test: case: ospf_container: Update test

Add "VLAN switches" between each Router, to only pass the tagged traffic
between the routers.

Add test specification and add to test suite

test/case/all.yaml

@@ -28,3 +28,6 @@
 
 - name:  infix-services
   suite: infix_services/infix_services.yaml
+
+- name: use-cases
+  suite: use_case/use_case.yml

test/case/use_case/ospf_container/Readme.adoc

@@ -9,7 +9,17 @@ PC, which can act as a link breaker.
 
 .Use-case overview.
 [#img-overview]
+ifdef::topdoc[]
+image::../../test/case/use_case/ospf_container/overview.svg[]
+endif::topdoc[]
+ifndef::topdoc[]
+ifdef::testgroup[]
+image::ospf_container/overview.svg[]
+endif::testgroup[]
+ifndef::testgroup[]
 image::overview.svg[]
+endif::testgroup[]
+endif::topdoc[]
 
 The DUTs are connected in a routed topology inside their own OSPF area.
 A single area border router (ABR) is used to access the controller
@@ -40,7 +50,17 @@ second bridge, `br1`, only use IPv6 link-local addresses.
 
 .Internal network setup, here router R1 on subnet 10.1.1.1/24.
 [#img-setup]
-image::internal-network.svg[]
+ifdef::topdoc[]
+image::../../test/case/use_case/ospf_container/internal-network.svg[Internal networks]
+endif::topdoc[]
+ifndef::topdoc[]
+ifdef::testgroup[]
+image::ospf_container/internal-network.svg[Internal networks]
+endif::testgroup[]
+ifndef::testgroup[]
+image::internal-network.svg[Internal networks]
+endif::testgroup[]
+endif::topdoc[]
 
  - *Container A* runs a very basic web server, it runs on port 80 inside
    the container, and `br0`, but is accessible outside on port 8080.
@@ -68,6 +88,10 @@ endif::topdoc[]
 ==== Test sequence
 . Set up topology and attach to target DUTs
 . Configure DUTs
+. Wait for all routers to peer
+. Verify ABR:data can access container A on R1 (10.1.1.101)
+. Verify ABR:data can access container A on R2 (10.1.2.101)
+. Verify ABR:data can access container A on R3 (10.1.3.101)
 
 
 <<<

test/case/use_case/ospf_container/test.py

@@ -41,7 +41,7 @@
 
 .Internal network setup, here router R1 on subnet 10.1.1.1/24.
 [#img-setup]
-image::internal-network.svg[]
+image::internal-network.svg[Internal networks]
 
  - *Container A* runs a very basic web server, it runs on port 80 inside
    the container, and `br0`, but is accessible outside on port 8080.
@@ -57,12 +57,34 @@
 """
 import infamy
 import infamy.util as util
+import infamy.route as route
 
 BODY  = "<html><body><p>Router responding</p></body></html>"
 
+def create_vlan_bridge(ns):
+    return ns.runsh("""
+    ip link add dev br0 type bridge
+    ip link set dev br0 up
+    ip link set dev iface1 up
+    ip link set dev iface2 up
+    ip link set dev iface1 master br0
+    ip link set dev iface2 master br0
+    ip link set dev br0 type bridge vlan_filtering 1
+    bridge vlan del dev br0 vid 1 self
+    bridge vlan del dev iface1 vid 1
+    bridge vlan del dev iface2 vid 1
+    bridge vlan add dev br0 vid 8 self
+    bridge vlan add dev iface1 vid 8
+    bridge vlan add dev iface2 vid 8
+    """)
+
+
+
+
+
 def config_generic(target, router, ring1, ring2, link):
     router_ip=f"10.1.{router}.1"
-    link_ip=f"10.1.{router}.{100+router}"
+    link_ip=f"10.1.{router}.{101}"
     firewall_config = util.to_binary(f"""#!/usr/sbin/nft -f
 
 flush ruleset
@@ -390,6 +412,7 @@ def config_generic(target, router, ring1, ring2, link):
                             "type": "infix-routing:ospfv2",
                             "name": "default",
                             "ietf-ospf:ospf": {
+                                "explicit-router-id": router_ip,
                                 "areas": {
                                     "area": [{
                                         "area-id": "0.0.0.1",
@@ -476,6 +499,7 @@ def config_abr(target, data, link1, link2, link3):
                 {
                     "name": link3,
                     "ipv4": {
+                        "forwarding": True,
                         "address": [{
                             "ip": "10.1.3.100",
                             "prefix-length": 24
@@ -576,11 +600,35 @@ def config_abr(target, data, link1, link2, link3):
                       lambda: config_generic(R3, 3, R3ring1, R3ring2, R3link),
                       lambda: config_abr(ABR, ABRdata, ABRlink1, ABRlink2, ABRlink3))
 
