]> git.proxmox.com Git - mirror_ovs.git/blame - tests/ovn.at
projects / mirror_ovs.git / blame
? search:
summary | shortlog | log | commit | commitdiff | tree
blob | blame (incremental) | history | HEAD
ovs-monitor-ipsec: Fix Python style.
[mirror_ovs.git] / tests / ovn.at
CommitLineData
49d7c759
BP		 1# OVN_CHECK_PACKETS([PCAP], [EXPECTED])
2#
3# This compares packets read from PCAP, in pcap format, to those read
4# from EXPECTED, which is a text file containing packets as hex
5# strings, one per line. If PCAP contains fewer packets than
6# EXPECTED, it waits up to 10 seconds for more packets to appear.
7#
8# The implementation is an m4 macro that is mostly implemented in
9# terms of a shell function. This reduces the size of the generated
10# testsuite file since the shell function is only emitted once even
11# when this macro is invoked many times.
12m4_divert_text([PREPARE_TESTS],
13 [ovn_check_packets__ () {
14 echo
15 echo "checking packets in $1 against $2:"
16 rcv_pcap=$1
17 rcv_text=`echo "$rcv_pcap.packets" | sed 's/\.pcap//'`
18 exp_text=$2
19 exp_n=`wc -l < "$exp_text"`
20 ovs_wait_cond () {
abb37b6b
FF		 21 $PYTHON "$top_srcdir/utilities/ovs-pcap.in" $rcv_pcap > $rcv_text
22 rcv_n=`wc -l < "$rcv_text"`
23 test $rcv_n -ge $exp_n
49d7c759
BP		 24 }
25 ovs_wait || echo "expected $exp_n packets, only received $rcv_n"
26
e4543cfe 27 sort $exp_text > expout
49d7c759
BP		 28 }
29])
30m4_define([OVN_CHECK_PACKETS],
31 [ovn_check_packets__ "$1" "$2"
32 AT_CHECK([sort $rcv_text], [0], [expout])])
33
f295c17b 34AT_BANNER([OVN components])
10b1662b
BP		 35
36AT_SETUP([ovn -- lexer])
37dnl For lines without =>, input and expected output are identical.
38dnl For lines with =>, input precedes => and expected output follows =>.
39AT_DATA([test-cases.txt], [dnl
40foo bar baz quuxquuxquux _abcd_ a.b.c.d a123_.456
41"abc\u0020def" => "abc def"
42" => error("Input ends inside quoted string.")dnl "
43
2c5cbb15
RB		 44$foo $bar $baz $quuxquuxquux $_abcd_ $a.b.c.d $a123_.456
45$1 => error("`$' must be followed by a valid identifier.") 1
46
10b1662b
BP		 47a/*b*/c => a c
48a//b c => a
49a/**/b => a b
50a/*/b => a error("`/*' without matching `*/'.")
51a/*/**/b => a b
52a/b => a error("`/' is only valid as part of `//' or `/*'.") b
53
540 1 12345 18446744073709551615
5518446744073709551616 => error("Decimal constants must be less than 2**64.")
569999999999999999999999 => error("Decimal constants must be less than 2**64.")
5701 => error("Decimal constants must not have leading zeros.")
58
590/0
600/1
611/0 => error("Value contains unmasked 1-bits.")
621/1
63128/384
641/3
651/ => error("Integer constant expected.")
66
671/0x123 => error("Value and mask have incompatible formats.")
68
690x1234
700x01234 => 0x1234
710x0 => 0
720x000 => 0
730xfedcba9876543210
740XFEDCBA9876543210 => 0xfedcba9876543210
750xfedcba9876543210fedcba9876543210
10b1662b
BP		 760x0000fedcba9876543210fedcba9876543210 => 0xfedcba9876543210fedcba9876543210
770x => error("Hex digits expected following 0x.")
780X => error("Hex digits expected following 0X.")
790x0/0x0 => 0/0
800x0/0x1 => 0/0x1
810x1/0x0 => error("Value contains unmasked 1-bits.")
820xffff/0x1ffff
830x. => error("Invalid syntax in hexadecimal constant.")
84
85192.168.128.1 1.2.3.4 255.255.255.255 0.0.0.0
86256.1.2.3 => error("Invalid numeric constant.")
87192.168.0.0/16
88192.168.0.0/255.255.0.0 => 192.168.0.0/16
89192.168.0.0/255.255.255.0 => 192.168.0.0/24
90192.168.0.0/255.255.0.255
91192.168.0.0/255.0.0.0 => error("Value contains unmasked 1-bits.")
92192.168.0.0/32
93192.168.0.0/255.255.255.255 => 192.168.0.0/32
52c0fc39 941.2.3.4:5 => 1.2.3.4 : 5
10b1662b
BP		 95
96::
97::1
98ff00::1234 => ff00::1234
992001:db8:85a3::8a2e:370:7334
1002001:db8:85a3:0:0:8a2e:370:7334 => 2001:db8:85a3::8a2e:370:7334
1012001:0db8:85a3:0000:0000:8a2e:0370:7334 => 2001:db8:85a3::8a2e:370:7334
102::ffff:192.0.2.128
103::ffff:c000:0280 => ::ffff:192.0.2.128
104::1/::1
105::1/ffff:ffff:ffff:ffff:ffff:ffff:ffff:ffff => ::1/128
106::1/128
107ff00::/8
108ff00::/ff00:: => ff00::/8
109
11001:23:45:67:ab:cd
11101:23:45:67:AB:CD => 01:23:45:67:ab:cd
112fe:dc:ba:98:76:54
113FE:DC:ba:98:76:54 => fe:dc:ba:98:76:54
11401:00:00:00:00:00/01:00:00:00:00:00
115ff:ff:ff:ff:ff:ff/ff:ff:ff:ff:ff:ff
116fe:ff:ff:ff:ff:ff/ff:ff:ff:ff:ff:ff
117ff:ff:ff:ff:ff:ff/fe:ff:ff:ff:ff:ff => error("Value contains unmasked 1-bits.")
118fe:x => error("Invalid numeric constant.")
11900:01:02:03:04:x => error("Invalid numeric constant.")
120
a20c96c6 121# Test that operators are tokenized as expected, even without white space.
52c0fc39 122(){}[[]]==!=<<=>>=!&&||..,;=<->--: => ( ) { } [[ ]] == != < <= > >= ! && || .. , ; = <-> -- :
10b1662b
BP		 123& => error("`&' is only valid as part of `&&'.")
124| => error("`|' is only valid as part of `||'.")
56091efe 125- => error("`-' is only valid as part of `--'.")
10b1662b
BP		 126
127^ => error("Invalid character `^' in input.")
128])
129AT_CAPTURE_FILE([input.txt])
130sed 's/ =>.*//' test-cases.txt > input.txt
131sed 's/.* => //' test-cases.txt > expout
132AT_CHECK([ovstest test-ovn lex < input.txt], [0], [expout])
133AT_CLEANUP
e0840f11 134
7700eea0
BP		 135dnl The OVN expression parser needs to know what fields overlap with one
136dnl another. This test therefore verifies that all the smaller registers
137dnl are defined as terms of subfields of the larger ones.
138dnl
139dnl When we add or remove registers this test needs to be updated, of course.
140AT_SETUP([ovn -- registers])
141AT_CHECK([ovstest test-ovn dump-symtab | grep reg | sort], [0],
142[[reg0 = xxreg0[96..127]
143reg1 = xxreg0[64..95]
144reg2 = xxreg0[32..63]
145reg3 = xxreg0[0..31]
146reg4 = xxreg1[96..127]
147reg5 = xxreg1[64..95]
148reg6 = xxreg1[32..63]
149reg7 = xxreg1[0..31]
150reg8 = xreg4[32..63]
151reg9 = xreg4[0..31]
152xreg0 = xxreg0[64..127]
153xreg1 = xxreg0[0..63]
154xreg2 = xxreg1[64..127]
155xreg3 = xxreg1[0..63]
156xreg4 = OXM_OF_PKT_REG4
157xxreg0 = NXM_NX_XXREG0
158xxreg1 = NXM_NX_XXREG1
159]])
160AT_CLEANUP
161
2277b860
BP		 162dnl Check that the OVN conntrack field definitions are correct.
163AT_SETUP([ovn -- conntrack fields])
164AT_CHECK([ovstest test-ovn dump-symtab | grep ^ct | sort], [0],
165[[ct.est = ct_state[1]
166ct.inv = ct_state[4]
167ct.new = ct_state[0]
168ct.rel = ct_state[2]
169ct.rpl = ct_state[3]
170ct.trk = ct_state[5]
171ct_label = NXM_NX_CT_LABEL
172ct_mark = NXM_NX_CT_MARK
173ct_state = NXM_NX_CT_STATE
174]])
175AT_CLEANUP
176
e0840f11
BP		 177AT_SETUP([ovn -- expression parser])
178dnl For lines without =>, input and expected output are identical.
179dnl For lines with =>, input precedes => and expected output follows =>.
180AT_DATA([test-cases.txt], [[
181eth.type == 0x800
182eth.type==0x800 => eth.type == 0x800
183eth.type[0..15] == 0x800 => eth.type == 0x800
184
185vlan.present
186vlan.present == 1 => vlan.present
187!(vlan.present == 0) => vlan.present
188!(vlan.present != 1) => vlan.present
189!vlan.present
190vlan.present == 0 => !vlan.present
191vlan.present != 1 => !vlan.present
192!(vlan.present == 1) => !vlan.present
193!(vlan.present != 0) => !vlan.present
194
195eth.dst[0]
196eth.dst[0] == 1 => eth.dst[0]
197eth.dst[0] != 0 => eth.dst[0]
198!(eth.dst[0] == 0) => eth.dst[0]
199!(eth.dst[0] != 1) => eth.dst[0]
200
201!eth.dst[0]
202eth.dst[0] == 0 => !eth.dst[0]
203eth.dst[0] != 1 => !eth.dst[0]
204!(eth.dst[0] == 1) => !eth.dst[0]
205!(eth.dst[0] != 0) => !eth.dst[0]
206
207vlan.tci[12..15] == 0x3
208vlan.tci == 0x3000/0xf000 => vlan.tci[12..15] == 0x3
209vlan.tci[12..15] != 0x3
210vlan.tci != 0x3000/0xf000 => vlan.tci[12..15] != 0x3
211
212!vlan.pcp => vlan.pcp == 0
213!(vlan.pcp) => vlan.pcp == 0
214vlan.pcp == 0x4
215vlan.pcp != 0x4
216vlan.pcp > 0x4
217vlan.pcp >= 0x4
218vlan.pcp < 0x4
219vlan.pcp <= 0x4
220!(vlan.pcp != 0x4) => vlan.pcp == 0x4
221!(vlan.pcp == 0x4) => vlan.pcp != 0x4
222!(vlan.pcp <= 0x4) => vlan.pcp > 0x4
223!(vlan.pcp < 0x4) => vlan.pcp >= 0x4
224!(vlan.pcp >= 0x4) => vlan.pcp < 0x4
225!(vlan.pcp > 0x4) => vlan.pcp <= 0x4
2260x4 == vlan.pcp => vlan.pcp == 0x4
2270x4 != vlan.pcp => vlan.pcp != 0x4
2280x4 < vlan.pcp => vlan.pcp > 0x4
2290x4 <= vlan.pcp => vlan.pcp >= 0x4
2300x4 > vlan.pcp => vlan.pcp < 0x4
2310x4 >= vlan.pcp => vlan.pcp <= 0x4
232!(0x4 != vlan.pcp) => vlan.pcp == 0x4
233!(0x4 == vlan.pcp) => vlan.pcp != 0x4
234!(0x4 >= vlan.pcp) => vlan.pcp > 0x4
235!(0x4 > vlan.pcp) => vlan.pcp >= 0x4
236!(0x4 <= vlan.pcp) => vlan.pcp < 0x4
237!(0x4 < vlan.pcp) => vlan.pcp <= 0x4
238
2391 < vlan.pcp < 4 => vlan.pcp > 0x1 && vlan.pcp < 0x4
2401 <= vlan.pcp <= 4 => vlan.pcp >= 0x1 && vlan.pcp <= 0x4
2411 < vlan.pcp <= 4 => vlan.pcp > 0x1 && vlan.pcp <= 0x4
2421 <= vlan.pcp < 4 => vlan.pcp >= 0x1 && vlan.pcp < 0x4
2431 <= vlan.pcp <= 4 => vlan.pcp >= 0x1 && vlan.pcp <= 0x4
2444 > vlan.pcp > 1 => vlan.pcp < 0x4 && vlan.pcp > 0x1
2454 >= vlan.pcp > 1 => vlan.pcp <= 0x4 && vlan.pcp > 0x1
2464 > vlan.pcp >= 1 => vlan.pcp < 0x4 && vlan.pcp >= 0x1
2474 >= vlan.pcp >= 1 => vlan.pcp <= 0x4 && vlan.pcp >= 0x1
248!(1 < vlan.pcp < 4) => vlan.pcp <= 0x1 || vlan.pcp >= 0x4
249!(1 <= vlan.pcp <= 4) => vlan.pcp < 0x1 || vlan.pcp > 0x4
250!(1 < vlan.pcp <= 4) => vlan.pcp <= 0x1 || vlan.pcp > 0x4
251!(1 <= vlan.pcp < 4) => vlan.pcp < 0x1 || vlan.pcp >= 0x4
252!(1 <= vlan.pcp <= 4) => vlan.pcp < 0x1 || vlan.pcp > 0x4
253!(4 > vlan.pcp > 1) => vlan.pcp >= 0x4 || vlan.pcp <= 0x1
254!(4 >= vlan.pcp > 1) => vlan.pcp > 0x4 || vlan.pcp <= 0x1
255!(4 > vlan.pcp >= 1) => vlan.pcp >= 0x4 || vlan.pcp < 0x1
256!(4 >= vlan.pcp >= 1) => vlan.pcp > 0x4 || vlan.pcp < 0x1
257
258vlan.pcp == {1, 2, 3, 4} => vlan.pcp == 0x1 || vlan.pcp == 0x2 || vlan.pcp == 0x3 || vlan.pcp == 0x4
259vlan.pcp == 1 || ((vlan.pcp == 2 || vlan.pcp == 3) || vlan.pcp == 4) => vlan.pcp == 0x1 || vlan.pcp == 0x2 || vlan.pcp == 0x3 || vlan.pcp == 0x4
260
261vlan.pcp != {1, 2, 3, 4} => vlan.pcp != 0x1 && vlan.pcp != 0x2 && vlan.pcp != 0x3 && vlan.pcp != 0x4
262vlan.pcp == 1 && ((vlan.pcp == 2 && vlan.pcp == 3) && vlan.pcp == 4) => vlan.pcp == 0x1 && vlan.pcp == 0x2 && vlan.pcp == 0x3 && vlan.pcp == 0x4
263
264vlan.pcp == 1 && !((vlan.pcp == 2 && vlan.pcp == 3) && vlan.pcp == 4) => vlan.pcp == 0x1 && (vlan.pcp != 0x2 || vlan.pcp != 0x3 || vlan.pcp != 0x4)
265vlan.pcp == 1 && (!(vlan.pcp == 2 && vlan.pcp == 3) && vlan.pcp == 4) => vlan.pcp == 0x1 && (vlan.pcp != 0x2 || vlan.pcp != 0x3) && vlan.pcp == 0x4
266vlan.pcp == 1 && !(!(vlan.pcp == 2 && vlan.pcp == 3) && vlan.pcp == 4) => vlan.pcp == 0x1 && ((vlan.pcp == 0x2 && vlan.pcp == 0x3) || vlan.pcp != 0x4)
267
268ip4.src == {10.0.0.0/8, 192.168.0.0/16, 172.16.20.0/24, 8.8.8.8} => ip4.src[24..31] == 0xa || ip4.src[16..31] == 0xc0a8 || ip4.src[8..31] == 0xac1014 || ip4.src == 0x8080808
269ip6.src == ::1 => ip6.src == 0x1
270
271ip4.src == 1.2.3.4 => ip4.src == 0x1020304
272ip4.src == ::1.2.3.4/::ffff:ffff => ip4.src == 0x1020304
273ip6.src == ::1 => ip6.src == 0x1
274
2751
2760
277!1 => 0
278!0 => 1
279
280inport == "eth0"
281!(inport != "eth0") => inport == "eth0"
282
3b7cb7e1
BP		 283ip4.src == "eth0" => Integer field ip4.src is not compatible with string constant.
284inport == 1 => String field inport is not compatible with integer constant.
76da94b5 285ip4.src = 1.2.3.4 => Syntax error at `=' expecting relational operator.
e0840f11
BP		 286
287ip4.src > {1, 2, 3} => Only == and != operators may be used with value sets.
288eth.type > 0x800 => Only == and != operators may be used with nominal field eth.type.
289vlan.present > 0 => Only == and != operators may be used with Boolean field vlan.present.
290
291inport != "eth0" => Nominal field inport may only be tested for equality (taking enclosing `!' operators into account).
292!(inport == "eth0") => Nominal field inport may only be tested for equality (taking enclosing `!' operators into account).
293eth.type != 0x800 => Nominal field eth.type may only be tested for equality (taking enclosing `!' operators into account).
294!(eth.type == 0x800) => Nominal field eth.type may only be tested for equality (taking enclosing `!' operators into account).
76da94b5 295inport = "eth0" => Syntax error at `=' expecting relational operator.
e0840f11
BP		 296
297123 == 123 => Syntax error at `123' expecting field name.
298
2c5cbb15
RB		 299$name => Syntax error at `$name' expecting address set name.
300
e0840f11
BP		 301123 == xyzzy => Syntax error at `xyzzy' expecting field name.
302xyzzy == 1 => Syntax error at `xyzzy' expecting field name.
303
304inport[1] == 1 => Cannot select subfield of string field inport.
305
306eth.type[] == 1 => Syntax error at `@:>@' expecting small integer.
307eth.type[::1] == 1 => Syntax error at `::1' expecting small integer.
308eth.type[18446744073709551615] == 1 => Syntax error at `18446744073709551615' expecting small integer.
309
310eth.type[5!] => Syntax error at `!' expecting `@:>@'.
311
312eth.type[5..1] => Invalid bit range 5 to 1.
313
314eth.type[12..16] => Cannot select bits 12 to 16 of 16-bit field eth.type.
315
316eth.type[10] == 1 => Cannot select subfield of nominal field eth.type.
317
318eth.type => Explicit `!= 0' is required for inequality test of multibit field against 0.
319
320!(!(vlan.pcp)) => Explicit `!= 0' is required for inequality test of multibit field against 0.
321
322123 => Syntax error at end of input expecting relational operator.
323
324123 x => Syntax error at `x' expecting relational operator.
325
326{1, "eth0"} => Syntax error at `"eth0"' expecting integer.
327
328eth.type == xyzzy => Syntax error at `xyzzy' expecting constant.
329
330(1 x) => Syntax error at `x' expecting `)'.
331
332!0x800 != eth.type => Missing parentheses around operand of !.
333
334eth.type == 0x800 || eth.type == 0x86dd && ip.proto == 17 => && and || must be parenthesized when used together.
335
336eth.dst == {} => Syntax error at `}' expecting constant.
337
338eth.src > 00:00:00:00:11:11/00:00:00:00:ff:ff => Only == and != operators may be used with masked constants. Consider using subfields instead (e.g. eth.src[0..15] > 0x1111 in place of eth.src > 00:00:00:00:11:11/00:00:00:00:ff:ff).
339
3b7cb7e1 340ip4.src == ::1 => 128-bit constant is not compatible with 32-bit field ip4.src.
e0840f11
BP		 341
3421 == eth.type == 2 => Range expressions must have the form `x < field < y' or `x > field > y', with each `<' optionally replaced by `<=' or `>' by `>=').
8b34ccda 343
9aef3c1b 344eth.dst[40] x => Syntax error at `x' expecting end of input.
ea382567
RB		 345
346ip4.src == {1.2.3.4, $set1, $unknownset} => Syntax error at `$unknownset' expecting address set name.
347eth.src == {$set3, badmac, 00:00:00:00:00:01} => Syntax error at `badmac' expecting constant.
e0840f11
BP		 348]])
349sed 's/ =>.*//' test-cases.txt > input.txt
350sed 's/.* => //' test-cases.txt > expout
351AT_CHECK([ovstest test-ovn parse-expr < input.txt], [0], [expout])
352AT_CLEANUP
353
354AT_SETUP([ovn -- expression annotation])
355dnl Input precedes =>, expected output follows =>.
356AT_DATA([test-cases.txt], [[
357ip4.src == 1.2.3.4 => ip4.src == 0x1020304 && eth.type == 0x800
358ip4.src != 1.2.3.4 => ip4.src != 0x1020304 && eth.type == 0x800
359ip.proto == 123 => ip.proto == 0x7b && (eth.type == 0x800 || eth.type == 0x86dd)
360ip.proto == {123, 234} => (ip.proto == 0x7b && (eth.type == 0x800 || eth.type == 0x86dd)) || (ip.proto == 0xea && (eth.type == 0x800 || eth.type == 0x86dd))
361ip4.src == 1.2.3.4 && ip4.dst == 5.6.7.8 => ip4.src == 0x1020304 && eth.type == 0x800 && ip4.dst == 0x5060708 && eth.type == 0x800
362
363ip => eth.type == 0x800 || eth.type == 0x86dd
364ip == 1 => eth.type == 0x800 || eth.type == 0x86dd
365ip[0] == 1 => eth.type == 0x800 || eth.type == 0x86dd
366ip > 0 => Only == and != operators may be used with nominal field ip.
367!ip => Nominal predicate ip may only be tested positively, e.g. `ip' or `ip == 1' but not `!ip' or `ip == 0'.
368ip == 0 => Nominal predicate ip may only be tested positively, e.g. `ip' or `ip == 1' but not `!ip' or `ip == 0'.
369
370vlan.present => vlan.tci[12]
371!vlan.present => !vlan.tci[12]
372
373!vlan.pcp => vlan.tci[13..15] == 0 && vlan.tci[12]
374vlan.pcp == 1 && vlan.vid == 2 => vlan.tci[13..15] == 0x1 && vlan.tci[12] && vlan.tci[0..11] == 0x2 && vlan.tci[12]
7700eea0 375!reg0 && !reg1 && !reg2 && !reg3 => xxreg0[96..127] == 0 && xxreg0[64..95] == 0 && xxreg0[32..63] == 0 && xxreg0[0..31] == 0
e0840f11
BP		 376
377ip.first_frag => ip.frag[0] && (eth.type == 0x800 || eth.type == 0x86dd) && (!ip.frag[1] || (eth.type != 0x800 && eth.type != 0x86dd))
378!ip.first_frag => !ip.frag[0] || (eth.type != 0x800 && eth.type != 0x86dd) || (ip.frag[1] && (eth.type == 0x800 || eth.type == 0x86dd))
379ip.later_frag => ip.frag[1] && (eth.type == 0x800 || eth.type == 0x86dd)
380
381bad_prereq != 0 => Error parsing expression `xyzzy' encountered as prerequisite or predicate of initial expression: Syntax error at `xyzzy' expecting field name.
382self_recurse != 0 => Error parsing expression `self_recurse != 0' encountered as prerequisite or predicate of initial expression: Recursive expansion of symbol `self_recurse'.
383mutual_recurse_1 != 0 => Error parsing expression `mutual_recurse_2 != 0' encountered as prerequisite or predicate of initial expression: Error parsing expression `mutual_recurse_1 != 0' encountered as prerequisite or predicate of initial expression: Recursive expansion of symbol `mutual_recurse_1'.
384mutual_recurse_2 != 0 => Error parsing expression `mutual_recurse_1 != 0' encountered as prerequisite or predicate of initial expression: Error parsing expression `mutual_recurse_2 != 0' encountered as prerequisite or predicate of initial expression: Recursive expansion of symbol `mutual_recurse_2'.
385]])
386sed 's/ =>.*//' test-cases.txt > input.txt
387sed 's/.* => //' test-cases.txt > expout
388AT_CHECK([ovstest test-ovn annotate-expr < input.txt], [0], [expout])
389AT_CLEANUP
390
9d4aecca 391AT_SETUP([ovn -- 1-term expression conversion])
e0840f11 392AT_CHECK([ovstest test-ovn exhaustive --operation=convert 1], [0],
9d4aecca 393 [Tested converting all 1-terminal expressions with 2 numeric vars (each 3 bits) in terms of operators == != < <= > >= and 2 string vars.
e0840f11
BP		 394])
395AT_CLEANUP
396
9d4aecca 397AT_SETUP([ovn -- 2-term expression conversion])
e0840f11 398AT_CHECK([ovstest test-ovn exhaustive --operation=convert 2], [0],
9d4aecca 399 [Tested converting 570 expressions of 2 terminals with 2 numeric vars (each 3 bits) in terms of operators == != < <= > >= and 2 string vars.
e0840f11
BP		 400])
401AT_CLEANUP
402
9d4aecca 403AT_SETUP([ovn -- 3-term expression conversion])
e0840f11 404AT_CHECK([ovstest test-ovn exhaustive --operation=convert --bits=2 3], [0],
9d4aecca 405 [Tested converting 62418 expressions of 3 terminals with 2 numeric vars (each 2 bits) in terms of operators == != < <= > >= and 2 string vars.
e0840f11
BP		 406])
407AT_CLEANUP
408
9d4aecca
BP		 409AT_SETUP([ovn -- 3-term numeric expression simplification])
410AT_CHECK([ovstest test-ovn exhaustive --operation=simplify --nvars=2 --svars=0 3], [0],
411 [Tested simplifying 477138 expressions of 3 terminals with 2 numeric vars (each 3 bits) in terms of operators == != < <= > >=.
e0840f11
BP		 412])
413AT_CLEANUP
414
9d4aecca
BP		 415AT_SETUP([ovn -- 4-term string expression simplification])
416AT_CHECK([ovstest test-ovn exhaustive --operation=simplify --nvars=0 --svars=4 4], [0],
417 [Tested simplifying 21978 expressions of 4 terminals with 4 string vars.
e0840f11
BP		 418])
419AT_CLEANUP
420
9d4aecca
BP		 421AT_SETUP([ovn -- 3-term mixed expression simplification])
422AT_CHECK([ovstest test-ovn exhaustive --operation=simplify --nvars=1 --svars=1 3], [0],
423 [Tested simplifying 124410 expressions of 3 terminals with 1 numeric vars (each 3 bits) in terms of operators == != < <= > >= and 1 string vars.
e0840f11
BP		 424])
425AT_CLEANUP
426
9d4aecca
BP		 427AT_SETUP([ovn -- 4-term numeric expression normalization])
428AT_CHECK([ovstest test-ovn exhaustive --operation=normalize --nvars=3 --svars=0 --bits=1 4], [0],
429 [Tested normalizing 1207162 expressions of 4 terminals with 3 numeric vars (each 1 bits) in terms of operators == != < <= > >=.
e0840f11
BP		 430])
431AT_CLEANUP
432
9d4aecca
BP		 433AT_SETUP([ovn -- 4-term string expression normalization])
434AT_CHECK([ovstest test-ovn exhaustive --operation=normalize --nvars=0 --svars=3 --bits=1 4], [0],
435 [Tested normalizing 11242 expressions of 4 terminals with 3 string vars.
436])
437AT_CLEANUP
438
439AT_SETUP([ovn -- 4-term mixed expression normalization])
440AT_CHECK([ovstest test-ovn exhaustive --operation=normalize --nvars=1 --bits=1 --svars=2 4], [0],
441 [Tested normalizing 128282 expressions of 4 terminals with 1 numeric vars (each 1 bits) in terms of operators == != < <= > >= and 2 string vars.
442])
443AT_CLEANUP
444
445AT_SETUP([ovn -- 5-term numeric expression normalization])
446AT_CHECK([ovstest test-ovn exhaustive --operation=normalize --nvars=3 --svars=0 --bits=1 --relops='==' 5], [0],
447 [Tested normalizing 368550 expressions of 5 terminals with 3 numeric vars (each 1 bits) in terms of operators ==.
448])
449AT_CLEANUP
450
451AT_SETUP([ovn -- 5-term string expression normalization])
452AT_CHECK([ovstest test-ovn exhaustive --operation=normalize --nvars=0 --svars=3 --bits=1 --relops='==' 5], [0],
453 [Tested normalizing 368550 expressions of 5 terminals with 3 string vars.
454])
455AT_CLEANUP
456
457AT_SETUP([ovn -- 5-term mixed expression normalization])
458AT_CHECK([ovstest test-ovn exhaustive --operation=normalize --nvars=1 --svars=1 --bits=1 --relops='==' 5], [0],
459 [Tested normalizing 116550 expressions of 5 terminals with 1 numeric vars (each 1 bits) in terms of operators == and 1 string vars.
460])
461AT_CLEANUP
462
463AT_SETUP([ovn -- 4-term numeric expressions to flows])
464AT_CHECK([ovstest test-ovn exhaustive --operation=flow --nvars=2 --svars=0 --bits=2 --relops='==' 4], [0],
465 [Tested converting to flows 128282 expressions of 4 terminals with 2 numeric vars (each 2 bits) in terms of operators ==.
466])
467AT_CLEANUP
468
469AT_SETUP([ovn -- 4-term string expressions to flows])
470AT_CHECK([ovstest test-ovn exhaustive --operation=flow --nvars=0 --svars=4 4], [0],
471 [Tested converting to flows 21978 expressions of 4 terminals with 4 string vars.
472])
473AT_CLEANUP
474
475AT_SETUP([ovn -- 4-term mixed expressions to flows])
476AT_CHECK([ovstest test-ovn exhaustive --operation=flow --nvars=1 --bits=2 --svars=1 --relops='==' 4], [0],
477 [Tested converting to flows 37994 expressions of 4 terminals with 1 numeric vars (each 2 bits) in terms of operators == and 1 string vars.
478])
479AT_CLEANUP
480
481AT_SETUP([ovn -- 3-term numeric expressions to flows])
482AT_CHECK([ovstest test-ovn exhaustive --operation=flow --nvars=3 --svars=0 --bits=3 --relops='==' 3], [0],
483 [Tested converting to flows 38394 expressions of 3 terminals with 3 numeric vars (each 3 bits) in terms of operators ==.
e0840f11
BP		 484])
485AT_CLEANUP
f386a8a7
BP		 486
487AT_SETUP([ovn -- converting expressions to flows -- string fields])
488expr_to_flow () {
489 echo "$1" | ovstest test-ovn expr-to-flows | sort
490}
cc5e28d8 491AT_CHECK([expr_to_flow 'inport == "eth0"'], [0], [reg14=0x5
f386a8a7 492])
cc5e28d8 493AT_CHECK([expr_to_flow 'inport == "eth1"'], [0], [reg14=0x6
f386a8a7
BP		 494])
495AT_CHECK([expr_to_flow 'inport == "eth2"'], [0], [(no flows)
496])
497AT_CHECK([expr_to_flow 'inport == "eth0" && ip'], [0], [dnl
cc5e28d8
JP		 498ip,reg14=0x5
499ipv6,reg14=0x5
f386a8a7
BP		 500])
501AT_CHECK([expr_to_flow 'inport == "eth1" && ip'], [0], [dnl
cc5e28d8
JP		 502ip,reg14=0x6
503ipv6,reg14=0x6
f386a8a7
BP		 504])
505AT_CHECK([expr_to_flow 'inport == "eth2" && ip'], [0], [(no flows)
506])
507AT_CHECK([expr_to_flow 'inport == {"eth0", "eth1", "eth2", "LOCAL"}'], [0],
cc5e28d8
JP		 508[reg14=0x5
509reg14=0x6
510reg14=0xfffe
f386a8a7
BP		 511])
512AT_CHECK([expr_to_flow 'inport == {"eth0", "eth1", "eth2"} && ip'], [0], [dnl
cc5e28d8
JP		 513ip,reg14=0x5
514ip,reg14=0x6
515ipv6,reg14=0x5
516ipv6,reg14=0x6
f386a8a7 517])
9d4aecca
BP		 518AT_CHECK([expr_to_flow 'inport == "eth0" && inport == "eth1"'], [0], [dnl
519(no flows)
520])
f386a8a7 521AT_CLEANUP
3b7cb7e1 522
2c5cbb15
RB		 523AT_SETUP([ovn -- converting expressions to flows -- address sets])
524expr_to_flow () {
525 echo "$1" | ovstest test-ovn expr-to-flows | sort
526}
527AT_CHECK([expr_to_flow 'ip4.src == {10.0.0.1, 10.0.0.2, 10.0.0.3}'], [0], [dnl
528ip,nw_src=10.0.0.1
529ip,nw_src=10.0.0.2
530ip,nw_src=10.0.0.3
531])
532AT_CHECK([expr_to_flow 'ip4.src == $set1'], [0], [dnl
533ip,nw_src=10.0.0.1
534ip,nw_src=10.0.0.2
535ip,nw_src=10.0.0.3
536])
537AT_CHECK([expr_to_flow 'ip4.src == {1.2.3.4, $set1}'], [0], [dnl
538ip,nw_src=1.2.3.4
539ip,nw_src=10.0.0.1
540ip,nw_src=10.0.0.2
541ip,nw_src=10.0.0.3
542])
543AT_CHECK([expr_to_flow 'ip4.src == {1.2.0.0/20, 5.5.5.0/24, $set1}'], [0], [dnl
544ip,nw_src=1.2.0.0/20
545ip,nw_src=10.0.0.1
546ip,nw_src=10.0.0.2
547ip,nw_src=10.0.0.3
548ip,nw_src=5.5.5.0/24
549])
550AT_CHECK([expr_to_flow 'ip6.src == {::1, ::2, ::3}'], [0], [dnl
551ipv6,ipv6_src=::1
552ipv6,ipv6_src=::2
553ipv6,ipv6_src=::3
554])
555AT_CHECK([expr_to_flow 'ip6.src == {::1, $set2, ::4}'], [0], [dnl
556ipv6,ipv6_src=::1
557ipv6,ipv6_src=::2
558ipv6,ipv6_src=::3
559ipv6,ipv6_src=::4
560])
561AT_CHECK([expr_to_flow 'eth.src == {00:00:00:00:00:01, 00:00:00:00:00:02, 00:00:00:00:00:03}'], [0], [dnl
562dl_src=00:00:00:00:00:01
563dl_src=00:00:00:00:00:02
564dl_src=00:00:00:00:00:03
565])
566AT_CHECK([expr_to_flow 'eth.src == {$set3}'], [0], [dnl
567dl_src=00:00:00:00:00:01
568dl_src=00:00:00:00:00:02
569dl_src=00:00:00:00:00:03
570])
ea382567
RB		 571AT_CHECK([expr_to_flow 'eth.src == {00:00:00:00:00:01, $set3, ba:be:be:ef:de:ad, $set3}'], [0], [dnl
572dl_src=00:00:00:00:00:01
573dl_src=00:00:00:00:00:02
574dl_src=00:00:00:00:00:03
575dl_src=ba:be:be:ef:de:ad
576])
2c5cbb15
RB		 577AT_CLEANUP
578
3b7cb7e1 579AT_SETUP([ovn -- action parsing])
d5a76da4
BP		 580dnl Unindented text is input (a set of OVN logical actions).
