From cf5dfa843ad1e341cf6b27c0f3b85b882b6d8741 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Mattias=20Walstr=C3=B6m?= Date: Tue, 12 Nov 2024 10:04:37 +0100 Subject: [PATCH] test: case: ospf_container: Update test Add "VLAN switches" between each Router, to only pass the tagged traffic between the routers. Add test specification and add to test suite --- test/case/all.yaml | 3 + test/case/use_case/ospf_container/Readme.adoc | 26 +++++++- test/case/use_case/ospf_container/test.py | 66 ++++++++++++++++--- .../case/use_case/ospf_container/topology.dot | 1 + .../case/use_case/ospf_container/topology.svg | 3 +- test/spec/Readme.adoc.in | 4 ++ 6 files changed, 91 insertions(+), 12 deletions(-) diff --git a/test/case/all.yaml b/test/case/all.yaml index 9bef30d45..d6ca30f02 100644 --- a/test/case/all.yaml +++ b/test/case/all.yaml @@ -28,3 +28,6 @@ - name: infix-services suite: infix_services/infix_services.yaml + +- name: use-cases + suite: use_case/use_case.yml diff --git a/test/case/use_case/ospf_container/Readme.adoc b/test/case/use_case/ospf_container/Readme.adoc index 51930096a..a4b497930 100644 --- a/test/case/use_case/ospf_container/Readme.adoc +++ b/test/case/use_case/ospf_container/Readme.adoc @@ -9,7 +9,17 @@ PC, which can act as a link breaker. .Use-case overview. [#img-overview] +ifdef::topdoc[] +image::../../test/case/use_case/ospf_container/overview.svg[] +endif::topdoc[] +ifndef::topdoc[] +ifdef::testgroup[] +image::ospf_container/overview.svg[] +endif::testgroup[] +ifndef::testgroup[] image::overview.svg[] +endif::testgroup[] +endif::topdoc[] The DUTs are connected in a routed topology inside their own OSPF area. A single area border router (ABR) is used to access the controller @@ -40,7 +50,17 @@ second bridge, `br1`, only use IPv6 link-local addresses. .Internal network setup, here router R1 on subnet 10.1.1.1/24. [#img-setup] -image::internal-network.svg[] +ifdef::topdoc[] +image::../../test/case/use_case/ospf_container/internal-network.svg[Internal networks] +endif::topdoc[] +ifndef::topdoc[] +ifdef::testgroup[] +image::ospf_container/internal-network.svg[Internal networks] +endif::testgroup[] +ifndef::testgroup[] +image::internal-network.svg[Internal networks] +endif::testgroup[] +endif::topdoc[] - *Container A* runs a very basic web server, it runs on port 80 inside the container, and `br0`, but is accessible outside on port 8080. @@ -68,6 +88,10 @@ endif::topdoc[] ==== Test sequence . Set up topology and attach to target DUTs . Configure DUTs +. Wait for all routers to peer +. Verify ABR:data can access container A on R1 (10.1.1.101) +. Verify ABR:data can access container A on R2 (10.1.2.101) +. Verify ABR:data can access container A on R3 (10.1.3.101) <<< diff --git a/test/case/use_case/ospf_container/test.py b/test/case/use_case/ospf_container/test.py index d87eaa23a..5b3521380 100755 --- a/test/case/use_case/ospf_container/test.py +++ b/test/case/use_case/ospf_container/test.py @@ -41,7 +41,7 @@ .Internal network setup, here router R1 on subnet 10.1.1.1/24. [#img-setup] -image::internal-network.svg[] +image::internal-network.svg[Internal networks] - *Container A* runs a very basic web server, it runs on port 80 inside the container, and `br0`, but is accessible outside on port 8080. @@ -57,12 +57,34 @@ """ import infamy import infamy.util as util +import infamy.route as route BODY = "

Router responding

" +def create_vlan_bridge(ns): + return ns.runsh(""" + ip link add dev br0 type bridge + ip link set dev br0 up + ip link set dev iface1 up + ip link set dev iface2 up + ip link set dev iface1 master br0 + ip link set dev iface2 master br0 + ip link set dev br0 type bridge vlan_filtering 1 + bridge vlan del dev br0 vid 1 self + bridge vlan del dev iface1 vid 1 + bridge vlan del dev iface2 vid 1 + bridge vlan add dev br0 vid 8 self + bridge vlan add dev iface1 vid 8 + bridge vlan add dev iface2 vid 8 + """) + + + + + def config_generic(target, router, ring1, ring2, link): router_ip=f"10.1.{router}.1" - link_ip=f"10.1.{router}.