01-13 07:57:46 -0800432 #
433 p = (Ether(dst=self.pg0.local_mac, src=self.pg0.remote_mac) /
434 IP(src=self.pg0.remote_ip4, dst=self.pg0.local_ip4) /
435 UDP(sport=DHCP4_SERVER_PORT, dport=DHCP4_SERVER_PORT) /
436 BOOTP(op=1) /
437 DHCP(options=[('message-type', 'offer'), ('end')]))
438 pkts = [p]
439
John Lo70bfcaf2017-11-14 13:19:26 -0500440 self.send_and_assert_no_replies(self.pg3, pkts,
Neale Ranns20a175a2017-02-14 07:28:41 -0800441 "Offer DHCP no relay address")
Neale Rannsfca0c242017-01-13 07:57:46 -0800442
443 #
444 # configure an IP address on the client facing interface
445 #
John Lo70bfcaf2017-11-14 13:19:26 -0500446 self.pg3.config_ip4()
Neale Rannsfca0c242017-01-13 07:57:46 -0800447
448 #
449 # Try again with a discover packet
450 # Rx'd packet should be to the server address and from the configured
451 # source address
452 # UDP source ports are unchanged
453 # we've no option 82 config so that should be absent
454 #
John Lo70bfcaf2017-11-14 13:19:26 -0500455 self.pg3.add_stream(pkts_disc_vrf0)
Neale Rannsfca0c242017-01-13 07:57:46 -0800456 self.pg_enable_capture(self.pg_interfaces)
457 self.pg_start()
458
459 rx = self.pg0.get_capture(1)
460 rx = rx[0]
461
Neale Rannsa2fbf6b2017-07-18 08:23:32 -0700462 option_82 = self.verify_relayed_dhcp_discover(rx, self.pg0,
John Lo70bfcaf2017-11-14 13:19:26 -0500463 src_intf=self.pg3)
Neale Rannsfca0c242017-01-13 07:57:46 -0800464
465 #
466 # Create an DHCP offer reply from the server with a correctly formatted
467 # option 82. i.e. send back what we just captured
468 # The offer, sent mcast to the client, still has option 82.
469 #
470 p = (Ether(dst=self.pg0.local_mac, src=self.pg0.remote_mac) /
471 IP(src=self.pg0.remote_ip4, dst=self.pg0.local_ip4) /
472 UDP(sport=DHCP4_SERVER_PORT, dport=DHCP4_SERVER_PORT) /
473 BOOTP(op=1) /
474 DHCP(options=[('message-type', 'offer'),
475 ('relay_agent_Information', option_82),
476 ('end')]))
477 pkts = [p]
478
479 self.pg0.add_stream(pkts)
480 self.pg_enable_capture(self.pg_interfaces)
481 self.pg_start()
482
John Lo70bfcaf2017-11-14 13:19:26 -0500483 rx = self.pg3.get_capture(1)
Neale Rannsfca0c242017-01-13 07:57:46 -0800484 rx = rx[0]
485
John Lo70bfcaf2017-11-14 13:19:26 -0500486 self.verify_dhcp_offer(rx, self.pg3)
Neale Rannsfca0c242017-01-13 07:57:46 -0800487
488 #
489 # Bogus Option 82:
490 #
491 # 1. not our IP address = not checked by VPP? so offer is replayed
492 # to client
493 bad_ip = option_82[0:8] + chr(33) + option_82[9:]
494
495 p = (Ether(dst=self.pg0.local_mac, src=self.pg0.remote_mac) /
496 IP(src=self.pg0.remote_ip4, dst=self.pg0.local_ip4) /
497 UDP(sport=DHCP4_SERVER_PORT, dport=DHCP4_SERVER_PORT) /
498 BOOTP(op=1) /
499 DHCP(options=[('message-type', 'offer'),
500 ('relay_agent_Information', bad_ip),
501 ('end')]))
502 pkts = [p]
Neale Ranns20a175a2017-02-14 07:28:41 -0800503 self.send_and_assert_no_replies(self.pg0, pkts,
504 "DHCP offer option 82 bad address")
Neale Rannsfca0c242017-01-13 07:57:46 -0800505
506 # 2. Not a sw_if_index VPP knows
507 bad_if_index = option_82[0:2] + chr(33) + option_82[3:]
508
509 p = (Ether(dst=self.pg0.local_mac, src=self.pg0.remote_mac) /
510 IP(src=self.pg0.remote_ip4, dst=self.pg0.local_ip4) /
511 UDP(sport=DHCP4_SERVER_PORT, dport=DHCP4_SERVER_PORT) /
512 BOOTP(op=1) /
513 DHCP(options=[('message-type', 'offer'),
514 ('relay_agent_Information', bad_if_index),
515 ('end')]))
516 pkts = [p]
517 self.send_and_assert_no_replies(self.pg0, pkts,
518 "DHCP offer option 82 bad if index")
519
520 #
521 # Send a DHCP request in VRF 1. should be dropped.
522 #
John Lo70bfcaf2017-11-14 13:19:26 -0500523 self.send_and_assert_no_replies(self.pg4, pkts_disc_vrf1,
Neale Rannsfca0c242017-01-13 07:57:46 -0800524 "DHCP with no configuration VRF 1")
525
526 #
527 # Delete the DHCP config in VRF 0
528 # Should now drop requests.
529 #
530 self.vapi.dhcp_proxy_config(server_addr,
531 src_addr,
532 rx_table_id=0,
Neale Ranns20a175a2017-02-14 07:28:41 -0800533 is_add=0)
Neale Rannsfca0c242017-01-13 07:57:46 -0800534
John Lo70bfcaf2017-11-14 13:19:26 -0500535 self.send_and_assert_no_replies(self.pg3, pkts_disc_vrf0,
Neale Rannsfca0c242017-01-13 07:57:46 -0800536 "DHCP config removed VRF 0")
John Lo70bfcaf2017-11-14 13:19:26 -0500537 self.send_and_assert_no_replies(self.pg4, pkts_disc_vrf1,
Neale Rannsfca0c242017-01-13 07:57:46 -0800538 "DHCP config removed VRF 1")
539
540 #
John Lo70bfcaf2017-11-14 13:19:26 -0500541 # Add DHCP config for VRF 1 & 2
Neale Rannsfca0c242017-01-13 07:57:46 -0800542 #
John Lo70bfcaf2017-11-14 13:19:26 -0500543 server_addr1 = self.pg1.remote_ip4n
544 src_addr1 = self.pg1.local_ip4n
545 self.vapi.dhcp_proxy_config(server_addr1,
546 src_addr1,
Neale Rannsfca0c242017-01-13 07:57:46 -0800547 rx_table_id=1,
Neale Ranns20a175a2017-02-14 07:28:41 -0800548 server_table_id=1)
John Lo70bfcaf2017-11-14 13:19:26 -0500549 server_addr2 = self.pg2.remote_ip4n
550 src_addr2 = self.pg2.local_ip4n
551 self.vapi.dhcp_proxy_config(server_addr2,
552 src_addr2,
553 rx_table_id=2,
554 server_table_id=2)
Neale Rannsfca0c242017-01-13 07:57:46 -0800555
556 #
John Lo70bfcaf2017-11-14 13:19:26 -0500557 # Confim DHCP requests ok in VRF 1 & 2.
