diff --git a/autotest/units/001_one_port/078_vrf_route/001-expect.pcap b/autotest/units/001_one_port/078_vrf_route/001-expect.pcap new file mode 100644 index 00000000..140b2de7 Binary files /dev/null and b/autotest/units/001_one_port/078_vrf_route/001-expect.pcap differ diff --git a/autotest/units/001_one_port/078_vrf_route/001-send.pcap b/autotest/units/001_one_port/078_vrf_route/001-send.pcap new file mode 100644 index 00000000..75e60cdd Binary files /dev/null and b/autotest/units/001_one_port/078_vrf_route/001-send.pcap differ diff --git a/autotest/units/001_one_port/078_vrf_route/002-expect.pcap b/autotest/units/001_one_port/078_vrf_route/002-expect.pcap new file mode 100644 index 00000000..193d8e5b Binary files /dev/null and b/autotest/units/001_one_port/078_vrf_route/002-expect.pcap differ diff --git a/autotest/units/001_one_port/078_vrf_route/002-send.pcap b/autotest/units/001_one_port/078_vrf_route/002-send.pcap new file mode 100644 index 00000000..16f3b350 Binary files /dev/null and b/autotest/units/001_one_port/078_vrf_route/002-send.pcap differ diff --git a/autotest/units/001_one_port/078_vrf_route/003-expect.pcap b/autotest/units/001_one_port/078_vrf_route/003-expect.pcap new file mode 100644 index 00000000..b34d5000 Binary files /dev/null and b/autotest/units/001_one_port/078_vrf_route/003-expect.pcap differ diff --git a/autotest/units/001_one_port/078_vrf_route/003-send.pcap b/autotest/units/001_one_port/078_vrf_route/003-send.pcap new file mode 100644 index 00000000..75e60cdd Binary files /dev/null and b/autotest/units/001_one_port/078_vrf_route/003-send.pcap differ diff --git a/autotest/units/001_one_port/078_vrf_route/004-expect.pcap b/autotest/units/001_one_port/078_vrf_route/004-expect.pcap new file mode 100644 index 00000000..05774885 Binary files /dev/null and b/autotest/units/001_one_port/078_vrf_route/004-expect.pcap differ diff --git a/autotest/units/001_one_port/078_vrf_route/004-send.pcap b/autotest/units/001_one_port/078_vrf_route/004-send.pcap new file mode 100644 index 00000000..16f3b350 Binary files /dev/null and b/autotest/units/001_one_port/078_vrf_route/004-send.pcap differ diff --git a/autotest/units/001_one_port/078_vrf_route/autotest.yaml b/autotest/units/001_one_port/078_vrf_route/autotest.yaml new file mode 100644 index 00000000..513c6cc8 --- /dev/null +++ b/autotest/units/001_one_port/078_vrf_route/autotest.yaml @@ -0,0 +1,68 @@ +steps: +- cli: + - rib static insert default 0.0.0.0/0 200.0.10.1 + - rib static insert default 1.0.0.0/24 200.0.20.1 + - rib static insert default 2.0.0.0/24 200.0.40.1 + - rib static insert red 0.0.0.0/0 200.0.30.1 + - rib static insert red 1.0.0.0/24 200.0.10.1 + - rib static insert red 2.0.0.0/24 200.0.20.1 + - rib static insert white 1.0.0.0/24 200.0.40.1 + - rib static insert white 1.0.0.16/28 200.0.10.1 + - rib static insert white 1.0.0.16/30 200.0.20.1 +- cli: + - rib static insert default ::/0 c0de::10:1 + - rib static insert default 7e01::/64 c0de::20:1 + - rib static insert default 7e02::/64 c0de::40:1 + - rib static insert red ::/0 c0de::30:1 + - rib static insert red 7e01::/64 c0de::10:1 + - rib static insert red 7e02::/64 c0de::20:1 + - rib static insert white 7e01::/64 c0de::40:1 + - rib static insert white 7e01::/96 c0de::10:1 + - rib static insert white 7e01::/128 c0de::20:1 +- cli: + - rib prefixes + +- sendPackets: + - port: kni0 + send: 001-send.pcap + expect: 001-expect.pcap +- sendPackets: + - port: kni0 + send: 002-send.pcap + expect: 002-expect.pcap + +- cli: + - rib static remove default 1.0.0.0/24 200.0.20.1 + - rib static remove red 0.0.0.0/0 200.0.30.1 + - rib static remove white 1.0.0.16/30 200.0.20.1 + - rib static remove default 7e01::/64 c0de::20:1 + - rib static remove red ::/0 c0de::30:1 + - rib static remove white 7e01::/128 c0de::20:1 +- cli: + - rib prefixes + +- sendPackets: + - port: kni0 + send: 003-send.pcap + expect: 003-expect.pcap +- sendPackets: + - port: kni0 + send: 004-send.pcap + expect: 004-expect.pcap + +- cli: + - rib static remove default 0.0.0.0/0 200.0.10.1 + - rib static remove default 2.0.0.0/24 200.0.40.1 + - rib static remove red 1.0.0.0/24 200.0.10.1 + - rib static remove red 2.0.0.0/24 200.0.20.1 + - rib static remove white 1.0.0.0/24 200.0.40.1 + - rib static remove white 1.0.0.16/28 200.0.10.1 +- cli: + - rib static remove default ::/0 c0de::10:1 + - rib static remove default 7e02::/64 c0de::40:1 + - rib static remove red 7e01::/64 c0de::10:1 + - rib static remove red 7e02::/64 c0de::20:1 + - rib static remove white 7e01::/64 c0de::40:1 + - rib static remove white 7e01::/96 c0de::10:1 +- cli: + - rib prefixes diff --git a/autotest/units/001_one_port/078_vrf_route/controlplane.conf b/autotest/units/001_one_port/078_vrf_route/controlplane.conf new file mode 100644 index 00000000..4a8eb240 --- /dev/null +++ b/autotest/units/001_one_port/078_vrf_route/controlplane.conf @@ -0,0 +1,67 @@ +{ + "modules": { + "lp0.100": { + "type": "logicalPort", + "physicalPort": "kni0", + "vlanId": "100", + "macAddress": "00:11:22:33:44:55", + "nextModule": "route0" + }, + "lp0.200": { + "type": "logicalPort", + "physicalPort": "kni0", + "vlanId": "200", + "macAddress": "00:11:22:33:44:55", + "nextModule": "route0" + }, + "lp0.300": { + "type": "logicalPort", + "physicalPort": "kni0", + "vlanId": "300", + "macAddress": "00:11:22:33:44:55", + "nextModule": "route0", + "vrf": "red" + }, + "lp0.400": { + "type": "logicalPort", + "physicalPort": "kni0", + "vlanId": "400", + "macAddress": "00:11:22:33:44:55", + "nextModule": "route0", + "vrf": "white" + }, + "route0": { + "type": "route", + "interfaces": { + "kni0.100": { + "ipv4Prefix": "200.0.10.0/24", + "neighborIPv4Address": "200.0.10.1", + "neighborIPv6Address": "c0de::10:1", + "neighborMacAddress": "00:00:00:11:11:11", + "nextModule": "lp0.100" + }, + "kni0.200": { + "ipv4Prefix": "200.0.20.0/24", + "neighborIPv4Address": "200.0.20.1", + "neighborIPv6Address": "c0de::20:1", + "neighborMacAddress": "00:00:00:22:22:22", + "nextModule": "lp0.200" + }, + "kni0.300": { + "ipv4Prefix": "200.0.30.0/24", + "neighborIPv4Address": "200.0.30.1", + "neighborIPv6Address": "c0de::30:1", + "neighborMacAddress": "00:00:00:33:33:33", + "nextModule": "lp0.300" + }, + "kni0.400": { + "ipv4Prefix": "200.0.40.0/24", + "neighborIPv4Address": "200.0.40.1", + "neighborIPv6Address": "c0de::40:1", + "neighborMacAddress": "00:00:00:44:44:44", + "nextModule": "lp0.400" + } + } + } + } +} diff --git a/autotest/units/001_one_port/078_vrf_route/gen.py b/autotest/units/001_one_port/078_vrf_route/gen.py new file mode 100755 index 00000000..40f47d39 --- /dev/null +++ b/autotest/units/001_one_port/078_vrf_route/gen.py @@ -0,0 +1,174 @@ +#!/usr/bin/env python3 +# -*- coding: utf-8 -*- + +from scapy.all import * +from scapy.contrib.mpls import MPLS + + +def write_pcap(filename, *packetsList): + if len(packetsList) == 0: + PcapWriter(filename)._write_header(Ether()) + return + + PcapWriter(filename) + + for packets in packetsList: + if type(packets) == list: + for packet in packets: + packet.time = 0 + wrpcap(filename, [p for p in packet], append=True) + else: + packets.time = 0 + wrpcap(filename, [p for p in packets], append=True) + +# IPv4 + +def write_pcap_ipv4(filename): + write_pcap(filename, + # vlan 100, 200 - default vrf + # + # 0.0.0.0/0 -> 200.0.10.1 + # 1.0.0.0/24 -> 200.0.20.1 ! only in 001 + # 2.0.0.0/24 -> 200.0.40.1 + Ether(dst="00:11:22:33:44:55", src="00:00:00:11:11:11")/Dot1Q(vlan=100)/IP(dst="1.0.0.1", src="222.222.222.222", ttl=64)/TCP(), + Ether(dst="00:11:22:33:44:55", src="00:00:00:11:11:11")/Dot1Q(vlan=100)/IP(dst="2.0.0.1", src="222.222.222.222", ttl=64)/TCP(), + Ether(dst="00:11:22:33:44:55", src="00:00:00:11:11:11")/Dot1Q(vlan=100)/IP(dst="3.0.0.1", src="222.222.222.222", ttl=64)/TCP(), + Ether(dst="00:11:22:33:44:55", src="00:00:00:11:11:11")/Dot1Q(vlan=200)/IP(dst="1.0.0.1", src="222.222.222.222", ttl=64)/TCP(), + Ether(dst="00:11:22:33:44:55", src="00:00:00:11:11:11")/Dot1Q(vlan=200)/IP(dst="2.0.0.1", src="222.222.222.222", ttl=64)/TCP(), + Ether(dst="00:11:22:33:44:55", src="00:00:00:11:11:11")/Dot1Q(vlan=200)/IP(dst="3.0.0.1", src="222.222.222.222", ttl=64)/TCP(), + + # vlan 300 - vrf "red" + # + # 0.0.0.0/0 -> 200.0.30.1 ! only in 001 + # 1.0.0.0/24 -> 200.0.10.1 + # 2.0.0.0/24 -> 200.0.20.1 + Ether(dst="00:11:22:33:44:55", src="00:00:00:11:11:11")/Dot1Q(vlan=300)/IP(dst="1.0.0.1", src="222.222.222.222", ttl=64)/TCP(), + Ether(dst="00:11:22:33:44:55", src="00:00:00:11:11:11")/Dot1Q(vlan=300)/IP(dst="2.0.0.1", src="222.222.222.222", ttl=64)/TCP(), + Ether(dst="00:11:22:33:44:55", src="00:00:00:11:11:11")/Dot1Q(vlan=300)/IP(dst="3.0.0.1", src="222.222.222.222", ttl=64)/TCP(), + + # vlan 400 - vrf "white" + # + # 1.0.0.0/24 -> 200.0.40.1 + # 1.0.0.16/28 -> 200.0.10.1 ! only in 001 + # 1.0.0.16/30 -> 200.0.20.2 + Ether(dst="00:11:22:33:44:55", src="00:00:00:11:11:11")/Dot1Q(vlan=400)/IP(dst="1.0.0.1", src="222.222.222.222", ttl=64)/TCP(), + Ether(dst="00:11:22:33:44:55", src="00:00:00:11:11:11")/Dot1Q(vlan=400)/IP(dst="1.0.0.17", src="222.222.222.222", ttl=64)/TCP(), + Ether(dst="00:11:22:33:44:55", src="00:00:00:11:11:11")/Dot1Q(vlan=400)/IP(dst="1.0.0.21", src="222.222.222.222", ttl=64)/TCP(), + # no route for these 2 packets: + Ether(dst="00:11:22:33:44:55", src="00:00:00:11:11:11")/Dot1Q(vlan=400)/IP(dst="2.0.0.1", src="222.222.222.222", ttl=64)/TCP(), + Ether(dst="00:11:22:33:44:55", src="00:00:00:11:11:11")/Dot1Q(vlan=400)/IP(dst="3.0.0.1", src="222.222.222.222", ttl=64)/TCP()) + +write_pcap_ipv4("001-send.pcap") +write_pcap("001-expect.pcap", + # vlan 100, 200 - default vrf + Ether(dst="00:00:00:22:22:22", src="00:11:22:33:44:55")/Dot1Q(vlan=200)/IP(dst="1.0.0.1", src="222.222.222.222", ttl=63)/TCP(), + Ether(dst="00:00:00:44:44:44", src="00:11:22:33:44:55")/Dot1Q(vlan=400)/IP(dst="2.0.0.1", src="222.222.222.222", ttl=63)/TCP(), + Ether(dst="00:00:00:11:11:11", src="00:11:22:33:44:55")/Dot1Q(vlan=100)/IP(dst="3.0.0.1", src="222.222.222.222", ttl=63)/TCP(), + Ether(dst="00:00:00:22:22:22", src="00:11:22:33:44:55")/Dot1Q(vlan=200)/IP(dst="1.0.0.1", src="222.222.222.222", ttl=63)/TCP(), + Ether(dst="00:00:00:44:44:44", src="00:11:22:33:44:55")/Dot1Q(vlan=400)/IP(dst="2.0.0.1", src="222.222.222.222", ttl=63)/TCP(), + Ether(dst="00:00:00:11:11:11", src="00:11:22:33:44:55")/Dot1Q(vlan=100)/IP(dst="3.0.0.1", src="222.222.222.222", ttl=63)/TCP(), + + # vlan 300 - vrf "red" + Ether(dst="00:00:00:11:11:11", src="00:11:22:33:44:55")/Dot1Q(vlan=100)/IP(dst="1.0.0.1", src="222.222.222.222", ttl=63)/TCP(), + Ether(dst="00:00:00:22:22:22", src="00:11:22:33:44:55")/Dot1Q(vlan=200)/IP(dst="2.0.0.1", src="222.222.222.222", ttl=63)/TCP(), + Ether(dst="00:00:00:33:33:33", src="00:11:22:33:44:55")/Dot1Q(vlan=300)/IP(dst="3.0.0.1", src="222.222.222.222", ttl=63)/TCP(), + + # vlan 400 - vrf "white" + Ether(dst="00:00:00:44:44:44", src="00:11:22:33:44:55")/Dot1Q(vlan=400)/IP(dst="1.0.0.1", src="222.222.222.222", ttl=63)/TCP(), + Ether(dst="00:00:00:22:22:22", src="00:11:22:33:44:55")/Dot1Q(vlan=200)/IP(dst="1.0.0.17", src="222.222.222.222", ttl=63)/TCP(), + Ether(dst="00:00:00:11:11:11", src="00:11:22:33:44:55")/Dot1Q(vlan=100)/IP(dst="1.0.0.21", src="222.222.222.222", ttl=63)/TCP()) + +write_pcap_ipv4("003-send.pcap") +write_pcap("003-expect.pcap", + # vlan 100, 200 - default vrf + Ether(dst="00:00:00:11:11:11", src="00:11:22:33:44:55")/Dot1Q(vlan=100)/IP(dst="1.0.0.1", src="222.222.222.222", ttl=63)/TCP(), + Ether(dst="00:00:00:44:44:44", src="00:11:22:33:44:55")/Dot1Q(vlan=400)/IP(dst="2.0.0.1", src="222.222.222.222", ttl=63)/TCP(), + Ether(dst="00:00:00:11:11:11", src="00:11:22:33:44:55")/Dot1Q(vlan=100)/IP(dst="3.0.0.1", src="222.222.222.222", ttl=63)/TCP(), + Ether(dst="00:00:00:11:11:11", src="00:11:22:33:44:55")/Dot1Q(vlan=100)/IP(dst="1.0.0.1", src="222.222.222.222", ttl=63)/TCP(), + Ether(dst="00:00:00:44:44:44", src="00:11:22:33:44:55")/Dot1Q(vlan=400)/IP(dst="2.0.0.1", src="222.222.222.222", ttl=63)/TCP(), + Ether(dst="00:00:00:11:11:11", src="00:11:22:33:44:55")/Dot1Q(vlan=100)/IP(dst="3.0.0.1", src="222.222.222.222", ttl=63)/TCP(), + + # vlan 300 - vrf "red" + Ether(dst="00:00:00:11:11:11", src="00:11:22:33:44:55")/Dot1Q(vlan=100)/IP(dst="1.0.0.1", src="222.222.222.222", ttl=63)/TCP(), + Ether(dst="00:00:00:22:22:22", src="00:11:22:33:44:55")/Dot1Q(vlan=200)/IP(dst="2.0.0.1", src="222.222.222.222", ttl=63)/TCP(), + + # vlan 400 - vrf "white" + Ether(dst="00:00:00:44:44:44", src="00:11:22:33:44:55")/Dot1Q(vlan=400)/IP(dst="1.0.0.1", src="222.222.222.222", ttl=63)/TCP(), + Ether(dst="00:00:00:11:11:11", src="00:11:22:33:44:55")/Dot1Q(vlan=100)/IP(dst="1.0.0.17", src="222.222.222.222", ttl=63)/TCP(), + Ether(dst="00:00:00:11:11:11", src="00:11:22:33:44:55")/Dot1Q(vlan=100)/IP(dst="1.0.0.21", src="222.222.222.222", ttl=63)/TCP()) + +# IPv6 + +def write_pcap_ipv6(filename): + write_pcap(filename, + # vlan 100, 200 - default vrf + # + # ::/0 -> c0de::10:1 + # 7e01::/64 -> c0de::20:1 ! only in 001 + # 7e02::/64 -> c0de::40:1 + Ether(dst="00:11:22:33:44:55", src="00:00:00:11:11:11")/Dot1Q(vlan=100)/IPv6(dst="7e01::1", src="2222::2222")/TCP(), + Ether(dst="00:11:22:33:44:55", src="00:00:00:11:11:11")/Dot1Q(vlan=100)/IPv6(dst="7e02::1", src="2222::2222")/TCP(), + Ether(dst="00:11:22:33:44:55", src="00:00:00:11:11:11")/Dot1Q(vlan=100)/IPv6(dst="7e03::1", src="2222::2222")/TCP(), + Ether(dst="00:11:22:33:44:55", src="00:00:00:11:11:11")/Dot1Q(vlan=200)/IPv6(dst="7e01::1", src="2222::2222")/TCP(), + Ether(dst="00:11:22:33:44:55", src="00:00:00:11:11:11")/Dot1Q(vlan=200)/IPv6(dst="7e02::1", src="2222::2222")/TCP(), + Ether(dst="00:11:22:33:44:55", src="00:00:00:11:11:11")/Dot1Q(vlan=200)/IPv6(dst="7e03::1", src="2222::2222")/TCP(), + + # vlan 300 - vrf "red" + # + # ::/0 -> c0de::30:1 ! only in 001 + # 7e01::/64 -> c0de::10:1 + # 7e02::/64 -> c0de::20:1 + Ether(dst="00:11:22:33:44:55", src="00:00:00:11:11:11")/Dot1Q(vlan=300)/IPv6(dst="7e01::1", src="2222::2222")/TCP(), + Ether(dst="00:11:22:33:44:55", src="00:00:00:11:11:11")/Dot1Q(vlan=300)/IPv6(dst="7e02::1", src="2222::2222")/TCP(), + Ether(dst="00:11:22:33:44:55", src="00:00:00:11:11:11")/Dot1Q(vlan=300)/IPv6(dst="7e03::1", src="2222::2222")/TCP(), + + # vlan 400 - vrf "white" + # + # 7e01::/64 -> c0de::40:1 + # 7e01::/96 -> c0de::10:1 + # 7e01::/128 -> c0de::20:1 ! only in 001 + Ether(dst="00:11:22:33:44:55", src="00:00:00:11:11:11")/Dot1Q(vlan=400)/IPv6(dst="7e01:0::1:0:0:1", src="2222::2222")/TCP(), + Ether(dst="00:11:22:33:44:55", src="00:00:00:11:11:11")/Dot1Q(vlan=400)/IPv6(dst="7e01::1", src="2222::2222")/TCP(), + Ether(dst="00:11:22:33:44:55", src="00:00:00:11:11:11")/Dot1Q(vlan=400)/IPv6(dst="7e01::0", src="2222::2222")/TCP(), + # no route for these 2 packets: + Ether(dst="00:11:22:33:44:55", src="00:00:00:11:11:11")/Dot1Q(vlan=400)/IPv6(dst="7e02::1", src="2222::2222")/TCP(), + Ether(dst="00:11:22:33:44:55", src="00:00:00:11:11:11")/Dot1Q(vlan=400)/IPv6(dst="7e03::1", src="2222::2222")/TCP()) + +write_pcap_ipv6("002-send.pcap") +write_pcap("002-expect.pcap", + # vlan 100, 200 - default vrf + Ether(dst="00:00:00:22:22:22", src="00:11:22:33:44:55")/Dot1Q(vlan=200)/IPv6(dst="7e01::1", src="2222::2222", hlim=63)/TCP(), + Ether(dst="00:00:00:44:44:44", src="00:11:22:33:44:55")/Dot1Q(vlan=400)/IPv6(dst="7e02::1", src="2222::2222", hlim=63)/TCP(), + Ether(dst="00:00:00:11:11:11", src="00:11:22:33:44:55")/Dot1Q(vlan=100)/IPv6(dst="7e03::1", src="2222::2222", hlim=63)/TCP(), + Ether(dst="00:00:00:22:22:22", src="00:11:22:33:44:55")/Dot1Q(vlan=200)/IPv6(dst="7e01::1", src="2222::2222", hlim=63)/TCP(), + Ether(dst="00:00:00:44:44:44", src="00:11:22:33:44:55")/Dot1Q(vlan=400)/IPv6(dst="7e02::1", src="2222::2222", hlim=63)/TCP(), + Ether(dst="00:00:00:11:11:11", src="00:11:22:33:44:55")/Dot1Q(vlan=100)/IPv6(dst="7e03::1", src="2222::2222", hlim=63)/TCP(), + + # vlan 300 - vrf "red" + Ether(dst="00:00:00:11:11:11", src="00:11:22:33:44:55")/Dot1Q(vlan=100)/IPv6(dst="7e01::1", src="2222::2222", hlim=63)/TCP(), + Ether(dst="00:00:00:22:22:22", src="00:11:22:33:44:55")/Dot1Q(vlan=200)/IPv6(dst="7e02::1", src="2222::2222", hlim=63)/TCP(), + Ether(dst="00:00:00:33:33:33", src="00:11:22:33:44:55")/Dot1Q(vlan=300)/IPv6(dst="7e03::1", src="2222::2222", hlim=63)/TCP(), + + # vlan 400 - vrf "white" + Ether(dst="00:00:00:44:44:44", src="00:11:22:33:44:55")/Dot1Q(vlan=400)/IPv6(dst="7e01:0::1:0:0:1", src="2222::2222", hlim=63)/TCP(), + Ether(dst="00:00:00:11:11:11", src="00:11:22:33:44:55")/Dot1Q(vlan=100)/IPv6(dst="7e01::1", src="2222::2222", hlim=63)/TCP(), + Ether(dst="00:00:00:22:22:22", src="00:11:22:33:44:55")/Dot1Q(vlan=200)/IPv6(dst="7e01::0", src="2222::2222", hlim=63)/TCP()) + +write_pcap_ipv6("004-send.pcap") +write_pcap("004-expect.pcap", + # vlan 100, 200 - default vrf + Ether(dst="00:00:00:11:11:11", src="00:11:22:33:44:55")/Dot1Q(vlan=100)/IPv6(dst="7e01::1", src="2222::2222", hlim=63)/TCP(), + Ether(dst="00:00:00:44:44:44", src="00:11:22:33:44:55")/Dot1Q(vlan=400)/IPv6(dst="7e02::1", src="2222::2222", hlim=63)/TCP(), + Ether(dst="00:00:00:11:11:11", src="00:11:22:33:44:55")/Dot1Q(vlan=100)/IPv6(dst="7e03::1", src="2222::2222", hlim=63)/TCP(), + Ether(dst="00:00:00:11:11:11", src="00:11:22:33:44:55")/Dot1Q(vlan=100)/IPv6(dst="7e01::1", src="2222::2222", hlim=63)/TCP(), + Ether(dst="00:00:00:44:44:44", src="00:11:22:33:44:55")/Dot1Q(vlan=400)/IPv6(dst="7e02::1", src="2222::2222", hlim=63)/TCP(), + Ether(dst="00:00:00:11:11:11", src="00:11:22:33:44:55")/Dot1Q(vlan=100)/IPv6(dst="7e03::1", src="2222::2222", hlim=63)/TCP(), + + # vlan 