581dnl Indented text is expected output.
582AT_DATA([test-cases.txt],
583[[# drop
584drop;
585 encodes as drop
586drop; next;
587 Syntax error at `next' expecting end of input.
588next; drop;
589 Syntax error at `drop' expecting action.
5f822129
BP		 590
591# output
d5a76da4
BP		 592output;
593 encodes as resubmit(,64)
5f822129
BP		 594
595# next
d5a76da4
BP		 596next;
597 formats as next(11);
598 encodes as resubmit(,27)
599next(11);
600 encodes as resubmit(,27)
601next(0);
602 encodes as resubmit(,16)
603next(15);
604 encodes as resubmit(,31)
605
606next();
607 Syntax error at `)' expecting small integer.
608next(10;
609 Syntax error at `;' expecting `)'.
610next(16);
611 "next" argument must be in range 0 to 15.
5f822129
BP		 612
613# Loading a constant value.
d5a76da4
BP		 614tcp.dst=80;
615 formats as tcp.dst = 80;
616 encodes as set_field:80->tcp_dst
617 has prereqs ip.proto == 0x6 && (eth.type == 0x800 || eth.type == 0x86dd)
618eth.dst[40] = 1;
619 encodes as set_field:01:00:00:00:00:00/01:00:00:00:00:00->eth_dst
620vlan.pcp = 2;
621 encodes as set_field:0x4000/0xe000->vlan_tci
622 has prereqs vlan.tci[12]
623vlan.tci[13..15] = 2;
624 encodes as set_field:0x4000/0xe000->vlan_tci
625inport = "";
626 encodes as set_field:0->reg14
627ip.ttl=4;
628 formats as ip.ttl = 4;
629 encodes as set_field:4->nw_ttl
630 has prereqs eth.type == 0x800 || eth.type == 0x86dd
631outport="eth0"; next; outport="LOCAL"; next;
632 formats as outport = "eth0"; next(11); outport = "LOCAL"; next(11);
633 encodes as set_field:0x5->reg15,resubmit(,27),set_field:0xfffe->reg15,resubmit(,27)
634
635inport[1] = 1;
636 Cannot select subfield of string field inport.
637ip.proto[1] = 1;
638 Cannot select subfield of nominal field ip.proto.
639eth.dst[40] == 1;
640 Syntax error at `==' expecting `=' or `<->'.
641ip = 1;
642 Predicate symbol ip used where lvalue required.
643ip.proto = 6;
644 Field ip.proto is not modifiable.
645inport = {"a", "b"};
646 Syntax error at `{' expecting constant.
647inport = {};
648 Syntax error at `{' expecting constant.
649bad_prereq = 123;
650 Error parsing expression `xyzzy' encountered as prerequisite or predicate of initial expression: Syntax error at `xyzzy' expecting field name.
651self_recurse = 123;
652 Error parsing expression `self_recurse != 0' encountered as prerequisite or predicate of initial expression: Error parsing expression `self_recurse != 0' encountered as prerequisite or predicate of initial expression: Recursive expansion of symbol `self_recurse'.
653vlan.present = 0;
654 Predicate symbol vlan.present used where lvalue required.
5f822129
BP		 655
656# Moving one field into another.
d5a76da4
BP		 657reg0=reg1;
658 formats as reg0 = reg1;
659 encodes as move:NXM_NX_XXREG0[64..95]->NXM_NX_XXREG0[96..127]
660vlan.pcp = reg0[0..2];
661 encodes as move:NXM_NX_XXREG0[96..98]->NXM_OF_VLAN_TCI[13..15]
662 has prereqs vlan.tci[12]
663reg0[10] = vlan.pcp[1];
664 encodes as move:NXM_OF_VLAN_TCI[14]->NXM_NX_XXREG0[106]
665 has prereqs vlan.tci[12]
666outport = inport;
667 encodes as move:NXM_NX_REG14[]->NXM_NX_REG15[]
668
669reg0[0] = vlan.present;
670 Predicate symbol vlan.present used where lvalue required.
671reg0 = reg1[0..10];
672 Can't assign 11-bit value to 32-bit destination.
673inport = reg0;
674 Can't assign integer field (reg0) to string field (inport).
675inport = big_string;
676 String fields inport and big_string are incompatible for assignment.
677ip.proto = reg0[0..7];
678 Field ip.proto is not modifiable.
5f822129
BP		 679
680# Exchanging fields.
d5a76da4
BP		 681reg0 <-> reg1;
682 encodes as push:NXM_NX_XXREG0[64..95],push:NXM_NX_XXREG0[96..127],pop:NXM_NX_XXREG0[64..95],pop:NXM_NX_XXREG0[96..127]
683vlan.pcp <-> reg0[0..2];
684 encodes as push:NXM_NX_XXREG0[96..98],push:NXM_OF_VLAN_TCI[13..15],pop:NXM_NX_XXREG0[96..98],pop:NXM_OF_VLAN_TCI[13..15]
685 has prereqs vlan.tci[12]
686reg0[10] <-> vlan.pcp[1];
687 encodes as push:NXM_OF_VLAN_TCI[14],push:NXM_NX_XXREG0[106],pop:NXM_OF_VLAN_TCI[14],pop:NXM_NX_XXREG0[106]
688 has prereqs vlan.tci[12]
689outport <-> inport;
690 encodes as push:NXM_NX_REG14[],push:NXM_NX_REG15[],pop:NXM_NX_REG14[],pop:NXM_NX_REG15[]
691
692reg0[0] <-> vlan.present;
693 Predicate symbol vlan.present used where lvalue required.
694reg0 <-> reg1[0..10];
695 Can't exchange 32-bit field with 11-bit field.
696inport <-> reg0;
697 Can't exchange string field (inport) with integer field (reg0).
698inport <-> big_string;
699 String fields inport and big_string are incompatible for exchange.
700ip.proto <-> reg0[0..7];
701 Field ip.proto is not modifiable.
702reg0[0..7] <-> ip.proto;
703 Field ip.proto is not modifiable.
5f822129
BP		 704
705# TTL decrement.
d5a76da4
BP		 706ip.ttl--;
707 encodes as dec_ttl
708 has prereqs ip
709ip.ttl
710 Syntax error at end of input expecting `--'.
5f822129 711
467085fd 712# load balancing.
d5a76da4
BP		 713ct_lb;
714 encodes as ct(table=27,zone=NXM_NX_REG13[0..15],nat)
715 has prereqs ip
716ct_lb();
717 formats as ct_lb;
718 encodes as ct(table=27,zone=NXM_NX_REG13[0..15],nat)
719 has prereqs ip
720ct_lb(192.168.1.2:80, 192.168.1.3:80);
721 encodes as group:1
722 has prereqs ip
723ct_lb(192.168.1.2, 192.168.1.3, );
724 formats as ct_lb(192.168.1.2, 192.168.1.3);
725 encodes as group:2
726 has prereqs ip
727
728ct_lb(192.168.1.2:);
729 Syntax error at `)' expecting port number.
730ct_lb(192.168.1.2:123456);
731 Syntax error at `123456' expecting port number.
732ct_lb(foo);
733 Syntax error at `foo' expecting IPv4 address.
734
735# ct_next
736ct_next;
737 encodes as ct(table=27,zone=NXM_NX_REG13[0..15])
738 has prereqs ip
739
740# ct_commit
741ct_commit;
742 encodes as ct(commit,zone=NXM_NX_REG13[0..15])
743 has prereqs ip
744ct_commit();
745 formats as ct_commit;
746 encodes as ct(commit,zone=NXM_NX_REG13[0..15])
747 has prereqs ip
748ct_commit(ct_mark=1);
749 formats as ct_commit(ct_mark=0x1);
750 encodes as ct(commit,zone=NXM_NX_REG13[0..15],exec(set_field:0x1->ct_mark))
751 has prereqs ip
752ct_commit(ct_mark=1/1);
753 formats as ct_commit(ct_mark=0x1/0x1);
754 encodes as ct(commit,zone=NXM_NX_REG13[0..15],exec(set_field:0x1/0x1->ct_mark))
755 has prereqs ip
756ct_commit(ct_label=1);
757 formats as ct_commit(ct_label=0x1);
758 encodes as ct(commit,zone=NXM_NX_REG13[0..15],exec(set_field:0x1->ct_label))
759 has prereqs ip
760ct_commit(ct_label=1/1);
761 formats as ct_commit(ct_label=0x1/0x1);
762 encodes as ct(commit,zone=NXM_NX_REG13[0..15],exec(set_field:0x1/0x1->ct_label))
763 has prereqs ip
764ct_commit(ct_mark=1, ct_label=2);
765 formats as ct_commit(ct_mark=0x1, ct_label=0x2);
766 encodes as ct(commit,zone=NXM_NX_REG13[0..15],exec(set_field:0x1->ct_mark,set_field:0x2->ct_label))
767 has prereqs ip
768
769ct_commit(ct_label=0x01020304050607080910111213141516);
770 formats as ct_commit(ct_label=0x1020304050607080910111213141516);
771 encodes as ct(commit,zone=NXM_NX_REG13[0..15],exec(set_field:0x1020304050607080910111213141516->ct_label))
772 has prereqs ip
773ct_commit(ct_label=0x181716151413121110090807060504030201);
774 formats as ct_commit(ct_label=0x16151413121110090807060504030201);
775 encodes as ct(commit,zone=NXM_NX_REG13[0..15],exec(set_field:0x16151413121110090807060504030201->ct_label))
776 has prereqs ip
777ct_commit(ct_label=0x1000000000000000000000000000000/0x1000000000000000000000000000000);
778 encodes as ct(commit,zone=NXM_NX_REG13[0..15],exec(set_field:0x1000000000000000000000000000000/0x1000000000000000000000000000000->ct_label))
779 has prereqs ip
780ct_commit(ct_label=18446744073709551615);
781 formats as ct_commit(ct_label=0xffffffffffffffff);
782 encodes as ct(commit,zone=NXM_NX_REG13[0..15],exec(set_field:0xffffffffffffffff->ct_label))
783 has prereqs ip
784ct_commit(ct_label=18446744073709551616);
785 Decimal constants must be less than 2**64.
786
787# ct_dnat
788ct_dnat;
789 encodes as ct(table=27,zone=NXM_NX_REG11[0..15],nat)
790 has prereqs ip
791ct_dnat(192.168.1.2);
792 encodes as ct(commit,table=27,zone=NXM_NX_REG11[0..15],nat(dst=192.168.1.2))
793 has prereqs ip
794
795ct_dnat(192.168.1.2, 192.168.1.3);
796 Syntax error at `,' expecting `)'.
797ct_dnat(foo);
798 Syntax error at `foo' expecting IPv4 address.
799ct_dnat(foo, bar);
800 Syntax error at `foo' expecting IPv4 address.
801ct_dnat();
802 Syntax error at `)' expecting IPv4 address.
803
804# ct_snat
805ct_snat;
806 encodes as ct(zone=NXM_NX_REG12[0..15],nat)
807 has prereqs ip
808ct_snat(192.168.1.2);
809 encodes as ct(commit,table=27,zone=NXM_NX_REG12[0..15],nat(src=192.168.1.2))
810 has prereqs ip
811
812ct_snat(192.168.1.2, 192.168.1.3);
813 Syntax error at `,' expecting `)'.
814ct_snat(foo);
815 Syntax error at `foo' expecting IPv4 address.
816ct_snat(foo, bar);
817 Syntax error at `foo' expecting IPv4 address.
818ct_snat();
819 Syntax error at `)' expecting IPv4 address.
de297547 820
6335d074 821# arp
d5a76da4
BP		 822arp { eth.dst = ff:ff:ff:ff:ff:ff; output; };
823 encodes as controller(userdata=00.00.00.00.00.00.00.00.00.19.00.10.80.00.06.06.ff.ff.ff.ff.ff.ff.00.00.ff.ff.00.10.00.00.23.20.00.0e.ff.f8.40.00.00.00)
824 has prereqs ip4
6335d074 825
0bac7164 826# get_arp
d5a76da4
BP		 827get_arp(outport, ip4.dst);
828 encodes as push:NXM_NX_REG0[],push:NXM_OF_IP_DST[],pop:NXM_NX_REG0[],set_field:00:00:00:00:00:00->eth_dst,resubmit(,65),pop:NXM_NX_REG0[]
829 has prereqs eth.type == 0x800
830get_arp(inport, reg0);
831 encodes as push:NXM_NX_REG15[],push:NXM_NX_REG0[],push:NXM_NX_XXREG0[96..127],push:NXM_NX_REG14[],pop:NXM_NX_REG15[],pop:NXM_NX_REG0[],set_field:00:00:00:00:00:00->eth_dst,resubmit(,65),pop:NXM_NX_REG0[],pop:NXM_NX_REG15[]
832
833get_arp;
834 Syntax error at `;' expecting `('.
835get_arp();
836 Syntax error at `)' expecting field name.
837get_arp(inport);
838 Syntax error at `)' expecting `,'.
839get_arp(inport ip4.dst);
840 Syntax error at `ip4.dst' expecting `,'.
841get_arp(inport, ip4.dst;
842 Syntax error at `;' expecting `)'.
843get_arp(inport, eth.dst);
844 Cannot use 48-bit field eth.dst[0..47] where 32-bit field is required.
845get_arp(inport, outport);
846 Cannot use string field outport where numeric field is required.
847get_arp(reg0, ip4.dst);
848 Cannot use numeric field reg0 where string field is required.
0bac7164
BP		 849
850# put_arp
d5a76da4
BP		 851put_arp(inport, arp.spa, arp.sha);
852 encodes as push:NXM_NX_REG0[],push:NXM_OF_ETH_SRC[],push:NXM_NX_ARP_SHA[],push:NXM_OF_ARP_SPA[],pop:NXM_NX_REG0[],pop:NXM_OF_ETH_SRC[],controller(userdata=00.00.00.01.00.00.00.00),pop:NXM_OF_ETH_SRC[],pop:NXM_NX_REG0[]
853 has prereqs eth.type == 0x806 && eth.type == 0x806
0bac7164 854
42814145 855# put_dhcp_opts
d5a76da4
BP		 856reg1[0] = put_dhcp_opts(offerip = 1.2.3.4, router = 10.0.0.1);
857 encodes as controller(userdata=00.00.00.02.00.00.00.00.00.01.de.10.00.00.00.40.01.02.03.04.03.04.0a.00.00.01,pause)
858reg2[5] = put_dhcp_opts(offerip=10.0.0.4,router=10.0.0.1,netmask=255.255.254.0,mtu=1400,domain="ovn.org");
859 formats as reg2[5] = put_dhcp_opts(offerip = 10.0.0.4, router = 10.0.0.1, netmask = 255.255.254.0, mtu = 1400, domain = "ovn.org");
860 encodes as controller(userdata=00.00.00.02.00.00.00.00.00.01.de.10.00.00.00.25.0a.00.00.04.03.04.0a.00.00.01.01.04.ff.ff.fe.00.1a.02.05.78.0f.07.6f.76.6e.2e.6f.72.67,pause)
861reg0[15] = put_dhcp_opts(offerip=10.0.0.4,router=10.0.0.1,netmask=255.255.255.0,mtu=1400,ip_forward_enable=1,default_ttl=121,dns_server={8.8.8.8,7.7.7.7},classless_static_route={30.0.0.0/24,10.0.0.4,40.0.0.0/16,10.0.0.6,0.0.0.0/0,10.0.0.1},ethernet_encap=1,router_discovery=0);
862 formats as reg0[15] = put_dhcp_opts(offerip = 10.0.0.4, router = 10.0.0.1, netmask = 255.255.255.0, mtu = 1400, ip_forward_enable = 1, default_ttl = 121, dns_server = {8.8.8.8, 7.7.7.7}, classless_static_route = {30.0.0.0/24, 10.0.0.4, 40.0.0.0/16, 10.0.0.6, 0.0.0.0/0, 10.0.0.1}, ethernet_encap = 1, router_discovery = 0);
863 encodes as controller(userdata=00.00.00.02.00.00.00.00.00.01.de.10.00.00.00.6f.0a.00.00.04.03.04.0a.00.00.01.01.04.ff.ff.ff.00.1a.02.05.78.13.01.01.17.01.79.06.08.08.08.08.08.07.07.07.07.79.14.18.1e.00.00.0a.00.00.04.10.28.00.0a.00.00.06.00.0a.00.00.01.24.01.01.1f.01.00,pause)
864
865reg1[0..1] = put_dhcp_opts(offerip = 1.2.3.4, router = 10.0.0.1);
866 Cannot use 2-bit field reg1[0..1] where 1-bit field is required.
867reg1[0] = put_dhcp_opts();
868 put_dhcp_opts requires offerip to be specified.
869reg1[0] = put_dhcp_opts(x = 1.2.3.4, router = 10.0.0.1);
870 Syntax error at `x' expecting DHCPv4 option name.
871reg1[0] = put_dhcp_opts(router = 10.0.0.1);
872 put_dhcp_opts requires offerip to be specified.
873reg1[0] = put_dhcp_opts(offerip=1.2.3.4, "hi");
874 Syntax error at `"hi"'.
875reg1[0] = put_dhcp_opts(offerip=1.2.3.4, xyzzy);
876 Syntax error at `xyzzy' expecting DHCPv4 option name.
877reg1[0] = put_dhcp_opts(offerip="xyzzy");
878 DHCPv4 option offerip requires numeric value.
879reg1[0] = put_dhcp_opts(offerip=1.2.3.4, domain=1.2.3.4);
880 DHCPv4 option domain requires string value.
42814145 881
f8a8db39 882# nd_na
d5a76da4
BP		 883nd_na { eth.src = 12:34:56:78:9a:bc; nd.tll = 12:34:56:78:9a:bc; outport = inport; inport = ""; /* Allow sending out inport. */ output; };
884 formats as nd_na { eth.src = 12:34:56:78:9a:bc; nd.tll = 12:34:56:78:9a:bc; outport = inport; inport = ""; output; };
885 encodes as controller(userdata=00.00.00.03.00.00.00.00.00.19.00.10.80.00.08.06.12.34.56.78.9a.bc.00.00.00.19.00.10.80.00.42.06.12.34.56.78.9a.bc.00.00.ff.ff.00.18.00.00.23.20.00.06.00.20.00.00.00.00.00.01.1c.04.00.01.1e.04.00.19.00.10.00.01.1c.04.00.00.00.00.00.00.00.00.ff.ff.00.10.00.00.23.20.00.0e.ff.f8.40.00.00.00)
886 has prereqs nd_ns
e75451fe 887
c34a87b6 888# get_nd
d5a76da4
BP		 889get_nd(outport, ip6.dst);
890 encodes as push:NXM_NX_XXREG0[],push:NXM_NX_IPV6_DST[],pop:NXM_NX_XXREG0[],set_field:00:00:00:00:00:00->eth_dst,resubmit(,65),pop:NXM_NX_XXREG0[]
891 has prereqs eth.type == 0x86dd
892get_nd(inport, xxreg0);
893 encodes as push:NXM_NX_REG15[],push:NXM_NX_REG14[],pop:NXM_NX_REG15[],set_field:00:00:00:00:00:00->eth_dst,resubmit(,65),pop:NXM_NX_REG15[]
894get_nd;
895 Syntax error at `;' expecting `('.
896get_nd();
897 Syntax error at `)' expecting field name.
898get_nd(inport);
899 Syntax error at `)' expecting `,'.
900get_nd(inport ip6.dst);
901 Syntax error at `ip6.dst' expecting `,'.
902get_nd(inport, ip6.dst;
903 Syntax error at `;' expecting `)'.
904get_nd(inport, eth.dst);
905 Cannot use 48-bit field eth.dst[0..47] where 128-bit field is required.
906get_nd(inport, outport);
907 Cannot use string field outport where numeric field is required.
908get_nd(xxreg0, ip6.dst);
909 Cannot use numeric field xxreg0 where string field is required.
c34a87b6
JP		 910
911# put_nd
d5a76da4
BP		 912put_nd(inport, nd.target, nd.sll);
913 encodes as push:NXM_NX_XXREG0[],push:NXM_OF_ETH_SRC[],push:NXM_NX_ND_SLL[],push:NXM_NX_ND_TARGET[],pop:NXM_NX_XXREG0[],pop:NXM_OF_ETH_SRC[],controller(userdata=00.00.00.04.00.00.00.00),pop:NXM_OF_ETH_SRC[],pop:NXM_NX_XXREG0[]
914 has prereqs ((icmp6.type == 0x87 && eth.type == 0x86dd && ip.proto == 0x3a && (eth.type == 0x800 || eth.type == 0x86dd)) || (icmp6.type == 0x88 && eth.type == 0x86dd && ip.proto == 0x3a && (eth.type == 0x800 || eth.type == 0x86dd))) && icmp6.code == 0 && eth.type == 0x86dd && ip.proto == 0x3a && (eth.type == 0x800 || eth.type == 0x86dd) && ip.ttl == 0xff && (eth.type == 0x800 || eth.type == 0x86dd) && icmp6.type == 0x87 && eth.type == 0x86dd && ip.proto == 0x3a && (eth.type == 0x800 || eth.type == 0x86dd) && icmp6.code == 0 && eth.type == 0x86dd && ip.proto == 0x3a && (eth.type == 0x800 || eth.type == 0x86dd) && ip.ttl == 0xff && (eth.type == 0x800 || eth.type == 0x86dd)
c34a87b6 915
01cfdb2f 916# put_dhcpv6_opts
d5a76da4
BP		 917reg1[0] = put_dhcpv6_opts(ia_addr = ae70::4, server_id = 00:00:00:00:10:02);
918 encodes as controller(userdata=00.00.00.05.00.00.00.00.00.01.de.10.00.00.00.40.05.00.10.00.ae.70.00.00.00.00.00.00.00.00.00.00.00.00.00.04.02.00.06.00.00.00.00.00.10.02,pause)
919reg1[0] = put_dhcpv6_opts();
920 encodes as controller(userdata=00.00.00.05.00.00.00.00.00.01.de.10.00.00.00.40,pause)
921reg1[0] = put_dhcpv6_opts(dns_server={ae70::1,ae70::2});
922 formats as reg1[0] = put_dhcpv6_opts(dns_server = {ae70::1, ae70::2});
923 encodes as controller(userdata=00.00.00.05.00.00.00.00.00.01.de.10.00.00.00.40.17.00.20.00.ae.70.00.00.00.00.00.00.00.00.00.00.00.00.00.01.ae.70.00.00.00.00.00.00.00.00.00.00.00.00.00.02,pause)
924reg1[0] = put_dhcpv6_opts(domain_search = "ovn.org");
925 encodes as controller(userdata=00.00.00.05.00.00.00.00.00.01.de.10.00.00.00.40.18.00.07.00.6f.76.6e.2e.6f.72.67,pause)
926reg1[0] = put_dhcpv6_opts(x = 1.2.3.4);
927 Syntax error at `x' expecting DHCPv6 option name.
928reg1[0] = put_dhcpv6_opts(ia_addr=ae70::4, "hi");
929 Syntax error at `"hi"'.
930reg1[0] = put_dhcpv6_opts(ia_addr=ae70::4, xyzzy);
931 Syntax error at `xyzzy' expecting DHCPv6 option name.
932reg1[0] = put_dhcpv6_opts(ia_addr="ae70::4");
933 DHCPv6 option ia_addr requires numeric value.
934reg1[0] = put_dhcpv6_opts(ia_addr=ae70::4, domain_search=ae70::1);
935 DHCPv6 option domain_search requires string value.
01cfdb2f 936
5f822129 937# Contradictionary prerequisites (allowed but not useful):
d5a76da4
BP		 938ip4.src = ip6.src[0..31];
939 encodes as move:NXM_NX_IPV6_SRC[0..31]->NXM_OF_IP_SRC[]
940 has prereqs eth.type == 0x800 && eth.type == 0x86dd
941ip4.src <-> ip6.src[0..31];
942 encodes as push:NXM_NX_IPV6_SRC[0..31],push:NXM_OF_IP_SRC[],pop:NXM_NX_IPV6_SRC[0..31],pop:NXM_OF_IP_SRC[]
943 has prereqs eth.type == 0x800 && eth.type == 0x86dd
944
945# Miscellaneous negative tests.
946;
947 Syntax error at `;'.
948xyzzy;
949 Syntax error at `xyzzy' expecting action.
950next; 123;
951 Syntax error at `123'.
952next; xyzzy;
953 Syntax error at `xyzzy' expecting action.
954next
9aef3c1b 955 Syntax error at end of input expecting `;'.
3b7cb7e1 956]])
d5a76da4
BP		 957sed '/^[[ ]]/d' test-cases.txt > input.txt
958cp test-cases.txt expout
3b7cb7e1
BP		 959AT_CHECK([ovstest test-ovn parse-actions < input.txt], [0], [expout])
960AT_CLEANUP
f295c17b
BP		 961
962AT_BANNER([OVN end-to-end tests])
963
9975d7be
BP		 964# 3 hypervisors, one logical switch, 3 logical ports per hypervisor
965AT_SETUP([ovn -- 3 HVs, 1 LS, 3 lports/HV])
57d143eb 966AT_KEYWORDS([ovnarp])
f295c17b
BP		 967AT_SKIP_IF([test $HAVE_PYTHON = no])
968ovn_start
969
970# Create hypervisors hv[123].
9975d7be 971# Add vif1[123] to hv1, vif2[123] to hv2, vif3[123] to hv3.
f295c17b
BP		 972# Add all of the vifs to a single logical switch lsw0.
973# Turn on port security on all the vifs except vif[123]1.
974# Make vif13, vif2[23], vif3[123] destinations for unknown MACs.
975# Add some ACLs for Ethertypes 1234, 1235, 1236.
ea46a4e9 976ovn-nbctl ls-add lsw0
f295c17b
BP		 977net_add n1
978for i in 1 2 3; do
979 sim_add hv$i
980 as hv$i
981 ovs-vsctl add-br br-phys
982 ovn_attach n1 br-phys 192.168.0.$i
983
984 for j in 1 2 3; do
985 ovs-vsctl add-port br-int vif$i$j -- set Interface vif$i$j external-ids:iface-id=lp$i$j options:tx_pcap=hv$i/vif$i$j-tx.pcap options:rxq_pcap=hv$i/vif$i$j-rx.pcap ofport-request=$i$j
31ed1192 986 ovn-nbctl lsp-add lsw0 lp$i$j
4d5c43d5 987 if test $j = 1; then
31ed1192 988 ovn-nbctl lsp-set-addresses lp$i$j "f0:00:00:00:00:$i$j 192.168.0.$i$j" unknown
f295c17b 989 else
7dc88496
NS		 990 if test $j = 3; then
991 ip_addrs="192.168.0.$i$j fe80::ea2a:eaff:fe28:$i$j/64 192.169.0.$i$j"
992 else
993 ip_addrs="192.168.0.$i$j"
994 fi
31ed1192
JP		 995 ovn-nbctl lsp-set-addresses lp$i$j "f0:00:00:00:00:$i$j $ip_addrs"
996 ovn-nbctl lsp-set-port-security lp$i$j f0:00:00:00:00:$i$j
f295c17b
BP		 997 fi
998 done
999done
1000ovn-nbctl acl-add lsw0 from-lport 1000 'eth.type == 0x1234' drop
1001ovn-nbctl acl-add lsw0 from-lport 1000 'eth.type == 0x1235 && inport == "lp11"' drop
1002ovn-nbctl acl-add lsw0 to-lport 1000 'eth.type == 0x1236 && outport == "lp33"' drop
ea382567
RB		 1003ovn-nbctl create Address_Set name=set1 addresses=\"f0:00:00:00:00:11\",\"f0:00:00:00:00:21\",\"f0:00:00:00:00:31\"
1004ovn-nbctl acl-add lsw0 to-lport 1000 'eth.type == 0x1237 && eth.src == $set1 && outport == "lp33"' drop
f295c17b
BP		 1005
1006# Pre-populate the hypervisors' ARP tables so that we don't lose any
1007# packets for ARP resolution (native tunneling doesn't queue packets
1008# for ARP resolution).
1009ovn_populate_arp
1010
1011# Allow some time for ovn-northd and ovn-controller to catch up.
1012# XXX This should be more systematic.
1013sleep 1
611099dc 1014
57d143eb
HZ		 1015# Given the name of a logical port, prints the name of the hypervisor
1016# on which it is located.
1017vif_to_hv() {
1018 echo hv${1%?}
1019}
1020
f295c17b
BP		 1021# test_packet INPORT DST SRC ETHTYPE OUTPORT...
1022#
1023# This shell function causes a packet to be received on INPORT. The packet's
1024# content has Ethernet destination DST and source SRC (each exactly 12 hex
1025# digits) and Ethernet type ETHTYPE (4 hex digits). The OUTPORTs (zero or
1026# more) list the VIFs on which the packet should be received. INPORT and the
31ed1192 1027# OUTPORTs are specified as logical switch port numbers, e.g. 11 for vif11.
f295c17b
BP		 1028for i in 1 2 3; do
1029 for j in 1 2 3; do
1030 : > $i$j.expected
1031 done
1032done
1033test_packet() {
1034 local inport=$1 packet=$2$3$4; shift; shift; shift; shift
57d143eb 1035 hv=`vif_to_hv $inport`
f295c17b
BP		 1036 vif=vif$inport
1037 as $hv ovs-appctl netdev-dummy/receive $vif $packet
1038 for outport; do
e4543cfe 1039 echo $packet >> $outport.expected
f295c17b
BP		 1040 done
1041}
1042
57d143eb
HZ		 1043# test_arp INPORT SHA SPA TPA [REPLY_HA]
1044#
1045# Causes a packet to be received on INPORT. The packet is an ARP
1046# request with SHA, SPA, and TPA as specified. If REPLY_HA is provided, then
1047# it should be the hardware address of the target to expect to receive in an
1048# ARP reply; otherwise no reply is expected.
1049#
31ed1192 1050# INPORT is an logical switch port number, e.g. 11 for vif11.
57d143eb
HZ		 1051# SHA and REPLY_HA are each 12 hex digits.
1052# SPA and TPA are each 8 hex digits.
1053test_arp() {
1054 local inport=$1 sha=$2 spa=$3 tpa=$4 reply_ha=$5
1055 local request=ffffffffffff${sha}08060001080006040001${sha}${spa}ffffffffffff${tpa}
1056 hv=`vif_to_hv $inport`
1057 as $hv ovs-appctl netdev-dummy/receive vif$inport $request
1058
92f9822b 1059 if test X$reply_ha = X; then
57d143eb
HZ		 1060 # Expect to receive the broadcast ARP on the other logical switch ports
1061 # if no reply is expected.
1062 local i j
1063 for i in 1 2 3; do
1064 for j in 1 2 3; do
1065 if test $i$j != $inport; then
1066 echo $request >> $i$j.expected
1067 fi
1068 done
1069 done
1070 else
1071 # Expect to receive the reply, if any.
1072 local reply=${sha}${reply_ha}08060001080006040002${reply_ha}${tpa}${sha}${spa}
1073 echo $reply >> $inport.expected
1074 fi
1075}
1076
1077ip_to_hex() {
1078 printf "%02x%02x%02x%02x" "$@"
1079}
1080
f295c17b
BP		 1081# Send packets between all pairs of source and destination ports:
1082#
31ed1192
JP		 1083# 1. Unicast packets are delivered to exactly one logical switch port
1084# (except that packets destined to their input ports are dropped).
f295c17b 1085#
31ed1192
JP		 1086# 2. Broadcast and multicast are delivered to all logical switch ports
1087# except the input port.
f295c17b 1088#
ea46a4e9 1089# 3. When port security is turned on, the switch drops packets from the wrong
f295c17b
BP		 1090# MAC address.
