Mirror packets to TAP port to send to controller (#322)

faucetsdn · Jun 24, 2021 · b651901 · b651901
1 parent 9456fc0
commit b651901
Show file tree

Hide file tree

Showing 3 changed files with 21 additions and 16 deletions.
diff --git a/bin/setup_stack b/bin/setup_stack
@@ -207,10 +207,6 @@ add_faux t2sw1 1 1 $faux_dhcp
 add_faux t2sw2 1 2 $faux_dhcp http
 if [ -n "$fot" ]; then
     add_faux t2sw3 1 3 ping
-    echo Connecting mirror hosts...
-    # 121 and 122 refer to the mirror faux devices 1 and 2 connected to port 12
-    add_faux t1sw1 12 121
-    add_faux t1sw2 12 122
 else
     add_faux t2sw3 1 3
 fi

diff --git a/testing/python_lib/test_fot.py b/testing/python_lib/test_fot.py
@@ -457,14 +457,13 @@ def run_dhclient():
 
         return device_tcpdump_text, vlan_tcpdump_text
 
-    def test_mirroring(self):
-        """Test packet mirroring for FOT setup"""
+    def _check_lldp_lacp_mirroring(self):
         lldp_eth_type = "0x88cc"
         lacp_eth_type = "0x8809"
-        faux_interface = "faux-eth0"
+        faux_interface = "data0"
         timeout = 60
         eth_type_filter = "ether proto "
-        mirror_host = "forch-faux-121"
+        mirror_host = "forch-controller-1"
         lldp_tcpdump_text = self.tcpdump_helper(
             faux_interface, eth_type_filter + lldp_eth_type, packets=2,
             timeout=timeout, docker_host=mirror_host)
@@ -474,6 +473,20 @@ def test_mirroring(self):
             timeout=timeout, docker_host=mirror_host)
         self.assertTrue(lacp_eth_type in lacp_tcpdump_text)
 
+    def _check_allowed_vlans(self, vlan_tcpdump_text):
+        allowed_vlan = '171'
+        vlans = re.findall(r'(?<=vlan )\w+', vlan_tcpdump_text)
+        no_vlan = not re.search("DHCP.*Reply", vlan_tcpdump_text)
+        is_vlan_allowed = all(vlan == allowed_vlan for vlan in vlans)
+        return no_vlan or is_vlan_allowed
+
+    def test_mirroring(self):
+        """Test packet mirroring for FOT setup"""
+        self._check_lldp_lacp_mirroring()
+        # Trigger learning event for devices to trigger their initial state
+        self._run_cmd('ping -c1 -w2 8.8.8.8', docker_container='forch-faux-1', strict=False)
+        self._run_cmd('ping -c1 -w2 8.8.8.8', docker_container='forch-faux-5', strict=False)
+        self._check_lldp_lacp_mirroring()
 
     def test_dhcp_reflection(self):
         """Test to check DHCP reflection when on test VLAN"""
@@ -485,11 +498,12 @@ def test_dhcp_reflection(self):
         device_tcpdump_text, vlan_tcpdump_text = self._internal_dhcp('forch-faux-1')
         self.assertTrue(re.search("DHCP.*Reply", device_tcpdump_text))
         self.assertTrue(re.search("DHCP.*Reply", vlan_tcpdump_text))
+        self.assertFalse(self._check_allowed_vlans(vlan_tcpdump_text))
 
         # Test (lack of) DHCP reflection for operational device
         device_tcpdump_text, vlan_tcpdump_text = self._internal_dhcp('forch-faux-4')
         self.assertTrue(re.search("DHCP.*Reply", device_tcpdump_text))
-        self.assertFalse(re.search("DHCP.*Reply", vlan_tcpdump_text))
+        self.assertTrue(self._check_allowed_vlans(vlan_tcpdump_text))
 
 
 if __name__ == '__main__':

diff --git a/topo/fot/forch/faucet.yaml b/topo/fot/forch/faucet.yaml
@@ -25,9 +25,6 @@ dps:
         description: "to t2sw3 port 50"
         stack: {dp: nz-kiwi-t2sw3, port: 50}
         acls_in: [mirror-port]
-      12:
-        description: MIRROR
-        output_only: true
       28:
         description: egress
         lacp: 3
@@ -60,9 +57,6 @@ dps:
         description: "to t2sw3 port 52"
         stack: {dp: nz-kiwi-t2sw3, port: 52}
         acls_in: [mirror-port]
-      12:
-        description: MIRROR
-        output_only: true
       28:
         description: egress
         lacp: 3
@@ -134,4 +128,5 @@ acls:
   - rule:
       actions:
         allow: true
-        mirror: 12
+        output:
+          port: 4