300 - vrf "red" + Ether(dst="00:00:00:11:11:11", src="00:11:22:33:44:55")/Dot1Q(vlan=100)/IPv6(dst="7e01::1", src="2222::2222", hlim=63)/TCP(), + Ether(dst="00:00:00:22:22:22", src="00:11:22:33:44:55")/Dot1Q(vlan=200)/IPv6(dst="7e02::1", src="2222::2222", hlim=63)/TCP(), + + # vlan 400 - vrf "white" + Ether(dst="00:00:00:44:44:44", src="00:11:22:33:44:55")/Dot1Q(vlan=400)/IPv6(dst="7e01:0::1:0:0:1", src="2222::2222", hlim=63)/TCP(), + Ether(dst="00:00:00:11:11:11", src="00:11:22:33:44:55")/Dot1Q(vlan=100)/IPv6(dst="7e01::1", src="2222::2222", hlim=63)/TCP(), + Ether(dst="00:00:00:11:11:11", src="00:11:22:33:44:55")/Dot1Q(vlan=100)/IPv6(dst="7e01::0", src="2222::2222", hlim=63)/TCP()) diff --git a/autotest/units/001_one_port/078_vrf_route_nat64stateful/001-expect.pcap b/autotest/units/001_one_port/078_vrf_route_nat64stateful/001-expect.pcap new file mode 100644 index 00000000..b0de9d1d Binary files /dev/null and b/autotest/units/001_one_port/078_vrf_route_nat64stateful/001-expect.pcap differ diff --git a/autotest/units/001_one_port/078_vrf_route_nat64stateful/001-send.pcap b/autotest/units/001_one_port/078_vrf_route_nat64stateful/001-send.pcap new file mode 100644 index 00000000..5246ebc6 Binary files /dev/null and b/autotest/units/001_one_port/078_vrf_route_nat64stateful/001-send.pcap differ diff --git a/autotest/units/001_one_port/078_vrf_route_nat64stateful/002-expect.pcap b/autotest/units/001_one_port/078_vrf_route_nat64stateful/002-expect.pcap new file mode 100644 index 00000000..76766fff Binary files /dev/null and b/autotest/units/001_one_port/078_vrf_route_nat64stateful/002-expect.pcap differ diff --git a/autotest/units/001_one_port/078_vrf_route_nat64stateful/002-send.pcap b/autotest/units/001_one_port/078_vrf_route_nat64stateful/002-send.pcap new file mode 100644 index 00000000..9aad3bcc Binary files /dev/null and b/autotest/units/001_one_port/078_vrf_route_nat64stateful/002-send.pcap differ diff --git a/autotest/units/001_one_port/078_vrf_route_nat64stateful/003-expect.pcap b/autotest/units/001_one_port/078_vrf_route_nat64stateful/003-expect.pcap new file mode 100644 index 00000000..456db472 Binary files /dev/null and b/autotest/units/001_one_port/078_vrf_route_nat64stateful/003-expect.pcap differ diff --git a/autotest/units/001_one_port/078_vrf_route_nat64stateful/003-send.pcap b/autotest/units/001_one_port/078_vrf_route_nat64stateful/003-send.pcap new file mode 100644 index 00000000..6431f2f2 Binary files /dev/null and b/autotest/units/001_one_port/078_vrf_route_nat64stateful/003-send.pcap differ diff --git a/autotest/units/001_one_port/078_vrf_route_nat64stateful/autotest.yaml b/autotest/units/001_one_port/078_vrf_route_nat64stateful/autotest.yaml new file mode 100644 index 00000000..8d36b34c --- /dev/null +++ b/autotest/units/001_one_port/078_vrf_route_nat64stateful/autotest.yaml @@ -0,0 +1,23 @@ +steps: +- ipv4Update: "0.0.0.0/0 -> 200.0.0.1" +- ipv6Update: "::/0 -> fe80::1" +- cli: + - rib static insert red 0.0.0.0/0 200.0.0.1 + - rib static insert blue 0.0.0.0/0 200.0.0.1 + - rib static insert white ::/0 fe80::1 + - rib static insert green ::/0 fe80::1 + - rib prefixes +- sendPackets: + - port: kni0 + send: 001-send.pcap + expect: 001-expect.pcap +- sendPackets: + - port: kni0 + send: 002-send.pcap + expect: 002-expect.pcap +- sendPackets: + - port: kni0 + send: 003-send.pcap + expect: 003-expect.pcap +- cli: + - counter interface_lookupMisses diff --git a/autotest/units/001_one_port/078_vrf_route_nat64stateful/controlplane.conf b/autotest/units/001_one_port/078_vrf_route_nat64stateful/controlplane.conf new file mode 100644 index 00000000..142a75b0 --- /dev/null +++ b/autotest/units/001_one_port/078_vrf_route_nat64stateful/controlplane.conf @@ -0,0 +1,82 @@ +{ + "modules": { + "lp0.100": { + "type": "logicalPort", + "physicalPort": "kni0", + "vlanId": "100", + "macAddress": "00:11:22:33:44:55", + "nextModule": "acl0" + }, + "lp0.200": { + "type": "logicalPort", + "physicalPort": "kni0", + "vlanId": "200", + "macAddress": "00:11:22:33:44:55", + "nextModule": "acl0" + }, + "acl0": { + "type": "acl", + "nextModules": [ + "nat0", + "nat1", + "nat2" + ] + }, + "nat0": { + "type": "nat64stateful", + "ipv6_prefixes": [ + "2000:9999::/96" + ], + "ipv4_prefixes": [ + "122.122.122.122" + ], + "dscpMarkType": "never", + "nextModule": "vrf0" + }, + "nat1": { + "type": "nat64stateful", + "ipv6_prefixes": [ + "2000:2345::/96" + ], + "ipv4_prefixes": [ + "122.122.154.0/24" + ], + "vrfLan": "red", + "vrfWan": "white", + "dscpMarkType": "onlyDefault", + "dscp": 10, + "nextModule": "vrf0" + }, + "nat2": { + "type": "nat64stateful", + "ipv6_prefixes": [ + "2000:abcd::/96" + ], + "ipv4_prefixes": [ + "122.122.155.0/25" + ], + "vrfLan": "blue", + "vrfWan": "green", + "dscpMarkType": "always", + "dscp": 20, + "nextModule": "vrf0" + }, + "vrf0": { + "type": "route", + "interfaces": { + "kni0.100": { + "ipv6Prefix": "fe80::2/64", + "neighborIPv6Address": "fe80::1", + "neighborMacAddress": "00:00:00:11:11:11", + "nextModule": "lp0.100" + }, + "kni0.200": { + "ipv4Prefix": "200.0.0.2/24", + "neighborIPv4Address": "200.0.0.1", + "neighborMacAddress": "00:00:00:22:22:22", + "nextModule": "lp0.200" + } + } + } + } +} diff --git a/autotest/units/001_one_port/078_vrf_route_nat64stateful/gen.py b/autotest/units/001_one_port/078_vrf_route_nat64stateful/gen.py new file mode 100755 index 00000000..13a4f646 --- /dev/null +++ b/autotest/units/001_one_port/078_vrf_route_nat64stateful/gen.py @@ -0,0 +1,78 @@ +#!