1091#
ea46a4e9 1092# 4. The switch drops all packets with a VLAN tag.
f295c17b 1093#
ea46a4e9 1094# 5. The switch drops all packets with a multicast source address. (This only
f295c17b
BP		 1095# affects behavior when port security is turned off, since otherwise port
1096# security would drop the packet anyway.)
1097#
ea46a4e9 1098# 6. The switch delivers packets with an unknown destination to logical
31ed1192
JP		 1099# switch ports with "unknown" among their MAC addresses (and port
1100# security disabled).
f295c17b 1101#
ea46a4e9 1102# 7. The switch drops unicast packets that violate an ACL.
f295c17b 1103#
ea46a4e9 1104# 8. The switch drops multicast and broadcast packets that violate an ACL.
57d143eb
HZ		 1105#
1106# 9. ARP requests to known IPs are responded directly.
1107#
1108# 10. No response to ARP requests for unknown IPs.
4acd1e87 1109
f295c17b
BP		 1110for is in 1 2 3; do
1111 for js in 1 2 3; do
1112 s=$is$js
1113 bcast=
4d5c43d5
JP		 1114 unknown=
1115 bacl2=
1116 bacl3=
f295c17b
BP		 1117 for id in 1 2 3; do
1118 for jd in 1 2 3; do
1119 d=$id$jd
1120
1121 if test $d != $s; then unicast=$d; else unicast=; fi
1122 test_packet $s f000000000$d f000000000$s $s$d $unicast #1
1123
1124 if test $d != $s && test $js = 1; then
4d5c43d5
JP		 1125 impersonate=$d
1126 else
1127 impersonate=
1128 fi
f295c17b
BP		 1129 test_packet $s f000000000$d f00000000055 55$d $impersonate #3
1130
4d5c43d5
JP		 1131 if test $d != $s && test $s != 11; then acl2=$d; else acl2=; fi
1132 if test $d != $s && test $d != 33; then acl3=$d; else acl3=; fi
e137131a 1133 if test $d = $s || (test $js = 1 && test $d = 33); then
ea382567
RB		 1134 # Source of 11, 21, or 31 and dest of 33 should be dropped
1135 # due to the 4th ACL that uses address_set(set1).
1136 acl4=
1137 else
1138 acl4=$d
1139 fi
f295c17b
BP		 1140 test_packet $s f000000000$d f000000000$s 1234 #7, acl1
1141 test_packet $s f000000000$d f000000000$s 1235 $acl2 #7, acl2
1142 test_packet $s f000000000$d f000000000$s 1236 $acl3 #7, acl3
ea382567 1143 test_packet $s f000000000$d f000000000$s 1237 $acl4 #7, acl4
f295c17b
BP		 1144
1145 test_packet $s f000000000$d f00000000055 810000091234 #4
1146 test_packet $s f000000000$d 0100000000$s $s$d #5
1147
4d5c43d5
JP		 1148 if test $d != $s && test $jd = 1; then
1149 unknown="$unknown $d"
1150 fi
f295c17b
BP		 1151 bcast="$bcast $unicast"
1152 bacl2="$bacl2 $acl2"
1153 bacl3="$bacl3 $acl3"
57d143eb
HZ		 1154
1155 sip=`ip_to_hex 192 168 0 $i$j`
1156 tip=`ip_to_hex 192 168 0 $id$jd`
1157 tip_unknown=`ip_to_hex 11 11 11 11`
1158 test_arp $s f000000000$s $sip $tip f000000000$d #9
1159 test_arp $s f000000000$s $sip $tip_unknown #10
7dc88496
NS		 1160
1161 if test $jd = 3; then
31ed1192 1162 # lsp[123]3 has an additional ip 192.169.0.[123]3.
7dc88496
NS		 1163 tip=`ip_to_hex 192 169 0 $id$jd`
1164 test_arp $s f000000000$s $sip $tip f000000000$d #9
1165 fi
f295c17b
BP		 1166 done
1167 done
1168
4d5c43d5 1169 # Broadcast and multicast.
f295c17b
BP		 1170 test_packet $s ffffffffffff f000000000$s ${s}ff $bcast #2
1171 test_packet $s 010000000000 f000000000$s ${s}ff $bcast #2
4d5c43d5 1172 if test $js = 1; then
f295c17b
BP		 1173 bcast_impersonate=$bcast
1174 else
4d5c43d5
JP		 1175 bcast_impersonate=
1176 fi
f295c17b
BP		 1177 test_packet $s 010000000000 f00000000044 44ff $bcast_impersonate #3
1178
1179 test_packet $s f0000000ffff f000000000$s ${s}66 $unknown #6
1180
1181 test_packet $s ffffffffffff f000000000$s 1234 #8, acl1
1182 test_packet $s ffffffffffff f000000000$s 1235 $bacl2 #8, acl2
1183 test_packet $s ffffffffffff f000000000$s 1236 $bacl3 #8, acl3
1184 test_packet $s 010000000000 f000000000$s 1234 #8, acl1
1185 test_packet $s 010000000000 f000000000$s 1235 $bacl2 #8, acl2
1186 test_packet $s 010000000000 f000000000$s 1236 $bacl3 #8, acl3
1187 done
1188done
1189
7dc88496
NS		 1190# set address for lp13 with invalid characters.
1191# lp13 should be configured with only 192.168.0.13.
31ed1192 1192ovn-nbctl lsp-set-addresses lp13 "f0:00:00:00:00:13 192.168.0.13 invalid 192.169.0.13"
3b8cd0ea
BP		 1193
1194# Allow some time for ovn-northd and ovn-controller to catch up.
1195# XXX This should be more systematic.
1196sleep 1
1197
7dc88496
NS		 1198sip=`ip_to_hex 192 168 0 11`
1199tip=`ip_to_hex 192 168 0 13`
1200test_arp 11 f00000000011 $sip $tip f00000000013
1201
1202tip=`ip_to_hex 192 169 0 13`
1203#arp request for 192.169.0.13 should be flooded
1204test_arp 11 f00000000011 $sip $tip
1205
91125642 1206# dump information and flows with counters
bb0c41d3
RM		 1207ovn-sbctl dump-flows -- list multicast_group
1208
1209echo "------ hv1 dump ------"
1210as hv1 ovs-vsctl show
1211as hv1 ovs-ofctl -O OpenFlow13 dump-flows br-int
1212
1213echo "------ hv2 dump ------"
1214as hv2 ovs-vsctl show
1215as hv2 ovs-ofctl -O OpenFlow13 dump-flows br-int
1216
1217echo "------ hv3 dump ------"
1218as hv3 ovs-vsctl show
1219as hv3 ovs-ofctl -O OpenFlow13 dump-flows br-int
49d7c759 1220
f295c17b
BP		 1221# Now check the packets actually received against the ones expected.
1222for i in 1 2 3; do
1223 for j in 1 2 3; do
49d7c759 1224 OVN_CHECK_PACKETS([hv$i/vif$i$j-tx.pcap], [$i$j.expected])
f295c17b
BP		 1225 done
1226done
fcde56f5 1227
7a8f15e0 1228OVN_CLEANUP([hv1],[hv2],[hv3])
d9c8c57c 1229
f295c17b 1230AT_CLEANUP
eb6b08eb 1231
4acd1e87
BP		 1232AT_SETUP([ovn -- trace 1 LS, 3 LSPs])
1233AT_SKIP_IF([test $HAVE_PYTHON = no])
1234ovn_start
1235
1236# Create a logical switch and some logical ports.
1237# Turn on port security on all lports except ls1.
1238# Make ls1 a destination for unknown MACs.
1239# Add some ACLs for Ethertypes 1234, 1235, 1236.
1240ovn-nbctl ls-add lsw0
1241ovn-sbctl chassis-add hv0 geneve 127.0.0.1
1242for i in 1 2 3; do
1243 ovn-nbctl lsp-add lsw0 lp$i
1244 ovn-sbctl lsp-bind lp$i hv0
1245 if test $i = 1; then
abb37b6b 1246 ovn-nbctl lsp-set-addresses lp$i "f0:00:00:00:00:0$i 192.168.0.$i" unknown
4acd1e87 1247 else
abb37b6b
FF		 1248 if test $i = 3; then
1249 ip_addrs="192.168.0.$i fe80::ea2a:eaff:fe28:$i/64 192.169.0.$i"
1250 else
1251 ip_addrs="192.168.0.$i"
1252 fi
1253 ovn-nbctl lsp-set-addresses lp$i "f0:00:00:00:00:$i $ip_addrs"
1254 ovn-nbctl lsp-set-port-security lp$i f0:00:00:00:00:$i
4acd1e87
BP		 1255 fi
1256done
1257ovn-nbctl acl-add lsw0 from-lport 1000 'eth.type == 0x1234' drop
1258ovn-nbctl acl-add lsw0 from-lport 1000 'eth.type == 0x1235 && inport == "lp1"' drop
1259ovn-nbctl acl-add lsw0 to-lport 1000 'eth.type == 0x1236 && outport == "lp3"' drop
1260ovn-nbctl create Address_Set name=set1 addresses=\"f0:00:00:00:00:01\",\"f0:00:00:00:00:02\"
1261ovn-nbctl acl-add lsw0 to-lport 1000 'eth.type == 0x1237 && eth.src == $set1 && outport == "lp3"' drop
1262
1263ovn-nbctl --wait=sb sync
1264on_exit 'kill `cat ovn-trace.pid`'
1265ovn-trace --detach --pidfile --no-chdir
1266
1267# test_packet INPORT DST SRC [-vlan] [-eth TYPE] OUTPORT...
1268#
1269# This shell function causes a packet to be received on INPORT. The packet's
1270# content has Ethernet destination DST and source SRC (each exactly 12 hex
1271# digits) and Ethernet type ETHTYPE (4 hex digits). The OUTPORTs (zero or
1272# more) list the VIFs on which the packet should be received. INPORT and the
1273# OUTPORTs are specified as logical switch port numbers, e.g. 11 for vif11.
1274test_packet() {
1275 local inport=$1 eth_dst=$2 eth_src=$3; shift; shift; shift
1276 uflow="inport==\"lp$inport\" && eth.dst==$eth_dst && eth.src==$eth_src"
1277 while :; do
abb37b6b
FF		 1278 case $1 in # (
1279 -vlan) uflow="$uflow && vlan.vid == 1234"; shift ;; # (
1280 -eth) uflow="$uflow && eth.type == 0x$2"; shift; shift ;; # (
1281 *) break ;;
1282 esac
4acd1e87
BP		 1283 done
1284 for outport; do
abb37b6b 1285 echo "output(\"lp$outport\");"
4acd1e87
BP		 1286 done > expout
1287
1288 AT_CAPTURE_FILE([trace])
1289 AT_CHECK([ovs-appctl -t ovn-trace trace --all lsw0 "$uflow" | tee trace | sed '1,/Minimal trace/d'], [0], [expout])
1290}
1291
1292# test_arp INPORT SHA SPA TPA [REPLY_HA]
1293#
1294# Causes a packet to be received on INPORT. The packet is an ARP
1295# request with SHA, SPA, and TPA as specified. If REPLY_HA is provided, then
1296# it should be the hardware address of the target to expect to receive in an
1297# ARP reply; otherwise no reply is expected.
1298#
1299# INPORT is an logical switch port number, e.g. 11 for vif11.
1300# SHA and REPLY_HA are each 12 hex digits.
1301# SPA and TPA are each 8 hex digits.
1302test_arp() {
1303 local inport=$1 sha=$2 spa=$3 tpa=$4 reply_ha=$5
1304
1305 local request="inport == \"lp$inport\"
1306 && eth.dst == ff:ff:ff:ff:ff:ff && eth.src == $sha
1307 && arp.op == 1 && arp.sha == $sha && arp.spa == $spa
abb37b6b 1308 && arp.tha == ff:ff:ff:ff:ff:ff && arp.tpa == $tpa"
4acd1e87
BP		 1309
1310 if test -z "$reply_ha"; then
1311 reply=
abb37b6b
FF		 1312 local i
1313 for i in 1 2 3; do
1314 if test $i != $inport; then
1315 reply="${reply}output(\"lp$i\");
4acd1e87 1316"
abb37b6b
FF		 1317 fi
1318 done
4acd1e87
BP		 1319 else
1320 reply="\
1321eth.dst = $sha;
1322eth.src = $reply_ha;
1323arp.op = 2;
1324arp.tha = $sha;
1325arp.sha = $reply_ha;
1326arp.tpa = $spa;
1327arp.spa = $tpa;
1328output(\"lp$inport\");
1329"
1330 fi
1331
1332 AT_CAPTURE_FILE([trace])
1333 AT_CHECK_UNQUOTED([ovs-appctl -t ovn-trace trace --all lsw0 "$request" | tee trace | sed '1,/Minimal trace/d'], [0], [$reply])
1334}
1335
1336# Send packets between all pairs of source and destination ports:
1337#
1338# 1. Unicast packets are delivered to exactly one logical switch port
1339# (except that packets destined to their input ports are dropped).
1340#
1341# 2. Broadcast and multicast are delivered to all logical switch ports
1342# except the input port.
1343#
1344# 3. When port security is turned on, the switch drops packets from the wrong
1345# MAC address.
1346#
1347# 4. The switch drops all packets with a VLAN tag.
1348#
1349# 5. The switch drops all packets with a multicast source address. (This only
1350# affects behavior when port security is turned off, since otherwise port
1351# security would drop the packet anyway.)
1352#
1353# 6. The switch delivers packets with an unknown destination to logical
1354# switch ports with "unknown" among their MAC addresses (and port
1355# security disabled).
1356#
1357# 7. The switch drops unicast packets that violate an ACL.
1358#
1359# 8. The switch drops multicast and broadcast packets that violate an ACL.
1360#
1361# 9. ARP requests to known IPs are responded directly.
1362#
1363# 10. No response to ARP requests for unknown IPs.
1364
1365for s in 1 2 3; do
1366 bcast=
1367 unknown=
1368 bacl2=
1369 bacl3=
1370 for d in 1 2 3; do
abb37b6b
FF		 1371 echo
1372 echo "lp$s -> lp$d"
1373 if test $d != $s; then unicast=$d; else unicast=; fi
1374 test_packet $s f0:00:00:00:00:0$d f0:00:00:00:00:0$s $unicast #1
1375
1376 if test $d != $s && test $s = 1; then
1377 impersonate=$d
1378 else
1379 impersonate=
1380 fi
1381 test_packet $s f0:00:00:00:00:0$d f0:00:00:00:00:55 $impersonate #3
1382
1383 if test $d != $s && test $s != 1; then acl2=$d; else acl2=; fi
1384 if test $d != $s && test $d != 3; then acl3=$d; else acl3=; fi
1385 if test $d = $s || ( (test $s = 1 || test $s = 2) && test $d = 3); then
1386 # Source of 1 or 2 and dest of 3 should be dropped
1387 # due to the 4th ACL that uses address_set(set1).
1388 acl4=
1389 else
1390 acl4=$d
1391 fi
1392
1393 #7, acl1 to acl4:
1394 test_packet $s f0:00:00:00:00:0$d f0:00:00:00:00:0$s -eth 1234
1395 test_packet $s f0:00:00:00:00:0$d f0:00:00:00:00:0$s -eth 1235 $acl2
1396 test_packet $s f0:00:00:00:00:0$d f0:00:00:00:00:0$s -eth 1236 $acl3
1397 test_packet $s f0:00:00:00:00:0$d f0:00:00:00:00:0$s -eth 1237 $acl4
1398
1399 test_packet $s f0:00:00:00:00:0$d f0:00:00:00:00:55 -vlan #4
1400 test_packet $s f0:00:00:00:00:0$d 01:00:00:00:00:0$s #5
1401
1402 if test $d != $s && test $d = 1; then
1403 unknown="$unknown $d"
1404 fi
1405 bcast="$bcast $unicast"
1406 bacl2="$bacl2 $acl2"
1407 bacl3="$bacl3 $acl3"
1408
1409 sip=192.168.0.$s
1410 tip=192.168.0.$d
1411 tip_unknown=11.11.11.11
1412 test_arp $s f0:00:00:00:00:0$s $sip $tip f0:00:00:00:00:0$d #9
1413 test_arp $s f0:00:00:00:00:0$s $sip $tip_unknown #10
1414
1415 if test $d = 3; then
1416 # lp3 has an additional ip 192.169.0.[123]3.
1417 tip=192.169.0.$d
1418 test_arp $s f0:00:00:00:00:0$s $sip $tip f0:00:00:00:00:0$d #9
1419 fi
4acd1e87
BP		 1420 done
1421
1422 # Broadcast and multicast.
1423 test_packet $s ff:ff:ff:ff:ff:ff f0:00:00:00:00:0$s $bcast #2
1424 test_packet $s 01:00:00:00:00:00 f0:00:00:00:00:0$s $bcast #2
1425 if test $s = 1; then
abb37b6b 1426 bcast_impersonate=$bcast
4acd1e87 1427 else
abb37b6b 1428 bcast_impersonate=
4acd1e87
BP		 1429 fi
1430 test_packet $s 01:00:00:00:00:00 f0:00:00:00:00:44 $bcast_impersonate #3
1431
1432 test_packet $s f0:00:00:00:ff:ff f0:00:00:00:00:0$s $unknown #6
1433
1434 #8, acl1 to acl3:
1435 test_packet $s ff:ff:ff:ff:ff:ff f0:00:00:00:00:0$s -eth 1234
1436 test_packet $s ff:ff:ff:ff:ff:ff f0:00:00:00:00:0$s -eth 1235 $bacl2
1437 test_packet $s ff:ff:ff:ff:ff:ff f0:00:00:00:00:0$s -eth 1236 $bacl3
1438
1439 #8, acl1 to acl3:
1440 test_packet $s 01:00:00:00:00:00 f0:00:00:00:00:0$s -eth 1234
1441 test_packet $s 01:00:00:00:00:00 f0:00:00:00:00:0$s -eth 1235 $bacl2
1442 test_packet $s 01:00:00:00:00:00 f0:00:00:00:00:0$s -eth 1236 $bacl3
1443done
1444
1445AT_CLEANUP
1446
7277bc83
RB		 1447# 2 hypervisors, 4 logical ports per HV
1448# 2 locally attached networks (one flat, one vlan tagged over same device)
1449# 2 ports per HV on each network
e90aeb57 1450AT_SETUP([ovn -- 2 HVs, 4 lports/HV, localnet ports])
d79fc5f4
RB		 1451AT_KEYWORDS([ovn-localnet])
1452AT_SKIP_IF([test $HAVE_PYTHON = no])
1453ovn_start
1454
ea46a4e9
JP		 1455# In this test cases we create 3 switches, all connected to same
1456# physical network (through br-phys on each HV). Each switch has
0ee7f7f1
HZ		 1457# VIF ports across 2 HVs. Each HV has 5 VIF ports. The first digit
1458# of VIF port name indicates the hypervisor it is bound to, e.g.
1459# lp23 means VIF 3 on hv2.
1460#
ea46a4e9 1461# Each switch's VLAN tag and their logical switch ports are:
0ee7f7f1
HZ		 1462# - ls1:
1463# - untagged
ea46a4e9 1464# - ports: lp11, lp12, lp21, lp22
0ee7f7f1
HZ		 1465#
1466# - ls2:
1467# - tagged with VLAN 101
ea46a4e9 1468# - ports: lp13, lp14, lp23, lp24
0ee7f7f1
HZ		 1469# - ls3:
1470# - untagged
ea46a4e9 1471# - ports: lp15, lp25
0ee7f7f1 1472#
ea46a4e9 1473# Note: a localnet port is created for each switch to connect to
0ee7f7f1
HZ		 1474# physical network.
1475
1476for i in 1 2 3; do
ea46a4e9
JP		 1477 ls_name=ls$i
1478 ovn-nbctl ls-add $ls_name
0ee7f7f1
HZ		 1479 ln_port_name=ln$i
1480 if test $i -eq 2; then
ea46a4e9 1481 ovn-nbctl lsp-add $ls_name $ln_port_name "" 101
0ee7f7f1 1482 else
ea46a4e9 1483 ovn-nbctl lsp-add $ls_name $ln_port_name
0ee7f7f1 1484 fi
31ed1192
JP		 1485 ovn-nbctl lsp-set-addresses $ln_port_name unknown
1486 ovn-nbctl lsp-set-type $ln_port_name localnet
1487 ovn-nbctl lsp-set-options $ln_port_name network_name=phys
0ee7f7f1 1488done
d79fc5f4
RB		 1489
1490net_add n1
1491for i in 1 2; do
1492 sim_add hv$i
1493 as hv$i
1494 ovs-vsctl add-br br-phys
1495 ovs-vsctl set open . external-ids:ovn-bridge-mappings=phys:br-phys
1496 ovn_attach n1 br-phys 192.168.0.$i
1497
0ee7f7f1 1498 for j in 1 2 3 4 5; do
d79fc5f4
RB		 1499 ovs-vsctl add-port br-int vif$i$j -- \
1500 set Interface vif$i$j external-ids:iface-id=lp$i$j \
1501 options:tx_pcap=hv$i/vif$i$j-tx.pcap \
1502 options:rxq_pcap=hv$i/vif$i$j-rx.pcap \
1503 ofport-request=$i$j
1504
31ed1192 1505 lsp_name=lp$i$j
7277bc83 1506 if test $j -le 2; then
ea46a4e9 1507 ls_name=ls1
0ee7f7f1 1508 elif test $j -le 4; then
ea46a4e9 1509 ls_name=ls2
d79fc5f4 1510 else
ea46a4e9 1511 ls_name=ls3
d79fc5f4 1512 fi
d79fc5f4 1513
ea46a4e9 1514 ovn-nbctl lsp-add $ls_name $lsp_name
31ed1192
JP		 1515 ovn-nbctl lsp-set-addresses $lsp_name f0:00:00:00:00:$i$j
1516 ovn-nbctl lsp-set-port-security $lsp_name f0:00:00:00:00:$i$j
d79fc5f4 1517
31ed1192 1518 OVS_WAIT_UNTIL([test x`ovn-nbctl lsp-get-up $lsp_name` = xup])
d79fc5f4
RB		 1519 done
1520done
1521
1522ovn_populate_arp
1523
1524# XXX This is now the 3rd copy of these functions in this file ...
1525
1526# Given the name of a logical port, prints the name of the hypervisor
1527# on which it is located.
1528vif_to_hv() {
1529 echo hv${1%?}
1530}
1531#
1532# test_packet INPORT DST SRC ETHTYPE OUTPORT...
1533#
1534# This shell function causes a packet to be received on INPORT. The packet's
1535# content has Ethernet destination DST and source SRC (each exactly 12 hex
1536# digits) and Ethernet type ETHTYPE (4 hex digits). The OUTPORTs (zero or
1537# more) list the VIFs on which the packet should be received. INPORT and the
31ed1192 1538# OUTPORTs are specified as logical switch port numbers, e.g. 11 for vif11.
d79fc5f4 1539for i in 1 2; do
0ee7f7f1 1540 for j in 1 2 3 4 5; do
d79fc5f4
RB		 1541 : > $i$j.expected
1542 done
1543done
1544test_packet() {
1545 local inport=$1 src=$2 dst=$3 eth=$4; shift; shift; shift; shift
1546 local packet=${src}${dst}${eth}
1547 hv=`vif_to_hv $inport`
1548 vif=vif$inport
1549 as $hv ovs-appctl netdev-dummy/receive $vif $packet
1550 for outport; do
e4543cfe 1551 echo $packet >> $outport.expected
d79fc5f4
RB		 1552 done
1553}
1554
7277bc83
RB		 1555# lp11 and lp21 are on the same network (phys, untagged)
1556# and on different hypervisors
d79fc5f4
RB		 1557test_packet 11 f00000000021 f00000000011 1121 21
1558test_packet 21 f00000000011 f00000000021 2111 11
1559
7277bc83
RB		 1560# lp11 and lp12 are on the same network (phys, untagged)
1561# and on the same hypervisor
e90aeb57
RB		 1562test_packet 11 f00000000012 f00000000011 1112 12
1563test_packet 12 f00000000011 f00000000012 1211 11
7277bc83
RB		 1564
1565# lp13 and lp23 are on the same network (phys, VLAN 101)
1566# and on different hypervisors
1567test_packet 13 f00000000023 f00000000013 1323 23
1568test_packet 23 f00000000013 f00000000023 2313 13
1569
1570# lp13 and lp14 are on the same network (phys, VLAN 101)
1571# and on the same hypervisor
e90aeb57
RB		 1572test_packet 13 f00000000014 f00000000013 1314 14
1573test_packet 14 f00000000013 f00000000014 1413 13
d79fc5f4 1574
0ee7f7f1 1575# lp11 and lp15 are on the same network (phys, untagged),
ea46a4e9 1576# same hypervisor, and on different switches
0ee7f7f1
HZ		 1577test_packet 11 f00000000015 f00000000011 1115 15
1578test_packet 15 f00000000011 f00000000015 1511 11
1579
1580# lp11 and lp25 are on the same network (phys, untagged),
ea46a4e9 1581# different hypervisors, and on different switches
0ee7f7f1
HZ		 1582test_packet 11 f00000000025 f00000000011 1125 25
1583test_packet 25 f00000000011 f00000000025 2511 11
1584
d79fc5f4 1585# Ports that should not be able to communicate
7277bc83
RB		 1586test_packet 11 f00000000013 f00000000011 1113
1587test_packet 11 f00000000023 f00000000011 1123
1588test_packet 21 f00000000013 f00000000021 2113
1589test_packet 21 f00000000023 f00000000021 2123
1590test_packet 13 f00000000011 f00000000013 1311
1591test_packet 13 f00000000021 f00000000013 1321
1592test_packet 23 f00000000011 f00000000023 2311
1593test_packet 23 f00000000021 f00000000023 2321
d79fc5f4 1594
d79fc5f4
RB		 1595# Dump a bunch of info helpful for debugging if there's a failure.
1596
1597echo "------ OVN dump ------"
1598ovn-nbctl show
1599ovn-sbctl show
1600
1601echo "------ hv1 dump ------"
1602as hv1 ovs-vsctl show
1603as hv1 ovs-ofctl -O OpenFlow13 dump-flows br-int
1604
1605echo "------ hv2 dump ------"
1606as hv2 ovs-vsctl show
1607as hv2 ovs-ofctl -O OpenFlow13 dump-flows br-int
1608
1609# Now check the packets actually received against the ones expected.
1610for i in 1 2; do
0ee7f7f1 1611 for j in 1 2 3 4 5; do
49d7c759 1612 OVN_CHECK_PACKETS([hv$i/vif$i$j-tx.pcap], [$i$j.expected])
d79fc5f4
RB		 1613 done
1614done
1615
7a8f15e0 1616OVN_CLEANUP([hv1],[hv2])
d9c8c57c 1617
d79fc5f4
RB		 1618AT_CLEANUP
1619
91125642
FF		 1620AT_SETUP([ovn -- vtep: 3 HVs, 1 VIFs/HV, 1 GW, 1 LS])
1621AT_KEYWORDS([vtep])
eb6b08eb
JP		 1622AT_SKIP_IF([test $HAVE_PYTHON = no])
1623ovn_start
1624
1625# Configure the Northbound database
ea46a4e9 1626ovn-nbctl ls-add lsw0
eb6b08eb 1627
31ed1192
JP		 1628ovn-nbctl lsp-add lsw0 lp1
1629ovn-nbctl lsp-set-addresses lp1 f0:00:00:00:00:01
eb6b08eb 1630
31ed1192
JP		 1631ovn-nbctl lsp-add lsw0 lp2
1632ovn-nbctl lsp-set-addresses lp2 f0:00:00:00:00:02
eb6b08eb 1633
31ed1192
JP		 1634ovn-nbctl lsp-add lsw0 lp-vtep
1635ovn-nbctl lsp-set-type lp-vtep vtep
1636ovn-nbctl lsp-set-options lp-vtep vtep-physical-switch=br-vtep vtep-logical-switch=lsw0
1637ovn-nbctl lsp-set-addresses lp-vtep unknown
eb6b08eb
JP		 1638
1639net_add n1 # Network to connect hv1, hv2, and vtep
1640net_add n2 # Network to connect vtep and hv3
1641
1642# Create hypervisor hv1 connected to n1
1643sim_add hv1
1644as hv1
1645ovs-vsctl add-br br-phys
1646ovn_attach n1 br-phys 192.168.0.1
1647ovs-vsctl add-port br-int vif1 -- set Interface vif1 external-ids:iface-id=lp1 options:tx_pcap=hv1/vif1-tx.pcap options:rxq_pcap=hv1/vif1-rx.pcap ofport-request=1
1648
1649# Create hypervisor hv2 connected to n1
1650sim_add hv2
1651as hv2
1652ovs-vsctl add-br br-phys
1653ovn_attach n1 br-phys 192.168.0.2
1654ovs-vsctl add-port br-int vif2 -- set Interface vif2 external-ids:iface-id=lp2 options:tx_pcap=hv2/vif2-tx.pcap options:rxq_pcap=hv2/vif2-rx.pcap ofport-request=1
1655
1656
1657# Start the vtep emulator with a leg in both networks
1658sim_add vtep
1659as vtep
1660
1661ovsdb-tool create "$ovs_base"/vtep/vtep.db "$abs_top_srcdir"/vtep/vtep.ovsschema || return 1
1662ovs-appctl -t ovsdb-server ovsdb-server/add-db "$ovs_base"/vtep/vtep.db
1663
1664ovs-vsctl add-br br-phys
1665net_attach n1 br-phys
1666
1667mac=`ovs-vsctl get Interface br-phys mac_in_use | sed s/\"//g`
1668arp_table="$arp_table $sandbox,br-phys,192.168.0.3,$mac"
1669ovs-appctl netdev-dummy/ip4addr br-phys 192.168.0.3/24 >/dev/null || return 1
1670ovs-appctl ovs/route/add 192.168.0.3/24 br-phys >/dev/null || return 1
1671
1672ovs-vsctl add-br br-vtep
1673net_attach n2 br-vtep
1674
1675vtep-ctl add-ps br-vtep
1676vtep-ctl set Physical_Switch br-vtep tunnel_ips=192.168.0.3
1677vtep-ctl add-ls lsw0
1678
1679start_daemon ovs-vtep br-vtep
1680start_daemon ovn-controller-vtep --vtep-db=unix:"$ovs_base"/vtep/db.sock --ovnsb-db=unix:"$ovs_base"/ovn-sb/ovn-sb.sock
1681
1682sleep 1
1683
1684vtep-ctl bind-ls br-vtep br-vtep_n2 0 lsw0
1685
475f0a2c
DB		 1686OVS_WAIT_UNTIL([test -n "`as vtep vtep-ctl get-replication-mode lsw0 |
1687 grep -- source`"])
1688# It takes more time for the update to be processed by ovs-vtep.
eb6b08eb
JP		 1689sleep 1
1690
1691# Add hv3 on the other side of the vtep
1692sim_add hv3
1693as hv3
1694ovs-vsctl add-br br-phys
1695net_attach n2 br-phys
1696
1697ovs-vsctl add-port br-phys vif3 -- set Interface vif3 options:tx_pcap=hv3/vif3-tx.pcap options:rxq_pcap=hv3/vif3-rx.pcap ofport-request=1
1698
1699# Pre-populate the hypervisors' ARP tables so that we don't lose any
1700# packets for ARP resolution (native tunneling doesn't queue packets
1701# for ARP resolution).
1702ovn_populate_arp
1703
1704# Allow some time for ovn-northd and ovn-controller to catch up.
1705# XXX This should be more systematic.
1706sleep 1
6977df72 1707
eb6b08eb
JP		 1708# test_packet INPORT DST SRC ETHTYPE OUTPORT...
1709#
1710# This shell function causes a packet to be received on INPORT. The packet's
1711# content has Ethernet destination DST and source SRC (each exactly 12 hex
1712# digits) and Ethernet type ETHTYPE (4 hex digits). The OUTPORTs (zero or
1713# more) list the VIFs on which the packet should be received. INPORT and the
31ed1192 1714# OUTPORTs are specified as logical switch port numbers, e.g. 1 for vif1.
eb6b08eb
JP		 1715for i in 1 2 3; do
1716 : > $i.expected
1717done
1718test_packet() {
1719 local inport=$1 packet=$2$3$4; shift; shift; shift; shift
1720 #hv=hv`echo $inport | sed 's/^\(.\).*/\1/'`
1721 hv=hv$inport
1722 vif=vif$inport
1723 as $hv ovs-appctl netdev-dummy/receive $vif $packet
1724 for outport; do
e4543cfe 1725 echo $packet >> $outport.expected
eb6b08eb
JP		 1726 done
1727}
1728
1729# Send packets between all pairs of source and destination ports:
1730#
31ed1192
JP		 1731# 1. Unicast packets are delivered to exactly one logical switch port
1732# (except that packets destined to their input ports are dropped).
eb6b08eb 1733#
31ed1192
JP		 1734# 2. Broadcast and multicast are delivered to all logical switch ports
1735# except the input port.
eb6b08eb 1736#
ea46a4e9 1737# 3. The switch delivers packets with an unknown destination to logical
31ed1192
JP		 1738# switch ports with "unknown" among their MAC addresses (and port
1739# security disabled).
eb6b08eb
JP		 1740for s in 1 2 3; do
1741 bcast=
1742 unknown=
1743 for d in 1 2 3; do
1744 if test $d != $s; then unicast=$d; else unicast=; fi
1745 test_packet $s f0000000000$d f0000000000$s 00$s$d $unicast #1
1746
1747 # The vtep (vif3) is the only one configured for "unknown"
1748 if test $d != $s && test $d = 3; then
1749 unknown="$unknown $d"
1750 fi
1751 bcast="$bcast $unicast"
1752 done
1753
1754 # Broadcast and multicast.
