]> git.proxmox.com Git - mirror_ovs.git/blame - tests/ovn.at
projects / mirror_ovs.git / blame
? search:
summary | shortlog | log | commit | commitdiff | tree
blob | blame (incremental) | history | HEAD
actions: Make "free" functions per-struct, not per-action.
[mirror_ovs.git] / tests / ovn.at
CommitLineData
49d7c759
BP		 1# OVN_CHECK_PACKETS([PCAP], [EXPECTED])
2#
3# This compares packets read from PCAP, in pcap format, to those read
4# from EXPECTED, which is a text file containing packets as hex
5# strings, one per line. If PCAP contains fewer packets than
6# EXPECTED, it waits up to 10 seconds for more packets to appear.
7#
8# The implementation is an m4 macro that is mostly implemented in
9# terms of a shell function. This reduces the size of the generated
10# testsuite file since the shell function is only emitted once even
11# when this macro is invoked many times.
12m4_divert_text([PREPARE_TESTS],
13 [ovn_check_packets__ () {
14 echo
15 echo "checking packets in $1 against $2:"
16 rcv_pcap=$1
17 rcv_text=`echo "$rcv_pcap.packets" | sed 's/\.pcap//'`
18 exp_text=$2
19 exp_n=`wc -l < "$exp_text"`
20 ovs_wait_cond () {
abb37b6b
FF		 21 $PYTHON "$top_srcdir/utilities/ovs-pcap.in" $rcv_pcap > $rcv_text
22 rcv_n=`wc -l < "$rcv_text"`
23 test $rcv_n -ge $exp_n
49d7c759
BP		 24 }
25 ovs_wait || echo "expected $exp_n packets, only received $rcv_n"
26
e4543cfe 27 sort $exp_text > expout
49d7c759
BP		 28 }
29])
30m4_define([OVN_CHECK_PACKETS],
31 [ovn_check_packets__ "$1" "$2"
32 AT_CHECK([sort $rcv_text], [0], [expout])])
33
f295c17b 34AT_BANNER([OVN components])
10b1662b
BP		 35
36AT_SETUP([ovn -- lexer])
37dnl For lines without =>, input and expected output are identical.
38dnl For lines with =>, input precedes => and expected output follows =>.
39AT_DATA([test-cases.txt], [dnl
40foo bar baz quuxquuxquux _abcd_ a.b.c.d a123_.456
41"abc\u0020def" => "abc def"
42" => error("Input ends inside quoted string.")dnl "
43
2c5cbb15
RB		 44$foo $bar $baz $quuxquuxquux $_abcd_ $a.b.c.d $a123_.456
45$1 => error("`$' must be followed by a valid identifier.") 1
46
10b1662b
BP		 47a/*b*/c => a c
48a//b c => a
49a/**/b => a b
50a/*/b => a error("`/*' without matching `*/'.")
51a/*/**/b => a b
52a/b => a error("`/' is only valid as part of `//' or `/*'.") b
53
540 1 12345 18446744073709551615
5518446744073709551616 => error("Decimal constants must be less than 2**64.")
569999999999999999999999 => error("Decimal constants must be less than 2**64.")
5701 => error("Decimal constants must not have leading zeros.")
58
590/0
600/1
611/0 => error("Value contains unmasked 1-bits.")
621/1
63128/384
641/3
651/ => error("Integer constant expected.")
66
671/0x123 => error("Value and mask have incompatible formats.")
68
690x1234
700x01234 => 0x1234
710x0 => 0
720x000 => 0
730xfedcba9876543210
740XFEDCBA9876543210 => 0xfedcba9876543210
750xfedcba9876543210fedcba9876543210
10b1662b
BP		 760x0000fedcba9876543210fedcba9876543210 => 0xfedcba9876543210fedcba9876543210
770x => error("Hex digits expected following 0x.")
780X => error("Hex digits expected following 0X.")
790x0/0x0 => 0/0
800x0/0x1 => 0/0x1
810x1/0x0 => error("Value contains unmasked 1-bits.")
820xffff/0x1ffff
830x. => error("Invalid syntax in hexadecimal constant.")
84
85192.168.128.1 1.2.3.4 255.255.255.255 0.0.0.0
86256.1.2.3 => error("Invalid numeric constant.")
87192.168.0.0/16
88192.168.0.0/255.255.0.0 => 192.168.0.0/16
89192.168.0.0/255.255.255.0 => 192.168.0.0/24
90192.168.0.0/255.255.0.255
91192.168.0.0/255.0.0.0 => error("Value contains unmasked 1-bits.")
92192.168.0.0/32
93192.168.0.0/255.255.255.255 => 192.168.0.0/32
52c0fc39 941.2.3.4:5 => 1.2.3.4 : 5
10b1662b
BP		 95
96::
97::1
98ff00::1234 => ff00::1234
992001:db8:85a3::8a2e:370:7334
1002001:db8:85a3:0:0:8a2e:370:7334 => 2001:db8:85a3::8a2e:370:7334
1012001:0db8:85a3:0000:0000:8a2e:0370:7334 => 2001:db8:85a3::8a2e:370:7334
102::ffff:192.0.2.128
103::ffff:c000:0280 => ::ffff:192.0.2.128
104::1/::1
105::1/ffff:ffff:ffff:ffff:ffff:ffff:ffff:ffff => ::1/128
106::1/128
107ff00::/8
108ff00::/ff00:: => ff00::/8
109
11001:23:45:67:ab:cd
11101:23:45:67:AB:CD => 01:23:45:67:ab:cd
112fe:dc:ba:98:76:54
113FE:DC:ba:98:76:54 => fe:dc:ba:98:76:54
11401:00:00:00:00:00/01:00:00:00:00:00
115ff:ff:ff:ff:ff:ff/ff:ff:ff:ff:ff:ff
116fe:ff:ff:ff:ff:ff/ff:ff:ff:ff:ff:ff
117ff:ff:ff:ff:ff:ff/fe:ff:ff:ff:ff:ff => error("Value contains unmasked 1-bits.")
118fe:x => error("Invalid numeric constant.")
11900:01:02:03:04:x => error("Invalid numeric constant.")
120
a20c96c6 121# Test that operators are tokenized as expected, even without white space.
52c0fc39 122(){}[[]]==!=<<=>>=!&&||..,;=<->--: => ( ) { } [[ ]] == != < <= > >= ! && || .. , ; = <-> -- :
10b1662b
BP		 123& => error("`&' is only valid as part of `&&'.")
124| => error("`|' is only valid as part of `||'.")
56091efe 125- => error("`-' is only valid as part of `--'.")
10b1662b
BP		 126
127^ => error("Invalid character `^' in input.")
128])
129AT_CAPTURE_FILE([input.txt])
130sed 's/ =>.*//' test-cases.txt > input.txt
131sed 's/.* => //' test-cases.txt > expout
132AT_CHECK([ovstest test-ovn lex < input.txt], [0], [expout])
133AT_CLEANUP
e0840f11 134
7700eea0
BP		 135dnl The OVN expression parser needs to know what fields overlap with one
136dnl another. This test therefore verifies that all the smaller registers
137dnl are defined as terms of subfields of the larger ones.
138dnl
139dnl When we add or remove registers this test needs to be updated, of course.
140AT_SETUP([ovn -- registers])
141AT_CHECK([ovstest test-ovn dump-symtab | grep reg | sort], [0],
142[[reg0 = xxreg0[96..127]
143reg1 = xxreg0[64..95]
144reg2 = xxreg0[32..63]
145reg3 = xxreg0[0..31]
146reg4 = xxreg1[96..127]
147reg5 = xxreg1[64..95]
148reg6 = xxreg1[32..63]
149reg7 = xxreg1[0..31]
150reg8 = xreg4[32..63]
151reg9 = xreg4[0..31]
152xreg0 = xxreg0[64..127]
153xreg1 = xxreg0[0..63]
154xreg2 = xxreg1[64..127]
155xreg3 = xxreg1[0..63]
156xreg4 = OXM_OF_PKT_REG4
157xxreg0 = NXM_NX_XXREG0
158xxreg1 = NXM_NX_XXREG1
159]])
160AT_CLEANUP
161
2277b860
BP		 162dnl Check that the OVN conntrack field definitions are correct.
163AT_SETUP([ovn -- conntrack fields])
164AT_CHECK([ovstest test-ovn dump-symtab | grep ^ct | sort], [0],
858c2f76
GS		 165[[ct.dnat = ct_state[7]
166ct.est = ct_state[1]
2277b860
BP		 167ct.inv = ct_state[4]
168ct.new = ct_state[0]
169ct.rel = ct_state[2]
170ct.rpl = ct_state[3]
858c2f76 171ct.snat = ct_state[6]
2277b860
BP		 172ct.trk = ct_state[5]
173ct_label = NXM_NX_CT_LABEL
b73db61d 174ct_label.blocked = ct_label[0]
2277b860
BP		 175ct_mark = NXM_NX_CT_MARK
176ct_state = NXM_NX_CT_STATE
177]])
178AT_CLEANUP
179
42d36b58
AZ		 180AT_SETUP([ovn -- compsition])
181AT_CHECK([ovstest test-ovn composition 2], [0], [ignore])
182AT_CLEANUP
183
e0840f11
BP		 184AT_SETUP([ovn -- expression parser])
185dnl For lines without =>, input and expected output are identical.
186dnl For lines with =>, input precedes => and expected output follows =>.
187AT_DATA([test-cases.txt], [[
188eth.type == 0x800
189eth.type==0x800 => eth.type == 0x800
190eth.type[0..15] == 0x800 => eth.type == 0x800
191
192vlan.present
193vlan.present == 1 => vlan.present
194!(vlan.present == 0) => vlan.present
195!(vlan.present != 1) => vlan.present
196!vlan.present
197vlan.present == 0 => !vlan.present
198vlan.present != 1 => !vlan.present
199!(vlan.present == 1) => !vlan.present
200!(vlan.present != 0) => !vlan.present
201
202eth.dst[0]
203eth.dst[0] == 1 => eth.dst[0]
204eth.dst[0] != 0 => eth.dst[0]
205!(eth.dst[0] == 0) => eth.dst[0]
206!(eth.dst[0] != 1) => eth.dst[0]
207
208!eth.dst[0]
209eth.dst[0] == 0 => !eth.dst[0]
210eth.dst[0] != 1 => !eth.dst[0]
211!(eth.dst[0] == 1) => !eth.dst[0]
212!(eth.dst[0] != 0) => !eth.dst[0]
213
214vlan.tci[12..15] == 0x3
215vlan.tci == 0x3000/0xf000 => vlan.tci[12..15] == 0x3
216vlan.tci[12..15] != 0x3
217vlan.tci != 0x3000/0xf000 => vlan.tci[12..15] != 0x3
218
219!vlan.pcp => vlan.pcp == 0
220!(vlan.pcp) => vlan.pcp == 0
221vlan.pcp == 0x4
222vlan.pcp != 0x4
223vlan.pcp > 0x4
224vlan.pcp >= 0x4
225vlan.pcp < 0x4
226vlan.pcp <= 0x4
227!(vlan.pcp != 0x4) => vlan.pcp == 0x4
228!(vlan.pcp == 0x4) => vlan.pcp != 0x4
229!(vlan.pcp <= 0x4) => vlan.pcp > 0x4
230!(vlan.pcp < 0x4) => vlan.pcp >= 0x4
231!(vlan.pcp >= 0x4) => vlan.pcp < 0x4
232!(vlan.pcp > 0x4) => vlan.pcp <= 0x4
2330x4 == vlan.pcp => vlan.pcp == 0x4
2340x4 != vlan.pcp => vlan.pcp != 0x4
2350x4 < vlan.pcp => vlan.pcp > 0x4
2360x4 <= vlan.pcp => vlan.pcp >= 0x4
2370x4 > vlan.pcp => vlan.pcp < 0x4
2380x4 >= vlan.pcp => vlan.pcp <= 0x4
239!(0x4 != vlan.pcp) => vlan.pcp == 0x4
240!(0x4 == vlan.pcp) => vlan.pcp != 0x4
241!(0x4 >= vlan.pcp) => vlan.pcp > 0x4
242!(0x4 > vlan.pcp) => vlan.pcp >= 0x4
243!(0x4 <= vlan.pcp) => vlan.pcp < 0x4
244!(0x4 < vlan.pcp) => vlan.pcp <= 0x4
245
2461 < vlan.pcp < 4 => vlan.pcp > 0x1 && vlan.pcp < 0x4
2471 <= vlan.pcp <= 4 => vlan.pcp >= 0x1 && vlan.pcp <= 0x4
2481 < vlan.pcp <= 4 => vlan.pcp > 0x1 && vlan.pcp <= 0x4
2491 <= vlan.pcp < 4 => vlan.pcp >= 0x1 && vlan.pcp < 0x4
2501 <= vlan.pcp <= 4 => vlan.pcp >= 0x1 && vlan.pcp <= 0x4
2514 > vlan.pcp > 1 => vlan.pcp < 0x4 && vlan.pcp > 0x1
2524 >= vlan.pcp > 1 => vlan.pcp <= 0x4 && vlan.pcp > 0x1
2534 > vlan.pcp >= 1 => vlan.pcp < 0x4 && vlan.pcp >= 0x1
2544 >= vlan.pcp >= 1 => vlan.pcp <= 0x4 && vlan.pcp >= 0x1
255!(1 < vlan.pcp < 4) => vlan.pcp <= 0x1 || vlan.pcp >= 0x4
256!(1 <= vlan.pcp <= 4) => vlan.pcp < 0x1 || vlan.pcp > 0x4
257!(1 < vlan.pcp <= 4) => vlan.pcp <= 0x1 || vlan.pcp > 0x4
258!(1 <= vlan.pcp < 4) => vlan.pcp < 0x1 || vlan.pcp >= 0x4
259!(1 <= vlan.pcp <= 4) => vlan.pcp < 0x1 || vlan.pcp > 0x4
260!(4 > vlan.pcp > 1) => vlan.pcp >= 0x4 || vlan.pcp <= 0x1
261!(4 >= vlan.pcp > 1) => vlan.pcp > 0x4 || vlan.pcp <= 0x1
262!(4 > vlan.pcp >= 1) => vlan.pcp >= 0x4 || vlan.pcp < 0x1
263!(4 >= vlan.pcp >= 1) => vlan.pcp > 0x4 || vlan.pcp < 0x1
264
265vlan.pcp == {1, 2, 3, 4} => vlan.pcp == 0x1 || vlan.pcp == 0x2 || vlan.pcp == 0x3 || vlan.pcp == 0x4
266vlan.pcp == 1 || ((vlan.pcp == 2 || vlan.pcp == 3) || vlan.pcp == 4) => vlan.pcp == 0x1 || vlan.pcp == 0x2 || vlan.pcp == 0x3 || vlan.pcp == 0x4
267
268vlan.pcp != {1, 2, 3, 4} => vlan.pcp != 0x1 && vlan.pcp != 0x2 && vlan.pcp != 0x3 && vlan.pcp != 0x4
269vlan.pcp == 1 && ((vlan.pcp == 2 && vlan.pcp == 3) && vlan.pcp == 4) => vlan.pcp == 0x1 && vlan.pcp == 0x2 && vlan.pcp == 0x3 && vlan.pcp == 0x4
270
271vlan.pcp == 1 && !((vlan.pcp == 2 && vlan.pcp == 3) && vlan.pcp == 4) => vlan.pcp == 0x1 && (vlan.pcp != 0x2 || vlan.pcp != 0x3 || vlan.pcp != 0x4)
272vlan.pcp == 1 && (!(vlan.pcp == 2 && vlan.pcp == 3) && vlan.pcp == 4) => vlan.pcp == 0x1 && (vlan.pcp != 0x2 || vlan.pcp != 0x3) && vlan.pcp == 0x4
273vlan.pcp == 1 && !(!(vlan.pcp == 2 && vlan.pcp == 3) && vlan.pcp == 4) => vlan.pcp == 0x1 && ((vlan.pcp == 0x2 && vlan.pcp == 0x3) || vlan.pcp != 0x4)
274
275ip4.src == {10.0.0.0/8, 192.168.0.0/16, 172.16.20.0/24, 8.8.8.8} => ip4.src[24..31] == 0xa || ip4.src[16..31] == 0xc0a8 || ip4.src[8..31] == 0xac1014 || ip4.src == 0x8080808
276ip6.src == ::1 => ip6.src == 0x1
277
278ip4.src == 1.2.3.4 => ip4.src == 0x1020304
279ip4.src == ::1.2.3.4/::ffff:ffff => ip4.src == 0x1020304
280ip6.src == ::1 => ip6.src == 0x1
281
2821
2830
284!1 => 0
285!0 => 1
286
287inport == "eth0"
288!(inport != "eth0") => inport == "eth0"
289
3b7cb7e1
BP		 290ip4.src == "eth0" => Integer field ip4.src is not compatible with string constant.
291inport == 1 => String field inport is not compatible with integer constant.
76da94b5 292ip4.src = 1.2.3.4 => Syntax error at `=' expecting relational operator.
e0840f11
BP		 293
294ip4.src > {1, 2, 3} => Only == and != operators may be used with value sets.
295eth.type > 0x800 => Only == and != operators may be used with nominal field eth.type.
296vlan.present > 0 => Only == and != operators may be used with Boolean field vlan.present.
297
298inport != "eth0" => Nominal field inport may only be tested for equality (taking enclosing `!' operators into account).
299!(inport == "eth0") => Nominal field inport may only be tested for equality (taking enclosing `!' operators into account).
300eth.type != 0x800 => Nominal field eth.type may only be tested for equality (taking enclosing `!' operators into account).
301!(eth.type == 0x800) => Nominal field eth.type may only be tested for equality (taking enclosing `!' operators into account).
76da94b5 302inport = "eth0" => Syntax error at `=' expecting relational operator.
e0840f11
BP		 303
304123 == 123 => Syntax error at `123' expecting field name.
305
2c5cbb15
RB		 306$name => Syntax error at `$name' expecting address set name.
307
e0840f11
BP		 308123 == xyzzy => Syntax error at `xyzzy' expecting field name.
309xyzzy == 1 => Syntax error at `xyzzy' expecting field name.
310
311inport[1] == 1 => Cannot select subfield of string field inport.
312
313eth.type[] == 1 => Syntax error at `@:>@' expecting small integer.
314eth.type[::1] == 1 => Syntax error at `::1' expecting small integer.
315eth.type[18446744073709551615] == 1 => Syntax error at `18446744073709551615' expecting small integer.
316
317eth.type[5!] => Syntax error at `!' expecting `@:>@'.
318
319eth.type[5..1] => Invalid bit range 5 to 1.
320
321eth.type[12..16] => Cannot select bits 12 to 16 of 16-bit field eth.type.
322
323eth.type[10] == 1 => Cannot select subfield of nominal field eth.type.
324
325eth.type => Explicit `!= 0' is required for inequality test of multibit field against 0.
326
327!(!(vlan.pcp)) => Explicit `!= 0' is required for inequality test of multibit field against 0.
328
329123 => Syntax error at end of input expecting relational operator.
330
331123 x => Syntax error at `x' expecting relational operator.
332
333{1, "eth0"} => Syntax error at `"eth0"' expecting integer.
334
335eth.type == xyzzy => Syntax error at `xyzzy' expecting constant.
336
337(1 x) => Syntax error at `x' expecting `)'.
338
339!0x800 != eth.type => Missing parentheses around operand of !.
340
341eth.type == 0x800 || eth.type == 0x86dd && ip.proto == 17 => && and || must be parenthesized when used together.
342
343eth.dst == {} => Syntax error at `}' expecting constant.
344
345eth.src > 00:00:00:00:11:11/00:00:00:00:ff:ff => Only == and != operators may be used with masked constants. Consider using subfields instead (e.g. eth.src[0..15] > 0x1111 in place of eth.src > 00:00:00:00:11:11/00:00:00:00:ff:ff).
346
3b7cb7e1 347ip4.src == ::1 => 128-bit constant is not compatible with 32-bit field ip4.src.
e0840f11
BP		 348
3491 == eth.type == 2 => Range expressions must have the form `x < field < y' or `x > field > y', with each `<' optionally replaced by `<=' or `>' by `>=').
8b34ccda 350
9aef3c1b 351eth.dst[40] x => Syntax error at `x' expecting end of input.
ea382567
RB		 352
353ip4.src == {1.2.3.4, $set1, $unknownset} => Syntax error at `$unknownset' expecting address set name.
354eth.src == {$set3, badmac, 00:00:00:00:00:01} => Syntax error at `badmac' expecting constant.
e0840f11
BP		 355]])
356sed 's/ =>.*//' test-cases.txt > input.txt
357sed 's/.* => //' test-cases.txt > expout
358AT_CHECK([ovstest test-ovn parse-expr < input.txt], [0], [expout])
359AT_CLEANUP
360
361AT_SETUP([ovn -- expression annotation])
362dnl Input precedes =>, expected output follows =>.
363AT_DATA([test-cases.txt], [[
364ip4.src == 1.2.3.4 => ip4.src == 0x1020304 && eth.type == 0x800
365ip4.src != 1.2.3.4 => ip4.src != 0x1020304 && eth.type == 0x800
366ip.proto == 123 => ip.proto == 0x7b && (eth.type == 0x800 || eth.type == 0x86dd)
367ip.proto == {123, 234} => (ip.proto == 0x7b && (eth.type == 0x800 || eth.type == 0x86dd)) || (ip.proto == 0xea && (eth.type == 0x800 || eth.type == 0x86dd))
368ip4.src == 1.2.3.4 && ip4.dst == 5.6.7.8 => ip4.src == 0x1020304 && eth.type == 0x800 && ip4.dst == 0x5060708 && eth.type == 0x800
369
370ip => eth.type == 0x800 || eth.type == 0x86dd
371ip == 1 => eth.type == 0x800 || eth.type == 0x86dd
372ip[0] == 1 => eth.type == 0x800 || eth.type == 0x86dd
373ip > 0 => Only == and != operators may be used with nominal field ip.
374!ip => Nominal predicate ip may only be tested positively, e.g. `ip' or `ip == 1' but not `!ip' or `ip == 0'.
375ip == 0 => Nominal predicate ip may only be tested positively, e.g. `ip' or `ip == 1' but not `!ip' or `ip == 0'.
376
377vlan.present => vlan.tci[12]
378!vlan.present => !vlan.tci[12]
379
380!vlan.pcp => vlan.tci[13..15] == 0 && vlan.tci[12]
381vlan.pcp == 1 && vlan.vid == 2 => vlan.tci[13..15] == 0x1 && vlan.tci[12] && vlan.tci[0..11] == 0x2 && vlan.tci[12]
7700eea0 382!reg0 && !reg1 && !reg2 && !reg3 => xxreg0[96..127] == 0 && xxreg0[64..95] == 0 && xxreg0[32..63] == 0 && xxreg0[0..31] == 0
e0840f11
BP		 383
384ip.first_frag => ip.frag[0] && (eth.type == 0x800 || eth.type == 0x86dd) && (!ip.frag[1] || (eth.type != 0x800 && eth.type != 0x86dd))
385!ip.first_frag => !ip.frag[0] || (eth.type != 0x800 && eth.type != 0x86dd) || (ip.frag[1] && (eth.type == 0x800 || eth.type == 0x86dd))
386ip.later_frag => ip.frag[1] && (eth.type == 0x800 || eth.type == 0x86dd)
387
388bad_prereq != 0 => Error parsing expression `xyzzy' encountered as prerequisite or predicate of initial expression: Syntax error at `xyzzy' expecting field name.
389self_recurse != 0 => Error parsing expression `self_recurse != 0' encountered as prerequisite or predicate of initial expression: Recursive expansion of symbol `self_recurse'.
390mutual_recurse_1 != 0 => Error parsing expression `mutual_recurse_2 != 0' encountered as prerequisite or predicate of initial expression: Error parsing expression `mutual_recurse_1 != 0' encountered as prerequisite or predicate of initial expression: Recursive expansion of symbol `mutual_recurse_1'.
391mutual_recurse_2 != 0 => Error parsing expression `mutual_recurse_1 != 0' encountered as prerequisite or predicate of initial expression: Error parsing expression `mutual_recurse_2 != 0' encountered as prerequisite or predicate of initial expression: Recursive expansion of symbol `mutual_recurse_2'.
392]])
393sed 's/ =>.*//' test-cases.txt > input.txt
394sed 's/.* => //' test-cases.txt > expout
395AT_CHECK([ovstest test-ovn annotate-expr < input.txt], [0], [expout])
396AT_CLEANUP
397
9d4aecca 398AT_SETUP([ovn -- 1-term expression conversion])
e0840f11 399AT_CHECK([ovstest test-ovn exhaustive --operation=convert 1], [0],
9d4aecca 400 [Tested converting all 1-terminal expressions with 2 numeric vars (each 3 bits) in terms of operators == != < <= > >= and 2 string vars.
e0840f11
BP		 401])
402AT_CLEANUP
403
9d4aecca 404AT_SETUP([ovn -- 2-term expression conversion])
e0840f11 405AT_CHECK([ovstest test-ovn exhaustive --operation=convert 2], [0],
8c3caa2c 406 [Tested converting 578 expressions of 2 terminals with 2 numeric vars (each 3 bits) in terms of operators == != < <= > >= and 2 string vars.
e0840f11
BP		 407])
408AT_CLEANUP
409
9d4aecca 410AT_SETUP([ovn -- 3-term expression conversion])
e0840f11 411AT_CHECK([ovstest test-ovn exhaustive --operation=convert --bits=2 3], [0],
8c3caa2c 412 [Tested converting 67410 expressions of 3 terminals with 2 numeric vars (each 2 bits) in terms of operators == != < <= > >= and 2 string vars.
e0840f11
BP		 413])
414AT_CLEANUP
415
9d4aecca
BP		 416AT_SETUP([ovn -- 3-term numeric expression simplification])
417AT_CHECK([ovstest test-ovn exhaustive --operation=simplify --nvars=2 --svars=0 3], [0],
8c3caa2c 418 [Tested simplifying 490770 expressions of 3 terminals with 2 numeric vars (each 3 bits) in terms of operators == != < <= > >=.
e0840f11
BP		 419])
420AT_CLEANUP
421
9d4aecca
BP		 422AT_SETUP([ovn -- 4-term string expression simplification])
423AT_CHECK([ovstest test-ovn exhaustive --operation=simplify --nvars=0 --svars=4 4], [0],
424 [Tested simplifying 21978 expressions of 4 terminals with 4 string vars.
e0840f11
BP		 425])
426AT_CLEANUP
427
9d4aecca
BP		 428AT_SETUP([ovn -- 3-term mixed expression simplification])
429AT_CHECK([ovstest test-ovn exhaustive --operation=simplify --nvars=1 --svars=1 3], [0],
8c3caa2c 430 [Tested simplifying 127890 expressions of 3 terminals with 1 numeric vars (each 3 bits) in terms of operators == != < <= > >= and 1 string vars.
e0840f11
BP		 431])
432AT_CLEANUP
433
97ba1d55
BP		 434AT_SETUP([ovn -- simplification special cases])
435simplify() {
436 echo "$1" | ovstest test-ovn simplify-expr
437}
438AT_CHECK([simplify 'eth.dst == 0/0'], [0], [1
439])
a3d79068
BP		 440AT_CHECK([simplify 'eth.dst != 0/0'], [0], [0
441])
33f15d17
BP		 442AT_CHECK([simplify 'tcp.dst >= 0'], [0],
443 [ip.proto == 0x6 && (eth.type == 0x800 || eth.type == 0x86dd)
444])
445AT_CHECK([simplify 'tcp.dst <= 65535'], [0],
446 [ip.proto == 0x6 && (eth.type == 0x800 || eth.type == 0x86dd)
447])
448AT_CHECK([simplify 'tcp.dst > 0'], [0],
449 [[(tcp.dst[0] || tcp.dst[1] || tcp.dst[2] || tcp.dst[3] || tcp.dst[4] || tcp.dst[5] || tcp.dst[6] || tcp.dst[7] || tcp.dst[8] || tcp.dst[9] || tcp.dst[10] || tcp.dst[11] || tcp.dst[12] || tcp.dst[13] || tcp.dst[14] || tcp.dst[15]) && ip.proto == 0x6 && (eth.type == 0x800 || eth.type == 0x86dd)
450]])
451AT_CHECK([simplify 'tcp.dst < 65535'], [0],
452 [[(!tcp.dst[0] || !tcp.dst[1] || !tcp.dst[2] || !tcp.dst[3] || !tcp.dst[4] || !tcp.dst[5] || !tcp.dst[6] || !tcp.dst[7] || !tcp.dst[8] || !tcp.dst[9] || !tcp.dst[10] || !tcp.dst[11] || !tcp.dst[12] || !tcp.dst[13] || !tcp.dst[14] || !tcp.dst[15]) && ip.proto == 0x6 && (eth.type == 0x800 || eth.type == 0x86dd)
453]])
97ba1d55
BP		 454AT_CLEANUP
455
ba8d3816
MS		 456AT_SETUP([ovn -- is_chassis_resident simplification])
457simplify() {
458 echo "$1" | ovstest test-ovn simplify-expr
459}
460AT_CHECK([simplify 'is_chassis_resident("eth1")'], [0], [1
461])
462AT_CHECK([simplify 'is_chassis_resident("eth2")'], [0], [0
463])
464AT_CHECK([simplify '!is_chassis_resident("eth1")'], [0], [0
465])
466AT_CHECK([simplify '!is_chassis_resident("eth2")'], [0], [1
467])
468AT_CLEANUP
469
9d4aecca
BP		 470AT_SETUP([ovn -- 4-term numeric expression normalization])
471AT_CHECK([ovstest test-ovn exhaustive --operation=normalize --nvars=3 --svars=0 --bits=1 4], [0],
8c3caa2c 472 [Tested normalizing 1874026 expressions of 4 terminals with 3 numeric vars (each 1 bits) in terms of operators == != < <= > >=.
e0840f11
BP		 473])
474AT_CLEANUP
475
9d4aecca
BP		 476AT_SETUP([ovn -- 4-term string expression normalization])
477AT_CHECK([ovstest test-ovn exhaustive --operation=normalize --nvars=0 --svars=3 --bits=1 4], [0],
478 [Tested normalizing 11242 expressions of 4 terminals with 3 string vars.
479])
480AT_CLEANUP
481
482AT_SETUP([ovn -- 4-term mixed expression normalization])
483AT_CHECK([ovstest test-ovn exhaustive --operation=normalize --nvars=1 --bits=1 --svars=2 4], [0],
8c3caa2c 484 [Tested normalizing 175978 expressions of 4 terminals with 1 numeric vars (each 1 bits) in terms of operators == != < <= > >= and 2 string vars.
9d4aecca
BP		 485])
486AT_CLEANUP
487
488AT_SETUP([ovn -- 5-term numeric expression normalization])
489AT_CHECK([ovstest test-ovn exhaustive --operation=normalize --nvars=3 --svars=0 --bits=1 --relops='==' 5], [0],
8c3caa2c 490 [Tested normalizing 1317600 expressions of 5 terminals with 3 numeric vars (each 1 bits) in terms of operators ==.
9d4aecca
BP		 491])
492AT_CLEANUP
493
494AT_SETUP([ovn -- 5-term string expression normalization])
495AT_CHECK([ovstest test-ovn exhaustive --operation=normalize --nvars=0 --svars=3 --bits=1 --relops='==' 5], [0],
496 [Tested normalizing 368550 expressions of 5 terminals with 3 string vars.
497])
498AT_CLEANUP
499
500AT_SETUP([ovn -- 5-term mixed expression normalization])
501AT_CHECK([ovstest test-ovn exhaustive --operation=normalize --nvars=1 --svars=1 --bits=1 --relops='==' 5], [0],
8c3caa2c 502 [Tested normalizing 216000 expressions of 5 terminals with 1 numeric vars (each 1 bits) in terms of operators == and 1 string vars.
9d4aecca
BP		 503])
504AT_CLEANUP
505
506AT_SETUP([ovn -- 4-term numeric expressions to flows])
8c3caa2c 507AT_KEYWORDS([expression])
9d4aecca 508AT_CHECK([ovstest test-ovn exhaustive --operation=flow --nvars=2 --svars=0 --bits=2 --relops='==' 4], [0],
8c3caa2c 509 [Tested converting to flows 175978 expressions of 4 terminals with 2 numeric vars (each 2 bits) in terms of operators ==.
9d4aecca
BP		 510])
511AT_CLEANUP
512
513AT_SETUP([ovn -- 4-term string expressions to flows])
8c3caa2c 514AT_KEYWORDS([expression])
9d4aecca
BP		 515AT_CHECK([ovstest test-ovn exhaustive --operation=flow --nvars=0 --svars=4 4], [0],
516 [Tested converting to flows 21978 expressions of 4 terminals with 4 string vars.
517])
518AT_CLEANUP
519
520AT_SETUP([ovn -- 4-term mixed expressions to flows])
8c3caa2c 521AT_KEYWORDS([expression])
9d4aecca 522AT_CHECK([ovstest test-ovn exhaustive --operation=flow --nvars=1 --bits=2 --svars=1 --relops='==' 4], [0],
8c3caa2c 523 [Tested converting to flows 48312 expressions of 4 terminals with 1 numeric vars (each 2 bits) in terms of operators == and 1 string vars.
9d4aecca
BP		 524])
525AT_CLEANUP
526
527AT_SETUP([ovn -- 3-term numeric expressions to flows])
8c3caa2c 528AT_KEYWORDS([expression])
9d4aecca 529AT_CHECK([ovstest test-ovn exhaustive --operation=flow --nvars=3 --svars=0 --bits=3 --relops='==' 3], [0],
8c3caa2c 530 [Tested converting to flows 41328 expressions of 3 terminals with 3 numeric vars (each 3 bits) in terms of operators ==.
e0840f11
BP		 531])
532AT_CLEANUP
f386a8a7
BP		 533
534AT_SETUP([ovn -- converting expressions to flows -- string fields])
8c3caa2c 535AT_KEYWORDS([expression])
f386a8a7
BP		 536expr_to_flow () {
537 echo "$1" | ovstest test-ovn expr-to-flows | sort
538}
cc5e28d8 539AT_CHECK([expr_to_flow 'inport == "eth0"'], [0], [reg14=0x5
f386a8a7 540])
cc5e28d8 541AT_CHECK([expr_to_flow 'inport == "eth1"'], [0], [reg14=0x6
f386a8a7
BP		 542])
543AT_CHECK([expr_to_flow 'inport == "eth2"'], [0], [(no flows)
544])
545AT_CHECK([expr_to_flow 'inport == "eth0" && ip'], [0], [dnl
cc5e28d8
JP		 546ip,reg14=0x5
547ipv6,reg14=0x5
f386a8a7
BP		 548])
549AT_CHECK([expr_to_flow 'inport == "eth1" && ip'], [0], [dnl
cc5e28d8
JP		 550ip,reg14=0x6
551ipv6,reg14=0x6
f386a8a7
BP		 552])
553AT_CHECK([expr_to_flow 'inport == "eth2" && ip'], [0], [(no flows)
554])
555AT_CHECK([expr_to_flow 'inport == {"eth0", "eth1", "eth2", "LOCAL"}'], [0],
cc5e28d8
JP		 556[reg14=0x5
557reg14=0x6
558reg14=0xfffe
f386a8a7
BP		 559])
560AT_CHECK([expr_to_flow 'inport == {"eth0", "eth1", "eth2"} && ip'], [0], [dnl
cc5e28d8
JP		 561ip,reg14=0x5
562ip,reg14=0x6
563ipv6,reg14=0x5
564ipv6,reg14=0x6
f386a8a7 565])
9d4aecca
BP		 566AT_CHECK([expr_to_flow 'inport == "eth0" && inport == "eth1"'], [0], [dnl
567(no flows)
568])
f386a8a7 569AT_CLEANUP
3b7cb7e1 570
2c5cbb15 571AT_SETUP([ovn -- converting expressions to flows -- address sets])
8c3caa2c 572AT_KEYWORDS([expression])
2c5cbb15
RB		 573expr_to_flow () {
574 echo "$1" | ovstest test-ovn expr-to-flows | sort
575}
576AT_CHECK([expr_to_flow 'ip4.src == {10.0.0.1, 10.0.0.2, 10.0.0.3}'], [0], [dnl
577ip,nw_src=10.0.0.1
578ip,nw_src=10.0.0.2
579ip,nw_src=10.0.0.3
580])
581AT_CHECK([expr_to_flow 'ip4.src == $set1'], [0], [dnl
582ip,nw_src=10.0.0.1
583ip,nw_src=10.0.0.2
584ip,nw_src=10.0.0.3
585])
586AT_CHECK([expr_to_flow 'ip4.src == {1.2.3.4, $set1}'], [0], [dnl
587ip,nw_src=1.2.3.4
588ip,nw_src=10.0.0.1
589ip,nw_src=10.0.0.2
590ip,nw_src=10.0.0.3
591])
592AT_CHECK([expr_to_flow 'ip4.src == {1.2.0.0/20, 5.5.5.0/24, $set1}'], [0], [dnl
593ip,nw_src=1.2.0.0/20
594ip,nw_src=10.0.0.1
595ip,nw_src=10.0.0.2
596ip,nw_src=10.0.0.3
597ip,nw_src=5.5.5.0/24
598])
599AT_CHECK([expr_to_flow 'ip6.src == {::1, ::2, ::3}'], [0], [dnl
600ipv6,ipv6_src=::1
601ipv6,ipv6_src=::2
602ipv6,ipv6_src=::3
603])
604AT_CHECK([expr_to_flow 'ip6.src == {::1, $set2, ::4}'], [0], [dnl
605ipv6,ipv6_src=::1
606ipv6,ipv6_src=::2
607ipv6,ipv6_src=::3
608ipv6,ipv6_src=::4
609])
610AT_CHECK([expr_to_flow 'eth.src == {00:00:00:00:00:01, 00:00:00:00:00:02, 00:00:00:00:00:03}'], [0], [dnl
611dl_src=00:00:00:00:00:01
612dl_src=00:00:00:00:00:02
613dl_src=00:00:00:00:00:03
614])
615AT_CHECK([expr_to_flow 'eth.src == {$set3}'], [0], [dnl
616dl_src=00:00:00:00:00:01
617dl_src=00:00:00:00:00:02
618dl_src=00:00:00:00:00:03
619])
ea382567
RB		 620AT_CHECK([expr_to_flow 'eth.src == {00:00:00:00:00:01, $set3, ba:be:be:ef:de:ad, $set3}'], [0], [dnl
621dl_src=00:00:00:00:00:01
622dl_src=00:00:00:00:00:02
623dl_src=00:00:00:00:00:03
624dl_src=ba:be:be:ef:de:ad
625])
2c5cbb15
RB		 626AT_CLEANUP
627
3b7cb7e1 628AT_SETUP([ovn -- action parsing])
d5a76da4
BP		 629dnl Unindented text is input (a set of OVN logical actions).
630dnl Indented text is expected output.
631AT_DATA([test-cases.txt],
632[[# drop
633drop;
634 encodes as drop
635drop; next;
636 Syntax error at `next' expecting end of input.
637next; drop;
638 Syntax error at `drop' expecting action.
5f822129
BP		 639
640# output
d5a76da4
BP		 641output;
642 encodes as resubmit(,64)
5f822129
BP		 643
644# next
d5a76da4
BP		 645next;
646 formats as next(11);
647 encodes as resubmit(,27)
648next(11);
649 encodes as resubmit(,27)
650next(0);
651 encodes as resubmit(,16)
652next(15);
653 encodes as resubmit(,31)
654
655next();
656 Syntax error at `)' expecting small integer.
657next(10;
658 Syntax error at `;' expecting `)'.
659next(16);
660 "next" argument must be in range 0 to 15.
5f822129
BP		 661
662# Loading a constant value.
d5a76da4
BP		 663tcp.dst=80;
664 formats as tcp.dst = 80;
665 encodes as set_field:80->tcp_dst
666 has prereqs ip.proto == 0x6 && (eth.type == 0x800 || eth.type == 0x86dd)
667eth.dst[40] = 1;
668 encodes as set_field:01:00:00:00:00:00/01:00:00:00:00:00->eth_dst
669vlan.pcp = 2;
670 encodes as set_field:0x4000/0xe000->vlan_tci
671 has prereqs vlan.tci[12]
672vlan.tci[13..15] = 2;
673 encodes as set_field:0x4000/0xe000->vlan_tci
674inport = "";
675 encodes as set_field:0->reg14
676ip.ttl=4;
677 formats as ip.ttl = 4;
678 encodes as set_field:4->nw_ttl
679 has prereqs eth.type == 0x800 || eth.type == 0x86dd
680outport="eth0"; next; outport="LOCAL"; next;
681 formats as outport = "eth0"; next(11); outport = "LOCAL"; next(11);
682 encodes as set_field:0x5->reg15,resubmit(,27),set_field:0xfffe->reg15,resubmit(,27)
683
684inport[1] = 1;
685 Cannot select subfield of string field inport.
686ip.proto[1] = 1;
687 Cannot select subfield of nominal field ip.proto.
688eth.dst[40] == 1;
689 Syntax error at `==' expecting `=' or `<->'.
690ip = 1;
691 Predicate symbol ip used where lvalue required.
692ip.proto = 6;
693 Field ip.proto is not modifiable.
694inport = {"a", "b"};
695 Syntax error at `{' expecting constant.
696inport = {};
697 Syntax error at `{' expecting constant.
698bad_prereq = 123;
699 Error parsing expression `xyzzy' encountered as prerequisite or predicate of initial expression: Syntax error at `xyzzy' expecting field name.
700self_recurse = 123;
701 Error parsing expression `self_recurse != 0' encountered as prerequisite or predicate of initial expression: Error parsing expression `self_recurse != 0' encountered as prerequisite or predicate of initial expression: Recursive expansion of symbol `self_recurse'.