{100+router}" + link_ip=f"10.1.{router}.{101}" firewall_config = util.to_binary(f"""#!/usr/sbin/nft -f flush ruleset @@ -390,6 +412,7 @@ def config_generic(target, router, ring1, ring2, link): "type": "infix-routing:ospfv2", "name": "default", "ietf-ospf:ospf": { + "explicit-router-id": router_ip, "areas": { "area": [{ "area-id": "0.0.0.1", @@ -476,6 +499,7 @@ def config_abr(target, data, link1, link2, link3): { "name": link3, "ipv4": { + "forwarding": True, "address": [{ "ip": "10.1.3.100", "prefix-length": 24 @@ -576,11 +600,35 @@ def config_abr(target, data, link1, link2, link3): lambda: config_generic(R3, 3, R3ring1, R3ring2, R3link), lambda: config_abr(ABR, ABRdata, ABRlink1, ABRlink2, ABRlink3)) - with test.step("Verify ABR:data can access container A"): - _, hport0 = env.ltop.xlate("host", "data4") - with infamy.IsolatedMacVlan(hport0) as ns: - ns.addip("192.168.100.2") - ns.addroute("0.0.0.0/0", "192.168.100.1") - if not ns.must_reach_url("http://10.1.1.1:8080", BODY): - test.fail() + with infamy.IsolatedMacVlans({hostR1ring1: "iface1", hostR2ring2: "iface2"}) as sw1,\ + infamy.IsolatedMacVlans({hostR2ring1: "iface1", hostR3ring2: "iface2"}) as sw2, \ + infamy.IsolatedMacVlans({hostR3ring1: "iface1", hostR1ring2: "iface2"}) as sw3: + create_vlan_bridge(sw1) + create_vlan_bridge(sw2) + create_vlan_bridge(sw3) + #breakpoint() + _, hport0 = env.ltop.xlate("host", "data4") + + with test.step("Wait for all routers to peer"): + util.until(lambda: route.ospf_get_neighbor(R1, "0.0.0.1", f"{R1ring1}.8", "10.1.2.1"), attempts=200) + util.until(lambda: route.ospf_get_neighbor(R1, "0.0.0.1", f"{R1ring2}.8", "10.1.3.1"), attempts=200) + util.until(lambda: route.ospf_get_neighbor(R2, "0.0.0.1", f"{R2ring1}.8", "10.1.3.1"), attempts=200) + util.until(lambda: route.ospf_get_neighbor(R2, "0.0.0.1", f"{R2ring2}.8", "10.1.1.1"), attempts=200) + util.until(lambda: route.ospf_get_neighbor(R3, "0.0.0.1", f"{R3ring1}.8", "10.1.1.1"), attempts=200) + util.until(lambda: route.ospf_get_neighbor(R3, "0.0.0.1", f"{R3ring2}.8", "10.1.2.1"), attempts=200) + + util.until(lambda: route.ospf_get_neighbor(ABR, "0.0.0.1", ABRlink1, "10.1.1.1"), attempts=200) + util.until(lambda: route.ospf_get_neighbor(ABR, "0.0.0.1", ABRlink2, "10.1.2.1"), attempts=200) + util.until(lambda: route.ospf_get_neighbor(ABR, "0.0.0.1", ABRlink3, "10.1.3.1"), attempts=200) + + with infamy.IsolatedMacVlan(hport0) as ns: + ns.addip("192.168.100.2") + ns.addroute("0.0.0.0/0", "192.168.100.1") + #breakpoint() + with test.step("Verify ABR:data can access container A on R1 (10.1.1.101)"): + util.until(lambda: ns.must_reach_url("http://10.1.1.101:8080", BODY), attempts=100) + with test.step("Verify ABR:data can access container A on R2 (10.1.2.101)"): + util.until(lambda: ns.must_reach_url("http://10.1.2.101:8080", BODY), attempts=100) + with test.step("Verify ABR:data can access container A on R3 (10.1.3.101)"): + util.until(lambda: ns.must_reach_url("http://10.1.3.101:8080", BODY), attempts=100) test.succeed() diff --git a/test/case/use_case/ospf_container/topology.dot b/test/case/use_case/ospf_container/topology.dot index d3ef3038d..7c73948df 100644 --- a/test/case/use_case/ospf_container/topology.dot +++ b/test/case/use_case/ospf_container/topology.dot @@ -52,6 +52,7 @@ graph "ospf_containers" { host:R1ring1 -- R1:ring1 host:R2ring1 -- R2:ring1 host:R3ring1 -- R3:ring1 + host:R1ring2 -- R1:ring2 host:R2ring2 -- R2:ring2 host:R3ring2 -- R3:ring2 diff --git a/test/case/use_case/ospf_container/topology.svg b/test/case/use_case/ospf_container/topology.svg index 9b4ebd7d3..2e41b62aa 100644 --- a/test/case/use_case/ospf_container/topology.svg +++ b/test/case/use_case/ospf_container/topology.svg @@ -1,8 +1,7 @@ - + diff --git a/test/spec/Readme.adoc.in b/test/spec/Readme.adoc.in index 0b26bd01a..960dfcf61 100644 --- a/test/spec/Readme.adoc.in +++ b/test/spec/Readme.adoc.in @@ -42,3 +42,7 @@ include::../case/ietf_hardware/Readme.adoc[] <<< include::../case/infix_services/Readme.adoc[] + +<<< + +include::../case/use_case/Readme.adoc[]