46ed1382
DB		 1755 test_packet $s ffffffffffff f0000000000$s 0${s}ff $bcast #2
1756 test_packet $s 010000000000 f0000000000$s 0${s}ff $bcast #2
eb6b08eb
JP		 1757
1758 test_packet $s f0000000ffff f0000000000$s 0${s}66 $unknown #3
1759done
1760
bb0c41d3
RM		 1761# dump information with counters
1762echo "------ OVN dump ------"
1763ovn-nbctl show
1764ovn-sbctl show
1765
1766echo "------ hv1 dump ------"
1767as hv1 ovs-vsctl show
6195e2e7 1768as hv1 ovs-ofctl -O OpenFlow13 show br-int
bb0c41d3
RM		 1769as hv1 ovs-ofctl -O OpenFlow13 dump-flows br-int
1770
1771echo "------ hv2 dump ------"
1772as hv2 ovs-vsctl show
6195e2e7 1773as hv2 ovs-ofctl -O OpenFlow13 show br-int
bb0c41d3
RM		 1774as hv2 ovs-ofctl -O OpenFlow13 dump-flows br-int
1775
1776echo "------ hv3 dump ------"
1777as hv3 ovs-vsctl show
6754e92d
FF		 1778# note: hv3 has no logical port bind, thus it should not have br-int
1779AT_CHECK([as hv3 ovs-ofctl -O OpenFlow13 show br-int], [1], [],
1780[ovs-ofctl: br-int is not a bridge or a socket
1781])
bb0c41d3 1782
eb6b08eb
JP		 1783# Now check the packets actually received against the ones expected.
1784for i in 1 2 3; do
49d7c759 1785 OVN_CHECK_PACKETS([hv$i/vif$i-tx.pcap], [$i.expected])
eb6b08eb 1786done
fcde56f5
LR		 1787
1788# Gracefully terminate daemons
7a8f15e0
LR		 1789OVN_CLEANUP([hv1],[hv2],[vtep])
1790OVN_CLEANUP_VSWITCH([hv3])
d9c8c57c 1791
eb6b08eb 1792AT_CLEANUP
9975d7be 1793
184bc3ca
RB		 1794# Similar test to "hardware GW"
1795AT_SETUP([ovn -- 3 HVs, 1 VIFs/HV, 1 software GW, 1 LS])
1796AT_SKIP_IF([test $HAVE_PYTHON = no])
1797ovn_start
1798
1799# Configure the Northbound database
1800ovn-nbctl ls-add lsw0
1801
1802ovn-nbctl lsp-add lsw0 lp1
1803ovn-nbctl lsp-set-addresses lp1 f0:00:00:00:00:01
1804
1805ovn-nbctl lsp-add lsw0 lp2
1806ovn-nbctl lsp-set-addresses lp2 f0:00:00:00:00:02
1807
1808ovn-nbctl lsp-add lsw0 lp-gw
1809ovn-nbctl lsp-set-type lp-gw l2gateway
62b87eab 1810ovn-nbctl lsp-set-options lp-gw network_name=physnet1 l2gateway-chassis=hv_gw
184bc3ca
RB		 1811ovn-nbctl lsp-set-addresses lp-gw unknown
1812
1813net_add n1 # Network to connect hv1, hv2, and gw
1814net_add n2 # Network to connect gw and hv3
1815
1816# Create hypervisor hv1 connected to n1
1817sim_add hv1
1818as hv1
1819ovs-vsctl add-br br-phys
1820ovn_attach n1 br-phys 192.168.0.1
1821ovs-vsctl add-port br-int vif1 -- set Interface vif1 external-ids:iface-id=lp1 options:tx_pcap=hv1/vif1-tx.pcap options:rxq_pcap=hv1/vif1-rx.pcap ofport-request=1
1822
1823# Create hypervisor hv2 connected to n1
1824sim_add hv2
1825as hv2
1826ovs-vsctl add-br br-phys
1827ovn_attach n1 br-phys 192.168.0.2
1828ovs-vsctl add-port br-int vif2 -- set Interface vif2 external-ids:iface-id=lp2 options:tx_pcap=hv2/vif2-tx.pcap options:rxq_pcap=hv2/vif2-rx.pcap ofport-request=1
1829
1830# Create hypervisor hv_gw connected to n1 and n2
1831# connect br-phys bridge to n1; connect hv-gw bridge to n2
1832sim_add hv_gw
1833as hv_gw
1834ovs-vsctl add-br br-phys
1835ovn_attach n1 br-phys 192.168.0.3
1836ovs-vsctl add-br br-phys2
1837net_attach n2 br-phys2
1838ovs-vsctl set open . external_ids:ovn-bridge-mappings="physnet1:br-phys2"
1839
184bc3ca
RB		 1840# Add hv3 on the other side of the GW
1841sim_add hv3
1842as hv3
1843ovs-vsctl add-br br-phys
1844net_attach n2 br-phys
1845ovs-vsctl add-port br-phys vif3 -- set Interface vif3 options:tx_pcap=hv3/vif3-tx.pcap options:rxq_pcap=hv3/vif3-rx.pcap ofport-request=1
1846
1847
1848# Pre-populate the hypervisors' ARP tables so that we don't lose any
1849# packets for ARP resolution (native tunneling doesn't queue packets
1850# for ARP resolution).
1851ovn_populate_arp
1852
1853# Allow some time for ovn-northd and ovn-controller to catch up.
1854# XXX This should be more systematic.
1855sleep 1
1856
1857# test_packet INPORT DST SRC ETHTYPE OUTPORT...
1858#
1859# This shell function causes a packet to be received on INPORT. The packet's
1860# content has Ethernet destination DST and source SRC (each exactly 12 hex
1861# digits) and Ethernet type ETHTYPE (4 hex digits). The OUTPORTs (zero or
1862# more) list the VIFs on which the packet should be received. INPORT and the
1863# OUTPORTs are specified as lport numbers, e.g. 1 for vif1.
184bc3ca
RB		 1864for i in 1 2 3; do
1865 : > $i.expected
1866done
1867test_packet() {
1868 local inport=$1 packet=$2$3$4; shift; shift; shift; shift
1869 #hv=hv`echo $inport | sed 's/^\(.\).*/\1/'`
1870 hv=hv$inport
1871 vif=vif$inport
1872 as $hv ovs-appctl netdev-dummy/receive $vif $packet
1873 for outport; do
e4543cfe 1874 echo $packet >> $outport.expected
184bc3ca
RB		 1875 done
1876}
1877
1878# Send packets between all pairs of source and destination ports:
1879#
1880# 1. Unicast packets are delivered to exactly one lport (except that packets
1881# destined to their input ports are dropped).
1882#
1883# 2. Broadcast and multicast are delivered to all lports except the input port.
1884#
1885# 3. The lswitch delivers packets with an unknown destination to lports with
1886# "unknown" among their MAC addresses (and port security disabled).
1887for s in 1 2 3 ; do
1888 bcast=
1889 unknown=
1890 for d in 1 2 3 ; do
1891 if test $d != $s; then unicast=$d; else unicast=; fi
1892 test_packet $s f0000000000$d f0000000000$s 00$s$d $unicast #1
1893
1894 # The vtep (vif3) is the only one configured for "unknown"
1895 if test $d != $s && test $d = 3; then
1896 unknown="$unknown $d"
1897 fi
1898 bcast="$bcast $unicast"
1899 done
1900
1901 test_packet $s ffffffffffff f0000000000$s 0${s}ff $bcast #2
1902 test_packet $s 010000000000 f0000000000$s 0${s}ff $bcast #3
1903 test_packet $s f0000000ffff f0000000000$s 0${s}66 $unknown #4
1904done
1905
184bc3ca
RB		 1906echo "------ ovn-nbctl show ------"
1907ovn-nbctl show
1908echo "------ ovn-sbctl show ------"
1909ovn-sbctl show
1910
1911echo "------ hv1 ------"
1912as hv1 ovs-vsctl show
1913echo "------ hv1 br-int ------"
1914as hv1 ovs-ofctl -O OpenFlow13 dump-flows br-int
1915echo "------ hv1 br-phys ------"
1916as hv1 ovs-ofctl -O OpenFlow13 dump-flows br-phys
1917
1918echo "------ hv2 ------"
1919as hv2 ovs-vsctl show
1920echo "------ hv2 br-int ------"
1921as hv2 ovs-ofctl -O OpenFlow13 dump-flows br-int
1922echo "------ hv2 br-phys ------"
1923as hv2 ovs-ofctl -O OpenFlow13 dump-flows br-phys
1924
1925echo "------ hv_gw ------"
1926as hv_gw ovs-vsctl show
1927echo "------ hv_gw br-phys ------"
1928as hv_gw ovs-ofctl -O OpenFlow13 dump-flows br-phys
1929echo "------ hv_gw br-phys2 ------"
1930as hv_gw ovs-ofctl -O OpenFlow13 dump-flows br-phys2
1931
1932echo "------ hv3 ------"
1933as hv3 ovs-vsctl show
1934echo "------ hv3 br-phys ------"
1935as hv3 ovs-ofctl -O OpenFlow13 dump-flows br-phys
1936
1937# Now check the packets actually received against the ones expected.
1938for i in 1 2 3; do
49d7c759 1939 OVN_CHECK_PACKETS([hv$i/vif$i-tx.pcap], [$i.expected])
184bc3ca
RB		 1940done
1941AT_CLEANUP
1942
9975d7be
BP		 1943# 3 hypervisors, 3 logical switches with 3 logical ports each, 1 logical router
1944AT_SETUP([ovn -- 3 HVs, 3 LS, 3 lports/LS, 1 LR])
1945AT_SKIP_IF([test $HAVE_PYTHON = no])
1946ovn_start
1947
1948# Logical network:
1949#
1950# Three logical switches ls1, ls2, ls3.
86e98048
BP		 1951# One logical router lr0 connected to ls[123],
1952# with nine subnets, three per logical switch:
1953#
1954# lrp11 on ls1 for subnet 192.168.11.0/24
1955# lrp12 on ls1 for subnet 192.168.12.0/24
1956# lrp13 on ls1 for subnet 192.168.13.0/24
1957# ...
1958# lrp33 on ls3 for subnet 192.168.33.0/24
1959#
1960# 27 VIFs, 9 per LS, 3 per subnet: lp[123][123][123], where the first two
1961# digits are the subnet and the last digit distinguishes the VIF.
9975d7be 1962for i in 1 2 3; do
ea46a4e9 1963 ovn-nbctl ls-add ls$i
9975d7be 1964 for j in 1 2 3; do
86e98048 1965 for k in 1 2 3; do
31ed1192
JP		 1966 # Add "unknown" to MAC addresses for lp?11, so packets for
1967 # MAC-IP bindings discovered via ARP later have somewhere to go.
1968 if test $j$k = 11; then unknown=unknown; else unknown=; fi
1969
1970 ovn-nbctl \
1971 -- lsp-add ls$i lp$i$j$k \
1972 -- lsp-set-addresses lp$i$j$k "f0:00:00:00:0$i:$j$k \
1973 192.168.$i$j.$k" $unknown
86e98048
BP		 1974 done
1975 done
1976done
1977
fa2a27b2 1978ovn-nbctl lr-add lr0
86e98048
BP		 1979for i in 1 2 3; do
1980 for j in 1 2 3; do
bf44c2cd 1981 ovn-nbctl lrp-add lr0 lrp$i$j 00:00:00:00:ff:$i$j 192.168.$i$j.254/24
269ecccc 1982 ovn-nbctl \
31ed1192 1983 -- lsp-add ls$i lrp$i$j-attachment \
269ecccc 1984 -- set Logical_Switch_Port lrp$i$j-attachment type=router \
00007447 1985 options:router-port=lrp$i$j \
86e98048 1986 addresses='"00:00:00:00:ff:'$i$j'"'
9975d7be
BP		 1987 done
1988done
1989
80f408f4 1990ovn-nbctl set Logical_Switch_Port lrp33-attachment \
57d143eb
HZ		 1991 addresses='"00:00:00:00:ff:33 192.168.33.254"'
1992
9975d7be
BP		 1993# Physical network:
1994#
1995# Three hypervisors hv[123].
86e98048
BP		 1996# lp?1[123] spread across hv[123]: lp?11 on hv1, lp?12 on hv2, lp?13 on hv3.
1997# lp?2[123] spread across hv[23]: lp?21 and lp?22 on hv2, lp?23 on hv3.
1998# lp?3[123] all on hv3.
1999
9975d7be
BP		 2000
2001# Given the name of a logical port, prints the name of the hypervisor
2002# on which it is located.
2003vif_to_hv() {
2004 case $1 in dnl (
86e98048
BP		 2005 ?11) echo 1 ;; dnl (
2006 ?12 | ?21 | ?22) echo 2 ;; dnl (
2007 ?13 | ?23 | ?3?) echo 3 ;;
9975d7be
BP		 2008 esac
2009}
2010
86e98048
BP		 2011# Given the name of a logical port, prints the name of its logical router
2012# port, e.g. "vif_to_lrp 123" yields 12.
2013vif_to_lrp() {
2014 echo ${1%?}
2015}
2016
2017# Given the name of a logical port, prints the name of its logical
2018# switch, e.g. "vif_to_ls 123" yields 1.
e3393e3f 2019vif_to_ls() {
86e98048 2020 echo ${1%??}
e3393e3f
BP		 2021}
2022
9975d7be
BP		 2023net_add n1
2024for i in 1 2 3; do
2025 sim_add hv$i
2026 as hv$i
2027 ovs-vsctl add-br br-phys
2028 ovn_attach n1 br-phys 192.168.0.$i
2029done
2030for i in 1 2 3; do
2031 for j in 1 2 3; do
86e98048 2032 for k in 1 2 3; do
269ecccc
JP		 2033 hv=`vif_to_hv $i$j$k`
2034 as hv$hv ovs-vsctl \
2035 -- add-port br-int vif$i$j$k \
2036 -- set Interface vif$i$j$k \
2037 external-ids:iface-id=lp$i$j$k \
2038 options:tx_pcap=hv$hv/vif$i$j$k-tx.pcap \
2039 options:rxq_pcap=hv$hv/vif$i$j$k-rx.pcap \
2040 ofport-request=$i$j$k
86e98048 2041 done
9975d7be
BP		 2042 done
2043done
2044
2045# Pre-populate the hypervisors' ARP tables so that we don't lose any
2046# packets for ARP resolution (native tunneling doesn't queue packets
2047# for ARP resolution).
2048ovn_populate_arp
2049
2050# Allow some time for ovn-northd and ovn-controller to catch up.
2051# XXX This should be more systematic.
2052sleep 1
2053
e3393e3f 2054# test_ip INPORT SRC_MAC DST_MAC SRC_IP DST_IP OUTPORT...
9975d7be
BP		 2055#
2056# This shell function causes a packet to be received on INPORT. The packet's
2057# content has Ethernet destination DST and source SRC (each exactly 12 hex
2058# digits) and Ethernet type ETHTYPE (4 hex digits). The OUTPORTs (zero or
2059# more) list the VIFs on which the packet should be received. INPORT and the
31ed1192 2060# OUTPORTs are specified as logical switch port numbers, e.g. 123 for vif123.
9975d7be
BP		 2061for i in 1 2 3; do
2062 for j in 1 2 3; do
86e98048
BP		 2063 for k in 1 2 3; do
2064 : > $i$j$k.expected
269ecccc 2065 done
9975d7be
BP		 2066 done
2067done
e3393e3f 2068test_ip() {
9975d7be
BP		 2069 # This packet has bad checksums but logical L3 routing doesn't check.
2070 local inport=$1 src_mac=$2 dst_mac=$3 src_ip=$4 dst_ip=$5
ba43992e 2071 local packet=${dst_mac}${src_mac}08004500001c0000000040110000${src_ip}${dst_ip}0035111100080000
9975d7be
BP		 2072 shift; shift; shift; shift; shift
2073 hv=hv`vif_to_hv $inport`
2074 as $hv ovs-appctl netdev-dummy/receive vif$inport $packet
2075 #as $hv ovs-appctl ofproto/trace br-int in_port=$inport $packet
86e98048
BP		 2076 in_ls=`vif_to_ls $inport`
2077 in_lrp=`vif_to_lrp $inport`
9975d7be 2078 for outport; do
269ecccc 2079 out_ls=`vif_to_ls $outport`
86e98048 2080 if test $in_ls = $out_ls; then
9975d7be
BP		 2081 # Ports on the same logical switch receive exactly the same packet.
2082 echo $packet
2083 else
2084 # Routing decrements TTL and updates source and dest MAC
2085 # (and checksum).
269ecccc 2086 out_lrp=`vif_to_lrp $outport`
86e98048 2087 echo f00000000${outport}00000000ff${out_lrp}08004500001c00000000"3f1101"00${src_ip}${dst_ip}0035111100080000
e4543cfe 2088 fi >> $outport.expected
9975d7be
BP		 2089 done
2090}
2091
e3393e3f 2092as hv1 ovs-vsctl --columns=name,ofport list interface
0bac7164
BP		 2093as hv1 ovn-sbctl list port_binding
2094as hv1 ovn-sbctl list datapath_binding
9975d7be
BP		 2095as hv1 ovn-sbctl dump-flows
2096as hv1 ovs-ofctl dump-flows br-int
2097
e3393e3f 2098# Send IP packets between all pairs of source and destination ports:
9975d7be 2099#
31ed1192
JP		 2100# 1. Unicast IP packets are delivered to exactly one logical switch port
2101# (except that packets destined to their input ports are dropped).
9975d7be 2102#
31ed1192
JP		 2103# 2. Broadcast IP packets are delivered to all logical switch ports
2104# except the input port.
86e98048
BP		 2105ip_to_hex() {
2106 printf "%02x%02x%02x%02x" "$@"
2107}
9975d7be 2108for is in 1 2 3; do
269ecccc
JP		 2109 for js in 1 2 3; do
2110 for ks in 1 2 3; do
2111 bcast=
2112 s=$is$js$ks
2113 smac=f00000000$s
2114 sip=`ip_to_hex 192 168 $is$js $ks`
2115 for id in 1 2 3; do
2116 for jd in 1 2 3; do
2117 for kd in 1 2 3; do
2118 d=$id$jd$kd
2119 dip=`ip_to_hex 192 168 $id$jd $kd`
2120 if test $is = $id; then dmac=f00000000$d; else dmac=00000000ff$is$js; fi
2121 if test $d != $s; then unicast=$d; else unicast=; fi
2122
2123 test_ip $s $smac $dmac $sip $dip $unicast #1
2124
2125 if test $id = $is && test $d != $s; then bcast="$bcast $d"; fi
2126 done
2127 done
9975d7be 2128 done
269ecccc
JP		 2129 test_ip $s $smac ffffffffffff $sip ffffffff $bcast #2
2130 done
2131 done
e3393e3f
BP		 2132done
2133
0bac7164
BP		 2134# 3. Send an IP packet from every logical port to every other subnet,
2135# to an IP address that does not have a static IP-MAC binding.
2136# This should generate a broadcast ARP request for the destination
2137# IP address in the destination subnet.
2138for is in 1 2 3; do
269ecccc
JP		 2139 for js in 1 2 3; do
2140 for ks in 1 2 3; do
2141 s=$is$js$ks
2142 smac=f00000000$s
2143 sip=`ip_to_hex 192 168 $is$js $ks`
2144 for id in 1 2 3; do
2145 for jd in 1 2 3; do
2146 if test $is$js = $id$jd; then
2147 continue
2148 fi
2149
2150 # Send the packet.
2151 dmac=00000000ff$is$js
2152 # Calculate a 4th octet for the destination that is
2153 # unique per $s, avoids the .1 .2 .3 and .254 IP addresses
2154 # that have static MAC bindings, and fits in the range
2155 # 0-255.
2156 o4=`expr $is '*' 9 + $js '*' 3 + $ks + 10`
2157 dip=`ip_to_hex 192 168 $id$jd $o4`
2158 test_ip $s $smac $dmac $sip $dip
2159
2160 # Every LP on the destination subnet's lswitch should
2161 # receive the ARP request.
2162 lrmac=00000000ff$id$jd
2163 lrip=`ip_to_hex 192 168 $id$jd 254`
2164 arp=ffffffffffff${lrmac}08060001080006040001${lrmac}${lrip}000000000000${dip}
2165 for jd2 in 1 2 3; do
2166 for kd in 1 2 3; do
e4543cfe 2167 echo $arp >> $id$jd2$kd.expected
0bac7164 2168 done
269ecccc 2169 done
0bac7164 2170 done
269ecccc 2171 done
0bac7164 2172 done
269ecccc 2173 done
0bac7164
BP		 2174done
2175
e3393e3f
BP		 2176# test_arp INPORT SHA SPA TPA [REPLY_HA]
2177#
2178# Causes a packet to be received on INPORT. The packet is an ARP
2179# request with SHA, SPA, and TPA as specified. If REPLY_HA is provided, then
2180# it should be the hardware address of the target to expect to receive in an
2181# ARP reply; otherwise no reply is expected.
2182#
31ed1192 2183# INPORT is an logical switch port number, e.g. 11 for vif11.
e3393e3f
BP		 2184# SHA and REPLY_HA are each 12 hex digits.
2185# SPA and TPA are each 8 hex digits.
2186test_arp() {
2187 local inport=$1 sha=$2 spa=$3 tpa=$4 reply_ha=$5
2188 local request=ffffffffffff${sha}08060001080006040001${sha}${spa}ffffffffffff${tpa}
2189 hv=hv`vif_to_hv $inport`
2190 as $hv ovs-appctl netdev-dummy/receive vif$inport $request
2191 #as $hv ovs-appctl ofproto/trace br-int in_port=$inport $request
2192
57d143eb 2193 # Expect to receive the broadcast ARP on the other logical switch ports if
ea46a4e9 2194 # IP address is not configured to the switch patch port.
e3393e3f 2195 local i=`vif_to_ls $inport`
86e98048 2196 local j k
e3393e3f 2197 for j in 1 2 3; do
86e98048 2198 for k in 1 2 3; do
ea46a4e9 2199 # 192.168.33.254 is configured to the switch patch port for lrp33,
57d143eb
HZ		 2200 # so no ARP flooding expected for it.
2201 if test $i$j$k != $inport && test $tpa != `ip_to_hex 192 168 33 254`; then
86e98048
BP		 2202 echo $request >> $i$j$k.expected
2203 fi
2204 done
e3393e3f
BP		 2205 done
2206
2207 # Expect to receive the reply, if any.
2208 if test X$reply_ha != X; then
86e98048
BP		 2209 lrp=`vif_to_lrp $inport`
2210 local reply=${sha}00000000ff${lrp}08060001080006040002${reply_ha}${tpa}${sha}${spa}
e3393e3f
BP		 2211 echo $reply >> $inport.expected
2212 fi
2213}
2214
2215# Test router replies to ARP requests from all source ports:
2216#
0bac7164 2217# 4. Router replies to query for its MAC address from port's own IP address.
e3393e3f 2218#
0bac7164 2219# 5. Router replies to query for its MAC address from any random IP address
e3393e3f
BP		 2220# in its subnet.
2221#
0bac7164 2222# 6. Router replies to query for its MAC address from another subnet.
e3393e3f 2223#
0bac7164 2224# 7. No reply to query for IP address other than router IP.
e3393e3f 2225for i in 1 2 3; do
269ecccc
JP		 2226 for j in 1 2 3; do
2227 for k in 1 2 3; do
2228 smac=f00000000$i$j$k # Source MAC
2229 sip=`ip_to_hex 192 168 $i$j $k` # Source IP
2230 rip=`ip_to_hex 192 168 $i$j 254` # Router IP
2231 rmac=00000000ff$i$j # Router MAC
2232 otherip=`ip_to_hex 192 168 $i$j 55` # Some other IP in subnet
2233 test_arp $i$j$k $smac $sip $rip $rmac #4
2234 test_arp $i$j$k $smac $otherip $rip $rmac #5
2235 test_arp $i$j$k $smac 0a123456 $rip $rmac #6
2236 test_arp $i$j$k $smac $sip $otherip #7
0bac7164 2237 done
269ecccc 2238 done
0bac7164
BP		 2239done
2240
2241# Allow some time for packet forwarding.
2242# XXX This can be improved.
2243sleep 1
2244
2245# 8. Generate an ARP reply for each of the IP addresses ARPed for
2246# earlier as #3.
2247#
2248# Here, the $s is the VIF that originated the ARP request and $d is
2249# the VIF that sends the ARP reply, which is somewhat backward but
2250# it means that $s and $d are the same as #3.
2251: > mac_bindings.expected
2252for is in 1 2 3; do
269ecccc
JP		 2253 for js in 1 2 3; do
2254 for ks in 1 2 3; do
2255 s=$is$js$ks
2256 for id in 1 2 3; do
2257 for jd in 1 2 3; do
2258 if test $is$js = $id$jd; then
2259 continue
2260 fi
2261
2262 kd=1
2263 d=$id$jd$kd
2264
2265 o4=`expr $is '*' 9 + $js '*' 3 + $ks + 10`
2266 host_ip=`ip_to_hex 192 168 $id$jd $o4`
2267 host_mac=8000000000$o4
2268
2269 lrmac=00000000ff$id$jd
2270 lrip=`ip_to_hex 192 168 $id$jd 254`
2271
2272 arp=${lrmac}${host_mac}08060001080006040002${host_mac}${host_ip}${lrmac}${lrip}
2273
2274 echo
2275 echo
2276 echo
2277 hv=hv`vif_to_hv $d`
2278 as $hv ovs-appctl netdev-dummy/receive vif$d $arp
2279 #as $hv ovs-appctl ofproto/trace br-int in_port=$d $arp
2280 #as $hv ovs-ofctl dump-flows br-int table=19
2281
2282 host_ip_pretty=192.168.$id$jd.$o4
2283 host_mac_pretty=80:00:00:00:00:$o4
2284 echo lrp$id$jd,$host_ip_pretty,$host_mac_pretty >> mac_bindings.expected
86e98048 2285 done
269ecccc 2286 done
9975d7be 2287 done
269ecccc 2288 done
9975d7be 2289done
0bac7164 2290
9975d7be
BP		 2291# Allow some time for packet forwarding.
2292# XXX This can be improved.
2293sleep 1
2294
0bac7164
BP		 2295# 9. Send an IP packet from every logical port to every other subnet. These
2296# are the same packets already sent as #3, but now the destinations' IP-MAC
2297# bindings have been discovered via ARP, so instead of provoking an ARP
2298# request, these packets now get routed to their destinations (which don't
2299# have static MAC bindings, so they go to the port we've designated as
2300# accepting "unknown" MACs.)
2301for is in 1 2 3; do
269ecccc
JP		 2302 for js in 1 2 3; do
2303 for ks in 1 2 3; do
2304 s=$is$js$ks
2305 smac=f00000000$s
2306 sip=`ip_to_hex 192 168 $is$js $ks`
2307 for id in 1 2 3; do
2308 for jd in 1 2 3; do
2309 if test $is$js = $id$jd; then
2310 continue
2311 fi
2312
2313 # Send the packet.
2314 dmac=00000000ff$is$js
2315 # Calculate a 4th octet for the destination that is
2316 # unique per $s, avoids the .1 .2 .3 and .254 IP addresses
2317 # that have static MAC bindings, and fits in the range
2318 # 0-255.
2319 o4=`expr $is '*' 9 + $js '*' 3 + $ks + 10`
2320 dip=`ip_to_hex 192 168 $id$jd $o4`
2321 test_ip $s $smac $dmac $sip $dip
2322
2323 # Expect the packet egress.
2324 host_mac=8000000000$o4
2325 outport=${id}11
2326 out_lrp=$id$jd
e4543cfe 2327 echo ${host_mac}00000000ff${out_lrp}08004500001c00000000"3f1101"00${sip}${dip}0035111100080000 >> $outport.expected
0bac7164 2328 done
269ecccc 2329 done
0bac7164 2330 done
269ecccc 2331 done
0bac7164
BP		 2332done
2333
0bac7164
BP		 2334ovn-sbctl -f csv -d bare --no-heading \
2335 -- --columns=logical_port,ip,mac list mac_binding > mac_bindings
2336
9975d7be
BP		 2337# Now check the packets actually received against the ones expected.
2338for i in 1 2 3; do
2339 for j in 1 2 3; do
86e98048 2340 for k in 1 2 3; do
abb37b6b
FF		 2341 OVN_CHECK_PACKETS([hv`vif_to_hv $i$j$k`/vif$i$j$k-tx.pcap],
2342 [$i$j$k.expected])
86e98048 2343 done
9975d7be
BP		 2344 done
2345done
fcde56f5 2346
0bac7164
BP		 2347# Check the MAC bindings against those expected.
2348AT_CHECK_UNQUOTED([sort < mac_bindings], [0], [`sort < mac_bindings.expected`
2349])
2350
fcde56f5 2351# Gracefully terminate daemons
7a8f15e0 2352OVN_CLEANUP([hv1], [hv2], [hv3])
eff49a56 2353
9975d7be 2354AT_CLEANUP
685f4dfe
NS		 2355
2356# 3 hypervisors, one logical switch, 3 logical ports per hypervisor
2357AT_SETUP([ovn -- portsecurity : 3 HVs, 1 LS, 3 lports/HV])
2358AT_KEYWORDS([portsecurity])
2359AT_SKIP_IF([test $HAVE_PYTHON = no])
2360ovn_start
2361
2362# Create hypervisors hv[123].
2363# Add vif1[123] to hv1, vif2[123] to hv2, vif3[123] to hv3.
2364# Add all of the vifs to a single logical switch lsw0.
2365# Turn off port security on vifs vif[123]1
2366# Turn on l2 port security on vifs vif[123]2
2367# Turn of l2 and l3 port security on vifs vif[123]3
2368# Make vif13, vif2[23], vif3[123] destinations for unknown MACs.
ea46a4e9 2369ovn-nbctl ls-add lsw0
685f4dfe
NS		 2370net_add n1
2371for i in 1 2 3; do
2372 sim_add hv$i
2373 as hv$i
2374 ovs-vsctl add-br br-phys
2375 ovn_attach n1 br-phys 192.168.0.$i
2376
2377 for j in 1 2 3; do
2378 ovs-vsctl add-port br-int vif$i$j -- set Interface vif$i$j external-ids:iface-id=lp$i$j options:tx_pcap=hv$i/vif$i$j-tx.pcap options:rxq_pcap=hv$i/vif$i$j-rx.pcap ofport-request=$i$j
31ed1192 2379 ovn-nbctl lsp-add lsw0 lp$i$j
685f4dfe 2380 if test $j = 1; then
31ed1192 2381 ovn-nbctl lsp-set-addresses lp$i$j "f0:00:00:00:00:$i$j 192.168.0.$i$j" unknown
685f4dfe 2382 elif test $j = 2; then
31ed1192
JP		 2383 ovn-nbctl lsp-set-addresses lp$i$j "f0:00:00:00:00:$i$j 192.168.0.$i$j"
2384 ovn-nbctl lsp-set-port-security lp$i$j f0:00:00:00:00:$i$j
685f4dfe
NS		 2385 else
2386 extra_addr="f0:00:00:00:0$i:$i$j fe80::ea2a:eaff:fe28:$i$j"
31ed1192
JP		 2387 ovn-nbctl lsp-set-addresses lp$i$j "f0:00:00:00:00:$i$j 192.168.0.$i$j" "$extra_addr"
2388 ovn-nbctl lsp-set-port-security lp$i$j "f0:00:00:00:00:$i$j 192.168.0.$i$j" "$extra_addr"
685f4dfe
NS		 2389 fi
2390 done
2391done
2392
685f4dfe
NS		 2393# Pre-populate the hypervisors' ARP tables so that we don't lose any
2394# packets for ARP resolution (native tunneling doesn't queue packets
2395# for ARP resolution).
2396ovn_populate_arp
2397
2398# Allow some time for ovn-northd and ovn-controller to catch up.
2399# XXX This should be more systematic.
2400sleep 1
685f4dfe
NS		 2401
2402# Given the name of a logical port, prints the name of the hypervisor
2403# on which it is located.
2404vif_to_hv() {
2405 echo hv${1%?}
2406}
2407
685f4dfe
NS		 2408for i in 1 2 3; do
2409 for j in 1 2 3; do
2410 : > $i$j.expected
2411 done
2412done
2413
2414# test_ip INPORT SRC_MAC DST_MAC SRC_IP DST_IP OUTPORT...