Neale Rannsfca0c242017-01-13 07:57:46 -0800558 # - dropped on IP config on client interface
559 #
John Lo70bfcaf2017-11-14 13:19:26 -0500560 self.send_and_assert_no_replies(self.pg4, pkts_disc_vrf1,
Neale Rannsfca0c242017-01-13 07:57:46 -0800561 "DHCP config removed VRF 1")
John Lo70bfcaf2017-11-14 13:19:26 -0500562 self.send_and_assert_no_replies(self.pg5, pkts_disc_vrf2,
563 "DHCP config removed VRF 2")
Neale Rannsfca0c242017-01-13 07:57:46 -0800564
565 #
566 # configure an IP address on the client facing interface
567 #
John Lo70bfcaf2017-11-14 13:19:26 -0500568 self.pg4.config_ip4()
569 self.pg4.add_stream(pkts_disc_vrf1)
Neale Rannsfca0c242017-01-13 07:57:46 -0800570 self.pg_enable_capture(self.pg_interfaces)
571 self.pg_start()
Neale Rannsfca0c242017-01-13 07:57:46 -0800572 rx = self.pg1.get_capture(1)
573 rx = rx[0]
John Lo70bfcaf2017-11-14 13:19:26 -0500574 self.verify_relayed_dhcp_discover(rx, self.pg1, src_intf=self.pg4)
575
576 self.pg5.config_ip4()
577 self.pg5.add_stream(pkts_disc_vrf2)
578 self.pg_enable_capture(self.pg_interfaces)
579 self.pg_start()
580 rx = self.pg2.get_capture(1)
581 rx = rx[0]
582 self.verify_relayed_dhcp_discover(rx, self.pg2, src_intf=self.pg5)
Neale Rannsfca0c242017-01-13 07:57:46 -0800583
584 #
Neale Ranns20a175a2017-02-14 07:28:41 -0800585 # Add VSS config
John Lo70bfcaf2017-11-14 13:19:26 -0500586 # table=1, vss_type=1, vpn_index=1, oui=4
587 # table=2, vss_type=0, vpn_id = "ip4-table-2"
588 self.vapi.dhcp_proxy_set_vss(1, 1, vpn_index=1, oui=4, is_add=1)
589 self.vapi.dhcp_proxy_set_vss(2, 0, "ip4-table-2", is_add=1)
Neale Ranns20a175a2017-02-14 07:28:41 -0800590
John Lo70bfcaf2017-11-14 13:19:26 -0500591 self.pg4.add_stream(pkts_disc_vrf1)
Neale Ranns20a175a2017-02-14 07:28:41 -0800592 self.pg_enable_capture(self.pg_interfaces)
593 self.pg_start()
594
595 rx = self.pg1.get_capture(1)
596 rx = rx[0]
Neale Rannsa2fbf6b2017-07-18 08:23:32 -0700597 self.verify_relayed_dhcp_discover(rx, self.pg1,
John Lo70bfcaf2017-11-14 13:19:26 -0500598 src_intf=self.pg4,
Neale Rannsa2fbf6b2017-07-18 08:23:32 -0700599 fib_id=1, oui=4)
Neale Ranns20a175a2017-02-14 07:28:41 -0800600
John Lo70bfcaf2017-11-14 13:19:26 -0500601 self.pg5.add_stream(pkts_disc_vrf2)
602 self.pg_enable_capture(self.pg_interfaces)
603 self.pg_start()
604
605 rx = self.pg2.get_capture(1)
606 rx = rx[0]
607 self.verify_relayed_dhcp_discover(rx, self.pg2,
608 src_intf=self.pg5,
609 vpn_id="ip4-table-2")
610
Neale Ranns20a175a2017-02-14 07:28:41 -0800611 #
Neale Ranns3466c302017-02-16 07:45:03 -0800612 # Add a second DHCP server in VRF 1
613 # expect clients messages to be relay to both configured servers
614 #
615 self.pg1.generate_remote_hosts(2)
John Lo70bfcaf2017-11-14 13:19:26 -0500616 server_addr12 = socket.inet_pton(AF_INET, self.pg1.remote_hosts[1].ip4)
Neale Ranns3466c302017-02-16 07:45:03 -0800617
John Lo70bfcaf2017-11-14 13:19:26 -0500618 self.vapi.dhcp_proxy_config(server_addr12,
619 src_addr1,
Neale Ranns3466c302017-02-16 07:45:03 -0800620 rx_table_id=1,
621 server_table_id=1,
622 is_add=1)
623
624 #
625 # We'll need an ARP entry for the server to send it packets
626 #
627 arp_entry = VppNeighbor(self,
628 self.pg1.sw_if_index,
629 self.pg1.remote_hosts[1].mac,
630 self.pg1.remote_hosts[1].ip4)
631 arp_entry.add_vpp_config()
632
633 #
634 # Send a discover from the client. expect two relayed messages
635 # The frist packet is sent to the second server
636 # We're not enforcing that here, it's just the way it is.
637 #
John Lo70bfcaf2017-11-14 13:19:26 -0500638 self.pg4.add_stream(pkts_disc_vrf1)
Neale Ranns3466c302017-02-16 07:45:03 -0800639 self.pg_enable_capture(self.pg_interfaces)
640 self.pg_start()
641
642 rx = self.pg1.get_capture(2)
643
Neale Rannsa2fbf6b2017-07-18 08:23:32 -0700644 option_82 = self.verify_relayed_dhcp_discover(
Neale Ranns3466c302017-02-16 07:45:03 -0800645 rx[0], self.pg1,
John Lo70bfcaf2017-11-14 13:19:26 -0500646 src_intf=self.pg4,
Neale Ranns3466c302017-02-16 07:45:03 -0800647 dst_mac=self.pg1.remote_hosts[1].mac,
648 dst_ip=self.pg1.remote_hosts[1].ip4,
649 fib_id=1, oui=4)
Neale Rannsa2fbf6b2017-07-18 08:23:32 -0700650 self.verify_relayed_dhcp_discover(rx[1], self.pg1,
John Lo70bfcaf2017-11-14 13:19:26 -0500651 src_intf=self.pg4,
Neale Rannsa2fbf6b2017-07-18 08:23:32 -0700652 fib_id=1, oui=4)
Neale Ranns3466c302017-02-16 07:45:03 -0800653
654 #
655 # Send both packets back. Client gets both.
656 #
657 p1 = (Ether(dst=self.pg1.local_mac, src=self.pg1.remote_mac) /
658 IP(src=self.pg1.remote_ip4, dst=self.pg1.local_ip4) /
659 UDP(sport=DHCP4_SERVER_PORT, dport=DHCP4_SERVER_PORT) /
660 BOOTP(op=1) /
661 DHCP(options=[('message-type', 'offer'),
662 ('relay_agent_Information', option_82),
663 ('end')]))
664 p2 = (Ether(dst=self.pg1.local_mac, src=self.pg1.remote_mac) /
665 IP(src=self.pg1.remote_hosts[1].ip4, dst=self.pg1.local_ip4) /
666 UDP(sport=DHCP4_SERVER_PORT, dport=DHCP4_SERVER_PORT) /
667 BOOTP(op=1) /
668 DHCP(options=[('message-type', 'offer'),
669 ('relay_agent_Information', option_82),
670 ('end')]))
671 pkts = [p1, p2]
672
673 self.pg1.add_stream(pkts)
674 self.pg_enable_capture(self.pg_interfaces)
675 self.pg_start()
676
John Lo70bfcaf2017-11-14 13:19:26 -0500677 rx = self.pg4.get_capture(2)
Neale Ranns3466c302017-02-16 07:45:03 -0800678
John Lo70bfcaf2017-11-14 13:19:26 -0500679 self.verify_dhcp_offer(rx[0], self.pg4, fib_id=1, oui=4)
680 self.verify_dhcp_offer(rx[1], self.pg4, fib_id=1, oui=4)
Neale Ranns3466c302017-02-16 07:45:03 -0800681
682 #
683 # Ensure offers from non-servers are dropeed
684 #
685 p2 = (Ether(dst=self.pg1.local_mac, src=self.pg1.remote_mac) /
686 IP(src="8.8.8.8", dst=self.pg1.local_ip4) /
687 UDP(sport=DHCP4_SERVER_PORT, dport=DHCP4_SERVER_PORT) /
688 BOOTP(op=1) /
689 DHCP(options=[('message-type', 'offer'),
690 ('relay_agent_Information', option_82),
691 ('end')]))
692 self.send_and_assert_no_replies(self.pg1, p2,
693 "DHCP offer from non-server")
694
695 #
696 # Ensure only the discover is sent to multiple servers
697 #
698 p_req_vrf1 = (Ether(dst="ff:ff:ff:ff:ff:ff",
John Lo70bfcaf2017-11-14 13:19:26 -0500699 src=self.pg4.remote_mac) /
Neale Ranns3466c302017-02-16 07:45:03 -0800700 IP(src="0.0.0.0", dst="255.255.255.255") /
701 UDP(sport=DHCP4_CLIENT_PORT,
702 dport=DHCP4_SERVER_PORT) /
703 BOOTP(op=1) /
704 DHCP(options=[('message-type', 'request'),
705 ('end')]))
706
John Lo70bfcaf2017-11-14 13:19:26 -0500707 self.pg4.add_stream(p_req_vrf1)
Neale Ranns3466c302017-02-16 07:45:03 -0800708 self.pg_enable_capture(self.pg_interfaces)
709 self.pg_start()
710
711 rx = self.pg1.get_capture(1)
712
713 #
714 # Remove the second DHCP server
715 #
John Lo70bfcaf2017-11-14 13:19:26 -0500716 self.vapi.dhcp_proxy_config(server_addr12,
717 src_addr1,
Neale Ranns3466c302017-02-16 07:45:03 -0800718 rx_table_id=1,
719 server_table_id=1,
720 is_add=0)
721
722 #
723 # Test we can still relay with the first
724 #
John Lo70bfcaf2017-11-14 13:19:26 -0500725 self.pg4.add_stream(pkts_disc_vrf1)
Neale Ranns3466c302017-02-16 07:45:03 -0800726 self.pg_enable_capture(self.pg_interfaces)
727 self.pg_start()
728
729 rx = self.pg1.get_capture(1)
730 rx = rx[0]
Neale Rannsa2fbf6b2017-07-18 08:23:32 -0700731 self.verify_relayed_dhcp_discover(rx, self.pg1,
John Lo70bfcaf2017-11-14 13:19:26 -0500732 src_intf=self.pg4,
Neale Rannsa2fbf6b2017-07-18 08:23:32 -0700733 fib_id=1, oui=4)
Neale Ranns3466c302017-02-16 07:45:03 -0800734
735 #
Neale Ranns20a175a2017-02-14 07:28:41 -0800736 # Remove the VSS config
737 # relayed DHCP has default vlaues in the option.