/usr/bin/env python3 +# -*- coding: utf-8 -*- + +from scapy.all import * + + +def write_pcap(filename, *packetsList): + if len(packetsList) == 0: + PcapWriter(filename)._write_header(Ether()) + return + + PcapWriter(filename) + + for packets in packetsList: + if type(packets) == list: + for packet in packets: + packet.time = 0 + wrpcap(filename, [p for p in packet], append=True) + else: + packets.time = 0 + wrpcap(filename, [p for p in packets], append=True) + + +# check lan (ipv6 -> ipv4). create state, check source ip +write_pcap("001-send.pcap", + Ether(dst="00:11:22:33:44:55", src="00:00:00:00:00:01")/Dot1Q(vlan=100)/IPv6(dst="2000:9999::102.124.0.0/120", src="bbbb:bbbb:bbbb:bbbb:bbbb:bbbb:bbbb:bbbb", tc=0, hlim=64)/TCP(dport=443, sport=2048), + Ether(dst="00:11:22:33:44:55", src="00:00:00:00:00:01")/Dot1Q(vlan=100)/IPv6(dst="2000:9999::102.124.0.0/120", src="bbbb:bbbb:bbbb:bbbb:bbbb:bbbb:bbbb:bbbb", tc=0x4, hlim=64)/TCP(dport=443, sport=2048), + Ether(dst="00:11:22:33:44:55", src="00:00:00:00:00:01")/Dot1Q(vlan=100)/IPv6(dst="2000:9999::102.124.0.0/120", src="bbbb:bbbb:bbbb:bbbb:bbbb:bbbb:bbbb:bbbb", tc=0x80, hlim=64)/TCP(dport=443, sport=2048), + Ether(dst="00:11:22:33:44:55", src="00:00:00:00:00:01")/Dot1Q(vlan=100)/IPv6(dst="2000:9999::102.124.0.0/120", src="bbbb:bbbb:bbbb:bbbb:bbbb:bbbb:bbbb:bbbb", tc=0xfc, hlim=64)/TCP(dport=443, sport=2048), + Ether(dst="00:11:22:33:44:55", src="00:00:00:00:00:01")/Dot1Q(vlan=100)/IPv6(dst="2000:9999::102.124.0.0/120", src="bbbb:bbbb:bbbb:bbbb:bbbb:bbbb:bbbb:bbbb", tc=0xff, hlim=64)/TCP(dport=443, sport=2048), + Ether(dst="00:11:22:33:44:55", src="00:00:00:00:00:01")/Dot1Q(vlan=100)/IPv6(dst="2000:2345::102.124.0.0/120", src="bbbb:bbbb:bbbb:bbbb:bbbb:bbbb:bbbb:bbbb", tc=0, hlim=64)/TCP(dport=443, sport=2048), + Ether(dst="00:11:22:33:44:55", src="00:00:00:00:00:01")/Dot1Q(vlan=100)/IPv6(dst="2000:2345::102.124.0.0/120", src="bbbb:bbbb:bbbb:bbbb:bbbb:bbbb:bbbb:bbbb", tc=0x4, hlim=64)/TCP(dport=443, sport=2048), + Ether(dst="00:11:22:33:44:55", src="00:00:00:00:00:01")/Dot1Q(vlan=100)/IPv6(dst="2000:2345::102.124.0.0/120", src="bbbb:bbbb:bbbb:bbbb:bbbb:bbbb:bbbb:bbbb", tc=0x80, hlim=64)/TCP(dport=443, sport=2048), + Ether(dst="00:11:22:33:44:55", src="00:00:00:00:00:01")/Dot1Q(vlan=100)/IPv6(dst="2000:2345::102.124.0.0/120", src="bbbb:bbbb:bbbb:bbbb:bbbb:bbbb:bbbb:bbbb", tc=0xfc, hlim=64)/TCP(dport=443, sport=2048), + Ether(dst="00:11:22:33:44:55", src="00:00:00:00:00:01")/Dot1Q(vlan=100)/IPv6(dst="2000:2345::102.124.0.0/120", src="bbbb:bbbb:bbbb:bbbb:bbbb:bbbb:bbbb:bbbb", tc=0xff, hlim=64)/TCP(dport=443, sport=2048), + Ether(dst="00:11:22:33:44:55", src="00:00:00:00:00:01")/Dot1Q(vlan=100)/IPv6(dst="2000:abcd::102.124.0.0/120", src="bbbb:bbbb:bbbb:bbbb:bbbb:bbbb:bbbb:bbbb", tc=0, hlim=64)/TCP(dport=443, sport=2048), + Ether(dst="00:11:22:33:44:55", src="00:00:00:00:00:01")/Dot1Q(vlan=100)/IPv6(dst="2000:abcd::102.124.0.0/120", src="bbbb:bbbb:bbbb:bbbb:bbbb:bbbb:bbbb:bbbb", tc=0x4, hlim=64)/TCP(dport=443, sport=2048), + Ether(dst="00:11:22:33:44:55", src="00:00:00:00:00:01")/Dot1Q(vlan=100)/IPv6(dst="2000:abcd::102.124.0.0/120", src="bbbb:bbbb:bbbb:bbbb:bbbb:bbbb:bbbb:bbbb", tc=0x80, hlim=64)/TCP(dport=443, sport=2048), + Ether(dst="00:11:22:33:44:55", src="00:00:00:00:00:01")/Dot1Q(vlan=100)/IPv6(dst="2000:abcd::102.124.0.0/120", src="bbbb:bbbb:bbbb:bbbb:bbbb:bbbb:bbbb:bbbb", tc=0xfc, hlim=64)/TCP(dport=443, sport=2048), + Ether(dst="00:11:22:33:44:55", src="00:00:00:00:00:01")/Dot1Q(vlan=100)/IPv6(dst="2000:abcd::102.124.0.0/120", src="bbbb:bbbb:bbbb:bbbb:bbbb:bbbb:bbbb:bbbb", tc=0xff, hlim=64)/TCP(dport=443, sport=2048)) + +write_pcap("001-expect.pcap", + Ether(dst="00:00:00:22:22:22", src="00:11:22:33:44:55")/Dot1Q(vlan=200)/IP(dst="102.124.0.0/24", src="122.122.122.122", ttl=63, id=0, tos=0)/TCP(dport=443, sport=2048), + Ether(dst="00:00:00:22:22:22", src="00:11:22:33:44:55")/Dot1Q(vlan=200)/IP(dst="102.124.0.0/24", src="122.122.122.122", ttl=63, id=0, tos=0x4)/TCP(dport=443, sport=2048), + Ether(dst="00:00:00:22:22:22", src="00:11:22:33:44:55")/Dot1Q(vlan=200)/IP(dst="102.124.0.0/24", src="122.122.122.122", ttl=63, id=0, tos=0x80)/TCP(dport=443, sport=2048), + Ether(dst="00:00:00:22:22:22", src="00:11:22:33:44:55")/Dot1Q(vlan=200)/IP(dst="102.124.0.0/24", src="122.122.122.122", ttl=63, id=0, tos=0xfc)/TCP(dport=443, sport=2048), + Ether(dst="00:00:00:22:22:22", src="00:11:22:33:44:55")/Dot1Q(vlan=200)/IP(dst="102.124.0.0/24", src="122.122.122.122", ttl=63, id=0, tos=0xff)/TCP(dport=443, sport=2048), + Ether(dst="00:00:00:22:22:22", src="00:11:22:33:44:55")/Dot1Q(vlan=200)/IP(dst="102.124.0.0/24", src="122.122.154.171", ttl=63, id=0, tos=0x28)/TCP(dport=443, sport=2048), + Ether(dst="00:00:00:22:22:22", src="00:11:22:33:44:55")/Dot1Q(vlan=200)/IP(dst="102.124.0.0/24", src="122.122.154.171", ttl=63, id=0, tos=0x4)/TCP(dport=443, sport=2048), + Ether(dst="00:00:00:22:22:22", src="00:11:22:33:44:55")/Dot1Q(vlan=200)/IP(dst="102.124.0.0/24", src="122.122.154.171", ttl=63, id=0, tos=0x80)/TCP(dport=443, sport=2048), + Ether(dst="00:00:00:22:22:22", src="00:11:22:33:44:55")/Dot1Q(vlan=200)/IP(dst="102.124.0.0/24", src="122.122.154.171", ttl=63, id=0, tos=0xfc)/TCP(dport=443, sport=2048), + Ether(dst="00:00:00:22:22:22", src="00:11:22:33:44:55")/Dot1Q(vlan=200)/IP(dst="102.124.0.0/24", src="122.122.154.171", ttl=63, id=0, tos=0xff)/TCP(dport=443, sport=2048), + Ether(dst="00:00:00:22:22:22", src="00:11:22:33:44:55")/Dot1Q(vlan=200)/IP(dst="102.124.0.0/24", src="122.122.155.43", ttl=63, id=0, tos=0x50)/TCP(dport=443, sport=2048), + Ether(dst="00:00:00:22:22:22", src="00:11:22:33:44:55")/Dot1Q(vlan=200)/IP(dst="102.124.0.0/24", src="122.122.155.43", ttl=63, id=0, tos=0x50)/TCP(dport=443, sport=2048), + Ether(dst="00:00:00:22:22:22", src="00:11:22:33:44:55")/Dot1Q(vlan=200)/IP(dst="102.124.0.0/24", src="122.122.155.43", ttl=63, id=0, tos=0x50)/TCP(dport=443, sport=2048), + Ether(dst="00:00:00:22:22:22", src="00:11:22:33:44:55")/Dot1Q(vlan=200)/IP(dst="102.124.0.0/24", src="122.122.155.43", ttl=63, id=0, tos=0x50)/TCP(dport=443, sport=2048), + Ether(dst="00:00:00:22:22:22", src="00:11:22:33:44:55")/Dot1Q(vlan=200)/IP(dst="102.124.0.0/24", src="122.122.155.43", ttl=63, id=0, tos=0x53)/TCP(dport=443, sport=2048)) + + +# check