2415#
2416# This shell function causes an ip packet to be received on INPORT.
2417# The packet's content has Ethernet destination DST and source SRC
2418# (each exactly 12 hex digits) and Ethernet type ETHTYPE (4 hex digits).
2419# The OUTPORTs (zero or more) list the VIFs on which the packet should
31ed1192
JP		 2420# be received. INPORT and the OUTPORTs are specified as logical switch
2421# port numbers, e.g. 11 for vif11.
685f4dfe
NS		 2422test_ip() {
2423 # This packet has bad checksums but logical L3 routing doesn't check.
2424 local inport=$1 src_mac=$2 dst_mac=$3 src_ip=$4 dst_ip=$5
efe179e0 2425 local packet=${dst_mac}${src_mac}08004500001c0000000040110000${src_ip}${dst_ip}0035111100080000
685f4dfe
NS		 2426 shift; shift; shift; shift; shift
2427 hv=`vif_to_hv $inport`
2428 as $hv ovs-appctl netdev-dummy/receive vif$inport $packet
2429 #as $hv ovs-appctl ofproto/trace br-int in_port=$inport $packet
2430 for outport; do
e4543cfe 2431 echo $packet >> $outport.expected
685f4dfe
NS		 2432 done
2433}
2434
2435# test_arp INPORT SHA SPA TPA DROP [REPLY_HA]
2436#
2437# Causes a packet to be received on INPORT. The packet is an ARP
2438# request with SHA, SPA, and TPA as specified. If REPLY_HA is provided, then
2439# it should be the hardware address of the target to expect to receive in an
2440# ARP reply; otherwise no reply is expected.
2441#
31ed1192 2442# INPORT is an logical switch port number, e.g. 11 for vif11.
685f4dfe
NS		 2443# SHA and REPLY_HA are each 12 hex digits.
2444# SPA and TPA are each 8 hex digits.
2445test_arp() {
2446 local inport=$1 smac=$2 sha=$3 spa=$4 tpa=$5 drop=$6 reply_ha=$7
2447 local request=ffffffffffff${smac}08060001080006040001${sha}${spa}ffffffffffff${tpa}
2448 hv=`vif_to_hv $inport`
2449 as $hv ovs-appctl netdev-dummy/receive vif$inport $request
2450 #as $hv ovs-appctl ofproto/trace br-int in_port=$inport $request
2451 if test $drop != 1; then
e137131a 2452 if test X$reply_ha = X; then
685f4dfe
NS		 2453 # Expect to receive the broadcast ARP on the other logical switch ports
2454 # if no reply is expected.
2455 local i j
2456 for i in 1 2 3; do
2457 for j in 1 2 3; do
2458 if test $i$j != $inport; then
2459 echo $request >> $i$j.expected
2460 fi
2461 done
2462 done
2463 else
2464 # Expect to receive the reply, if any.
2465 local reply=${smac}${reply_ha}08060001080006040002${reply_ha}${tpa}${sha}${spa}
2466 echo $reply >> $inport.expected
2467 fi
2468 fi
2469}
2470
2471# test_ipv6 INPORT SRC_MAC DST_MAC SRC_IP DST_IP OUTPORT...
2472# This function is similar to test_ip() except that it sends
2473# ipv6 packet
2474test_ipv6() {
2475 local inport=$1 src_mac=$2 dst_mac=$3 src_ip=$4 dst_ip=$5
2476 local packet=${dst_mac}${src_mac}86dd6000000000083aff${src_ip}${dst_ip}0000000000000000
2477 shift; shift; shift; shift; shift
2478 hv=`vif_to_hv $inport`
2479 as $hv ovs-appctl netdev-dummy/receive vif$inport $packet
2480 #as $hv ovs-appctl ofproto/trace br-int in_port=$inport $packet
2481 for outport; do
e4543cfe 2482 echo $packet >> $outport.expected
685f4dfe
NS		 2483 done
2484}
2485
9e687b23
DL		 2486# test_icmpv6 INPORT SRC_MAC DST_MAC SRC_IP DST_IP ICMP_TYPE OUTPORT...
2487# This function is similar to test_ipv6() except it specifies the ICMPv6 type
2488# of the test packet
2489test_icmpv6() {
2490 local inport=$1 src_mac=$2 dst_mac=$3 src_ip=$4 dst_ip=$5 icmp_type=$6
2491 local packet=${dst_mac}${src_mac}86dd6000000000083aff${src_ip}${dst_ip}${icmp_type}00000000000000
2492 shift; shift; shift; shift; shift; shift
2493 hv=`vif_to_hv $inport`
2494 as $hv ovs-appctl netdev-dummy/receive vif$inport $packet
2495 #as $hv ovs-appctl ofproto/trace br-int in_port=$inport $packet
2496 for outport; do
e4543cfe 2497 echo $packet >> $outport.expected
9e687b23
DL		 2498 done
2499}
2500
685f4dfe
NS		 2501ip_to_hex() {
2502 printf "%02x%02x%02x%02x" "$@"
2503}
2504
2505# no port security
2506sip=`ip_to_hex 192 168 0 12`
2507tip=`ip_to_hex 192 168 0 13`
2508# the arp packet should be allowed even if lp[123]1 is
2509# not configured with mac f00000000023 and ip 192.168.0.12
2510for i in 1 2 3; do
2511 test_arp ${i}1 f00000000023 f00000000023 $sip $tip 0 f00000000013
2512 for j in 1 2 3; do
2513 if test $i != $j; then
2514 test_ip ${i}1 f000000000${i}1 f000000000${j}1 $sip $tip ${j}1
2515 fi
2516 done
2517done
2518
2519# l2 port security
2520sip=`ip_to_hex 192 168 0 12`
2521tip=`ip_to_hex 192 168 0 13`
2522
2523# arp packet should be allowed since lp22 is configured with
2524# mac f00000000022
2525test_arp 22 f00000000022 f00000000022 $sip $tip 0 f00000000013
2526
2527# arp packet should not be allowed since lp32 is not configured with
2528# mac f00000000021
2529test_arp 32 f00000000021 f00000000021 $sip $tip 1
2530
2531# arp packet with sha set to f00000000021 should not be allowed
2532# for lp12
2533test_arp 12 f00000000012 f00000000021 $sip $tip 1
2534
2535# ip packets should be allowed and received since lp[123]2 do not
2536# have l3 port security
2537sip=`ip_to_hex 192 168 0 55`
2538tip=`ip_to_hex 192 168 0 66`
2539for i in 1 2 3; do
2540 for j in 1 2 3; do
2541 if test $i != $j; then
2542 test_ip ${i}2 f000000000${i}2 f000000000${j}2 $sip $tip ${j}2
2543 fi
2544 done
2545done
2546
2547# ipv6 packets should be received by lp[123]2
2548# lp[123]1 can send ipv6 traffic as there is no port security
2549sip=fe800000000000000000000000000000
2550tip=ff020000000000000000000000000000
2551
2552for i in 1 2 3; do
2553 test_ipv6 ${i}1 f000000000${i}1 f000000000${i}2 $sip $tip ${i}2
2554done
2555
2556
2557# l2 and l3 port security
2558sip=`ip_to_hex 192 168 0 13`
2559tip=`ip_to_hex 192 168 0 22`
2560# arp packet should be allowed since lp13 is configured with
2561# f00000000013 and 192.168.0.13
2562test_arp 13 f00000000013 f00000000013 $sip $tip 0 f00000000022
2563
2564# the arp packet should be dropped because lp23 is not configured
2565# with mac f00000000022
2566sip=`ip_to_hex 192 168 0 13`
2567tip=`ip_to_hex 192 168 0 22`
2568test_arp 23 f00000000022 f00000000022 $sip $tip 1
2569
2570# the arp packet should be dropped because lp33 is not configured
2571# with ip 192.168.0.55
2572spa=`ip_to_hex 192 168 0 55`
2573tpa=`ip_to_hex 192 168 0 22`
2574test_arp 33 f00000000031 f00000000031 $spa $tpa 1
2575
2576# ip packets should not be received by lp[123]3 since
2577# l3 port security is enabled
2578sip=`ip_to_hex 192 168 0 55`
2579tip=`ip_to_hex 192 168 0 66`
2580for i in 1 2 3; do
2581 for j in 1 2 3; do
2582 test_ip ${i}2 f000000000${i}2 f000000000${j}3 $sip $tip
2583 done
2584done
2585
2586# ipv6 packets should be dropped for lp[123]3 since
2587# it is configured with only ipv4 address
2588sip=fe800000000000000000000000000000
2589tip=ff020000000000000000000000000000
2590
2591for i in 1 2 3; do
2592 test_ipv6 ${i}3 f000000000${i}3 f00000000022 $sip $tip
2593done
2594
2595# ipv6 packets should not be received by lp[123]3 with mac f000000000$[123]3
2596# lp[123]1 can send ipv6 traffic as there is no port security
2597for i in 1 2 3; do
2598 test_ipv6 ${i}1 f000000000${i}1 f000000000${i}3 $sip $tip
2599done
2600
2601# lp13 has extra port security with mac f0000000113 and ipv6 addr
2602# fe80::ea2a:eaff:fe28:0012
2603
2604# ipv4 packet should be dropped for lp13 with mac f0000000113
2605sip=`ip_to_hex 192 168 0 13`
2606tip=`ip_to_hex 192 168 0 23`
2607test_ip 13 f00000000113 f00000000023 $sip $tip
2608
2609# ipv6 packet should be received by lp[123]3 with mac f0000000{i}{i}3
2610# and ip6.dst as fe80::ea2a:eaff:fe28:0{i}{i}3.
2611# lp11 can send ipv6 traffic as there is no port security
2612sip=ee800000000000000000000000000000
2613for i in 1 2 3; do
2614 tip=fe80000000000000ea2aeafffe2800{i}3
2615 test_ipv6 11 f00000000011 f000000000{i}${i}3 $sip $tip {i}3
2616done
2617
2618
2619# ipv6 packet should not be received by lp33 with mac f0000000333
2620# and ip6.dst as fe80::ea2a:eaff:fe28:0023 as it is
2621# configured with fe80::ea2a:eaff:fe28:0033
2622# lp11 can send ipv6 traffic as there is no port security
2623
2624sip=ee800000000000000000000000000000
2625tip=fe80000000000000ea2aeafffe280023
2626test_ipv6 11 f00000000011 f00000000333 $sip $tip
2627
2628# ipv6 packet should be allowed for lp[123]3 with mac f0000000{i}{i}3
2629# and ip6.src fe80::ea2a:eaff:fe28:0{i}{i}3 and ip6.src ::.
2630# and should be dropped for any other ip6.src
2631# lp21 can receive ipv6 traffic as there is no port security
2632
2633tip=ee800000000000000000000000000000
2634for i in 1 2 3; do
2635 sip=fe80000000000000ea2aeafffe2800${i}3
2636 test_ipv6 ${i}3 f00000000${i}${i}3 f00000000021 $sip $tip 21
2637
9e687b23 2638 # Test ICMPv6 MLD reports (v1 and v2) and NS for DAD
685f4dfe 2639 sip=00000000000000000000000000000000
9e687b23
DL		 2640 test_icmpv6 ${i}3 f00000000${i}${i}3 f00000000021 $sip ff020000000000000000000000160000 83 21
2641 test_icmpv6 ${i}3 f00000000${i}${i}3 f00000000021 $sip ff020000000000000000000000160000 8f 21
2642 test_icmpv6 ${i}3 f00000000${i}${i}3 f00000000021 $sip ff0200000000000000ea2aeafffe2800 87 21
2643 # Traffic to non-multicast traffic should be dropped
2644 test_icmpv6 ${i}3 f00000000${i}${i}3 f00000000021 $sip $tip 83
2645 # Traffic of other ICMPv6 types should be dropped
2646 test_icmpv6 ${i}3 f00000000${i}${i}3 f00000000021 $sip ff020000000000000000000000160000 80
685f4dfe
NS		 2647
2648 # should be dropped
2649 sip=ae80000000000000ea2aeafffe2800aa
2650 test_ipv6 ${i}3 f00000000${i}${i}3 f00000000021 $sip $tip
2651done
2652
31ed1192
JP		 2653# configure lsp13 to send and received IPv4 packets with an address range
2654ovn-nbctl lsp-set-port-security lp13 "f0:00:00:00:00:13 192.168.0.13 20.0.0.4/24 10.0.0.0/24"
7d9d86ad 2655
8ff5a966
NS		 2656sleep 2
2657
7d9d86ad
NS		 2658sip=`ip_to_hex 10 0 0 13`
2659tip=`ip_to_hex 192 168 0 22`
31ed1192 2660# arp packet with inner ip 10.0.0.13 should be allowed for lsp13
7d9d86ad
NS		 2661test_arp 13 f00000000013 f00000000013 $sip $tip 0 f00000000022
2662
2663sip=`ip_to_hex 10 0 0 14`
2664tip=`ip_to_hex 192 168 0 23`
31ed1192 2665# IPv4 packet from lsp13 with src ip 10.0.0.14 destined to lsp23
7d9d86ad
NS		 2666# with dst ip 192.168.0.23 should be allowed
2667test_ip 13 f00000000013 f00000000023 $sip $tip 23
2668
2669sip=`ip_to_hex 192 168 0 33`
2670tip=`ip_to_hex 10 0 0 15`
31ed1192
JP		 2671# IPv4 packet from lsp33 with src ip 192.168.0.33 destined to lsp13
2672# with dst ip 10.0.0.15 should be received by lsp13
7d9d86ad
NS		 2673test_ip 33 f00000000033 f00000000013 $sip $tip 13
2674
2675sip=`ip_to_hex 192 168 0 33`
2676tip=`ip_to_hex 20 0 0 4`
31ed1192
JP		 2677# IPv4 packet from lsp33 with src ip 192.168.0.33 destined to lsp13
2678# with dst ip 20.0.0.4 should be received by lsp13
7d9d86ad
NS		 2679test_ip 33 f00000000033 f00000000013 $sip $tip 13
2680
2681sip=`ip_to_hex 192 168 0 33`
2682tip=`ip_to_hex 20 0 0 5`
31ed1192
JP		 2683# IPv4 packet from lsp33 with src ip 192.168.0.33 destined to lsp13
2684# with dst ip 20.0.0.5 should not be received by lsp13
7d9d86ad
NS		 2685test_ip 33 f00000000033 f00000000013 $sip $tip
2686
2687sip=`ip_to_hex 192 168 0 33`
2688tip=`ip_to_hex 20 0 0 255`
31ed1192
JP		 2689# IPv4 packet from lsp33 with src ip 192.168.0.33 destined to lsp13
2690# with dst ip 20.0.0.255 should be received by lsp13
7d9d86ad
NS		 2691test_ip 33 f00000000033 f00000000013 $sip $tip 13
2692
2693sip=`ip_to_hex 192 168 0 33`
2694tip=`ip_to_hex 192 168 0 255`
31ed1192
JP		 2695# IPv4 packet from lsp33 with src ip 192.168.0.33 destined to lsp13
2696# with dst ip 192.168.0.255 should not be received by lsp13
7d9d86ad
NS		 2697test_ip 33 f00000000033 f00000000013 $sip $tip
2698
2699sip=`ip_to_hex 192 168 0 33`
2700tip=`ip_to_hex 224 0 0 4`
31ed1192
JP		 2701# IPv4 packet from lsp33 with src ip 192.168.0.33 destined to lsp13
2702# with dst ip 224.0.0.4 should be received by lsp13
7d9d86ad 2703test_ip 33 f00000000033 f00000000013 $sip $tip 13
685f4dfe 2704
bb0c41d3
RM		 2705#dump information including flow counters
2706ovn-nbctl show
2707ovn-sbctl dump-flows -- list multicast_group
2708
2709echo "------ hv1 dump ------"
2710as hv1 ovs-vsctl show
6195e2e7 2711as hv1 ovs-ofctl -O OpenFlow13 show br-int
bb0c41d3
RM		 2712as hv1 ovs-ofctl -O OpenFlow13 dump-flows br-int
2713
2714echo "------ hv2 dump ------"
2715as hv2 ovs-vsctl show
6195e2e7 2716as hv2 ovs-ofctl -O OpenFlow13 show br-int
bb0c41d3
RM		 2717as hv2 ovs-ofctl -O OpenFlow13 dump-flows br-int
2718
2719echo "------ hv3 dump ------"
2720as hv3 ovs-vsctl show
6195e2e7 2721as hv3 ovs-ofctl -O OpenFlow13 show br-int
bb0c41d3
RM		 2722as hv3 ovs-ofctl -O OpenFlow13 dump-flows br-int
2723
685f4dfe
NS		 2724# Now check the packets actually received against the ones expected.
2725for i in 1 2 3; do
2726 for j in 1 2 3; do
49d7c759 2727 OVN_CHECK_PACKETS([hv$i/vif$i$j-tx.pcap], [$i$j.expected])
685f4dfe
NS		 2728 done
2729done
2730
7a8f15e0 2731OVN_CLEANUP([hv1],[hv2],[hv3])
d9c8c57c 2732
685f4dfe 2733AT_CLEANUP
509afdc3
GS		 2734
2735AT_SETUP([ovn -- 2 HVs, 2 LS, 1 lport/LS, 2 peer LRs])
2736AT_KEYWORDS([ovnpeer])
2737AT_SKIP_IF([test $HAVE_PYTHON = no])
2738ovn_start
2739
2740# Logical network:
2741# Two LRs - R1 and R2 that are connected to each other as peers in 20.0.0.0/24
2742# network. R1 has a switchs ls1 (191.168.1.0/24) connected to it.
2743# R2 has ls2 (172.16.1.0/24) connected to it.
2744
fa2a27b2
JP		 2745ovn-nbctl lr-add R1
2746ovn-nbctl lr-add R2
509afdc3 2747
ea46a4e9
JP		 2748ovn-nbctl ls-add ls1
2749ovn-nbctl ls-add ls2
509afdc3
GS		 2750
2751# Connect ls1 to R1
bf44c2cd 2752ovn-nbctl lrp-add R1 ls1 00:00:00:01:02:03 192.168.1.1/24
509afdc3 2753
31ed1192 2754ovn-nbctl lsp-add ls1 rp-ls1 -- set Logical_Switch_Port rp-ls1 type=router \
31114af7 2755 options:router-port=ls1 addresses=\"00:00:00:01:02:03\"
509afdc3
GS		 2756
2757# Connect ls2 to R2
bf44c2cd 2758ovn-nbctl lrp-add R2 ls2 00:00:00:01:02:04 172.16.1.1/24
509afdc3 2759
31ed1192 2760ovn-nbctl lsp-add ls2 rp-ls2 -- set Logical_Switch_Port rp-ls2 type=router \
31114af7 2761 options:router-port=ls2 addresses=\"00:00:00:01:02:04\"
509afdc3
GS		 2762
2763# Connect R1 to R2
4685e523
JP		 2764ovn-nbctl lrp-add R1 R1_R2 00:00:00:02:03:04 20.0.0.1/24 peer=R2_R1
2765ovn-nbctl lrp-add R2 R2_R1 00:00:00:02:03:05 20.0.0.2/24 peer=R1_R2
509afdc3 2766
6d9ecfa9
JP		 2767ovn-nbctl lr-route-add R1 "0.0.0.0/0" 20.0.0.2
2768ovn-nbctl lr-route-add R2 "0.0.0.0/0" 20.0.0.1
509afdc3
GS		 2769
2770# Create logical port ls1-lp1 in ls1
31ed1192
JP		 2771ovn-nbctl lsp-add ls1 ls1-lp1 \
2772-- lsp-set-addresses ls1-lp1 "f0:00:00:01:02:03 192.168.1.2"
509afdc3
GS		 2773
2774# Create logical port ls2-lp1 in ls2
31ed1192
JP		 2775ovn-nbctl lsp-add ls2 ls2-lp1 \
2776-- lsp-set-addresses ls2-lp1 "f0:00:00:01:02:04 172.16.1.2"
509afdc3
GS		 2777
2778# Create two hypervisor and create OVS ports corresponding to logical ports.
2779net_add n1
2780
2781sim_add hv1
2782as hv1
2783ovs-vsctl add-br br-phys
2784ovn_attach n1 br-phys 192.168.0.1
2785ovs-vsctl -- add-port br-int hv1-vif1 -- \
2786 set interface hv1-vif1 external-ids:iface-id=ls1-lp1 \
2787 options:tx_pcap=hv1/vif1-tx.pcap \
2788 options:rxq_pcap=hv1/vif1-rx.pcap \
2789 ofport-request=1
2790
2791sim_add hv2
2792as hv2
2793ovs-vsctl add-br br-phys
2794ovn_attach n1 br-phys 192.168.0.2
2795ovs-vsctl -- add-port br-int hv2-vif1 -- \
2796 set interface hv2-vif1 external-ids:iface-id=ls2-lp1 \
2797 options:tx_pcap=hv2/vif1-tx.pcap \
2798 options:rxq_pcap=hv2/vif1-rx.pcap \
2799 ofport-request=1
2800
2801
2802# Pre-populate the hypervisors' ARP tables so that we don't lose any
2803# packets for ARP resolution (native tunneling doesn't queue packets
2804# for ARP resolution).
2805ovn_populate_arp
2806
2807# Allow some time for ovn-northd and ovn-controller to catch up.
2808# XXX This should be more systematic.
2809sleep 1
2810
2811# Send ip packets between the two ports.
2812ip_to_hex() {
2813 printf "%02x%02x%02x%02x" "$@"
2814}
509afdc3
GS		 2815
2816# Packet to send.
2817src_mac="f00000010203"
2818dst_mac="000000010203"
2819src_ip=`ip_to_hex 192 168 1 2`
2820dst_ip=`ip_to_hex 172 16 1 2`
2821packet=${dst_mac}${src_mac}08004500001c0000000040110000${src_ip}${dst_ip}0035111100080000
2822as hv1 ovs-appctl netdev-dummy/receive hv1-vif1 $packet
2823
2824
2825echo "---------NB dump-----"
2826ovn-nbctl show
2827echo "---------------------"
2828ovn-nbctl list logical_router
2829echo "---------------------"
2830ovn-nbctl list logical_router_port
2831echo "---------------------"
2832
2833echo "---------SB dump-----"
2834ovn-sbctl list datapath_binding
2835echo "---------------------"
2836ovn-sbctl list port_binding
2837echo "---------------------"
2838
2839echo "------ hv1 dump ----------"
8dab1022 2840as hv1 ovs-ofctl show br-int
509afdc3
GS		 2841as hv1 ovs-ofctl dump-flows br-int
2842echo "------ hv2 dump ----------"
8dab1022 2843as hv2 ovs-ofctl show br-int
509afdc3
GS		 2844as hv2 ovs-ofctl dump-flows br-int
2845
2846# Packet to Expect
2847src_mac="000000010204"
2848dst_mac="f00000010204"
49d7c759 2849echo "${dst_mac}${src_mac}08004500001c000000003e110200${src_ip}${dst_ip}0035111100080000" > expected
509afdc3 2850
49d7c759 2851OVN_CHECK_PACKETS([hv2/vif1-tx.pcap], [expected])
509afdc3 2852
7a8f15e0 2853OVN_CLEANUP([hv1],[hv2])
509afdc3
GS		 2854
2855AT_CLEANUP
5412db30
J		 2856
2857
4685e523
JP		 2858AT_SETUP([ovn -- 1 HV, 1 LS, 2 lport/LS, 1 LR])
2859AT_KEYWORDS([router-admin-state])
2860AT_SKIP_IF([test $HAVE_PYTHON = no])
2861ovn_start
2862
2863# Logical network:
2864# One LR - R1 has switch ls1 with two subnets attached to it (191.168.1.0/24
2865# and 172.16.1.0/24) connected to it.
2866
2867ovn-nbctl lr-add R1
2868
2869ovn-nbctl ls-add ls1
2870
2871# Connect ls1 to R1
bf44c2cd 2872ovn-nbctl lrp-add R1 ls1 00:00:00:01:02:03 192.168.1.1/24 172.16.1.1/24
4685e523
JP		 2873ovn-nbctl lsp-add ls1 rp-ls1 -- set Logical_Switch_Port rp-ls1 type=router \
2874 options:router-port=ls1 addresses=\"00:00:00:01:02:03\"
2875
2876# Create logical port ls1-lp1 in ls1
2877ovn-nbctl lsp-add ls1 ls1-lp1 \
2878 -- lsp-set-addresses ls1-lp1 "f0:00:00:01:02:03 192.168.1.2"
2879
2880# Create logical port ls1-lp2 in ls1
2881ovn-nbctl lsp-add ls1 ls1-lp2 \
2882 -- lsp-set-addresses ls1-lp2 "f0:00:00:01:02:04 172.16.1.2"
2883
2884# Create one hypervisor and create OVS ports corresponding to logical ports.
2885net_add n1
2886
2887sim_add hv1
2888as hv1
2889ovs-vsctl add-br br-phys
2890ovn_attach n1 br-phys 192.168.0.1
2891ovs-vsctl -- add-port br-int vif1 -- \
2892 set interface vif1 external-ids:iface-id=ls1-lp1 \
2893 options:tx_pcap=hv1/vif1-tx.pcap \
2894 options:rxq_pcap=hv1/vif1-rx.pcap \
2895 ofport-request=1
2896
2897ovs-vsctl -- add-port br-int vif2 -- \
2898 set interface vif2 external-ids:iface-id=ls1-lp2 \
2899 options:tx_pcap=hv1/vif2-tx.pcap \
2900 options:rxq_pcap=hv1/vif2-rx.pcap \
2901 ofport-request=1
2902
2903
2904# Allow some time for ovn-northd and ovn-controller to catch up.
2905# XXX This should be more systematic.
2906sleep 1
2907
2908# Send ip packets between the two ports.
2909ip_to_hex() {
2910 printf "%02x%02x%02x%02x" "$@"
2911}
4685e523
JP		 2912
2913# Packet to send.
2914src_mac="f00000010203"
2915dst_mac="000000010203"
2916src_ip=`ip_to_hex 192 168 1 2`
2917dst_ip=`ip_to_hex 172 16 1 2`
2918packet=${dst_mac}${src_mac}08004500001c0000000040110000${src_ip}${dst_ip}0035111100080000
2919as hv1 ovs-appctl netdev-dummy/receive vif1 $packet
2920
2921
2922echo "---------NB dump-----"
2923ovn-nbctl show
2924echo "---------------------"
2925ovn-nbctl list logical_router
2926echo "---------------------"
2927ovn-nbctl list logical_router_port
2928echo "---------------------"
2929
2930echo "---------SB dump-----"
2931ovn-sbctl list datapath_binding
2932echo "---------------------"
2933ovn-sbctl list logical_flow
2934echo "---------------------"
2935
2936echo "------ hv1 dump ----------"
2937as hv1 ovs-ofctl dump-flows br-int
2938
2939
2940#Disable router R1
2941ovn-nbctl set Logical_Router R1 enabled=false
2942
3b8cd0ea
BP		 2943# Allow some time for ovn-northd and ovn-controller to catch up.
2944# XXX This should be more systematic.
2945sleep 1
2946
4685e523
JP		 2947echo "---------SB dump-----"
2948ovn-sbctl list datapath_binding
2949echo "---------------------"
2950ovn-sbctl list logical_flow
2951echo "---------------------"
2952
2953echo "------ hv1 dump ----------"
2954as hv1 ovs-ofctl dump-flows br-int
2955
2956as hv1 ovs-appctl netdev-dummy/receive vif1 $packet
2957
2958# Packet to Expect
2959expect_src_mac="000000010203"
2960expect_dst_mac="f00000010204"
49d7c759 2961echo "${expect_dst_mac}${expect_src_mac}08004500001c000000003f110100${src_ip}${dst_ip}0035111100080000" > expected
4685e523 2962
49d7c759 2963OVN_CHECK_PACKETS([hv1/vif2-tx.pcap], [expected])
4685e523
JP		 2964
2965
2966as hv1
2967OVS_APP_EXIT_AND_WAIT([ovn-controller])
2968OVS_APP_EXIT_AND_WAIT([ovs-vswitchd])
2969OVS_APP_EXIT_AND_WAIT([ovsdb-server])
2970
2971as ovn-sb
2972OVS_APP_EXIT_AND_WAIT([ovsdb-server])
2973
2974as ovn-nb
2975OVS_APP_EXIT_AND_WAIT([ovsdb-server])
2976
2977as northd
2978OVS_APP_EXIT_AND_WAIT([ovn-northd])
2979
2980as main
2981OVS_APP_EXIT_AND_WAIT([ovs-vswitchd])
2982OVS_APP_EXIT_AND_WAIT([ovsdb-server])
2983
2984AT_CLEANUP
2985
2986
2987AT_SETUP([ovn -- 1 HV, 2 LSs, 1 lport/LS, 1 LR])
5412db30
J		 2988AT_KEYWORDS([router-admin-state])
2989AT_SKIP_IF([test $HAVE_PYTHON = no])
2990ovn_start
2991
2992# Logical network:
2993# One LR - R1 has switch ls1 (191.168.1.0/24) connected to it,
2994# and has switch ls2 (172.16.1.0/24) connected to it.
2995
fa2a27b2 2996ovn-nbctl lr-add R1
5412db30 2997
ea46a4e9
JP		 2998ovn-nbctl ls-add ls1
2999ovn-nbctl ls-add ls2
5412db30
J		 3000
3001# Connect ls1 to R1
bf44c2cd 3002ovn-nbctl lrp-add R1 ls1 00:00:00:01:02:03 192.168.1.1/24
31ed1192 3003ovn-nbctl lsp-add ls1 rp-ls1 -- set Logical_Switch_Port rp-ls1 type=router \
31114af7 3004 options:router-port=ls1 addresses=\"00:00:00:01:02:03\"
5412db30
J		 3005
3006# Connect ls2 to R1
bf44c2cd 3007ovn-nbctl lrp-add R1 ls2 00:00:00:01:02:04 172.16.1.1/24
31ed1192 3008ovn-nbctl lsp-add ls2 rp-ls2 -- set Logical_Switch_Port rp-ls2 type=router \
31114af7 3009 options:router-port=ls2 addresses=\"00:00:00:01:02:04\"
5412db30
J		 3010
3011# Create logical port ls1-lp1 in ls1
31ed1192
JP		 3012ovn-nbctl lsp-add ls1 ls1-lp1 \
3013-- lsp-set-addresses ls1-lp1 "f0:00:00:01:02:03 192.168.1.2"
5412db30
J		 3014
3015# Create logical port ls2-lp1 in ls2
31ed1192
JP		 3016ovn-nbctl lsp-add ls2 ls2-lp1 \
3017-- lsp-set-addresses ls2-lp1 "f0:00:00:01:02:04 172.16.1.2"
5412db30
J		 3018
3019# Create one hypervisor and create OVS ports corresponding to logical ports.
3020net_add n1
3021
3022sim_add hv1
3023as hv1
3024ovs-vsctl add-br br-phys
3025ovn_attach n1 br-phys 192.168.0.1
3026ovs-vsctl -- add-port br-int vif1 -- \
3027 set interface vif1 external-ids:iface-id=ls1-lp1 \
3028 options:tx_pcap=hv1/vif1-tx.pcap \
3029 options:rxq_pcap=hv1/vif1-rx.pcap \
3030 ofport-request=1
3031
3032ovs-vsctl -- add-port br-int vif2 -- \
3033 set interface vif2 external-ids:iface-id=ls2-lp1 \
3034 options:tx_pcap=hv1/vif2-tx.pcap \
3035 options:rxq_pcap=hv1/vif2-rx.pcap \
3036 ofport-request=1
3037
3038
3039# Allow some time for ovn-northd and ovn-controller to catch up.
3040# XXX This should be more systematic.
3041sleep 1
3042
3043# Send ip packets between the two ports.
3044ip_to_hex() {
3045 printf "%02x%02x%02x%02x" "$@"
3046}
5412db30
J		 3047
3048# Packet to send.
3049src_mac="f00000010203"
3050dst_mac="000000010203"
3051src_ip=`ip_to_hex 192 168 1 2`
3052dst_ip=`ip_to_hex 172 16 1 2`
3053packet=${dst_mac}${src_mac}08004500001c0000000040110000${src_ip}${dst_ip}0035111100080000
3054as hv1 ovs-appctl netdev-dummy/receive vif1 $packet
3055
3056
3057echo "---------NB dump-----"
3058ovn-nbctl show
3059echo "---------------------"
3060ovn-nbctl list logical_router
3061echo "---------------------"
3062ovn-nbctl list logical_router_port
3063echo "---------------------"
3064
3065echo "---------SB dump-----"
3066ovn-sbctl list datapath_binding
3067echo "---------------------"
3068ovn-sbctl list logical_flow
3069echo "---------------------"
3070
3071echo "------ hv1 dump ----------"
3072as hv1 ovs-ofctl dump-flows br-int
3073
5412db30
J		 3074#Disable router R1
3075ovn-nbctl set Logical_Router R1 enabled=false
3076
3077echo "---------SB dump-----"
3078ovn-sbctl list datapath_binding
3079echo "---------------------"
3080ovn-sbctl list logical_flow
3081echo "---------------------"
3082
3083echo "------ hv1 dump ----------"
3084as hv1 ovs-ofctl dump-flows br-int
3085
a1361a6e
LR		 3086# Allow some time for the disabling of logical router R1 to propagate.