702vlan.present = 0;
703 Predicate symbol vlan.present used where lvalue required.
5f822129
BP		 704
705# Moving one field into another.
d5a76da4
BP		 706reg0=reg1;
707 formats as reg0 = reg1;
708 encodes as move:NXM_NX_XXREG0[64..95]->NXM_NX_XXREG0[96..127]
709vlan.pcp = reg0[0..2];
710 encodes as move:NXM_NX_XXREG0[96..98]->NXM_OF_VLAN_TCI[13..15]
711 has prereqs vlan.tci[12]
712reg0[10] = vlan.pcp[1];
713 encodes as move:NXM_OF_VLAN_TCI[14]->NXM_NX_XXREG0[106]
714 has prereqs vlan.tci[12]
715outport = inport;
716 encodes as move:NXM_NX_REG14[]->NXM_NX_REG15[]
717
718reg0[0] = vlan.present;
719 Predicate symbol vlan.present used where lvalue required.
720reg0 = reg1[0..10];
721 Can't assign 11-bit value to 32-bit destination.
722inport = reg0;
723 Can't assign integer field (reg0) to string field (inport).
724inport = big_string;
725 String fields inport and big_string are incompatible for assignment.
726ip.proto = reg0[0..7];
727 Field ip.proto is not modifiable.
5f822129
BP		 728
729# Exchanging fields.
d5a76da4
BP		 730reg0 <-> reg1;
731 encodes as push:NXM_NX_XXREG0[64..95],push:NXM_NX_XXREG0[96..127],pop:NXM_NX_XXREG0[64..95],pop:NXM_NX_XXREG0[96..127]
732vlan.pcp <-> reg0[0..2];
733 encodes as push:NXM_NX_XXREG0[96..98],push:NXM_OF_VLAN_TCI[13..15],pop:NXM_NX_XXREG0[96..98],pop:NXM_OF_VLAN_TCI[13..15]
734 has prereqs vlan.tci[12]
735reg0[10] <-> vlan.pcp[1];
736 encodes as push:NXM_OF_VLAN_TCI[14],push:NXM_NX_XXREG0[106],pop:NXM_OF_VLAN_TCI[14],pop:NXM_NX_XXREG0[106]
737 has prereqs vlan.tci[12]
738outport <-> inport;
739 encodes as push:NXM_NX_REG14[],push:NXM_NX_REG15[],pop:NXM_NX_REG14[],pop:NXM_NX_REG15[]
740
741reg0[0] <-> vlan.present;
742 Predicate symbol vlan.present used where lvalue required.
743reg0 <-> reg1[0..10];
744 Can't exchange 32-bit field with 11-bit field.
745inport <-> reg0;
746 Can't exchange string field (inport) with integer field (reg0).
747inport <-> big_string;
748 String fields inport and big_string are incompatible for exchange.
749ip.proto <-> reg0[0..7];
750 Field ip.proto is not modifiable.
751reg0[0..7] <-> ip.proto;
752 Field ip.proto is not modifiable.
5f822129
BP		 753
754# TTL decrement.
d5a76da4
BP		 755ip.ttl--;
756 encodes as dec_ttl
757 has prereqs ip
758ip.ttl
759 Syntax error at end of input expecting `--'.
5f822129 760
467085fd 761# load balancing.
d5a76da4
BP		 762ct_lb;
763 encodes as ct(table=27,zone=NXM_NX_REG13[0..15],nat)
764 has prereqs ip
765ct_lb();
766 formats as ct_lb;
767 encodes as ct(table=27,zone=NXM_NX_REG13[0..15],nat)
768 has prereqs ip
769ct_lb(192.168.1.2:80, 192.168.1.3:80);
770 encodes as group:1
771 has prereqs ip
772ct_lb(192.168.1.2, 192.168.1.3, );
773 formats as ct_lb(192.168.1.2, 192.168.1.3);
774 encodes as group:2
775 has prereqs ip
776
777ct_lb(192.168.1.2:);
778 Syntax error at `)' expecting port number.
779ct_lb(192.168.1.2:123456);
780 Syntax error at `123456' expecting port number.
781ct_lb(foo);
782 Syntax error at `foo' expecting IPv4 address.
783
784# ct_next
785ct_next;
786 encodes as ct(table=27,zone=NXM_NX_REG13[0..15])
787 has prereqs ip
788
789# ct_commit
790ct_commit;
791 encodes as ct(commit,zone=NXM_NX_REG13[0..15])
792 has prereqs ip
793ct_commit();
794 formats as ct_commit;
795 encodes as ct(commit,zone=NXM_NX_REG13[0..15])
796 has prereqs ip
797ct_commit(ct_mark=1);
798 formats as ct_commit(ct_mark=0x1);
799 encodes as ct(commit,zone=NXM_NX_REG13[0..15],exec(set_field:0x1->ct_mark))
800 has prereqs ip
801ct_commit(ct_mark=1/1);
802 formats as ct_commit(ct_mark=0x1/0x1);
803 encodes as ct(commit,zone=NXM_NX_REG13[0..15],exec(set_field:0x1/0x1->ct_mark))
804 has prereqs ip
805ct_commit(ct_label=1);
806 formats as ct_commit(ct_label=0x1);
807 encodes as ct(commit,zone=NXM_NX_REG13[0..15],exec(set_field:0x1->ct_label))
808 has prereqs ip
809ct_commit(ct_label=1/1);
810 formats as ct_commit(ct_label=0x1/0x1);
811 encodes as ct(commit,zone=NXM_NX_REG13[0..15],exec(set_field:0x1/0x1->ct_label))
812 has prereqs ip
813ct_commit(ct_mark=1, ct_label=2);
814 formats as ct_commit(ct_mark=0x1, ct_label=0x2);
815 encodes as ct(commit,zone=NXM_NX_REG13[0..15],exec(set_field:0x1->ct_mark,set_field:0x2->ct_label))
816 has prereqs ip
817
818ct_commit(ct_label=0x01020304050607080910111213141516);
819 formats as ct_commit(ct_label=0x1020304050607080910111213141516);
820 encodes as ct(commit,zone=NXM_NX_REG13[0..15],exec(set_field:0x1020304050607080910111213141516->ct_label))
821 has prereqs ip
822ct_commit(ct_label=0x181716151413121110090807060504030201);
823 formats as ct_commit(ct_label=0x16151413121110090807060504030201);
824 encodes as ct(commit,zone=NXM_NX_REG13[0..15],exec(set_field:0x16151413121110090807060504030201->ct_label))
825 has prereqs ip
826ct_commit(ct_label=0x1000000000000000000000000000000/0x1000000000000000000000000000000);
827 encodes as ct(commit,zone=NXM_NX_REG13[0..15],exec(set_field:0x1000000000000000000000000000000/0x1000000000000000000000000000000->ct_label))
828 has prereqs ip
829ct_commit(ct_label=18446744073709551615);
830 formats as ct_commit(ct_label=0xffffffffffffffff);
831 encodes as ct(commit,zone=NXM_NX_REG13[0..15],exec(set_field:0xffffffffffffffff->ct_label))
832 has prereqs ip
833ct_commit(ct_label=18446744073709551616);
834 Decimal constants must be less than 2**64.
835
836# ct_dnat
837ct_dnat;
838 encodes as ct(table=27,zone=NXM_NX_REG11[0..15],nat)
839 has prereqs ip
840ct_dnat(192.168.1.2);
841 encodes as ct(commit,table=27,zone=NXM_NX_REG11[0..15],nat(dst=192.168.1.2))
842 has prereqs ip
843
844ct_dnat(192.168.1.2, 192.168.1.3);
845 Syntax error at `,' expecting `)'.
846ct_dnat(foo);
847 Syntax error at `foo' expecting IPv4 address.
848ct_dnat(foo, bar);
849 Syntax error at `foo' expecting IPv4 address.
850ct_dnat();
851 Syntax error at `)' expecting IPv4 address.
852
853# ct_snat
854ct_snat;
855 encodes as ct(zone=NXM_NX_REG12[0..15],nat)
856 has prereqs ip
857ct_snat(192.168.1.2);
858 encodes as ct(commit,table=27,zone=NXM_NX_REG12[0..15],nat(src=192.168.1.2))
859 has prereqs ip
860
861ct_snat(192.168.1.2, 192.168.1.3);
862 Syntax error at `,' expecting `)'.
863ct_snat(foo);
864 Syntax error at `foo' expecting IPv4 address.
865ct_snat(foo, bar);
866 Syntax error at `foo' expecting IPv4 address.
867ct_snat();
868 Syntax error at `)' expecting IPv4 address.
de297547 869
6335d074 870# arp
8a41ad8e
BP		 871arp { eth.dst = ff:ff:ff:ff:ff:ff; output; }; output;
872 encodes as controller(userdata=00.00.00.00.00.00.00.00.00.19.00.10.80.00.06.06.ff.ff.ff.ff.ff.ff.00.00.ff.ff.00.10.00.00.23.20.00.0e.ff.f8.40.00.00.00),resubmit(,64)
d5a76da4 873 has prereqs ip4
bac29564
BP		 874arp { };
875 formats as arp { drop; };
876 encodes as controller(userdata=00.00.00.00.00.00.00.00)
877 has prereqs ip4
6335d074 878
0bac7164 879# get_arp
d5a76da4
BP		 880get_arp(outport, ip4.dst);
881 encodes as push:NXM_NX_REG0[],push:NXM_OF_IP_DST[],pop:NXM_NX_REG0[],set_field:00:00:00:00:00:00->eth_dst,resubmit(,65),pop:NXM_NX_REG0[]
882 has prereqs eth.type == 0x800
883get_arp(inport, reg0);
884 encodes as push:NXM_NX_REG15[],push:NXM_NX_REG0[],push:NXM_NX_XXREG0[96..127],push:NXM_NX_REG14[],pop:NXM_NX_REG15[],pop:NXM_NX_REG0[],set_field:00:00:00:00:00:00->eth_dst,resubmit(,65),pop:NXM_NX_REG0[],pop:NXM_NX_REG15[]
885
886get_arp;
887 Syntax error at `;' expecting `('.
888get_arp();
889 Syntax error at `)' expecting field name.
890get_arp(inport);
891 Syntax error at `)' expecting `,'.
892get_arp(inport ip4.dst);
893 Syntax error at `ip4.dst' expecting `,'.
894get_arp(inport, ip4.dst;
895 Syntax error at `;' expecting `)'.
896get_arp(inport, eth.dst);
897 Cannot use 48-bit field eth.dst[0..47] where 32-bit field is required.
898get_arp(inport, outport);
899 Cannot use string field outport where numeric field is required.
900get_arp(reg0, ip4.dst);
901 Cannot use numeric field reg0 where string field is required.
0bac7164
BP		 902
903# put_arp
d5a76da4
BP		 904put_arp(inport, arp.spa, arp.sha);
905 encodes as push:NXM_NX_REG0[],push:NXM_OF_ETH_SRC[],push:NXM_NX_ARP_SHA[],push:NXM_OF_ARP_SPA[],pop:NXM_NX_REG0[],pop:NXM_OF_ETH_SRC[],controller(userdata=00.00.00.01.00.00.00.00),pop:NXM_OF_ETH_SRC[],pop:NXM_NX_REG0[]
906 has prereqs eth.type == 0x806 && eth.type == 0x806
0bac7164 907
42814145 908# put_dhcp_opts
d5a76da4
BP		 909reg1[0] = put_dhcp_opts(offerip = 1.2.3.4, router = 10.0.0.1);
910 encodes as controller(userdata=00.00.00.02.00.00.00.00.00.01.de.10.00.00.00.40.01.02.03.04.03.04.0a.00.00.01,pause)
911reg2[5] = put_dhcp_opts(offerip=10.0.0.4,router=10.0.0.1,netmask=255.255.254.0,mtu=1400,domain="ovn.org");
912 formats as reg2[5] = put_dhcp_opts(offerip = 10.0.0.4, router = 10.0.0.1, netmask = 255.255.254.0, mtu = 1400, domain = "ovn.org");
913 encodes as controller(userdata=00.00.00.02.00.00.00.00.00.01.de.10.00.00.00.25.0a.00.00.04.03.04.0a.00.00.01.01.04.ff.ff.fe.00.1a.02.05.78.0f.07.6f.76.6e.2e.6f.72.67,pause)
914reg0[15] = put_dhcp_opts(offerip=10.0.0.4,router=10.0.0.1,netmask=255.255.255.0,mtu=1400,ip_forward_enable=1,default_ttl=121,dns_server={8.8.8.8,7.7.7.7},classless_static_route={30.0.0.0/24,10.0.0.4,40.0.0.0/16,10.0.0.6,0.0.0.0/0,10.0.0.1},ethernet_encap=1,router_discovery=0);
915 formats as reg0[15] = put_dhcp_opts(offerip = 10.0.0.4, router = 10.0.0.1, netmask = 255.255.255.0, mtu = 1400, ip_forward_enable = 1, default_ttl = 121, dns_server = {8.8.8.8, 7.7.7.7}, classless_static_route = {30.0.0.0/24, 10.0.0.4, 40.0.0.0/16, 10.0.0.6, 0.0.0.0/0, 10.0.0.1}, ethernet_encap = 1, router_discovery = 0);
916 encodes as controller(userdata=00.00.00.02.00.00.00.00.00.01.de.10.00.00.00.6f.0a.00.00.04.03.04.0a.00.00.01.01.04.ff.ff.ff.00.1a.02.05.78.13.01.01.17.01.79.06.08.08.08.08.08.07.07.07.07.79.14.18.1e.00.00.0a.00.00.04.10.28.00.0a.00.00.06.00.0a.00.00.01.24.01.01.1f.01.00,pause)
917
918reg1[0..1] = put_dhcp_opts(offerip = 1.2.3.4, router = 10.0.0.1);
919 Cannot use 2-bit field reg1[0..1] where 1-bit field is required.
920reg1[0] = put_dhcp_opts();
921 put_dhcp_opts requires offerip to be specified.
922reg1[0] = put_dhcp_opts(x = 1.2.3.4, router = 10.0.0.1);
923 Syntax error at `x' expecting DHCPv4 option name.
924reg1[0] = put_dhcp_opts(router = 10.0.0.1);
925 put_dhcp_opts requires offerip to be specified.
926reg1[0] = put_dhcp_opts(offerip=1.2.3.4, "hi");
927 Syntax error at `"hi"'.
928reg1[0] = put_dhcp_opts(offerip=1.2.3.4, xyzzy);
929 Syntax error at `xyzzy' expecting DHCPv4 option name.
930reg1[0] = put_dhcp_opts(offerip="xyzzy");
931 DHCPv4 option offerip requires numeric value.
932reg1[0] = put_dhcp_opts(offerip=1.2.3.4, domain=1.2.3.4);
933 DHCPv4 option domain requires string value.
42814145 934
f8a8db39 935# nd_na
d5a76da4
BP		 936nd_na { eth.src = 12:34:56:78:9a:bc; nd.tll = 12:34:56:78:9a:bc; outport = inport; inport = ""; /* Allow sending out inport. */ output; };
937 formats as nd_na { eth.src = 12:34:56:78:9a:bc; nd.tll = 12:34:56:78:9a:bc; outport = inport; inport = ""; output; };
938 encodes as controller(userdata=00.00.00.03.00.00.00.00.00.19.00.10.80.00.08.06.12.34.56.78.9a.bc.00.00.00.19.00.10.80.00.42.06.12.34.56.78.9a.bc.00.00.ff.ff.00.18.00.00.23.20.00.06.00.20.00.00.00.00.00.01.1c.04.00.01.1e.04.00.19.00.10.00.01.1c.04.00.00.00.00.00.00.00.00.ff.ff.00.10.00.00.23.20.00.0e.ff.f8.40.00.00.00)
939 has prereqs nd_ns
e75451fe 940
c34a87b6 941# get_nd
d5a76da4
BP		 942get_nd(outport, ip6.dst);
943 encodes as push:NXM_NX_XXREG0[],push:NXM_NX_IPV6_DST[],pop:NXM_NX_XXREG0[],set_field:00:00:00:00:00:00->eth_dst,resubmit(,65),pop:NXM_NX_XXREG0[]
944 has prereqs eth.type == 0x86dd
945get_nd(inport, xxreg0);
946 encodes as push:NXM_NX_REG15[],push:NXM_NX_REG14[],pop:NXM_NX_REG15[],set_field:00:00:00:00:00:00->eth_dst,resubmit(,65),pop:NXM_NX_REG15[]
947get_nd;
948 Syntax error at `;' expecting `('.
949get_nd();
950 Syntax error at `)' expecting field name.
951get_nd(inport);
952 Syntax error at `)' expecting `,'.
953get_nd(inport ip6.dst);
954 Syntax error at `ip6.dst' expecting `,'.
955get_nd(inport, ip6.dst;
956 Syntax error at `;' expecting `)'.
957get_nd(inport, eth.dst);
958 Cannot use 48-bit field eth.dst[0..47] where 128-bit field is required.
959get_nd(inport, outport);
960 Cannot use string field outport where numeric field is required.
961get_nd(xxreg0, ip6.dst);
962 Cannot use numeric field xxreg0 where string field is required.
c34a87b6
JP		 963
964# put_nd
d5a76da4
BP		 965put_nd(inport, nd.target, nd.sll);
966 encodes as push:NXM_NX_XXREG0[],push:NXM_OF_ETH_SRC[],push:NXM_NX_ND_SLL[],push:NXM_NX_ND_TARGET[],pop:NXM_NX_XXREG0[],pop:NXM_OF_ETH_SRC[],controller(userdata=00.00.00.04.00.00.00.00),pop:NXM_OF_ETH_SRC[],pop:NXM_NX_XXREG0[]
967 has prereqs ((icmp6.type == 0x87 && eth.type == 0x86dd && ip.proto == 0x3a && (eth.type == 0x800 || eth.type == 0x86dd)) || (icmp6.type == 0x88 && eth.type == 0x86dd && ip.proto == 0x3a && (eth.type == 0x800 || eth.type == 0x86dd))) && icmp6.code == 0 && eth.type == 0x86dd && ip.proto == 0x3a && (eth.type == 0x800 || eth.type == 0x86dd) && ip.ttl == 0xff && (eth.type == 0x800 || eth.type == 0x86dd) && icmp6.type == 0x87 && eth.type == 0x86dd && ip.proto == 0x3a && (eth.type == 0x800 || eth.type == 0x86dd) && icmp6.code == 0 && eth.type == 0x86dd && ip.proto == 0x3a && (eth.type == 0x800 || eth.type == 0x86dd) && ip.ttl == 0xff && (eth.type == 0x800 || eth.type == 0x86dd)
c34a87b6 968
01cfdb2f 969# put_dhcpv6_opts
d5a76da4 970reg1[0] = put_dhcpv6_opts(ia_addr = ae70::4, server_id = 00:00:00:00:10:02);
a55dacac 971 encodes as controller(userdata=00.00.00.05.00.00.00.00.00.01.de.10.00.00.00.40.00.05.00.10.ae.70.00.00.00.00.00.00.00.00.00.00.00.00.00.04.00.02.00.06.00.00.00.00.10.02,pause)
d5a76da4
BP		 972reg1[0] = put_dhcpv6_opts();
973 encodes as controller(userdata=00.00.00.05.00.00.00.00.00.01.de.10.00.00.00.40,pause)
974reg1[0] = put_dhcpv6_opts(dns_server={ae70::1,ae70::2});
975 formats as reg1[0] = put_dhcpv6_opts(dns_server = {ae70::1, ae70::2});
a55dacac 976 encodes as controller(userdata=00.00.00.05.00.00.00.00.00.01.de.10.00.00.00.40.00.17.00.20.ae.70.00.00.00.00.00.00.00.00.00.00.00.00.00.01.ae.70.00.00.00.00.00.00.00.00.00.00.00.00.00.02,pause)
40df4566
ZKL		 977reg1[0] = put_dhcpv6_opts(server_id=12:34:56:78:9a:bc, dns_server={ae70::1,ae89::2});
978 formats as reg1[0] = put_dhcpv6_opts(server_id = 12:34:56:78:9a:bc, dns_server = {ae70::1, ae89::2});
a55dacac 979 encodes as controller(userdata=00.00.00.05.00.00.00.00.00.01.de.10.00.00.00.40.00.02.00.06.12.34.56.78.9a.bc.00.17.00.20.ae.70.00.00.00.00.00.00.00.00.00.00.00.00.00.01.ae.89.00.00.00.00.00.00.00.00.00.00.00.00.00.02,pause)
d5a76da4 980reg1[0] = put_dhcpv6_opts(domain_search = "ovn.org");
a55dacac 981 encodes as controller(userdata=00.00.00.05.00.00.00.00.00.01.de.10.00.00.00.40.00.18.00.07.6f.76.6e.2e.6f.72.67,pause)
d5a76da4
BP		 982reg1[0] = put_dhcpv6_opts(x = 1.2.3.4);
983 Syntax error at `x' expecting DHCPv6 option name.
984reg1[0] = put_dhcpv6_opts(ia_addr=ae70::4, "hi");
985 Syntax error at `"hi"'.
986reg1[0] = put_dhcpv6_opts(ia_addr=ae70::4, xyzzy);
987 Syntax error at `xyzzy' expecting DHCPv6 option name.
988reg1[0] = put_dhcpv6_opts(ia_addr="ae70::4");
989 DHCPv6 option ia_addr requires numeric value.
990reg1[0] = put_dhcpv6_opts(ia_addr=ae70::4, domain_search=ae70::1);
991 DHCPv6 option domain_search requires string value.
01cfdb2f 992
a6095f81
BS		 993# set_queue
994set_queue(0);
995 encodes as set_queue:0
996set_queue(61440);
997 encodes as set_queue:61440
998set_queue(65535);
999 Queue ID 65535 for set_queue is not in valid range 0 to 61440.
1000
5f822129 1001# Contradictionary prerequisites (allowed but not useful):
d5a76da4
BP		 1002ip4.src = ip6.src[0..31];
1003 encodes as move:NXM_NX_IPV6_SRC[0..31]->NXM_OF_IP_SRC[]
1004 has prereqs eth.type == 0x800 && eth.type == 0x86dd
1005ip4.src <-> ip6.src[0..31];
1006 encodes as push:NXM_NX_IPV6_SRC[0..31],push:NXM_OF_IP_SRC[],pop:NXM_NX_IPV6_SRC[0..31],pop:NXM_OF_IP_SRC[]
1007 has prereqs eth.type == 0x800 && eth.type == 0x86dd
1008
1009# Miscellaneous negative tests.
1010;
1011 Syntax error at `;'.
1012xyzzy;
1013 Syntax error at `xyzzy' expecting action.
1014next; 123;
1015 Syntax error at `123'.
1016next; xyzzy;
1017 Syntax error at `xyzzy' expecting action.
1018next
9aef3c1b 1019 Syntax error at end of input expecting `;'.
3b7cb7e1 1020]])
d5a76da4
BP		 1021sed '/^[[ ]]/d' test-cases.txt > input.txt
1022cp test-cases.txt expout
3b7cb7e1
BP		 1023AT_CHECK([ovstest test-ovn parse-actions < input.txt], [0], [expout])
1024AT_CLEANUP
f295c17b
BP		 1025
1026AT_BANNER([OVN end-to-end tests])
1027
9975d7be
BP		 1028# 3 hypervisors, one logical switch, 3 logical ports per hypervisor
1029AT_SETUP([ovn -- 3 HVs, 1 LS, 3 lports/HV])
57d143eb 1030AT_KEYWORDS([ovnarp])
f295c17b
BP		 1031AT_SKIP_IF([test $HAVE_PYTHON = no])
1032ovn_start
1033
1034# Create hypervisors hv[123].
9975d7be 1035# Add vif1[123] to hv1, vif2[123] to hv2, vif3[123] to hv3.
f295c17b
BP		 1036# Add all of the vifs to a single logical switch lsw0.
1037# Turn on port security on all the vifs except vif[123]1.
1038# Make vif13, vif2[23], vif3[123] destinations for unknown MACs.
1039# Add some ACLs for Ethertypes 1234, 1235, 1236.
ea46a4e9 1040ovn-nbctl ls-add lsw0
f295c17b
BP		 1041net_add n1
1042for i in 1 2 3; do
1043 sim_add hv$i
1044 as hv$i
1045 ovs-vsctl add-br br-phys
1046 ovn_attach n1 br-phys 192.168.0.$i
1047
1048 for j in 1 2 3; do
1049 ovs-vsctl add-port br-int vif$i$j -- set Interface vif$i$j external-ids:iface-id=lp$i$j options:tx_pcap=hv$i/vif$i$j-tx.pcap options:rxq_pcap=hv$i/vif$i$j-rx.pcap ofport-request=$i$j
31ed1192 1050 ovn-nbctl lsp-add lsw0 lp$i$j
4d5c43d5 1051 if test $j = 1; then
31ed1192 1052 ovn-nbctl lsp-set-addresses lp$i$j "f0:00:00:00:00:$i$j 192.168.0.$i$j" unknown
f295c17b 1053 else
7dc88496
NS		 1054 if test $j = 3; then
1055 ip_addrs="192.168.0.$i$j fe80::ea2a:eaff:fe28:$i$j/64 192.169.0.$i$j"
1056 else
1057 ip_addrs="192.168.0.$i$j"
1058 fi
31ed1192
JP		 1059 ovn-nbctl lsp-set-addresses lp$i$j "f0:00:00:00:00:$i$j $ip_addrs"
1060 ovn-nbctl lsp-set-port-security lp$i$j f0:00:00:00:00:$i$j
f295c17b
BP		 1061 fi
1062 done
1063done
1064ovn-nbctl acl-add lsw0 from-lport 1000 'eth.type == 0x1234' drop
1065ovn-nbctl acl-add lsw0 from-lport 1000 'eth.type == 0x1235 && inport == "lp11"' drop
1066ovn-nbctl acl-add lsw0 to-lport 1000 'eth.type == 0x1236 && outport == "lp33"' drop
ea382567
RB		 1067ovn-nbctl create Address_Set name=set1 addresses=\"f0:00:00:00:00:11\",\"f0:00:00:00:00:21\",\"f0:00:00:00:00:31\"
1068ovn-nbctl acl-add lsw0 to-lport 1000 'eth.type == 0x1237 && eth.src == $set1 && outport == "lp33"' drop
f295c17b
BP		 1069
1070# Pre-populate the hypervisors' ARP tables so that we don't lose any
1071# packets for ARP resolution (native tunneling doesn't queue packets
1072# for ARP resolution).
1073ovn_populate_arp
1074
1075# Allow some time for ovn-northd and ovn-controller to catch up.
1076# XXX This should be more systematic.
1077sleep 1
611099dc 1078
fc6f9978
HZ		 1079# Make sure there is no attempt to adding duplicated flows by ovn-controller
1080AT_FAIL_IF([test -n "`grep duplicate hv1/ovn-controller.log`"])
1081AT_FAIL_IF([test -n "`grep duplicate hv2/ovn-controller.log`"])
1082AT_FAIL_IF([test -n "`grep duplicate hv3/ovn-controller.log`"])
1083
57d143eb
HZ		 1084# Given the name of a logical port, prints the name of the hypervisor
1085# on which it is located.
1086vif_to_hv() {
1087 echo hv${1%?}
1088}
1089
f295c17b
BP		 1090# test_packet INPORT DST SRC ETHTYPE OUTPORT...
1091#
1092# This shell function causes a packet to be received on INPORT. The packet's
1093# content has Ethernet destination DST and source SRC (each exactly 12 hex
1094# digits) and Ethernet type ETHTYPE (4 hex digits). The OUTPORTs (zero or
1095# more) list the VIFs on which the packet should be received. INPORT and the
31ed1192 1096# OUTPORTs are specified as logical switch port numbers, e.g. 11 for vif11.
f295c17b
BP		 1097for i in 1 2 3; do
1098 for j in 1 2 3; do
1099 : > $i$j.expected
1100 done
1101done
1102test_packet() {
1103 local inport=$1 packet=$2$3$4; shift; shift; shift; shift
57d143eb 1104 hv=`vif_to_hv $inport`
f295c17b
BP		 1105 vif=vif$inport
1106 as $hv ovs-appctl netdev-dummy/receive $vif $packet
1107 for outport; do
e4543cfe 1108 echo $packet >> $outport.expected
f295c17b
BP		 1109 done
1110}
1111
57d143eb
HZ		 1112# test_arp INPORT SHA SPA TPA [REPLY_HA]
1113#
1114# Causes a packet to be received on INPORT. The packet is an ARP
1115# request with SHA, SPA, and TPA as specified. If REPLY_HA is provided, then
1116# it should be the hardware address of the target to expect to receive in an
1117# ARP reply; otherwise no reply is expected.
1118#
31ed1192 1119# INPORT is an logical switch port number, e.g. 11 for vif11.
57d143eb
HZ		 1120# SHA and REPLY_HA are each 12 hex digits.
1121# SPA and TPA are each 8 hex digits.
1122test_arp() {
1123 local inport=$1 sha=$2 spa=$3 tpa=$4 reply_ha=$5
1124 local request=ffffffffffff${sha}08060001080006040001${sha}${spa}ffffffffffff${tpa}
1125 hv=`vif_to_hv $inport`
1126 as $hv ovs-appctl netdev-dummy/receive vif$inport $request
1127
92f9822b 1128 if test X$reply_ha = X; then
57d143eb
HZ		 1129 # Expect to receive the broadcast ARP on the other logical switch ports
1130 # if no reply is expected.
1131 local i j
1132 for i in 1 2 3; do
1133 for j in 1 2 3; do
1134 if test $i$j != $inport; then
1135 echo $request >> $i$j.expected
1136 fi
1137 done
1138 done
1139 else
1140 # Expect to receive the reply, if any.
1141 local reply=${sha}${reply_ha}08060001080006040002${reply_ha}${tpa}${sha}${spa}
1142 echo $reply >> $inport.expected
1143 fi
1144}
1145
1146ip_to_hex() {
1147 printf "%02x%02x%02x%02x" "$@"
1148}
1149
f295c17b
BP		 1150# Send packets between all pairs of source and destination ports:
1151#
31ed1192
JP		 1152# 1. Unicast packets are delivered to exactly one logical switch port
1153# (except that packets destined to their input ports are dropped).
f295c17b 1154#
31ed1192
JP		 1155# 2. Broadcast and multicast are delivered to all logical switch ports
1156# except the input port.
f295c17b 1157#
ea46a4e9 1158# 3. When port security is turned on, the switch drops packets from the wrong
f295c17b
BP		 1159# MAC address.
1160#
ea46a4e9 1161# 4. The switch drops all packets with a VLAN tag.
f295c17b 1162#
ea46a4e9 1163# 5. The switch drops all packets with a multicast source address. (This only
f295c17b
BP		 1164# affects behavior when port security is turned off, since otherwise port
1165# security would drop the packet anyway.)
1166#
ea46a4e9 1167# 6. The switch delivers packets with an unknown destination to logical
31ed1192
JP		 1168# switch ports with "unknown" among their MAC addresses (and port
1169# security disabled).
f295c17b 1170#
ea46a4e9 1171# 7. The switch drops unicast packets that violate an ACL.
f295c17b 1172#
ea46a4e9 1173# 8. The switch drops multicast and broadcast packets that violate an ACL.
57d143eb 1174#
9fcb6a18
BP		 1175# 9. OVN generates responses to ARP requests for known IPs, except for
1176# requests from a port for the port's own IP.
57d143eb
HZ		 1177#
1178# 10. No response to ARP requests for unknown IPs.
4acd1e87 1179
f295c17b
BP		 1180for is in 1 2 3; do
1181 for js in 1 2 3; do
1182 s=$is$js
1183 bcast=
4d5c43d5
JP		 1184 unknown=
1185 bacl2=
1186 bacl3=
f295c17b
BP		 1187 for id in 1 2 3; do
1188 for jd in 1 2 3; do
1189 d=$id$jd
1190
1191 if test $d != $s; then unicast=$d; else unicast=; fi
1192 test_packet $s f000000000$d f000000000$s $s$d $unicast #1
1193
1194 if test $d != $s && test $js = 1; then
4d5c43d5
JP		 1195 impersonate=$d
1196 else
1197 impersonate=
1198 fi
f295c17b
BP		 1199 test_packet $s f000000000$d f00000000055 55$d $impersonate #3
1200
4d5c43d5
JP		 1201 if test $d != $s && test $s != 11; then acl2=$d; else acl2=; fi
1202 if test $d != $s && test $d != 33; then acl3=$d; else acl3=; fi
e137131a 1203 if test $d = $s || (test $js = 1 && test $d = 33); then
ea382567
RB		 1204 # Source of 11, 21, or 31 and dest of 33 should be dropped
1205 # due to the 4th ACL that uses address_set(set1).
1206 acl4=
1207 else
1208 acl4=$d
1209 fi
f295c17b
BP		 1210 test_packet $s f000000000$d f000000000$s 1234 #7, acl1
1211 test_packet $s f000000000$d f000000000$s 1235 $acl2 #7, acl2
1212 test_packet $s f000000000$d f000000000$s 1236 $acl3 #7, acl3
ea382567 1213 test_packet $s f000000000$d f000000000$s 1237 $acl4 #7, acl4
f295c17b
BP		 1214
1215 test_packet $s f000000000$d f00000000055 810000091234 #4
1216 test_packet $s f000000000$d 0100000000$s $s$d #5
1217
4d5c43d5
JP		 1218 if test $d != $s && test $jd = 1; then
1219 unknown="$unknown $d"
1220 fi
f295c17b
BP		 1221 bcast="$bcast $unicast"
1222 bacl2="$bacl2 $acl2"
1223 bacl3="$bacl3 $acl3"
57d143eb
HZ		 1224
1225 sip=`ip_to_hex 192 168 0 $i$j`
1226 tip=`ip_to_hex 192 168 0 $id$jd`
1227 tip_unknown=`ip_to_hex 11 11 11 11`
9fcb6a18
BP		 1228 if test $d != $s; then
1229 reply_ha=f000000000$d
1230 else
1231 reply_ha=
1232 fi
1233 test_arp $s f000000000$s $sip $tip $reply_ha #9
57d143eb 1234 test_arp $s f000000000$s $sip $tip_unknown #10
7dc88496
NS		 1235
1236 if test $jd = 3; then
31ed1192 1237 # lsp[123]3 has an additional ip 192.169.0.[123]3.
7dc88496 1238 tip=`ip_to_hex 192 169 0 $id$jd`
9fcb6a18 1239 test_arp $s f000000000$s $sip $tip $reply_ha #9
7dc88496 1240 fi
f295c17b
BP		 1241 done
1242 done
1243
4d5c43d5 1244 # Broadcast and multicast.
f295c17b
BP		 1245 test_packet $s ffffffffffff f000000000$s ${s}ff $bcast #2
1246 test_packet $s 010000000000 f000000000$s ${s}ff $bcast #2
4d5c43d5 1247 if test $js = 1; then
f295c17b
BP		 1248 bcast_impersonate=$bcast
1249 else
4d5c43d5
JP		 1250 bcast_impersonate=
1251 fi
f295c17b
BP		 1252 test_packet $s 010000000000 f00000000044 44ff $bcast_impersonate #3
1253
1254 test_packet $s f0000000ffff f000000000$s ${s}66 $unknown #6
1255
1256 test_packet $s ffffffffffff f000000000$s 1234 #8, acl1
1257 test_packet $s ffffffffffff f000000000$s 1235 $bacl2 #8, acl2
1258 test_packet $s ffffffffffff f000000000$s 1236 $bacl3 #8, acl3
1259 test_packet $s 010000000000 f000000000$s 1234 #8, acl1
1260 test_packet $s 010000000000 f000000000$s 1235 $bacl2 #8, acl2
1261 test_packet $s 010000000000 f000000000$s 1236 $bacl3 #8, acl3
1262 done
1263done
1264
7dc88496
NS		 1265# set address for lp13 with invalid characters.
1266# lp13 should be configured with only 192.168.0.13.
31ed1192 1267ovn-nbctl lsp-set-addresses lp13 "f0:00:00:00:00:13 192.168.0.13 invalid 192.169.0.13"
3b8cd0ea
BP		 1268
1269# Allow some time for ovn-northd and ovn-controller to catch up.
1270# XXX This should be more systematic.
1271sleep 1
1272
7dc88496
NS		 1273sip=`ip_to_hex 192 168 0 11`
1274tip=`ip_to_hex 192 168 0 13`
1275test_arp 11 f00000000011 $sip $tip f00000000013
1276
1277tip=`ip_to_hex 192 169 0 13`
1278#arp request for 192.169.0.13 should be flooded
1279test_arp 11 f00000000011 $sip $tip
1280
91125642 1281# dump information and flows with counters
bb0c41d3
RM		 1282ovn-sbctl dump-flows -- list multicast_group
1283
1284echo "------ hv1 dump ------"
1285as hv1 ovs-vsctl show
1286as hv1 ovs-ofctl -O OpenFlow13 dump-flows br-int
1287
1288echo "------ hv2 dump ------"
1289as hv2 ovs-vsctl show
1290as hv2 ovs-ofctl -O OpenFlow13 dump-flows br-int
1291
1292echo "------ hv3 dump ------"
1293as hv3 ovs-vsctl show
1294as hv3 ovs-ofctl -O OpenFlow13 dump-flows br-int
49d7c759 1295
f295c17b
BP		 1296# Now check the packets actually received against the ones expected.
1297for i in 1 2 3; do
1298 for j in 1 2 3; do
49d7c759 1299 OVN_CHECK_PACKETS([hv$i/vif$i$j-tx.pcap], [$i$j.expected])
f295c17b
BP		 1300 done
1301done
fcde56f5 1302
7a8f15e0 1303OVN_CLEANUP([hv1],[hv2],[hv3])
d9c8c57c 1304
f295c17b 1305AT_CLEANUP
eb6b08eb 1306
4acd1e87
BP		 1307AT_SETUP([ovn -- trace 1 LS, 3 LSPs])
1308AT_SKIP_IF([test $HAVE_PYTHON = no])
1309ovn_start
1310
1311# Create a logical switch and some logical ports.
1312# Turn on port security on all lports except ls1.
1313# Make ls1 a destination for unknown MACs.
1314# Add some ACLs for Ethertypes 1234, 1235, 1236.
1315ovn-nbctl ls-add lsw0
1316ovn-sbctl chassis-add hv0 geneve 127.0.0.1
1317for i in 1 2 3; do
1318 ovn-nbctl lsp-add lsw0 lp$i
7979c444
BP		 1319done
1320ovn-nbctl --wait=sb sync
1321for i in 1 2 3; do
4acd1e87
BP		 1322 ovn-sbctl lsp-bind lp$i hv0
1323 if test $i = 1; then
abb37b6b 1324 ovn-nbctl lsp-set-addresses lp$i "f0:00:00:00:00:0$i 192.168.0.$i" unknown
4acd1e87 1325 else
abb37b6b
FF		 1326 if test $i = 3; then
1327 ip_addrs="192.168.0.$i fe80::ea2a:eaff:fe28:$i/64 192.169.0.$i"
1328 else
1329 ip_addrs="192.168.0.$i"
1330 fi
1331 ovn-nbctl lsp-set-addresses lp$i "f0:00:00:00:00:$i $ip_addrs"
1332 ovn-nbctl lsp-set-port-security lp$i f0:00:00:00:00:$i
4acd1e87
BP		 1333 fi
1334done
1335ovn-nbctl acl-add lsw0 from-lport 1000 'eth.type == 0x1234' drop
1336ovn-nbctl acl-add lsw0 from-lport 1000 'eth.type == 0x1235 && inport == "lp1"' drop
1337ovn-nbctl acl-add lsw0 to-lport 1000 'eth.type == 0x1236 && outport == "lp3"' drop
1338ovn-nbctl create Address_Set name=set1 addresses=\"f0:00:00:00:00:01\",\"f0:00:00:00:00:02\"
1339ovn-nbctl acl-add lsw0 to-lport 1000 'eth.type == 0x1237 && eth.src == $set1 && outport == "lp3"' drop
1340
1341ovn-nbctl --wait=sb sync
1342on_exit 'kill `cat ovn-trace.pid`'
1343ovn-trace --detach --pidfile --no-chdir
1344
1345# test_packet INPORT DST SRC [-vlan] [-eth TYPE] OUTPORT...
1346#
1347# This shell function causes a packet to be received on INPORT. The packet's
1348# content has Ethernet destination DST and source SRC (each exactly 12 hex
1349# digits) and Ethernet type ETHTYPE (4 hex digits). The OUTPORTs (zero or
1350# more) list the VIFs on which the packet should be received. INPORT and the
1351# OUTPORTs are specified as logical switch port numbers, e.g. 11 for vif11.
1352test_packet() {
1353 local inport=$1 eth_dst=$2 eth_src=$3; shift; shift; shift
1354 uflow="inport==\"lp$inport\" && eth.dst==$eth_dst && eth.src==$eth_src"
1355 while :; do
abb37b6b
FF		 1356 case $1 in # (
1357 -vlan) uflow="$uflow && vlan.vid == 1234"; shift ;; # (
1358 -eth) uflow="$uflow && eth.type == 0x$2"; shift; shift ;; # (
1359 *) break ;;
1360 esac
4acd1e87
BP		 1361 done
1362 for outport; do
abb37b6b 1363 echo "output(\"lp$outport\");"
4acd1e87
BP		 1364 done > expout
1365
1366 AT_CAPTURE_FILE([trace])
1367 AT_CHECK([ovs-appctl -t ovn-trace trace --all lsw0 "$uflow" | tee trace | sed '1,/Minimal trace/d'], [0], [expout])
1368}
1369
1370# test_arp INPORT SHA SPA TPA [REPLY_HA]
1371#
1372# Causes a packet to be received on INPORT. The packet is an ARP
1373# request with SHA, SPA, and TPA as specified. If REPLY_HA is provided, then
1374# it should be the hardware address of the target to expect to receive in an
1375# ARP reply; otherwise no reply is expected.
1376#
1377# INPORT is an logical switch port number, e.g. 11 for vif11.
1378# SHA and REPLY_HA are each 12 hex digits.
1379# SPA and TPA are each 8 hex digits.