wan (ipv4 -> ipv6) +write_pcap("002-send.pcap", + Ether(dst="00:11:22:33:44:55", src="00:00:00:00:00:02")/Dot1Q(vlan=200)/IP(dst="122.122.122.122", src="102.124.0.0/24", ttl=64)/TCP(dport=2048, sport=443), + Ether(dst="00:11:22:33:44:55", src="00:00:00:00:00:02")/Dot1Q(vlan=200)/IP(dst="122.122.154.171", src="102.124.0.0/24", ttl=64)/TCP(dport=2048, sport=443), + Ether(dst="00:11:22:33:44:55", src="00:00:00:00:00:02")/Dot1Q(vlan=200)/IP(dst="122.122.155.43", src="102.124.0.0/24", ttl=64)/TCP(dport=2048, sport=443)) + +write_pcap("002-expect.pcap", + Ether(dst="00:00:00:11:11:11", src="00:11:22:33:44:55")/Dot1Q(vlan=100)/IPv6(dst="bbbb:bbbb:bbbb:bbbb:bbbb:bbbb:bbbb:bbbb", src="2000:9999::102.124.0.0/120", hlim=63, fl=0)/TCP(dport=2048, sport=443), + Ether(dst="00:00:00:11:11:11", src="00:11:22:33:44:55")/Dot1Q(vlan=100)/IPv6(dst="bbbb:bbbb:bbbb:bbbb:bbbb:bbbb:bbbb:bbbb", src="2000:2345::102.124.0.0/120", hlim=63, fl=0)/TCP(dport=2048, sport=443), + Ether(dst="00:00:00:11:11:11", src="00:11:22:33:44:55")/Dot1Q(vlan=100)/IPv6(dst="bbbb:bbbb:bbbb:bbbb:bbbb:bbbb:bbbb:bbbb", src="2000:abcd::102.124.0.0/120", hlim=63, fl=0)/TCP(dport=2048, sport=443)) + + +# check lan (ipv6 -> ipv4). create state, check source ip, check source port (1024 .. 65535) +write_pcap("003-send.pcap", + Ether(dst="00:11:22:33:44:55", src="00:00:00:00:00:01")/Dot1Q(vlan=100)/IPv6(dst="2000:9999::142.199.99.99", src="bbbb:bbbb:bbbb:bbbb:bbbb:bbbb:bbbb:bbbb/118", tc=0x50, hlim=64)/TCP(dport=443, sport=4444), + Ether(dst="00:11:22:33:44:55", src="00:00:00:00:00:01")/Dot1Q(vlan=100)/IPv6(dst="2000:2345::142.199.99.99", src="bbbb:bbbb:bbbb:bbbb:bbbb:bbbb:bbbb:bbbb/118", tc=0x50, hlim=64)/TCP(dport=443, sport=4444), + Ether(dst="00:11:22:33:44:55", src="00:00:00:00:00:01")/Dot1Q(vlan=100)/IPv6(dst="2000:abcd::142.199.99.99", src="bbbb:bbbb:bbbb:bbbb:bbbb:bbbb:bbbb:bbbb/118", tc=0x50, hlim=64)/TCP(dport=443, sport=4444)) + +# 003-expect.pcap - dumped diff --git a/autotest/units/001_one_port/078_vrf_route_tunnel/001-expect.pcap b/autotest/units/001_one_port/078_vrf_route_tunnel/001-expect.pcap new file mode 100644 index 00000000..ba1e5c53 Binary files /dev/null and b/autotest/units/001_one_port/078_vrf_route_tunnel/001-expect.pcap differ diff --git a/autotest/units/001_one_port/078_vrf_route_tunnel/001-send.pcap b/autotest/units/001_one_port/078_vrf_route_tunnel/001-send.pcap new file mode 100644 index 00000000..2bc66de6 Binary files /dev/null and b/autotest/units/001_one_port/078_vrf_route_tunnel/001-send.pcap differ diff --git a/autotest/units/001_one_port/078_vrf_route_tunnel/002-expect.pcap b/autotest/units/001_one_port/078_vrf_route_tunnel/002-expect.pcap new file mode 100644 index 00000000..6c4a04af Binary files /dev/null and b/autotest/units/001_one_port/078_vrf_route_tunnel/002-expect.pcap differ diff --git a/autotest/units/001_one_port/078_vrf_route_tunnel/002-send.pcap b/autotest/units/001_one_port/078_vrf_route_tunnel/002-send.pcap new file mode 100644 index 00000000..8c67797b Binary files /dev/null and b/autotest/units/001_one_port/078_vrf_route_tunnel/002-send.pcap differ diff --git a/autotest/units/001_one_port/078_vrf_route_tunnel/autotest.yaml b/autotest/units/001_one_port/078_vrf_route_tunnel/autotest.yaml new file mode 100644 index 00000000..0c129dce --- /dev/null +++ b/autotest/units/001_one_port/078_vrf_route_tunnel/autotest.yaml @@ -0,0 +1,159 @@ +steps: +- rib_insert: + attribute: + protocol: autotest + vrf: default + tables: + - table_name: ipv4 mpls-vpn + large_communities: + - 13238:1:1 + prefixes: + - nexthop: 88.88.88.1 + prefix: 1.0.0.0/24 + path_information: 88.88.88.1:10001 + labels: + - 1100 + - nexthop: 88.88.88.2 + prefix: 2.0.0.0/24 + path_information: 88.88.88.2:10001 + labels: + - 1200 + - nexthop: 88.88.88.3 + prefix: 3.0.0.0/24 + path_information: 88.88.88.3:10001 + labels: + - 1300 +- rib_insert: + attribute: + protocol: autotest + vrf: red + tables: + - table_name: ipv4 mpls-vpn + large_communities: + - 13238:1:1 + prefixes: + - nexthop: 88.88.88.2 + prefix: 1.0.0.0/24 + path_information: 88.88.88.2:10001 + labels: + - 1200 + - nexthop: 88.88.88.3 + prefix: 2.0.0.0/24 + path_information: 88.88.88.3:10001 + labels: + - 1300 + - nexthop: 88.88.88.1 + prefix: 3.0.0.0/24 + path_information: 88.88.88.1:10001 + labels: + - 1100 +- rib_insert: + attribute: + protocol: autotest + vrf: white + tables: + - table_name: ipv4 mpls-vpn + large_communities: + - 13238:1:1 + prefixes: + - nexthop: 88.88.88.3 + prefix: 1.0.0.0/24 + path_information: 88.88.88.3:10001 + labels: + - 1300 + - nexthop: 88.88.88.1 + prefix: 2.0.0.0/24 + path_information: 88.88.88.1:10001 + labels: + - 1100 + - nexthop: 88.88.88.2 + prefix: 3.0.0.0/24 + path_information: 88.88.88.1:10001 + labels: + - 1200 +- rib_insert: + attribute: + protocol: autotest + vrf: default + tables: + - table_name: ipv6 mpls-vpn + large_communities: + - 13238:1:1 + prefixes: + - nexthop: 8888::1 + prefix: 7e01::/16 + path_information: 88.88.88.1:10001 + labels: + - 1100 + - nexthop: 8888::2 + prefix: 7e02::/16 + path_information: 88.88.88.2:10001 + labels: + - 1200 + - nexthop: 8888::3 + prefix: 7e03::/16 + path_information: 88.88.88.3:10001 + labels: + - 1300 +- rib_insert: + attribute: + protocol: autotest + vrf: red + tables: + - table_name: ipv6 mpls-vpn + large_communities: + - 13238:1:1 + prefixes: + - nexthop: 8888::2 + prefix: 7e01::/16 + path_information: 88.88.88.3:10001 + labels: + - 1200 + - nexthop: 8888::3 + prefix: 7e02::/16 + path_information: 88.88.88.3:10001 + labels: + - 1300 + - nexthop: 8888::1 + prefix: 7e03::/16 + path_information: 88.88.88.1:10001 + labels: + - 1100 +- rib_insert: + attribute: + protocol: autotest + vrf: white + tables: + - table_name: ipv6 mpls-vpn + large_communities: + - 13238:1:1 + prefixes: + - nexthop: 8888::3 + prefix: 7e01::/16 + path_information: 88.88.88.3:10001 + labels: + - 1300 + - nexthop: 8888::1 + prefix: 7e02::/16 + path_information: 88.88.88.1:10001 + labels: + - 1100 + - nexthop: 8888::2 + prefix: 7e03::/16 + path_information: 88.88.88.2:10001 + labels: + - 1200 +- cli: + - rib prefixes +- ipv4Update: + - "0.0.0.0/0 -> 100.0.0.1" +- ipv6Update: + - "::/0 -> c0de::100:1" +- sendPackets: + - port: kni0 + send: 001-send.pcap + expect: 001-expect.pcap +- sendPackets: + - port: kni0 + send: 002-send.pcap + expect: 002-expect.pcap diff --git a/autotest/units/001_one_port/078_vrf_route_tunnel/controlplane.conf b/autotest/units/001_one_port/078_vrf_route_tunnel/controlplane.conf new file mode 100644 index 00000000..66ac6ba7 --- /dev/null +++ b/autotest/units/001_one_port/078_vrf_route_tunnel/controlplane.conf @@ -0,0 +1,61 @@ +{ + "modules": { + "lp0.100": { + "type": "logicalPort", + "physicalPort": "kni0", + "vlanId": "100", + "macAddress": "00:11:22:33:44:55", + "nextModule": "acl0" + }, + "lp0.200": { + "type": "logicalPort", + "physicalPort": "kni0", + "vlanId": "200", + "vrf": "red", + "macAddress": "00:11:22:33:44:55", + "nextModule": "acl0" + }, + "lp0.300": { + "type": "logicalPort", + "physicalPort": "kni0", + "vlanId": "300", + "vrf": "white", + "macAddress": "00:11:22:33:44:55", + "nextModule": "acl0" + }, + "acl0": { + "type": "acl", + "nextModules": [ + "decap0" + ] + }, + "decap0": { + "type": "decap", + "ipv6DestinationPrefixes": [ + "2222::cccc/128" + ], + "ipv6_enabled": true, + "nextModule": "route0:tunnel" + }, + "route0": { + "type": "route", + "ipv4SourceAddress": "10.50.0.1", + "ipv6SourceAddress": "c0de::1", + "udpDestinationPort": 6635, + "interfaces": { + "kni0.100": { + "ipv4Prefix": "100.0.0.0/24", + "neighborIPv4Address": "100.0.0.1", + "neighborIPv6Address": "c0de::100:1", + "neighborMacAddress": "00:00:00:00:00:02", + "nextModule": "lp0.100" + } + }, + "peers": { + "1": "A", + "2": "B", + "3": "C" + } + } + } +} diff --git a/autotest/units/001_one_port/078_vrf_route_tunnel/gen.py b/autotest/units/001_one_port/078_vrf_route_tunnel/gen.py new file mode 100755 index 00000000..c6d81059 --- /dev/null +++ b/autotest/units/001_one_port/078_vrf_route_tunnel/gen.py @@ -0,0 +1,115 @@ +#!/usr/bin/env python3 +# -*- coding: utf-8 -*- + +from scapy.all import * +from scapy.contrib.mpls import MPLS + + +def write_pcap(filename, *packetsList): + if len(packetsList) == 0: + PcapWriter(filename)._write_header(Ether()) + return + + PcapWriter(filename) + + for packets in packetsList: + if type(packets) == list: + for packet in packets: + packet.time = 0 + wrpcap(filename, [p for p in packet], append=True) + else: + packets.time = 0 + wrpcap(filename, [p for p in packets], append=True) + +# IPv4 + +write_pcap("001-send.pcap", + # vlan 100 - default vrf + # + # 1.0.0.0/24 -> 88.88.88.1 + # 2.0.0.0/24 -> 88.88.88.2 + # 3.0.0.0/24 -> 88.88.88.3 + Ether(dst="00:11:22:33:44:55", src="00:00:00:00:00:01")/Dot1Q(vlan=100)/IPv6(dst="2222::cccc", src="::1")/IP(dst="1.0.0.1", src="0.0.0.0", ttl=64)/ICMP(), + Ether(dst="00:11:22:33:44:55", src="00:00:00:00:00:01")/Dot1Q(vlan=100)/IPv6(dst="2222::cccc", src="::1")/IP(dst="2.0.0.1", src="0.0.0.0", ttl=64)/ICMP(), + Ether(dst="00:11:22:33:44:55", src="00:00:00:00:00:01")/Dot1Q(vlan=100)/IPv6(dst="2222::cccc", src="::1")/IP(dst="3.0.0.1", src="0.0.0.0", ttl=64)/ICMP(), + + # vlan 200 - red vrf + # + # 1.0.0.0/24 -> 88.88.88.2 + # 2.0.0.0/24 -> 88.88.88.3 + # 3.0.0.0/24 -> 88.88.88.1 + Ether(dst="00:11:22:33:44:55", src="00:00:00:00:00:01")/Dot1Q(vlan=200)/IPv6(dst="2222::cccc", src="::1")/IP(dst="1.0.0.1", src="0.0.0.0", ttl=64)/ICMP(), + Ether(dst="00:11:22:33:44:55", src="00:00:00:00:00:01")/Dot1Q(vlan=200)/IPv6(dst="2222::cccc", src="::1")/IP(dst="2.0.0.1", src="0.0.0.0", ttl=64)/ICMP(), + Ether(dst="00:11:22:33:44:55", src="00:00:00:00:00:01")/Dot1Q(vlan=200)/IPv6(dst="2222::cccc", src="::1")/IP(dst="3.0.0.1", src="0.0.0.0", ttl=64)/ICMP(), + + # vlan 300 - white vrf + # + # 1.0.0.0/24 -> 88.88.88.3 + # 2.0.0.0/24 -> 88.88.88.1 + # 3.0.0.0/24 -> 88.88.88.2 + Ether(dst="00:11:22:33:44:55", src="00:00:00:00:00:01")/Dot1Q(vlan=300)/IPv6(dst="2222::cccc", src="::1")/IP(dst="1.0.0.1", src="0.0.0.0", ttl=64)/ICMP(), + Ether(dst="00:11:22:33:44:55", src="00:00:00:00:00:01")/Dot1Q(vlan=300)/IPv6(dst="2222::cccc", src="::1")/IP(dst="2.0.0.1", src="0.0.0.0", ttl=64)/ICMP(), + Ether(dst="00:11:22:33:44:55", src="00:00:00:00:00:01")/Dot1Q(vlan=300)/IPv6(dst="2222::cccc", src="::1")/IP(dst="3.0.0.1", src="0.0.0.0", ttl=64)/ICMP()) + +write_pcap("001-expect.pcap", + # vlan 100 - default vrf + Ether(dst="00:00:00:00:00:02", src="00:11:22:33:44:55")/Dot1Q(vlan=100)/IP(dst="88.88.88.1", src="10.50.0.1")/UDP(dport=6635, sport=0xaa6c | 0xc000, chksum=0)/MPLS(label=1100, ttl=255)/IP(dst="1.0.0.1", src="0.0.0.0", ttl=63)/ICMP(), + Ether(dst="00:00:00:00:00:02", src="00:11:22:33:44:55")/Dot1Q(vlan=100)/IP(dst="88.88.88.2", src="10.50.0.1")/UDP(dport=6635, sport=0x1072 | 