738 #
John Lo70bfcaf2017-11-14 13:19:26 -0500739 self.vapi.dhcp_proxy_set_vss(1, is_add=0)
740 self.vapi.dhcp_proxy_set_vss(2, is_add=0)
Neale Ranns20a175a2017-02-14 07:28:41 -0800741
John Lo70bfcaf2017-11-14 13:19:26 -0500742 self.pg4.add_stream(pkts_disc_vrf1)
Neale Ranns20a175a2017-02-14 07:28:41 -0800743 self.pg_enable_capture(self.pg_interfaces)
744 self.pg_start()
745
746 rx = self.pg1.get_capture(1)
747 rx = rx[0]
John Lo70bfcaf2017-11-14 13:19:26 -0500748 self.verify_relayed_dhcp_discover(rx, self.pg1, src_intf=self.pg4)
Neale Ranns20a175a2017-02-14 07:28:41 -0800749
750 #
Neale Rannsfca0c242017-01-13 07:57:46 -0800751 # remove DHCP config to cleanup
752 #
John Lo70bfcaf2017-11-14 13:19:26 -0500753 self.vapi.dhcp_proxy_config(server_addr1,
754 src_addr1,
Neale Rannsfca0c242017-01-13 07:57:46 -0800755 rx_table_id=1,
Neale Ranns3466c302017-02-16 07:45:03 -0800756 server_table_id=1,
Neale Rannsfca0c242017-01-13 07:57:46 -0800757 is_add=0)
John Lo70bfcaf2017-11-14 13:19:26 -0500758 self.vapi.dhcp_proxy_config(server_addr2,
759 src_addr2,
760 rx_table_id=2,
761 server_table_id=2,
762 is_add=0)
Neale Rannsfca0c242017-01-13 07:57:46 -0800763
John Lo70bfcaf2017-11-14 13:19:26 -0500764 self.send_and_assert_no_replies(self.pg3, pkts_disc_vrf0,
Neale Rannsfca0c242017-01-13 07:57:46 -0800765 "DHCP cleanup VRF 0")
John Lo70bfcaf2017-11-14 13:19:26 -0500766 self.send_and_assert_no_replies(self.pg4, pkts_disc_vrf1,
Neale Rannsfca0c242017-01-13 07:57:46 -0800767 "DHCP cleanup VRF 1")
John Lo70bfcaf2017-11-14 13:19:26 -0500768 self.send_and_assert_no_replies(self.pg5, pkts_disc_vrf2,
769 "DHCP cleanup VRF 2")
770
Neale Ranns15002542017-09-10 04:39:11 -0700771 self.pg3.unconfig_ip4()
John Lo70bfcaf2017-11-14 13:19:26 -0500772 self.pg4.unconfig_ip4()
773 self.pg5.unconfig_ip4()
Neale Rannsfca0c242017-01-13 07:57:46 -0800774
775 def test_dhcp6_proxy(self):
776 """ DHCPv6 Proxy"""
777 #
778 # Verify no response to DHCP request without DHCP config
779 #
780 dhcp_solicit_dst = "ff02::1:2"
John Lo70bfcaf2017-11-14 13:19:26 -0500781 dhcp_solicit_src_vrf0 = mk_ll_addr(self.pg3.remote_mac)
782 dhcp_solicit_src_vrf1 = mk_ll_addr(self.pg4.remote_mac)
783 dhcp_solicit_src_vrf2 = mk_ll_addr(self.pg5.remote_mac)
Neale Rannsfca0c242017-01-13 07:57:46 -0800784 server_addr_vrf0 = self.pg0.remote_ip6n
785 src_addr_vrf0 = self.pg0.local_ip6n
786 server_addr_vrf1 = self.pg1.remote_ip6n
787 src_addr_vrf1 = self.pg1.local_ip6n
John Lo70bfcaf2017-11-14 13:19:26 -0500788 server_addr_vrf2 = self.pg2.remote_ip6n
789 src_addr_vrf2 = self.pg2.local_ip6n
Neale Rannsfca0c242017-01-13 07:57:46 -0800790
Neale Rannsfca0c242017-01-13 07:57:46 -0800791 dmac = in6_getnsmac(inet_pton(socket.AF_INET6, dhcp_solicit_dst))
John Lo70bfcaf2017-11-14 13:19:26 -0500792 p_solicit_vrf0 = (Ether(dst=dmac, src=self.pg3.remote_mac) /
Neale Rannsfca0c242017-01-13 07:57:46 -0800793 IPv6(src=dhcp_solicit_src_vrf0,
794 dst=dhcp_solicit_dst) /
795 UDP(sport=DHCP6_SERVER_PORT,
796 dport=DHCP6_CLIENT_PORT) /
797 DHCP6_Solicit())
John Lo70bfcaf2017-11-14 13:19:26 -0500798 p_solicit_vrf1 = (Ether(dst=dmac, src=self.pg4.remote_mac) /
Neale Rannsfca0c242017-01-13 07:57:46 -0800799 IPv6(src=dhcp_solicit_src_vrf1,
800 dst=dhcp_solicit_dst) /
801 UDP(sport=DHCP6_SERVER_PORT,
802 dport=DHCP6_CLIENT_PORT) /
803 DHCP6_Solicit())
John Lo70bfcaf2017-11-14 13:19:26 -0500804 p_solicit_vrf2 = (Ether(dst=dmac, src=self.pg5.remote_mac) /
805 IPv6(src=dhcp_solicit_src_vrf2,
806 dst=dhcp_solicit_dst) /
807 UDP(sport=DHCP6_SERVER_PORT,
808 dport=DHCP6_CLIENT_PORT) /
809 DHCP6_Solicit())
Neale Rannsfca0c242017-01-13 07:57:46 -0800810
John Lo70bfcaf2017-11-14 13:19:26 -0500811 self.send_and_assert_no_replies(self.pg3, p_solicit_vrf0,
Neale Rannsfca0c242017-01-13 07:57:46 -0800812 "DHCP with no configuration")
John Lo70bfcaf2017-11-14 13:19:26 -0500813 self.send_and_assert_no_replies(self.pg4, p_solicit_vrf1,
814 "DHCP with no configuration")
815 self.send_and_assert_no_replies(self.pg5, p_solicit_vrf2,
Neale Rannsfca0c242017-01-13 07:57:46 -0800816 "DHCP with no configuration")
817
818 #
819 # DHCPv6 config in VRF 0.
820 # Packets still dropped because the client facing interface has no
821 # IPv6 config
822 #
823 self.vapi.dhcp_proxy_config(server_addr_vrf0,
824 src_addr_vrf0,
825 rx_table_id=0,
826 server_table_id=0,
Neale Rannsfca0c242017-01-13 07:57:46 -0800827 is_ipv6=1)
828
John Lo70bfcaf2017-11-14 13:19:26 -0500829 self.send_and_assert_no_replies(self.pg3, p_solicit_vrf0,
Neale Rannsfca0c242017-01-13 07:57:46 -0800830 "DHCP with no configuration")
John Lo70bfcaf2017-11-14 13:19:26 -0500831 self.send_and_assert_no_replies(self.pg4, p_solicit_vrf1,
Neale Rannsfca0c242017-01-13 07:57:46 -0800832 "DHCP with no configuration")
833
834 #
835 # configure an IP address on the client facing interface
836 #
John Lo70bfcaf2017-11-14 13:19:26 -0500837 self.pg3.config_ip6()
Neale Rannsfca0c242017-01-13 07:57:46 -0800838
839 #
840 # Now the DHCP requests are relayed to the server
841 #
John Lo70bfcaf2017-11-14 13:19:26 -0500842 self.pg3.add_stream(p_solicit_vrf0)
Neale Rannsfca0c242017-01-13 07:57:46 -0800843 self.pg_enable_capture(self.pg_interfaces)
844 self.pg_start()
845
846 rx = self.pg0.get_capture(1)
Neale Ranns3466c302017-02-16 07:45:03 -0800847
848 self.verify_dhcp6_solicit(rx[0], self.pg0,
Neale Rannsfca0c242017-01-13 07:57:46 -0800849 dhcp_solicit_src_vrf0,
John Lo70bfcaf2017-11-14 13:19:26 -0500850 self.pg3.remote_mac)
Neale Rannsfca0c242017-01-13 07:57:46 -0800851
852 #
853 # Exception cases for rejected relay responses
854 #
855
856 # 1 - not a relay reply
857 p_adv_vrf0 = (Ether(dst=self.pg0.local_mac, src=self.pg0.remote_mac) /
858 IPv6(dst=self.pg0.local_ip6, src=self.pg0.remote_ip6) /
859 UDP(sport=DHCP6_SERVER_PORT, dport=DHCP6_SERVER_PORT) /
860 DHCP6_Advertise())
John Lo70bfcaf2017-11-14 13:19:26 -0500861 self.send_and_assert_no_replies(self.pg3, p_adv_vrf0,
Neale Rannsfca0c242017-01-13 07:57:46 -0800862 "DHCP6 not a relay reply")
863
864 # 2 - no relay message option
865 p_adv_vrf0 = (Ether(dst=self.pg0.local_mac, src=self.pg0.remote_mac) /
866 IPv6(dst=self.pg0.local_ip6, src=self.pg0.remote_ip6) /
867 UDP(sport=DHCP6_SERVER_PORT, dport=DHCP6_SERVER_PORT) /
868 DHCP6_RelayReply() /
869 DHCP6_Advertise())
John Lo70bfcaf2017-11-14 13:19:26 -0500870 self.send_and_assert_no_replies(self.pg3, p_adv_vrf0,
Neale Rannsfca0c242017-01-13 07:57:46 -0800871 "DHCP not a relay message")
872
873 # 3 - no circuit ID
874 p_adv_vrf0 = (Ether(dst=self.pg0.local_mac, src=self.pg0.remote_mac) /