1380test_arp() {
1381 local inport=$1 sha=$2 spa=$3 tpa=$4 reply_ha=$5
1382
1383 local request="inport == \"lp$inport\"
1384 && eth.dst == ff:ff:ff:ff:ff:ff && eth.src == $sha
1385 && arp.op == 1 && arp.sha == $sha && arp.spa == $spa
abb37b6b 1386 && arp.tha == ff:ff:ff:ff:ff:ff && arp.tpa == $tpa"
4acd1e87
BP		 1387
1388 if test -z "$reply_ha"; then
1389 reply=
abb37b6b
FF		 1390 local i
1391 for i in 1 2 3; do
1392 if test $i != $inport; then
1393 reply="${reply}output(\"lp$i\");
4acd1e87 1394"
abb37b6b
FF		 1395 fi
1396 done
4acd1e87
BP		 1397 else
1398 reply="\
1399eth.dst = $sha;
1400eth.src = $reply_ha;
1401arp.op = 2;
1402arp.tha = $sha;
1403arp.sha = $reply_ha;
1404arp.tpa = $spa;
1405arp.spa = $tpa;
1406output(\"lp$inport\");
1407"
1408 fi
1409
1410 AT_CAPTURE_FILE([trace])
1411 AT_CHECK_UNQUOTED([ovs-appctl -t ovn-trace trace --all lsw0 "$request" | tee trace | sed '1,/Minimal trace/d'], [0], [$reply])
1412}
1413
1414# Send packets between all pairs of source and destination ports:
1415#
1416# 1. Unicast packets are delivered to exactly one logical switch port
1417# (except that packets destined to their input ports are dropped).
1418#
1419# 2. Broadcast and multicast are delivered to all logical switch ports
1420# except the input port.
1421#
1422# 3. When port security is turned on, the switch drops packets from the wrong
1423# MAC address.
1424#
1425# 4. The switch drops all packets with a VLAN tag.
1426#
1427# 5. The switch drops all packets with a multicast source address. (This only
1428# affects behavior when port security is turned off, since otherwise port
1429# security would drop the packet anyway.)
1430#
1431# 6. The switch delivers packets with an unknown destination to logical
1432# switch ports with "unknown" among their MAC addresses (and port
1433# security disabled).
1434#
1435# 7. The switch drops unicast packets that violate an ACL.
1436#
1437# 8. The switch drops multicast and broadcast packets that violate an ACL.
1438#
9fcb6a18
BP		 1439# 9. OVN generates responses to ARP requests for known IPs, except for
1440# requests from a port for the port's own IP.
4acd1e87
BP		 1441#
1442# 10. No response to ARP requests for unknown IPs.
1443
1444for s in 1 2 3; do
1445 bcast=
1446 unknown=
1447 bacl2=
1448 bacl3=
1449 for d in 1 2 3; do
abb37b6b
FF		 1450 echo
1451 echo "lp$s -> lp$d"
1452 if test $d != $s; then unicast=$d; else unicast=; fi
1453 test_packet $s f0:00:00:00:00:0$d f0:00:00:00:00:0$s $unicast #1
1454
1455 if test $d != $s && test $s = 1; then
1456 impersonate=$d
1457 else
1458 impersonate=
1459 fi
1460 test_packet $s f0:00:00:00:00:0$d f0:00:00:00:00:55 $impersonate #3
1461
1462 if test $d != $s && test $s != 1; then acl2=$d; else acl2=; fi
1463 if test $d != $s && test $d != 3; then acl3=$d; else acl3=; fi
1464 if test $d = $s || ( (test $s = 1 || test $s = 2) && test $d = 3); then
1465 # Source of 1 or 2 and dest of 3 should be dropped
1466 # due to the 4th ACL that uses address_set(set1).
1467 acl4=
1468 else
1469 acl4=$d
1470 fi
1471
1472 #7, acl1 to acl4:
1473 test_packet $s f0:00:00:00:00:0$d f0:00:00:00:00:0$s -eth 1234
1474 test_packet $s f0:00:00:00:00:0$d f0:00:00:00:00:0$s -eth 1235 $acl2
1475 test_packet $s f0:00:00:00:00:0$d f0:00:00:00:00:0$s -eth 1236 $acl3
1476 test_packet $s f0:00:00:00:00:0$d f0:00:00:00:00:0$s -eth 1237 $acl4
1477
1478 test_packet $s f0:00:00:00:00:0$d f0:00:00:00:00:55 -vlan #4
1479 test_packet $s f0:00:00:00:00:0$d 01:00:00:00:00:0$s #5
1480
1481 if test $d != $s && test $d = 1; then
1482 unknown="$unknown $d"
1483 fi
1484 bcast="$bcast $unicast"
1485 bacl2="$bacl2 $acl2"
1486 bacl3="$bacl3 $acl3"
1487
1488 sip=192.168.0.$s
1489 tip=192.168.0.$d
1490 tip_unknown=11.11.11.11
9fcb6a18
BP		 1491 if test $d != $s; then reply_ha=f0:00:00:00:00:0$d; else reply_ha=; fi
1492 test_arp $s f0:00:00:00:00:0$s $sip $tip $reply_ha #9
abb37b6b
FF		 1493 test_arp $s f0:00:00:00:00:0$s $sip $tip_unknown #10
1494
1495 if test $d = 3; then
1496 # lp3 has an additional ip 192.169.0.[123]3.
1497 tip=192.169.0.$d
9fcb6a18 1498 test_arp $s f0:00:00:00:00:0$s $sip $tip $reply_ha #9
abb37b6b 1499 fi
4acd1e87
BP		 1500 done
1501
1502 # Broadcast and multicast.
1503 test_packet $s ff:ff:ff:ff:ff:ff f0:00:00:00:00:0$s $bcast #2
1504 test_packet $s 01:00:00:00:00:00 f0:00:00:00:00:0$s $bcast #2
1505 if test $s = 1; then
abb37b6b 1506 bcast_impersonate=$bcast
4acd1e87 1507 else
abb37b6b 1508 bcast_impersonate=
4acd1e87
BP		 1509 fi
1510 test_packet $s 01:00:00:00:00:00 f0:00:00:00:00:44 $bcast_impersonate #3
1511
1512 test_packet $s f0:00:00:00:ff:ff f0:00:00:00:00:0$s $unknown #6
1513
1514 #8, acl1 to acl3:
1515 test_packet $s ff:ff:ff:ff:ff:ff f0:00:00:00:00:0$s -eth 1234
1516 test_packet $s ff:ff:ff:ff:ff:ff f0:00:00:00:00:0$s -eth 1235 $bacl2
1517 test_packet $s ff:ff:ff:ff:ff:ff f0:00:00:00:00:0$s -eth 1236 $bacl3
1518
1519 #8, acl1 to acl3:
1520 test_packet $s 01:00:00:00:00:00 f0:00:00:00:00:0$s -eth 1234
1521 test_packet $s 01:00:00:00:00:00 f0:00:00:00:00:0$s -eth 1235 $bacl2
1522 test_packet $s 01:00:00:00:00:00 f0:00:00:00:00:0$s -eth 1236 $bacl3
1523done
1524
1525AT_CLEANUP
1526
7277bc83
RB		 1527# 2 hypervisors, 4 logical ports per HV
1528# 2 locally attached networks (one flat, one vlan tagged over same device)
1529# 2 ports per HV on each network
e90aeb57 1530AT_SETUP([ovn -- 2 HVs, 4 lports/HV, localnet ports])
d79fc5f4
RB		 1531AT_SKIP_IF([test $HAVE_PYTHON = no])
1532ovn_start
1533
ea46a4e9
JP		 1534# In this test cases we create 3 switches, all connected to same
1535# physical network (through br-phys on each HV). Each switch has
0ee7f7f1
HZ		 1536# VIF ports across 2 HVs. Each HV has 5 VIF ports. The first digit
1537# of VIF port name indicates the hypervisor it is bound to, e.g.
1538# lp23 means VIF 3 on hv2.
1539#
ea46a4e9 1540# Each switch's VLAN tag and their logical switch ports are:
0ee7f7f1
HZ		 1541# - ls1:
1542# - untagged
ea46a4e9 1543# - ports: lp11, lp12, lp21, lp22
0ee7f7f1
HZ		 1544#
1545# - ls2:
1546# - tagged with VLAN 101
ea46a4e9 1547# - ports: lp13, lp14, lp23, lp24
0ee7f7f1
HZ		 1548# - ls3:
1549# - untagged
ea46a4e9 1550# - ports: lp15, lp25
0ee7f7f1 1551#
ea46a4e9 1552# Note: a localnet port is created for each switch to connect to
0ee7f7f1
HZ		 1553# physical network.
1554
1555for i in 1 2 3; do
ea46a4e9
JP		 1556 ls_name=ls$i
1557 ovn-nbctl ls-add $ls_name
0ee7f7f1
HZ		 1558 ln_port_name=ln$i
1559 if test $i -eq 2; then
ea46a4e9 1560 ovn-nbctl lsp-add $ls_name $ln_port_name "" 101
0ee7f7f1 1561 else
ea46a4e9 1562 ovn-nbctl lsp-add $ls_name $ln_port_name
0ee7f7f1 1563 fi
31ed1192
JP		 1564 ovn-nbctl lsp-set-addresses $ln_port_name unknown
1565 ovn-nbctl lsp-set-type $ln_port_name localnet
1566 ovn-nbctl lsp-set-options $ln_port_name network_name=phys
0ee7f7f1 1567done
d79fc5f4 1568
69b72264
BP		 1569# lsp_to_ls LSP
1570#
1571# Prints the name of the logical switch that contains LSP.
1572lsp_to_ls () {
1573 case $1 in dnl (
1574 lp?[[12]]) echo ls1 ;; dnl (
1575 lp?[[34]]) echo ls2 ;; dnl (
1576 lp?5) echo ls3 ;; dnl (
1577 *) AT_FAIL_IF([:]) ;;
1578 esac
1579}
1580
d79fc5f4
RB		 1581net_add n1
1582for i in 1 2; do
1583 sim_add hv$i
1584 as hv$i
1585 ovs-vsctl add-br br-phys
1586 ovs-vsctl set open . external-ids:ovn-bridge-mappings=phys:br-phys
1587 ovn_attach n1 br-phys 192.168.0.$i
1588
0ee7f7f1 1589 for j in 1 2 3 4 5; do
d79fc5f4
RB		 1590 ovs-vsctl add-port br-int vif$i$j -- \
1591 set Interface vif$i$j external-ids:iface-id=lp$i$j \
1592 options:tx_pcap=hv$i/vif$i$j-tx.pcap \
1593 options:rxq_pcap=hv$i/vif$i$j-rx.pcap \
1594 ofport-request=$i$j
1595
31ed1192 1596 lsp_name=lp$i$j
69b72264 1597 ls_name=$(lsp_to_ls $lsp_name)
d79fc5f4 1598
ea46a4e9 1599 ovn-nbctl lsp-add $ls_name $lsp_name
31ed1192
JP		 1600 ovn-nbctl lsp-set-addresses $lsp_name f0:00:00:00:00:$i$j
1601 ovn-nbctl lsp-set-port-security $lsp_name f0:00:00:00:00:$i$j
d79fc5f4 1602
31ed1192 1603 OVS_WAIT_UNTIL([test x`ovn-nbctl lsp-get-up $lsp_name` = xup])
d79fc5f4
RB		 1604 done
1605done
69b72264
BP		 1606ovn-nbctl --wait=sb sync
1607ovn-sbctl dump-flows
d79fc5f4
RB		 1608
1609ovn_populate_arp
1610
1611# XXX This is now the 3rd copy of these functions in this file ...
1612
1613# Given the name of a logical port, prints the name of the hypervisor
1614# on which it is located.
1615vif_to_hv() {
1616 echo hv${1%?}
1617}
1618#
69b72264 1619# test_packet INPORT DST SRC ETHTYPE EOUT LOUT
d79fc5f4
RB		 1620#
1621# This shell function causes a packet to be received on INPORT. The packet's
1622# content has Ethernet destination DST and source SRC (each exactly 12 hex
69b72264
BP		 1623# digits) and Ethernet type ETHTYPE (4 hex digits). INPORT is specified as
1624# logical switch port numbers, e.g. 11 for vif11.
1625#
1626# EOUT is the end-to-end output port, that is, where the packet will end up
1627# after possibly bouncing through one or more localnet ports. LOUT is the
1628# logical output port, which might be a localnet port, as seen by ovn-trace
1629# (which doesn't know what localnet ports are connected to and therefore can't
1630# figure out the end-to-end answer).
d79fc5f4 1631for i in 1 2; do
0ee7f7f1 1632 for j in 1 2 3 4 5; do
d79fc5f4
RB		 1633 : > $i$j.expected
1634 done
1635done
1636test_packet() {
69b72264
BP		 1637 local inport=$1 dst=$2 src=$3 eth=$4 eout=$5 lout=$6
1638 echo "$@"
1639
1640 # First try tracing the packet.
1641 uflow="inport==\"lp$inport\" && eth.dst==$dst && eth.src==$src && eth.type==0x$eth"
1642 if test $lout != drop; then
1643 echo "output(\"$lout\");"
1644 fi > expout
1645 AT_CAPTURE_FILE([trace])
1646 AT_CHECK([ovn-trace --all $(lsp_to_ls lp$inport) "$uflow" | tee trace | sed '1,/Minimal trace/d'], [0], [expout])
1647
1648 # Then actually send a packet, for an end-to-end test.
1649 local packet=$(echo $dst$src | sed 's/://g')${eth}
d79fc5f4
RB		 1650 hv=`vif_to_hv $inport`
1651 vif=vif$inport
1652 as $hv ovs-appctl netdev-dummy/receive $vif $packet
69b72264
BP		 1653 if test $eout != drop; then
1654 echo $packet >> ${eout#lp}.expected
1655 fi
d79fc5f4
RB		 1656}
1657
7277bc83
RB		 1658# lp11 and lp21 are on the same network (phys, untagged)
1659# and on different hypervisors
69b72264
BP		 1660test_packet 11 f0:00:00:00:00:21 f0:00:00:00:00:11 1121 lp21 lp21
1661test_packet 21 f0:00:00:00:00:11 f0:00:00:00:00:21 2111 lp11 lp11
d79fc5f4 1662
7277bc83
RB		 1663# lp11 and lp12 are on the same network (phys, untagged)
1664# and on the same hypervisor
69b72264
BP		 1665test_packet 11 f0:00:00:00:00:12 f0:00:00:00:00:11 1112 lp12 lp12
1666test_packet 12 f0:00:00:00:00:11 f0:00:00:00:00:12 1211 lp11 lp11
7277bc83
RB		 1667
1668# lp13 and lp23 are on the same network (phys, VLAN 101)
1669# and on different hypervisors
69b72264
BP		 1670test_packet 13 f0:00:00:00:00:23 f0:00:00:00:00:13 1323 lp23 lp23
1671test_packet 23 f0:00:00:00:00:13 f0:00:00:00:00:23 2313 lp13 lp13
7277bc83
RB		 1672
1673# lp13 and lp14 are on the same network (phys, VLAN 101)
1674# and on the same hypervisor
69b72264
BP		 1675test_packet 13 f0:00:00:00:00:14 f0:00:00:00:00:13 1314 lp14 lp14
1676test_packet 14 f0:00:00:00:00:13 f0:00:00:00:00:14 1413 lp13 lp13
d79fc5f4 1677
0ee7f7f1 1678# lp11 and lp15 are on the same network (phys, untagged),
ea46a4e9 1679# same hypervisor, and on different switches
69b72264
BP		 1680test_packet 11 f0:00:00:00:00:15 f0:00:00:00:00:11 1115 lp15 ln1
1681test_packet 15 f0:00:00:00:00:11 f0:00:00:00:00:15 1511 lp11 ln3
0ee7f7f1
HZ		 1682
1683# lp11 and lp25 are on the same network (phys, untagged),
ea46a4e9 1684# different hypervisors, and on different switches
69b72264
BP		 1685test_packet 11 f0:00:00:00:00:25 f0:00:00:00:00:11 1125 lp25 ln1
1686test_packet 25 f0:00:00:00:00:11 f0:00:00:00:00:25 2511 lp11 ln3
0ee7f7f1 1687
d79fc5f4 1688# Ports that should not be able to communicate
69b72264
BP		 1689test_packet 11 f0:00:00:00:00:13 f0:00:00:00:00:11 1113 drop ln1
1690test_packet 11 f0:00:00:00:00:23 f0:00:00:00:00:11 1123 drop ln1
1691test_packet 21 f0:00:00:00:00:13 f0:00:00:00:00:21 2113 drop ln1
1692test_packet 21 f0:00:00:00:00:23 f0:00:00:00:00:21 2123 drop ln1
1693test_packet 13 f0:00:00:00:00:11 f0:00:00:00:00:13 1311 drop ln2
1694test_packet 13 f0:00:00:00:00:21 f0:00:00:00:00:13 1321 drop ln2
1695test_packet 23 f0:00:00:00:00:11 f0:00:00:00:00:23 2311 drop ln2
1696test_packet 23 f0:00:00:00:00:21 f0:00:00:00:00:23 2321 drop ln2
d79fc5f4 1697
d79fc5f4
RB		 1698# Dump a bunch of info helpful for debugging if there's a failure.
1699
1700echo "------ OVN dump ------"
1701ovn-nbctl show
1702ovn-sbctl show
1703
1704echo "------ hv1 dump ------"
1705as hv1 ovs-vsctl show
1706as hv1 ovs-ofctl -O OpenFlow13 dump-flows br-int
1707
1708echo "------ hv2 dump ------"
1709as hv2 ovs-vsctl show
1710as hv2 ovs-ofctl -O OpenFlow13 dump-flows br-int
1711
1712# Now check the packets actually received against the ones expected.
1713for i in 1 2; do
0ee7f7f1 1714 for j in 1 2 3 4 5; do
49d7c759 1715 OVN_CHECK_PACKETS([hv$i/vif$i$j-tx.pcap], [$i$j.expected])
d79fc5f4
RB		 1716 done
1717done
1718
7a8f15e0 1719OVN_CLEANUP([hv1],[hv2])
d9c8c57c 1720
d79fc5f4
RB		 1721AT_CLEANUP
1722
91125642
FF		 1723AT_SETUP([ovn -- vtep: 3 HVs, 1 VIFs/HV, 1 GW, 1 LS])
1724AT_KEYWORDS([vtep])
eb6b08eb
JP		 1725AT_SKIP_IF([test $HAVE_PYTHON = no])
1726ovn_start
1727
1728# Configure the Northbound database
ea46a4e9 1729ovn-nbctl ls-add lsw0
eb6b08eb 1730
31ed1192
JP		 1731ovn-nbctl lsp-add lsw0 lp1
1732ovn-nbctl lsp-set-addresses lp1 f0:00:00:00:00:01
eb6b08eb 1733
31ed1192
JP		 1734ovn-nbctl lsp-add lsw0 lp2
1735ovn-nbctl lsp-set-addresses lp2 f0:00:00:00:00:02
eb6b08eb 1736
31ed1192
JP		 1737ovn-nbctl lsp-add lsw0 lp-vtep
1738ovn-nbctl lsp-set-type lp-vtep vtep
1739ovn-nbctl lsp-set-options lp-vtep vtep-physical-switch=br-vtep vtep-logical-switch=lsw0
1740ovn-nbctl lsp-set-addresses lp-vtep unknown
eb6b08eb 1741
77adbb62
DB		 1742# lpr, lr and lrp1 are used for the ARP request handling test only.
1743ovn-nbctl lsp-add lsw0 lpr
1744ovn-nbctl lr-add lr
1745ovn-nbctl lrp-add lr lrp1 f0:00:00:00:00:f1 192.168.1.1/24
1746ovn-nbctl set Logical_Switch_Port lpr type=router \
1747 options:router-port=lrp1 \
1748 addresses='"f0:00:00:00:00:f1 192.168.1.1"'
1749
1750
eb6b08eb
JP		 1751net_add n1 # Network to connect hv1, hv2, and vtep
1752net_add n2 # Network to connect vtep and hv3
1753
1754# Create hypervisor hv1 connected to n1
1755sim_add hv1
1756as hv1
1757ovs-vsctl add-br br-phys
1758ovn_attach n1 br-phys 192.168.0.1
1759ovs-vsctl add-port br-int vif1 -- set Interface vif1 external-ids:iface-id=lp1 options:tx_pcap=hv1/vif1-tx.pcap options:rxq_pcap=hv1/vif1-rx.pcap ofport-request=1
1760
1761# Create hypervisor hv2 connected to n1
1762sim_add hv2
1763as hv2
1764ovs-vsctl add-br br-phys
1765ovn_attach n1 br-phys 192.168.0.2
1766ovs-vsctl add-port br-int vif2 -- set Interface vif2 external-ids:iface-id=lp2 options:tx_pcap=hv2/vif2-tx.pcap options:rxq_pcap=hv2/vif2-rx.pcap ofport-request=1
1767
1768
1769# Start the vtep emulator with a leg in both networks
1770sim_add vtep
1771as vtep
1772
1773ovsdb-tool create "$ovs_base"/vtep/vtep.db "$abs_top_srcdir"/vtep/vtep.ovsschema || return 1
1774ovs-appctl -t ovsdb-server ovsdb-server/add-db "$ovs_base"/vtep/vtep.db
1775
1776ovs-vsctl add-br br-phys
1777net_attach n1 br-phys
1778
1779mac=`ovs-vsctl get Interface br-phys mac_in_use | sed s/\"//g`
1780arp_table="$arp_table $sandbox,br-phys,192.168.0.3,$mac"
1781ovs-appctl netdev-dummy/ip4addr br-phys 192.168.0.3/24 >/dev/null || return 1
1782ovs-appctl ovs/route/add 192.168.0.3/24 br-phys >/dev/null || return 1
1783
1784ovs-vsctl add-br br-vtep
1785net_attach n2 br-vtep
1786
1787vtep-ctl add-ps br-vtep
1788vtep-ctl set Physical_Switch br-vtep tunnel_ips=192.168.0.3
1789vtep-ctl add-ls lsw0
1790
1791start_daemon ovs-vtep br-vtep
1792start_daemon ovn-controller-vtep --vtep-db=unix:"$ovs_base"/vtep/db.sock --ovnsb-db=unix:"$ovs_base"/ovn-sb/ovn-sb.sock
1793
8cdc4312 1794OVS_WAIT_UNTIL([vtep-ctl bind-ls br-vtep br-vtep_n2 0 lsw0])
eb6b08eb 1795
475f0a2c
DB		 1796OVS_WAIT_UNTIL([test -n "`as vtep vtep-ctl get-replication-mode lsw0 |
1797 grep -- source`"])
1798# It takes more time for the update to be processed by ovs-vtep.
eb6b08eb
JP		 1799sleep 1
1800
1801# Add hv3 on the other side of the vtep
1802sim_add hv3
1803as hv3
1804ovs-vsctl add-br br-phys
1805net_attach n2 br-phys
1806
1807ovs-vsctl add-port br-phys vif3 -- set Interface vif3 options:tx_pcap=hv3/vif3-tx.pcap options:rxq_pcap=hv3/vif3-rx.pcap ofport-request=1
1808
1809# Pre-populate the hypervisors' ARP tables so that we don't lose any
1810# packets for ARP resolution (native tunneling doesn't queue packets
1811# for ARP resolution).
1812ovn_populate_arp
1813
1814# Allow some time for ovn-northd and ovn-controller to catch up.
1815# XXX This should be more systematic.
1816sleep 1
6977df72 1817
eb6b08eb
JP		 1818# test_packet INPORT DST SRC ETHTYPE OUTPORT...
1819#
1820# This shell function causes a packet to be received on INPORT. The packet's
1821# content has Ethernet destination DST and source SRC (each exactly 12 hex
1822# digits) and Ethernet type ETHTYPE (4 hex digits). The OUTPORTs (zero or
1823# more) list the VIFs on which the packet should be received. INPORT and the
31ed1192 1824# OUTPORTs are specified as logical switch port numbers, e.g. 1 for vif1.
eb6b08eb
JP		 1825for i in 1 2 3; do
1826 : > $i.expected
1827done
1828test_packet() {
1829 local inport=$1 packet=$2$3$4; shift; shift; shift; shift
1830 #hv=hv`echo $inport | sed 's/^\(.\).*/\1/'`
1831 hv=hv$inport
1832 vif=vif$inport
1833 as $hv ovs-appctl netdev-dummy/receive $vif $packet
1834 for outport; do
e4543cfe 1835 echo $packet >> $outport.expected
eb6b08eb
JP		 1836 done
1837}
1838
1839# Send packets between all pairs of source and destination ports:
1840#
31ed1192
JP		 1841# 1. Unicast packets are delivered to exactly one logical switch port
1842# (except that packets destined to their input ports are dropped).
eb6b08eb 1843#
31ed1192
JP		 1844# 2. Broadcast and multicast are delivered to all logical switch ports
1845# except the input port.
eb6b08eb 1846#
ea46a4e9 1847# 3. The switch delivers packets with an unknown destination to logical
31ed1192
JP		 1848# switch ports with "unknown" among their MAC addresses (and port
1849# security disabled).
eb6b08eb
JP		 1850for s in 1 2 3; do
1851 bcast=
1852 unknown=
1853 for d in 1 2 3; do
1854 if test $d != $s; then unicast=$d; else unicast=; fi
1855 test_packet $s f0000000000$d f0000000000$s 00$s$d $unicast #1
1856
1857 # The vtep (vif3) is the only one configured for "unknown"
1858 if test $d != $s && test $d = 3; then
1859 unknown="$unknown $d"
1860 fi
1861 bcast="$bcast $unicast"
1862 done
1863
1864 # Broadcast and multicast.
46ed1382
DB		 1865 test_packet $s ffffffffffff f0000000000$s 0${s}ff $bcast #2
1866 test_packet $s 010000000000 f0000000000$s 0${s}ff $bcast #2
eb6b08eb
JP		 1867
1868 test_packet $s f0000000ffff f0000000000$s 0${s}66 $unknown #3
1869done
1870
77adbb62
DB		 1871# ARP request should not be responded to by logical switch router
1872# type arp responder on HV1 and HV2 and should reach directly to
1873# vif1 and vif2
1874ip_to_hex() {
1875 printf "%02x%02x%02x%02x" "$@"
1876}
1877sha=f00000000003
1878spa=`ip_to_hex 192 168 1 2`
1879tpa=`ip_to_hex 192 168 1 1`
1880request=ffffffffffff${sha}08060001080006040001${sha}${spa}ffffffffffff${tpa}
1881as hv3 ovs-appctl netdev-dummy/receive vif3 $request
1882echo $request >> 1.expected
1883echo $request >> 2.expected
1884
bb0c41d3
RM		 1885# dump information with counters
1886echo "------ OVN dump ------"
1887ovn-nbctl show
1888ovn-sbctl show
1889
77adbb62
DB		 1890echo "---------SB dump-----"
1891ovn-sbctl list datapath_binding
1892echo "---------------------"
1893ovn-sbctl list port_binding
1894echo "---------------------"
1895ovn-sbctl dump-flows
1896
bb0c41d3
RM		 1897echo "------ hv1 dump ------"
1898as hv1 ovs-vsctl show
6195e2e7 1899as hv1 ovs-ofctl -O OpenFlow13 show br-int
bb0c41d3
RM		 1900as hv1 ovs-ofctl -O OpenFlow13 dump-flows br-int
1901
1902echo "------ hv2 dump ------"
1903as hv2 ovs-vsctl show
6195e2e7 1904as hv2 ovs-ofctl -O OpenFlow13 show br-int
bb0c41d3
RM		 1905as hv2 ovs-ofctl -O OpenFlow13 dump-flows br-int
1906
1907echo "------ hv3 dump ------"
1908as hv3 ovs-vsctl show
6754e92d
FF		 1909# note: hv3 has no logical port bind, thus it should not have br-int
1910AT_CHECK([as hv3 ovs-ofctl -O OpenFlow13 show br-int], [1], [],
1911[ovs-ofctl: br-int is not a bridge or a socket
1912])
bb0c41d3 1913
eb6b08eb
JP		 1914# Now check the packets actually received against the ones expected.
1915for i in 1 2 3; do
49d7c759 1916 OVN_CHECK_PACKETS([hv$i/vif$i-tx.pcap], [$i.expected])
eb6b08eb 1917done
fcde56f5
LR		 1918
1919# Gracefully terminate daemons
7a8f15e0
LR		 1920OVN_CLEANUP([hv1],[hv2],[vtep])
1921OVN_CLEANUP_VSWITCH([hv3])
d9c8c57c 1922
eb6b08eb 1923AT_CLEANUP
9975d7be 1924
184bc3ca
RB		 1925# Similar test to "hardware GW"
1926AT_SETUP([ovn -- 3 HVs, 1 VIFs/HV, 1 software GW, 1 LS])
1927AT_SKIP_IF([test $HAVE_PYTHON = no])
1928ovn_start
1929
1930# Configure the Northbound database
1931ovn-nbctl ls-add lsw0
1932
1933ovn-nbctl lsp-add lsw0 lp1
1934ovn-nbctl lsp-set-addresses lp1 f0:00:00:00:00:01
1935
1936ovn-nbctl lsp-add lsw0 lp2
1937ovn-nbctl lsp-set-addresses lp2 f0:00:00:00:00:02
1938
1939ovn-nbctl lsp-add lsw0 lp-gw
1940ovn-nbctl lsp-set-type lp-gw l2gateway
62b87eab 1941ovn-nbctl lsp-set-options lp-gw network_name=physnet1 l2gateway-chassis=hv_gw
184bc3ca
RB		 1942ovn-nbctl lsp-set-addresses lp-gw unknown
1943
1944net_add n1 # Network to connect hv1, hv2, and gw
1945net_add n2 # Network to connect gw and hv3
1946
1947# Create hypervisor hv1 connected to n1
1948sim_add hv1
1949as hv1
1950ovs-vsctl add-br br-phys
1951ovn_attach n1 br-phys 192.168.0.1
1952ovs-vsctl add-port br-int vif1 -- set Interface vif1 external-ids:iface-id=lp1 options:tx_pcap=hv1/vif1-tx.pcap options:rxq_pcap=hv1/vif1-rx.pcap ofport-request=1
1953
1954# Create hypervisor hv2 connected to n1
1955sim_add hv2
1956as hv2
1957ovs-vsctl add-br br-phys
1958ovn_attach n1 br-phys 192.168.0.2
1959ovs-vsctl add-port br-int vif2 -- set Interface vif2 external-ids:iface-id=lp2 options:tx_pcap=hv2/vif2-tx.pcap options:rxq_pcap=hv2/vif2-rx.pcap ofport-request=1
1960
1961# Create hypervisor hv_gw connected to n1 and n2
1962# connect br-phys bridge to n1; connect hv-gw bridge to n2
1963sim_add hv_gw
1964as hv_gw
1965ovs-vsctl add-br br-phys
1966ovn_attach n1 br-phys 192.168.0.3
1967ovs-vsctl add-br br-phys2
1968net_attach n2 br-phys2
1969ovs-vsctl set open . external_ids:ovn-bridge-mappings="physnet1:br-phys2"
1970
184bc3ca
RB		 1971# Add hv3 on the other side of the GW
1972sim_add hv3
1973as hv3
1974ovs-vsctl add-br br-phys
1975net_attach n2 br-phys
1976ovs-vsctl add-port br-phys vif3 -- set Interface vif3 options:tx_pcap=hv3/vif3-tx.pcap options:rxq_pcap=hv3/vif3-rx.pcap ofport-request=1
1977
1978
1979# Pre-populate the hypervisors' ARP tables so that we don't lose any
1980# packets for ARP resolution (native tunneling doesn't queue packets
1981# for ARP resolution).
1982ovn_populate_arp
1983
1984# Allow some time for ovn-northd and ovn-controller to catch up.
1985# XXX This should be more systematic.
1986sleep 1
1987
1988# test_packet INPORT DST SRC ETHTYPE OUTPORT...
1989#
1990# This shell function causes a packet to be received on INPORT. The packet's
1991# content has Ethernet destination DST and source SRC (each exactly 12 hex
1992# digits) and Ethernet type ETHTYPE (4 hex digits). The OUTPORTs (zero or
1993# more) list the VIFs on which the packet should be received. INPORT and the
1994# OUTPORTs are specified as lport numbers, e.g. 1 for vif1.
184bc3ca
RB		 1995for i in 1 2 3; do
1996 : > $i.expected
1997done
1998test_packet() {
1999 local inport=$1 packet=$2$3$4; shift; shift; shift; shift
2000 #hv=hv`echo $inport | sed 's/^\(.\).*/\1/'`
2001 hv=hv$inport
2002 vif=vif$inport
2003 as $hv ovs-appctl netdev-dummy/receive $vif $packet
2004 for outport; do
e4543cfe 2005 echo $packet >> $outport.expected
184bc3ca
RB		 2006 done
2007}
2008
2009# Send packets between all pairs of source and destination ports:
2010#
2011# 1. Unicast packets are delivered to exactly one lport (except that packets
2012# destined to their input ports are dropped).
2013#
2014# 2. Broadcast and multicast are delivered to all lports except the input port.
2015#
2016# 3. The lswitch delivers packets with an unknown destination to lports with
2017# "unknown" among their MAC addresses (and port security disabled).
2018for s in 1 2 3 ; do
2019 bcast=
2020 unknown=
2021 for d in 1 2 3 ; do
2022 if test $d != $s; then unicast=$d; else unicast=; fi
2023 test_packet $s f0000000000$d f0000000000$s 00$s$d $unicast #1
2024
2025 # The vtep (vif3) is the only one configured for "unknown"
2026 if test $d != $s && test $d = 3; then
2027 unknown="$unknown $d"
2028 fi
2029 bcast="$bcast $unicast"
2030 done
2031
2032 test_packet $s ffffffffffff f0000000000$s 0${s}ff $bcast #2
2033 test_packet $s 010000000000 f0000000000$s 0${s}ff $bcast #3
2034 test_packet $s f0000000ffff f0000000000$s 0${s}66 $unknown #4
2035done
2036
184bc3ca
RB		 2037echo "------ ovn-nbctl show ------"
2038ovn-nbctl show
2039echo "------ ovn-sbctl show ------"
2040ovn-sbctl show
2041
2042echo "------ hv1 ------"
2043as hv1 ovs-vsctl show
2044echo "------ hv1 br-int ------"
2045as hv1 ovs-ofctl -O OpenFlow13 dump-flows br-int
2046echo "------ hv1 br-phys ------"
2047as hv1 ovs-ofctl -O OpenFlow13 dump-flows br-phys
2048
2049echo "------ hv2 ------"
2050as hv2 ovs-vsctl show
2051echo "------ hv2 br-int ------"
2052as hv2 ovs-ofctl -O OpenFlow13 dump-flows br-int
2053echo "------ hv2 br-phys ------"
2054as hv2 ovs-ofctl -O OpenFlow13 dump-flows br-phys
2055
2056echo "------ hv_gw ------"
2057as hv_gw ovs-vsctl show
2058echo "------ hv_gw br-phys ------"
2059as hv_gw ovs-ofctl -O OpenFlow13 dump-flows br-phys
2060echo "------ hv_gw br-phys2 ------"
2061as hv_gw ovs-ofctl -O OpenFlow13 dump-flows br-phys2
2062
2063echo "------ hv3 ------"
2064as hv3 ovs-vsctl show
2065echo "------ hv3 br-phys ------"
2066as hv3 ovs-ofctl -O OpenFlow13 dump-flows br-phys
2067
2068# Now check the packets actually received against the ones expected.
2069for i in 1 2 3; do
49d7c759 2070 OVN_CHECK_PACKETS([hv$i/vif$i-tx.pcap], [$i.expected])
184bc3ca
RB		 2071done
2072AT_CLEANUP
2073
9975d7be
BP		 2074# 3 hypervisors, 3 logical switches with 3 logical ports each, 1 logical router
2075AT_SETUP([ovn -- 3 HVs, 3 LS, 3 lports/LS, 1 LR])
2076AT_SKIP_IF([test $HAVE_PYTHON = no])
2077ovn_start
2078
2079# Logical network:
2080#
2081# Three logical switches ls1, ls2, ls3.
86e98048
BP		 2082# One logical router lr0 connected to ls[123],
2083# with nine subnets, three per logical switch:
2084#
2085# lrp11 on ls1 for subnet 192.168.11.0/24
2086# lrp12 on ls1 for subnet 192.168.12.0/24
2087# lrp13 on ls1 for subnet 192.168.13.0/24
2088# ...
2089# lrp33 on ls3 for subnet 192.168.33.0/24
2090#
2091# 27 VIFs, 9 per LS, 3 per subnet: lp[123][123][123], where the first two
2092# digits are the subnet and the last digit distinguishes the VIF.
9975d7be 2093for i in 1 2 3; do
ea46a4e9 2094 ovn-nbctl ls-add ls$i
9975d7be 2095 for j in 1 2 3; do
86e98048 2096 for k in 1 2 3; do
31ed1192
JP		 2097 # Add "unknown" to MAC addresses for lp?11, so packets for
2098 # MAC-IP bindings discovered via ARP later have somewhere to go.
2099 if test $j$k = 11; then unknown=unknown; else unknown=; fi
2100
2101 ovn-nbctl \
2102 -- lsp-add ls$i lp$i$j$k \
2103 -- lsp-set-addresses lp$i$j$k "f0:00:00:00:0$i:$j$k \
2104 192.168.$i$j.$k" $unknown
86e98048
BP		 2105 done
2106 done
2107done
2108
fa2a27b2 2109ovn-nbctl lr-add lr0
86e98048
BP		 2110for i in 1 2 3; do
2111 for j in 1 2 3; do
bf44c2cd 2112 ovn-nbctl lrp-add lr0 lrp$i$j 00:00:00:00:ff:$i$j 192.168.$i$j.254/24
269ecccc 2113 ovn-nbctl \
31ed1192 2114 -- lsp-add ls$i lrp$i$j-attachment \
269ecccc 2115 -- set Logical_Switch_Port lrp$i$j-attachment type=router \
00007447 2116 options:router-port=lrp$i$j \
86e98048 2117 addresses='"00:00:00:00:ff:'$i$j'"'
9975d7be
BP		 2118 done
2119done
2120
80f408f4 2121ovn-nbctl set Logical_Switch_Port lrp33-attachment \
57d143eb
HZ		 2122 addresses='"00:00:00:00:ff:33 192.168.33.254"'
2123
9975d7be
BP		 2124# Physical network:
2125#
2126# Three hypervisors hv[123].
86e98048
BP		 2127# lp?1[123] spread across hv[123]: lp?11 on hv1, lp?12 on hv2, lp?13 on hv3.
2128# lp?2[123] spread across hv[23]: lp?21 and lp?22 on hv2, lp?23 on hv3.
2129# lp?3[123] all on hv3.
2130
9975d7be
BP		 2131
2132# Given the name of a logical port, prints the name of the hypervisor
2133# on which it is located.
2134vif_to_hv() {
2135 case $1 in dnl (
86e98048
BP		 2136 ?11) echo 1 ;; dnl (
2137 ?12 | ?21 | ?22) echo 2 ;; dnl (
2138 ?13 | ?23 | ?3?) echo 3 ;;
9975d7be
BP		 2139 esac
2140}
2141
86e98048
BP		 2142# Given the name of a logical port, prints the name of its logical router
2143# port, e.g. "vif_to_lrp 123" yields 12.
2144vif_to_lrp() {
2145 echo ${1%?}
2146}
2147
2148# Given the name of a logical port, prints the name of its logical
2149# switch, e.g. "vif_to_ls 123" yields 1.
e3393e3f 2150vif_to_ls() {
86e98048 2151 echo ${1%??}
e3393e3f
BP		 2152}
2153
9975d7be
BP		 2154net_add n1
2155for i in 1 2 3; do
2156 sim_add hv$i
2157 as hv$i
2158 ovs-vsctl add-br br-phys
2159 ovn_attach n1 br-phys 192.168.0.$i
2160done
2161for i in 1 2 3; do
2162 for j in 1 2 3; do
86e98048 2163 for k in 1 2 3; do
269ecccc
JP		 2164 hv=`vif_to_hv $i$j$k`
2165 as hv$hv ovs-vsctl \
2166 -- add-port br-int vif$i$j$k \
2167 -- set Interface vif$i$j$k \
2168 external-ids:iface-id=lp$i$j$k \
2169 options:tx_pcap=hv$hv/vif$i$j$k-tx.pcap \
2170 options:rxq_pcap=hv$hv/vif$i$j$k-rx.pcap \
2171 ofport-request=$i$j$k
86e98048 2172 done
9975d7be
BP		 2173 done
2174done
2175
2176# Pre-populate the hypervisors' ARP tables so that we don't lose any
2177# packets for ARP resolution (native tunneling doesn't queue packets
2178# for ARP resolution).
2179ovn_populate_arp
2180
2181# Allow some time for ovn-northd and ovn-controller to catch up.
2182# XXX This should be more systematic.
2183sleep 1
2184
e3393e3f 2185# test_ip INPORT SRC_MAC DST_MAC SRC_IP DST_IP OUTPORT...
9975d7be
BP		 2186#
2187# This shell function causes a packet to be received on INPORT. The packet's
2188# content has Ethernet destination DST and source SRC (each exactly 12 hex
2189# digits) and Ethernet type ETHTYPE (4 hex digits). The OUTPORTs (zero or
2190# more) list the VIFs on which the packet should be received. INPORT and the
31ed1192 2191# OUTPORTs are specified as logical switch port numbers, e.g. 123 for vif123.
9975d7be
BP		 2192for i in 1 2 3; do
2193 for j in 1 2 3; do
86e98048
BP		 2194 for k in 1 2 3; do
2195 : > $i$j$k.expected
269ecccc 2196 done
9975d7be
BP		 2197 done
2198done
e3393e3f 2199test_ip() {
9975d7be
BP		 2200 # This packet has bad checksums but logical L3 routing doesn't check.
2201 local inport=$1 src_mac=$2 dst_mac=$3 src_ip=$4 dst_ip=$5
ba43992e 2202 local packet=${dst_mac}${src_mac}08004500001c0000000040110000${src_ip}${dst_ip}0035111100080000
9975d7be
BP		 2203 shift; shift; shift; shift; shift
2204 hv=hv`vif_to_hv $inport`
2205 as $hv ovs-appctl netdev-dummy/receive vif$inport $packet
2206 #as $hv ovs-appctl ofproto/trace br-int in_port=$inport $packet
86e98048
BP		 2207 in_ls=`vif_to_ls $inport`
2208 in_lrp=`vif_to_lrp $inport`
9975d7be 2209 for outport; do
269ecccc 2210 out_ls=`vif_to_ls $outport`
86e98048 2211 if test $in_ls = $out_ls; then
9975d7be
BP		 2212 # Ports on the same logical switch receive exactly the same packet.