-    with test.step("Verify ABR:data can access container A"):
-          _, hport0 = env.ltop.xlate("host", "data4")
-          with infamy.IsolatedMacVlan(hport0) as ns:
-              ns.addip("192.168.100.2")
-              ns.addroute("0.0.0.0/0", "192.168.100.1")
-              if not ns.must_reach_url("http://10.1.1.1:8080", BODY):
-                  test.fail()
+    with infamy.IsolatedMacVlans({hostR1ring1: "iface1", hostR2ring2: "iface2"}) as sw1,\
+         infamy.IsolatedMacVlans({hostR2ring1: "iface1", hostR3ring2: "iface2"}) as sw2, \
+         infamy.IsolatedMacVlans({hostR3ring1: "iface1", hostR1ring2: "iface2"}) as sw3:
+        create_vlan_bridge(sw1)
+        create_vlan_bridge(sw2)
+        create_vlan_bridge(sw3)
+        #breakpoint()
+        _, hport0 = env.ltop.xlate("host", "data4")
+
+        with test.step("Wait for all routers to peer"):
+            util.until(lambda: route.ospf_get_neighbor(R1, "0.0.0.1", f"{R1ring1}.8", "10.1.2.1"), attempts=200)
+            util.until(lambda: route.ospf_get_neighbor(R1, "0.0.0.1", f"{R1ring2}.8", "10.1.3.1"), attempts=200)
+            util.until(lambda: route.ospf_get_neighbor(R2, "0.0.0.1", f"{R2ring1}.8", "10.1.3.1"), attempts=200)
+            util.until(lambda: route.ospf_get_neighbor(R2, "0.0.0.1", f"{R2ring2}.8", "10.1.1.1"), attempts=200)
+            util.until(lambda: route.ospf_get_neighbor(R3, "0.0.0.1", f"{R3ring1}.8", "10.1.1.1"), attempts=200)
+            util.until(lambda: route.ospf_get_neighbor(R3, "0.0.0.1", f"{R3ring2}.8", "10.1.2.1"), attempts=200)
+
+            util.until(lambda: route.ospf_get_neighbor(ABR, "0.0.0.1", ABRlink1, "10.1.1.1"), attempts=200)
+            util.until(lambda: route.ospf_get_neighbor(ABR, "0.0.0.1", ABRlink2, "10.1.2.1"), attempts=200)
+            util.until(lambda: route.ospf_get_neighbor(ABR, "0.0.0.1", ABRlink3, "10.1.3.1"), attempts=200)
+
+        with infamy.IsolatedMacVlan(hport0) as ns:
+            ns.addip("192.168.100.2")
+            ns.addroute("0.0.0.0/0", "192.168.100.1")
+            #breakpoint()
+            with test.step("Verify ABR:data can access container A on R1 (10.1.1.101)"):
+                util.until(lambda: ns.must_reach_url("http://10.1.1.101:8080", BODY), attempts=100)
+            with test.step("Verify ABR:data can access container A on R2 (10.1.2.101)"):
+                util.until(lambda: ns.must_reach_url("http://10.1.2.101:8080", BODY), attempts=100)
+            with test.step("Verify ABR:data can access container A on R3 (10.1.3.101)"):
+                util.until(lambda: ns.must_reach_url("http://10.1.3.101:8080", BODY), attempts=100)
     test.succeed()

test/case/use_case/ospf_container/topology.dot

@@ -52,6 +52,7 @@ graph "ospf_containers" {
 	host:R1ring1 -- R1:ring1
 	host:R2ring1 -- R2:ring1
 	host:R3ring1 -- R3:ring1
+
 	host:R1ring2 -- R1:ring2
 	host:R2ring2 -- R2:ring2
 	host:R3ring2 -- R3:ring2

test/spec/Readme.adoc.in

@@ -42,3 +42,7 @@ include::../case/ietf_hardware/Readme.adoc[]
 <<<
 
 include::../case/infix_services/Readme.adoc[]
+
+<<<
+
+include::../case/use_case/Readme.adoc[]