875 IPv6(dst=self.pg0.local_ip6, src=self.pg0.remote_ip6) /
876 UDP(sport=DHCP6_SERVER_PORT, dport=DHCP6_SERVER_PORT) /
877 DHCP6_RelayReply() /
878 DHCP6OptRelayMsg(optlen=0) /
879 DHCP6_Advertise())
John Lo70bfcaf2017-11-14 13:19:26 -0500880 self.send_and_assert_no_replies(self.pg3, p_adv_vrf0,
Neale Rannsfca0c242017-01-13 07:57:46 -0800881 "DHCP6 no circuit ID")
882 # 4 - wrong circuit ID
883 p_adv_vrf0 = (Ether(dst=self.pg0.local_mac, src=self.pg0.remote_mac) /
884 IPv6(dst=self.pg0.local_ip6, src=self.pg0.remote_ip6) /
885 UDP(sport=DHCP6_SERVER_PORT, dport=DHCP6_SERVER_PORT) /
886 DHCP6_RelayReply() /
887 DHCP6OptIfaceId(optlen=4, ifaceid='\x00\x00\x00\x05') /
888 DHCP6OptRelayMsg(optlen=0) /
889 DHCP6_Advertise())
John Lo70bfcaf2017-11-14 13:19:26 -0500890 self.send_and_assert_no_replies(self.pg3, p_adv_vrf0,
Neale Rannsfca0c242017-01-13 07:57:46 -0800891 "DHCP6 wrong circuit ID")
892
893 #
894 # Send the relay response (the advertisement)
895 # - no peer address
896 p_adv_vrf0 = (Ether(dst=self.pg0.local_mac, src=self.pg0.remote_mac) /
897 IPv6(dst=self.pg0.local_ip6, src=self.pg0.remote_ip6) /
898 UDP(sport=DHCP6_SERVER_PORT, dport=DHCP6_SERVER_PORT) /
899 DHCP6_RelayReply() /
John Lo70bfcaf2017-11-14 13:19:26 -0500900 DHCP6OptIfaceId(optlen=4, ifaceid='\x00\x00\x00\x04') /
Neale Rannsfca0c242017-01-13 07:57:46 -0800901 DHCP6OptRelayMsg(optlen=0) /
902 DHCP6_Advertise(trid=1) /
903 DHCP6OptStatusCode(statuscode=0))
904 pkts_adv_vrf0 = [p_adv_vrf0]
905
906 self.pg0.add_stream(pkts_adv_vrf0)
907 self.pg_enable_capture(self.pg_interfaces)
908 self.pg_start()
909
John Lo70bfcaf2017-11-14 13:19:26 -0500910 rx = self.pg3.get_capture(1)
Neale Ranns3466c302017-02-16 07:45:03 -0800911
John Lo70bfcaf2017-11-14 13:19:26 -0500912 self.verify_dhcp6_advert(rx[0], self.pg3, "::")
Neale Rannsfca0c242017-01-13 07:57:46 -0800913
914 #
915 # Send the relay response (the advertisement)
916 # - with peer address
917 p_adv_vrf0 = (Ether(dst=self.pg0.local_mac, src=self.pg0.remote_mac) /
918 IPv6(dst=self.pg0.local_ip6, src=self.pg0.remote_ip6) /
919 UDP(sport=DHCP6_SERVER_PORT, dport=DHCP6_SERVER_PORT) /
920 DHCP6_RelayReply(peeraddr=dhcp_solicit_src_vrf0) /
John Lo70bfcaf2017-11-14 13:19:26 -0500921 DHCP6OptIfaceId(optlen=4, ifaceid='\x00\x00\x00\x04') /
Neale Rannsfca0c242017-01-13 07:57:46 -0800922 DHCP6OptRelayMsg(optlen=0) /
923 DHCP6_Advertise(trid=1) /
924 DHCP6OptStatusCode(statuscode=0))
925 pkts_adv_vrf0 = [p_adv_vrf0]
926
927 self.pg0.add_stream(pkts_adv_vrf0)
928 self.pg_enable_capture(self.pg_interfaces)
929 self.pg_start()
930
John Lo70bfcaf2017-11-14 13:19:26 -0500931 rx = self.pg3.get_capture(1)
Neale Ranns3466c302017-02-16 07:45:03 -0800932
John Lo70bfcaf2017-11-14 13:19:26 -0500933 self.verify_dhcp6_advert(rx[0], self.pg3, dhcp_solicit_src_vrf0)
Neale Rannsfca0c242017-01-13 07:57:46 -0800934
935 #
John Lo70bfcaf2017-11-14 13:19:26 -0500936 # Add all the config for VRF 1 & 2
Neale Rannsfca0c242017-01-13 07:57:46 -0800937 #
938 self.vapi.dhcp_proxy_config(server_addr_vrf1,
939 src_addr_vrf1,
940 rx_table_id=1,
941 server_table_id=1,
Neale Rannsfca0c242017-01-13 07:57:46 -0800942 is_ipv6=1)
John Lo70bfcaf2017-11-14 13:19:26 -0500943 self.pg4.config_ip6()
944
945 self.vapi.dhcp_proxy_config(server_addr_vrf2,
946 src_addr_vrf2,
947 rx_table_id=2,
948 server_table_id=2,
949 is_ipv6=1)
950 self.pg5.config_ip6()
Neale Rannsfca0c242017-01-13 07:57:46 -0800951
952 #
953 # VRF 1 solicit
954 #
John Lo70bfcaf2017-11-14 13:19:26 -0500955 self.pg4.add_stream(p_solicit_vrf1)
Neale Rannsfca0c242017-01-13 07:57:46 -0800956 self.pg_enable_capture(self.pg_interfaces)
957 self.pg_start()
958
959 rx = self.pg1.get_capture(1)
Neale Ranns3466c302017-02-16 07:45:03 -0800960
961 self.verify_dhcp6_solicit(rx[0], self.pg1,
Neale Rannsfca0c242017-01-13 07:57:46 -0800962 dhcp_solicit_src_vrf1,
John Lo70bfcaf2017-11-14 13:19:26 -0500963 self.pg4.remote_mac)
964
965 #
966 # VRF 2 solicit
967 #
968 self.pg5.add_stream(p_solicit_vrf2)
969 self.pg_enable_capture(self.pg_interfaces)
970 self.pg_start()
971
972 rx = self.pg2.get_capture(1)
973
974 self.verify_dhcp6_solicit(rx[0], self.pg2,
975 dhcp_solicit_src_vrf2,
976 self.pg5.remote_mac)
Neale Rannsfca0c242017-01-13 07:57:46 -0800977
978 #
979 # VRF 1 Advert
980 #
981 p_adv_vrf1 = (Ether(dst=self.pg1.local_mac, src=self.pg1.remote_mac) /
982 IPv6(dst=self.pg1.local_ip6, src=self.pg1.remote_ip6) /
983 UDP(sport=DHCP6_SERVER_PORT, dport=DHCP6_SERVER_PORT) /
984 DHCP6_RelayReply(peeraddr=dhcp_solicit_src_vrf1) /
John Lo70bfcaf2017-11-14 13:19:26 -0500985 DHCP6OptIfaceId(optlen=4, ifaceid='\x00\x00\x00\x05') /
Neale Rannsfca0c242017-01-13 07:57:46 -0800986 DHCP6OptRelayMsg(optlen=0) /
987 DHCP6_Advertise(trid=1) /
988 DHCP6OptStatusCode(statuscode=0))
989 pkts_adv_vrf1 = [p_adv_vrf1]
990
991 self.pg1.add_stream(pkts_adv_vrf1)
992 self.pg_enable_capture(self.pg_interfaces)
993 self.pg_start()
994
John Lo70bfcaf2017-11-14 13:19:26 -0500995 rx = self.pg4.get_capture(1)
Neale Ranns3466c302017-02-16 07:45:03 -0800996
John Lo70bfcaf2017-11-14 13:19:26 -0500997 self.verify_dhcp6_advert(rx[0], self.pg4, dhcp_solicit_src_vrf1)
Neale Rannsfca0c242017-01-13 07:57:46 -0800998
999 #
1000 # Add VSS config
John Lo70bfcaf2017-11-14 13:19:26 -05001001 # table=1, vss_type=1, vpn_index=1, oui=4
1002 # table=2, vss_type=0, vpn_id = "ip6-table-2"
1003 self.vapi.dhcp_proxy_set_vss(1, 1, oui=4, vpn_index=1, is_ip6=1)
1004 self.vapi.dhcp_proxy_set_vss(2, 0, "IPv6-table-2", is_ip6=1)
Neale Rannsfca0c242017-01-13 07:57:46 -08001005
John Lo70bfcaf2017-11-14 13:19:26 -05001006 self.pg4.add_stream(p_solicit_vrf1)
Neale Rannsfca0c242017-01-13 07:57:46 -08001007 self.pg_enable_capture(self.pg_interfaces)
1008 self.pg_start()
1009
1010 rx = self.pg1.get_capture(1)
Neale Ranns3466c302017-02-16 07:45:03 -08001011
1012 self.verify_dhcp6_solicit(rx[0], self.pg1,
Neale Rannsfca0c242017-01-13 07:57:46 -08001013 dhcp_solicit_src_vrf1,
John Lo70bfcaf2017-11-14 13:19:26 -05001014 self.pg4.remote_mac,
Neale Rannsfca0c242017-01-13 07:57:46 -08001015 fib_id=1,
1016 oui=4)
1017
John Lo70bfcaf2017-11-14 13:19:26 -05001018 self.pg5.add_stream(p_solicit_vrf2)
1019 self.pg_enable_capture(self.pg_interfaces)
1020 self.pg_start()
1021
1022 rx = self.pg2.get_capture(1)
1023
1024 self.verify_dhcp6_solicit(rx[0], self.pg2,
1025 dhcp_solicit_src_vrf2,
1026 self.pg5.remote_mac,
1027 vpn_id="IPv6-table-2")
1028
Neale Rannsfca0c242017-01-13 07:57:46 -08001029 #
1030 # Remove the VSS config
1031 # relayed DHCP has default vlaues in the option.