3087# XXX This should be more systematic.
3088sleep 1
3089
5412db30
J		 3090as hv1 ovs-appctl netdev-dummy/receive vif1 $packet
3091
3092# Packet to Expect
3093expect_src_mac="000000010204"
3094expect_dst_mac="f00000010204"
49d7c759 3095echo "${expect_dst_mac}${expect_src_mac}08004500001c000000003f110100${src_ip}${dst_ip}0035111100080000" > expected
5412db30 3096
49d7c759 3097OVN_CHECK_PACKETS([hv1/vif2-tx.pcap], [expected])
5412db30 3098
7a8f15e0 3099OVN_CLEANUP([hv1])
5412db30
J		 3100
3101AT_CLEANUP
3102
28dc3fe9
SR		 3103AT_SETUP([ovn -- 2 HVs, 3 LS, 1 lport/LS, 2 peer LRs, static routes])
3104AT_KEYWORDS([ovnstaticroutespeer])
3105AT_SKIP_IF([test $HAVE_PYTHON = no])
3106ovn_start
3107
3108# Logical network:
3109# Two LRs - R1 and R2 that are connected to each other as peers in 20.0.0.0/24
3110# network. R1 has switchess foo (192.168.1.0/24)
3111# connected to it.
3112# R2 has alice (172.16.1.0/24) and bob (172.16.2.0/24) connected to it.
3113
fa2a27b2
JP		 3114ovn-nbctl lr-add R1
3115ovn-nbctl lr-add R2
28dc3fe9 3116
ea46a4e9
JP		 3117ovn-nbctl ls-add foo
3118ovn-nbctl ls-add alice
3119ovn-nbctl ls-add bob
28dc3fe9
SR		 3120
3121# Connect foo to R1
bf44c2cd 3122ovn-nbctl lrp-add R1 foo 00:00:00:01:02:03 192.168.1.1/24
31ed1192 3123ovn-nbctl lsp-add foo rp-foo -- set Logical_Switch_Port rp-foo type=router \
31114af7 3124 options:router-port=foo addresses=\"00:00:00:01:02:03\"
28dc3fe9
SR		 3125
3126# Connect alice to R2
bf44c2cd 3127ovn-nbctl lrp-add R2 alice 00:00:00:01:02:04 172.16.1.1/24
31ed1192 3128ovn-nbctl lsp-add alice rp-alice -- set Logical_Switch_Port rp-alice \
80f408f4 3129 type=router options:router-port=alice addresses=\"00:00:00:01:02:04\"
28dc3fe9
SR		 3130
3131# Connect bob to R2
bf44c2cd 3132ovn-nbctl lrp-add R2 bob 00:00:00:01:02:05 172.16.2.1/24
31ed1192 3133ovn-nbctl lsp-add bob rp-bob -- set Logical_Switch_Port rp-bob type=router \
31114af7 3134 options:router-port=bob addresses=\"00:00:00:01:02:05\"
28dc3fe9
SR		 3135
3136# Connect R1 to R2
4685e523
JP		 3137ovn-nbctl lrp-add R1 R1_R2 00:00:00:02:03:04 20.0.0.1/24 peer=R2_R1
3138ovn-nbctl lrp-add R2 R2_R1 00:00:00:02:03:05 20.0.0.2/24 peer=R1_R2
28dc3fe9
SR		 3139
3140#install static routes
e48ccf3c
JP		 3141ovn-nbctl lr-route-add R1 172.16.1.0/24 20.0.0.2
3142ovn-nbctl lr-route-add R2 172.16.2.0/24 20.0.0.2 R1_R2
3143ovn-nbctl lr-route-add R2 192.168.1.0/24 20.0.0.1
28dc3fe9
SR		 3144
3145# Create logical port foo1 in foo
31ed1192
JP		 3146ovn-nbctl lsp-add foo foo1 \
3147-- lsp-set-addresses foo1 "f0:00:00:01:02:03 192.168.1.2"
28dc3fe9
SR		 3148
3149# Create logical port alice1 in alice
31ed1192
JP		 3150ovn-nbctl lsp-add alice alice1 \
3151-- lsp-set-addresses alice1 "f0:00:00:01:02:04 172.16.1.2"
28dc3fe9
SR		 3152
3153# Create logical port bob1 in bob
31ed1192
JP		 3154ovn-nbctl lsp-add bob bob1 \
3155-- lsp-set-addresses bob1 "f0:00:00:01:02:05 172.16.2.2"
28dc3fe9
SR		 3156
3157# Create two hypervisor and create OVS ports corresponding to logical ports.
3158net_add n1
3159
3160sim_add hv1
3161as hv1
3162ovs-vsctl add-br br-phys
3163ovn_attach n1 br-phys 192.168.0.1
3164ovs-vsctl -- add-port br-int hv1-vif1 -- \
3165 set interface hv1-vif1 external-ids:iface-id=foo1 \
3166 options:tx_pcap=hv1/vif1-tx.pcap \
3167 options:rxq_pcap=hv1/vif1-rx.pcap \
3168 ofport-request=1
3169
3170ovs-vsctl -- add-port br-int hv1-vif2 -- \
3171 set interface hv1-vif2 external-ids:iface-id=alice1 \
3172 options:tx_pcap=hv1/vif2-tx.pcap \
3173 options:rxq_pcap=hv1/vif2-rx.pcap \
3174 ofport-request=2
3175
3176sim_add hv2
3177as hv2
3178ovs-vsctl add-br br-phys
3179ovn_attach n1 br-phys 192.168.0.2
3180ovs-vsctl -- add-port br-int hv2-vif1 -- \
3181 set interface hv2-vif1 external-ids:iface-id=bob1 \
3182 options:tx_pcap=hv2/vif1-tx.pcap \
3183 options:rxq_pcap=hv2/vif1-rx.pcap \
3184 ofport-request=1
3185
3186
3187# Pre-populate the hypervisors' ARP tables so that we don't lose any
3188# packets for ARP resolution (native tunneling doesn't queue packets
3189# for ARP resolution).
3190ovn_populate_arp
3191
3192# Allow some time for ovn-northd and ovn-controller to catch up.
3193# XXX This should be more systematic.
3194sleep 1
3195
3196ip_to_hex() {
3197 printf "%02x%02x%02x%02x" "$@"
3198}
28dc3fe9
SR		 3199
3200# Send ip packets between foo1 and alice1
3201src_mac="f00000010203"
3202dst_mac="000000010203"
3203src_ip=`ip_to_hex 192 168 1 2`
3204dst_ip=`ip_to_hex 172 16 1 2`
3205packet=${dst_mac}${src_mac}08004500001c0000000040110000${src_ip}${dst_ip}0035111100080000
3206as hv1 ovs-appctl netdev-dummy/receive hv1-vif1 $packet
3207
3208# Send ip packets between foo1 and bob1
3209src_mac="f00000010203"
3210dst_mac="000000010203"
3211src_ip=`ip_to_hex 192 168 1 2`
3212dst_ip=`ip_to_hex 172 16 2 2`
3213packet=${dst_mac}${src_mac}08004500001c0000000040110000${src_ip}${dst_ip}0035111100080000
3214as hv1 ovs-appctl netdev-dummy/receive hv1-vif1 $packet
3215
3216echo "---------NB dump-----"
3217ovn-nbctl show
3218echo "---------------------"
3219ovn-nbctl list logical_router
3220echo "---------------------"
3221ovn-nbctl list logical_router_port
3222echo "---------------------"
3223
3224echo "---------SB dump-----"
3225ovn-sbctl list datapath_binding
3226echo "---------------------"
3227ovn-sbctl list port_binding
3228echo "---------------------"
3229
3230echo "------ hv1 dump ----------"
3231as hv1 ovs-ofctl dump-flows br-int
3232echo "------ hv2 dump ----------"
3233as hv2 ovs-ofctl dump-flows br-int
3234
3235# Packet to Expect at bob1
3236src_mac="000000010205"
3237dst_mac="f00000010205"
3238src_ip=`ip_to_hex 192 168 1 2`
3239dst_ip=`ip_to_hex 172 16 2 2`
49d7c759 3240echo "${dst_mac}${src_mac}08004500001c000000003e110200${src_ip}${dst_ip}0035111100080000" > expected
28dc3fe9 3241
49d7c759 3242OVN_CHECK_PACKETS([hv2/vif1-tx.pcap], [expected])
28dc3fe9
SR		 3243
3244# Packet to Expect at alice1
3245src_mac="000000010204"
3246dst_mac="f00000010204"
3247src_ip=`ip_to_hex 192 168 1 2`
3248dst_ip=`ip_to_hex 172 16 1 2`
49d7c759 3249echo "${dst_mac}${src_mac}08004500001c000000003e110200${src_ip}${dst_ip}0035111100080000" > expected
28dc3fe9 3250
49d7c759 3251OVN_CHECK_PACKETS([hv1/vif2-tx.pcap], [expected])
28dc3fe9 3252
7a8f15e0 3253OVN_CLEANUP([hv1],[hv2])
28dc3fe9
SR		 3254
3255AT_CLEANUP
5412db30 3256
0ee8aaf6
RR		 3257AT_SETUP([ovn -- send gratuitous arp on localnet])
3258AT_KEYWORDS([ovn])
d08dbed7 3259AT_SKIP_IF([test $HAVE_PYTHON = no])
0ee8aaf6 3260ovn_start
ea46a4e9 3261ovn-nbctl ls-add lsw0
0ee8aaf6
RR		 3262net_add n1
3263sim_add hv
3264as hv
3265ovs-vsctl \
3266 -- add-br br-phys \
3267 -- add-br br-eth0
3268
3269ovn_attach n1 br-phys 192.168.0.1
3270
3271AT_CHECK([ovs-vsctl set Open_vSwitch . external-ids:ovn-bridge-mappings=physnet1:br-eth0])
3272AT_CHECK([ovs-vsctl add-port br-eth0 snoopvif -- set Interface snoopvif options:tx_pcap=hv/snoopvif-tx.pcap options:rxq_pcap=hv/snoopvif-rx.pcap])
3273
3274# Create a vif.
31ed1192
JP		 3275AT_CHECK([ovn-nbctl lsp-add lsw0 localvif1])
3276AT_CHECK([ovn-nbctl lsp-set-addresses localvif1 "f0:00:00:00:00:01 192.168.1.2"])
3277AT_CHECK([ovn-nbctl lsp-set-port-security localvif1 "f0:00:00:00:00:01"])
0ee8aaf6
RR		 3278
3279# Create a localnet port.
31ed1192
JP		 3280AT_CHECK([ovn-nbctl lsp-add lsw0 ln_port])
3281AT_CHECK([ovn-nbctl lsp-set-addresses ln_port unknown])
3282AT_CHECK([ovn-nbctl lsp-set-type ln_port localnet])
3283AT_CHECK([ovn-nbctl lsp-set-options ln_port network_name=physnet1])
0ee8aaf6
RR		 3284
3285AT_CHECK([ovs-vsctl add-port br-int localvif1 -- set Interface localvif1 external_ids:iface-id=localvif1])
3286
3287# Wait for packet to be received.
49d7c759
BP		 3288echo "fffffffffffff0000000000108060001080006040001f00000000001c0a80102000000000000c0a80102" > expected
3289OVN_CHECK_PACKETS([hv/snoopvif-tx.pcap], [expected])
0ee8aaf6
RR		 3290
3291# Delete the localnet ports.
3292AT_CHECK([ovs-vsctl del-port localvif1])
31ed1192 3293AT_CHECK([ovn-nbctl lsp-del ln_port])
0ee8aaf6 3294
7a8f15e0 3295OVN_CLEANUP([hv])
0ee8aaf6
RR		 3296
3297AT_CLEANUP
75cf9d2b
GS		 3298
3299AT_SETUP([ovn -- 2 HVs, 3 LRs connected via LS, static routes])
3300AT_KEYWORDS([ovnstaticroutes])
3301AT_SKIP_IF([test $HAVE_PYTHON = no])
3302ovn_start
3303
3304# Logical network:
3305# Three LRs - R1, R2 and R3 that are connected to each other via LS "join"
3306# in 20.0.0.0/24 network. R1 has switchess foo (192.168.1.0/24)
3307# connected to it. R2 has alice (172.16.1.0/24) and R3 has bob (10.32.1.0/24)
3308# connected to it.
3309
fa2a27b2
JP		 3310ovn-nbctl lr-add R1
3311ovn-nbctl lr-add R2
3312ovn-nbctl lr-add R3
75cf9d2b 3313
ea46a4e9
JP		 3314ovn-nbctl ls-add foo
3315ovn-nbctl ls-add alice
3316ovn-nbctl ls-add bob
3317ovn-nbctl ls-add join
75cf9d2b
GS		 3318
3319# Connect foo to R1
31114af7 3320ovn-nbctl lrp-add R1 foo 00:00:01:01:02:03 192.168.1.1/24
31ed1192 3321ovn-nbctl lsp-add foo rp-foo -- set Logical_Switch_Port rp-foo type=router \
31114af7 3322 options:router-port=foo addresses=\"00:00:01:01:02:03\"
75cf9d2b
GS		 3323
3324# Connect alice to R2
31114af7 3325ovn-nbctl lrp-add R2 alice 00:00:02:01:02:03 172.16.1.1/24
31ed1192 3326ovn-nbctl lsp-add alice rp-alice -- set Logical_Switch_Port rp-alice \
80f408f4 3327 type=router options:router-port=alice addresses=\"00:00:02:01:02:03\"
75cf9d2b
GS		 3328
3329# Connect bob to R3
31114af7 3330ovn-nbctl lrp-add R3 bob 00:00:03:01:02:03 10.32.1.1/24
31ed1192 3331ovn-nbctl lsp-add bob rp-bob -- set Logical_Switch_Port rp-bob \
80f408f4 3332 type=router options:router-port=bob addresses=\"00:00:03:01:02:03\"
75cf9d2b
GS		 3333
3334# Connect R1 to join
31114af7 3335ovn-nbctl lrp-add R1 R1_join 00:00:04:01:02:03 20.0.0.1/24
31ed1192 3336ovn-nbctl lsp-add join r1-join -- set Logical_Switch_Port r1-join \
80f408f4 3337 type=router options:router-port=R1_join addresses='"00:00:04:01:02:03"'
75cf9d2b
GS		 3338
3339# Connect R2 to join
31114af7 3340ovn-nbctl lrp-add R2 R2_join 00:00:04:01:02:04 20.0.0.2/24
31ed1192 3341ovn-nbctl lsp-add join r2-join -- set Logical_Switch_Port r2-join \
80f408f4 3342 type=router options:router-port=R2_join addresses='"00:00:04:01:02:04"'
75cf9d2b
GS		 3343
3344# Connect R3 to join
31114af7 3345ovn-nbctl lrp-add R3 R3_join 00:00:04:01:02:05 20.0.0.3/24
31ed1192 3346ovn-nbctl lsp-add join r3-join -- set Logical_Switch_Port r3-join \
80f408f4 3347 type=router options:router-port=R3_join addresses='"00:00:04:01:02:05"'
75cf9d2b
GS		 3348
3349#install static routes
e48ccf3c
JP		 3350ovn-nbctl lr-route-add R1 172.16.1.0/24 20.0.0.2
3351ovn-nbctl lr-route-add R1 10.32.1.0/24 20.0.0.3
75cf9d2b 3352
e48ccf3c
JP		 3353ovn-nbctl lr-route-add R2 192.168.1.0/24 20.0.0.1
3354ovn-nbctl lr-route-add R2 10.32.1.0/24 20.0.0.3
75cf9d2b 3355
e48ccf3c
JP		 3356ovn-nbctl lr-route-add R3 192.168.1.0/24 20.0.0.1
3357ovn-nbctl lr-route-add R3 172.16.1.0/24 20.0.0.2
75cf9d2b
GS		 3358
3359# Create logical port foo1 in foo
31ed1192
JP		 3360ovn-nbctl lsp-add foo foo1 \
3361-- lsp-set-addresses foo1 "f0:00:00:01:02:03 192.168.1.2"
75cf9d2b
GS		 3362
3363# Create logical port alice1 in alice
31ed1192
JP		 3364ovn-nbctl lsp-add alice alice1 \
3365-- lsp-set-addresses alice1 "f0:00:00:01:02:04 172.16.1.2"
75cf9d2b
GS		 3366
3367# Create logical port bob1 in bob
31ed1192
JP		 3368ovn-nbctl lsp-add bob bob1 \
3369-- lsp-set-addresses bob1 "f0:00:00:01:02:05 10.32.1.2"
75cf9d2b
GS		 3370
3371# Create two hypervisor and create OVS ports corresponding to logical ports.
3372net_add n1
3373
3374sim_add hv1
3375as hv1
3376ovs-vsctl add-br br-phys
3377ovn_attach n1 br-phys 192.168.0.1
3378ovs-vsctl -- add-port br-int hv1-vif1 -- \
3379 set interface hv1-vif1 external-ids:iface-id=foo1 \
3380 options:tx_pcap=hv1/vif1-tx.pcap \
3381 options:rxq_pcap=hv1/vif1-rx.pcap \
3382 ofport-request=1
3383
3384ovs-vsctl -- add-port br-int hv1-vif2 -- \
3385 set interface hv1-vif2 external-ids:iface-id=alice1 \
3386 options:tx_pcap=hv1/vif2-tx.pcap \
3387 options:rxq_pcap=hv1/vif2-rx.pcap \
3388 ofport-request=2
3389
3390sim_add hv2
3391as hv2
3392ovs-vsctl add-br br-phys
3393ovn_attach n1 br-phys 192.168.0.2
3394ovs-vsctl -- add-port br-int hv2-vif1 -- \
3395 set interface hv2-vif1 external-ids:iface-id=bob1 \
3396 options:tx_pcap=hv2/vif1-tx.pcap \
3397 options:rxq_pcap=hv2/vif1-rx.pcap \
3398 ofport-request=1
3399
3400
3401# Pre-populate the hypervisors' ARP tables so that we don't lose any
3402# packets for ARP resolution (native tunneling doesn't queue packets
3403# for ARP resolution).
3404ovn_populate_arp
3405
3406# Allow some time for ovn-northd and ovn-controller to catch up.
3407# XXX This should be more systematic.
3408sleep 1
3409
3410ip_to_hex() {
3411 printf "%02x%02x%02x%02x" "$@"
3412}
75cf9d2b
GS		 3413
3414# Send ip packets between foo1 and alice1
3415src_mac="f00000010203"
3416dst_mac="000001010203"
3417src_ip=`ip_to_hex 192 168 1 2`
3418dst_ip=`ip_to_hex 172 16 1 2`
3419packet=${dst_mac}${src_mac}08004500001c0000000040110000${src_ip}${dst_ip}0035111100080000
3420as hv1 ovs-appctl netdev-dummy/receive hv1-vif1 $packet
3421as hv1 ovs-appctl ofproto/trace br-int in_port=1 $packet
3422
3423# Send ip packets between foo1 and bob1
3424src_mac="f00000010203"
3425dst_mac="000001010203"
3426src_ip=`ip_to_hex 192 168 1 2`
3427dst_ip=`ip_to_hex 10 32 1 2`
3428packet=${dst_mac}${src_mac}08004500001c0000000040110000${src_ip}${dst_ip}0035111100080000
3429as hv1 ovs-appctl netdev-dummy/receive hv1-vif1 $packet
3430
3431echo "---------NB dump-----"
3432ovn-nbctl show
3433echo "---------------------"
3434ovn-nbctl list logical_router
3435echo "---------------------"
3436ovn-nbctl list logical_router_port
3437echo "---------------------"
3438
3439echo "---------SB dump-----"
3440ovn-sbctl list datapath_binding
3441echo "---------------------"
3442ovn-sbctl list port_binding
3443echo "---------------------"
3444ovn-sbctl dump-flows
3445echo "---------------------"
3446
3447echo "------ hv1 dump ----------"
3448as hv1 ovs-ofctl show br-int
3449as hv1 ovs-ofctl dump-flows br-int
3450echo "------ hv2 dump ----------"
3451as hv2 ovs-ofctl show br-int
3452as hv2 ovs-ofctl dump-flows br-int
3453echo "----------------------------"
3454
3455# Packet to Expect at bob1
3456src_mac="000003010203"
3457dst_mac="f00000010205"
3458src_ip=`ip_to_hex 192 168 1 2`
3459dst_ip=`ip_to_hex 10 32 1 2`
49d7c759 3460echo "${dst_mac}${src_mac}08004500001c000000003e110200${src_ip}${dst_ip}0035111100080000" > expected
75cf9d2b 3461
49d7c759 3462OVN_CHECK_PACKETS([hv2/vif1-tx.pcap], [expected])
75cf9d2b
GS		 3463
3464# Packet to Expect at alice1
3465src_mac="000002010203"
3466dst_mac="f00000010204"
3467src_ip=`ip_to_hex 192 168 1 2`
3468dst_ip=`ip_to_hex 172 16 1 2`
49d7c759 3469echo "${dst_mac}${src_mac}08004500001c000000003e110200${src_ip}${dst_ip}0035111100080000" > expected
75cf9d2b 3470
49d7c759 3471OVN_CHECK_PACKETS([hv1/vif2-tx.pcap], [expected])
75cf9d2b 3472
7a8f15e0 3473OVN_CLEANUP([hv1],[hv2])
75cf9d2b
GS		 3474
3475AT_CLEANUP
c1645003 3476
281977f7
NS		 3477AT_SETUP([ovn -- dhcpv4 : 1 HV, 2 LS, 2 LSPs/LS])
3478AT_KEYWORDS([dhcpv4])
3479AT_SKIP_IF([test $HAVE_PYTHON = no])
3480ovn_start
3481
3482ovn-nbctl ls-add ls1
3483
3484ovn-nbctl lsp-add ls1 ls1-lp1 \
3485-- lsp-set-addresses ls1-lp1 "f0:00:00:00:00:01 10.0.0.4"
3486
3487ovn-nbctl lsp-set-port-security ls1-lp1 "f0:00:00:00:00:01 10.0.0.4"
3488
3489ovn-nbctl lsp-add ls1 ls1-lp2 \
3490-- lsp-set-addresses ls1-lp2 "f0:00:00:00:00:02 10.0.0.6 20.0.0.4"
3491
3492ovn-nbctl lsp-set-port-security ls1-lp2 "f0:00:00:00:00:02 10.0.0.6 20.0.0.4"
3493
3494ovn-nbctl ls-add ls2
3495ovn-nbctl lsp-add ls2 ls2-lp1 \
3496-- lsp-set-addresses ls2-lp1 "f0:00:00:00:00:03 30.0.0.6 40.0.0.4"
3497ovn-nbctl lsp-set-port-security ls2-lp1 "f0:00:00:00:00:03 30.0.0.6 40.0.0.4"
3498ovn-nbctl lsp-add ls2 ls2-lp2 \
3499-- lsp-set-addresses ls2-lp2 "f0:00:00:00:00:04 30.0.0.7"
3500ovn-nbctl lsp-set-port-security ls2-lp2 "f0:00:00:00:00:04 30.0.0.7"
3501
3502ovn-nbctl -- --id=@d1 create DHCP_Options cidr=10.0.0.0/24 \
3503options="\"server_id\"=\"10.0.0.1\" \"server_mac\"=\"ff:10:00:00:00:01\" \
3504\"lease_time\"=\"3600\" \"router\"=\"10.0.0.1\"" \
3505-- add Logical_Switch_Port ls1-lp1 dhcpv4_options @d1 \
3506-- add Logical_Switch_Port ls1-lp2 dhcpv4_options @d1
3507
3508ovn-nbctl -- --id=@d2 create DHCP_Options cidr=30.0.0.0/24 \
3509options="\"server_id\"=\"30.0.0.1\" \"server_mac\"=\"ff:10:00:00:00:02\" \
3510\"lease_time\"=\"3600\"" -- add Logical_Switch_Port ls2-lp2 dhcpv4_options @d2
3511
3512net_add n1
3513sim_add hv1
3514
3515as hv1
3516ovs-vsctl add-br br-phys
3517ovn_attach n1 br-phys 192.168.0.1
3518ovs-vsctl -- add-port br-int hv1-vif1 -- \
3519 set interface hv1-vif1 external-ids:iface-id=ls1-lp1 \
3520 options:tx_pcap=hv1/vif1-tx.pcap \
3521 options:rxq_pcap=hv1/vif1-rx.pcap \
3522 ofport-request=1
3523
3524ovs-vsctl -- add-port br-int hv1-vif2 -- \
3525 set interface hv1-vif2 external-ids:iface-id=ls1-lp2 \
3526 options:tx_pcap=hv1/vif2-tx.pcap \
3527 options:rxq_pcap=hv1/vif2-rx.pcap \
3528 ofport-request=2
3529
3530ovs-vsctl -- add-port br-int hv1-vif3 -- \
3531 set interface hv1-vif3 external-ids:iface-id=ls2-lp1 \
3532 options:tx_pcap=hv1/vif3-tx.pcap \
3533 options:rxq_pcap=hv1/vif3-rx.pcap \
3534 ofport-request=3
3535
3536ovs-vsctl -- add-port br-int hv1-vif4 -- \
3537 set interface hv1-vif4 external-ids:iface-id=ls2-lp2 \
3538 options:tx_pcap=hv1/vif4-tx.pcap \
3539 options:rxq_pcap=hv1/vif4-rx.pcap \
3540 ofport-request=4
3541
3542ovn_populate_arp
3543
3544sleep 2
3545
3546as hv1 ovs-vsctl show
3547
281977f7
NS		 3548# This shell function sends a DHCP request packet
3549# test_dhcp INPORT SRC_MAC DHCP_TYPE OFFER_IP ...
3550test_dhcp() {
3551 local inport=$1 src_mac=$2 dhcp_type=$3 offer_ip=$4
3552 local request=ffffffffffff${src_mac}080045100110000000008011000000000000ffffffff
3553 # udp header and dhcp header
3554 request+=0044004300fc0000
3555 request+=010106006359aa760000000000000000000000000000000000000000${src_mac}
3556 # client hardware padding
3557 request+=00000000000000000000
3558 # server hostname
3559 request+=0000000000000000000000000000000000000000000000000000000000000000
3560 request+=0000000000000000000000000000000000000000000000000000000000000000
3561 # boot file name
3562 request+=0000000000000000000000000000000000000000000000000000000000000000
3563 request+=0000000000000000000000000000000000000000000000000000000000000000
3564 request+=0000000000000000000000000000000000000000000000000000000000000000
3565 request+=0000000000000000000000000000000000000000000000000000000000000000
3566 # dhcp magic cookie
3567 request+=63825363
3568 # dhcp message type
3569 request+=3501${dhcp_type}ff
3570
3571 if test $offer_ip != 0; then
3572 local srv_mac=$5 srv_ip=$6 expected_dhcp_opts=$7
3573 # total IP length will be the IP length of the request packet
3574 # (which is 272 in our case) + 8 (padding bytes) + (expected_dhcp_opts / 2)
3575 ip_len=`expr 280 + ${#expected_dhcp_opts} / 2`
3576 udp_len=`expr $ip_len - 20`
3577 printf -v ip_len "%x" $ip_len
3578 printf -v udp_len "%x" $udp_len
3579 # $ip_len var will be in 3 digits i.e 134. So adding a '0' before $ip_len
3580 local reply=${src_mac}${srv_mac}080045100${ip_len}000000008011XXXX${srv_ip}${offer_ip}
3581 # udp header and dhcp header.
3582 # $udp_len var will be in 3 digits. So adding a '0' before $udp_len
3583 reply+=004300440${udp_len}0000020106006359aa760000000000000000
3584 # your ip address
3585 reply+=${offer_ip}
3586 # next server ip address, relay agent ip address, client mac address
3587 reply+=0000000000000000${src_mac}
3588 # client hardware padding
3589 reply+=00000000000000000000
3590 # server hostname
3591 reply+=0000000000000000000000000000000000000000000000000000000000000000
3592 reply+=0000000000000000000000000000000000000000000000000000000000000000
3593 # boot file name
3594 reply+=0000000000000000000000000000000000000000000000000000000000000000
3595 reply+=0000000000000000000000000000000000000000000000000000000000000000
3596 reply+=0000000000000000000000000000000000000000000000000000000000000000
3597 reply+=0000000000000000000000000000000000000000000000000000000000000000
3598 # dhcp magic cookie
3599 reply+=63825363
3600 # dhcp message type
3601 local dhcp_reply_type=02
3602 if test $dhcp_type = 03; then
3603 dhcp_reply_type=05
3604 fi
3605 reply+=3501${dhcp_reply_type}${expected_dhcp_opts}00000000ff00000000
3606 echo $reply >> $inport.expected
3607 else
3608 shift; shift; shift; shift;
3609 for outport; do
e4543cfe 3610 echo $request >> $outport.expected
281977f7
NS		 3611 done
3612 fi
3613 as hv1 ovs-appctl netdev-dummy/receive hv1-vif$inport $request
3614}
3615
3616reset_pcap_file() {
3617 local iface=$1
3618 local pcap_file=$2
3619 ovs-vsctl -- set Interface $iface options:tx_pcap=dummy-tx.pcap \
3620options:rxq_pcap=dummy-rx.pcap
3621 rm -f ${pcap_file}*.pcap
3622 ovs-vsctl -- set Interface $iface options:tx_pcap=${pcap_file}-tx.pcap \
3623options:rxq_pcap=${pcap_file}-rx.pcap
3624}
3625
3626ip_to_hex() {
3627 printf "%02x%02x%02x%02x" "$@"
3628}
3629
3630AT_CAPTURE_FILE([ofctl_monitor0.log])
3631as hv1 ovs-ofctl monitor br-int resume --detach --no-chdir \
3632--pidfile=ovs-ofctl0.pid 2> ofctl_monitor0.log
3633
3634echo "---------NB dump-----"
3635ovn-nbctl show
3636echo "---------------------"
3637echo "---------SB dump-----"
3638ovn-sbctl list datapath_binding
3639echo "---------------------"
3640ovn-sbctl list logical_flow
3641echo "---------------------"
3642
3643echo "---------------------"
3644ovn-sbctl dump-flows
3645echo "---------------------"
3646
3647echo "------ hv1 dump ----------"
3648as hv1 ovs-ofctl dump-flows br-int
3649
3650# Send DHCPDISCOVER.
3651offer_ip=`ip_to_hex 10 0 0 4`
3652server_ip=`ip_to_hex 10 0 0 1`
3653expected_dhcp_opts=0104ffffff0003040a00000136040a000001330400000e10
3654test_dhcp 1 f00000000001 01 $offer_ip ff1000000001 $server_ip $expected_dhcp_opts
3655
3656# NXT_RESUMEs should be 1.
3657OVS_WAIT_UNTIL([test 1 = `cat ofctl_monitor*.log | grep -c NXT_RESUME`])
3658
3659$PYTHON "$top_srcdir/utilities/ovs-pcap.in" hv1/vif1-tx.pcap > 1.packets
3660cat 1.expected | cut -c -48 > expout
3661AT_CHECK([cat 1.packets | cut -c -48], [0], [expout])
3662# Skipping the IPv4 checksum.
3663cat 1.expected | cut -c 53- > expout
3664AT_CHECK([cat 1.packets | cut -c 53-], [0], [expout])
3665
3666# ovs-ofctl also resumes the packets and this causes other ports to receive
3667# the DHCP request packet. So reset the pcap files so that its easier to test.
3668reset_pcap_file hv1-vif1 hv1/vif1
3669reset_pcap_file hv1-vif2 hv1/vif2
3670rm -f 1.expected
3671rm -f 2.expected
3672
3673# Send DHCPREQUEST.
3674offer_ip=`ip_to_hex 10 0 0 6`
3675server_ip=`ip_to_hex 10 0 0 1`
3676expected_dhcp_opts=0104ffffff0003040a00000136040a000001330400000e10
3677test_dhcp 2 f00000000002 03 $offer_ip ff1000000001 $server_ip $expected_dhcp_opts
3678
3679# NXT_RESUMEs should be 2.
3680OVS_WAIT_UNTIL([test 2 = `cat ofctl_monitor*.log | grep -c NXT_RESUME`])
3681
3682$PYTHON "$top_srcdir/utilities/ovs-pcap.in" hv1/vif2-tx.pcap > 2.packets
3683cat 2.expected | cut -c -48 > expout
3684AT_CHECK([cat 2.packets | cut -c -48], [0], [expout])
3685# Skipping the IPv4 checksum.
3686cat 2.expected | cut -c 53- > expout
3687AT_CHECK([cat 2.packets | cut -c 53-], [0], [expout])
3688
3689reset_pcap_file hv1-vif1 hv1/vif1
3690reset_pcap_file hv1-vif2 hv1/vif2
3691rm -f 1.expected
3692rm -f 2.expected
3693
3694# Send Invalid DHCPv4 packet on ls1-lp2. It should be received by ovn-controller
3695# but should be resumed without the reply.
3696# ls1-lp1 (vif1-tx.pcap) should receive the DHCPv4 request packet twice,
3697# one from ovn-controller and the other from "ovs-ofctl resume."