0xc000, chksum=0)/MPLS(label=1200, ttl=255)/IP(dst="2.0.0.1", src="0.0.0.0", ttl=63)/ICMP(), + Ether(dst="00:00:00:00:00:02", src="00:11:22:33:44:55")/Dot1Q(vlan=100)/IP(dst="88.88.88.3", src="10.50.0.1")/UDP(dport=6635, sport=0x2bd7 | 0xc000, chksum=0)/MPLS(label=1300, ttl=255)/IP(dst="3.0.0.1", src="0.0.0.0", ttl=63)/ICMP(), + + # vlan 200 - red vrf + Ether(dst="00:00:00:00:00:02", src="00:11:22:33:44:55")/Dot1Q(vlan=100)/IP(dst="88.88.88.2", src="10.50.0.1")/UDP(dport=6635, sport=0xaa6c | 0xc000, chksum=0)/MPLS(label=1200, ttl=255)/IP(dst="1.0.0.1", src="0.0.0.0", ttl=63)/ICMP(), + Ether(dst="00:00:00:00:00:02", src="00:11:22:33:44:55")/Dot1Q(vlan=100)/IP(dst="88.88.88.3", src="10.50.0.1")/UDP(dport=6635, sport=0x1072 | 0xc000, chksum=0)/MPLS(label=1300, ttl=255)/IP(dst="2.0.0.1", src="0.0.0.0", ttl=63)/ICMP(), + Ether(dst="00:00:00:00:00:02", src="00:11:22:33:44:55")/Dot1Q(vlan=100)/IP(dst="88.88.88.1", src="10.50.0.1")/UDP(dport=6635, sport=0x2bd7 | 0xc000, chksum=0)/MPLS(label=1100, ttl=255)/IP(dst="3.0.0.1", src="0.0.0.0", ttl=63)/ICMP(), + + # vlan 300 - white vrf + Ether(dst="00:00:00:00:00:02", src="00:11:22:33:44:55")/Dot1Q(vlan=100)/IP(dst="88.88.88.3", src="10.50.0.1")/UDP(dport=6635, sport=0xaa6c | 0xc000, chksum=0)/MPLS(label=1300, ttl=255)/IP(dst="1.0.0.1", src="0.0.0.0", ttl=63)/ICMP(), + Ether(dst="00:00:00:00:00:02", src="00:11:22:33:44:55")/Dot1Q(vlan=100)/IP(dst="88.88.88.1", src="10.50.0.1")/UDP(dport=6635, sport=0x1072 | 0xc000, chksum=0)/MPLS(label=1100, ttl=255)/IP(dst="2.0.0.1", src="0.0.0.0", ttl=63)/ICMP(), + Ether(dst="00:00:00:00:00:02", src="00:11:22:33:44:55")/Dot1Q(vlan=100)/IP(dst="88.88.88.2", src="10.50.0.1")/UDP(dport=6635, sport=0x2bd7 | 0xc000, chksum=0)/MPLS(label=1200, ttl=255)/IP(dst="3.0.0.1", src="0.0.0.0", ttl=63)/ICMP()) + +# IPv6 + +write_pcap("002-send.pcap", + # vlan 100 - default vrf + # + # 7e01::/64 -> 8888::1 + # 7e02::/64 -> 8888::2 + # 7e03::/64 -> 8888::3 + Ether(dst="00:11:22:33:44:55", src="00:00:00:11:11:11")/Dot1Q(vlan=100)/IPv6(dst="2222::cccc", src="::1")/IPv6(dst="7e01::1", src="2222::2222")/TCP(), + Ether(dst="00:11:22:33:44:55", src="00:00:00:11:11:11")/Dot1Q(vlan=100)/IPv6(dst="2222::cccc", src="::1")/IPv6(dst="7e02::1", src="2222::2222")/TCP(), + Ether(dst="00:11:22:33:44:55", src="00:00:00:11:11:11")/Dot1Q(vlan=100)/IPv6(dst="2222::cccc", src="::1")/IPv6(dst="7e03::1", src="2222::2222")/TCP(), + + # vlan 100 - red vrf + # + # 7e01::/64 -> 8888::2 + # 7e02::/64 -> 8888::3 + # 7e03::/64 -> 8888::1 + Ether(dst="00:11:22:33:44:55", src="00:00:00:11:11:11")/Dot1Q(vlan=200)/IPv6(dst="2222::cccc", src="::1")/IPv6(dst="7e01::1", src="2222::2222")/TCP(), + Ether(dst="00:11:22:33:44:55", src="00:00:00:11:11:11")/Dot1Q(vlan=200)/IPv6(dst="2222::cccc", src="::1")/IPv6(dst="7e02::1", src="2222::2222")/TCP(), + Ether(dst="00:11:22:33:44:55", src="00:00:00:11:11:11")/Dot1Q(vlan=200)/IPv6(dst="2222::cccc", src="::1")/IPv6(dst="7e03::1", src="2222::2222")/TCP(), + + # vlan 100 - white vrf + # + # 7e01::/64 -> 8888::3 + # 7e02::/64 -> 8888::1 + # 7e03::/64 -> 8888::2 + Ether(dst="00:11:22:33:44:55", src="00:00:00:11:11:11")/Dot1Q(vlan=300)/IPv6(dst="2222::cccc", src="::1")/IPv6(dst="7e01::1", src="2222::2222")/TCP(), + Ether(dst="00:11:22:33:44:55", src="00:00:00:11:11:11")/Dot1Q(vlan=300)/IPv6(dst="2222::cccc", src="::1")/IPv6(dst="7e02::1", src="2222::2222")/TCP(), + Ether(dst="00:11:22:33:44:55", src="00:00:00:11:11:11")/Dot1Q(vlan=300)/IPv6(dst="2222::cccc", src="::1")/IPv6(dst="7e03::1", src="2222::2222")/TCP()) + + +write_pcap("002-expect.pcap", + # vlan 100 - default vrf + Ether(dst="00:00:00:00:00:02", src="00:11:22:33:44:55")/Dot1Q(vlan=100)/IPv6(dst="8888::1", src="c0de::1")/UDP(dport=6635, sport=0x1f99 | 0xc000, chksum=0)/MPLS(label=1100, ttl=255)/IPv6(dst="7e01::1", src="2222::2222", hlim=63)/TCP(), + Ether(dst="00:00:00:00:00:02", src="00:11:22:33:44:55")/Dot1Q(vlan=100)/IPv6(dst="8888::2", src="c0de::1")/UDP(dport=6635, sport=0x0fd1 | 0xc000, chksum=0)/MPLS(label=1200, ttl=255)/IPv6(dst="7e02::1", src="2222::2222", hlim=63)/TCP(), + Ether(dst="00:00:00:00:00:02", src="00:11:22:33:44:55")/Dot1Q(vlan=100)/IPv6(dst="8888::3", src="c0de::1")/UDP(dport=6635, sport=0x3fe9 | 0xc000, chksum=0)/MPLS(label=1300, ttl=255)/IPv6(dst="7e03::1", src="2222::2222", hlim=63)/TCP(), + + # vlan 100 - red vrf + Ether(dst="00:00:00:00:00:02", src="00:11:22:33:44:55")/Dot1Q(vlan=100)/IPv6(dst="8888::2", src="c0de::1")/UDP(dport=6635, sport=0x1f99 | 0xc000, chksum=0)/MPLS(label=1200, ttl=255)/IPv6(dst="7e01::1", src="2222::2222", hlim=63)/TCP(), + Ether(dst="00:00:00:00:00:02", src="00:11:22:33:44:55")/Dot1Q(vlan=100)/IPv6(dst="8888::3", src="c0de::1")/UDP(dport=6635, sport=0x0fd1 | 0xc000, chksum=0)/MPLS(label=1300, ttl=255)/IPv6(dst="7e02::1", src="2222::2222", hlim=63)/TCP(), + Ether(dst="00:00:00:00:00:02", src="00:11:22:33:44:55")/Dot1Q(vlan=100)/IPv6(dst="8888::1", src="c0de::1")/UDP(dport=6635, sport=0x3fe9 | 0xc000, chksum=0)/MPLS(label=1100, ttl=255)/IPv6(dst="7e03::1", src="2222::2222", hlim=63)/TCP(), + + # vlan 100 - white vrf + Ether(dst="00:00:00:00:00:02", src="00:11:22:33:44:55")/Dot1Q(vlan=100)/IPv6(dst="8888::3", src="c0de::1")/UDP(dport=6635, sport=0x1f99 | 0xc000, chksum=0)/MPLS(label=1300, ttl=255)/IPv6(dst="7e01::1", src="2222::2222", hlim=63)/TCP(), + Ether(dst="00:00:00:00:00:02", src="00:11:22:33:44:55")/Dot1Q(vlan=100)/IPv6(dst="8888::1", src="c0de::1")/UDP(dport=6635, sport=0x0fd1 | 0xc000, chksum=0)/MPLS(label=1100, ttl=255)/IPv6(dst="7e02::1", src="2222::2222", hlim=63)/TCP(), + Ether(dst="00:00:00:00:00:02", src="00:11:22:33:44:55")/Dot1Q(vlan=100)/IPv6(dst="8888::2", src="c0de::1")/UDP(dport=6635, sport=0x3fe9 | 0xc000, chksum=0)/MPLS(label=1200, ttl=255)/IPv6(dst="7e03::1", src="2222::2222", hlim=63)/TCP())