1032 #
John Lo70bfcaf2017-11-14 13:19:26 -05001033 self.vapi.dhcp_proxy_set_vss(1, is_ip6=1, is_add=0)
Neale Rannsfca0c242017-01-13 07:57:46 -08001034
John Lo70bfcaf2017-11-14 13:19:26 -05001035 self.pg4.add_stream(p_solicit_vrf1)
Neale Rannsfca0c242017-01-13 07:57:46 -08001036 self.pg_enable_capture(self.pg_interfaces)
1037 self.pg_start()
1038
1039 rx = self.pg1.get_capture(1)
Neale Ranns3466c302017-02-16 07:45:03 -08001040
1041 self.verify_dhcp6_solicit(rx[0], self.pg1,
1042 dhcp_solicit_src_vrf1,
John Lo70bfcaf2017-11-14 13:19:26 -05001043 self.pg4.remote_mac)
Neale Ranns3466c302017-02-16 07:45:03 -08001044
1045 #
1046 # Add a second DHCP server in VRF 1
1047 # expect clients messages to be relay to both configured servers
1048 #
1049 self.pg1.generate_remote_hosts(2)
John Lo70bfcaf2017-11-14 13:19:26 -05001050 server_addr12 = socket.inet_pton(AF_INET6,
1051 self.pg1.remote_hosts[1].ip6)
Neale Ranns3466c302017-02-16 07:45:03 -08001052
John Lo70bfcaf2017-11-14 13:19:26 -05001053 self.vapi.dhcp_proxy_config(server_addr12,
Neale Ranns3466c302017-02-16 07:45:03 -08001054 src_addr_vrf1,
1055 rx_table_id=1,
1056 server_table_id=1,
1057 is_ipv6=1)
1058
1059 #
1060 # We'll need an ND entry for the server to send it packets
1061 #
1062 nd_entry = VppNeighbor(self,
1063 self.pg1.sw_if_index,
1064 self.pg1.remote_hosts[1].mac,
Neale Ranns37029302018-08-10 05:30:06 -07001065 self.pg1.remote_hosts[1].ip6)
Neale Ranns3466c302017-02-16 07:45:03 -08001066 nd_entry.add_vpp_config()
1067
1068 #
1069 # Send a discover from the client. expect two relayed messages
1070 # The frist packet is sent to the second server
1071 # We're not enforcing that here, it's just the way it is.
1072 #
John Lo70bfcaf2017-11-14 13:19:26 -05001073 self.pg4.add_stream(p_solicit_vrf1)
Neale Ranns3466c302017-02-16 07:45:03 -08001074 self.pg_enable_capture(self.pg_interfaces)
1075 self.pg_start()
1076
1077 rx = self.pg1.get_capture(2)
1078
1079 self.verify_dhcp6_solicit(rx[0], self.pg1,
1080 dhcp_solicit_src_vrf1,
John Lo70bfcaf2017-11-14 13:19:26 -05001081 self.pg4.remote_mac)
Neale Ranns3466c302017-02-16 07:45:03 -08001082 self.verify_dhcp6_solicit(rx[1], self.pg1,
1083 dhcp_solicit_src_vrf1,
John Lo70bfcaf2017-11-14 13:19:26 -05001084 self.pg4.remote_mac,
Neale Ranns3466c302017-02-16 07:45:03 -08001085 dst_mac=self.pg1.remote_hosts[1].mac,
1086 dst_ip=self.pg1.remote_hosts[1].ip6)
1087
1088 #
1089 # Send both packets back. Client gets both.
1090 #
1091 p1 = (Ether(dst=self.pg1.local_mac, src=self.pg1.remote_mac) /
1092 IPv6(dst=self.pg1.local_ip6, src=self.pg1.remote_ip6) /
1093 UDP(sport=DHCP6_SERVER_PORT, dport=DHCP6_SERVER_PORT) /
1094 DHCP6_RelayReply(peeraddr=dhcp_solicit_src_vrf1) /
John Lo70bfcaf2017-11-14 13:19:26 -05001095 DHCP6OptIfaceId(optlen=4, ifaceid='\x00\x00\x00\x05') /
Neale Ranns3466c302017-02-16 07:45:03 -08001096 DHCP6OptRelayMsg(optlen=0) /
1097 DHCP6_Advertise(trid=1) /
1098 DHCP6OptStatusCode(statuscode=0))
1099 p2 = (Ether(dst=self.pg1.local_mac, src=self.pg1.remote_hosts[1].mac) /
1100 IPv6(dst=self.pg1.local_ip6, src=self.pg1._remote_hosts[1].ip6) /
1101 UDP(sport=DHCP6_SERVER_PORT, dport=DHCP6_SERVER_PORT) /
1102 DHCP6_RelayReply(peeraddr=dhcp_solicit_src_vrf1) /
John Lo70bfcaf2017-11-14 13:19:26 -05001103 DHCP6OptIfaceId(optlen=4, ifaceid='\x00\x00\x00\x05') /
Neale Ranns3466c302017-02-16 07:45:03 -08001104 DHCP6OptRelayMsg(optlen=0) /
1105 DHCP6_Advertise(trid=1) /
1106 DHCP6OptStatusCode(statuscode=0))
1107
1108 pkts = [p1, p2]
1109
1110 self.pg1.add_stream(pkts)
1111 self.pg_enable_capture(self.pg_interfaces)
1112 self.pg_start()
1113
John Lo70bfcaf2017-11-14 13:19:26 -05001114 rx = self.pg4.get_capture(2)
Neale Ranns3466c302017-02-16 07:45:03 -08001115
John Lo70bfcaf2017-11-14 13:19:26 -05001116 self.verify_dhcp6_advert(rx[0], self.pg4, dhcp_solicit_src_vrf1)
1117 self.verify_dhcp6_advert(rx[1], self.pg4, dhcp_solicit_src_vrf1)
Neale Ranns3466c302017-02-16 07:45:03 -08001118
1119 #
1120 # Ensure only solicit messages are duplicated
1121 #
John Lo70bfcaf2017-11-14 13:19:26 -05001122 p_request_vrf1 = (Ether(dst=dmac, src=self.pg4.remote_mac) /
Neale Ranns3466c302017-02-16 07:45:03 -08001123 IPv6(src=dhcp_solicit_src_vrf1,
1124 dst=dhcp_solicit_dst) /
1125 UDP(sport=DHCP6_SERVER_PORT,
1126 dport=DHCP6_CLIENT_PORT) /
1127 DHCP6_Request())
1128
John Lo70bfcaf2017-11-14 13:19:26 -05001129 self.pg4.add_stream(p_request_vrf1)
Neale Ranns3466c302017-02-16 07:45:03 -08001130 self.pg_enable_capture(self.pg_interfaces)
1131 self.pg_start()
1132
1133 rx = self.pg1.get_capture(1)
1134
1135 #
1136 # Test we drop DHCP packets from addresses that are not configured as
1137 # DHCP servers
1138 #
1139 p2 = (Ether(dst=self.pg1.local_mac, src=self.pg1.remote_hosts[1].mac) /
1140 IPv6(dst=self.pg1.local_ip6, src="3001::1") /
1141 UDP(sport=DHCP6_SERVER_PORT, dport=DHCP6_SERVER_PORT) /
1142 DHCP6_RelayReply(peeraddr=dhcp_solicit_src_vrf1) /
John Lo70bfcaf2017-11-14 13:19:26 -05001143 DHCP6OptIfaceId(optlen=4, ifaceid='\x00\x00\x00\x05') /
Neale Ranns3466c302017-02-16 07:45:03 -08001144 DHCP6OptRelayMsg(optlen=0) /
1145 DHCP6_Advertise(trid=1) /
1146 DHCP6OptStatusCode(statuscode=0))
1147 self.send_and_assert_no_replies(self.pg1, p2,
1148 "DHCP6 not from server")
1149
1150 #
1151 # Remove the second DHCP server
1152 #
John Lo70bfcaf2017-11-14 13:19:26 -05001153 self.vapi.dhcp_proxy_config(server_addr12,
Neale Ranns3466c302017-02-16 07:45:03 -08001154 src_addr_vrf1,
1155 rx_table_id=1,
1156 server_table_id=1,
1157 is_ipv6=1,
1158 is_add=0)
1159
1160 #