3698offer_ip=0
3699test_dhcp 2 f00000000002 08 $offer_ip 1 1
3700
3701# NXT_RESUMEs should be 3.
3702OVS_WAIT_UNTIL([test 3 = `cat ofctl_monitor*.log | grep -c NXT_RESUME`])
3703
3704# vif1-tx.pcap should have received the DHCPv4 (invalid) request packet
49d7c759 3705OVN_CHECK_PACKETS([hv1/vif1-tx.pcap], [1.expected])
281977f7
NS		 3706
3707reset_pcap_file hv1-vif1 hv1/vif1
3708reset_pcap_file hv1-vif2 hv1/vif2
3709rm -f 1.expected
3710rm -f 2.expected
3711
3712# Send DHCPv4 packet on ls2-lp1. It doesn't have any DHCPv4 options defined.
3713# ls2-lp2 (vif4-tx.pcap) should receive the DHCPv4 request packet once.
3714
3715test_dhcp 3 f00000000003 01 0 4
3716
3717# Send DHCPv4 packet on ls2-lp2. "router" DHCPv4 option is not defined for
3718# this lport.
3719test_dhcp 4 f00000000004 01 0 3
3720
3721# NXT_RESUMEs should be 3.
3722OVS_WAIT_UNTIL([test 3 = `cat ofctl_monitor*.log | grep -c NXT_RESUME`])
3723
49d7c759
BP		 3724OVN_CHECK_PACKETS([hv1/vif3-tx.pcap], [3.expected])
3725OVN_CHECK_PACKETS([hv1/vif4-tx.pcap], [4.expected])
281977f7
NS		 3726
3727as hv1
33ac3c83
NS		 3728OVS_APP_EXIT_AND_WAIT([ovn-controller])
3729OVS_APP_EXIT_AND_WAIT([ovs-vswitchd])
3730OVS_APP_EXIT_AND_WAIT([ovsdb-server])
3731
3732as ovn-sb
3733OVS_APP_EXIT_AND_WAIT([ovsdb-server])
3734
3735as ovn-nb
3736OVS_APP_EXIT_AND_WAIT([ovsdb-server])
3737
3738as northd
3739OVS_APP_EXIT_AND_WAIT([ovn-northd])
3740
3741as main
3742OVS_APP_EXIT_AND_WAIT([ovs-vswitchd])
3743OVS_APP_EXIT_AND_WAIT([ovsdb-server])
3744
3745AT_CLEANUP
3746
3747AT_SETUP([ovn -- dhcpv6 : 1 HV, 2 LS, 2 LSPs/LS])
3748AT_KEYWORDS([dhcpv6])
3749AT_SKIP_IF([test $HAVE_PYTHON = no])
3750ovn_start
3751
3752ovn-nbctl ls-add ls1
3753ovn-nbctl lsp-add ls1 ls1-lp1 \
3754-- lsp-set-addresses ls1-lp1 "f0:00:00:00:00:01 10.0.0.4 ae70::4"
3755
3756ovn-nbctl lsp-set-port-security ls1-lp1 "f0:00:00:00:00:01 10.0.0.4 ae70::4"
3757
3758ovn-nbctl lsp-add ls1 ls1-lp2 \
3759-- lsp-set-addresses ls1-lp2 "f0:00:00:00:00:02 ae70::5"
3760
3761ovn-nbctl lsp-set-port-security ls1-lp2 "f0:00:00:00:00:02 ae70::5"
3762
3763ovn-nbctl -- --id=@d1 create DHCP_Options cidr="ae70\:\:/64" \
3764options="\"server_id\"=\"00:00:00:10:00:01\"" \
3765-- add Logical_Switch_Port ls1-lp1 dhcpv6_options @d1 \
3766-- add Logical_Switch_Port ls1-lp2 dhcpv6_options @d1
3767
3768ovn-nbctl ls-add ls2
3769ovn-nbctl lsp-add ls2 ls2-lp1 \
3770-- lsp-set-addresses ls2-lp1 "f0:00:00:00:00:03 be70::3"
3771ovn-nbctl lsp-set-port-security ls2-lp1 "f0:00:00:00:00:03 be70::3"
3772ovn-nbctl lsp-add ls2 ls2-lp2 \
3773-- lsp-set-addresses ls2-lp2 "f0:00:00:00:00:04 be70::4"
3774ovn-nbctl lsp-set-port-security ls2-lp2 "f0:00:00:00:00:04 be70::4"
3775
3776net_add n1
3777sim_add hv1
3778
3779as hv1
3780ovs-vsctl add-br br-phys
3781ovn_attach n1 br-phys 192.168.0.1
3782ovs-vsctl -- add-port br-int hv1-vif1 -- \
3783 set interface hv1-vif1 external-ids:iface-id=ls1-lp1 \
3784 options:tx_pcap=hv1/vif1-tx.pcap \
3785 options:rxq_pcap=hv1/vif1-rx.pcap \
3786 ofport-request=1
3787
3788ovs-vsctl -- add-port br-int hv1-vif2 -- \
3789 set interface hv1-vif2 external-ids:iface-id=ls1-lp2 \
3790 options:tx_pcap=hv1/vif2-tx.pcap \
3791 options:rxq_pcap=hv1/vif2-rx.pcap \
3792 ofport-request=2
3793
3794ovs-vsctl -- add-port br-int hv1-vif3 -- \
3795 set interface hv1-vif3 external-ids:iface-id=ls2-lp1 \
3796 options:tx_pcap=hv1/vif3-tx.pcap \
3797 options:rxq_pcap=hv1/vif3-rx.pcap \
3798 ofport-request=3
3799
3800ovs-vsctl -- add-port br-int hv1-vif4 -- \
3801 set interface hv1-vif4 external-ids:iface-id=ls2-lp2 \
3802 options:tx_pcap=hv1/vif4-tx.pcap \
3803 options:rxq_pcap=hv1/vif4-rx.pcap \
3804 ofport-request=4
3805
3806ovn_populate_arp
3807
3808sleep 2
3809
3810trim_zeros() {
3811 sed 's/\(00\)\{1,\}$//'
3812}
3813
3814# This shell function sends a DHCPv6 request packet
3815# test_dhcp INPORT SRC_MAC DHCPv6_MSG_TYPE OUTPORT...
3816# The OUTPORTs (zero or more) list the VIFs on which the original DHCP
3817# packet should be received twice (one from ovn-controller and the other
3818# from the "ovs-ofctl monitor br-int resume"
3819test_dhcpv6() {
3820 local inport=$1 src_mac=$2 src_lla=$3 msg_code=$4 offer_ip=$5
3821 local request=ffffffffffff${src_mac}86dd00000000002a1101${src_lla}
3822 # dst ip ff02::1:2
3823 request+=ff020000000000000000000000010002
3824 # udp header and dhcpv6 header
3825 request+=02220223002affff${msg_code}010203
3826 # Client identifier
3827 request+=0001000a00030001${src_mac}
3828 # IA-NA (Identity Association for Non Temporary Address)
3829 request+=0003000c0102030400000e1000001518
3830 shift; shift; shift; shift; shift;
3831 if test $offer_ip != 0; then
3832 local server_mac=000000100001
3833 local server_lla=fe80000000000000020000fffe100001
3834 local reply_code=07
3835 if test $msg_code = 01; then
3836 reply_code=02
3837 fi
3838 local reply=${src_mac}${server_mac}86dd0000000000541101${server_lla}${src_lla}
3839 # udp header and dhcpv6 header
3840 reply+=022302220054ffff${reply_code}010203
3841 # Client identifier
3842 reply+=0001000a00030001${src_mac}
3843 # IA-NA
3844 reply+=0003002801020304ffffffffffffffff00050018${offer_ip}ffffffffffffffff
3845 # Server identifier
3846 reply+=0002000a00030001${server_mac}
3847 echo $reply | trim_zeros >> $inport.expected
3848 else
3849 for outport; do
3850 echo $request | trim_zeros >> $outport.expected
3851 done
3852 fi
3853
3854 as hv1 ovs-appctl netdev-dummy/receive hv1-vif$inport $request
3855}
3856
3857reset_pcap_file() {
3858 local iface=$1
3859 local pcap_file=$2
3860 ovs-vsctl -- set Interface $iface options:tx_pcap=dummy-tx.pcap \
3861options:rxq_pcap=dummy-rx.pcap
3862 rm -f ${pcap_file}*.pcap
3863 ovs-vsctl -- set Interface $iface options:tx_pcap=${pcap_file}-tx.pcap \
3864options:rxq_pcap=${pcap_file}-rx.pcap
3865}
3866
3867AT_CAPTURE_FILE([ofctl_monitor0.log])
3868as hv1 ovs-ofctl monitor br-int resume --detach --no-chdir \
3869--pidfile=ovs-ofctl0.pid 2> ofctl_monitor0.log
3870
3871echo "---------NB dump-----"
3872ovn-nbctl show
3873echo "---------------------"
3874echo "---------SB dump-----"
3875ovn-sbctl list datapath_binding
3876echo "---------------------"
3877ovn-sbctl list logical_flow
3878echo "---------------------"
3879
3880echo "---------------------"
3881ovn-sbctl dump-flows
3882echo "---------------------"
3883
3884echo "------ hv1 dump ----------"
3885as hv1 ovs-ofctl dump-flows br-int
3886
3887src_mac=f00000000001
3888src_lla=fe80000000000000f20000fffe000001
3889offer_ip=ae700000000000000000000000000004
3890test_dhcpv6 1 $src_mac $src_lla 01 $offer_ip
3891
3892# NXT_RESUMEs should be 1.
3893OVS_WAIT_UNTIL([test 1 = `cat ofctl_monitor*.log | grep -c NXT_RESUME`])
3894
3895$PYTHON "$top_srcdir/utilities/ovs-pcap.in" hv1/vif1-tx.pcap | trim_zeros > 1.packets
3896# cat 1.expected | trim_zeros > expout
3897cat 1.expected | cut -c -120 > expout
3898AT_CHECK([cat 1.packets | cut -c -120], [0], [expout])
3899# Skipping the UDP checksum
3900cat 1.expected | cut -c 125- > expout
3901AT_CHECK([cat 1.packets | cut -c 125-], [0], [expout])
3902
3903rm 1.expected
3904
3905# Send invalid packet on ls1-lp2. ovn-controller should resume the packet
3906# without any modifications and the packet should be received by ls1-lp1.
3907# ls1-lp1 will receive the packet twice, one from the ovn-controller after the
3908# resume and the other from ovs-ofctl monitor resume.
3909
3910reset_pcap_file hv1-vif1 hv1/vif1
3911reset_pcap_file hv1-vif2 hv1/vif2
3912
3913src_mac=f00000000002
3914src_lla=fe80000000000000f20000fffe000002
3915offer_ip=ae700000000000000000000000000005
3916# Set invalid msg_type
3917
3918test_dhcpv6 2 $src_mac $src_lla 10 0 1 1
3919
3920# NXT_RESUMEs should be 2.
3921OVS_WAIT_UNTIL([test 2 = `cat ofctl_monitor*.log | grep -c NXT_RESUME`])
3922
3923# vif2-tx.pcap should not have received the DHCPv6 reply packet
3924rm 2.packets
3925$PYTHON "$top_srcdir/utilities/ovs-pcap.in" hv1/vif2-tx.pcap | trim_zeros > 2.packets
3926AT_CHECK([cat 2.packets], [0], [])
3927
3928# vif1-tx.pcap should have received the DHCPv6 (invalid) request packet
3929$PYTHON "$top_srcdir/utilities/ovs-pcap.in" hv1/vif1-tx.pcap | trim_zeros > 1.packets
3930cat 1.expected > expout
3931AT_CHECK([cat 1.packets], [0], [expout])
3932
3933# Send DHCPv6 packet on ls2-lp1. native DHCPv6 is disabled on this port.
3934# There should be no DHCPv6 reply from ovn-controller and the request packet
3935# should be received by ls2-lp2.
3936
3937src_mac=f00000000003
3938src_lla=fe80000000000000f20000fffe000003
3939test_dhcpv6 3 $src_mac $src_lla 01 0 4
3940
3941# NXT_RESUMEs should be 2 only.
3942OVS_WAIT_UNTIL([test 2 = `cat ofctl_monitor*.log | grep -c NXT_RESUME`])
3943
3944# vif3-tx.pcap should not have received the DHCPv6 reply packet
3945$PYTHON "$top_srcdir/utilities/ovs-pcap.in" hv1/vif3-tx.pcap | trim_zeros > 3.packets
3946AT_CHECK([cat 3.packets], [0], [])
3947
3948# vif4-tx.pcap should have received the DHCPv6 request packet
3949$PYTHON "$top_srcdir/utilities/ovs-pcap.in" hv1/vif4-tx.pcap | trim_zeros > 4.packets
3950cat 4.expected > expout
3951AT_CHECK([cat 4.packets], [0], [expout])
3952
3953as hv1
281977f7
NS		 3954OVS_APP_EXIT_AND_WAIT([ovn-controller])
3955OVS_APP_EXIT_AND_WAIT([ovs-vswitchd])
3956OVS_APP_EXIT_AND_WAIT([ovsdb-server])
3957
3958as ovn-sb
3959OVS_APP_EXIT_AND_WAIT([ovsdb-server])
3960
3961as ovn-nb
3962OVS_APP_EXIT_AND_WAIT([ovsdb-server])
3963
3964as northd
3965OVS_APP_EXIT_AND_WAIT([ovn-northd])
3966
3967as main
3968OVS_APP_EXIT_AND_WAIT([ovs-vswitchd])
3969OVS_APP_EXIT_AND_WAIT([ovsdb-server])
3970
3971AT_CLEANUP
3972
c1645003
GS		 3973AT_SETUP([ovn -- 2 HVs, 2 LRs connected via LS, gateway router])
3974AT_KEYWORDS([ovngatewayrouter])
3975AT_SKIP_IF([test $HAVE_PYTHON = no])
3976ovn_start
3977
3978# Logical network:
3979# Two LRs - R1 and R2 that are connected to each other via LS "join"
3980# in 20.0.0.0/24 network. R1 has switchess foo (192.168.1.0/24)
3981# connected to it. R2 has alice (172.16.1.0/24) connected to it.
3982# R2 is a gateway router.
3983
3984
3985
3986# Create two hypervisor and create OVS ports corresponding to logical ports.
3987net_add n1
3988
3989sim_add hv1
3990as hv1
3991ovs-vsctl add-br br-phys
3992ovn_attach n1 br-phys 192.168.0.1
3993ovs-vsctl -- add-port br-int hv1-vif1 -- \
3994 set interface hv1-vif1 external-ids:iface-id=foo1 \
3995 options:tx_pcap=hv1/vif1-tx.pcap \
3996 options:rxq_pcap=hv1/vif1-rx.pcap \
3997 ofport-request=1
3998
3999
4000sim_add hv2
4001as hv2
4002ovs-vsctl add-br br-phys
4003ovn_attach n1 br-phys 192.168.0.2
4004ovs-vsctl -- add-port br-int hv2-vif1 -- \
4005 set interface hv2-vif1 external-ids:iface-id=alice1 \
4006 options:tx_pcap=hv2/vif1-tx.pcap \
4007 options:rxq_pcap=hv2/vif1-rx.pcap \
4008 ofport-request=1
4009
4010# Pre-populate the hypervisors' ARP tables so that we don't lose any
4011# packets for ARP resolution (native tunneling doesn't queue packets
4012# for ARP resolution).
4013ovn_populate_arp
4014
4015ovn-nbctl create Logical_Router name=R1
4016ovn-nbctl create Logical_Router name=R2 options:chassis="hv2"
4017
ea46a4e9
JP		 4018ovn-nbctl ls-add foo
4019ovn-nbctl ls-add alice
4020ovn-nbctl ls-add join
c1645003
GS		 4021
4022# Connect foo to R1
31114af7 4023ovn-nbctl lrp-add R1 foo 00:00:01:01:02:03 192.168.1.1/24
31ed1192 4024ovn-nbctl lsp-add foo rp-foo -- set Logical_Switch_Port rp-foo \
80f408f4 4025 type=router options:router-port=foo addresses=\"00:00:01:01:02:03\"
c1645003
GS		 4026
4027# Connect alice to R2
31114af7 4028ovn-nbctl lrp-add R2 alice 00:00:02:01:02:03 172.16.1.1/24
31ed1192 4029ovn-nbctl lsp-add alice rp-alice -- set Logical_Switch_Port rp-alice \
80f408f4 4030 type=router options:router-port=alice addresses=\"00:00:02:01:02:03\"
c1645003
GS		 4031
4032# Connect R1 to join
31114af7 4033ovn-nbctl lrp-add R1 R1_join 00:00:04:01:02:03 20.0.0.1/24
31ed1192 4034ovn-nbctl lsp-add join r1-join -- set Logical_Switch_Port r1-join \
80f408f4 4035 type=router options:router-port=R1_join addresses='"00:00:04:01:02:03"'
c1645003
GS		 4036
4037# Connect R2 to join
31114af7 4038ovn-nbctl lrp-add R2 R2_join 00:00:04:01:02:04 20.0.0.2/24
31ed1192 4039ovn-nbctl lsp-add join r2-join -- set Logical_Switch_Port r2-join \
80f408f4 4040 type=router options:router-port=R2_join addresses='"00:00:04:01:02:04"'
c1645003
GS		 4041
4042
4043#install static routes
4044ovn-nbctl -- --id=@lrt create Logical_Router_Static_Route \
4045ip_prefix=172.16.1.0/24 nexthop=20.0.0.2 -- add Logical_Router \
4046R1 static_routes @lrt
4047
4048ovn-nbctl -- --id=@lrt create Logical_Router_Static_Route \
4049ip_prefix=192.168.1.0/24 nexthop=20.0.0.1 -- add Logical_Router \
4050R2 static_routes @lrt
4051
4052# Create logical port foo1 in foo
31ed1192
JP		 4053ovn-nbctl lsp-add foo foo1 \
4054-- lsp-set-addresses foo1 "f0:00:00:01:02:03 192.168.1.2"
c1645003
GS		 4055
4056# Create logical port alice1 in alice
31ed1192
JP		 4057ovn-nbctl lsp-add alice alice1 \
4058-- lsp-set-addresses alice1 "f0:00:00:01:02:04 172.16.1.2"
c1645003
GS		 4059
4060
4061# Allow some time for ovn-northd and ovn-controller to catch up.
4062# XXX This should be more systematic.
4063sleep 2
4064
4065ip_to_hex() {
4066 printf "%02x%02x%02x%02x" "$@"
4067}
c1645003
GS		 4068
4069# Send ip packets between foo1 and alice1
4070src_mac="f00000010203"
4071dst_mac="000001010203"
4072src_ip=`ip_to_hex 192 168 1 2`
4073dst_ip=`ip_to_hex 172 16 1 2`
4074packet=${dst_mac}${src_mac}08004500001c0000000040110000${src_ip}${dst_ip}0035111100080000
4075
4076echo "---------NB dump-----"
4077ovn-nbctl show
4078echo "---------------------"
4079ovn-nbctl list logical_router
4080echo "---------------------"
4081ovn-nbctl list logical_router_port
4082echo "---------------------"
4083
4084echo "---------SB dump-----"
4085ovn-sbctl list datapath_binding
4086echo "---------------------"
4087ovn-sbctl list port_binding
4088echo "---------------------"
4089ovn-sbctl dump-flows
4090echo "---------------------"
4091ovn-sbctl list chassis
4092ovn-sbctl list encap
4093echo "---------------------"
4094
c1645003
GS		 4095# Packet to Expect at alice1
4096src_mac="000002010203"
4097dst_mac="f00000010204"
4098src_ip=`ip_to_hex 192 168 1 2`
4099dst_ip=`ip_to_hex 172 16 1 2`
4100expected=${dst_mac}${src_mac}08004500001c000000003e110200${src_ip}${dst_ip}0035111100080000
4101
4102
4103as hv1 ovs-appctl netdev-dummy/receive hv1-vif1 $packet
4104as hv1 ovs-appctl ofproto/trace br-int in_port=1 $packet
4105
ab39371d
RM		 4106echo "------ hv1 dump after packet 1 ----------"
4107as hv1 ovs-ofctl show br-int
4108as hv1 ovs-ofctl dump-flows br-int
4109echo "------ hv2 dump after packet 1 ----------"
4110as hv2 ovs-ofctl show br-int
4111as hv2 ovs-ofctl dump-flows br-int
4112echo "----------------------------"
4113
49d7c759
BP		 4114echo $expected > expected
4115OVN_CHECK_PACKETS([hv2/vif1-tx.pcap], [expected])
c1645003 4116
34114cf8
GS		 4117# Delete the router and re-create it. Things should work as before.
4118ovn-nbctl lr-del R2
4119ovn-nbctl create Logical_Router name=R2 options:chassis="hv2"
4120# Connect alice to R2
4121ovn-nbctl lrp-add R2 alice 00:00:02:01:02:03 172.16.1.1/24
4122# Connect R2 to join
4123ovn-nbctl lrp-add R2 R2_join 00:00:04:01:02:04 20.0.0.2/24
4124
4125ovn-nbctl -- --id=@lrt create Logical_Router_Static_Route \
4126ip_prefix=192.168.1.0/24 nexthop=20.0.0.1 -- add Logical_Router \
4127R2 static_routes @lrt
4128
4129# Wait for ovn-controller to catch up.
4130sleep 1
4131
4132# Send the packet again.
4133as hv1 ovs-appctl netdev-dummy/receive hv1-vif1 $packet
ab39371d
RM		 4134
4135echo "------ hv1 dump after packet 2 ----------"
4136as hv1 ovs-ofctl show br-int
4137as hv1 ovs-ofctl dump-flows br-int
4138echo "------ hv2 dump after packet 2 ----------"
4139as hv2 ovs-ofctl show br-int
4140as hv2 ovs-ofctl dump-flows br-int
4141echo "----------------------------"
4142
49d7c759
BP		 4143echo $expected >> expected
4144OVN_CHECK_PACKETS([hv2/vif1-tx.pcap], [expected])
34114cf8 4145
7a8f15e0 4146OVN_CLEANUP([hv1],[hv2])
c1645003
GS		 4147
4148AT_CLEANUP
bb3c4568
FF		 4149
4150AT_SETUP([ovn -- icmp_reply: 1 HVs, 2 LSs, 1 lport/LS, 1 LR])
4151AT_KEYWORDS([router-icmp-reply])
4152AT_SKIP_IF([test $HAVE_PYTHON = no])
4153ovn_start
4154
4155# Logical network:
4156# One LR - R1 has switch ls1 (191.168.1.0/24) connected to it,
4157# and has switch ls2 (172.16.1.0/24) connected to it.
4158
fa2a27b2 4159ovn-nbctl lr-add R1
bb3c4568 4160
ea46a4e9
JP		 4161ovn-nbctl ls-add ls1
4162ovn-nbctl ls-add ls2
bb3c4568
FF		 4163
4164# Connect ls1 to R1
31114af7 4165ovn-nbctl lrp-add R1 ls1 00:00:00:01:02:f1 192.168.1.1/24
31ed1192 4166ovn-nbctl lsp-add ls1 rp-ls1 -- set Logical_Switch_Port rp-ls1 \
80f408f4 4167 type=router options:router-port=ls1 addresses=\"00:00:00:01:02:f1\"
bb3c4568
FF		 4168
4169# Connect ls2 to R1
31114af7 4170ovn-nbctl lrp-add R1 ls2 00:00:00:01:02:f2 172.16.1.1/24
31ed1192 4171ovn-nbctl lsp-add ls2 rp-ls2 -- set Logical_Switch_Port rp-ls2 \
80f408f4 4172 type=router options:router-port=ls2 addresses=\"00:00:00:01:02:f2\"
bb3c4568
FF		 4173
4174# Create logical port ls1-lp1 in ls1
31ed1192
JP		 4175ovn-nbctl lsp-add ls1 ls1-lp1 \
4176-- lsp-set-addresses ls1-lp1 "00:00:00:01:02:03 192.168.1.2"
bb3c4568
FF		 4177
4178# Create logical port ls2-lp1 in ls2
31ed1192
JP		 4179ovn-nbctl lsp-add ls2 ls2-lp1 \
4180-- lsp-set-addresses ls2-lp1 "00:00:00:01:02:04 172.16.1.2"
bb3c4568
FF		 4181
4182# Create one hypervisor and create OVS ports corresponding to logical ports.
4183net_add n1
4184
4185sim_add hv1
4186as hv1
4187ovs-vsctl add-br br-phys
4188ovn_attach n1 br-phys 192.168.0.1
4189ovs-vsctl -- add-port br-int vif1 -- \
4190 set interface vif1 external-ids:iface-id=ls1-lp1 \
4191 options:tx_pcap=hv1/vif1-tx.pcap \
4192 options:rxq_pcap=hv1/vif1-rx.pcap \
4193 ofport-request=1
4194
4195ovs-vsctl -- add-port br-int vif2 -- \
4196 set interface vif2 external-ids:iface-id=ls2-lp1 \
4197 options:tx_pcap=hv1/vif2-tx.pcap \
4198 options:rxq_pcap=hv1/vif2-rx.pcap \
4199 ofport-request=1
4200
4201
4202# Allow some time for ovn-northd and ovn-controller to catch up.
4203# XXX This should be more systematic.
4204sleep 1
4205
4206
4207ip_to_hex() {
4208 printf "%02x%02x%02x%02x" "$@"
4209}
bb3c4568
FF		 4210for i in 1 2; do
4211 : > vif$i.expected
4212done
4213# test_ipv4_icmp_request INPORT ETH_SRC ETH_DST IPV4_SRC IPV4_DST IP_CHKSUM ICMP_CHKSUM [EXP_IP_CHKSUM EXP_ICMP_CHKSUM]
4214#
4215# Causes a packet to be received on INPORT. The packet is an ICMPv4
4216# request with ETH_SRC, ETH_DST, IPV4_SRC, IPV4_DST, IP_CHSUM and
4217# ICMP_CHKSUM as specified. If EXP_IP_CHKSUM and EXP_ICMP_CHKSUM are
4218# provided, then it should be the ip and icmp checksums of the packet
4219# responded; otherwise, no reply is expected.
4220# In the absence of an ip checksum calculation helpers, this relies
4221# on the caller to provide the checksums for the ip and icmp headers.
4222# XXX This should be more systematic.
4223#
4224# INPORT is an lport number, e.g. 11 for vif11.
4225# ETH_SRC and ETH_DST are each 12 hex digits.
4226# IPV4_SRC and IPV4_DST are each 8 hex digits.
4227# IP_CHSUM and ICMP_CHKSUM are each 4 hex digits.
4228# EXP_IP_CHSUM and EXP_ICMP_CHKSUM are each 4 hex digits.
4229test_ipv4_icmp_request() {
4230 local inport=$1 eth_src=$2 eth_dst=$3 ipv4_src=$4 ipv4_dst=$5 ip_chksum=$6 icmp_chksum=$7
4231 local exp_ip_chksum=$8 exp_icmp_chksum=$9
4232 shift; shift; shift; shift; shift; shift; shift
4233 shift; shift
4234
4235 # Use ttl to exercise section 4.2.2.9 of RFC1812
4236 local ip_ttl=01
4237 local icmp_id=5fbf
4238 local icmp_seq=0001
4239 local icmp_data=$(seq 1 56 | xargs printf "%02x")
4240 local icmp_type_code_request=0800
4241 local icmp_payload=${icmp_type_code_request}${icmp_chksum}${icmp_id}${icmp_seq}${icmp_data}
4242 local packet=${eth_dst}${eth_src}08004500005400004000${ip_ttl}01${ip_chksum}${ipv4_src}${ipv4_dst}${icmp_payload}
4243
4244 as hv1 ovs-appctl netdev-dummy/receive vif$inport $packet
4245 if test X$exp_icmp_chksum != X; then
4246 # Expect to receive the reply, if any. In same port where packet was sent.
4247 # Note: src and dst fields are expected to be reversed.
4248 local icmp_type_code_response=0000
4249 local reply_icmp_ttl=fe
4250 local reply_icmp_payload=${icmp_type_code_response}${exp_icmp_chksum}${icmp_id}${icmp_seq}${icmp_data}
4251 local reply=${eth_src}${eth_dst}08004500005400004000${reply_icmp_ttl}01${exp_ip_chksum}${ipv4_dst}${ipv4_src}${reply_icmp_payload}
4252 echo $reply >> vif$inport.expected
4253 fi
4254}
4255
4256# Send ping packet to router's ip addresses, from each of the 2 logical ports.
4257rtr_l1_ip=$(ip_to_hex 192 168 1 1)
4258rtr_l2_ip=$(ip_to_hex 172 16 1 1)
4259l1_ip=$(ip_to_hex 192 168 1 2)
4260l2_ip=$(ip_to_hex 172 16 1 2)
4261
4262# Ping router ip address that is on same subnet as the logical port
4263test_ipv4_icmp_request 1 000000010203 0000000102f1 $l1_ip $rtr_l1_ip 0000 8510 02ff 8d10
4264test_ipv4_icmp_request 2 000000010204 0000000102f2 $l2_ip $rtr_l2_ip 0000 8510 02ff 8d10
4265
4266# Ping router ip address that is on the other side of the logical ports
4267test_ipv4_icmp_request 1 000000010203 0000000102f1 $l1_ip $rtr_l2_ip 0000 8510 02ff 8d10
4268test_ipv4_icmp_request 2 000000010204 0000000102f2 $l2_ip $rtr_l1_ip 0000 8510 02ff 8d10
4269
4270echo "---------NB dump-----"
4271ovn-nbctl show
4272echo "---------------------"
4273ovn-nbctl list logical_router
4274echo "---------------------"
4275ovn-nbctl list logical_router_port
4276echo "---------------------"
4277
4278echo "---------SB dump-----"
4279ovn-sbctl list datapath_binding
4280echo "---------------------"
4281ovn-sbctl list logical_flow
4282echo "---------------------"
4283
4284echo "------ hv1 dump ----------"
4285as hv1 ovs-ofctl dump-flows br-int
4286
4287# Now check the packets actually received against the ones expected.
4288for inport in 1 2; do
49d7c759 4289 OVN_CHECK_PACKETS([hv1/vif${inport}-tx.pcap], [vif$inport.expected])
bb3c4568
FF		 4290done
4291
7a8f15e0 4292OVN_CLEANUP([hv1])
bb3c4568
FF		 4293
4294AT_CLEANUP
94f79fcb
RB		 4295
4296# 1 hypervisor, 1 port
4297# make sure that the port state is properly set to up and back down
4298# when created and deleted.
4299AT_SETUP([ovn -- port state up and down])
4300AT_KEYWORDS([ovn])
4301ovn_start
4302
4303ovn-nbctl ls-add ls1
4304ovn-nbctl lsp-add ls1 lp1
4305ovn-nbctl lsp-set-addresses lp1 unknown
4306
4307net_add n1
4308sim_add hv1
4309as hv1 ovs-vsctl add-br br-phys
4310as hv1 ovn_attach n1 br-phys 192.168.0.1
4311
4312as hv1 ovs-vsctl add-port br-int vif1 -- set Interface vif1 external-ids:iface-id=lp1
4313OVS_WAIT_UNTIL([test x`ovn-nbctl lsp-get-up lp1` = xup])
4314
4315as hv1 ovs-vsctl del-port br-int vif1
4316OVS_WAIT_UNTIL([test x`ovn-nbctl lsp-get-up lp1` = xdown])
4317
7a8f15e0 4318OVN_CLEANUP([hv1])
94f79fcb 4319
94f79fcb 4320AT_CLEANUP
e75451fe 4321
f8a8db39
JP		 4322AT_SETUP([ovn -- nd_na ])
4323AT_KEYWORDS([ovn-nd_na])
e75451fe
ZKL		 4324AT_SKIP_IF([test $HAVE_PYTHON = no])
4325ovn_start
4326
4327#TODO: since patch port for IPv6 logical router port is not ready not,
4328# so we are not going to test vifs on different lswitches cases. Try
4329# to update for that once relevant stuff implemented.
4330
4331# In this test cases we create 1 lswitch, it has 2 VIF ports attached
4332# with. NS packet we test, from one VIF for another VIF, will be replied
4333# by local ovn-controller, but not by target VIF.
4334
4335# Create hypervisors and logical switch lsw0.
4336ovn-nbctl ls-add lsw0
4337net_add n1
4338sim_add hv1
4339as hv1
4340ovs-vsctl add-br br-phys
4341ovn_attach n1 br-phys 192.168.0.2
4342
4343# Add vif1 to hv1 and lsw0, turn on l2 port security on vif1.
4344ovs-vsctl add-port br-int vif1 -- set Interface vif1 external-ids:iface-id=lp1 options:tx_pcap=hv1/vif1-tx.pcap options:rxq_pcap=hv1/vif1-rx.pcap ofport-request=1
4345ovn-nbctl lsp-add lsw0 lp1
4346ovn-nbctl lsp-set-addresses lp1 "fa:16:3e:94:05:98 192.168.0.3 fd81:ce49:a948:0:f816:3eff:fe94:598"
4347ovn-nbctl lsp-set-port-security lp1 "fa:16:3e:94:05:98 192.168.0.3 fd81:ce49:a948:0:f816:3eff:fe94:598"
4348
4349# Add vif2 to hv1 and lsw0, turn on l2 port security on vif2.