2213 echo $packet
2214 else
2215 # Routing decrements TTL and updates source and dest MAC
2216 # (and checksum).
269ecccc 2217 out_lrp=`vif_to_lrp $outport`
86e98048 2218 echo f00000000${outport}00000000ff${out_lrp}08004500001c00000000"3f1101"00${src_ip}${dst_ip}0035111100080000
e4543cfe 2219 fi >> $outport.expected
9975d7be
BP		 2220 done
2221}
2222
e3393e3f 2223as hv1 ovs-vsctl --columns=name,ofport list interface
0bac7164
BP		 2224as hv1 ovn-sbctl list port_binding
2225as hv1 ovn-sbctl list datapath_binding
9975d7be
BP		 2226as hv1 ovn-sbctl dump-flows
2227as hv1 ovs-ofctl dump-flows br-int
2228
e3393e3f 2229# Send IP packets between all pairs of source and destination ports:
9975d7be 2230#
31ed1192
JP		 2231# 1. Unicast IP packets are delivered to exactly one logical switch port
2232# (except that packets destined to their input ports are dropped).
9975d7be 2233#
31ed1192
JP		 2234# 2. Broadcast IP packets are delivered to all logical switch ports
2235# except the input port.
86e98048
BP		 2236ip_to_hex() {
2237 printf "%02x%02x%02x%02x" "$@"
2238}
9975d7be 2239for is in 1 2 3; do
269ecccc
JP		 2240 for js in 1 2 3; do
2241 for ks in 1 2 3; do
2242 bcast=
2243 s=$is$js$ks
2244 smac=f00000000$s
2245 sip=`ip_to_hex 192 168 $is$js $ks`
2246 for id in 1 2 3; do
2247 for jd in 1 2 3; do
2248 for kd in 1 2 3; do
2249 d=$id$jd$kd
2250 dip=`ip_to_hex 192 168 $id$jd $kd`
2251 if test $is = $id; then dmac=f00000000$d; else dmac=00000000ff$is$js; fi
2252 if test $d != $s; then unicast=$d; else unicast=; fi
2253
2254 test_ip $s $smac $dmac $sip $dip $unicast #1
2255
2256 if test $id = $is && test $d != $s; then bcast="$bcast $d"; fi
2257 done
2258 done
9975d7be 2259 done
269ecccc
JP		 2260 test_ip $s $smac ffffffffffff $sip ffffffff $bcast #2
2261 done
2262 done
e3393e3f
BP		 2263done
2264
0bac7164
BP		 2265# 3. Send an IP packet from every logical port to every other subnet,
2266# to an IP address that does not have a static IP-MAC binding.
2267# This should generate a broadcast ARP request for the destination
2268# IP address in the destination subnet.
2269for is in 1 2 3; do
269ecccc
JP		 2270 for js in 1 2 3; do
2271 for ks in 1 2 3; do
2272 s=$is$js$ks
2273 smac=f00000000$s
2274 sip=`ip_to_hex 192 168 $is$js $ks`
2275 for id in 1 2 3; do
2276 for jd in 1 2 3; do
2277 if test $is$js = $id$jd; then
2278 continue
2279 fi
2280
2281 # Send the packet.
2282 dmac=00000000ff$is$js
2283 # Calculate a 4th octet for the destination that is
2284 # unique per $s, avoids the .1 .2 .3 and .254 IP addresses
2285 # that have static MAC bindings, and fits in the range
2286 # 0-255.
2287 o4=`expr $is '*' 9 + $js '*' 3 + $ks + 10`
2288 dip=`ip_to_hex 192 168 $id$jd $o4`
2289 test_ip $s $smac $dmac $sip $dip
2290
2291 # Every LP on the destination subnet's lswitch should
2292 # receive the ARP request.
2293 lrmac=00000000ff$id$jd
2294 lrip=`ip_to_hex 192 168 $id$jd 254`
2295 arp=ffffffffffff${lrmac}08060001080006040001${lrmac}${lrip}000000000000${dip}
2296 for jd2 in 1 2 3; do
2297 for kd in 1 2 3; do
e4543cfe 2298 echo $arp >> $id$jd2$kd.expected
0bac7164 2299 done
269ecccc 2300 done
0bac7164 2301 done
269ecccc 2302 done
0bac7164 2303 done
269ecccc 2304 done
0bac7164
BP		 2305done
2306
e3393e3f
BP		 2307# test_arp INPORT SHA SPA TPA [REPLY_HA]
2308#
2309# Causes a packet to be received on INPORT. The packet is an ARP
2310# request with SHA, SPA, and TPA as specified. If REPLY_HA is provided, then
2311# it should be the hardware address of the target to expect to receive in an
2312# ARP reply; otherwise no reply is expected.
2313#
31ed1192 2314# INPORT is an logical switch port number, e.g. 11 for vif11.
e3393e3f
BP		 2315# SHA and REPLY_HA are each 12 hex digits.
2316# SPA and TPA are each 8 hex digits.
2317test_arp() {
2318 local inport=$1 sha=$2 spa=$3 tpa=$4 reply_ha=$5
2319 local request=ffffffffffff${sha}08060001080006040001${sha}${spa}ffffffffffff${tpa}
2320 hv=hv`vif_to_hv $inport`
2321 as $hv ovs-appctl netdev-dummy/receive vif$inport $request
2d9b49dd 2322 as $hv ovs-appctl ofproto/trace br-int in_port=$inport $request
e3393e3f 2323
57d143eb 2324 # Expect to receive the broadcast ARP on the other logical switch ports if
ea46a4e9 2325 # IP address is not configured to the switch patch port.
e3393e3f 2326 local i=`vif_to_ls $inport`
86e98048 2327 local j k
e3393e3f 2328 for j in 1 2 3; do
86e98048 2329 for k in 1 2 3; do
ea46a4e9 2330 # 192.168.33.254 is configured to the switch patch port for lrp33,
57d143eb
HZ		 2331 # so no ARP flooding expected for it.
2332 if test $i$j$k != $inport && test $tpa != `ip_to_hex 192 168 33 254`; then
86e98048
BP		 2333 echo $request >> $i$j$k.expected
2334 fi
2335 done
e3393e3f
BP		 2336 done
2337
2338 # Expect to receive the reply, if any.
2339 if test X$reply_ha != X; then
86e98048
BP		 2340 lrp=`vif_to_lrp $inport`
2341 local reply=${sha}00000000ff${lrp}08060001080006040002${reply_ha}${tpa}${sha}${spa}
e3393e3f
BP		 2342 echo $reply >> $inport.expected
2343 fi
2344}
2345
2346# Test router replies to ARP requests from all source ports:
2347#
0bac7164 2348# 4. Router replies to query for its MAC address from port's own IP address.
e3393e3f 2349#
0bac7164 2350# 5. Router replies to query for its MAC address from any random IP address
e3393e3f
BP		 2351# in its subnet.
2352#
0bac7164 2353# 6. Router replies to query for its MAC address from another subnet.
e3393e3f 2354#
0bac7164 2355# 7. No reply to query for IP address other than router IP.
e3393e3f 2356for i in 1 2 3; do
269ecccc
JP		 2357 for j in 1 2 3; do
2358 for k in 1 2 3; do
2359 smac=f00000000$i$j$k # Source MAC
2360 sip=`ip_to_hex 192 168 $i$j $k` # Source IP
2361 rip=`ip_to_hex 192 168 $i$j 254` # Router IP
2362 rmac=00000000ff$i$j # Router MAC
2363 otherip=`ip_to_hex 192 168 $i$j 55` # Some other IP in subnet
2364 test_arp $i$j$k $smac $sip $rip $rmac #4
2365 test_arp $i$j$k $smac $otherip $rip $rmac #5
2366 test_arp $i$j$k $smac 0a123456 $rip $rmac #6
2367 test_arp $i$j$k $smac $sip $otherip #7
0bac7164 2368 done
269ecccc 2369 done
0bac7164
BP		 2370done
2371
2372# Allow some time for packet forwarding.
2373# XXX This can be improved.
2374sleep 1
2375
2376# 8. Generate an ARP reply for each of the IP addresses ARPed for
2377# earlier as #3.
2378#
2379# Here, the $s is the VIF that originated the ARP request and $d is
2380# the VIF that sends the ARP reply, which is somewhat backward but
2381# it means that $s and $d are the same as #3.
2382: > mac_bindings.expected
2383for is in 1 2 3; do
269ecccc
JP		 2384 for js in 1 2 3; do
2385 for ks in 1 2 3; do
2386 s=$is$js$ks
2387 for id in 1 2 3; do
2388 for jd in 1 2 3; do
2389 if test $is$js = $id$jd; then
2390 continue
2391 fi
2392
2393 kd=1
2394 d=$id$jd$kd
2395
2396 o4=`expr $is '*' 9 + $js '*' 3 + $ks + 10`
2397 host_ip=`ip_to_hex 192 168 $id$jd $o4`
2398 host_mac=8000000000$o4
2399
2400 lrmac=00000000ff$id$jd
2401 lrip=`ip_to_hex 192 168 $id$jd 254`
2402
2403 arp=${lrmac}${host_mac}08060001080006040002${host_mac}${host_ip}${lrmac}${lrip}
2404
2405 echo
2406 echo
2407 echo
2408 hv=hv`vif_to_hv $d`
2409 as $hv ovs-appctl netdev-dummy/receive vif$d $arp
2410 #as $hv ovs-appctl ofproto/trace br-int in_port=$d $arp
2411 #as $hv ovs-ofctl dump-flows br-int table=19
2412
2413 host_ip_pretty=192.168.$id$jd.$o4
2414 host_mac_pretty=80:00:00:00:00:$o4
2415 echo lrp$id$jd,$host_ip_pretty,$host_mac_pretty >> mac_bindings.expected
86e98048 2416 done
269ecccc 2417 done
9975d7be 2418 done
269ecccc 2419 done
9975d7be 2420done
0bac7164 2421
9975d7be
BP		 2422# Allow some time for packet forwarding.
2423# XXX This can be improved.
2424sleep 1
2425
0bac7164
BP		 2426# 9. Send an IP packet from every logical port to every other subnet. These
2427# are the same packets already sent as #3, but now the destinations' IP-MAC
2428# bindings have been discovered via ARP, so instead of provoking an ARP
2429# request, these packets now get routed to their destinations (which don't
2430# have static MAC bindings, so they go to the port we've designated as
2431# accepting "unknown" MACs.)
2432for is in 1 2 3; do
269ecccc
JP		 2433 for js in 1 2 3; do
2434 for ks in 1 2 3; do
2435 s=$is$js$ks
2436 smac=f00000000$s
2437 sip=`ip_to_hex 192 168 $is$js $ks`
2438 for id in 1 2 3; do
2439 for jd in 1 2 3; do
2440 if test $is$js = $id$jd; then
2441 continue
2442 fi
2443
2444 # Send the packet.
2445 dmac=00000000ff$is$js
2446 # Calculate a 4th octet for the destination that is
2447 # unique per $s, avoids the .1 .2 .3 and .254 IP addresses
2448 # that have static MAC bindings, and fits in the range
2449 # 0-255.
2450 o4=`expr $is '*' 9 + $js '*' 3 + $ks + 10`
2451 dip=`ip_to_hex 192 168 $id$jd $o4`
2452 test_ip $s $smac $dmac $sip $dip
2453
2454 # Expect the packet egress.
2455 host_mac=8000000000$o4
2456 outport=${id}11
2457 out_lrp=$id$jd
e4543cfe 2458 echo ${host_mac}00000000ff${out_lrp}08004500001c00000000"3f1101"00${sip}${dip}0035111100080000 >> $outport.expected
0bac7164 2459 done
269ecccc 2460 done
0bac7164 2461 done
269ecccc 2462 done
0bac7164
BP		 2463done
2464
0bac7164
BP		 2465ovn-sbctl -f csv -d bare --no-heading \
2466 -- --columns=logical_port,ip,mac list mac_binding > mac_bindings
2467
9975d7be
BP		 2468# Now check the packets actually received against the ones expected.
2469for i in 1 2 3; do
2470 for j in 1 2 3; do
86e98048 2471 for k in 1 2 3; do
abb37b6b
FF		 2472 OVN_CHECK_PACKETS([hv`vif_to_hv $i$j$k`/vif$i$j$k-tx.pcap],
2473 [$i$j$k.expected])
86e98048 2474 done
9975d7be
BP		 2475 done
2476done
fcde56f5 2477
0bac7164
BP		 2478# Check the MAC bindings against those expected.
2479AT_CHECK_UNQUOTED([sort < mac_bindings], [0], [`sort < mac_bindings.expected`
2480])
2481
fcde56f5 2482# Gracefully terminate daemons
7a8f15e0 2483OVN_CLEANUP([hv1], [hv2], [hv3])
eff49a56 2484
9975d7be 2485AT_CLEANUP
685f4dfe
NS		 2486
2487# 3 hypervisors, one logical switch, 3 logical ports per hypervisor
2488AT_SETUP([ovn -- portsecurity : 3 HVs, 1 LS, 3 lports/HV])
685f4dfe
NS		 2489AT_SKIP_IF([test $HAVE_PYTHON = no])
2490ovn_start
2491
2492# Create hypervisors hv[123].
2493# Add vif1[123] to hv1, vif2[123] to hv2, vif3[123] to hv3.
2494# Add all of the vifs to a single logical switch lsw0.
2495# Turn off port security on vifs vif[123]1
2496# Turn on l2 port security on vifs vif[123]2
2497# Turn of l2 and l3 port security on vifs vif[123]3
2498# Make vif13, vif2[23], vif3[123] destinations for unknown MACs.
ea46a4e9 2499ovn-nbctl ls-add lsw0
685f4dfe
NS		 2500net_add n1
2501for i in 1 2 3; do
2502 sim_add hv$i
2503 as hv$i
2504 ovs-vsctl add-br br-phys
2505 ovn_attach n1 br-phys 192.168.0.$i
2506
2507 for j in 1 2 3; do
2508 ovs-vsctl add-port br-int vif$i$j -- set Interface vif$i$j external-ids:iface-id=lp$i$j options:tx_pcap=hv$i/vif$i$j-tx.pcap options:rxq_pcap=hv$i/vif$i$j-rx.pcap ofport-request=$i$j
31ed1192 2509 ovn-nbctl lsp-add lsw0 lp$i$j
685f4dfe 2510 if test $j = 1; then
31ed1192 2511 ovn-nbctl lsp-set-addresses lp$i$j "f0:00:00:00:00:$i$j 192.168.0.$i$j" unknown
685f4dfe 2512 elif test $j = 2; then
31ed1192
JP		 2513 ovn-nbctl lsp-set-addresses lp$i$j "f0:00:00:00:00:$i$j 192.168.0.$i$j"
2514 ovn-nbctl lsp-set-port-security lp$i$j f0:00:00:00:00:$i$j
685f4dfe
NS		 2515 else
2516 extra_addr="f0:00:00:00:0$i:$i$j fe80::ea2a:eaff:fe28:$i$j"
31ed1192
JP		 2517 ovn-nbctl lsp-set-addresses lp$i$j "f0:00:00:00:00:$i$j 192.168.0.$i$j" "$extra_addr"
2518 ovn-nbctl lsp-set-port-security lp$i$j "f0:00:00:00:00:$i$j 192.168.0.$i$j" "$extra_addr"
685f4dfe
NS		 2519 fi
2520 done
2521done
2522
685f4dfe
NS		 2523# Pre-populate the hypervisors' ARP tables so that we don't lose any
2524# packets for ARP resolution (native tunneling doesn't queue packets
2525# for ARP resolution).
2526ovn_populate_arp
2527
2528# Allow some time for ovn-northd and ovn-controller to catch up.
2529# XXX This should be more systematic.
2530sleep 1
685f4dfe
NS		 2531
2532# Given the name of a logical port, prints the name of the hypervisor
2533# on which it is located.
2534vif_to_hv() {
2535 echo hv${1%?}
2536}
2537
685f4dfe
NS		 2538for i in 1 2 3; do
2539 for j in 1 2 3; do
2540 : > $i$j.expected
2541 done
2542done
2543
2544# test_ip INPORT SRC_MAC DST_MAC SRC_IP DST_IP OUTPORT...
2545#
2546# This shell function causes an ip packet to be received on INPORT.
2547# The packet's content has Ethernet destination DST and source SRC
2548# (each exactly 12 hex digits) and Ethernet type ETHTYPE (4 hex digits).
2549# The OUTPORTs (zero or more) list the VIFs on which the packet should
31ed1192
JP		 2550# be received. INPORT and the OUTPORTs are specified as logical switch
2551# port numbers, e.g. 11 for vif11.
685f4dfe
NS		 2552test_ip() {
2553 # This packet has bad checksums but logical L3 routing doesn't check.
2554 local inport=$1 src_mac=$2 dst_mac=$3 src_ip=$4 dst_ip=$5
efe179e0 2555 local packet=${dst_mac}${src_mac}08004500001c0000000040110000${src_ip}${dst_ip}0035111100080000
685f4dfe
NS		 2556 shift; shift; shift; shift; shift
2557 hv=`vif_to_hv $inport`
2558 as $hv ovs-appctl netdev-dummy/receive vif$inport $packet
2559 #as $hv ovs-appctl ofproto/trace br-int in_port=$inport $packet
2560 for outport; do
e4543cfe 2561 echo $packet >> $outport.expected
685f4dfe
NS		 2562 done
2563}
2564
2565# test_arp INPORT SHA SPA TPA DROP [REPLY_HA]
2566#
2567# Causes a packet to be received on INPORT. The packet is an ARP
2568# request with SHA, SPA, and TPA as specified. If REPLY_HA is provided, then
2569# it should be the hardware address of the target to expect to receive in an
2570# ARP reply; otherwise no reply is expected.
2571#
31ed1192 2572# INPORT is an logical switch port number, e.g. 11 for vif11.
685f4dfe
NS		 2573# SHA and REPLY_HA are each 12 hex digits.
2574# SPA and TPA are each 8 hex digits.
2575test_arp() {
2576 local inport=$1 smac=$2 sha=$3 spa=$4 tpa=$5 drop=$6 reply_ha=$7
2577 local request=ffffffffffff${smac}08060001080006040001${sha}${spa}ffffffffffff${tpa}
2578 hv=`vif_to_hv $inport`
2579 as $hv ovs-appctl netdev-dummy/receive vif$inport $request
2580 #as $hv ovs-appctl ofproto/trace br-int in_port=$inport $request
2581 if test $drop != 1; then
e137131a 2582 if test X$reply_ha = X; then
685f4dfe
NS		 2583 # Expect to receive the broadcast ARP on the other logical switch ports
2584 # if no reply is expected.
2585 local i j
2586 for i in 1 2 3; do
2587 for j in 1 2 3; do
2588 if test $i$j != $inport; then
2589 echo $request >> $i$j.expected
2590 fi
2591 done
2592 done
2593 else
2594 # Expect to receive the reply, if any.
2595 local reply=${smac}${reply_ha}08060001080006040002${reply_ha}${tpa}${sha}${spa}
2596 echo $reply >> $inport.expected
2597 fi
2598 fi
2599}
2600
2601# test_ipv6 INPORT SRC_MAC DST_MAC SRC_IP DST_IP OUTPORT...
2602# This function is similar to test_ip() except that it sends
2603# ipv6 packet
2604test_ipv6() {
2605 local inport=$1 src_mac=$2 dst_mac=$3 src_ip=$4 dst_ip=$5
2606 local packet=${dst_mac}${src_mac}86dd6000000000083aff${src_ip}${dst_ip}0000000000000000
2607 shift; shift; shift; shift; shift
2608 hv=`vif_to_hv $inport`
2609 as $hv ovs-appctl netdev-dummy/receive vif$inport $packet
2610 #as $hv ovs-appctl ofproto/trace br-int in_port=$inport $packet
2611 for outport; do
e4543cfe 2612 echo $packet >> $outport.expected
685f4dfe
NS		 2613 done
2614}
2615
9e687b23
DL		 2616# test_icmpv6 INPORT SRC_MAC DST_MAC SRC_IP DST_IP ICMP_TYPE OUTPORT...
2617# This function is similar to test_ipv6() except it specifies the ICMPv6 type
2618# of the test packet
2619test_icmpv6() {
2620 local inport=$1 src_mac=$2 dst_mac=$3 src_ip=$4 dst_ip=$5 icmp_type=$6
2621 local packet=${dst_mac}${src_mac}86dd6000000000083aff${src_ip}${dst_ip}${icmp_type}00000000000000
2622 shift; shift; shift; shift; shift; shift
2623 hv=`vif_to_hv $inport`
2624 as $hv ovs-appctl netdev-dummy/receive vif$inport $packet
2625 #as $hv ovs-appctl ofproto/trace br-int in_port=$inport $packet
2626 for outport; do
e4543cfe 2627 echo $packet >> $outport.expected
9e687b23
DL		 2628 done
2629}
2630
685f4dfe
NS		 2631ip_to_hex() {
2632 printf "%02x%02x%02x%02x" "$@"
2633}
2634
2635# no port security
2636sip=`ip_to_hex 192 168 0 12`
2637tip=`ip_to_hex 192 168 0 13`
2638# the arp packet should be allowed even if lp[123]1 is
2639# not configured with mac f00000000023 and ip 192.168.0.12
2640for i in 1 2 3; do
2641 test_arp ${i}1 f00000000023 f00000000023 $sip $tip 0 f00000000013
2642 for j in 1 2 3; do
2643 if test $i != $j; then
2644 test_ip ${i}1 f000000000${i}1 f000000000${j}1 $sip $tip ${j}1
2645 fi
2646 done
2647done
2648
2649# l2 port security
2650sip=`ip_to_hex 192 168 0 12`
2651tip=`ip_to_hex 192 168 0 13`
2652
2653# arp packet should be allowed since lp22 is configured with
2654# mac f00000000022
2655test_arp 22 f00000000022 f00000000022 $sip $tip 0 f00000000013
2656
2657# arp packet should not be allowed since lp32 is not configured with
2658# mac f00000000021
2659test_arp 32 f00000000021 f00000000021 $sip $tip 1
2660
2661# arp packet with sha set to f00000000021 should not be allowed
2662# for lp12
2663test_arp 12 f00000000012 f00000000021 $sip $tip 1
2664
2665# ip packets should be allowed and received since lp[123]2 do not
2666# have l3 port security
2667sip=`ip_to_hex 192 168 0 55`
2668tip=`ip_to_hex 192 168 0 66`
2669for i in 1 2 3; do
2670 for j in 1 2 3; do
2671 if test $i != $j; then
2672 test_ip ${i}2 f000000000${i}2 f000000000${j}2 $sip $tip ${j}2
2673 fi
2674 done
2675done
2676
2677# ipv6 packets should be received by lp[123]2
2678# lp[123]1 can send ipv6 traffic as there is no port security
2679sip=fe800000000000000000000000000000
2680tip=ff020000000000000000000000000000
2681
2682for i in 1 2 3; do
2683 test_ipv6 ${i}1 f000000000${i}1 f000000000${i}2 $sip $tip ${i}2
2684done
2685
2686
2687# l2 and l3 port security
2688sip=`ip_to_hex 192 168 0 13`
2689tip=`ip_to_hex 192 168 0 22`
2690# arp packet should be allowed since lp13 is configured with
2691# f00000000013 and 192.168.0.13
2692test_arp 13 f00000000013 f00000000013 $sip $tip 0 f00000000022
2693
2694# the arp packet should be dropped because lp23 is not configured
2695# with mac f00000000022
2696sip=`ip_to_hex 192 168 0 13`
2697tip=`ip_to_hex 192 168 0 22`
2698test_arp 23 f00000000022 f00000000022 $sip $tip 1
2699
2700# the arp packet should be dropped because lp33 is not configured
2701# with ip 192.168.0.55
2702spa=`ip_to_hex 192 168 0 55`
2703tpa=`ip_to_hex 192 168 0 22`
2704test_arp 33 f00000000031 f00000000031 $spa $tpa 1
2705
2706# ip packets should not be received by lp[123]3 since
2707# l3 port security is enabled
2708sip=`ip_to_hex 192 168 0 55`
2709tip=`ip_to_hex 192 168 0 66`
2710for i in 1 2 3; do
2711 for j in 1 2 3; do
2712 test_ip ${i}2 f000000000${i}2 f000000000${j}3 $sip $tip
2713 done
2714done
2715
2716# ipv6 packets should be dropped for lp[123]3 since
2717# it is configured with only ipv4 address
2718sip=fe800000000000000000000000000000
2719tip=ff020000000000000000000000000000
2720
2721for i in 1 2 3; do
2722 test_ipv6 ${i}3 f000000000${i}3 f00000000022 $sip $tip
2723done
2724
2725# ipv6 packets should not be received by lp[123]3 with mac f000000000$[123]3
2726# lp[123]1 can send ipv6 traffic as there is no port security
2727for i in 1 2 3; do
2728 test_ipv6 ${i}1 f000000000${i}1 f000000000${i}3 $sip $tip
2729done
2730
2731# lp13 has extra port security with mac f0000000113 and ipv6 addr
2732# fe80::ea2a:eaff:fe28:0012
2733
2734# ipv4 packet should be dropped for lp13 with mac f0000000113
2735sip=`ip_to_hex 192 168 0 13`
2736tip=`ip_to_hex 192 168 0 23`
2737test_ip 13 f00000000113 f00000000023 $sip $tip
2738
6d53e8a9
BP		 2739# ipv6 packet should be received by lp[123]3 with mac f00000000${i}${i}3
2740# and ip6.dst as fe80::ea2a:eaff:fe28:0${i}${i}3.
685f4dfe
NS		 2741# lp11 can send ipv6 traffic as there is no port security
2742sip=ee800000000000000000000000000000
2743for i in 1 2 3; do
6d53e8a9
BP		 2744 tip=fe80000000000000ea2aeafffe2800${i}3
2745 test_ipv6 11 f00000000011 f00000000${i}${i}3 $sip $tip ${i}3
685f4dfe
NS		 2746done
2747
2748
2749# ipv6 packet should not be received by lp33 with mac f0000000333
2750# and ip6.dst as fe80::ea2a:eaff:fe28:0023 as it is
2751# configured with fe80::ea2a:eaff:fe28:0033
2752# lp11 can send ipv6 traffic as there is no port security
2753
2754sip=ee800000000000000000000000000000
2755tip=fe80000000000000ea2aeafffe280023
2756test_ipv6 11 f00000000011 f00000000333 $sip $tip
2757
6d53e8a9
BP		 2758# ipv6 packet should be allowed for lp[123]3 with mac f0000000${i}${i}3
2759# and ip6.src fe80::ea2a:eaff:fe28:0${i}${i}3 and ip6.src ::.
685f4dfe
NS		 2760# and should be dropped for any other ip6.src
2761# lp21 can receive ipv6 traffic as there is no port security
2762
2763tip=ee800000000000000000000000000000
2764for i in 1 2 3; do
2765 sip=fe80000000000000ea2aeafffe2800${i}3
2766 test_ipv6 ${i}3 f00000000${i}${i}3 f00000000021 $sip $tip 21
2767
9e687b23 2768 # Test ICMPv6 MLD reports (v1 and v2) and NS for DAD
685f4dfe 2769 sip=00000000000000000000000000000000
9e687b23
DL		 2770 test_icmpv6 ${i}3 f00000000${i}${i}3 f00000000021 $sip ff020000000000000000000000160000 83 21
2771 test_icmpv6 ${i}3 f00000000${i}${i}3 f00000000021 $sip ff020000000000000000000000160000 8f 21
2772 test_icmpv6 ${i}3 f00000000${i}${i}3 f00000000021 $sip ff0200000000000000ea2aeafffe2800 87 21
2773 # Traffic to non-multicast traffic should be dropped
2774 test_icmpv6 ${i}3 f00000000${i}${i}3 f00000000021 $sip $tip 83
2775 # Traffic of other ICMPv6 types should be dropped
2776 test_icmpv6 ${i}3 f00000000${i}${i}3 f00000000021 $sip ff020000000000000000000000160000 80
685f4dfe
NS		 2777
2778 # should be dropped
2779 sip=ae80000000000000ea2aeafffe2800aa
2780 test_ipv6 ${i}3 f00000000${i}${i}3 f00000000021 $sip $tip
2781done
2782
31ed1192
JP		 2783# configure lsp13 to send and received IPv4 packets with an address range
2784ovn-nbctl lsp-set-port-security lp13 "f0:00:00:00:00:13 192.168.0.13 20.0.0.4/24 10.0.0.0/24"
7d9d86ad 2785
8ff5a966
NS		 2786sleep 2
2787
7d9d86ad
NS		 2788sip=`ip_to_hex 10 0 0 13`
2789tip=`ip_to_hex 192 168 0 22`
31ed1192 2790# arp packet with inner ip 10.0.0.13 should be allowed for lsp13
7d9d86ad
NS		 2791test_arp 13 f00000000013 f00000000013 $sip $tip 0 f00000000022
2792
2793sip=`ip_to_hex 10 0 0 14`
2794tip=`ip_to_hex 192 168 0 23`
31ed1192 2795# IPv4 packet from lsp13 with src ip 10.0.0.14 destined to lsp23
7d9d86ad
NS		 2796# with dst ip 192.168.0.23 should be allowed
2797test_ip 13 f00000000013 f00000000023 $sip $tip 23
2798
2799sip=`ip_to_hex 192 168 0 33`
2800tip=`ip_to_hex 10 0 0 15`
31ed1192
JP		 2801# IPv4 packet from lsp33 with src ip 192.168.0.33 destined to lsp13
2802# with dst ip 10.0.0.15 should be received by lsp13
7d9d86ad
NS		 2803test_ip 33 f00000000033 f00000000013 $sip $tip 13
2804
2805sip=`ip_to_hex 192 168 0 33`
2806tip=`ip_to_hex 20 0 0 4`
31ed1192
JP		 2807# IPv4 packet from lsp33 with src ip 192.168.0.33 destined to lsp13
2808# with dst ip 20.0.0.4 should be received by lsp13
7d9d86ad
NS		 2809test_ip 33 f00000000033 f00000000013 $sip $tip 13
2810
2811sip=`ip_to_hex 192 168 0 33`
2812tip=`ip_to_hex 20 0 0 5`
31ed1192
JP		 2813# IPv4 packet from lsp33 with src ip 192.168.0.33 destined to lsp13
2814# with dst ip 20.0.0.5 should not be received by lsp13
7d9d86ad
NS		 2815test_ip 33 f00000000033 f00000000013 $sip $tip
2816
2817sip=`ip_to_hex 192 168 0 33`
2818tip=`ip_to_hex 20 0 0 255`
31ed1192
JP		 2819# IPv4 packet from lsp33 with src ip 192.168.0.33 destined to lsp13
2820# with dst ip 20.0.0.255 should be received by lsp13
7d9d86ad
NS		 2821test_ip 33 f00000000033 f00000000013 $sip $tip 13
2822
2823sip=`ip_to_hex 192 168 0 33`
2824tip=`ip_to_hex 192 168 0 255`
31ed1192
JP		 2825# IPv4 packet from lsp33 with src ip 192.168.0.33 destined to lsp13
2826# with dst ip 192.168.0.255 should not be received by lsp13
7d9d86ad
NS		 2827test_ip 33 f00000000033 f00000000013 $sip $tip
2828
2829sip=`ip_to_hex 192 168 0 33`
2830tip=`ip_to_hex 224 0 0 4`
31ed1192
JP		 2831# IPv4 packet from lsp33 with src ip 192.168.0.33 destined to lsp13
2832# with dst ip 224.0.0.4 should be received by lsp13
7d9d86ad 2833test_ip 33 f00000000033 f00000000013 $sip $tip 13
685f4dfe 2834
bb0c41d3
RM		 2835#dump information including flow counters
2836ovn-nbctl show
2837ovn-sbctl dump-flows -- list multicast_group
2838
2839echo "------ hv1 dump ------"
2840as hv1 ovs-vsctl show
6195e2e7 2841as hv1 ovs-ofctl -O OpenFlow13 show br-int
bb0c41d3
RM		 2842as hv1 ovs-ofctl -O OpenFlow13 dump-flows br-int
2843
2844echo "------ hv2 dump ------"
2845as hv2 ovs-vsctl show
6195e2e7 2846as hv2 ovs-ofctl -O OpenFlow13 show br-int
bb0c41d3
RM		 2847as hv2 ovs-ofctl -O OpenFlow13 dump-flows br-int
2848
2849echo "------ hv3 dump ------"
2850as hv3 ovs-vsctl show
6195e2e7 2851as hv3 ovs-ofctl -O OpenFlow13 show br-int
bb0c41d3
RM		 2852as hv3 ovs-ofctl -O OpenFlow13 dump-flows br-int
2853
685f4dfe
NS		 2854# Now check the packets actually received against the ones expected.
2855for i in 1 2 3; do
2856 for j in 1 2 3; do
49d7c759 2857 OVN_CHECK_PACKETS([hv$i/vif$i$j-tx.pcap], [$i$j.expected])
685f4dfe
NS		 2858 done
2859done
2860
7a8f15e0 2861OVN_CLEANUP([hv1],[hv2],[hv3])
d9c8c57c 2862
685f4dfe 2863AT_CLEANUP
509afdc3
GS		 2864
2865AT_SETUP([ovn -- 2 HVs, 2 LS, 1 lport/LS, 2 peer LRs])
509afdc3
GS		 2866AT_SKIP_IF([test $HAVE_PYTHON = no])
2867ovn_start
2868
2869# Logical network:
2870# Two LRs - R1 and R2 that are connected to each other as peers in 20.0.0.0/24
2871# network. R1 has a switchs ls1 (191.168.1.0/24) connected to it.
2872# R2 has ls2 (172.16.1.0/24) connected to it.
2873
3c1ae70a
JP		 2874ls1_lp1_mac="f0:00:00:01:02:03"
2875rp_ls1_mac="00:00:00:01:02:03"
2876rp_ls2_mac="00:00:00:01:02:04"
2877ls2_lp1_mac="f0:00:00:01:02:04"
2878
2879ls1_lp1_ip="192.168.1.2"
2880ls2_lp1_ip="172.16.1.2"
2881
fa2a27b2
JP		 2882ovn-nbctl lr-add R1
2883ovn-nbctl lr-add R2
509afdc3 2884
ea46a4e9
JP		 2885ovn-nbctl ls-add ls1
2886ovn-nbctl ls-add ls2
509afdc3
GS		 2887
2888# Connect ls1 to R1
3c1ae70a 2889ovn-nbctl lrp-add R1 ls1 $rp_ls1_mac 192.168.1.1/24
509afdc3 2890
31ed1192 2891ovn-nbctl lsp-add ls1 rp-ls1 -- set Logical_Switch_Port rp-ls1 type=router \
3c1ae70a 2892 options:router-port=ls1 addresses=\"$rp_ls1_mac\"
509afdc3
GS		 2893
2894# Connect ls2 to R2
3c1ae70a 2895ovn-nbctl lrp-add R2 ls2 $rp_ls2_mac 172.16.1.1/24
509afdc3 2896
31ed1192 2897ovn-nbctl lsp-add ls2 rp-ls2 -- set Logical_Switch_Port rp-ls2 type=router \
3c1ae70a 2898 options:router-port=ls2 addresses=\"$rp_ls2_mac\"
509afdc3
GS		 2899
2900# Connect R1 to R2
4685e523
JP		 2901ovn-nbctl lrp-add R1 R1_R2 00:00:00:02:03:04 20.0.0.1/24 peer=R2_R1
2902ovn-nbctl lrp-add R2 R2_R1 00:00:00:02:03:05 20.0.0.2/24 peer=R1_R2
509afdc3 2903
6d9ecfa9
JP		 2904ovn-nbctl lr-route-add R1 "0.0.0.0/0" 20.0.0.2
2905ovn-nbctl lr-route-add R2 "0.0.0.0/0" 20.0.0.1
509afdc3
GS		 2906
2907# Create logical port ls1-lp1 in ls1
31ed1192 2908ovn-nbctl lsp-add ls1 ls1-lp1 \
3c1ae70a 2909-- lsp-set-addresses ls1-lp1 "$ls1_lp1_mac $ls1_lp1_ip"
509afdc3
GS		 2910
2911# Create logical port ls2-lp1 in ls2
31ed1192 2912ovn-nbctl lsp-add ls2 ls2-lp1 \
3c1ae70a 2913-- lsp-set-addresses ls2-lp1 "$ls2_lp1_mac $ls2_lp1_ip"
509afdc3
GS		 2914
2915# Create two hypervisor and create OVS ports corresponding to logical ports.
2916net_add n1
2917
2918sim_add hv1
2919as hv1
2920ovs-vsctl add-br br-phys
2921ovn_attach n1 br-phys 192.168.0.1
2922ovs-vsctl -- add-port br-int hv1-vif1 -- \
2923 set interface hv1-vif1 external-ids:iface-id=ls1-lp1 \
2924 options:tx_pcap=hv1/vif1-tx.pcap \
2925 options:rxq_pcap=hv1/vif1-rx.pcap \
2926 ofport-request=1
2927
2928sim_add hv2
2929as hv2
2930ovs-vsctl add-br br-phys
2931ovn_attach n1 br-phys 192.168.0.2
2932ovs-vsctl -- add-port br-int hv2-vif1 -- \
2933 set interface hv2-vif1 external-ids:iface-id=ls2-lp1 \
2934 options:tx_pcap=hv2/vif1-tx.pcap \
2935 options:rxq_pcap=hv2/vif1-rx.pcap \
2936 ofport-request=1
2937
2938
2939# Pre-populate the hypervisors' ARP tables so that we don't lose any
2940# packets for ARP resolution (native tunneling doesn't queue packets
2941# for ARP resolution).
2942ovn_populate_arp
2943
2944# Allow some time for ovn-northd and ovn-controller to catch up.
2945# XXX This should be more systematic.
2946sleep 1
2947
509afdc3 2948# Packet to send.
3c1ae70a
JP		 2949packet="inport==\"ls1-lp1\" && eth.src==$ls1_lp1_mac && eth.dst==$rp_ls1_mac &&
2950 ip4 && ip.ttl==64 && ip4.src==$ls1_lp1_ip && ip4.dst==$ls2_lp1_ip &&
2951 udp && udp.src==53 && udp.dst==4369"
2952as hv1 ovs-appctl -t ovn-controller inject-pkt "$packet"
509afdc3
GS		 2953
2954
2955echo "---------NB dump-----"
2956ovn-nbctl show
2957echo "---------------------"
2958ovn-nbctl list logical_router
2959echo "---------------------"
2960ovn-nbctl list logical_router_port
2961echo "---------------------"
2962
2963echo "---------SB dump-----"
2964ovn-sbctl list datapath_binding
2965echo "---------------------"
2966ovn-sbctl list port_binding
2967echo "---------------------"
2968
2969echo "------ hv1 dump ----------"
8dab1022 2970as hv1 ovs-ofctl show br-int
509afdc3
GS		 2971as hv1 ovs-ofctl dump-flows br-int
2972echo "------ hv2 dump ----------"
8dab1022 2973as hv2 ovs-ofctl show br-int
509afdc3
GS		 2974as hv2 ovs-ofctl dump-flows br-int
2975
2976# Packet to Expect
3c1ae70a
JP		 2977# The TTL should be decremented by 2.
2978packet="eth.src==$rp_ls2_mac && eth.dst==$ls2_lp1_mac &&
2979 ip4 && ip.ttl==62 && ip4.src==$ls1_lp1_ip && ip4.dst==$ls2_lp1_ip &&
2980 udp && udp.src==53 && udp.dst==4369"
2981echo $packet | ovstest test-ovn expr-to-packets > expected
509afdc3 2982
49d7c759 2983OVN_CHECK_PACKETS([hv2/vif1-tx.pcap], [expected])
509afdc3 2984
7a8f15e0 2985OVN_CLEANUP([hv1],[hv2])
509afdc3
GS		 2986
2987AT_CLEANUP
5412db30
J		 2988
2989
4685e523
JP		 2990AT_SETUP([ovn -- 1 HV, 1 LS, 2 lport/LS, 1 LR])
2991AT_KEYWORDS([router-admin-state])
2992AT_SKIP_IF([test $HAVE_PYTHON = no])
2993ovn_start
2994
2995# Logical network:
2996# One LR - R1 has switch ls1 with two subnets attached to it (191.168.1.0/24
2997# and 172.16.1.0/24) connected to it.
2998
2999ovn-nbctl lr-add R1
3000
3001ovn-nbctl ls-add ls1
3002
3003# Connect ls1 to R1
bf44c2cd 3004ovn-nbctl lrp-add R1 ls1 00:00:00:01:02:03 192.168.1.1/24 172.16.1.1/24
4685e523
JP		 3005ovn-nbctl lsp-add ls1 rp-ls1 -- set Logical_Switch_Port rp-ls1 type=router \
3006 options:router-port=ls1 addresses=\"00:00:00:01:02:03\"
3007
3008# Create logical port ls1-lp1 in ls1
3009ovn-nbctl lsp-add ls1 ls1-lp1 \
3010 -- lsp-set-addresses ls1-lp1 "f0:00:00:01:02:03 192.168.1.2"
3011
3012# Create logical port ls1-lp2 in ls1
3013ovn-nbctl lsp-add ls1 ls1-lp2 \
3014 -- lsp-set-addresses ls1-lp2 "f0:00:00:01:02:04 172.16.1.2"
3015
3016# Create one hypervisor and create OVS ports corresponding to logical ports.
3017net_add n1
3018
3019sim_add hv1
3020as hv1
3021ovs-vsctl add-br br-phys
3022ovn_attach n1 br-phys 192.168.0.1
3023ovs-vsctl -- add-port br-int vif1 -- \
3024 set interface vif1 external-ids:iface-id=ls1-lp1 \
3025 options:tx_pcap=hv1/vif1-tx.pcap \
3026 options:rxq_pcap=hv1/vif1-rx.pcap \
3027 ofport-request=1
3028
3029ovs-vsctl -- add-port br-int vif2 -- \
3030 set interface vif2 external-ids:iface-id=ls1-lp2 \
3031 options:tx_pcap=hv1/vif2-tx.pcap \
3032 options:rxq_pcap=hv1/vif2-rx.pcap \
3033 ofport-request=1
3034
3035
3036# Allow some time for ovn-northd and ovn-controller to catch up.
3037# XXX This should be more systematic.