1161 # Test we can still relay with the first
1162 #
John Lo70bfcaf2017-11-14 13:19:26 -05001163 self.pg4.add_stream(p_solicit_vrf1)
Neale Ranns3466c302017-02-16 07:45:03 -08001164 self.pg_enable_capture(self.pg_interfaces)
1165 self.pg_start()
1166
1167 rx = self.pg1.get_capture(1)
1168
1169 self.verify_dhcp6_solicit(rx[0], self.pg1,
Neale Rannsfca0c242017-01-13 07:57:46 -08001170 dhcp_solicit_src_vrf1,
John Lo70bfcaf2017-11-14 13:19:26 -05001171 self.pg4.remote_mac)
Neale Rannsfca0c242017-01-13 07:57:46 -08001172
1173 #
1174 # Cleanup
1175 #
John Lo70bfcaf2017-11-14 13:19:26 -05001176 self.vapi.dhcp_proxy_config(server_addr_vrf2,
1177 src_addr_vrf2,
1178 rx_table_id=2,
1179 server_table_id=2,
1180 is_ipv6=1,
1181 is_add=0)
Neale Rannsfca0c242017-01-13 07:57:46 -08001182 self.vapi.dhcp_proxy_config(server_addr_vrf1,
1183 src_addr_vrf1,
1184 rx_table_id=1,
1185 server_table_id=1,
Neale Rannsfca0c242017-01-13 07:57:46 -08001186 is_ipv6=1,
1187 is_add=0)
Neale Ranns3466c302017-02-16 07:45:03 -08001188 self.vapi.dhcp_proxy_config(server_addr_vrf0,
1189 src_addr_vrf0,
1190 rx_table_id=0,
1191 server_table_id=0,
1192 is_ipv6=1,
1193 is_add=0)
1194
1195 # duplicate delete
1196 self.vapi.dhcp_proxy_config(server_addr_vrf0,
1197 src_addr_vrf0,
Neale Rannsfca0c242017-01-13 07:57:46 -08001198 rx_table_id=0,
1199 server_table_id=0,
Neale Rannsfca0c242017-01-13 07:57:46 -08001200 is_ipv6=1,
1201 is_add=0)
Neale Ranns15002542017-09-10 04:39:11 -07001202 self.pg3.unconfig_ip6()
John Lo70bfcaf2017-11-14 13:19:26 -05001203 self.pg4.unconfig_ip6()
1204 self.pg5.unconfig_ip6()
Neale Rannsfca0c242017-01-13 07:57:46 -08001205
Neale Rannsa2fbf6b2017-07-18 08:23:32 -07001206 def test_dhcp_client(self):
1207 """ DHCP Client"""
1208
1209 hostname = 'universal-dp'
1210
1211 self.pg_enable_capture(self.pg_interfaces)
1212
1213 #
John Lo70bfcaf2017-11-14 13:19:26 -05001214 # Configure DHCP client on PG3 and capture the discover sent
Neale Rannsa2fbf6b2017-07-18 08:23:32 -07001215 #
Ole Troane1ade682019-03-04 23:55:43 +01001216 self.vapi.dhcp_client_config(self.pg3.sw_if_index, hostname)
Neale Rannsa2fbf6b2017-07-18 08:23:32 -07001217
John Lo70bfcaf2017-11-14 13:19:26 -05001218 rx = self.pg3.get_capture(1)
Neale Rannsa2fbf6b2017-07-18 08:23:32 -07001219
John Lo70bfcaf2017-11-14 13:19:26 -05001220 self.verify_orig_dhcp_discover(rx[0], self.pg3, hostname)
Neale Rannsa2fbf6b2017-07-18 08:23:32 -07001221
1222 #
John Lo70bfcaf2017-11-14 13:19:26 -05001223 # Send back on offer, expect the request
Neale Rannsa2fbf6b2017-07-18 08:23:32 -07001224 #
John Lo70bfcaf2017-11-14 13:19:26 -05001225 p_offer = (Ether(dst=self.pg3.local_mac, src=self.pg3.remote_mac) /
1226 IP(src=self.pg3.remote_ip4, dst="255.255.255.255") /
Neale Ranns808c5b22017-08-02 05:15:07 -07001227 UDP(sport=DHCP4_SERVER_PORT, dport=DHCP4_CLIENT_PORT) /
Neale Ranns1f2f4b72018-03-23 11:53:12 -07001228 BOOTP(op=1,
1229 yiaddr=self.pg3.local_ip4,
Ole Troan8006c6a2018-12-17 12:02:26 +01001230 chaddr=mac_pton(self.pg3.local_mac)) /
Neale Ranns808c5b22017-08-02 05:15:07 -07001231 DHCP(options=[('message-type', 'offer'),
John Lo70bfcaf2017-11-14 13:19:26 -05001232 ('server_id', self.pg3.remote_ip4),
Jan Gelety2a3fb1a2018-06-27 10:56:17 +02001233 'end']))
Neale Rannsa2fbf6b2017-07-18 08:23:32 -07001234
John Lo70bfcaf2017-11-14 13:19:26 -05001235 self.pg3.add_stream(p_offer)
Neale Rannsa2fbf6b2017-07-18 08:23:32 -07001236 self.pg_enable_capture(self.pg_interfaces)
1237 self.pg_start()
1238
John Lo70bfcaf2017-11-14 13:19:26 -05001239 rx = self.pg3.get_capture(1)
1240 self.verify_orig_dhcp_request(rx[0], self.pg3, hostname,
1241 self.pg3.local_ip4)
Neale Rannsa2fbf6b2017-07-18 08:23:32 -07001242
1243 #
Jan Gelety2a3fb1a2018-06-27 10:56:17 +02001244 # Send an acknowledgment
Neale Rannsa2fbf6b2017-07-18 08:23:32 -07001245 #
John Lo70bfcaf2017-11-14 13:19:26 -05001246 p_ack = (Ether(dst=self.pg3.local_mac, src=self.pg3.remote_mac) /
1247 IP(src=self.pg3.remote_ip4, dst="255.255.255.255") /
Neale Ranns808c5b22017-08-02 05:15:07 -07001248 UDP(sport=DHCP4_SERVER_PORT, dport=DHCP4_CLIENT_PORT) /
Neale Ranns1f2f4b72018-03-23 11:53:12 -07001249 BOOTP(op=1, yiaddr=self.pg3.local_ip4,
Ole Troan8006c6a2018-12-17 12:02:26 +01001250 chaddr=mac_pton(self.pg3.local_mac)) /
Neale Ranns808c5b22017-08-02 05:15:07 -07001251 DHCP(options=[('message-type', 'ack'),
1252 ('subnet_mask', "255.255.255.0"),
John Lo70bfcaf2017-11-14 13:19:26 -05001253 ('router', self.pg3.remote_ip4),
1254 ('server_id', self.pg3.remote_ip4),
Neale Ranns808c5b22017-08-02 05:15:07 -07001255 ('lease_time', 43200),
Jan Gelety2a3fb1a2018-06-27 10:56:17 +02001256 'end']))
Neale Rannsa2fbf6b2017-07-18 08:23:32 -07001257
John Lo70bfcaf2017-11-14 13:19:26 -05001258 self.pg3.add_stream(p_ack)
Neale Rannsa2fbf6b2017-07-18 08:23:32 -07001259 self.pg_enable_capture(self.pg_interfaces)
1260 self.pg_start()
1261
1262 #
Neale Ranns51822bf2017-07-18 09:26:53 -07001263 # We'll get an ARP request for the router address
1264 #
John Lo70bfcaf2017-11-14 13:19:26 -05001265 rx = self.pg3.get_capture(1)
Neale Ranns51822bf2017-07-18 09:26:53 -07001266
John Lo70bfcaf2017-11-14 13:19:26 -05001267 self.assertEqual(rx[0][ARP].pdst, self.pg3.remote_ip4)
Neale Ranns51822bf2017-07-18 09:26:53 -07001268 self.pg_enable_capture(self.pg_interfaces)
1269
1270 #
Neale Rannsa2fbf6b2017-07-18 08:23:32 -07001271 # At the end of this procedure there should be a connected route
1272 # in the FIB
1273 #
John Lo70bfcaf2017-11-14 13:19:26 -05001274 self.assertTrue(find_route(self, self.pg3.local_ip4, 24))
1275 self.assertTrue(find_route(self, self.pg3.local_ip4, 32))