4350ovs-vsctl add-port br-int vif2 -- set Interface vif2 external-ids:iface-id=lp2 options:tx_pcap=hv1/vif2-tx.pcap options:rxq_pcap=hv1/vif2-rx.pcap ofport-request=2
4351ovn-nbctl lsp-add lsw0 lp2
4352ovn-nbctl lsp-set-addresses lp2 "fa:16:3e:a1:f9:ae 192.168.0.4 fd81:ce49:a948:0:f816:3eff:fea1:f9ae"
4353ovn-nbctl lsp-set-port-security lp2 "fa:16:3e:a1:f9:ae 192.168.0.4 fd81:ce49:a948:0:f816:3eff:fea1:f9ae"
4354
4355# Add ACL rule for ICMPv6 on lsw0
4356ovn-nbctl acl-add lsw0 from-lport 1002 'ip6 && icmp6' allow-related
4357ovn-nbctl acl-add lsw0 to-lport 1002 'outport == "lp1" && ip6 && icmp6' allow-related
4358ovn-nbctl acl-add lsw0 to-lport 1002 'outport == "lp2" && ip6 && icmp6' allow-related
4359
4360# Allow some time for ovn-northd and ovn-controller to catch up.
4361# XXX This should be more systematic.
4362sleep 1
4363
4364# Given the name of a logical port, prints the name of the hypervisor
4365# on which it is located.
4366vif_to_hv() {
4367 echo hv1${1%?}
4368}
e75451fe
ZKL		 4369for i in 1 2; do
4370 : > $i.expected
4371done
4372
4373# Complete Neighbor Solicitation packet and Neighbor Advertisement packet
4374# vif1 -> NS -> vif2. vif1 <- NA <- ovn-controller.
4375# vif2 will not receive NS packet, since ovn-controller will reply for it.
4376ns_packet=3333ffa1f9aefa163e94059886dd6000000000203afffd81ce49a9480000f8163efffe940598fd81ce49a9480000f8163efffea1f9ae8700e01160000000fd81ce49a9480000f8163efffea1f9ae0101fa163e940598
4377na_packet=fa163e940598fa163ea1f9ae86dd6000000000203afffd81ce49a9480000f8163efffea1f9aefd81ce49a9480000f8163efffe9405988800e9ed60000000fd81ce49a9480000f8163efffea1f9ae0201fa163ea1f9ae
4378
4379as hv1 ovs-appctl netdev-dummy/receive vif1 $ns_packet
e4543cfe 4380echo $na_packet >> 1.expected
e75451fe 4381
e75451fe
ZKL		 4382echo "------ hv1 dump ------"
4383as hv1 ovs-vsctl show
4384as hv1 ovs-ofctl -O OpenFlow13 show br-int
4385as hv1 ovs-ofctl -O OpenFlow13 dump-flows br-int
4386
4387for i in 1 2; do
49d7c759 4388 OVN_CHECK_PACKETS([hv1/vif$i-tx.pcap], [$i.expected])
e75451fe
ZKL		 4389done
4390
7a8f15e0 4391OVN_CLEANUP([hv1])
e75451fe
ZKL		 4392
4393AT_CLEANUP
7417d147
RM		 4394
4395AT_SETUP([ovn -- address sets modification/removal smoke test])
4396AT_KEYWORDS([ovn-addr])
4397ovn_start
4398
4399net_add n1
4400
4401sim_add hv1
4402as hv1
4403ovs-vsctl add-br br-phys
4404ovn_attach n1 br-phys 192.168.0.1
4405
4406row=`ovn-nbctl create Address_Set name=set1 addresses=\"1.1.1.1\"`
4407ovn-nbctl set Address_Set $row name=set1 addresses=\"1.1.1.1,1.1.1.2\"
4408ovn-nbctl destroy Address_Set $row
4409
4410sleep 1
4411
4412# A bug previously existed in the address set support code
4413# that caused ovn-controller to crash after an address set
4414# was updated and then removed. This test case ensures
4415# that ovn-controller is at least still running after
4416# creating, updating, and deleting an address set.
4417AT_CHECK([ovs-appctl -t ovn-controller version], [0], [ignore])
4418
4419OVN_CLEANUP([hv1])
4420
4421AT_CLEANUP
8639f9be
ND		 4422
4423AT_SETUP([ovn -- ipam])
4424AT_KEYWORDS([ovnipam])
4425AT_SKIP_IF([test $HAVE_PYTHON = no])
4426ovn_start
4427
4428# Add a port to a switch that does not have a subnet set, then set the
4429# subnet which should result in an address being allocated for the port.
4430ovn-nbctl ls-add sw0
4431ovn-nbctl lsp-add sw0 p0 -- lsp-set-addresses p0 dynamic
4432ovn-nbctl add Logical-Switch sw0 other_config subnet=192.168.1.0/24
4433AT_CHECK([ovn-nbctl get Logical-Switch-Port p0 dynamic_addresses], [0],
4434 ["0a:00:00:00:00:01 192.168.1.2"
4435])
4436
4437# Add 9 more ports to sw0, addresses should all be unique.
4438for n in `seq 1 9`; do
4439 ovn-nbctl lsp-add sw0 "p$n" -- lsp-set-addresses "p$n" dynamic
4440done
4441AT_CHECK([ovn-nbctl get Logical-Switch-Port p1 dynamic_addresses], [0],
4442 ["0a:00:00:00:00:02 192.168.1.3"
4443])
4444AT_CHECK([ovn-nbctl get Logical-Switch-Port p2 dynamic_addresses], [0],
4445 ["0a:00:00:00:00:03 192.168.1.4"
4446])
4447AT_CHECK([ovn-nbctl get Logical-Switch-Port p3 dynamic_addresses], [0],
4448 ["0a:00:00:00:00:04 192.168.1.5"
4449])
4450AT_CHECK([ovn-nbctl get Logical-Switch-Port p4 dynamic_addresses], [0],
4451 ["0a:00:00:00:00:05 192.168.1.6"
4452])
4453AT_CHECK([ovn-nbctl get Logical-Switch-Port p5 dynamic_addresses], [0],
4454 ["0a:00:00:00:00:06 192.168.1.7"
4455])
4456AT_CHECK([ovn-nbctl get Logical-Switch-Port p6 dynamic_addresses], [0],
4457 ["0a:00:00:00:00:07 192.168.1.8"
4458])
4459AT_CHECK([ovn-nbctl get Logical-Switch-Port p7 dynamic_addresses], [0],
4460 ["0a:00:00:00:00:08 192.168.1.9"
4461])
4462AT_CHECK([ovn-nbctl get Logical-Switch-Port p8 dynamic_addresses], [0],
4463 ["0a:00:00:00:00:09 192.168.1.10"
4464])
4465AT_CHECK([ovn-nbctl get Logical-Switch-Port p9 dynamic_addresses], [0],
4466 ["0a:00:00:00:00:0a 192.168.1.11"
4467])
4468
4469# Trying similar tests with a second switch. MAC addresses should be unique
4470# across both switches but IP's only need to be unique within the same switch.
4471ovn-nbctl ls-add sw1
4472ovn-nbctl lsp-add sw1 p10 -- lsp-set-addresses p10 dynamic
4473ovn-nbctl add Logical-Switch sw1 other_config subnet=192.168.1.0/24
4474AT_CHECK([ovn-nbctl get Logical-Switch-Port p10 dynamic_addresses], [0],
4475 ["0a:00:00:00:00:0b 192.168.1.2"
4476])
4477
4478for n in `seq 11 19`; do
4479 ovn-nbctl lsp-add sw1 "p$n" -- lsp-set-addresses "p$n" dynamic
4480done
4481AT_CHECK([ovn-nbctl get Logical-Switch-Port p11 dynamic_addresses], [0],
4482 ["0a:00:00:00:00:0c 192.168.1.3"
4483])
4484AT_CHECK([ovn-nbctl get Logical-Switch-Port p12 dynamic_addresses], [0],
4485 ["0a:00:00:00:00:0d 192.168.1.4"
4486])
4487AT_CHECK([ovn-nbctl get Logical-Switch-Port p13 dynamic_addresses], [0],
4488 ["0a:00:00:00:00:0e 192.168.1.5"
4489])
4490AT_CHECK([ovn-nbctl get Logical-Switch-Port p14 dynamic_addresses], [0],
4491 ["0a:00:00:00:00:0f 192.168.1.6"
4492])
4493AT_CHECK([ovn-nbctl get Logical-Switch-Port p15 dynamic_addresses], [0],
4494 ["0a:00:00:00:00:10 192.168.1.7"
4495])
4496AT_CHECK([ovn-nbctl get Logical-Switch-Port p16 dynamic_addresses], [0],
4497 ["0a:00:00:00:00:11 192.168.1.8"
4498])
4499AT_CHECK([ovn-nbctl get Logical-Switch-Port p17 dynamic_addresses], [0],
4500 ["0a:00:00:00:00:12 192.168.1.9"
4501])
4502AT_CHECK([ovn-nbctl get Logical-Switch-Port p18 dynamic_addresses], [0],
4503 ["0a:00:00:00:00:13 192.168.1.10"
4504])
4505AT_CHECK([ovn-nbctl get Logical-Switch-Port p19 dynamic_addresses], [0],
4506 ["0a:00:00:00:00:14 192.168.1.11"
4507])
4508
4509# Change a port's address to test for multiple ip's for a single address entry
4510# and addresses set by the user.
4511ovn-nbctl lsp-set-addresses p0 "0a:00:00:00:00:15 192.168.1.12 192.168.1.14"
4512ovn-nbctl lsp-add sw0 p20 -- lsp-set-addresses p20 dynamic
4513AT_CHECK([ovn-nbctl get Logical-Switch-Port p20 dynamic_addresses], [0],
4514 ["0a:00:00:00:00:16 192.168.1.13"
4515])
4516
4517# Test for logical router port address management.
4518ovn-nbctl create Logical_Router name=R1
4519ovn-nbctl -- --id=@lrp create Logical_Router_port name=sw0 \
4520network="192.168.1.1/24" mac=\"0a:00:00:00:00:17\" \
4521-- add Logical_Router R1 ports @lrp -- lsp-add sw0 rp-sw0 \
4522-- set Logical_Switch_Port rp-sw0 type=router options:router-port=sw0
4523ovn-nbctl lsp-add sw0 p21 -- lsp-set-addresses p21 dynamic
4524AT_CHECK([ovn-nbctl get Logical-Switch-Port p21 dynamic_addresses], [0],
4525 ["0a:00:00:00:00:18 192.168.1.15"
4526])
4527
4528# Test for address reuse after logical port is deleted.
4529ovn-nbctl lsp-del p0
4530ovn-nbctl lsp-add sw0 p23 -- lsp-set-addresses p23 dynamic
4531AT_CHECK([ovn-nbctl get Logical-Switch-Port p23 dynamic_addresses], [0],
4532 ["0a:00:00:00:00:19 192.168.1.2"
4533])
4534
4535# Test for multiple addresses to one logical port.
4536ovn-nbctl lsp-add sw0 p25 -- lsp-set-addresses p25 \
4537"0a:00:00:00:00:1a 192.168.1.12" "0a:00:00:00:00:1b 192.168.1.14"
4538ovn-nbctl lsp-add sw0 p26 -- lsp-set-addresses p26 dynamic
4539AT_CHECK([ovn-nbctl get Logical-Switch-Port p26 dynamic_addresses], [0],
4540 ["0a:00:00:00:00:1c 192.168.1.16"
4541])
4542
4543# Test for exhausting subnet address space.
4544ovn-nbctl ls-add sw2 -- add Logical-Switch sw2 other_config subnet=172.16.1.0/30
4545ovn-nbctl lsp-add sw2 p27 -- lsp-set-addresses p27 dynamic
4546AT_CHECK([ovn-nbctl get Logical-Switch-Port p27 dynamic_addresses], [0],
4547 ["0a:00:00:00:00:1d 172.16.1.2"
4548])
4549
4550ovn-nbctl lsp-add sw2 p28 -- lsp-set-addresses p28 dynamic
4551AT_CHECK([ovn-nbctl get Logical-Switch-Port p28 dynamic_addresses], [0],
4552 [[[]]
4553])
4554
4555# Test that address management does not add duplicate MAC for lsp/lrp peers.
4556ovn-nbctl create Logical_Router name=R2
4557ovn-nbctl ls-add sw3
4558ovn-nbctl lsp-add sw3 p29 -- lsp-set-addresses p29 \
4559"0a:00:00:00:00:1e"
4560ovn-nbctl -- --id=@lrp create Logical_Router_port name=sw3 \
4561network="192.168.2.1/24" mac=\"0a:00:00:00:00:1f\" \
4562-- add Logical_Router R2 ports @lrp -- lsp-add sw3 rp-sw3 \
4563-- set Logical_Switch_Port rp-sw3 type=router options:router-port=sw3
4564ovn-nbctl lsp-add sw0 p30 -- lsp-set-addresses p30 dynamic
4565AT_CHECK([ovn-nbctl get Logical-Switch-Port p30 dynamic_addresses], [0],
4566 ["0a:00:00:00:00:20 192.168.1.17"
4567])
4568
4569as ovn-sb
4570OVS_APP_EXIT_AND_WAIT([ovsdb-server])
4571
4572as ovn-nb
4573OVS_APP_EXIT_AND_WAIT([ovsdb-server])
4574
4575as northd
4576OVS_APP_EXIT_AND_WAIT([ovn-northd])
4577
4578AT_CLEANUP
4579
4580AT_SETUP([ovn -- ipam connectivity])
4581AT_KEYWORDS([ovnipamconnectivity])
4582AT_SKIP_IF([test $HAVE_PYTHON = no])
4583ovn_start
4584
4585ovn-nbctl lr-add R1
4586
4587# Test for a ping using dynamically allocated addresses.
4588ovn-nbctl ls-add foo -- add Logical_Switch foo other_config subnet=192.168.1.0/24
4589ovn-nbctl ls-add alice -- add Logical_Switch alice other_config subnet=192.168.2.0/24
4590
4591# Connect foo to R1
4592ovn-nbctl lrp-add R1 foo 00:00:00:01:02:03 192.168.1.1/24
4593ovn-nbctl lsp-add foo rp-foo -- set Logical_Switch_Port rp-foo type=router \
4594 options:router-port=foo addresses=\"00:00:00:01:02:03\"
4595
4596# Connect alice to R1
4597ovn-nbctl lrp-add R1 alice 00:00:00:01:02:04 192.168.2.1/24
4598ovn-nbctl lsp-add alice rp-alice -- set Logical_Switch_Port rp-alice type=router \
4599 options:router-port=alice addresses=\"00:00:00:01:02:04\"
4600
4601# Create logical port foo1 in foo
4602ovn-nbctl lsp-add foo foo1 \
4603-- lsp-set-addresses foo1 "dynamic"
4604AT_CHECK([ovn-nbctl get Logical-Switch-Port foo1 dynamic_addresses], [0],
4605 ["0a:00:00:00:00:01 192.168.1.2"
4606])
4607
4608# Create logical port alice1 in alice
4609ovn-nbctl lsp-add alice alice1 \
4610-- lsp-set-addresses alice1 "dynamic"
4611AT_CHECK([ovn-nbctl get Logical-Switch-Port alice1 dynamic_addresses], [0],
4612 ["0a:00:00:00:00:02 192.168.2.2"
4613])
4614
4615# Create logical port foo2 in foo
4616ovn-nbctl lsp-add foo foo2 \
4617-- lsp-set-addresses foo2 "dynamic"
4618AT_CHECK([ovn-nbctl get Logical-Switch-Port foo2 dynamic_addresses], [0],
4619 ["0a:00:00:00:00:03 192.168.1.3"
4620])
4621
4622# Create a hypervisor and create OVS ports corresponding to logical ports.
4623net_add n1
4624
4625sim_add hv1
4626as hv1
4627ovs-vsctl add-br br-phys
4628ovn_attach n1 br-phys 192.168.0.1
4629ovs-vsctl -- add-port br-int hv1-vif1 -- \
4630 set interface hv1-vif1 external-ids:iface-id=foo1 \
4631 options:tx_pcap=hv1/vif1-tx.pcap \
4632 options:rxq_pcap=hv1/vif1-rx.pcap \
4633 ofport-request=1
4634
4635ovs-vsctl -- add-port br-int hv1-vif2 -- \
4636 set interface hv1-vif2 external-ids:iface-id=foo2 \
4637 options:tx_pcap=hv1/vif2-tx.pcap \
4638 options:rxq_pcap=hv1/vif2-rx.pcap \
4639 ofport-request=2
4640
4641ovs-vsctl -- add-port br-int hv1-vif3 -- \
4642 set interface hv1-vif3 external-ids:iface-id=alice1 \
4643 options:tx_pcap=hv1/vif3-tx.pcap \
4644 options:rxq_pcap=hv1/vif3-rx.pcap \
4645 ofport-request=3
4646
4647# Allow some time for ovn-northd and ovn-controller to catch up.
4648# XXX This should be more systematic.
4649sleep 1
4650
4651ip_to_hex() {
4652 printf "%02x%02x%02x%02x" "$@"
4653}
8639f9be
ND		 4654
4655# Send ip packets between foo1 and foo2
4656src_mac="0a0000000001"
4657dst_mac="0a0000000003"
4658src_ip=`ip_to_hex 192 168 1 2`
4659dst_ip=`ip_to_hex 192 168 1 3`
4660packet=${dst_mac}${src_mac}08004500001c0000000040110000${src_ip}${dst_ip}0035111100080000
4661as hv1 ovs-appctl netdev-dummy/receive hv1-vif1 $packet
4662
4663# Send ip packets between foo1 and alice1
4664src_mac="0a0000000001"
4665dst_mac="000000010203"
4666src_ip=`ip_to_hex 192 168 1 2`
4667dst_ip=`ip_to_hex 192 168 2 2`
4668packet=${dst_mac}${src_mac}08004500001c0000000040110000${src_ip}${dst_ip}0035111100080000
4669as hv1 ovs-appctl netdev-dummy/receive hv1-vif1 $packet
4670
4671echo "---------NB dump-----"
4672ovn-nbctl show
4673echo "---------------------"
4674ovn-nbctl list logical_router
4675echo "---------------------"
4676ovn-nbctl list logical_router_port
4677echo "---------------------"
4678
4679echo "---------SB dump-----"
4680ovn-sbctl list datapath_binding
4681echo "---------------------"
4682ovn-sbctl list port_binding
4683echo "---------------------"
4684
4685echo "------ hv1 dump ----------"
4686as hv1 ovs-ofctl dump-flows br-int
4687
4688# Packet to Expect at foo2
4689src_mac="0a0000000001"
4690dst_mac="0a0000000003"
4691src_ip=`ip_to_hex 192 168 1 2`
4692dst_ip=`ip_to_hex 192 168 1 3`
4693expected=${dst_mac}${src_mac}08004500001c0000000040110000${src_ip}${dst_ip}0035111100080000
4694
e4543cfe
DDP		 4695$PYTHON "$top_srcdir/utilities/ovs-pcap.in" hv1/vif2-tx.pcap > received1.packets
4696echo $expected > expout
8639f9be
ND		 4697AT_CHECK([cat received1.packets], [0], [expout])
4698
4699# Packet to Expect at alice1
4700src_mac="000000010204"
4701dst_mac="0a0000000002"
4702src_ip=`ip_to_hex 192 168 1 2`
4703dst_ip=`ip_to_hex 192 168 2 2`
4704expected=${dst_mac}${src_mac}08004500001c000000003f110100${src_ip}${dst_ip}0035111100080000
4705
e4543cfe
DDP		 4706$PYTHON "$top_srcdir/utilities/ovs-pcap.in" hv1/vif3-tx.pcap > received2.packets
4707echo $expected > expout
8639f9be
ND		 4708AT_CHECK([cat received2.packets], [0], [expout])
4709
4710OVN_CLEANUP([hv1])
4711
4712AT_CLEANUP
f5792c3f
NS		 4713
4714AT_SETUP([ovn -- ovs-vswitchd restart])
4715AT_KEYWORDS([vswitchd restart])
4716AT_SKIP_IF([test $HAVE_PYTHON = no])
4717ovn_start
4718
4719ovn-nbctl ls-add ls1
4720
4721ovn-nbctl lsp-add ls1 ls1-lp1 \
4722-- lsp-set-addresses ls1-lp1 "f0:00:00:00:00:01 10.0.0.4"
4723
4724ovn-nbctl lsp-set-port-security ls1-lp1 "f0:00:00:00:00:01 10.0.0.4"
4725
4726net_add n1
4727sim_add hv1
4728
4729as hv1
4730ovs-vsctl add-br br-phys
4731ovn_attach n1 br-phys 192.168.0.1
4732ovs-vsctl -- add-port br-int hv1-vif1 -- \
4733 set interface hv1-vif1 external-ids:iface-id=ls1-lp1 \
4734 options:tx_pcap=hv1/vif1-tx.pcap \
4735 options:rxq_pcap=hv1/vif1-rx.pcap \
4736 ofport-request=1
4737
4738ovn_populate_arp
4739sleep 2
4740
4741as hv1 ovs-vsctl show
4742
4743echo "---------------------"
4744ovn-sbctl dump-flows
4745echo "---------------------"
4746
4747echo "------ hv1 dump ----------"
4748as hv1 ovs-ofctl dump-flows br-int
4749total_flows=`as hv1 ovs-ofctl dump-flows br-int | wc -l`
4750
4751echo "Total flows before vswitchd restart = " $total_flows
4752
4753# Code taken from ovs-save utility
4754save_flows () {
4755 echo "ovs-ofctl add-flows br-int - << EOF" > restore_flows.sh
4756 as hv1 ovs-ofctl dump-flows "br-int" | sed -e '/NXST_FLOW/d' \
4757 -e 's/\(idle\|hard\)_age=[^,]*,//g' >> restore_flows.sh
4758 echo "EOF" >> restore_flows.sh
4759}
4760
4761restart_vswitchd () {
4762 restore_flows=$1
4763
4764 if test $restore_flows = true; then
4765 save_flows
4766 fi
4767
4768 as hv1
4769 OVS_APP_EXIT_AND_WAIT([ovs-vswitchd])
4770
4771 if test $restore_flows = true; then
4772 as hv1
4773 ovs-vsctl --no-wait set open_vswitch . other_config:flow-restore-wait="true"
4774 fi
4775
4776 as hv1
4777 start_daemon ovs-vswitchd --enable-dummy=system -vvconn -vofproto_dpif -vunixctl
4778 ovs-ofctl dump-flows br-int
4779
4780 if test $restore_flows = true; then
4781 sh ./restore_flows.sh
4782 echo "Flows after restore"
4783 as hv1
4784 ovs-ofctl dump-flows br-int
4785 ovs-vsctl --no-wait --if-exists remove open_vswitch . other_config \
4786 flow-restore-wait="true"
4787 fi
4788}
4789
4790# Save the flows, restart vswitchd and restore the flows
4791restart_vswitchd true
4792OVS_WAIT_UNTIL([
4793 total_flows_after_restart=`as hv1 ovs-ofctl dump-flows br-int | wc -l`
4794 echo "Total flows after vswitchd restart = " $total_flows_after_restart
4795 test "${total_flows}" = "${total_flows_after_restart}"
4796])
4797
4798# Restart vswitchd without restoring
4799restart_vswitchd false
4800OVS_WAIT_UNTIL([
4801 total_flows_after_restart=`as hv1 ovs-ofctl dump-flows br-int | wc -l`
4802 echo "Total flows after vswitchd restart = " $total_flows_after_restart
4803 test "${total_flows}" = "${total_flows_after_restart}"
4804])
4805
4806OVN_CLEANUP([hv1])
4807AT_CLEANUP
47021598
CSV		 4808
4809AT_SETUP([ovn -- send arp for nexthop])
4810AT_KEYWORDS([ovn])
4811AT_SKIP_IF([test $HAVE_PYTHON = no])
4812ovn_start
4813
4814# Topology: Two LSs - ls1 and ls2 are connected via router r0
4815
4816# Create logical switches
4817ovn-nbctl ls-add ls1
4818ovn-nbctl ls-add ls2
4819
4820# Create router
4821ovn-nbctl create Logical_Router name=lr0
4822
4823# Add router ls1p1 port to gateway router
4824ovn-nbctl lrp-add lr0 lrp-ls1lp1 f0:00:00:00:00:01 192.168.0.1/24
4825ovn-nbctl lsp-add ls1 ls1lp1 -- set Logical_Switch_Port ls1lp1 \
4826 type=router options:router-port=lrp-ls1lp1 \
4827 addresses='"f0:00:00:00:00:01 192.168.0.1"'
4828
4829# Add router ls2p2 port to gateway router
4830ovn-nbctl lrp-add lr0 lrp-ls2lp1 f0:00:00:00:00:02 192.168.1.1/24
4831ovn-nbctl lsp-add ls2 ls2lp1 -- set Logical_Switch_Port ls2lp1 \
4832 type=router options:router-port=lrp-ls2lp1 \
4833 addresses='"f0:00:00:00:00:02 192.168.1.1"'
4834
4835# Set default gateway (nexthop) to 192.168.1.254
4836ovn-nbctl lr-route-add lr0 "0.0.0.0/0" 192.168.1.254 lrp-ls2lp1
4837
4838# Create logical port ls1lp2 in ls1
4839ovn-nbctl lsp-add ls1 ls1lp2 \
4840-- lsp-set-addresses ls1lp2 "f0:00:00:00:00:03 192.168.0.2"
4841
4842# Create logical port ls2lp2 in ls2
4843ovn-nbctl lsp-add ls2 ls2lp2 \
4844-- lsp-set-addresses ls2lp2 "f0:00:00:00:00:04 192.168.1.10"
4845
4846net_add n1
4847sim_add hv1
4848as hv1
4849ovs-vsctl add-br br-phys
4850ovn_attach n1 br-phys 192.168.0.1
4851ovs-vsctl -- add-port br-int hv1-ls1lp2 -- \
4852 set interface hv1-ls1lp2 external-ids:iface-id=ls1lp2 \
4853 options:tx_pcap=hv1/ls1lp2-tx.pcap \
4854 options:rxq_pcap=hv1/ls1lp2-rx.pcap \
4855 ofport-request=1
4856ovs-vsctl -- add-port br-int hv1-ls2lp2 -- \
4857 set interface hv1-ls2lp2 external-ids:iface-id=ls2lp2 \
4858 options:tx_pcap=hv1/ls2lp2-tx.pcap \
4859 options:rxq_pcap=hv1/ls2lp2-rx.pcap \
4860 ofport-request=2
4861
4862# Allow some time for ovn-northd and ovn-controller to catch up.
4863# XXX This should be more systematic.
4864sleep 1
4865
4866echo "---------NB dump-----"
4867ovn-nbctl show
4868echo "---------------------"
4869ovn-nbctl list logical_router
4870echo "---------------------"
4871ovn-nbctl list logical_router_port
4872echo "---------------------"
4873
4874echo "---------SB dump-----"
4875ovn-sbctl list datapath_binding
4876echo "---------------------"
4877ovn-sbctl list port_binding
4878echo "---------------------"
4879ovn-sbctl dump-flows
4880echo "---------------------"
4881ovn-sbctl list chassis
4882ovn-sbctl list encap
4883echo "---------------------"
4884
4885echo "------Flows dump-----"
4886as hv1
4887ovs-ofctl dump-flows
4888echo "---------------------"
4889
4890ip_to_hex() {
4891 printf "%02x%02x%02x%02x" "$@"
4892}
4893
4894src_mac="f00000000003"
4895dst_mac="f00000000001"
4896src_ip=`ip_to_hex 192 168 0 2`
4897dst_ip=`ip_to_hex 8 8 8 8`
4898packet=${dst_mac}${src_mac}08004500001c0000000040110000${src_ip}${dst_ip}0035111100080000
4899
4900# Send IP packet destined to 8.8.8.8 from lsp1lp2
4901as hv1 ovs-appctl netdev-dummy/receive hv1-ls1lp2 $packet
4902
4903trim_zeros() {
4904 sed 's/\(00\)\{1,\}$//'
4905}
4906
4907# ARP packet should be received with Target IP Address set to 192.168.1.254 and
4908# not 8.8.8.8
4909
4910$PYTHON "$top_srcdir/utilities/ovs-pcap.in" hv1/ls2lp2-tx.pcap | trim_zeros > packets
4911expected="fffffffffffff0000000000208060001080006040001f00000000002c0a80101000000000000c0a801fe"
4912echo $expected > expout
4913AT_CHECK([cat packets], [0], [expout])
4914cat packets
4915
4916OVN_CLEANUP([hv1])
4917
4918AT_CLEANUP
8439c2eb
CSV		 4919
4920AT_SETUP([ovn -- send gratuitous arp for nat ips in localnet])
4921AT_KEYWORDS([ovn])
4922AT_SKIP_IF([test $HAVE_PYTHON = no])
4923ovn_start
4924# Create logical switch
4925ovn-nbctl ls-add ls0
4926# Create gateway router
4927ovn-nbctl create Logical_Router name=lr0 options:chassis=hv1
4928# Add router port to gateway router
4929ovn-nbctl lrp-add lr0 lrp0 f0:00:00:00:00:01 192.168.0.1/24
4930ovn-nbctl lsp-add ls0 lrp0-rp -- set Logical_Switch_Port lrp0-rp \
4931 type=router options:router-port=lrp0-rp addresses='"f0:00:00:00:00:01"'
4932# Add nat-address option
4933ovn-nbctl lsp-set-options lrp0-rp router-port=lrp0 nat-addresses="f0:00:00:00:00:01 192.168.0.2"
4934
4935net_add n1
4936sim_add hv1
4937as hv1
4938ovs-vsctl \
4939 -- add-br br-phys \
4940 -- add-br br-eth0
4941
4942ovn_attach n1 br-phys 192.168.0.1
4943
4944AT_CHECK([ovs-vsctl set Open_vSwitch . external-ids:ovn-bridge-mappings=physnet1:br-eth0])
4945AT_CHECK([ovs-vsctl add-port br-eth0 snoopvif -- set Interface snoopvif options:tx_pcap=hv1/snoopvif-tx.pcap options:rxq_pcap=hv1/snoopvif-rx.pcap])
4946
4947# Create a localnet port.
4948AT_CHECK([ovn-nbctl lsp-add ls0 ln_port])
4949AT_CHECK([ovn-nbctl lsp-set-addresses ln_port unknown])
4950AT_CHECK([ovn-nbctl lsp-set-type ln_port localnet])
4951AT_CHECK([ovn-nbctl lsp-set-options ln_port network_name=physnet1])
4952
4953
4954# Wait for packet to be received.
4955OVS_WAIT_UNTIL([test `wc -c < "hv1/snoopvif-tx.pcap"` -ge 50])
4956trim_zeros() {
4957 sed 's/\(00\)\{1,\}$//'
4958}
4959$PYTHON "$top_srcdir/utilities/ovs-pcap.in" hv1/snoopvif-tx.pcap | trim_zeros > packets
4960expected="fffffffffffff0000000000108060001080006040001f00000000001c0a80002000000000000c0a80002"
4961echo $expected > expout
4962AT_CHECK([sort packets], [0], [expout])
4963cat packets
4964
4965OVN_CLEANUP([hv1])
4966
4967AT_CLEANUP
6e31816f
CSV		 4968
4969AT_SETUP([ovn -- delete mac bindings])
4970AT_KEYWORDS([ovn])
4971ovn_start
4972net_add n1
4973sim_add hv1
4974as hv1
4975ovs-vsctl -- add-br br-phys
4976ovn_attach n1 br-phys 192.168.0.1
4977# Create logical switch ls0
4978ovn-nbctl ls-add ls0
4979# Create ports lp0, lp1 in ls0
4980ovn-nbctl lsp-add ls0 lp0
4981ovn-nbctl lsp-add ls0 lp1
4982ovn-nbctl lsp-set-addresses lp0 "f0:00:00:00:00:01 192.168.0.1"
4983ovn-nbctl lsp-set-addresses lp1 "f0:00:00:00:00:02 192.168.0.2"
4984dp_uuid=`ovn-sbctl find datapath | grep uuid | cut -f2 -d ":" | cut -f2 -d " "`
4985ovn-sbctl create MAC_Binding ip=10.0.0.1 datapath=$dp_uuid logical_port=lp0 mac="mac1"
4986ovn-sbctl create MAC_Binding ip=10.0.0.1 datapath=$dp_uuid logical_port=lp1 mac="mac2"
4987ovn-sbctl find MAC_Binding
4988#Delete port lp0
4989ovn-nbctl lsp-del lp0
4990ovn-sbctl find MAC_Binding
4991AT_CHECK([ovn-sbctl find MAC_Binding logical_port=lp0], [0], [])
4992#Delete ls0. This will verify that the mac_bindings are cleaned up when a
4993#datapath is deleted without explicitly removing the the logical ports
4994ovn-nbctl ls-del ls0
4995ovn-sbctl find MAC_Binding
4996AT_CHECK([ovn-sbctl find MAC_Binding], [0], [])
4997
4998OVN_CLEANUP([hv1])
4999
5000AT_CLEANUP
openvswitch mirror