3038sleep 1
3039
3040# Send ip packets between the two ports.
3041ip_to_hex() {
3042 printf "%02x%02x%02x%02x" "$@"
3043}
4685e523
JP		 3044
3045# Packet to send.
3046src_mac="f00000010203"
3047dst_mac="000000010203"
3048src_ip=`ip_to_hex 192 168 1 2`
3049dst_ip=`ip_to_hex 172 16 1 2`
3050packet=${dst_mac}${src_mac}08004500001c0000000040110000${src_ip}${dst_ip}0035111100080000
3051as hv1 ovs-appctl netdev-dummy/receive vif1 $packet
3052
3053
3054echo "---------NB dump-----"
3055ovn-nbctl show
3056echo "---------------------"
3057ovn-nbctl list logical_router
3058echo "---------------------"
3059ovn-nbctl list logical_router_port
3060echo "---------------------"
3061
3062echo "---------SB dump-----"
3063ovn-sbctl list datapath_binding
3064echo "---------------------"
3065ovn-sbctl list logical_flow
3066echo "---------------------"
3067
3068echo "------ hv1 dump ----------"
3069as hv1 ovs-ofctl dump-flows br-int
3070
3071
3072#Disable router R1
3073ovn-nbctl set Logical_Router R1 enabled=false
3074
3b8cd0ea
BP		 3075# Allow some time for ovn-northd and ovn-controller to catch up.
3076# XXX This should be more systematic.
3077sleep 1
3078
4685e523
JP		 3079echo "---------SB dump-----"
3080ovn-sbctl list datapath_binding
3081echo "---------------------"
3082ovn-sbctl list logical_flow
3083echo "---------------------"
3084
3085echo "------ hv1 dump ----------"
3086as hv1 ovs-ofctl dump-flows br-int
3087
3088as hv1 ovs-appctl netdev-dummy/receive vif1 $packet
3089
3090# Packet to Expect
3091expect_src_mac="000000010203"
3092expect_dst_mac="f00000010204"
49d7c759 3093echo "${expect_dst_mac}${expect_src_mac}08004500001c000000003f110100${src_ip}${dst_ip}0035111100080000" > expected
4685e523 3094
49d7c759 3095OVN_CHECK_PACKETS([hv1/vif2-tx.pcap], [expected])
4685e523
JP		 3096
3097
3098as hv1
3099OVS_APP_EXIT_AND_WAIT([ovn-controller])
3100OVS_APP_EXIT_AND_WAIT([ovs-vswitchd])
3101OVS_APP_EXIT_AND_WAIT([ovsdb-server])
3102
3103as ovn-sb
3104OVS_APP_EXIT_AND_WAIT([ovsdb-server])
3105
3106as ovn-nb
3107OVS_APP_EXIT_AND_WAIT([ovsdb-server])
3108
3109as northd
3110OVS_APP_EXIT_AND_WAIT([ovn-northd])
3111
3112as main
3113OVS_APP_EXIT_AND_WAIT([ovs-vswitchd])
3114OVS_APP_EXIT_AND_WAIT([ovsdb-server])
3115
3116AT_CLEANUP
3117
3118
3119AT_SETUP([ovn -- 1 HV, 2 LSs, 1 lport/LS, 1 LR])
5412db30
J		 3120AT_KEYWORDS([router-admin-state])
3121AT_SKIP_IF([test $HAVE_PYTHON = no])
3122ovn_start
3123
3124# Logical network:
3125# One LR - R1 has switch ls1 (191.168.1.0/24) connected to it,
3126# and has switch ls2 (172.16.1.0/24) connected to it.
3127
fa2a27b2 3128ovn-nbctl lr-add R1
5412db30 3129
ea46a4e9
JP		 3130ovn-nbctl ls-add ls1
3131ovn-nbctl ls-add ls2
5412db30
J		 3132
3133# Connect ls1 to R1
bf44c2cd 3134ovn-nbctl lrp-add R1 ls1 00:00:00:01:02:03 192.168.1.1/24
31ed1192 3135ovn-nbctl lsp-add ls1 rp-ls1 -- set Logical_Switch_Port rp-ls1 type=router \
31114af7 3136 options:router-port=ls1 addresses=\"00:00:00:01:02:03\"
5412db30
J		 3137
3138# Connect ls2 to R1
bf44c2cd 3139ovn-nbctl lrp-add R1 ls2 00:00:00:01:02:04 172.16.1.1/24
31ed1192 3140ovn-nbctl lsp-add ls2 rp-ls2 -- set Logical_Switch_Port rp-ls2 type=router \
31114af7 3141 options:router-port=ls2 addresses=\"00:00:00:01:02:04\"
5412db30
J		 3142
3143# Create logical port ls1-lp1 in ls1
31ed1192
JP		 3144ovn-nbctl lsp-add ls1 ls1-lp1 \
3145-- lsp-set-addresses ls1-lp1 "f0:00:00:01:02:03 192.168.1.2"
5412db30
J		 3146
3147# Create logical port ls2-lp1 in ls2
31ed1192
JP		 3148ovn-nbctl lsp-add ls2 ls2-lp1 \
3149-- lsp-set-addresses ls2-lp1 "f0:00:00:01:02:04 172.16.1.2"
5412db30
J		 3150
3151# Create one hypervisor and create OVS ports corresponding to logical ports.
3152net_add n1
3153
3154sim_add hv1
3155as hv1
3156ovs-vsctl add-br br-phys
3157ovn_attach n1 br-phys 192.168.0.1
3158ovs-vsctl -- add-port br-int vif1 -- \
3159 set interface vif1 external-ids:iface-id=ls1-lp1 \
3160 options:tx_pcap=hv1/vif1-tx.pcap \
3161 options:rxq_pcap=hv1/vif1-rx.pcap \
3162 ofport-request=1
3163
3164ovs-vsctl -- add-port br-int vif2 -- \
3165 set interface vif2 external-ids:iface-id=ls2-lp1 \
3166 options:tx_pcap=hv1/vif2-tx.pcap \
3167 options:rxq_pcap=hv1/vif2-rx.pcap \
3168 ofport-request=1
3169
3170
3171# Allow some time for ovn-northd and ovn-controller to catch up.
3172# XXX This should be more systematic.
3173sleep 1
3174
3175# Send ip packets between the two ports.
3176ip_to_hex() {
3177 printf "%02x%02x%02x%02x" "$@"
3178}
5412db30
J		 3179
3180# Packet to send.
3181src_mac="f00000010203"
3182dst_mac="000000010203"
3183src_ip=`ip_to_hex 192 168 1 2`
3184dst_ip=`ip_to_hex 172 16 1 2`
3185packet=${dst_mac}${src_mac}08004500001c0000000040110000${src_ip}${dst_ip}0035111100080000
3186as hv1 ovs-appctl netdev-dummy/receive vif1 $packet
3187
3188
3189echo "---------NB dump-----"
3190ovn-nbctl show
3191echo "---------------------"
3192ovn-nbctl list logical_router
3193echo "---------------------"
3194ovn-nbctl list logical_router_port
3195echo "---------------------"
3196
3197echo "---------SB dump-----"
3198ovn-sbctl list datapath_binding
3199echo "---------------------"
3200ovn-sbctl list logical_flow
3201echo "---------------------"
3202
3203echo "------ hv1 dump ----------"
3204as hv1 ovs-ofctl dump-flows br-int
3205
5412db30
J		 3206#Disable router R1
3207ovn-nbctl set Logical_Router R1 enabled=false
3208
3209echo "---------SB dump-----"
3210ovn-sbctl list datapath_binding
3211echo "---------------------"
3212ovn-sbctl list logical_flow
3213echo "---------------------"
3214
3215echo "------ hv1 dump ----------"
3216as hv1 ovs-ofctl dump-flows br-int
3217
a1361a6e
LR		 3218# Allow some time for the disabling of logical router R1 to propagate.
3219# XXX This should be more systematic.
3220sleep 1
3221
5412db30
J		 3222as hv1 ovs-appctl netdev-dummy/receive vif1 $packet
3223
3224# Packet to Expect
3225expect_src_mac="000000010204"
3226expect_dst_mac="f00000010204"
49d7c759 3227echo "${expect_dst_mac}${expect_src_mac}08004500001c000000003f110100${src_ip}${dst_ip}0035111100080000" > expected
5412db30 3228
49d7c759 3229OVN_CHECK_PACKETS([hv1/vif2-tx.pcap], [expected])
5412db30 3230
7a8f15e0 3231OVN_CLEANUP([hv1])
5412db30
J		 3232
3233AT_CLEANUP
3234
28dc3fe9 3235AT_SETUP([ovn -- 2 HVs, 3 LS, 1 lport/LS, 2 peer LRs, static routes])
28dc3fe9
SR		 3236AT_SKIP_IF([test $HAVE_PYTHON = no])
3237ovn_start
3238
3239# Logical network:
3240# Two LRs - R1 and R2 that are connected to each other as peers in 20.0.0.0/24
3241# network. R1 has switchess foo (192.168.1.0/24)
3242# connected to it.
3243# R2 has alice (172.16.1.0/24) and bob (172.16.2.0/24) connected to it.
3244
fa2a27b2
JP		 3245ovn-nbctl lr-add R1
3246ovn-nbctl lr-add R2
28dc3fe9 3247
ea46a4e9
JP		 3248ovn-nbctl ls-add foo
3249ovn-nbctl ls-add alice
3250ovn-nbctl ls-add bob
28dc3fe9
SR		 3251
3252# Connect foo to R1
bf44c2cd 3253ovn-nbctl lrp-add R1 foo 00:00:00:01:02:03 192.168.1.1/24
31ed1192 3254ovn-nbctl lsp-add foo rp-foo -- set Logical_Switch_Port rp-foo type=router \
31114af7 3255 options:router-port=foo addresses=\"00:00:00:01:02:03\"
28dc3fe9
SR		 3256
3257# Connect alice to R2
bf44c2cd 3258ovn-nbctl lrp-add R2 alice 00:00:00:01:02:04 172.16.1.1/24
31ed1192 3259ovn-nbctl lsp-add alice rp-alice -- set Logical_Switch_Port rp-alice \
80f408f4 3260 type=router options:router-port=alice addresses=\"00:00:00:01:02:04\"
28dc3fe9
SR		 3261
3262# Connect bob to R2
bf44c2cd 3263ovn-nbctl lrp-add R2 bob 00:00:00:01:02:05 172.16.2.1/24
31ed1192 3264ovn-nbctl lsp-add bob rp-bob -- set Logical_Switch_Port rp-bob type=router \
31114af7 3265 options:router-port=bob addresses=\"00:00:00:01:02:05\"
28dc3fe9
SR		 3266
3267# Connect R1 to R2
4685e523
JP		 3268ovn-nbctl lrp-add R1 R1_R2 00:00:00:02:03:04 20.0.0.1/24 peer=R2_R1
3269ovn-nbctl lrp-add R2 R2_R1 00:00:00:02:03:05 20.0.0.2/24 peer=R1_R2
28dc3fe9
SR		 3270
3271#install static routes
e48ccf3c
JP		 3272ovn-nbctl lr-route-add R1 172.16.1.0/24 20.0.0.2
3273ovn-nbctl lr-route-add R2 172.16.2.0/24 20.0.0.2 R1_R2
3274ovn-nbctl lr-route-add R2 192.168.1.0/24 20.0.0.1
28dc3fe9
SR		 3275
3276# Create logical port foo1 in foo
31ed1192
JP		 3277ovn-nbctl lsp-add foo foo1 \
3278-- lsp-set-addresses foo1 "f0:00:00:01:02:03 192.168.1.2"
28dc3fe9
SR		 3279
3280# Create logical port alice1 in alice
31ed1192
JP		 3281ovn-nbctl lsp-add alice alice1 \
3282-- lsp-set-addresses alice1 "f0:00:00:01:02:04 172.16.1.2"
28dc3fe9
SR		 3283
3284# Create logical port bob1 in bob
31ed1192
JP		 3285ovn-nbctl lsp-add bob bob1 \
3286-- lsp-set-addresses bob1 "f0:00:00:01:02:05 172.16.2.2"
28dc3fe9
SR		 3287
3288# Create two hypervisor and create OVS ports corresponding to logical ports.
3289net_add n1
3290
3291sim_add hv1
3292as hv1
3293ovs-vsctl add-br br-phys
3294ovn_attach n1 br-phys 192.168.0.1
3295ovs-vsctl -- add-port br-int hv1-vif1 -- \
3296 set interface hv1-vif1 external-ids:iface-id=foo1 \
3297 options:tx_pcap=hv1/vif1-tx.pcap \
3298 options:rxq_pcap=hv1/vif1-rx.pcap \
3299 ofport-request=1
3300
3301ovs-vsctl -- add-port br-int hv1-vif2 -- \
3302 set interface hv1-vif2 external-ids:iface-id=alice1 \
3303 options:tx_pcap=hv1/vif2-tx.pcap \
3304 options:rxq_pcap=hv1/vif2-rx.pcap \
3305 ofport-request=2
3306
3307sim_add hv2
3308as hv2
3309ovs-vsctl add-br br-phys
3310ovn_attach n1 br-phys 192.168.0.2
3311ovs-vsctl -- add-port br-int hv2-vif1 -- \
3312 set interface hv2-vif1 external-ids:iface-id=bob1 \
3313 options:tx_pcap=hv2/vif1-tx.pcap \
3314 options:rxq_pcap=hv2/vif1-rx.pcap \
3315 ofport-request=1
3316
3317
3318# Pre-populate the hypervisors' ARP tables so that we don't lose any
3319# packets for ARP resolution (native tunneling doesn't queue packets
3320# for ARP resolution).
3321ovn_populate_arp
3322
3323# Allow some time for ovn-northd and ovn-controller to catch up.
3324# XXX This should be more systematic.
3325sleep 1
3326
3327ip_to_hex() {
3328 printf "%02x%02x%02x%02x" "$@"
3329}
28dc3fe9
SR		 3330
3331# Send ip packets between foo1 and alice1
3332src_mac="f00000010203"
3333dst_mac="000000010203"
3334src_ip=`ip_to_hex 192 168 1 2`
3335dst_ip=`ip_to_hex 172 16 1 2`
3336packet=${dst_mac}${src_mac}08004500001c0000000040110000${src_ip}${dst_ip}0035111100080000
3337as hv1 ovs-appctl netdev-dummy/receive hv1-vif1 $packet
3338
3339# Send ip packets between foo1 and bob1
3340src_mac="f00000010203"
3341dst_mac="000000010203"
3342src_ip=`ip_to_hex 192 168 1 2`
3343dst_ip=`ip_to_hex 172 16 2 2`
3344packet=${dst_mac}${src_mac}08004500001c0000000040110000${src_ip}${dst_ip}0035111100080000
3345as hv1 ovs-appctl netdev-dummy/receive hv1-vif1 $packet
3346
3347echo "---------NB dump-----"
3348ovn-nbctl show
3349echo "---------------------"
3350ovn-nbctl list logical_router
3351echo "---------------------"
3352ovn-nbctl list logical_router_port
3353echo "---------------------"
3354
3355echo "---------SB dump-----"
3356ovn-sbctl list datapath_binding
3357echo "---------------------"
3358ovn-sbctl list port_binding
3359echo "---------------------"
3360
3361echo "------ hv1 dump ----------"
3362as hv1 ovs-ofctl dump-flows br-int
3363echo "------ hv2 dump ----------"
3364as hv2 ovs-ofctl dump-flows br-int
3365
3366# Packet to Expect at bob1
3367src_mac="000000010205"
3368dst_mac="f00000010205"
3369src_ip=`ip_to_hex 192 168 1 2`
3370dst_ip=`ip_to_hex 172 16 2 2`
49d7c759 3371echo "${dst_mac}${src_mac}08004500001c000000003e110200${src_ip}${dst_ip}0035111100080000" > expected
28dc3fe9 3372
49d7c759 3373OVN_CHECK_PACKETS([hv2/vif1-tx.pcap], [expected])
28dc3fe9
SR		 3374
3375# Packet to Expect at alice1
3376src_mac="000000010204"
3377dst_mac="f00000010204"
3378src_ip=`ip_to_hex 192 168 1 2`
3379dst_ip=`ip_to_hex 172 16 1 2`
49d7c759 3380echo "${dst_mac}${src_mac}08004500001c000000003e110200${src_ip}${dst_ip}0035111100080000" > expected
28dc3fe9 3381
49d7c759 3382OVN_CHECK_PACKETS([hv1/vif2-tx.pcap], [expected])
28dc3fe9 3383
7a8f15e0 3384OVN_CLEANUP([hv1],[hv2])
28dc3fe9
SR		 3385
3386AT_CLEANUP
5412db30 3387
0ee8aaf6 3388AT_SETUP([ovn -- send gratuitous arp on localnet])
d08dbed7 3389AT_SKIP_IF([test $HAVE_PYTHON = no])
0ee8aaf6 3390ovn_start
ea46a4e9 3391ovn-nbctl ls-add lsw0
0ee8aaf6
RR		 3392net_add n1
3393sim_add hv
3394as hv
3395ovs-vsctl \
3396 -- add-br br-phys \
3397 -- add-br br-eth0
3398
3399ovn_attach n1 br-phys 192.168.0.1
3400
3401AT_CHECK([ovs-vsctl set Open_vSwitch . external-ids:ovn-bridge-mappings=physnet1:br-eth0])
3402AT_CHECK([ovs-vsctl add-port br-eth0 snoopvif -- set Interface snoopvif options:tx_pcap=hv/snoopvif-tx.pcap options:rxq_pcap=hv/snoopvif-rx.pcap])
3403
3404# Create a vif.
31ed1192
JP		 3405AT_CHECK([ovn-nbctl lsp-add lsw0 localvif1])
3406AT_CHECK([ovn-nbctl lsp-set-addresses localvif1 "f0:00:00:00:00:01 192.168.1.2"])
3407AT_CHECK([ovn-nbctl lsp-set-port-security localvif1 "f0:00:00:00:00:01"])
0ee8aaf6
RR		 3408
3409# Create a localnet port.
31ed1192
JP		 3410AT_CHECK([ovn-nbctl lsp-add lsw0 ln_port])
3411AT_CHECK([ovn-nbctl lsp-set-addresses ln_port unknown])
3412AT_CHECK([ovn-nbctl lsp-set-type ln_port localnet])
3413AT_CHECK([ovn-nbctl lsp-set-options ln_port network_name=physnet1])
0ee8aaf6
RR		 3414
3415AT_CHECK([ovs-vsctl add-port br-int localvif1 -- set Interface localvif1 external_ids:iface-id=localvif1])
3416
3417# Wait for packet to be received.
49d7c759
BP		 3418echo "fffffffffffff0000000000108060001080006040001f00000000001c0a80102000000000000c0a80102" > expected
3419OVN_CHECK_PACKETS([hv/snoopvif-tx.pcap], [expected])
0ee8aaf6
RR		 3420
3421# Delete the localnet ports.
3422AT_CHECK([ovs-vsctl del-port localvif1])
31ed1192 3423AT_CHECK([ovn-nbctl lsp-del ln_port])
0ee8aaf6 3424
7a8f15e0 3425OVN_CLEANUP([hv])
0ee8aaf6
RR		 3426
3427AT_CLEANUP
75cf9d2b
GS		 3428
3429AT_SETUP([ovn -- 2 HVs, 3 LRs connected via LS, static routes])
75cf9d2b
GS		 3430AT_SKIP_IF([test $HAVE_PYTHON = no])
3431ovn_start
3432
3433# Logical network:
3434# Three LRs - R1, R2 and R3 that are connected to each other via LS "join"
3435# in 20.0.0.0/24 network. R1 has switchess foo (192.168.1.0/24)
3436# connected to it. R2 has alice (172.16.1.0/24) and R3 has bob (10.32.1.0/24)
3437# connected to it.
3438
fa2a27b2
JP		 3439ovn-nbctl lr-add R1
3440ovn-nbctl lr-add R2
3441ovn-nbctl lr-add R3
75cf9d2b 3442
ea46a4e9
JP		 3443ovn-nbctl ls-add foo
3444ovn-nbctl ls-add alice
3445ovn-nbctl ls-add bob
3446ovn-nbctl ls-add join
75cf9d2b
GS		 3447
3448# Connect foo to R1
31114af7 3449ovn-nbctl lrp-add R1 foo 00:00:01:01:02:03 192.168.1.1/24
31ed1192 3450ovn-nbctl lsp-add foo rp-foo -- set Logical_Switch_Port rp-foo type=router \
31114af7 3451 options:router-port=foo addresses=\"00:00:01:01:02:03\"
75cf9d2b
GS		 3452
3453# Connect alice to R2
31114af7 3454ovn-nbctl lrp-add R2 alice 00:00:02:01:02:03 172.16.1.1/24
31ed1192 3455ovn-nbctl lsp-add alice rp-alice -- set Logical_Switch_Port rp-alice \
80f408f4 3456 type=router options:router-port=alice addresses=\"00:00:02:01:02:03\"
75cf9d2b
GS		 3457
3458# Connect bob to R3
31114af7 3459ovn-nbctl lrp-add R3 bob 00:00:03:01:02:03 10.32.1.1/24
31ed1192 3460ovn-nbctl lsp-add bob rp-bob -- set Logical_Switch_Port rp-bob \
80f408f4 3461 type=router options:router-port=bob addresses=\"00:00:03:01:02:03\"
75cf9d2b
GS		 3462
3463# Connect R1 to join
31114af7 3464ovn-nbctl lrp-add R1 R1_join 00:00:04:01:02:03 20.0.0.1/24
31ed1192 3465ovn-nbctl lsp-add join r1-join -- set Logical_Switch_Port r1-join \
80f408f4 3466 type=router options:router-port=R1_join addresses='"00:00:04:01:02:03"'
75cf9d2b
GS		 3467
3468# Connect R2 to join
31114af7 3469ovn-nbctl lrp-add R2 R2_join 00:00:04:01:02:04 20.0.0.2/24
31ed1192 3470ovn-nbctl lsp-add join r2-join -- set Logical_Switch_Port r2-join \
80f408f4 3471 type=router options:router-port=R2_join addresses='"00:00:04:01:02:04"'
75cf9d2b
GS		 3472
3473# Connect R3 to join
31114af7 3474ovn-nbctl lrp-add R3 R3_join 00:00:04:01:02:05 20.0.0.3/24
31ed1192 3475ovn-nbctl lsp-add join r3-join -- set Logical_Switch_Port r3-join \
80f408f4 3476 type=router options:router-port=R3_join addresses='"00:00:04:01:02:05"'
75cf9d2b
GS		 3477
3478#install static routes
e48ccf3c
JP		 3479ovn-nbctl lr-route-add R1 172.16.1.0/24 20.0.0.2
3480ovn-nbctl lr-route-add R1 10.32.1.0/24 20.0.0.3
75cf9d2b 3481
e48ccf3c
JP		 3482ovn-nbctl lr-route-add R2 192.168.1.0/24 20.0.0.1
3483ovn-nbctl lr-route-add R2 10.32.1.0/24 20.0.0.3
75cf9d2b 3484
e48ccf3c
JP		 3485ovn-nbctl lr-route-add R3 192.168.1.0/24 20.0.0.1
3486ovn-nbctl lr-route-add R3 172.16.1.0/24 20.0.0.2
75cf9d2b
GS		 3487
3488# Create logical port foo1 in foo
31ed1192
JP		 3489ovn-nbctl lsp-add foo foo1 \
3490-- lsp-set-addresses foo1 "f0:00:00:01:02:03 192.168.1.2"
75cf9d2b
GS		 3491
3492# Create logical port alice1 in alice
31ed1192
JP		 3493ovn-nbctl lsp-add alice alice1 \
3494-- lsp-set-addresses alice1 "f0:00:00:01:02:04 172.16.1.2"
75cf9d2b
GS		 3495
3496# Create logical port bob1 in bob
31ed1192
JP		 3497ovn-nbctl lsp-add bob bob1 \
3498-- lsp-set-addresses bob1 "f0:00:00:01:02:05 10.32.1.2"
75cf9d2b
GS		 3499
3500# Create two hypervisor and create OVS ports corresponding to logical ports.
3501net_add n1
3502
3503sim_add hv1
3504as hv1
3505ovs-vsctl add-br br-phys
3506ovn_attach n1 br-phys 192.168.0.1
3507ovs-vsctl -- add-port br-int hv1-vif1 -- \
3508 set interface hv1-vif1 external-ids:iface-id=foo1 \
3509 options:tx_pcap=hv1/vif1-tx.pcap \
3510 options:rxq_pcap=hv1/vif1-rx.pcap \
3511 ofport-request=1
3512
3513ovs-vsctl -- add-port br-int hv1-vif2 -- \
3514 set interface hv1-vif2 external-ids:iface-id=alice1 \
3515 options:tx_pcap=hv1/vif2-tx.pcap \
3516 options:rxq_pcap=hv1/vif2-rx.pcap \
3517 ofport-request=2
3518
3519sim_add hv2
3520as hv2
3521ovs-vsctl add-br br-phys
3522ovn_attach n1 br-phys 192.168.0.2
3523ovs-vsctl -- add-port br-int hv2-vif1 -- \
3524 set interface hv2-vif1 external-ids:iface-id=bob1 \
3525 options:tx_pcap=hv2/vif1-tx.pcap \
3526 options:rxq_pcap=hv2/vif1-rx.pcap \
3527 ofport-request=1
3528
3529
3530# Pre-populate the hypervisors' ARP tables so that we don't lose any
3531# packets for ARP resolution (native tunneling doesn't queue packets
3532# for ARP resolution).
3533ovn_populate_arp
3534
3535# Allow some time for ovn-northd and ovn-controller to catch up.
3536# XXX This should be more systematic.
3537sleep 1
3538
3539ip_to_hex() {
3540 printf "%02x%02x%02x%02x" "$@"
3541}
75cf9d2b
GS		 3542
3543# Send ip packets between foo1 and alice1
3544src_mac="f00000010203"
3545dst_mac="000001010203"
3546src_ip=`ip_to_hex 192 168 1 2`
3547dst_ip=`ip_to_hex 172 16 1 2`
3548packet=${dst_mac}${src_mac}08004500001c0000000040110000${src_ip}${dst_ip}0035111100080000
3549as hv1 ovs-appctl netdev-dummy/receive hv1-vif1 $packet
3550as hv1 ovs-appctl ofproto/trace br-int in_port=1 $packet
3551
3552# Send ip packets between foo1 and bob1
3553src_mac="f00000010203"
3554dst_mac="000001010203"
3555src_ip=`ip_to_hex 192 168 1 2`
3556dst_ip=`ip_to_hex 10 32 1 2`
3557packet=${dst_mac}${src_mac}08004500001c0000000040110000${src_ip}${dst_ip}0035111100080000
3558as hv1 ovs-appctl netdev-dummy/receive hv1-vif1 $packet
3559
3560echo "---------NB dump-----"
3561ovn-nbctl show
3562echo "---------------------"
3563ovn-nbctl list logical_router
3564echo "---------------------"
3565ovn-nbctl list logical_router_port
3566echo "---------------------"
3567
3568echo "---------SB dump-----"
3569ovn-sbctl list datapath_binding
3570echo "---------------------"
3571ovn-sbctl list port_binding
3572echo "---------------------"
3573ovn-sbctl dump-flows
3574echo "---------------------"
3575
3576echo "------ hv1 dump ----------"
3577as hv1 ovs-ofctl show br-int
3578as hv1 ovs-ofctl dump-flows br-int
3579echo "------ hv2 dump ----------"
3580as hv2 ovs-ofctl show br-int
3581as hv2 ovs-ofctl dump-flows br-int
3582echo "----------------------------"
3583
3584# Packet to Expect at bob1
3585src_mac="000003010203"
3586dst_mac="f00000010205"
3587src_ip=`ip_to_hex 192 168 1 2`
3588dst_ip=`ip_to_hex 10 32 1 2`
49d7c759 3589echo "${dst_mac}${src_mac}08004500001c000000003e110200${src_ip}${dst_ip}0035111100080000" > expected
75cf9d2b 3590
49d7c759 3591OVN_CHECK_PACKETS([hv2/vif1-tx.pcap], [expected])
75cf9d2b
GS		 3592
3593# Packet to Expect at alice1
3594src_mac="000002010203"
3595dst_mac="f00000010204"
3596src_ip=`ip_to_hex 192 168 1 2`
3597dst_ip=`ip_to_hex 172 16 1 2`
49d7c759 3598echo "${dst_mac}${src_mac}08004500001c000000003e110200${src_ip}${dst_ip}0035111100080000" > expected
75cf9d2b 3599
49d7c759 3600OVN_CHECK_PACKETS([hv1/vif2-tx.pcap], [expected])
75cf9d2b 3601
7a8f15e0 3602OVN_CLEANUP([hv1],[hv2])
75cf9d2b
GS		 3603
3604AT_CLEANUP
c1645003 3605
281977f7 3606AT_SETUP([ovn -- dhcpv4 : 1 HV, 2 LS, 2 LSPs/LS])
281977f7
NS		 3607AT_SKIP_IF([test $HAVE_PYTHON = no])
3608ovn_start
3609
3610ovn-nbctl ls-add ls1
3611
3612ovn-nbctl lsp-add ls1 ls1-lp1 \
3613-- lsp-set-addresses ls1-lp1 "f0:00:00:00:00:01 10.0.0.4"
3614
3615ovn-nbctl lsp-set-port-security ls1-lp1 "f0:00:00:00:00:01 10.0.0.4"
3616
3617ovn-nbctl lsp-add ls1 ls1-lp2 \
3618-- lsp-set-addresses ls1-lp2 "f0:00:00:00:00:02 10.0.0.6 20.0.0.4"
3619
3620ovn-nbctl lsp-set-port-security ls1-lp2 "f0:00:00:00:00:02 10.0.0.6 20.0.0.4"
3621
3622ovn-nbctl ls-add ls2
3623ovn-nbctl lsp-add ls2 ls2-lp1 \
3624-- lsp-set-addresses ls2-lp1 "f0:00:00:00:00:03 30.0.0.6 40.0.0.4"
3625ovn-nbctl lsp-set-port-security ls2-lp1 "f0:00:00:00:00:03 30.0.0.6 40.0.0.4"
3626ovn-nbctl lsp-add ls2 ls2-lp2 \
3627-- lsp-set-addresses ls2-lp2 "f0:00:00:00:00:04 30.0.0.7"
3628ovn-nbctl lsp-set-port-security ls2-lp2 "f0:00:00:00:00:04 30.0.0.7"
3629
3630ovn-nbctl -- --id=@d1 create DHCP_Options cidr=10.0.0.0/24 \
3631options="\"server_id\"=\"10.0.0.1\" \"server_mac\"=\"ff:10:00:00:00:01\" \
3632\"lease_time\"=\"3600\" \"router\"=\"10.0.0.1\"" \
3633-- add Logical_Switch_Port ls1-lp1 dhcpv4_options @d1 \
3634-- add Logical_Switch_Port ls1-lp2 dhcpv4_options @d1
3635
3636ovn-nbctl -- --id=@d2 create DHCP_Options cidr=30.0.0.0/24 \
3637options="\"server_id\"=\"30.0.0.1\" \"server_mac\"=\"ff:10:00:00:00:02\" \
3638\"lease_time\"=\"3600\"" -- add Logical_Switch_Port ls2-lp2 dhcpv4_options @d2
3639
3640net_add n1
3641sim_add hv1
3642
3643as hv1
3644ovs-vsctl add-br br-phys
3645ovn_attach n1 br-phys 192.168.0.1
3646ovs-vsctl -- add-port br-int hv1-vif1 -- \
3647 set interface hv1-vif1 external-ids:iface-id=ls1-lp1 \
3648 options:tx_pcap=hv1/vif1-tx.pcap \
3649 options:rxq_pcap=hv1/vif1-rx.pcap \
3650 ofport-request=1
3651
3652ovs-vsctl -- add-port br-int hv1-vif2 -- \
3653 set interface hv1-vif2 external-ids:iface-id=ls1-lp2 \
3654 options:tx_pcap=hv1/vif2-tx.pcap \
3655 options:rxq_pcap=hv1/vif2-rx.pcap \
3656 ofport-request=2
3657
3658ovs-vsctl -- add-port br-int hv1-vif3 -- \
3659 set interface hv1-vif3 external-ids:iface-id=ls2-lp1 \
3660 options:tx_pcap=hv1/vif3-tx.pcap \
3661 options:rxq_pcap=hv1/vif3-rx.pcap \
3662 ofport-request=3
3663
3664ovs-vsctl -- add-port br-int hv1-vif4 -- \
3665 set interface hv1-vif4 external-ids:iface-id=ls2-lp2 \
3666 options:tx_pcap=hv1/vif4-tx.pcap \
3667 options:rxq_pcap=hv1/vif4-rx.pcap \
3668 ofport-request=4
3669
3670ovn_populate_arp
3671
3672sleep 2
3673
3674as hv1 ovs-vsctl show
3675
281977f7
NS		 3676# This shell function sends a DHCP request packet
3677# test_dhcp INPORT SRC_MAC DHCP_TYPE OFFER_IP ...
3678test_dhcp() {
3679 local inport=$1 src_mac=$2 dhcp_type=$3 offer_ip=$4
3680 local request=ffffffffffff${src_mac}080045100110000000008011000000000000ffffffff
3681 # udp header and dhcp header
ab187e7e
BP		 3682 request=${request}0044004300fc0000
3683 request=${request}010106006359aa760000000000000000000000000000000000000000${src_mac}
281977f7 3684 # client hardware padding
ab187e7e 3685 request=${request}00000000000000000000
281977f7 3686 # server hostname
ab187e7e
BP		 3687 request=${request}0000000000000000000000000000000000000000000000000000000000000000
3688 request=${request}0000000000000000000000000000000000000000000000000000000000000000
281977f7 3689 # boot file name
ab187e7e
BP		 3690 request=${request}0000000000000000000000000000000000000000000000000000000000000000
3691 request=${request}0000000000000000000000000000000000000000000000000000000000000000
3692 request=${request}0000000000000000000000000000000000000000000000000000000000000000
3693 request=${request}0000000000000000000000000000000000000000000000000000000000000000
281977f7 3694 # dhcp magic cookie
ab187e7e 3695 request=${request}63825363
281977f7 3696 # dhcp message type
ab187e7e 3697 request=${request}3501${dhcp_type}ff
281977f7
NS		 3698
3699 if test $offer_ip != 0; then
3700 local srv_mac=$5 srv_ip=$6 expected_dhcp_opts=$7
3701 # total IP length will be the IP length of the request packet
3702 # (which is 272 in our case) + 8 (padding bytes) + (expected_dhcp_opts / 2)
3703 ip_len=`expr 280 + ${#expected_dhcp_opts} / 2`
3704 udp_len=`expr $ip_len - 20`
04d60f6e
YT		 3705 ip_len=$(printf "%x" $ip_len)
3706 udp_len=$(printf "%x" $udp_len)
281977f7
NS		 3707 # $ip_len var will be in 3 digits i.e 134. So adding a '0' before $ip_len
3708 local reply=${src_mac}${srv_mac}080045100${ip_len}000000008011XXXX${srv_ip}${offer_ip}
3709 # udp header and dhcp header.
3710 # $udp_len var will be in 3 digits. So adding a '0' before $udp_len
ab187e7e 3711 reply=${reply}004300440${udp_len}0000020106006359aa760000000000000000
281977f7 3712 # your ip address
ab187e7e 3713 reply=${reply}${offer_ip}
281977f7 3714 # next server ip address, relay agent ip address, client mac address
ab187e7e 3715 reply=${reply}0000000000000000${src_mac}
281977f7 3716 # client hardware padding
ab187e7e 3717 reply=${reply}00000000000000000000
281977f7 3718 # server hostname
ab187e7e
BP		 3719 reply=${reply}0000000000000000000000000000000000000000000000000000000000000000
3720 reply=${reply}0000000000000000000000000000000000000000000000000000000000000000
281977f7 3721 # boot file name
ab187e7e
BP		 3722 reply=${reply}0000000000000000000000000000000000000000000000000000000000000000
3723 reply=${reply}0000000000000000000000000000000000000000000000000000000000000000
3724 reply=${reply}0000000000000000000000000000000000000000000000000000000000000000
3725 reply=${reply}0000000000000000000000000000000000000000000000000000000000000000
281977f7 3726 # dhcp magic cookie
ab187e7e 3727 reply=${reply}63825363
281977f7
NS		 3728 # dhcp message type
3729 local dhcp_reply_type=02
3730 if test $dhcp_type = 03; then
3731 dhcp_reply_type=05
3732 fi
ab187e7e 3733 reply=${reply}3501${dhcp_reply_type}${expected_dhcp_opts}00000000ff00000000
281977f7
NS		 3734 echo $reply >> $inport.expected
3735 else
3736 shift; shift; shift; shift;
3737 for outport; do
e4543cfe 3738 echo $request >> $outport.expected
281977f7
NS		 3739 done
3740 fi
3741 as hv1 ovs-appctl netdev-dummy/receive hv1-vif$inport $request
3742}
3743
3744reset_pcap_file() {
3745 local iface=$1
3746 local pcap_file=$2
3747 ovs-vsctl -- set Interface $iface options:tx_pcap=dummy-tx.pcap \
3748options:rxq_pcap=dummy-rx.pcap
3749 rm -f ${pcap_file}*.pcap
3750 ovs-vsctl -- set Interface $iface options:tx_pcap=${pcap_file}-tx.pcap \
3751options:rxq_pcap=${pcap_file}-rx.pcap
3752}
3753
3754ip_to_hex() {
3755 printf "%02x%02x%02x%02x" "$@"
3756}
3757
3758AT_CAPTURE_FILE([ofctl_monitor0.log])
3759as hv1 ovs-ofctl monitor br-int resume --detach --no-chdir \
3760--pidfile=ovs-ofctl0.pid 2> ofctl_monitor0.log
3761
3762echo "---------NB dump-----"
3763ovn-nbctl show
3764echo "---------------------"
3765echo "---------SB dump-----"
3766ovn-sbctl list datapath_binding
3767echo "---------------------"
3768ovn-sbctl list logical_flow
3769echo "---------------------"
3770
3771echo "---------------------"
3772ovn-sbctl dump-flows
3773echo "---------------------"
3774
3775echo "------ hv1 dump ----------"
3776as hv1 ovs-ofctl dump-flows br-int
3777
3778# Send DHCPDISCOVER.
3779offer_ip=`ip_to_hex 10 0 0 4`
3780server_ip=`ip_to_hex 10 0 0 1`
7c76bf4e 3781expected_dhcp_opts=330400000e100104ffffff0003040a00000136040a000001
281977f7
NS		 3782test_dhcp 1 f00000000001 01 $offer_ip ff1000000001 $server_ip $expected_dhcp_opts
3783
3784# NXT_RESUMEs should be 1.
3785OVS_WAIT_UNTIL([test 1 = `cat ofctl_monitor*.log | grep -c NXT_RESUME`])
3786
3787$PYTHON "$top_srcdir/utilities/ovs-pcap.in" hv1/vif1-tx.pcap > 1.packets
3788cat 1.expected | cut -c -48 > expout
3789AT_CHECK([cat 1.packets | cut -c -48], [0], [expout])
3790# Skipping the IPv4 checksum.
3791cat 1.expected | cut -c 53- > expout
3792AT_CHECK([cat 1.packets | cut -c 53-], [0], [expout])
3793
3794# ovs-ofctl also resumes the packets and this causes other ports to receive
3795# the DHCP request packet. So reset the pcap files so that its easier to test.
3796reset_pcap_file hv1-vif1 hv1/vif1
3797reset_pcap_file hv1-vif2 hv1/vif2
3798rm -f 1.expected
3799rm -f 2.expected
3800
3801# Send DHCPREQUEST.
3802offer_ip=`ip_to_hex 10 0 0 6`
3803server_ip=`ip_to_hex 10 0 0 1`
7c76bf4e 3804expected_dhcp_opts=330400000e100104ffffff0003040a00000136040a000001
281977f7
NS		 3805test_dhcp 2 f00000000002 03 $offer_ip ff1000000001 $server_ip $expected_dhcp_opts
3806
3807# NXT_RESUMEs should be 2.
3808OVS_WAIT_UNTIL([test 2 = `cat ofctl_monitor*.log | grep -c NXT_RESUME`])
3809
3810$PYTHON "$top_srcdir/utilities/ovs-pcap.in" hv1/vif2-tx.pcap > 2.packets
3811cat 2.expected | cut -c -48 > expout
3812AT_CHECK([cat 2.packets | cut -c -48], [0], [expout])
3813# Skipping the IPv4 checksum.
3814cat 2.expected | cut -c 53- > expout
3815AT_CHECK([cat 2.packets | cut -c 53-], [0], [expout])
3816
3817reset_pcap_file hv1-vif1 hv1/vif1
3818reset_pcap_file hv1-vif2 hv1/vif2
3819rm -f 1.expected
3820rm -f 2.expected
3821
3822# Send Invalid DHCPv4 packet on ls1-lp2. It should be received by ovn-controller
3823# but should be resumed without the reply.
3824# ls1-lp1 (vif1-tx.pcap) should receive the DHCPv4 request packet twice,
3825# one from ovn-controller and the other from "ovs-ofctl resume."
3826offer_ip=0
3827test_dhcp 2 f00000000002 08 $offer_ip 1 1
3828
3829# NXT_RESUMEs should be 3.
3830OVS_WAIT_UNTIL([test 3 = `cat ofctl_monitor*.log | grep -c NXT_RESUME`])
3831
3832# vif1-tx.pcap should have received the DHCPv4 (invalid) request packet
49d7c759 3833OVN_CHECK_PACKETS([hv1/vif1-tx.pcap], [1.expected])
281977f7
NS		 3834
3835reset_pcap_file hv1-vif1 hv1/vif1
3836reset_pcap_file hv1-vif2 hv1/vif2
3837rm -f 1.expected
3838rm -f 2.expected
3839
3840# Send DHCPv4 packet on ls2-lp1. It doesn't have any DHCPv4 options defined.
3841# ls2-lp2 (vif4-tx.pcap) should receive the DHCPv4 request packet once.
3842
3843test_dhcp 3 f00000000003 01 0 4
3844
3845# Send DHCPv4 packet on ls2-lp2. "router" DHCPv4 option is not defined for
3846# this lport.