Neale Rannsa2fbf6b2017-07-18 08:23:32 -07001276
Neale Ranns51822bf2017-07-18 09:26:53 -07001277 # remove the left over ARP entry
John Lo70bfcaf2017-11-14 13:19:26 -05001278 self.vapi.ip_neighbor_add_del(self.pg3.sw_if_index,
Neale Ranns37029302018-08-10 05:30:06 -07001279 self.pg3.remote_mac,
John Lo70bfcaf2017-11-14 13:19:26 -05001280 self.pg3.remote_ip4,
Neale Ranns51822bf2017-07-18 09:26:53 -07001281 is_add=0)
Neale Ranns37029302018-08-10 05:30:06 -07001282
Neale Rannsa2fbf6b2017-07-18 08:23:32 -07001283 #
1284 # remove the DHCP config
1285 #
Ole Troane1ade682019-03-04 23:55:43 +01001286 self.vapi.dhcp_client_config(self.pg3.sw_if_index, hostname, is_add=0)
Neale Rannsa2fbf6b2017-07-18 08:23:32 -07001287
1288 #
1289 # and now the route should be gone
1290 #
John Lo70bfcaf2017-11-14 13:19:26 -05001291 self.assertFalse(find_route(self, self.pg3.local_ip4, 32))
1292 self.assertFalse(find_route(self, self.pg3.local_ip4, 24))
Neale Rannsa2fbf6b2017-07-18 08:23:32 -07001293
Neale Ranns51822bf2017-07-18 09:26:53 -07001294 #
Neale Ranns808c5b22017-08-02 05:15:07 -07001295 # Start the procedure again. this time have VPP send the client-ID
Neale Ranns51822bf2017-07-18 09:26:53 -07001296 #
John Lo70bfcaf2017-11-14 13:19:26 -05001297 self.pg3.admin_down()
Neale Ranns808c5b22017-08-02 05:15:07 -07001298 self.sleep(1)
John Lo70bfcaf2017-11-14 13:19:26 -05001299 self.pg3.admin_up()
Ole Troane1ade682019-03-04 23:55:43 +01001300 self.vapi.dhcp_client_config(self.pg3.sw_if_index, hostname,
1301 client_id=self.pg3.local_mac)
Neale Ranns51822bf2017-07-18 09:26:53 -07001302
John Lo70bfcaf2017-11-14 13:19:26 -05001303 rx = self.pg3.get_capture(1)
Neale Ranns51822bf2017-07-18 09:26:53 -07001304
John Lo70bfcaf2017-11-14 13:19:26 -05001305 self.verify_orig_dhcp_discover(rx[0], self.pg3, hostname,
1306 self.pg3.local_mac)
Neale Ranns51822bf2017-07-18 09:26:53 -07001307
Jan Gelety2a3fb1a2018-06-27 10:56:17 +02001308 # TODO: VPP DHCP client should not accept DHCP OFFER message with
1309 # the XID (Transaction ID) not matching the XID of the most recent
1310 # DHCP DISCOVERY message.
1311 # Such DHCP OFFER message must be silently discarded - RFC2131.
1312 # Reported in Jira ticket: VPP-99
John Lo70bfcaf2017-11-14 13:19:26 -05001313 self.pg3.add_stream(p_offer)
Neale Ranns808c5b22017-08-02 05:15:07 -07001314 self.pg_enable_capture(self.pg_interfaces)
1315 self.pg_start()
1316
John Lo70bfcaf2017-11-14 13:19:26 -05001317 rx = self.pg3.get_capture(1)
1318 self.verify_orig_dhcp_request(rx[0], self.pg3, hostname,
1319 self.pg3.local_ip4)
Neale Ranns808c5b22017-08-02 05:15:07 -07001320
1321 #
1322 # unicast the ack to the offered address
1323 #
John Lo70bfcaf2017-11-14 13:19:26 -05001324 p_ack = (Ether(dst=self.pg3.local_mac, src=self.pg3.remote_mac) /
1325 IP(src=self.pg3.remote_ip4, dst=self.pg3.local_ip4) /
Neale Ranns808c5b22017-08-02 05:15:07 -07001326 UDP(sport=DHCP4_SERVER_PORT, dport=DHCP4_CLIENT_PORT) /
Neale Ranns1f2f4b72018-03-23 11:53:12 -07001327 BOOTP(op=1, yiaddr=self.pg3.local_ip4,
Ole Troan8006c6a2018-12-17 12:02:26 +01001328 chaddr=mac_pton(self.pg3.local_mac)) /
Neale Ranns808c5b22017-08-02 05:15:07 -07001329 DHCP(options=[('message-type', 'ack'),
1330 ('subnet_mask', "255.255.255.0"),
John Lo70bfcaf2017-11-14 13:19:26 -05001331 ('router', self.pg3.remote_ip4),
1332 ('server_id', self.pg3.remote_ip4),
Neale Ranns808c5b22017-08-02 05:15:07 -07001333 ('lease_time', 43200),
Jan Gelety2a3fb1a2018-06-27 10:56:17 +02001334 'end']))
Neale Ranns808c5b22017-08-02 05:15:07 -07001335
John Lo70bfcaf2017-11-14 13:19:26 -05001336 self.pg3.add_stream(p_ack)
Neale Ranns808c5b22017-08-02 05:15:07 -07001337 self.pg_enable_capture(self.pg_interfaces)
1338 self.pg_start()
1339
1340 #
Neale Ranns54c6dc42018-01-17 10:29:10 -08001341 # We'll get an ARP request for the router address
1342 #
1343 rx = self.pg3.get_capture(1)
1344
1345 self.assertEqual(rx[0][ARP].pdst, self.pg3.remote_ip4)
1346 self.pg_enable_capture(self.pg_interfaces)
1347
1348 #
Neale Ranns808c5b22017-08-02 05:15:07 -07001349 # At the end of this procedure there should be a connected route
1350 # in the FIB
1351 #
John Lo70bfcaf2017-11-14 13:19:26 -05001352 self.assertTrue(find_route(self, self.pg3.local_ip4, 32))
1353 self.assertTrue(find_route(self, self.pg3.local_ip4, 24))
Neale Ranns808c5b22017-08-02 05:15:07 -07001354
Neale Ranns51822bf2017-07-18 09:26:53 -07001355 #
1356 # remove the DHCP config
1357 #
Ole Troane1ade682019-03-04 23:55:43 +01001358 self.vapi.dhcp_client_config(self.pg3.sw_if_index, hostname, is_add=0)
Neale Rannsa2fbf6b2017-07-18 08:23:32 -07001359
John Lo70bfcaf2017-11-14 13:19:26 -05001360 self.assertFalse(find_route(self, self.pg3.local_ip4, 32))
1361 self.assertFalse(find_route(self, self.pg3.local_ip4, 24))
Neale Ranns808c5b22017-08-02 05:15:07 -07001362
Neale Ranns54c6dc42018-01-17 10:29:10 -08001363 #
1364 # Rince and repeat, this time with VPP configured not to set
1365 # the braodcast flag in the discover and request messages,
1366 # and for the server to unicast the responses.
1367 #
1368 # Configure DHCP client on PG3 and capture the discover sent
1369 #
Ole Troane1ade682019-03-04 23:55:43 +01001370 self.vapi.dhcp_client_config(self.pg3.sw_if_index, hostname,
1371 set_broadcast_flag=0)
Neale Ranns54c6dc42018-01-17 10:29:10 -08001372
1373 rx = self.pg3.get_capture(1)
1374
1375 self.verify_orig_dhcp_discover(rx[0], self.pg3, hostname,
1376 broadcast=0)
1377
1378 #
1379 # Send back on offer, unicasted to the offered address.
1380 # Expect the request.