3847test_dhcp 4 f00000000004 01 0 3
3848
3849# NXT_RESUMEs should be 3.
3850OVS_WAIT_UNTIL([test 3 = `cat ofctl_monitor*.log | grep -c NXT_RESUME`])
3851
49d7c759
BP		 3852OVN_CHECK_PACKETS([hv1/vif3-tx.pcap], [3.expected])
3853OVN_CHECK_PACKETS([hv1/vif4-tx.pcap], [4.expected])
281977f7
NS		 3854
3855as hv1
33ac3c83
NS		 3856OVS_APP_EXIT_AND_WAIT([ovn-controller])
3857OVS_APP_EXIT_AND_WAIT([ovs-vswitchd])
3858OVS_APP_EXIT_AND_WAIT([ovsdb-server])
3859
3860as ovn-sb
3861OVS_APP_EXIT_AND_WAIT([ovsdb-server])
3862
3863as ovn-nb
3864OVS_APP_EXIT_AND_WAIT([ovsdb-server])
3865
3866as northd
3867OVS_APP_EXIT_AND_WAIT([ovn-northd])
3868
3869as main
3870OVS_APP_EXIT_AND_WAIT([ovs-vswitchd])
3871OVS_APP_EXIT_AND_WAIT([ovsdb-server])
3872
3873AT_CLEANUP
3874
40df4566 3875AT_SETUP([ovn -- dhcpv6 : 1 HV, 2 LS, 5 LSPs])
33ac3c83
NS		 3876AT_SKIP_IF([test $HAVE_PYTHON = no])
3877ovn_start
3878
3879ovn-nbctl ls-add ls1
3880ovn-nbctl lsp-add ls1 ls1-lp1 \
3881-- lsp-set-addresses ls1-lp1 "f0:00:00:00:00:01 10.0.0.4 ae70::4"
3882
3883ovn-nbctl lsp-set-port-security ls1-lp1 "f0:00:00:00:00:01 10.0.0.4 ae70::4"
3884
3885ovn-nbctl lsp-add ls1 ls1-lp2 \
3886-- lsp-set-addresses ls1-lp2 "f0:00:00:00:00:02 ae70::5"
3887
3888ovn-nbctl lsp-set-port-security ls1-lp2 "f0:00:00:00:00:02 ae70::5"
3889
40df4566
ZKL		 3890ovn-nbctl lsp-add ls1 ls1-lp3 \
3891-- lsp-set-addresses ls1-lp3 "f0:00:00:00:00:22 ae70::22"
3892
3893ovn-nbctl lsp-set-port-security ls1-lp3 "f0:00:00:00:00:22 ae70::22"
3894
33ac3c83
NS		 3895ovn-nbctl -- --id=@d1 create DHCP_Options cidr="ae70\:\:/64" \
3896options="\"server_id\"=\"00:00:00:10:00:01\"" \
3897-- add Logical_Switch_Port ls1-lp1 dhcpv6_options @d1 \
3898-- add Logical_Switch_Port ls1-lp2 dhcpv6_options @d1
3899
40df4566
ZKL		 3900ovn-nbctl -- --id=@d2 create DHCP_Options cidr="ae70\:\:/64" \
3901options="\"dhcpv6_stateless\"=\"true\" \"server_id\"=\"00:00:00:10:00:01\"" \
3902-- add Logical_Switch_Port ls1-lp3 dhcpv6_options @d2
3903
33ac3c83
NS		 3904ovn-nbctl ls-add ls2
3905ovn-nbctl lsp-add ls2 ls2-lp1 \
3906-- lsp-set-addresses ls2-lp1 "f0:00:00:00:00:03 be70::3"
3907ovn-nbctl lsp-set-port-security ls2-lp1 "f0:00:00:00:00:03 be70::3"
3908ovn-nbctl lsp-add ls2 ls2-lp2 \
3909-- lsp-set-addresses ls2-lp2 "f0:00:00:00:00:04 be70::4"
3910ovn-nbctl lsp-set-port-security ls2-lp2 "f0:00:00:00:00:04 be70::4"
3911
3912net_add n1
3913sim_add hv1
3914
3915as hv1
3916ovs-vsctl add-br br-phys
3917ovn_attach n1 br-phys 192.168.0.1
3918ovs-vsctl -- add-port br-int hv1-vif1 -- \
3919 set interface hv1-vif1 external-ids:iface-id=ls1-lp1 \
3920 options:tx_pcap=hv1/vif1-tx.pcap \
3921 options:rxq_pcap=hv1/vif1-rx.pcap \
3922 ofport-request=1
3923
3924ovs-vsctl -- add-port br-int hv1-vif2 -- \
3925 set interface hv1-vif2 external-ids:iface-id=ls1-lp2 \
3926 options:tx_pcap=hv1/vif2-tx.pcap \
3927 options:rxq_pcap=hv1/vif2-rx.pcap \
3928 ofport-request=2
3929
3930ovs-vsctl -- add-port br-int hv1-vif3 -- \
3931 set interface hv1-vif3 external-ids:iface-id=ls2-lp1 \
3932 options:tx_pcap=hv1/vif3-tx.pcap \
3933 options:rxq_pcap=hv1/vif3-rx.pcap \
3934 ofport-request=3
3935
3936ovs-vsctl -- add-port br-int hv1-vif4 -- \
3937 set interface hv1-vif4 external-ids:iface-id=ls2-lp2 \
3938 options:tx_pcap=hv1/vif4-tx.pcap \
3939 options:rxq_pcap=hv1/vif4-rx.pcap \
3940 ofport-request=4
3941
40df4566
ZKL		 3942ovs-vsctl -- add-port br-int hv1-vif5 -- \
3943 set interface hv1-vif5 external-ids:iface-id=ls1-lp3 \
3944 options:tx_pcap=hv1/vif5-tx.pcap \
3945 options:rxq_pcap=hv1/vif5-rx.pcap \
3946 ofport-request=5
3947
33ac3c83
NS		 3948ovn_populate_arp
3949
3950sleep 2
3951
3952trim_zeros() {
3953 sed 's/\(00\)\{1,\}$//'
3954}
3955
3956# This shell function sends a DHCPv6 request packet
40df4566
ZKL		 3957# test_dhcpv6 INPORT SRC_MAC SRC_LLA DHCPv6_MSG_TYPE OFFER_IP OUTPORT...
3958# The OUTPORTs (zero or more) list the VIFs on which the original DHCPv6
33ac3c83
NS		 3959# packet should be received twice (one from ovn-controller and the other
3960# from the "ovs-ofctl monitor br-int resume"
3961test_dhcpv6() {
3962 local inport=$1 src_mac=$2 src_lla=$3 msg_code=$4 offer_ip=$5
3963 local request=ffffffffffff${src_mac}86dd00000000002a1101${src_lla}
3964 # dst ip ff02::1:2
ab187e7e 3965 request=${request}ff020000000000000000000000010002
33ac3c83 3966 # udp header and dhcpv6 header
ab187e7e 3967 request=${request}02220223002affff${msg_code}010203
33ac3c83 3968 # Client identifier
ab187e7e 3969 request=${request}0001000a00030001${src_mac}
33ac3c83 3970 # IA-NA (Identity Association for Non Temporary Address)
ab187e7e 3971 request=${request}0003000c0102030400000e1000001518
33ac3c83
NS		 3972 shift; shift; shift; shift; shift;
3973 if test $offer_ip != 0; then
3974 local server_mac=000000100001
3975 local server_lla=fe80000000000000020000fffe100001
3976 local reply_code=07
3977 if test $msg_code = 01; then
3978 reply_code=02
3979 fi
40df4566
ZKL		 3980 local msg_len=54
3981 if test $offer_ip = 1; then
3982 msg_len=28
3983 fi
3984 local reply=${src_mac}${server_mac}86dd0000000000${msg_len}1101${server_lla}${src_lla}
33ac3c83 3985 # udp header and dhcpv6 header
ab187e7e 3986 reply=${reply}0223022200${msg_len}ffff${reply_code}010203
33ac3c83 3987 # Client identifier
ab187e7e 3988 reply=${reply}0001000a00030001${src_mac}
33ac3c83 3989 # IA-NA
40df4566 3990 if test $offer_ip != 1; then
ab187e7e 3991 reply=${reply}0003002801020304ffffffffffffffff00050018${offer_ip}ffffffffffffffff
40df4566 3992 fi
33ac3c83 3993 # Server identifier
ab187e7e 3994 reply=${reply}0002000a00030001${server_mac}
33ac3c83
NS		 3995 echo $reply | trim_zeros >> $inport.expected
3996 else
3997 for outport; do
3998 echo $request | trim_zeros >> $outport.expected
3999 done
4000 fi
4001
4002 as hv1 ovs-appctl netdev-dummy/receive hv1-vif$inport $request
4003}
4004
4005reset_pcap_file() {
4006 local iface=$1
4007 local pcap_file=$2
4008 ovs-vsctl -- set Interface $iface options:tx_pcap=dummy-tx.pcap \
4009options:rxq_pcap=dummy-rx.pcap
4010 rm -f ${pcap_file}*.pcap
4011 ovs-vsctl -- set Interface $iface options:tx_pcap=${pcap_file}-tx.pcap \
4012options:rxq_pcap=${pcap_file}-rx.pcap
4013}
4014
4015AT_CAPTURE_FILE([ofctl_monitor0.log])
4016as hv1 ovs-ofctl monitor br-int resume --detach --no-chdir \
4017--pidfile=ovs-ofctl0.pid 2> ofctl_monitor0.log
4018
4019echo "---------NB dump-----"
4020ovn-nbctl show
4021echo "---------------------"
4022echo "---------SB dump-----"
4023ovn-sbctl list datapath_binding
4024echo "---------------------"
4025ovn-sbctl list logical_flow
4026echo "---------------------"
4027
4028echo "---------------------"
4029ovn-sbctl dump-flows
4030echo "---------------------"
4031
4032echo "------ hv1 dump ----------"
4033as hv1 ovs-ofctl dump-flows br-int
4034
4035src_mac=f00000000001
4036src_lla=fe80000000000000f20000fffe000001
4037offer_ip=ae700000000000000000000000000004
4038test_dhcpv6 1 $src_mac $src_lla 01 $offer_ip
4039
4040# NXT_RESUMEs should be 1.
4041OVS_WAIT_UNTIL([test 1 = `cat ofctl_monitor*.log | grep -c NXT_RESUME`])
4042
4043$PYTHON "$top_srcdir/utilities/ovs-pcap.in" hv1/vif1-tx.pcap | trim_zeros > 1.packets
4044# cat 1.expected | trim_zeros > expout
4045cat 1.expected | cut -c -120 > expout
4046AT_CHECK([cat 1.packets | cut -c -120], [0], [expout])
4047# Skipping the UDP checksum
4048cat 1.expected | cut -c 125- > expout
4049AT_CHECK([cat 1.packets | cut -c 125-], [0], [expout])
4050
4051rm 1.expected
4052
4053# Send invalid packet on ls1-lp2. ovn-controller should resume the packet
4054# without any modifications and the packet should be received by ls1-lp1.
4055# ls1-lp1 will receive the packet twice, one from the ovn-controller after the
4056# resume and the other from ovs-ofctl monitor resume.
4057
4058reset_pcap_file hv1-vif1 hv1/vif1
4059reset_pcap_file hv1-vif2 hv1/vif2
4060
4061src_mac=f00000000002
4062src_lla=fe80000000000000f20000fffe000002
4063offer_ip=ae700000000000000000000000000005
4064# Set invalid msg_type
4065
4066test_dhcpv6 2 $src_mac $src_lla 10 0 1 1
4067
4068# NXT_RESUMEs should be 2.
4069OVS_WAIT_UNTIL([test 2 = `cat ofctl_monitor*.log | grep -c NXT_RESUME`])
4070
4071# vif2-tx.pcap should not have received the DHCPv6 reply packet
4072rm 2.packets
4073$PYTHON "$top_srcdir/utilities/ovs-pcap.in" hv1/vif2-tx.pcap | trim_zeros > 2.packets
4074AT_CHECK([cat 2.packets], [0], [])
4075
4076# vif1-tx.pcap should have received the DHCPv6 (invalid) request packet
4077$PYTHON "$top_srcdir/utilities/ovs-pcap.in" hv1/vif1-tx.pcap | trim_zeros > 1.packets
4078cat 1.expected > expout
4079AT_CHECK([cat 1.packets], [0], [expout])
4080
4081# Send DHCPv6 packet on ls2-lp1. native DHCPv6 is disabled on this port.
4082# There should be no DHCPv6 reply from ovn-controller and the request packet
4083# should be received by ls2-lp2.
4084
4085src_mac=f00000000003
4086src_lla=fe80000000000000f20000fffe000003
4087test_dhcpv6 3 $src_mac $src_lla 01 0 4
4088
4089# NXT_RESUMEs should be 2 only.
4090OVS_WAIT_UNTIL([test 2 = `cat ofctl_monitor*.log | grep -c NXT_RESUME`])
4091
4092# vif3-tx.pcap should not have received the DHCPv6 reply packet
4093$PYTHON "$top_srcdir/utilities/ovs-pcap.in" hv1/vif3-tx.pcap | trim_zeros > 3.packets
4094AT_CHECK([cat 3.packets], [0], [])
4095
4096# vif4-tx.pcap should have received the DHCPv6 request packet
4097$PYTHON "$top_srcdir/utilities/ovs-pcap.in" hv1/vif4-tx.pcap | trim_zeros > 4.packets
4098cat 4.expected > expout
4099AT_CHECK([cat 4.packets], [0], [expout])
4100
40df4566
ZKL		 4101# Send DHCPv6 packet on ls1-lp3. native DHCPv6 works as stateless mode for this port.
4102# The DHCPv6 reply should doesn't contian offer_ip.
4103src_mac=f00000000022
4104src_lla=fe80000000000000f20000fffe000022
4105reset_pcap_file hv1-vif5 hv1/vif5
4106test_dhcpv6 5 $src_mac $src_lla 01 1 5
4107
4108# NXT_RESUMEs should be 3.
4109OVS_WAIT_UNTIL([test 3 = `cat ofctl_monitor*.log | grep -c NXT_RESUME`])
4110
4111$PYTHON "$top_srcdir/utilities/ovs-pcap.in" hv1/vif5-tx.pcap | trim_zeros > 5.packets
4112# Skipping the UDP checksum
4113cat 5.expected | cut -c 1-120,125- > expout
4114AT_CHECK([cat 5.packets | cut -c 1-120,125- ], [0], [expout])
4115
33ac3c83 4116as hv1
281977f7
NS		 4117OVS_APP_EXIT_AND_WAIT([ovn-controller])
4118OVS_APP_EXIT_AND_WAIT([ovs-vswitchd])
4119OVS_APP_EXIT_AND_WAIT([ovsdb-server])
4120
4121as ovn-sb
4122OVS_APP_EXIT_AND_WAIT([ovsdb-server])
4123
4124as ovn-nb
4125OVS_APP_EXIT_AND_WAIT([ovsdb-server])
4126
4127as northd
4128OVS_APP_EXIT_AND_WAIT([ovn-northd])
4129
4130as main
4131OVS_APP_EXIT_AND_WAIT([ovs-vswitchd])
4132OVS_APP_EXIT_AND_WAIT([ovsdb-server])
4133
4134AT_CLEANUP
4135
c1645003 4136AT_SETUP([ovn -- 2 HVs, 2 LRs connected via LS, gateway router])
c1645003
GS		 4137AT_SKIP_IF([test $HAVE_PYTHON = no])
4138ovn_start
4139
4140# Logical network:
4141# Two LRs - R1 and R2 that are connected to each other via LS "join"
4142# in 20.0.0.0/24 network. R1 has switchess foo (192.168.1.0/24)
4143# connected to it. R2 has alice (172.16.1.0/24) connected to it.
4144# R2 is a gateway router.
4145
4146
4147
4148# Create two hypervisor and create OVS ports corresponding to logical ports.
4149net_add n1
4150
4151sim_add hv1
4152as hv1
4153ovs-vsctl add-br br-phys
4154ovn_attach n1 br-phys 192.168.0.1
4155ovs-vsctl -- add-port br-int hv1-vif1 -- \
4156 set interface hv1-vif1 external-ids:iface-id=foo1 \
4157 options:tx_pcap=hv1/vif1-tx.pcap \
4158 options:rxq_pcap=hv1/vif1-rx.pcap \
4159 ofport-request=1
4160
4161
4162sim_add hv2
4163as hv2
4164ovs-vsctl add-br br-phys
4165ovn_attach n1 br-phys 192.168.0.2
4166ovs-vsctl -- add-port br-int hv2-vif1 -- \
4167 set interface hv2-vif1 external-ids:iface-id=alice1 \
4168 options:tx_pcap=hv2/vif1-tx.pcap \
4169 options:rxq_pcap=hv2/vif1-rx.pcap \
4170 ofport-request=1
4171
4172# Pre-populate the hypervisors' ARP tables so that we don't lose any
4173# packets for ARP resolution (native tunneling doesn't queue packets
4174# for ARP resolution).
4175ovn_populate_arp
4176
4177ovn-nbctl create Logical_Router name=R1
4178ovn-nbctl create Logical_Router name=R2 options:chassis="hv2"
4179
ea46a4e9
JP		 4180ovn-nbctl ls-add foo
4181ovn-nbctl ls-add alice
4182ovn-nbctl ls-add join
c1645003
GS		 4183
4184# Connect foo to R1
31114af7 4185ovn-nbctl lrp-add R1 foo 00:00:01:01:02:03 192.168.1.1/24
31ed1192 4186ovn-nbctl lsp-add foo rp-foo -- set Logical_Switch_Port rp-foo \
80f408f4 4187 type=router options:router-port=foo addresses=\"00:00:01:01:02:03\"
c1645003
GS		 4188
4189# Connect alice to R2
31114af7 4190ovn-nbctl lrp-add R2 alice 00:00:02:01:02:03 172.16.1.1/24
31ed1192 4191ovn-nbctl lsp-add alice rp-alice -- set Logical_Switch_Port rp-alice \
80f408f4 4192 type=router options:router-port=alice addresses=\"00:00:02:01:02:03\"
c1645003
GS		 4193
4194# Connect R1 to join
31114af7 4195ovn-nbctl lrp-add R1 R1_join 00:00:04:01:02:03 20.0.0.1/24
31ed1192 4196ovn-nbctl lsp-add join r1-join -- set Logical_Switch_Port r1-join \
80f408f4 4197 type=router options:router-port=R1_join addresses='"00:00:04:01:02:03"'
c1645003
GS		 4198
4199# Connect R2 to join
31114af7 4200ovn-nbctl lrp-add R2 R2_join 00:00:04:01:02:04 20.0.0.2/24
31ed1192 4201ovn-nbctl lsp-add join r2-join -- set Logical_Switch_Port r2-join \
80f408f4 4202 type=router options:router-port=R2_join addresses='"00:00:04:01:02:04"'
c1645003
GS		 4203
4204
4205#install static routes
4206ovn-nbctl -- --id=@lrt create Logical_Router_Static_Route \
4207ip_prefix=172.16.1.0/24 nexthop=20.0.0.2 -- add Logical_Router \
4208R1 static_routes @lrt
4209
4210ovn-nbctl -- --id=@lrt create Logical_Router_Static_Route \
4211ip_prefix=192.168.1.0/24 nexthop=20.0.0.1 -- add Logical_Router \
4212R2 static_routes @lrt
4213
4214# Create logical port foo1 in foo
31ed1192
JP		 4215ovn-nbctl lsp-add foo foo1 \
4216-- lsp-set-addresses foo1 "f0:00:00:01:02:03 192.168.1.2"
c1645003
GS		 4217
4218# Create logical port alice1 in alice
31ed1192
JP		 4219ovn-nbctl lsp-add alice alice1 \
4220-- lsp-set-addresses alice1 "f0:00:00:01:02:04 172.16.1.2"
c1645003
GS		 4221
4222
4223# Allow some time for ovn-northd and ovn-controller to catch up.
4224# XXX This should be more systematic.
4225sleep 2
4226
4227ip_to_hex() {
4228 printf "%02x%02x%02x%02x" "$@"
4229}
c1645003
GS		 4230
4231# Send ip packets between foo1 and alice1
4232src_mac="f00000010203"
4233dst_mac="000001010203"
4234src_ip=`ip_to_hex 192 168 1 2`
4235dst_ip=`ip_to_hex 172 16 1 2`
4236packet=${dst_mac}${src_mac}08004500001c0000000040110000${src_ip}${dst_ip}0035111100080000
4237
4238echo "---------NB dump-----"
4239ovn-nbctl show
4240echo "---------------------"
4241ovn-nbctl list logical_router
4242echo "---------------------"
4243ovn-nbctl list logical_router_port
4244echo "---------------------"
4245
4246echo "---------SB dump-----"
4247ovn-sbctl list datapath_binding
4248echo "---------------------"
4249ovn-sbctl list port_binding
4250echo "---------------------"
4251ovn-sbctl dump-flows
4252echo "---------------------"
4253ovn-sbctl list chassis
4254ovn-sbctl list encap
4255echo "---------------------"
4256
c1645003
GS		 4257# Packet to Expect at alice1
4258src_mac="000002010203"
4259dst_mac="f00000010204"
4260src_ip=`ip_to_hex 192 168 1 2`
4261dst_ip=`ip_to_hex 172 16 1 2`
4262expected=${dst_mac}${src_mac}08004500001c000000003e110200${src_ip}${dst_ip}0035111100080000
4263
4264
4265as hv1 ovs-appctl netdev-dummy/receive hv1-vif1 $packet
4266as hv1 ovs-appctl ofproto/trace br-int in_port=1 $packet
4267
ab39371d
RM		 4268echo "------ hv1 dump after packet 1 ----------"
4269as hv1 ovs-ofctl show br-int
4270as hv1 ovs-ofctl dump-flows br-int
4271echo "------ hv2 dump after packet 1 ----------"
4272as hv2 ovs-ofctl show br-int
4273as hv2 ovs-ofctl dump-flows br-int
4274echo "----------------------------"
4275
49d7c759
BP		 4276echo $expected > expected
4277OVN_CHECK_PACKETS([hv2/vif1-tx.pcap], [expected])
c1645003 4278
34114cf8
GS		 4279# Delete the router and re-create it. Things should work as before.
4280ovn-nbctl lr-del R2
4281ovn-nbctl create Logical_Router name=R2 options:chassis="hv2"
4282# Connect alice to R2
4283ovn-nbctl lrp-add R2 alice 00:00:02:01:02:03 172.16.1.1/24
4284# Connect R2 to join
4285ovn-nbctl lrp-add R2 R2_join 00:00:04:01:02:04 20.0.0.2/24
4286
4287ovn-nbctl -- --id=@lrt create Logical_Router_Static_Route \
4288ip_prefix=192.168.1.0/24 nexthop=20.0.0.1 -- add Logical_Router \
4289R2 static_routes @lrt
4290
4291# Wait for ovn-controller to catch up.
4292sleep 1
4293
4294# Send the packet again.
4295as hv1 ovs-appctl netdev-dummy/receive hv1-vif1 $packet
ab39371d
RM		 4296
4297echo "------ hv1 dump after packet 2 ----------"
4298as hv1 ovs-ofctl show br-int
4299as hv1 ovs-ofctl dump-flows br-int
4300echo "------ hv2 dump after packet 2 ----------"
4301as hv2 ovs-ofctl show br-int
4302as hv2 ovs-ofctl dump-flows br-int
4303echo "----------------------------"
4304
49d7c759
BP		 4305echo $expected >> expected
4306OVN_CHECK_PACKETS([hv2/vif1-tx.pcap], [expected])
34114cf8 4307
7a8f15e0 4308OVN_CLEANUP([hv1],[hv2])
c1645003
GS		 4309
4310AT_CLEANUP
bb3c4568
FF		 4311
4312AT_SETUP([ovn -- icmp_reply: 1 HVs, 2 LSs, 1 lport/LS, 1 LR])
4313AT_KEYWORDS([router-icmp-reply])
4314AT_SKIP_IF([test $HAVE_PYTHON = no])
4315ovn_start
4316
4317# Logical network:
4318# One LR - R1 has switch ls1 (191.168.1.0/24) connected to it,
4319# and has switch ls2 (172.16.1.0/24) connected to it.
4320
fa2a27b2 4321ovn-nbctl lr-add R1
bb3c4568 4322
ea46a4e9
JP		 4323ovn-nbctl ls-add ls1
4324ovn-nbctl ls-add ls2
bb3c4568
FF		 4325
4326# Connect ls1 to R1
31114af7 4327ovn-nbctl lrp-add R1 ls1 00:00:00:01:02:f1 192.168.1.1/24
31ed1192 4328ovn-nbctl lsp-add ls1 rp-ls1 -- set Logical_Switch_Port rp-ls1 \
80f408f4 4329 type=router options:router-port=ls1 addresses=\"00:00:00:01:02:f1\"
bb3c4568
FF		 4330
4331# Connect ls2 to R1
31114af7 4332ovn-nbctl lrp-add R1 ls2 00:00:00:01:02:f2 172.16.1.1/24
31ed1192 4333ovn-nbctl lsp-add ls2 rp-ls2 -- set Logical_Switch_Port rp-ls2 \
80f408f4 4334 type=router options:router-port=ls2 addresses=\"00:00:00:01:02:f2\"
bb3c4568
FF		 4335
4336# Create logical port ls1-lp1 in ls1
31ed1192
JP		 4337ovn-nbctl lsp-add ls1 ls1-lp1 \
4338-- lsp-set-addresses ls1-lp1 "00:00:00:01:02:03 192.168.1.2"
bb3c4568
FF		 4339
4340# Create logical port ls2-lp1 in ls2
31ed1192
JP		 4341ovn-nbctl lsp-add ls2 ls2-lp1 \
4342-- lsp-set-addresses ls2-lp1 "00:00:00:01:02:04 172.16.1.2"
bb3c4568
FF		 4343
4344# Create one hypervisor and create OVS ports corresponding to logical ports.
4345net_add n1
4346
4347sim_add hv1
4348as hv1
4349ovs-vsctl add-br br-phys
4350ovn_attach n1 br-phys 192.168.0.1
4351ovs-vsctl -- add-port br-int vif1 -- \
4352 set interface vif1 external-ids:iface-id=ls1-lp1 \
4353 options:tx_pcap=hv1/vif1-tx.pcap \
4354 options:rxq_pcap=hv1/vif1-rx.pcap \
4355 ofport-request=1
4356
4357ovs-vsctl -- add-port br-int vif2 -- \
4358 set interface vif2 external-ids:iface-id=ls2-lp1 \
4359 options:tx_pcap=hv1/vif2-tx.pcap \
4360 options:rxq_pcap=hv1/vif2-rx.pcap \
4361 ofport-request=1
4362
4363
4364# Allow some time for ovn-northd and ovn-controller to catch up.
4365# XXX This should be more systematic.
4366sleep 1
4367
4368
4369ip_to_hex() {
4370 printf "%02x%02x%02x%02x" "$@"
4371}
bb3c4568
FF		 4372for i in 1 2; do
4373 : > vif$i.expected
4374done
4375# test_ipv4_icmp_request INPORT ETH_SRC ETH_DST IPV4_SRC IPV4_DST IP_CHKSUM ICMP_CHKSUM [EXP_IP_CHKSUM EXP_ICMP_CHKSUM]
4376#
4377# Causes a packet to be received on INPORT. The packet is an ICMPv4
4378# request with ETH_SRC, ETH_DST, IPV4_SRC, IPV4_DST, IP_CHSUM and
4379# ICMP_CHKSUM as specified. If EXP_IP_CHKSUM and EXP_ICMP_CHKSUM are
4380# provided, then it should be the ip and icmp checksums of the packet
4381# responded; otherwise, no reply is expected.
4382# In the absence of an ip checksum calculation helpers, this relies
4383# on the caller to provide the checksums for the ip and icmp headers.
4384# XXX This should be more systematic.
4385#
4386# INPORT is an lport number, e.g. 11 for vif11.
4387# ETH_SRC and ETH_DST are each 12 hex digits.
4388# IPV4_SRC and IPV4_DST are each 8 hex digits.
4389# IP_CHSUM and ICMP_CHKSUM are each 4 hex digits.
4390# EXP_IP_CHSUM and EXP_ICMP_CHKSUM are each 4 hex digits.
4391test_ipv4_icmp_request() {
4392 local inport=$1 eth_src=$2 eth_dst=$3 ipv4_src=$4 ipv4_dst=$5 ip_chksum=$6 icmp_chksum=$7
4393 local exp_ip_chksum=$8 exp_icmp_chksum=$9
4394 shift; shift; shift; shift; shift; shift; shift
4395 shift; shift
4396
4397 # Use ttl to exercise section 4.2.2.9 of RFC1812
4398 local ip_ttl=01
4399 local icmp_id=5fbf
4400 local icmp_seq=0001
4401 local icmp_data=$(seq 1 56 | xargs printf "%02x")
4402 local icmp_type_code_request=0800
4403 local icmp_payload=${icmp_type_code_request}${icmp_chksum}${icmp_id}${icmp_seq}${icmp_data}
4404 local packet=${eth_dst}${eth_src}08004500005400004000${ip_ttl}01${ip_chksum}${ipv4_src}${ipv4_dst}${icmp_payload}
4405
4406 as hv1 ovs-appctl netdev-dummy/receive vif$inport $packet
4407 if test X$exp_icmp_chksum != X; then
4408 # Expect to receive the reply, if any. In same port where packet was sent.
4409 # Note: src and dst fields are expected to be reversed.
4410 local icmp_type_code_response=0000
4411 local reply_icmp_ttl=fe
4412 local reply_icmp_payload=${icmp_type_code_response}${exp_icmp_chksum}${icmp_id}${icmp_seq}${icmp_data}
4413 local reply=${eth_src}${eth_dst}08004500005400004000${reply_icmp_ttl}01${exp_ip_chksum}${ipv4_dst}${ipv4_src}${reply_icmp_payload}
4414 echo $reply >> vif$inport.expected
4415 fi
4416}
4417
4418# Send ping packet to router's ip addresses, from each of the 2 logical ports.
4419rtr_l1_ip=$(ip_to_hex 192 168 1 1)
4420rtr_l2_ip=$(ip_to_hex 172 16 1 1)
4421l1_ip=$(ip_to_hex 192 168 1 2)
4422l2_ip=$(ip_to_hex 172 16 1 2)
4423
4424# Ping router ip address that is on same subnet as the logical port
4425test_ipv4_icmp_request 1 000000010203 0000000102f1 $l1_ip $rtr_l1_ip 0000 8510 02ff 8d10
4426test_ipv4_icmp_request 2 000000010204 0000000102f2 $l2_ip $rtr_l2_ip 0000 8510 02ff 8d10
4427
4428# Ping router ip address that is on the other side of the logical ports
4429test_ipv4_icmp_request 1 000000010203 0000000102f1 $l1_ip $rtr_l2_ip 0000 8510 02ff 8d10
4430test_ipv4_icmp_request 2 000000010204 0000000102f2 $l2_ip $rtr_l1_ip 0000 8510 02ff 8d10
4431
4432echo "---------NB dump-----"
4433ovn-nbctl show
4434echo "---------------------"
4435ovn-nbctl list logical_router
4436echo "---------------------"
4437ovn-nbctl list logical_router_port
4438echo "---------------------"
4439
4440echo "---------SB dump-----"
4441ovn-sbctl list datapath_binding
4442echo "---------------------"
4443ovn-sbctl list logical_flow
4444echo "---------------------"
4445
4446echo "------ hv1 dump ----------"
4447as hv1 ovs-ofctl dump-flows br-int
4448
4449# Now check the packets actually received against the ones expected.
4450for inport in 1 2; do
49d7c759 4451 OVN_CHECK_PACKETS([hv1/vif${inport}-tx.pcap], [vif$inport.expected])
bb3c4568
FF		 4452done
4453
7a8f15e0 4454OVN_CLEANUP([hv1])
bb3c4568
FF		 4455
4456AT_CLEANUP
94f79fcb
RB		 4457
4458# 1 hypervisor, 1 port
4459# make sure that the port state is properly set to up and back down
4460# when created and deleted.
4461AT_SETUP([ovn -- port state up and down])
94f79fcb
RB		 4462ovn_start
4463
4464ovn-nbctl ls-add ls1
4465ovn-nbctl lsp-add ls1 lp1
4466ovn-nbctl lsp-set-addresses lp1 unknown
4467
4468net_add n1
4469sim_add hv1
4470as hv1 ovs-vsctl add-br br-phys
4471as hv1 ovn_attach n1 br-phys 192.168.0.1
4472
4473as hv1 ovs-vsctl add-port br-int vif1 -- set Interface vif1 external-ids:iface-id=lp1
4474OVS_WAIT_UNTIL([test x`ovn-nbctl lsp-get-up lp1` = xup])
4475
4476as hv1 ovs-vsctl del-port br-int vif1
4477OVS_WAIT_UNTIL([test x`ovn-nbctl lsp-get-up lp1` = xdown])
4478
7a8f15e0 4479OVN_CLEANUP([hv1])
94f79fcb 4480
94f79fcb 4481AT_CLEANUP
e75451fe 4482
ccc6e1db
FF		 4483# 1 hypervisor, 1 port
4484# make sure that the OF rules created to support a datapath are added/cleared
4485# when logical switch is created and removed.
4486AT_SETUP([ovn -- datapath rules added/removed])
1794d5f2 4487AT_KEYWORDS([cleanup])
ccc6e1db
FF		 4488ovn_start
4489
4490net_add n1
4491sim_add hv1
4492as hv1 ovs-vsctl add-br br-phys
4493as hv1 ovn_attach n1 br-phys 192.168.0.1
4494
4495# This shell function checks if OF rules in br-int have clauses
4496# related to OVN datapaths. The caller determines if it should find
4497# a match in the output, or not.
4498#
4499# EXPECT_DATAPATH param determines whether flows that refer to
4500# datapath to should be present or not. 0 means
4501# they should not be.
4502# STAGE_INFO param is a simple string to help identify the stage
4503# in the test when this function was invoked.
4504test_datapath_in_of_rules() {
4505 local expect_datapath=$1 stage_info=$2
4506 echo "------ ovn-nbctl show ${stage_info} ------"
4507 ovn-nbctl show
4508 echo "------ ovn-sbctl show ${stage_info} ------"
4509 ovn-sbctl show
4510 echo "------ OF rules ${stage_info} ------"
4511 AT_CHECK([ovs-ofctl dump-flows br-int], [0], [stdout])
4512 # if there is a datapath mentioned in the output, check for the
4513 # magic keyword that represents one, based on the exit status of
4514 # a quiet grep
4515 if test $expect_datapath != 0; then
4618b102 4516 AT_CHECK([grep -q -i 'metadata=' stdout], [0], [ignore-nolog])
ccc6e1db 4517 else
4618b102 4518 AT_CHECK([grep -q -i 'metadata=' stdout], [1], [ignore-nolog])
ccc6e1db
FF		 4519 fi
4520}
4521
4522test_datapath_in_of_rules 0 "before ls+port create"
4523
4524ovn-nbctl ls-add ls1
4525ovn-nbctl lsp-add ls1 lp1
4526ovn-nbctl lsp-set-addresses lp1 unknown
4527
4528as hv1 ovs-vsctl add-port br-int vif1 -- set Interface vif1 external-ids:iface-id=lp1
4529OVS_WAIT_UNTIL([test x`ovn-nbctl lsp-get-up lp1` = xup])
4530
4531test_datapath_in_of_rules 1 "after port is bound"
4532
4533as hv1 ovs-vsctl del-port br-int vif1
4534OVS_WAIT_UNTIL([test x`ovn-nbctl lsp-get-up lp1` = xdown])
4535
4536ovn-nbctl lsp-set-addresses lp1
4537ovn-nbctl lsp-del lp1
4538ovn-nbctl ls-del ls1
4539
4540# wait for earlier changes to take effect
4541AT_CHECK([ovn-nbctl --timeout=3 --wait=sb sync], [0], [ignore])
4542
4543# ensure OF rules are no longer present. There used to be a bug here.
4544test_datapath_in_of_rules 0 "after lport+ls removal"
4545
4546OVN_CLEANUP([hv1])
4547
4548AT_CLEANUP
4549
f8a8db39 4550AT_SETUP([ovn -- nd_na ])
e75451fe
ZKL		 4551AT_SKIP_IF([test $HAVE_PYTHON = no])
4552ovn_start
4553
4554#TODO: since patch port for IPv6 logical router port is not ready not,
4555# so we are not going to test vifs on different lswitches cases. Try
4556# to update for that once relevant stuff implemented.
4557
4558# In this test cases we create 1 lswitch, it has 2 VIF ports attached
4559# with. NS packet we test, from one VIF for another VIF, will be replied
4560# by local ovn-controller, but not by target VIF.
4561
4562# Create hypervisors and logical switch lsw0.
4563ovn-nbctl ls-add lsw0
4564net_add n1
4565sim_add hv1
4566as hv1
4567ovs-vsctl add-br br-phys
4568ovn_attach n1 br-phys 192.168.0.2
4569
4570# Add vif1 to hv1 and lsw0, turn on l2 port security on vif1.
4571ovs-vsctl add-port br-int vif1 -- set Interface vif1 external-ids:iface-id=lp1 options:tx_pcap=hv1/vif1-tx.pcap options:rxq_pcap=hv1/vif1-rx.pcap ofport-request=1
4572ovn-nbctl lsp-add lsw0 lp1
4573ovn-nbctl lsp-set-addresses lp1 "fa:16:3e:94:05:98 192.168.0.3 fd81:ce49:a948:0:f816:3eff:fe94:598"
4574ovn-nbctl lsp-set-port-security lp1 "fa:16:3e:94:05:98 192.168.0.3 fd81:ce49:a948:0:f816:3eff:fe94:598"
4575
4576# Add vif2 to hv1 and lsw0, turn on l2 port security on vif2.
4577ovs-vsctl add-port br-int vif2 -- set Interface vif2 external-ids:iface-id=lp2 options:tx_pcap=hv1/vif2-tx.pcap options:rxq_pcap=hv1/vif2-rx.pcap ofport-request=2
4578ovn-nbctl lsp-add lsw0 lp2
4579ovn-nbctl lsp-set-addresses lp2 "fa:16:3e:a1:f9:ae 192.168.0.4 fd81:ce49:a948:0:f816:3eff:fea1:f9ae"
4580ovn-nbctl lsp-set-port-security lp2 "fa:16:3e:a1:f9:ae 192.168.0.4 fd81:ce49:a948:0:f816:3eff:fea1:f9ae"
4581
4582# Add ACL rule for ICMPv6 on lsw0
4583ovn-nbctl acl-add lsw0 from-lport 1002 'ip6 && icmp6' allow-related
4584ovn-nbctl acl-add lsw0 to-lport 1002 'outport == "lp1" && ip6 && icmp6' allow-related
4585ovn-nbctl acl-add lsw0 to-lport 1002 'outport == "lp2" && ip6 && icmp6' allow-related
4586
4587# Allow some time for ovn-northd and ovn-controller to catch up.
4588# XXX This should be more systematic.
4589sleep 1
4590
4591# Given the name of a logical port, prints the name of the hypervisor
4592# on which it is located.
4593vif_to_hv() {
4594 echo hv1${1%?}
4595}
e75451fe
ZKL		 4596for i in 1 2; do
4597 : > $i.expected
4598done
4599
4600# Complete Neighbor Solicitation packet and Neighbor Advertisement packet
4601# vif1 -> NS -> vif2. vif1 <- NA <- ovn-controller.
4602# vif2 will not receive NS packet, since ovn-controller will reply for it.
4603ns_packet=3333ffa1f9aefa163e94059886dd6000000000203afffd81ce49a9480000f8163efffe940598fd81ce49a9480000f8163efffea1f9ae8700e01160000000fd81ce49a9480000f8163efffea1f9ae0101fa163e940598
4604na_packet=fa163e940598fa163ea1f9ae86dd6000000000203afffd81ce49a9480000f8163efffea1f9aefd81ce49a9480000f8163efffe9405988800e9ed60000000fd81ce49a9480000f8163efffea1f9ae0201fa163ea1f9ae
4605
4606as hv1 ovs-appctl netdev-dummy/receive vif1 $ns_packet
e4543cfe 4607echo $na_packet >> 1.expected
e75451fe 4608
e75451fe
ZKL		 4609echo "------ hv1 dump ------"
4610as hv1 ovs-vsctl show
4611as hv1 ovs-ofctl -O OpenFlow13 show br-int
4612as hv1 ovs-ofctl -O OpenFlow13 dump-flows br-int
4613
4614for i in 1 2; do
49d7c759 4615 OVN_CHECK_PACKETS([hv1/vif$i-tx.pcap], [$i.expected])
e75451fe
ZKL		 4616done
4617
7a8f15e0 4618OVN_CLEANUP([hv1])
e75451fe
ZKL		 4619
4620AT_CLEANUP
7417d147
RM		 4621
4622AT_SETUP([ovn -- address sets modification/removal smoke test])
7417d147
RM		 4623ovn_start
4624
4625net_add n1
4626
4627sim_add hv1
4628as hv1
4629ovs-vsctl add-br br-phys
4630ovn_attach n1 br-phys 192.168.0.1
4631
4632row=`ovn-nbctl create Address_Set name=set1 addresses=\"1.1.1.1\"`
4633ovn-nbctl set Address_Set $row name=set1 addresses=\"1.1.1.1,1.1.1.2\"
4634ovn-nbctl destroy Address_Set $row
4635
4636sleep 1
4637
4638# A bug previously existed in the address set support code
4639# that caused ovn-controller to crash after an address set
4640# was updated and then removed. This test case ensures
4641# that ovn-controller is at least still running after
4642# creating, updating, and deleting an address set.
4643AT_CHECK([ovs-appctl -t ovn-controller version], [0], [ignore])
4644
4645OVN_CLEANUP([hv1])
4646
4647AT_CLEANUP
8639f9be
ND		 4648
4649AT_SETUP([ovn -- ipam])
8639f9be
ND		 4650AT_SKIP_IF([test $HAVE_PYTHON = no])
4651ovn_start
4652
4653# Add a port to a switch that does not have a subnet set, then set the
4654# subnet which should result in an address being allocated for the port.
4655ovn-nbctl ls-add sw0
4656ovn-nbctl lsp-add sw0 p0 -- lsp-set-addresses p0 dynamic
fd3b31e9 4657ovn-nbctl --wait=sb add Logical-Switch sw0 other_config subnet=192.168.1.0/24
8639f9be
ND		 4658AT_CHECK([ovn-nbctl get Logical-Switch-Port p0 dynamic_addresses], [0],
4659 ["0a:00:00:00:00:01 192.168.1.2"
4660])
4661
4662# Add 9 more ports to sw0, addresses should all be unique.
4663for n in `seq 1 9`; do
11547f85 4664 ovn-nbctl --wait=sb lsp-add sw0 "p$n" -- lsp-set-addresses "p$n" dynamic
8639f9be
ND		 4665done
4666AT_CHECK([ovn-nbctl get Logical-Switch-Port p1 dynamic_addresses], [0],
4667 ["0a:00:00:00:00:02 192.168.1.3"
4668])
4669AT_CHECK([ovn-nbctl get Logical-Switch-Port p2 dynamic_addresses], [0],
4670 ["0a:00:00:00:00:03 192.168.1.4"
4671])
4672AT_CHECK([ovn-nbctl get Logical-Switch-Port p3 dynamic_addresses], [0],
4673 ["0a:00:00:00:00:04 192.168.1.5"
4674])
4675AT_CHECK([ovn-nbctl get Logical-Switch-Port p4 dynamic_addresses], [0],
4676 ["0a:00:00:00:00:05 192.168.1.6"
4677])
4678AT_CHECK([ovn-nbctl get Logical-Switch-Port p5 dynamic_addresses], [0],
4679 ["0a:00:00:00:00:06 192.168.1.7"
4680])
4681AT_CHECK([ovn-nbctl get Logical-Switch-Port p6 dynamic_addresses], [0],
4682 ["0a:00:00:00:00:07 192.168.1.8"
4683])
4684AT_CHECK([ovn-nbctl get Logical-Switch-Port p7 dynamic_addresses], [0],
4685 ["0a:00:00:00:00:08 192.168.1.9"
4686])
4687AT_CHECK([ovn-nbctl get Logical-Switch-Port p8 dynamic_addresses], [0],
4688 ["0a:00:00:00:00:09 192.168.1.10"
4689])
4690AT_CHECK([ovn-nbctl get Logical-Switch-Port p9 dynamic_addresses], [0],
4691 ["0a:00:00:00:00:0a 192.168.1.11"
4692])
4693
4694# Trying similar tests with a second switch. MAC addresses should be unique
4695# across both switches but IP's only need to be unique within the same switch.
4696ovn-nbctl ls-add sw1
4697ovn-nbctl lsp-add sw1 p10 -- lsp-set-addresses p10 dynamic
11547f85 4698ovn-nbctl --wait=sb add Logical-Switch sw1 other_config subnet=192.168.1.0/24
8639f9be
ND		 4699AT_CHECK([ovn-nbctl get Logical-Switch-Port p10 dynamic_addresses], [0],
4700 ["0a:00:00:00:00:0b 192.168.1.2"
4701])
4702
4703for n in `seq 11 19`; do
11547f85 4704 ovn-nbctl --wait=sb lsp-add sw1 "p$n" -- lsp-set-addresses "p$n" dynamic
8639f9be
ND		 4705done
4706AT_CHECK([ovn-nbctl get Logical-Switch-Port p11 dynamic_addresses], [0],
4707 ["0a:00:00:00:00:0c 192.168.1.3"
4708])
4709AT_CHECK([ovn-nbctl get Logical-Switch-Port p12 dynamic_addresses], [0],
4710 ["0a:00:00:00:00:0d 192.168.1.4"
4711])
4712AT_CHECK([ovn-nbctl get Logical-Switch-Port p13 dynamic_addresses], [0],
4713 ["0a:00:00:00:00:0e 192.168.1.5"
4714])
4715AT_CHECK([ovn-nbctl get Logical-Switch-Port p14 dynamic_addresses], [0],
4716 ["0a:00:00:00:00:0f 192.168.1.6"
4717])
4718AT_CHECK([ovn-nbctl get Logical-Switch-Port p15 dynamic_addresses], [0],
4719 ["0a:00:00:00:00:10 192.168.1.7"
4720])
4721AT_CHECK([ovn-nbctl get Logical-Switch-Port p16 dynamic_addresses], [0],
4722 ["0a:00:00:00:00:11 192.168.1.8"
4723])
4724AT_CHECK([ovn-nbctl get Logical-Switch-Port p17 dynamic_addresses], [0],
4725 ["0a:00:00:00:00:12 192.168.1.9"
4726])
4727AT_CHECK([ovn-nbctl get Logical-Switch-Port p18 dynamic_addresses], [0],
4728 ["0a:00:00:00:00:13 192.168.1.10"
4729])
4730AT_CHECK([ovn-nbctl get Logical-Switch-Port p19 dynamic_addresses], [0],
4731 ["0a:00:00:00:00:14 192.168.1.11"
4732])
4733
4734# Change a port's address to test for multiple ip's for a single address entry
4735# and addresses set by the user.
4736ovn-nbctl lsp-set-addresses p0 "0a:00:00:00:00:15 192.168.1.12 192.168.1.14"
11547f85 4737ovn-nbctl --wait=sb lsp-add sw0 p20 -- lsp-set-addresses p20 dynamic
8639f9be
ND		 4738AT_CHECK([ovn-nbctl get Logical-Switch-Port p20 dynamic_addresses], [0],
4739 ["0a:00:00:00:00:16 192.168.1.13"
4740])
4741
4742# Test for logical router port address management.
4743ovn-nbctl create Logical_Router name=R1
4744ovn-nbctl -- --id=@lrp create Logical_Router_port name=sw0 \
4745network="192.168.1.1/24" mac=\"0a:00:00:00:00:17\" \
4746-- add Logical_Router R1 ports @lrp -- lsp-add sw0 rp-sw0 \
4747-- set Logical_Switch_Port rp-sw0 type=router options:router-port=sw0
11547f85 4748ovn-nbctl --wait=sb lsp-add sw0 p21 -- lsp-set-addresses p21 dynamic
8639f9be
ND		 4749AT_CHECK([ovn-nbctl get Logical-Switch-Port p21 dynamic_addresses], [0],
4750 ["0a:00:00:00:00:18 192.168.1.15"
4751])
4752
4753# Test for address reuse after logical port is deleted.
4754ovn-nbctl lsp-del p0
11547f85 4755ovn-nbctl --wait=sb lsp-add sw0 p23 -- lsp-set-addresses p23 dynamic
8639f9be
ND		 4756AT_CHECK([ovn-nbctl get Logical-Switch-Port p23 dynamic_addresses], [0],
4757 ["0a:00:00:00:00:19 192.168.1.2"
4758])
4759
4760# Test for multiple addresses to one logical port.
4761ovn-nbctl lsp-add sw0 p25 -- lsp-set-addresses p25 \
4762"0a:00:00:00:00:1a 192.168.1.12" "0a:00:00:00:00:1b 192.168.1.14"
11547f85 4763ovn-nbctl --wait=sb lsp-add sw0 p26 -- lsp-set-addresses p26 dynamic
8639f9be
ND		 4764AT_CHECK([ovn-nbctl get Logical-Switch-Port p26 dynamic_addresses], [0],
4765 ["0a:00:00:00:00:1c 192.168.1.16"
4766])
4767
4768# Test for exhausting subnet address space.
4769ovn-nbctl ls-add sw2 -- add Logical-Switch sw2 other_config subnet=172.16.1.0/30
11547f85 4770ovn-nbctl --wait=sb lsp-add sw2 p27 -- lsp-set-addresses p27 dynamic
8639f9be
ND		 4771AT_CHECK([ovn-nbctl get Logical-Switch-Port p27 dynamic_addresses], [0],
4772 ["0a:00:00:00:00:1d 172.16.1.2"
4773])
4774
11547f85 4775ovn-nbctl --wait=sb lsp-add sw2 p28 -- lsp-set-addresses p28 dynamic
8639f9be
ND		 4776AT_CHECK([ovn-nbctl get Logical-Switch-Port p28 dynamic_addresses], [0],
4777 [[[]]
4778])
4779
4780# Test that address management does not add duplicate MAC for lsp/lrp peers.
4781ovn-nbctl create Logical_Router name=R2
4782ovn-nbctl ls-add sw3
4783ovn-nbctl lsp-add sw3 p29 -- lsp-set-addresses p29 \
4784"0a:00:00:00:00:1e"
4785ovn-nbctl -- --id=@lrp create Logical_Router_port name=sw3 \
4786network="192.168.2.1/24" mac=\"0a:00:00:00:00:1f\" \
4787-- add Logical_Router R2 ports @lrp -- lsp-add sw3 rp-sw3 \
4788-- set Logical_Switch_Port rp-sw3 type=router options:router-port=sw3
11547f85 4789ovn-nbctl --wait=sb lsp-add sw0 p30 -- lsp-set-addresses p30 dynamic
8639f9be
ND		 4790AT_CHECK([ovn-nbctl get Logical-Switch-Port p30 dynamic_addresses], [0],
4791 ["0a:00:00:00:00:20 192.168.1.17"
4792])
4793
6374d518
LR		 4794# Test static MAC address with dynamically allocated IP
4795ovn-nbctl --wait=sb lsp-add sw0 p31 -- lsp-set-addresses p31 \
4796"fe:dc:ba:98:76:54 dynamic"
4797AT_CHECK([ovn-nbctl get Logical-Switch-Port p31 dynamic_addresses], [0],
4798 ["fe:dc:ba:98:76:54 192.168.1.18"
4799])
4800
8639f9be
ND		 4801as ovn-sb
4802OVS_APP_EXIT_AND_WAIT([ovsdb-server])
4803
4804as ovn-nb
4805OVS_APP_EXIT_AND_WAIT([ovsdb-server])
4806
4807as northd
4808OVS_APP_EXIT_AND_WAIT([ovn-northd])
4809
4810AT_CLEANUP
4811
4812AT_SETUP([ovn -- ipam connectivity])
8639f9be
ND		 4813AT_SKIP_IF([test $HAVE_PYTHON = no])
4814ovn_start
4815
4816ovn-nbctl lr-add R1
4817
4818# Test for a ping using dynamically allocated addresses.
4819ovn-nbctl ls-add foo -- add Logical_Switch foo other_config subnet=192.168.1.0/24
4820ovn-nbctl ls-add alice -- add Logical_Switch alice other_config subnet=192.168.2.0/24
4821
4822# Connect foo to R1
4823ovn-nbctl lrp-add R1 foo 00:00:00:01:02:03 192.168.1.1/24
4824ovn-nbctl lsp-add foo rp-foo -- set Logical_Switch_Port rp-foo type=router \
20418099
MS		 4825 options:router-port=foo \
4826 -- lsp-set-addresses rp-foo router
8639f9be
ND		 4827
4828# Connect alice to R1
4829ovn-nbctl lrp-add R1 alice 00:00:00:01:02:04 192.168.2.1/24
4830ovn-nbctl lsp-add alice rp-alice -- set Logical_Switch_Port rp-alice type=router \
4831 options:router-port=alice addresses=\"00:00:00:01:02:04\"
4832
4833# Create logical port foo1 in foo
fd3b31e9 4834ovn-nbctl --wait=sb lsp-add foo foo1 \
8639f9be 4835-- lsp-set-addresses foo1 "dynamic"
8bc2c143 4836AT_CHECK([ovn-nbctl --timeout=10 wait-until Logical-Switch-Port foo1 dynamic_addresses='"0a:00:00:00:00:01 192.168.1.2"'], [0])
8639f9be
ND		 4837
4838# Create logical port alice1 in alice
fd3b31e9 4839ovn-nbctl --wait=sb lsp-add alice alice1 \
8639f9be 4840-- lsp-set-addresses alice1 "dynamic"
8bc2c143 4841AT_CHECK([ovn-nbctl --timeout=10 wait-until Logical-Switch-Port alice1 dynamic_addresses='"0a:00:00:00:00:02 192.168.2.2"'])
8639f9be
ND		 4842
4843# Create logical port foo2 in foo
fd3b31e9 4844ovn-nbctl --wait=sb lsp-add foo foo2 \
8639f9be 4845-- lsp-set-addresses foo2 "dynamic"
8bc2c143 4846AT_CHECK([ovn-nbctl --timeout=10 wait-until Logical-Switch-Port foo2 dynamic_addresses='"0a:00:00:00:00:03 192.168.1.3"'])
8639f9be
ND		 4847
4848# Create a hypervisor and create OVS ports corresponding to logical ports.
4849net_add n1
4850
4851sim_add hv1
4852as hv1
4853ovs-vsctl add-br br-phys
4854ovn_attach n1 br-phys 192.168.0.1
4855ovs-vsctl -- add-port br-int hv1-vif1 -- \
4856 set interface hv1-vif1 external-ids:iface-id=foo1 \
4857 options:tx_pcap=hv1/vif1-tx.pcap \
4858 options:rxq_pcap=hv1/vif1-rx.pcap \
4859 ofport-request=1
4860
4861ovs-vsctl -- add-port br-int hv1-vif2 -- \
4862 set interface hv1-vif2 external-ids:iface-id=foo2 \
4863 options:tx_pcap=hv1/vif2-tx.pcap \
4864 options:rxq_pcap=hv1/vif2-rx.pcap \
4865 ofport-request=2
4866
4867ovs-vsctl -- add-port br-int hv1-vif3 -- \
4868 set interface hv1-vif3 external-ids:iface-id=alice1 \
4869 options:tx_pcap=hv1/vif3-tx.pcap \
4870 options:rxq_pcap=hv1/vif3-rx.pcap \
4871 ofport-request=3
4872
4873# Allow some time for ovn-northd and ovn-controller to catch up.
4874# XXX This should be more systematic.
4875sleep 1
4876
4877ip_to_hex() {
4878 printf "%02x%02x%02x%02x" "$@"
4879}
8639f9be
ND		 4880
4881# Send ip packets between foo1 and foo2
4882src_mac="0a0000000001"
4883dst_mac="0a0000000003"
4884src_ip=`ip_to_hex 192 168 1 2`
4885dst_ip=`ip_to_hex 192 168 1 3`
4886packet=${dst_mac}${src_mac}08004500001c0000000040110000${src_ip}${dst_ip}0035111100080000
4887as hv1 ovs-appctl netdev-dummy/receive hv1-vif1 $packet
4888
4889# Send ip packets between foo1 and alice1
4890src_mac="0a0000000001"
4891dst_mac="000000010203"
4892src_ip=`ip_to_hex 192 168 1 2`
4893dst_ip=`ip_to_hex 192 168 2 2`
4894packet=${dst_mac}${src_mac}08004500001c0000000040110000${src_ip}${dst_ip}0035111100080000
4895as hv1 ovs-appctl netdev-dummy/receive hv1-vif1 $packet
4896
4897echo "---------NB dump-----"
4898ovn-nbctl show
4899echo "---------------------"
4900ovn-nbctl list logical_router
4901echo "---------------------"
4902ovn-nbctl list logical_router_port
4903echo "---------------------"
4904
4905echo "---------SB dump-----"
4906ovn-sbctl list datapath_binding
4907echo "---------------------"
4908ovn-sbctl list port_binding
4909echo "---------------------"
4910
4911echo "------ hv1 dump ----------"
4912as hv1 ovs-ofctl dump-flows br-int
4913
4914# Packet to Expect at foo2
4915src_mac="0a0000000001"
4916dst_mac="0a0000000003"
4917src_ip=`ip_to_hex 192 168 1 2`
4918dst_ip=`ip_to_hex 192 168 1 3`
4919expected=${dst_mac}${src_mac}08004500001c0000000040110000${src_ip}${dst_ip}0035111100080000
4920
e4543cfe
DDP		 4921$PYTHON "$top_srcdir/utilities/ovs-pcap.in" hv1/vif2-tx.pcap > received1.packets
4922echo $expected > expout
8639f9be
ND		 4923AT_CHECK([cat received1.packets], [0], [expout])
4924
4925# Packet to Expect at alice1
4926src_mac="000000010204"
4927dst_mac="0a0000000002"
4928src_ip=`ip_to_hex 192 168 1 2`
4929dst_ip=`ip_to_hex 192 168 2 2`
4930expected=${dst_mac}${src_mac}08004500001c000000003f110100${src_ip}${dst_ip}0035111100080000
4931
e4543cfe
DDP		 4932$PYTHON "$top_srcdir/utilities/ovs-pcap.in" hv1/vif3-tx.pcap > received2.packets
4933echo $expected > expout
8639f9be
ND		 4934AT_CHECK([cat received2.packets], [0], [expout])
4935
4936OVN_CLEANUP([hv1])
4937
4938AT_CLEANUP
f5792c3f
NS		 4939
4940AT_SETUP([ovn -- ovs-vswitchd restart])
1794d5f2 4941AT_KEYWORDS([vswitchd])
f5792c3f
NS		 4942AT_SKIP_IF([test $HAVE_PYTHON = no])
4943ovn_start
4944
4945ovn-nbctl ls-add ls1
4946
4947ovn-nbctl lsp-add ls1 ls1-lp1 \
4948-- lsp-set-addresses ls1-lp1 "f0:00:00:00:00:01 10.0.0.4"
4949
4950ovn-nbctl lsp-set-port-security ls1-lp1 "f0:00:00:00:00:01 10.0.0.4"
4951
4952net_add n1
4953sim_add hv1
4954
4955as hv1
4956ovs-vsctl add-br br-phys
4957ovn_attach n1 br-phys 192.168.0.1
4958ovs-vsctl -- add-port br-int hv1-vif1 -- \
4959 set interface hv1-vif1 external-ids:iface-id=ls1-lp1 \
4960 options:tx_pcap=hv1/vif1-tx.pcap \
4961 options:rxq_pcap=hv1/vif1-rx.pcap \
4962 ofport-request=1
4963
4964ovn_populate_arp
4965sleep 2
4966
4967as hv1 ovs-vsctl show
4968
4969echo "---------------------"
4970ovn-sbctl dump-flows
4971echo "---------------------"
4972
4973echo "------ hv1 dump ----------"
4974as hv1 ovs-ofctl dump-flows br-int
4975total_flows=`as hv1 ovs-ofctl dump-flows br-int | wc -l`
4976
4977echo "Total flows before vswitchd restart = " $total_flows
4978
4979# Code taken from ovs-save utility
4980save_flows () {
4981 echo "ovs-ofctl add-flows br-int - << EOF" > restore_flows.sh
4982 as hv1 ovs-ofctl dump-flows "br-int" | sed -e '/NXST_FLOW/d' \
4983 -e 's/\(idle\|hard\)_age=[^,]*,//g' >> restore_flows.sh
4984 echo "EOF" >> restore_flows.sh
4985}
4986
4987restart_vswitchd () {
4988 restore_flows=$1
4989
4990 if test $restore_flows = true; then
4991 save_flows
4992 fi
4993
4994 as hv1
4995 OVS_APP_EXIT_AND_WAIT([ovs-vswitchd])
4996
4997 if test $restore_flows = true; then
4998 as hv1
4999 ovs-vsctl --no-wait set open_vswitch . other_config:flow-restore-wait="true"
5000 fi
5001
5002 as hv1
5003 start_daemon ovs-vswitchd --enable-dummy=system -vvconn -vofproto_dpif -vunixctl
5004 ovs-ofctl dump-flows br-int
5005
5006 if test $restore_flows = true; then
5007 sh ./restore_flows.sh
5008 echo "Flows after restore"
5009 as hv1
5010 ovs-ofctl dump-flows br-int
5011 ovs-vsctl --no-wait --if-exists remove open_vswitch . other_config \
5012 flow-restore-wait="true"
5013 fi
5014}
5015
5016# Save the flows, restart vswitchd and restore the flows
5017restart_vswitchd true
5018OVS_WAIT_UNTIL([
5019 total_flows_after_restart=`as hv1 ovs-ofctl dump-flows br-int | wc -l`
5020 echo "Total flows after vswitchd restart = " $total_flows_after_restart
5021 test "${total_flows}" = "${total_flows_after_restart}"
5022])
5023
5024# Restart vswitchd without restoring
5025restart_vswitchd false
5026OVS_WAIT_UNTIL([
5027 total_flows_after_restart=`as hv1 ovs-ofctl dump-flows br-int | wc -l`
5028 echo "Total flows after vswitchd restart = " $total_flows_after_restart
5029 test "${total_flows}" = "${total_flows_after_restart}"
5030])
5031
5032OVN_CLEANUP([hv1])
5033AT_CLEANUP
47021598
CSV		 5034
5035AT_SETUP([ovn -- send arp for nexthop])
47021598
CSV		 5036AT_SKIP_IF([test $HAVE_PYTHON = no])
5037ovn_start
5038
5039# Topology: Two LSs - ls1 and ls2 are connected via router r0
5040
5041# Create logical switches
5042ovn-nbctl ls-add ls1
5043ovn-nbctl ls-add ls2
5044
5045# Create router
5046ovn-nbctl create Logical_Router name=lr0
5047
5048# Add router ls1p1 port to gateway router
5049ovn-nbctl lrp-add lr0 lrp-ls1lp1 f0:00:00:00:00:01 192.168.0.1/24
5050ovn-nbctl lsp-add ls1 ls1lp1 -- set Logical_Switch_Port ls1lp1 \
5051 type=router options:router-port=lrp-ls1lp1 \
5052 addresses='"f0:00:00:00:00:01 192.168.0.1"'
5053
5054# Add router ls2p2 port to gateway router
5055ovn-nbctl lrp-add lr0 lrp-ls2lp1 f0:00:00:00:00:02 192.168.1.1/24
5056ovn-nbctl lsp-add ls2 ls2lp1 -- set Logical_Switch_Port ls2lp1 \
5057 type=router options:router-port=lrp-ls2lp1 \
5058 addresses='"f0:00:00:00:00:02 192.168.1.1"'
5059
5060# Set default gateway (nexthop) to 192.168.1.254
5061ovn-nbctl lr-route-add lr0 "0.0.0.0/0" 192.168.1.254 lrp-ls2lp1
5062
5063# Create logical port ls1lp2 in ls1
5064ovn-nbctl lsp-add ls1 ls1lp2 \
5065-- lsp-set-addresses ls1lp2 "f0:00:00:00:00:03 192.168.0.2"
5066
5067# Create logical port ls2lp2 in ls2
5068ovn-nbctl lsp-add ls2 ls2lp2 \
5069-- lsp-set-addresses ls2lp2 "f0:00:00:00:00:04 192.168.1.10"
5070
5071net_add n1
5072sim_add hv1
5073as hv1
5074ovs-vsctl add-br br-phys
5075ovn_attach n1 br-phys 192.168.0.1
5076ovs-vsctl -- add-port br-int hv1-ls1lp2 -- \
5077 set interface hv1-ls1lp2 external-ids:iface-id=ls1lp2 \
5078 options:tx_pcap=hv1/ls1lp2-tx.pcap \
5079 options:rxq_pcap=hv1/ls1lp2-rx.pcap \
5080 ofport-request=1
5081ovs-vsctl -- add-port br-int hv1-ls2lp2 -- \
5082 set interface hv1-ls2lp2 external-ids:iface-id=ls2lp2 \
5083 options:tx_pcap=hv1/ls2lp2-tx.pcap \
5084 options:rxq_pcap=hv1/ls2lp2-rx.pcap \
5085 ofport-request=2
5086
5087# Allow some time for ovn-northd and ovn-controller to catch up.
5088# XXX This should be more systematic.
5089sleep 1
5090
5091echo "---------NB dump-----"
5092ovn-nbctl show
5093echo "---------------------"
5094ovn-nbctl list logical_router
5095echo "---------------------"
5096ovn-nbctl list logical_router_port
5097echo "---------------------"
5098
5099echo "---------SB dump-----"
5100ovn-sbctl list datapath_binding
5101echo "---------------------"
5102ovn-sbctl list port_binding
5103echo "---------------------"
5104ovn-sbctl dump-flows
5105echo "---------------------"
5106ovn-sbctl list chassis
5107ovn-sbctl list encap
5108echo "---------------------"
5109
5110echo "------Flows dump-----"
5111as hv1
5112ovs-ofctl dump-flows
5113echo "---------------------"
5114
5115ip_to_hex() {
5116 printf "%02x%02x%02x%02x" "$@"
5117}
5118
5119src_mac="f00000000003"
5120dst_mac="f00000000001"
5121src_ip=`ip_to_hex 192 168 0 2`
5122dst_ip=`ip_to_hex 8 8 8 8`
5123packet=${dst_mac}${src_mac}08004500001c0000000040110000${src_ip}${dst_ip}0035111100080000
5124
5125# Send IP packet destined to 8.8.8.8 from lsp1lp2
5126as hv1 ovs-appctl netdev-dummy/receive hv1-ls1lp2 $packet
5127
5128trim_zeros() {
5129 sed 's/\(00\)\{1,\}$//'
5130}
5131
5132# ARP packet should be received with Target IP Address set to 192.168.1.254 and
5133# not 8.8.8.8
5134
5135$PYTHON "$top_srcdir/utilities/ovs-pcap.in" hv1/ls2lp2-tx.pcap | trim_zeros > packets
5136expected="fffffffffffff0000000000208060001080006040001f00000000002c0a80101000000000000c0a801fe"
5137echo $expected > expout
5138AT_CHECK([cat packets], [0], [expout])
5139cat packets
5140
5141OVN_CLEANUP([hv1])
5142
5143AT_CLEANUP
8439c2eb
CSV		 5144
5145AT_SETUP([ovn -- send gratuitous arp for nat ips in localnet])
8439c2eb
CSV		 5146AT_SKIP_IF([test $HAVE_PYTHON = no])
5147ovn_start
5148# Create logical switch
5149ovn-nbctl ls-add ls0
5150# Create gateway router
5151ovn-nbctl create Logical_Router name=lr0 options:chassis=hv1
5152# Add router port to gateway router
5153ovn-nbctl lrp-add lr0 lrp0 f0:00:00:00:00:01 192.168.0.1/24
5154ovn-nbctl lsp-add ls0 lrp0-rp -- set Logical_Switch_Port lrp0-rp \
5155 type=router options:router-port=lrp0-rp addresses='"f0:00:00:00:00:01"'
5156# Add nat-address option
5157ovn-nbctl lsp-set-options lrp0-rp router-port=lrp0 nat-addresses="f0:00:00:00:00:01 192.168.0.2"
5158
5159net_add n1
5160sim_add hv1
5161as hv1
5162ovs-vsctl \
5163 -- add-br br-phys \
5164 -- add-br br-eth0
5165
5166ovn_attach n1 br-phys 192.168.0.1
5167
5168AT_CHECK([ovs-vsctl set Open_vSwitch . external-ids:ovn-bridge-mappings=physnet1:br-eth0])
5169AT_CHECK([ovs-vsctl add-port br-eth0 snoopvif -- set Interface snoopvif options:tx_pcap=hv1/snoopvif-tx.pcap options:rxq_pcap=hv1/snoopvif-rx.pcap])
5170
5171# Create a localnet port.
5172AT_CHECK([ovn-nbctl lsp-add ls0 ln_port])
5173AT_CHECK([ovn-nbctl lsp-set-addresses ln_port unknown])
5174AT_CHECK([ovn-nbctl lsp-set-type ln_port localnet])
5175AT_CHECK([ovn-nbctl lsp-set-options ln_port network_name=physnet1])
5176
5177
5178# Wait for packet to be received.
5179OVS_WAIT_UNTIL([test `wc -c < "hv1/snoopvif-tx.pcap"` -ge 50])
5180trim_zeros() {
5181 sed 's/\(00\)\{1,\}$//'
5182}
5183$PYTHON "$top_srcdir/utilities/ovs-pcap.in" hv1/snoopvif-tx.pcap | trim_zeros > packets
5184expected="fffffffffffff0000000000108060001080006040001f00000000001c0a80002000000000000c0a80002"
5185echo $expected > expout
5186AT_CHECK([sort packets], [0], [expout])
5187cat packets
5188
5189OVN_CLEANUP([hv1])
5190
5191AT_CLEANUP
6e31816f
CSV		 5192
5193AT_SETUP([ovn -- delete mac bindings])
6e31816f
CSV		 5194ovn_start
5195net_add n1
5196sim_add hv1
5197as hv1
5198ovs-vsctl -- add-br br-phys
5199ovn_attach n1 br-phys 192.168.0.1
5200# Create logical switch ls0
5201ovn-nbctl ls-add ls0
5202# Create ports lp0, lp1 in ls0
5203ovn-nbctl lsp-add ls0 lp0
5204ovn-nbctl lsp-add ls0 lp1
5205ovn-nbctl lsp-set-addresses lp0 "f0:00:00:00:00:01 192.168.0.1"
5206ovn-nbctl lsp-set-addresses lp1 "f0:00:00:00:00:02 192.168.0.2"
5207dp_uuid=`ovn-sbctl find datapath | grep uuid | cut -f2 -d ":" | cut -f2 -d " "`
5208ovn-sbctl create MAC_Binding ip=10.0.0.1 datapath=$dp_uuid logical_port=lp0 mac="mac1"
5209ovn-sbctl create MAC_Binding ip=10.0.0.1 datapath=$dp_uuid logical_port=lp1 mac="mac2"
5210ovn-sbctl find MAC_Binding
093aa761 5211# Delete port lp0 and check that its MAC_Binding is deleted.
6e31816f
CSV		 5212ovn-nbctl lsp-del lp0
5213ovn-sbctl find MAC_Binding
093aa761
BP		 5214OVS_WAIT_UNTIL([test `ovn-sbctl find MAC_Binding logical_port=lp0 | wc -l` = 0])
5215# Delete logical switch ls0 and check that its MAC_Binding is deleted.
6e31816f
CSV		 5216ovn-nbctl ls-del ls0
5217ovn-sbctl find MAC_Binding
093aa761 5218OVS_WAIT_UNTIL([test `ovn-sbctl find MAC_Binding | wc -l` = 0])
6e31816f
CSV		 5219
5220OVN_CLEANUP([hv1])
5221
5222AT_CLEANUP
926c34fd
RM		 5223
5224AT_SETUP([ovn -- conntrack zone allocation])
926c34fd
RM		 5225AT_SKIP_IF([test $HAVE_PYTHON = no])
5226ovn_start
5227
5228# Logical network:
5229# 2 logical switches "foo" (192.168.1.0/24) and "bar" (172.16.1.0/24)
5230# connected to a router R1.
5231# foo has foo1 to act as a client.
5232# bar has bar1, bar2, bar3 to act as servers.
5233
5234net_add n1
5235
5236sim_add hv1
5237as hv1
5238ovs-vsctl add-br br-phys
5239ovn_attach n1 br-phys 192.168.0.1
5240for i in foo1 bar1 bar2 bar3; do
5241 ovs-vsctl -- add-port br-int $i -- \
5242 set interface $i external-ids:iface-id=$i \
5243 options:tx_pcap=hv1/$i-tx.pcap \
5244 options:rxq_pcap=hv1/$i-rx.pcap
5245done
5246
5247ovn-nbctl create Logical_Router name=R1
5248ovn-nbctl ls-add foo
5249ovn-nbctl ls-add bar
5250
5251# Connect foo to R1
5252ovn-nbctl lrp-add R1 foo 00:00:01:01:02:03 192.168.1.1/24
5253ovn-nbctl lsp-add foo rp-foo -- set Logical_Switch_Port rp-foo \
5254 type=router options:router-port=foo addresses=\"00:00:01:01:02:03\"
5255
5256# Connect bar to R1
5257ovn-nbctl lrp-add R1 bar 00:00:01:01:02:04 172.16.1.1/24
5258ovn-nbctl lsp-add bar rp-bar -- set Logical_Switch_Port rp-bar \
5259 type=router options:router-port=bar addresses=\"00:00:01:01:02:04\"
5260
5261# Create logical port foo1 in foo
5262ovn-nbctl lsp-add foo foo1 \
5263-- lsp-set-addresses foo1 "f0:00:00:01:02:03 192.168.1.2"
5264
5265# Create logical port bar1, bar2 and bar3 in bar
5266for i in `seq 1 3`; do
5267 ip=`expr $i + 1`
5268 ovn-nbctl lsp-add bar bar$i \
5269 -- lsp-set-addresses bar$i "f0:00:0a:01:02:$i 172.16.1.$ip"
5270done
5271
5272OVS_WAIT_UNTIL([test `ovs-ofctl dump-flows br-int table=0 | grep REG13 | wc -l` -eq 4])
5273
5274OVN_CLEANUP([hv1])
5275
5276AT_CLEANUP
b511690b
GS		 5277
5278AT_SETUP([ovn -- tag allocation])
b511690b
GS		 5279ovn_start
5280
5281AT_CHECK([ovn-nbctl ls-add ls0])
5282AT_CHECK([ovn-nbctl lsp-add ls0 parent1])
5283AT_CHECK([ovn-nbctl lsp-add ls0 parent2])
5284AT_CHECK([ovn-nbctl ls-add ls1])
5285
5286dnl When a tag is provided, no allocation is done
5287AT_CHECK([ovn-nbctl --wait=sb lsp-add ls1 c0 parent1 3])
5288AT_CHECK([ovn-nbctl lsp-get-tag c0], [0], [3
5289])
5290dnl The same 'tag' gets created in southbound database.
5291AT_CHECK([ovn-sbctl --data=bare --no-heading --columns=tag find port_binding \
5292logical_port="c0"], [0], [3
5293])
5294
5295dnl Allocate tags and see it getting created in both NB and SB
5296AT_CHECK([ovn-nbctl --wait=sb lsp-add ls1 c1 parent1 0])
5297AT_CHECK([ovn-nbctl lsp-get-tag c1], [0], [1
5298])
5299AT_CHECK([ovn-sbctl --data=bare --no-heading --columns=tag find port_binding \
5300logical_port="c1"], [0], [1
5301])
5302
5303AT_CHECK([ovn-nbctl --wait=sb lsp-add ls1 c2 parent1 0])
5304AT_CHECK([ovn-nbctl lsp-get-tag c2], [0], [2
5305])
5306AT_CHECK([ovn-sbctl --data=bare --no-heading --columns=tag find port_binding \
5307logical_port="c2"], [0], [2
5308])
5309AT_CHECK([ovn-nbctl --wait=sb lsp-add ls1 c3 parent1 0])
5310AT_CHECK([ovn-nbctl lsp-get-tag c3], [0], [4
5311])
5312AT_CHECK([ovn-sbctl --data=bare --no-heading --columns=tag find port_binding \
5313logical_port="c3"], [0], [4
5314])
5315
5316dnl A different parent.
5317AT_CHECK([ovn-nbctl --wait=sb lsp-add ls1 c4 parent2 0])
5318AT_CHECK([ovn-nbctl lsp-get-tag c4], [0], [1
5319])
5320AT_CHECK([ovn-sbctl --data=bare --no-heading --columns=tag find port_binding \
5321logical_port="c4"], [0], [1
5322])
5323
5324AT_CHECK([ovn-nbctl --wait=sb lsp-add ls1 c5 parent2 0])
5325AT_CHECK([ovn-nbctl lsp-get-tag c5], [0], [2
5326])
5327AT_CHECK([ovn-sbctl --data=bare --no-heading --columns=tag find port_binding \
5328logical_port="c5"], [0], [2
5329])
5330
5331dnl Delete a logical port and create a new one.
5332AT_CHECK([ovn-nbctl --wait=sb lsp-del c1])
5333AT_CHECK([ovn-nbctl --wait=sb lsp-add ls1 c6 parent1 0])
5334AT_CHECK([ovn-nbctl lsp-get-tag c6], [0], [1
5335])
5336AT_CHECK([ovn-sbctl --data=bare --no-heading --columns=tag find port_binding \
5337logical_port="c6"], [0], [1
5338])
5339
5340dnl Restart northd to see that the same allocation remains.
5341as northd
5342OVS_APP_EXIT_AND_WAIT([ovn-northd])
5343start_daemon ovn-northd \
5344 --ovnnb-db=unix:"$ovs_base"/ovn-nb/ovn-nb.sock \
5345 --ovnsb-db=unix:"$ovs_base"/ovn-sb/ovn-sb.sock
5346
5347dnl Create a switch to make sure that ovn-northd has run through the main loop.
5348AT_CHECK([ovn-nbctl --wait=sb ls-add ls-dummy])
5349AT_CHECK([ovn-nbctl lsp-get-tag c0], [0], [3
5350])
5351AT_CHECK([ovn-nbctl lsp-get-tag c6], [0], [1
5352])
5353AT_CHECK([ovn-nbctl lsp-get-tag c2], [0], [2
5354])
5355AT_CHECK([ovn-nbctl lsp-get-tag c3], [0], [4
5356])
5357AT_CHECK([ovn-nbctl lsp-get-tag c4], [0], [1
5358])
5359AT_CHECK([ovn-nbctl lsp-get-tag c5], [0], [2
5360])
5361
5362dnl Create a switch port with a tag that has already been allocated.
5363dnl It should go through fine with a duplicate tag.
5364AT_CHECK([ovn-nbctl --wait=sb lsp-add ls1 c7 parent2 2])
5365AT_CHECK([ovn-nbctl lsp-get-tag c7], [0], [2
5366])
5367AT_CHECK([ovn-sbctl --data=bare --no-heading --columns=tag find port_binding \
5368logical_port="c7"], [0], [2
5369])
5370AT_CHECK([ovn-nbctl lsp-get-tag c5], [0], [2
5371])
5372
5373AT_CHECK([ovn-nbctl ls-add ls2])
5374dnl When there is no parent_name provided (for say, 'localnet'), 'tag_request'
5375dnl gets copied to 'tag'
5376AT_CHECK([ovn-nbctl --wait=sb lsp-add ls2 local0 "" 25])
5377AT_CHECK([ovn-nbctl lsp-get-tag local0], [0], [25
5378])
5379dnl The same 'tag' gets created in southbound database.
5380AT_CHECK([ovn-sbctl --data=bare --no-heading --columns=tag find port_binding \
5381logical_port="local0"], [0], [25
5382])
5383dnl If 'tag_request' is 0 for localnet, nothing gets written to 'tag'
5384AT_CHECK([ovn-nbctl --wait=sb lsp-add ls2 local1 "" 0])
5385AT_CHECK([ovn-nbctl lsp-get-tag local1])
5386dnl change the tag_request.
5387AT_CHECK([ovn-nbctl --wait=sb set logical_switch_port local1 tag_request=50])
5388AT_CHECK([ovn-nbctl lsp-get-tag local1], [0], [50
5389])
5390
5391AT_CLEANUP
57afd0c0
RR		 5392
5393AT_SETUP([ovn -- lsp deletion and broadcast-flow deletion on localnet])
57afd0c0
RR		 5394ovn_start
5395ovn-nbctl ls-add lsw0
5396net_add n1
5397for i in 1 2; do
5398 sim_add hv$i
5399 as hv$i
5400 ovs-vsctl add-br br-phys
5401 ovn_attach n1 br-phys 192.168.0.$i
5402 ovs-vsctl add-br br-eth0
5403 AT_CHECK([ovs-vsctl set Open_vSwitch . external-ids:ovn-bridge-mappings=physnet1:br-eth0])
5404done
5405
5406# Create a localnet port.
5407AT_CHECK([ovn-nbctl lsp-add lsw0 ln_port])
5408AT_CHECK([ovn-nbctl lsp-set-addresses ln_port unknown])
5409AT_CHECK([ovn-nbctl lsp-set-type ln_port localnet])
5410AT_CHECK([ovn-nbctl lsp-set-options ln_port network_name=physnet1])
5411
5412
5413# Create 3 vifs.
5414AT_CHECK([ovn-nbctl lsp-add lsw0 localvif1])
5415AT_CHECK([ovn-nbctl lsp-set-addresses localvif1 "f0:00:00:00:00:01 192.168.1.1"])
5416AT_CHECK([ovn-nbctl lsp-set-port-security localvif1 "f0:00:00:00:00:01"])
5417AT_CHECK([ovn-nbctl lsp-add lsw0 localvif2])
5418AT_CHECK([ovn-nbctl lsp-set-addresses localvif2 "f0:00:00:00:00:01 192.168.1.2"])
5419AT_CHECK([ovn-nbctl lsp-set-port-security localvif2 "f0:00:00:00:00:02"])
5420AT_CHECK([ovn-nbctl lsp-add lsw0 localvif3])
5421AT_CHECK([ovn-nbctl lsp-set-addresses localvif3 "f0:00:00:00:00:03 192.168.1.3"])
5422AT_CHECK([ovn-nbctl lsp-set-port-security localvif3 "f0:00:00:00:00:03"])
5423
5424# Bind the localvif1 to hv1.
5425as hv1
5426AT_CHECK([ovs-vsctl add-port br-int localvif1 -- set Interface localvif1 external_ids:iface-id=localvif1])
5427
5428# On hv1, check that there are no flows outputting bcast to tunnel
5429OVS_WAIT_UNTIL([test `ovs-ofctl dump-flows br-int table=32 | ofctl_strip | grep output | wc -l` -eq 0])
5430
1ea9b847 5431# On hv2, check that no flow outputs bcast to tunnel to hv1.
57afd0c0 5432as hv2
1ea9b847 5433OVS_WAIT_UNTIL([test `ovs-ofctl dump-flows br-int table=32 | ofctl_strip | grep output | wc -l` -eq 0])
57afd0c0
RR		 5434
5435# Now bind vif2 on hv2.
5436AT_CHECK([ovs-vsctl add-port br-int localvif2 -- set Interface localvif2 external_ids:iface-id=localvif2])
5437
5438# At this point, the broadcast flow on vif2 should be deleted.
5439# because, there is now a localnet vif bound (table=32 programming logic)
5440OVS_WAIT_UNTIL([test `ovs-ofctl dump-flows br-int table=32 | ofctl_strip | grep output | wc -l` -eq 0])
5441
5442# Verify that the local net patch port exists on hv2.
5443OVS_WAIT_UNTIL([test `ovs-vsctl show | grep "Port patch-br-int-to-ln_port" | wc -l` -eq 1])
5444
5445# Now bind vif3 on hv2.