1381 #
1382 p_offer = (Ether(dst=self.pg3.local_mac, src=self.pg3.remote_mac) /
1383 IP(src=self.pg3.remote_ip4, dst=self.pg3.local_ip4) /
1384 UDP(sport=DHCP4_SERVER_PORT, dport=DHCP4_CLIENT_PORT) /
Neale Ranns1f2f4b72018-03-23 11:53:12 -07001385 BOOTP(op=1, yiaddr=self.pg3.local_ip4,
Ole Troan8006c6a2018-12-17 12:02:26 +01001386 chaddr=mac_pton(self.pg3.local_mac)) /
Neale Ranns54c6dc42018-01-17 10:29:10 -08001387 DHCP(options=[('message-type', 'offer'),
1388 ('server_id', self.pg3.remote_ip4),
Jan Gelety2a3fb1a2018-06-27 10:56:17 +02001389 'end']))
Neale Ranns54c6dc42018-01-17 10:29:10 -08001390
1391 self.pg3.add_stream(p_offer)
1392 self.pg_enable_capture(self.pg_interfaces)
1393 self.pg_start()
1394
1395 rx = self.pg3.get_capture(1)
1396 self.verify_orig_dhcp_request(rx[0], self.pg3, hostname,
1397 self.pg3.local_ip4,
1398 broadcast=0)
1399
1400 #
Jan Gelety2a3fb1a2018-06-27 10:56:17 +02001401 # Send an acknowledgment
Neale Ranns54c6dc42018-01-17 10:29:10 -08001402 #
1403 p_ack = (Ether(dst=self.pg3.local_mac, src=self.pg3.remote_mac) /
1404 IP(src=self.pg3.remote_ip4, dst=self.pg3.local_ip4) /
1405 UDP(sport=DHCP4_SERVER_PORT, dport=DHCP4_CLIENT_PORT) /
Neale Ranns1f2f4b72018-03-23 11:53:12 -07001406 BOOTP(op=1, yiaddr=self.pg3.local_ip4,
Ole Troan8006c6a2018-12-17 12:02:26 +01001407 chaddr=mac_pton(self.pg3.local_mac)) /
Neale Ranns54c6dc42018-01-17 10:29:10 -08001408 DHCP(options=[('message-type', 'ack'),
1409 ('subnet_mask', "255.255.255.0"),
1410 ('router', self.pg3.remote_ip4),
1411 ('server_id', self.pg3.remote_ip4),
1412 ('lease_time', 43200),
Jan Gelety2a3fb1a2018-06-27 10:56:17 +02001413 'end']))
Neale Ranns54c6dc42018-01-17 10:29:10 -08001414
1415 self.pg3.add_stream(p_ack)
1416 self.pg_enable_capture(self.pg_interfaces)
1417 self.pg_start()
1418
1419 #
1420 # We'll get an ARP request for the router address
1421 #
1422 rx = self.pg3.get_capture(1)
1423
1424 self.assertEqual(rx[0][ARP].pdst, self.pg3.remote_ip4)
1425 self.pg_enable_capture(self.pg_interfaces)
1426
1427 #
1428 # At the end of this procedure there should be a connected route
1429 # in the FIB
1430 #
1431 self.assertTrue(find_route(self, self.pg3.local_ip4, 24))
1432 self.assertTrue(find_route(self, self.pg3.local_ip4, 32))
1433
1434 # remove the left over ARP entry
1435 self.vapi.ip_neighbor_add_del(self.pg3.sw_if_index,
Neale Ranns37029302018-08-10 05:30:06 -07001436 self.pg3.remote_mac,
Neale Ranns54c6dc42018-01-17 10:29:10 -08001437 self.pg3.remote_ip4,
1438 is_add=0)
Neale Rannsdaff1782018-05-16 04:12:18 -07001439
1440 #
1441 # read the DHCP client details from a dump
1442 #
1443 clients = self.vapi.dhcp_client_dump()
1444
1445 self.assertEqual(clients[0].client.sw_if_index,
1446 self.pg3.sw_if_index)
1447 self.assertEqual(clients[0].lease.sw_if_index,
1448 self.pg3.sw_if_index)
1449 self.assertEqual(clients[0].client.hostname.rstrip('\0'),
1450 hostname)
1451 self.assertEqual(clients[0].lease.hostname.rstrip('\0'),
1452 hostname)
1453 self.assertEqual(clients[0].lease.is_ipv6, 0)
1454 # 0 = DISCOVER, 1 = REQUEST, 2 = BOUND
1455 self.assertEqual(clients[0].lease.state, 2)
1456 self.assertEqual(clients[0].lease.mask_width, 24)
1457 self.assertEqual(clients[0].lease.router_address.rstrip('\0'),
1458 self.pg3.remote_ip4n)
1459 self.assertEqual(clients[0].lease.host_address.rstrip('\0'),
1460 self.pg3.local_ip4n)
1461
Neale Ranns54c6dc42018-01-17 10:29:10 -08001462 #
1463 # remove the DHCP config
1464 #
Ole Troane1ade682019-03-04 23:55:43 +01001465 self.vapi.dhcp_client_config(self.pg3.sw_if_index, hostname, is_add=0)
Neale Ranns54c6dc42018-01-17 10:29:10 -08001466
1467 #
1468 # and now the route should be gone
1469 #
1470 self.assertFalse(find_route(self, self.pg3.local_ip4, 32))
1471 self.assertFalse(find_route(self, self.pg3.local_ip4, 24))
1472
Jan Gelety2a3fb1a2018-06-27 10:56:17 +02001473 #
1474 # Start the procedure again. Use requested lease time option.
1475 #
1476 self.pg3.admin_down()
1477 self.sleep(1)
1478 self.pg3.admin_up()
Ole Troane1ade682019-03-04 23:55:43 +01001479 self.vapi.dhcp_client_config(self.pg3.sw_if_index, hostname)
Jan Gelety2a3fb1a2018-06-27 10:56:17 +02001480
1481 rx = self.pg3.get_capture(1)
1482
1483 self.verify_orig_dhcp_discover(rx[0], self.pg3, hostname)
1484
1485 #
1486 # Send back on offer with requested lease time, expect the request
1487 #
1488 lease_time = 1
1489 p_offer = (Ether(dst=self.pg3.local_mac, src=self.pg3.remote_mac) /
1490 IP(src=self.pg3.remote_ip4, dst='255.255.255.255') /
1491 UDP(sport=DHCP4_SERVER_PORT, dport=DHCP4_CLIENT_PORT) /
1492 BOOTP(op=1,
1493 yiaddr=self.pg3.local_ip4,
Ole Troan8006c6a2018-12-17 12:02:26 +01001494 chaddr=mac_pton(self.pg3.local_mac)) /
Jan Gelety2a3fb1a2018-06-27 10:56:17 +02001495 DHCP(options=[('message-type', 'offer'),
1496 ('server_id', self.pg3.remote_ip4),
1497 ('lease_time', lease_time),
1498 'end']))
1499
1500 self.pg3.add_stream(p_offer)
1501 self.pg_enable_capture(self.pg_interfaces)
1502 self.pg_start()
1503
1504 rx = self.pg3.get_capture(1)
1505 self.verify_orig_dhcp_request(rx[0], self.pg3, hostname,
1506 self.pg3.local_ip4)
1507
1508 #
1509 # Send an acknowledgment
1510 #
1511 p_ack = (Ether(dst=self.pg3.local_mac, src=self.pg3.remote_mac) /
1512 IP(src=self.pg3.remote_ip4, dst='255.255.255.255') /
1513 UDP(sport=DHCP4_SERVER_PORT, dport=DHCP4_CLIENT_PORT) /
1514 BOOTP(op=1, yiaddr=self.pg3.local_ip4,
Ole Troan8006c6a2018-12-17 12:02:26 +01001515 chaddr=mac_pton(self.pg3.local_mac)) /
Jan Gelety2a3fb1a2018-06-27 10:56:17 +02001516 DHCP(options=[('message-type', 'ack'),
1517 ('subnet_mask', '255.255.255.0'),
1518 ('router', self.pg3.remote_ip4),
1519 ('server_id', self.pg3.remote_ip4),
1520 ('lease_time', lease_time),
1521 'end']))
1522
1523 self.pg3.add_stream(p_ack)
1524 self.pg_enable_capture(self.pg_interfaces)
1525 self.pg_start()
1526
1527 #
1528 # We'll get an ARP request for the router address
1529 #
1530 rx = self.pg3.get_capture(1)
1531
1532 self.assertEqual(rx[0][ARP].pdst, self.pg3.remote_ip4)
1533
1534 #
1535 # At the end of this procedure there should be a connected route
1536 # in the FIB
1537 #
1538 self.assertTrue(find_route(self, self.pg3.local_ip4, 32))
1539 self.assertTrue(find_route(self, self.pg3.local_ip4, 24))
1540
1541 # remove the left over ARP entry
1542 self.vapi.ip_neighbor_add_del(self.pg3.sw_if_index,
Neale Ranns37029302018-08-10 05:30:06 -07001543 self.pg3.remote_mac,
Jan Gelety2a3fb1a2018-06-27 10:56:17 +02001544 self.pg3.remote_ip4,
1545 is_add=0)
1546
1547 #
Neale Rannsf6e9b012019-01-25 06:37:15 -08001548 # the route should be gone after the lease expires
Jan Gelety2a3fb1a2018-06-27 10:56:17 +02001549 #
Neale Rannsf6e9b012019-01-25 06:37:15 -08001550 self.assertTrue(self.wait_for_no_route(self.pg3.local_ip4, 32))
1551 self.assertTrue(self.wait_for_no_route(self.pg3.local_ip4, 24))
Jan Gelety2a3fb1a2018-06-27 10:56:17 +02001552
1553 #
1554 # remove the DHCP config
1555 #
Ole Troane1ade682019-03-04 23:55:43 +01001556 self.vapi.dhcp_client_config(self.pg3.sw_if_index, hostname, is_add=0)
Jan Gelety2a3fb1a2018-06-27 10:56:17 +02001557
Neale Ranns808c5b22017-08-02 05:15:07 -07001558
Neale Rannsfca0c242017-01-13 07:57:46 -08001559if __name__ == '__main__':
1560 unittest.main(testRunner=VppTestRunner)