5446AT_CHECK([ovs-vsctl add-port br-int localvif3 -- set Interface localvif3 external_ids:iface-id=localvif3])
5447
5448# Verify that the local net patch port still exists on hv2
5449OVS_WAIT_UNTIL([test `ovs-vsctl show | grep "Port patch-br-int-to-ln_port" | wc -l` -eq 1])
5450
5451# Delete localvif2
5452AT_CHECK([ovn-nbctl lsp-del localvif2])
5453
5454# Verify that the local net patch port still exists on hv2,
5455# because, localvif3 is still bound.
5456OVS_WAIT_UNTIL([test `ovs-vsctl show | grep "Port patch-br-int-to-ln_port" | wc -l` -eq 1])
5457
57afd0c0 5458OVN_CLEANUP([hv1],[hv2])
1a03fc7d
BS		 5459
5460AT_CLEANUP
5461
5462AT_SETUP([ovn -- DSCP marking check])
5463AT_KEYWORDS([ovn])
5464ovn_start
5465
5466ovn-nbctl ls-add lsw0
5467ovn-nbctl --wait=sb lsp-add lsw0 lp1
5468ovn-nbctl --wait=sb lsp-add lsw0 lp2
5469ovn-nbctl lsp-set-addresses lp1 f0:00:00:00:00:01
5470ovn-nbctl lsp-set-addresses lp2 f0:00:00:00:00:02
5471ovn-nbctl lsp-set-port-security lp1 f0:00:00:00:00:01
5472ovn-nbctl lsp-set-port-security lp2 f0:00:00:00:00:02
5473ovn-nbctl --wait=sb sync
5474net_add n1
5475sim_add hv
5476as hv
5477ovs-vsctl add-br br-phys
5478ovn_attach n1 br-phys 192.168.0.1
5479ovs-vsctl add-port br-int vif1 -- set Interface vif1 external-ids:iface-id=lp1 options:tx_pcap=vif1-tx.pcap options:rxq_pcap=vif1-rx.pcap ofport-request=1
5480ovs-vsctl add-port br-int vif2 -- set Interface vif2 external-ids:iface-id=lp2 options:tx_pcap=vif2-tx.pcap options:rxq_pcap=vif2-rx.pcap ofport-request=2
5481
5482AT_CAPTURE_FILE([trace])
5483ovn_trace () {
5484 ovn-trace --all "$@" | tee trace | sed '1,/Minimal trace/d'
5485}
5486
5487# Extracts nw_tos from the final flow from ofproto/trace output and prints
5488# it on stdout. Prints "none" if no nw_tos was included.
5489get_final_nw_tos() {
5490 if flow=$(grep '^Final flow:' stdout); then :; else
5491 # The output didn't have a final flow.
5492 return 99
5493 fi
5494
5495 tos=$(echo "$flow" | sed -n 's/.*nw_tos=\([[0-9]]\{1,\}\).*/\1/p')
5496 case $tos in
5497 '') echo none ;;
5498 *) echo $tos ;;
5499 esac
5500}
5501
5502# check_tos TOS
5503#
5504# Checks that a packet from 1.1.1.1 to 1.1.1.2 gets its DSCP set to TOS.
5505check_tos() {
5506 # First check with ovn-trace for logical flows.
5507 echo "checking for tos $1"
5508 (if test $1 != 0; then echo "ip.dscp = $1;"; fi;
5509 echo 'output("lp2");') > expout
5510 AT_CHECK_UNQUOTED([ovn_trace lsw0 'inport == "lp1" && eth.src == f0:00:00:00:00:01 && eth.dst == f0:00:00:00:00:02 && ip4.src == 1.1.1.1 && ip4.dst == 1.1.1.2'], [0], [expout])
5511
5512 # Then re-check with ofproto/trace for a physical packet.
5513 AT_CHECK([ovs-appctl ofproto/trace br-int 'in_port=1,dl_src=f0:00:00:00:00:01,dl_dst=f0:00:00:00:00:02,dl_type=0x800,nw_src=1.1.1.1,nw_dst=1.1.1.2'], [0], [stdout-nolog])
5514 AT_CHECK_UNQUOTED([get_final_nw_tos], [0], [`expr $1 \* 4`
5515])
5516}
5517
5518# check at L2
5519AT_CHECK([ovn_trace lsw0 'inport == "lp1" && eth.src == f0:00:00:00:00:01 && eth.dst == f0:00:00:00:00:02'], [0], [output("lp2");
5520])
5521AT_CHECK([ovs-appctl ofproto/trace br-int 'in_port=1,dl_src=f0:00:00:00:00:01,dl_dst=f0:00:00:00:00:02'], [0], [stdout-nolog])
5522AT_CHECK([get_final_nw_tos], [0], [none
5523])
5524
5525# check at L3 without dscp marking
5526check_tos 0
5527
5528# Mark DSCP with a valid value
5529qos_id=$(ovn-nbctl --wait=hv -- --id=@lp1-qos create QoS priority=100 action=dscp=48 match="inport\=\=\"lp1\"" direction="from-lport" -- set Logical_Switch lsw0 qos_rules=@lp1-qos)
5530check_tos 48
5531
5532# Update the DSCP marking
5533ovn-nbctl --wait=hv set QoS $qos_id action=dscp=63
5534check_tos 63
5535
5536ovn-nbctl --wait=hv set QoS $qos_id match="outport\=\=\"lp2\"" direction="to-lport"
5537check_tos 63
5538
5539# Disable DSCP marking
5540ovn-nbctl --wait=hv clear Logical_Switch lsw0 qos_rules
5541check_tos 0
5542
5543OVN_CLEANUP([hv])
57afd0c0 5544AT_CLEANUP
7fff4eb7
LR		 5545
5546AT_SETUP([ovn -- read-only sb db:ptcp access])
5547AT_SKIP_IF([test $HAVE_PYTHON = no])
5548
5549: > .$1.db.~lock~
5550ovsdb-tool create ovn-sb.db "$abs_top_srcdir"/ovn/ovn-sb.ovsschema
5551
5552# Add read-only remote to sb ovsdb-server
5553AT_CHECK(
5554 [ovsdb-tool transact ovn-sb.db \
5555 ['["OVN_Southbound",
5556 {"op": "insert",
5557 "table": "SB_Global",
5558 "row": {
5559 "connections": ["set", [["named-uuid", "xyz"]]]}},
5560 {"op": "insert",
5561 "table": "Connection",
5562 "uuid-name": "xyz",
5563 "row": {"target": "ptcp:0:127.0.0.1",
5564 "read_only": true}}]']], [0], [ignore], [ignore])
5565
5566start_daemon ovsdb-server --remote=punix:ovn-sb.sock --remote=db:OVN_Southbound,SB_Global,connections ovn-sb.db
5567
5568PARSE_LISTENING_PORT([ovsdb-server.log], [TCP_PORT])
5569
5570# read-only accesses should succeed
5571AT_CHECK([ovn-sbctl --db=tcp:127.0.0.1:$TCP_PORT list SB_Global], [0], [stdout], [ignore])
5572AT_CHECK([ovn-sbctl --db=tcp:127.0.0.1:$TCP_PORT list Connection], [0], [stdout], [ignore])
5573
5574# write access should fail
5575AT_CHECK([ovn-sbctl --db=tcp:127.0.0.1:$TCP_PORT chassis-add ch vxlan 1.2.4.8], [1], [ignore],
5576[ovn-sbctl: transaction error: {"details":"insert operation not allowed when database server is in read only mode","error":"not allowed"}
5577])
5578
5579OVS_APP_EXIT_AND_WAIT([ovsdb-server])
5580AT_CLEANUP
5581
5582AT_SETUP([ovn -- read-only sb db:pssl access])
5583AT_SKIP_IF([test $HAVE_PYTHON = no])
5584AT_SKIP_IF([test "$HAVE_OPENSSL" = no])
5585PKIDIR="$(cd $abs_top_builddir/tests && pwd)"
5586AT_SKIP_IF([expr "$PKIDIR" : ".*[ '\"
5587\\]"])
5588
5589: > .$1.db.~lock~
5590ovsdb-tool create ovn-sb.db "$abs_top_srcdir"/ovn/ovn-sb.ovsschema
5591
5592# Add read-only remote to sb ovsdb-server
5593AT_CHECK(
5594 [ovsdb-tool transact ovn-sb.db \
5595 ['["OVN_Southbound",
5596 {"op": "insert",
5597 "table": "SB_Global",
5598 "row": {
5599 "connections": ["set", [["named-uuid", "xyz"]]]}},
5600 {"op": "insert",
5601 "table": "Connection",
5602 "uuid-name": "xyz",
5603 "row": {"target": "pssl:0:127.0.0.1",
5604 "read_only": true}}]']], [0], [ignore], [ignore])
5605
5606start_daemon ovsdb-server --remote=punix:ovn-sb.sock \
5607 --remote=db:OVN_Southbound,SB_Global,connections \
5608 --private-key="$PKIDIR/testpki-privkey2.pem" \
5609 --certificate="$PKIDIR/testpki-cert2.pem" \
5610 --ca-cert="$PKIDIR/testpki-cacert.pem" \
5611 ovn-sb.db
5612
5613PARSE_LISTENING_PORT([ovsdb-server.log], [TCP_PORT])
5614
5615# read-only accesses should succeed
5616AT_CHECK([ovn-sbctl --db=ssl:127.0.0.1:$TCP_PORT \
5617 --private-key=$PKIDIR/testpki-privkey.pem \
5618 --certificate=$PKIDIR/testpki-cert.pem \
5619 --ca-cert=$PKIDIR/testpki-cacert.pem \
5620 list SB_Global], [0], [stdout], [ignore])
5621AT_CHECK([ovn-sbctl --db=ssl:127.0.0.1:$TCP_PORT \
5622 --private-key=$PKIDIR/testpki-privkey.pem \
5623 --certificate=$PKIDIR/testpki-cert.pem \
5624 --ca-cert=$PKIDIR/testpki-cacert.pem \
5625 list Connection], [0], [stdout], [ignore])
5626
5627# write access should fail
5628AT_CHECK([ovn-sbctl --db=ssl:127.0.0.1:$TCP_PORT \
5629 --private-key=$PKIDIR/testpki-privkey.pem \
5630 --certificate=$PKIDIR/testpki-cert.pem \
5631 --ca-cert=$PKIDIR/testpki-cacert.pem \
5632 chassis-add ch vxlan 1.2.4.8], [1], [ignore],
5633[ovn-sbctl: transaction error: {"details":"insert operation not allowed when database server is in read only mode","error":"not allowed"}
5634])
5635
5636OVS_APP_EXIT_AND_WAIT([ovsdb-server])
5637AT_CLEANUP
5638
821302cf
LR		 5639AT_SETUP([ovn -- nb connection/ssl commands])
5640AT_SKIP_IF([test $HAVE_PYTHON = no])
5641AT_SKIP_IF([test "$HAVE_OPENSSL" = no])
5642PKIDIR="$(cd $abs_top_builddir/tests && pwd)"
5643AT_SKIP_IF([expr "$PKIDIR" : ".*[ '\"
5644\\]"])
5645
5646: > .$1.db.~lock~
5647ovsdb-tool create ovn-nb.db "$abs_top_srcdir"/ovn/ovn-nb.ovsschema
5648
5649# Start nb db server using db connection/ssl entries (unpopulated initially)
5650start_daemon ovsdb-server --remote=punix:ovnnb_db.sock \
5651 --remote=db:OVN_Northbound,NB_Global,connections \
5652 --private-key=db:OVN_Northbound,SSL,private_key \
5653 --certificate=db:OVN_Northbound,SSL,certificate \
5654 --ca-cert=db:OVN_Northbound,SSL,ca_cert \
5655 ovn-nb.db
5656
5657# Populate SSL configuration entries in nb db
5658AT_CHECK(
5659 [ovn-nbctl set-ssl $PKIDIR/testpki-privkey.pem \
5660 $PKIDIR/testpki-cert.pem \
5661 $PKIDIR/testpki-cacert.pem], [0], [stdout], [ignore])
5662
5663# Populate a passive SSL connection in nb db
5664AT_CHECK([ovn-nbctl set-connection pssl:0:127.0.0.1], [0], [stdout], [ignore])
5665
5666PARSE_LISTENING_PORT([ovsdb-server.log], [TCP_PORT])
5667
5668# Verify SSL connetivity to nb db server
5669AT_CHECK([ovn-nbctl --db=ssl:127.0.0.1:$TCP_PORT \
5670 --private-key=$PKIDIR/testpki-privkey.pem \
5671 --certificate=$PKIDIR/testpki-cert.pem \
5672 --ca-cert=$PKIDIR/testpki-cacert.pem \
5673 list NB_Global],
5674 [0], [stdout], [ignore])
5675AT_CHECK([ovn-nbctl --db=ssl:127.0.0.1:$TCP_PORT \
5676 --private-key=$PKIDIR/testpki-privkey.pem \
5677 --certificate=$PKIDIR/testpki-cert.pem \
5678 --ca-cert=$PKIDIR/testpki-cacert.pem \
5679 list Connection],
5680 [0], [stdout], [ignore])
5681AT_CHECK([ovn-nbctl --db=ssl:127.0.0.1:$TCP_PORT \
5682 --private-key=$PKIDIR/testpki-privkey.pem \
10471820
LR		 5683 --certificate=$PKIDIR/testpki-cert.pem \
5684 --ca-cert=$PKIDIR/testpki-cacert.pem \
5685 get-connection],
5686 [0], [stdout], [ignore])
5687
5688OVS_APP_EXIT_AND_WAIT([ovsdb-server])
5689AT_CLEANUP
5690
5691AT_SETUP([ovn -- sb connection/ssl commands])
5692AT_SKIP_IF([test $HAVE_PYTHON = no])
5693AT_SKIP_IF([test "$HAVE_OPENSSL" = no])
5694PKIDIR="$(cd $abs_top_builddir/tests && pwd)"
5695AT_SKIP_IF([expr "$PKIDIR" : ".*[ '\"
5696\\]"])
5697
5698: > .$1.db.~lock~
5699ovsdb-tool create ovn-sb.db "$abs_top_srcdir"/ovn/ovn-sb.ovsschema
5700
5701# Start sb db server using db connection/ssl entries (unpopulated initially)
5702start_daemon ovsdb-server --remote=punix:ovnsb_db.sock \
5703 --remote=db:OVN_Southbound,SB_Global,connections \
5704 --private-key=db:OVN_Southbound,SSL,private_key \
5705 --certificate=db:OVN_Southbound,SSL,certificate \
5706 --ca-cert=db:OVN_Southbound,SSL,ca_cert \
5707 ovn-sb.db
5708
5709# Populate SSL configuration entries in sb db
5710AT_CHECK(
5711 [ovn-sbctl set-ssl $PKIDIR/testpki-privkey.pem \
5712 $PKIDIR/testpki-cert.pem \
5713 $PKIDIR/testpki-cacert.pem], [0], [stdout], [ignore])
5714
5715# Populate a passive SSL connection in sb db
5716AT_CHECK([ovn-sbctl set-connection pssl:0:127.0.0.1], [0], [stdout], [ignore])
5717
5718PARSE_LISTENING_PORT([ovsdb-server.log], [TCP_PORT])
5719
5720# Verify SSL connetivity to sb db server
5721AT_CHECK([ovn-sbctl --db=ssl:127.0.0.1:$TCP_PORT \
5722 --private-key=$PKIDIR/testpki-privkey.pem \
5723 --certificate=$PKIDIR/testpki-cert.pem \
5724 --ca-cert=$PKIDIR/testpki-cacert.pem \
5725 list SB_Global],
5726 [0], [stdout], [ignore])
5727AT_CHECK([ovn-sbctl --db=ssl:127.0.0.1:$TCP_PORT \
5728 --private-key=$PKIDIR/testpki-privkey.pem \
5729 --certificate=$PKIDIR/testpki-cert.pem \
5730 --ca-cert=$PKIDIR/testpki-cacert.pem \
5731 list Connection],
5732 [0], [stdout], [ignore])
5733AT_CHECK([ovn-sbctl --db=ssl:127.0.0.1:$TCP_PORT \
5734 --private-key=$PKIDIR/testpki-privkey.pem \
821302cf
LR		 5735 --certificate=$PKIDIR/testpki-cert.pem \
5736 --ca-cert=$PKIDIR/testpki-cacert.pem \
5737 get-connection],
5738 [0], [stdout], [ignore])
5739
5740OVS_APP_EXIT_AND_WAIT([ovsdb-server])
5741AT_CLEANUP
5742
75fd74f8
GS		 5743AT_SETUP([ovn -- nested containers])
5744ovn_start
5745
5746# Physical network:
5747# 2 HVs. HV1 has 2 VMs - "VM1" and "bar3". HV2 has 1 VM - "VM2"
5748
5749# Logical network:
5750# 3 Logical switches - "mgmt" (172.16.1.0/24), "foo" (192.168.1.0/24)
5751# and "bar" (192.168.2.0/24). They are all connected to router R1.
5752
5753ovn-nbctl lr-add R1
5754ovn-nbctl ls-add mgmt
5755ovn-nbctl ls-add foo
5756ovn-nbctl ls-add bar
5757
5758# Connect mgmt to R1
5759ovn-nbctl lrp-add R1 mgmt 00:00:00:01:02:02 172.16.1.1/24
5760ovn-nbctl lsp-add mgmt rp-mgmt -- set Logical_Switch_Port rp-mgmt type=router \
5761 options:router-port=mgmt addresses=\"00:00:00:01:02:02\"
5762
5763# Connect foo to R1
5764ovn-nbctl lrp-add R1 foo 00:00:00:01:02:03 192.168.1.1/24
5765ovn-nbctl lsp-add foo rp-foo -- set Logical_Switch_Port rp-foo type=router \
5766 options:router-port=foo addresses=\"00:00:00:01:02:03\"
5767
5768# Connect bar to R1
5769ovn-nbctl lrp-add R1 bar 00:00:00:01:02:04 192.168.2.1/24
5770ovn-nbctl lsp-add bar rp-bar -- set Logical_Switch_Port rp-bar type=router \
5771 options:router-port=bar addresses=\"00:00:00:01:02:04\"
5772
5773# "mgmt" has VM1 and VM2 connected
5774ovn-nbctl lsp-add mgmt vm1 \
5775-- lsp-set-addresses vm1 "f0:00:00:01:02:03 172.16.1.2"
5776
5777ovn-nbctl lsp-add mgmt vm2 \
5778-- lsp-set-addresses vm2 "f0:00:00:01:02:04 172.16.1.3"
5779
5780# "foo1" and "foo2" are containers belonging to switch "foo"
5781# "foo1" has "VM1" as parent_port and "foo2" has "VM2" as parent_port.
5782ovn-nbctl lsp-add foo foo1 vm1 1 \
5783-- lsp-set-addresses foo1 "f0:00:00:01:02:05 192.168.1.2"
5784
5785ovn-nbctl lsp-add foo foo2 vm2 2 \
5786-- lsp-set-addresses foo2 "f0:00:00:01:02:06 192.168.1.3"
5787
5788# "bar1" and "bar2" are containers belonging to switch "bar"
5789# "bar1" has "VM1" as parent_port and "bar2" has "VM2" as parent_port.
5790ovn-nbctl lsp-add bar bar1 vm1 2 \
5791-- lsp-set-addresses bar1 "f0:00:00:01:02:07 192.168.2.2"
5792
5793ovn-nbctl lsp-add bar bar2 vm2 1 \
5794-- lsp-set-addresses bar2 "f0:00:00:01:02:08 192.168.2.3"
5795
5796# bar3 is a standalone VM belonging to switch "bar"
5797ovn-nbctl lsp-add bar bar3 \
5798-- lsp-set-addresses bar3 "f0:00:00:01:02:09 192.168.2.4"
5799
5800# Create two hypervisor and create OVS ports corresponding to logical ports.
5801net_add n1
5802
5803sim_add hv1
5804as hv1
5805ovs-vsctl add-br br-phys
5806ovn_attach n1 br-phys 192.168.0.1
5807ovs-vsctl -- add-port br-int vm1 -- \
5808 set interface vm1 external-ids:iface-id=vm1 \
5809 options:tx_pcap=hv1/vm1-tx.pcap \
5810 options:rxq_pcap=hv1/vm1-rx.pcap \
5811 ofport-request=1
5812
5813ovs-vsctl -- add-port br-int bar3 -- \
5814 set interface bar3 external-ids:iface-id=bar3 \
5815 options:tx_pcap=hv1/bar3-tx.pcap \
5816 options:rxq_pcap=hv1/bar3-rx.pcap \
5817 ofport-request=2
5818
5819sim_add hv2
5820as hv2
5821ovs-vsctl add-br br-phys
5822ovn_attach n1 br-phys 192.168.0.2
5823ovs-vsctl -- add-port br-int vm2 -- \
5824 set interface vm2 external-ids:iface-id=vm2 \
5825 options:tx_pcap=hv2/vm2-tx.pcap \
5826 options:rxq_pcap=hv2/vm2-rx.pcap \
5827 ofport-request=1
5828
5829# Pre-populate the hypervisors' ARP tables so that we don't lose any
5830# packets for ARP resolution (native tunneling doesn't queue packets
5831# for ARP resolution).
5832ovn_populate_arp
5833
5834# Allow some time for ovn-northd and ovn-controller to catch up.
5835# XXX This should be more systematic.
5836sleep 1
5837
5838ip_to_hex() {
5839 printf "%02x%02x%02x%02x" "$@"
5840}
5841
5842# Send ip packets between foo1 and foo2 (same switch, different HVs and
5843# different VLAN tags).
5844src_mac="f00000010205"
5845dst_mac="f00000010206"
5846src_ip=`ip_to_hex 192 168 1 2`
5847dst_ip=`ip_to_hex 192 168 1 3`
5848packet=${dst_mac}${src_mac}8100000108004500001c0000000040110000${src_ip}${dst_ip}0035111100080000
5849as hv1 ovs-appctl netdev-dummy/receive vm1 $packet
5850
5851# expected packet at foo2
5852packet=${dst_mac}${src_mac}8100000208004500001c0000000040110000${src_ip}${dst_ip}0035111100080000
5853echo $packet > expected
5854OVN_CHECK_PACKETS([hv2/vm2-tx.pcap], [expected])
5855
5856# Send ip packets between foo1 and bar2 (different switch, different HV)
5857src_mac="f00000010205"
5858dst_mac="000000010203"
5859src_ip=`ip_to_hex 192 168 1 2`
5860dst_ip=`ip_to_hex 192 168 2 3`
5861packet=${dst_mac}${src_mac}8100000108004500001c0000000040110000${src_ip}${dst_ip}0035111100080000
5862as hv1 ovs-appctl netdev-dummy/receive vm1 $packet
5863
5864# expected packet at bar2
5865src_mac="000000010204"
5866dst_mac="f00000010208"
5867packet=${dst_mac}${src_mac}8100000108004500001c000000003f110100${src_ip}${dst_ip}0035111100080000
5868echo $packet >> expected
5869OVN_CHECK_PACKETS([hv2/vm2-tx.pcap], [expected])
5870
5871# Send ip packets between foo1 and bar1
5872# (different switch, loopback to same vm but different tag)
5873src_mac="f00000010205"
5874dst_mac="000000010203"
5875src_ip=`ip_to_hex 192 168 1 2`
5876dst_ip=`ip_to_hex 192 168 2 2`
5877packet=${dst_mac}${src_mac}8100000108004500001c0000000040110000${src_ip}${dst_ip}0035111100080000
5878as hv1 ovs-appctl netdev-dummy/receive vm1 $packet
5879
5880# expected packet at bar1
5881src_mac="000000010204"
5882dst_mac="f00000010207"
5883packet=${dst_mac}${src_mac}8100000208004500001c000000003f110100${src_ip}${dst_ip}0035111100080000
5884echo $packet > expected1
5885OVN_CHECK_PACKETS([hv1/vm1-tx.pcap], [expected1])
5886
5887# Send ip packets between bar1 and bar3
5888# (same switch. But one is container and another is a standalone VM)
5889src_mac="f00000010207"
5890dst_mac="f00000010209"
5891src_ip=`ip_to_hex 192 168 2 2`
5892dst_ip=`ip_to_hex 192 168 2 3`
5893packet=${dst_mac}${src_mac}8100000208004500001c0000000040110000${src_ip}${dst_ip}0035111100080000
5894as hv1 ovs-appctl netdev-dummy/receive vm1 $packet
5895
5896# expected packet at bar3
5897packet=${dst_mac}${src_mac}08004500001c0000000040110000${src_ip}${dst_ip}0035111100080000
5898echo $packet > expected
5899OVN_CHECK_PACKETS([hv1/bar3-tx.pcap], [expected])
5900
5901# Send ip packets between foo1 and vm1.
5902(different switch, container to the VM hosting it.)
5903src_mac="f00000010205"
5904dst_mac="000000010203"
5905src_ip=`ip_to_hex 192 168 1 2`
5906dst_ip=`ip_to_hex 172 16 1 2`
5907packet=${dst_mac}${src_mac}8100000108004500001c0000000040110000${src_ip}${dst_ip}0035111100080000
5908as hv1 ovs-appctl netdev-dummy/receive vm1 $packet
5909
5910# expected packet at vm1
5911src_mac="000000010202"
5912dst_mac="f00000010203"
5913packet=${dst_mac}${src_mac}08004500001c000000003f110100${src_ip}${dst_ip}0035111100080000
5914echo $packet >> expected1
5915OVN_CHECK_PACKETS([hv1/vm1-tx.pcap], [expected1])
5916
5917# Send packets from vm1 to bar1.
5918(different switch, A hosting VM to a container inside it)
5919src_mac="f00000010203"
5920dst_mac="000000010202"
5921src_ip=`ip_to_hex 172 16 1 2`
5922dst_ip=`ip_to_hex 192 168 2 2`
5923packet=${dst_mac}${src_mac}08004500001c0000000040110000${src_ip}${dst_ip}0035111100080000
5924as hv1 ovs-appctl netdev-dummy/receive vm1 $packet
5925
5926# expected packet at vm1
5927src_mac="000000010204"
5928dst_mac="f00000010207"
5929packet=${dst_mac}${src_mac}8100000208004500001c000000003f110100${src_ip}${dst_ip}0035111100080000
5930echo $packet >> expected1
5931OVN_CHECK_PACKETS([hv1/vm1-tx.pcap], [expected1])
5932
5933OVN_CLEANUP([hv1],[hv2])
5934
5935AT_CLEANUP
440a9f4b
GS		 5936
5937AT_SETUP([ovn -- 3 HVs, 3 LRs connected via LS, source IP based routes])
5938AT_SKIP_IF([test $HAVE_PYTHON = no])
5939ovn_start
5940
5941# Logical network:
5942# Three LRs - R1, R2 and R3 that are connected to each other via LS "join"
5943# in 20.0.0.0/24 network. R1 has switchess foo (192.168.1.0/24) and bar
5944# (192.168.2.0/24) connected to it.
5945#
5946# R2 and R3 are gateway routers.
5947# R2 has alice (172.16.1.0/24) and R3 has bob (172.16.1.0/24)
5948# connected to it. Note how both alice and bob have the same subnet behind it.
5949# We are trying to simulate external network via those 2 switches. In real
5950# world the switch ports of these switches will have addresses set as "unknown"
5951# to make them learning switches. Or those switches will be "localnet" ones.
5952
5953# Create three hypervisors and create OVS ports corresponding to logical ports.
5954net_add n1
5955
5956sim_add hv1
5957as hv1
5958ovs-vsctl add-br br-phys
5959ovn_attach n1 br-phys 192.168.0.1
5960ovs-vsctl -- add-port br-int hv1-vif1 -- \
5961 set interface hv1-vif1 external-ids:iface-id=foo1 \
5962 options:tx_pcap=hv1/vif1-tx.pcap \
5963 options:rxq_pcap=hv1/vif1-rx.pcap \
5964 ofport-request=1
5965
5966ovs-vsctl -- add-port br-int hv1-vif2 -- \
5967 set interface hv1-vif2 external-ids:iface-id=bar1 \
5968 options:tx_pcap=hv1/vif2-tx.pcap \
5969 options:rxq_pcap=hv1/vif2-rx.pcap \
5970 ofport-request=2
5971
5972sim_add hv2
5973as hv2
5974ovs-vsctl add-br br-phys
5975ovn_attach n1 br-phys 192.168.0.2
5976ovs-vsctl -- add-port br-int hv2-vif1 -- \
5977 set interface hv2-vif1 external-ids:iface-id=alice1 \
5978 options:tx_pcap=hv2/vif1-tx.pcap \
5979 options:rxq_pcap=hv2/vif1-rx.pcap \
5980 ofport-request=1
5981
5982sim_add hv3
5983as hv3
5984ovs-vsctl add-br br-phys
5985ovn_attach n1 br-phys 192.168.0.3
5986ovs-vsctl -- add-port br-int hv3-vif1 -- \
5987 set interface hv3-vif1 external-ids:iface-id=bob1 \
5988 options:tx_pcap=hv3/vif1-tx.pcap \
5989 options:rxq_pcap=hv3/vif1-rx.pcap \
5990 ofport-request=1
5991
5992
5993ovn-nbctl create Logical_Router name=R1
5994ovn-nbctl create Logical_Router name=R2 options:chassis="hv2"
5995ovn-nbctl create Logical_Router name=R3 options:chassis="hv3"
5996
5997ovn-nbctl ls-add foo
5998ovn-nbctl ls-add bar
5999ovn-nbctl ls-add alice
6000ovn-nbctl ls-add bob
6001ovn-nbctl ls-add join
6002
6003# Connect foo to R1
6004ovn-nbctl lrp-add R1 foo 00:00:01:01:02:03 192.168.1.1/24
6005ovn-nbctl lsp-add foo rp-foo -- set Logical_Switch_Port rp-foo type=router \
6006 options:router-port=foo addresses=\"00:00:01:01:02:03\"
6007
6008# Connect bar to R1
6009ovn-nbctl lrp-add R1 bar 00:00:01:01:02:04 192.168.2.1/24
6010ovn-nbctl lsp-add bar rp-bar -- set Logical_Switch_Port rp-bar type=router \
6011 options:router-port=bar addresses=\"00:00:01:01:02:04\"
6012
6013# Connect alice to R2
6014ovn-nbctl lrp-add R2 alice 00:00:02:01:02:03 172.16.1.1/24
6015ovn-nbctl lsp-add alice rp-alice -- set Logical_Switch_Port rp-alice \
6016 type=router options:router-port=alice addresses=\"00:00:02:01:02:03\"
6017
6018# Connect bob to R3
6019ovn-nbctl lrp-add R3 bob 00:00:03:01:02:03 172.16.1.2/24
6020ovn-nbctl lsp-add bob rp-bob -- set Logical_Switch_Port rp-bob \
6021 type=router options:router-port=bob addresses=\"00:00:03:01:02:03\"
6022
6023# Connect R1 to join
6024ovn-nbctl lrp-add R1 R1_join 00:00:04:01:02:03 20.0.0.1/24
6025ovn-nbctl lsp-add join r1-join -- set Logical_Switch_Port r1-join \
6026 type=router options:router-port=R1_join addresses='"00:00:04:01:02:03"'
6027
6028# Connect R2 to join
6029ovn-nbctl lrp-add R2 R2_join 00:00:04:01:02:04 20.0.0.2/24
6030ovn-nbctl lsp-add join r2-join -- set Logical_Switch_Port r2-join \
6031 type=router options:router-port=R2_join addresses='"00:00:04:01:02:04"'
6032
6033# Connect R3 to join
6034ovn-nbctl lrp-add R3 R3_join 00:00:04:01:02:05 20.0.0.3/24
6035ovn-nbctl lsp-add join r3-join -- set Logical_Switch_Port r3-join \
6036 type=router options:router-port=R3_join addresses='"00:00:04:01:02:05"'
6037
6038# Install static routes with source ip address as the policy for routing.
6039# We want traffic from 'foo' to go via R2 and traffic of 'bar' to go via R3.
6040ovn-nbctl --policy="src-ip" lr-route-add R1 192.168.1.0/24 20.0.0.2
6041ovn-nbctl --policy="src-ip" lr-route-add R1 192.168.2.0/24 20.0.0.3
6042
6043# Install static routes with destination ip address as the policy for routing.
6044ovn-nbctl lr-route-add R2 192.168.0.0/16 20.0.0.1
6045
6046ovn-nbctl lr-route-add R3 192.168.0.0/16 20.0.0.1
6047
6048# Create logical port foo1 in foo
6049ovn-nbctl lsp-add foo foo1 \
6050-- lsp-set-addresses foo1 "f0:00:00:01:02:03 192.168.1.2"
6051
6052# Create logical port bar1 in bar
6053ovn-nbctl lsp-add bar bar1 \
6054-- lsp-set-addresses bar1 "f0:00:00:01:02:04 192.168.2.2"
6055
6056# Create logical port alice1 in alice
6057ovn-nbctl lsp-add alice alice1 \
6058-- lsp-set-addresses alice1 "f0:00:00:01:02:05 172.16.1.3"
6059
6060# Create logical port bob1 in bob
6061ovn-nbctl lsp-add bob bob1 \
6062-- lsp-set-addresses bob1 "f0:00:00:01:02:06 172.16.1.4"
6063
6064# Pre-populate the hypervisors' ARP tables so that we don't lose any
6065# packets for ARP resolution (native tunneling doesn't queue packets
6066# for ARP resolution).
6067ovn_populate_arp
6068
6069# Allow some time for ovn-northd and ovn-controller to catch up.
6070# XXX This should be more systematic.
6071sleep 1
6072
6073ip_to_hex() {
6074 printf "%02x%02x%02x%02x" "$@"
6075}
6076trim_zeros() {
6077 sed 's/\(00\)\{1,\}$//'
6078}
6079
6080# Send ip packets between foo1 and bar1
6081# (East-west traffic should flow normally)
6082src_mac="f00000010203"
6083dst_mac="000001010203"
6084src_ip=`ip_to_hex 192 168 1 2`
6085dst_ip=`ip_to_hex 192 168 2 2`
6086packet=${dst_mac}${src_mac}08004500001c0000000040110000${src_ip}${dst_ip}0035111100080000
6087as hv1 ovs-appctl netdev-dummy/receive hv1-vif1 $packet
6088
6089# Send ip packets between foo1 and alice1
6090src_mac="f00000010203"
6091dst_mac="000001010203"
6092src_ip=`ip_to_hex 192 168 1 2`
6093dst_ip=`ip_to_hex 172 16 1 3`
6094packet=${dst_mac}${src_mac}08004500001c0000000040110000${src_ip}${dst_ip}0035111100080000
6095as hv1 ovs-appctl netdev-dummy/receive hv1-vif1 $packet
2d9b49dd 6096as hv1 ovs-appctl ofproto/trace br-int in_port=1 $packet
440a9f4b
GS		 6097
6098# Send ip packets between bar1 and bob1
6099src_mac="f00000010204"
6100dst_mac="000001010204"
6101src_ip=`ip_to_hex 192 168 2 2`
6102dst_ip=`ip_to_hex 172 16 1 4`
6103packet=${dst_mac}${src_mac}08004500001c0000000040110000${src_ip}${dst_ip}0035111100080000
6104as hv1 ovs-appctl netdev-dummy/receive hv1-vif2 $packet
6105#as hv1 ovs-appctl ofproto/trace br-int in_port=2 $packet
6106
6107# Packet to expect at bar1
6108src_mac="000001010204"
6109dst_mac="f00000010204"
6110src_ip=`ip_to_hex 192 168 1 2`
6111dst_ip=`ip_to_hex 192 168 2 2`
6112expected=${dst_mac}${src_mac}08004500001c000000003f110100${src_ip}${dst_ip}0035111100080000
6113echo $expected > expected
6114OVN_CHECK_PACKETS([hv1/vif2-tx.pcap], [expected])
6115
6116# Packet to Expect at alice1
6117src_mac="000002010203"
6118dst_mac="f00000010205"
6119src_ip=`ip_to_hex 192 168 1 2`
6120dst_ip=`ip_to_hex 172 16 1 3`
6121expected=${dst_mac}${src_mac}08004500001c000000003e110200${src_ip}${dst_ip}0035111100080000
6122echo $expected > expected
6123OVN_CHECK_PACKETS([hv2/vif1-tx.pcap], [expected])
6124
6125# Packet to Expect at bob1
6126src_mac="000003010203"
6127dst_mac="f00000010206"
6128src_ip=`ip_to_hex 192 168 2 2`
6129dst_ip=`ip_to_hex 172 16 1 4`
6130expected=${dst_mac}${src_mac}08004500001c000000003e110200${src_ip}${dst_ip}0035111100080000
6131echo $expected > expected
6132OVN_CHECK_PACKETS([hv3/vif1-tx.pcap], [expected])
6133
6134for sim in hv1 hv2 hv3; do
6135 as $sim
6136 OVS_APP_EXIT_AND_WAIT([ovn-controller])
6137 OVS_APP_EXIT_AND_WAIT([ovs-vswitchd])
6138 OVS_APP_EXIT_AND_WAIT([ovsdb-server])
6139done
6140
6141as ovn-sb
6142OVS_APP_EXIT_AND_WAIT([ovsdb-server])
6143
6144as ovn-nb
6145OVS_APP_EXIT_AND_WAIT([ovsdb-server])
6146
6147as northd
6148OVS_APP_EXIT_AND_WAIT([ovn-northd])
6149
6150as main
6151OVS_APP_EXIT_AND_WAIT([ovs-vswitchd])
6152OVS_APP_EXIT_AND_WAIT([ovsdb-server])
6153
6154AT_CLEANUP
41a15b71
MS		 6155
6156AT_SETUP([ovn -- 1 LR with distributed router gateway port])
6157AT_SKIP_IF([test $HAVE_PYTHON = no])
6158ovn_start
6159
6160# Logical network:
6161# One LR R1 that has switches foo (192.168.1.0/24) and
6162# alice (172.16.1.0/24) connected to it. The logical port
6163# between R1 and alice has a "redirect-chassis" specified,
6164# i.e. it is the distributed router gateway port.
6165# Switch alice also has a localnet port defined.
6166# An additional switch outside has a localnet port and the
6167# same subnet as alice (172.16.1.0/24).
6168
6169# Physical network:
6170# Three hypervisors hv[123].
6171# hv1 hosts vif foo1.
6172# hv2 is the "redirect-chassis" that hosts the distributed
6173# router gateway port.
6174# hv3 hosts vif outside1.
6175# In order to show that connectivity works only through hv2,
6176# an initial round of tests is run without any bridge-mapping
6177# defined for the localnet on hv2. These tests are expected
6178# to fail.
6179# Subsequent tests are run after defining the bridge-mapping
6180# for the localnet on hv2. These tests are expected to succeed.
6181
6182# Create three hypervisors and create OVS ports corresponding
6183to logical ports.
6184net_add n1
6185
6186sim_add hv1
6187as hv1
6188ovs-vsctl add-br br-phys
6189ovn_attach n1 br-phys 192.168.0.1
6190ovs-vsctl -- add-port br-int hv1-vif1 -- \
6191 set interface hv1-vif1 external-ids:iface-id=foo1 \
6192 options:tx_pcap=hv1/vif1-tx.pcap \
6193 options:rxq_pcap=hv1/vif1-rx.pcap \
6194 ofport-request=1
6195
6196sim_add hv2
6197as hv2
6198ovs-vsctl add-br br-phys
6199ovn_attach n1 br-phys 192.168.0.2
6200
6201sim_add hv3
6202as hv3
6203ovs-vsctl add-br br-phys
6204ovn_attach n1 br-phys 192.168.0.3
6205ovs-vsctl -- add-port br-int hv3-vif1 -- \
6206 set interface hv3-vif1 external-ids:iface-id=outside1 \
6207 options:tx_pcap=hv3/vif1-tx.pcap \
6208 options:rxq_pcap=hv3/vif1-rx.pcap \
6209 ofport-request=1
6210
6211# Pre-populate the hypervisors' ARP tables so that we don't lose any
6212# packets for ARP resolution (native tunneling doesn't queue packets
6213# for ARP resolution).
6214ovn_populate_arp
6215
6216ovn-nbctl create Logical_Router name=R1
6217
6218ovn-nbctl ls-add foo
6219ovn-nbctl ls-add alice
6220ovn-nbctl ls-add outside
6221
6222# Connect foo to R1
6223ovn-nbctl lrp-add R1 foo 00:00:01:01:02:03 192.168.1.1/24
6224ovn-nbctl lsp-add foo rp-foo -- set Logical_Switch_Port rp-foo \
6225 type=router options:router-port=foo \
6226 -- lsp-set-addresses rp-foo router
6227
6228# Connect alice to R1 as distributed router gateway port on hv2
6229ovn-nbctl lrp-add R1 alice 00:00:02:01:02:03 172.16.1.1/24 \
6230 -- set Logical_Router_Port alice options:redirect-chassis="hv2"
6231ovn-nbctl lsp-add alice rp-alice -- set Logical_Switch_Port rp-alice \
6232 type=router options:router-port=alice \
6233 -- lsp-set-addresses rp-alice router
6234
6235# Create logical port foo1 in foo
6236ovn-nbctl lsp-add foo foo1 \
6237-- lsp-set-addresses foo1 "f0:00:00:01:02:03 192.168.1.2"
6238
6239# Create logical port outside1 in outside
6240ovn-nbctl lsp-add outside outside1 \
6241-- lsp-set-addresses outside1 "f0:00:00:01:02:04 172.16.1.3"
6242
6243# Create localnet port in alice
6244ovn-nbctl lsp-add alice ln-alice
6245ovn-nbctl lsp-set-addresses ln-alice unknown
6246ovn-nbctl lsp-set-type ln-alice localnet
6247ovn-nbctl lsp-set-options ln-alice network_name=phys
6248
6249# Create localnet port in outside
6250ovn-nbctl lsp-add outside ln-outside
6251ovn-nbctl lsp-set-addresses ln-outside unknown
6252ovn-nbctl lsp-set-type ln-outside localnet
6253ovn-nbctl lsp-set-options ln-outside network_name=phys
6254
6255# Create bridge-mappings on hv1 and hv3, leaving hv2 for later
6256as hv1 ovs-vsctl set open . external-ids:ovn-bridge-mappings=phys:br-phys
6257as hv3 ovs-vsctl set open . external-ids:ovn-bridge-mappings=phys:br-phys
6258
6259
6260# Allow some time for ovn-northd and ovn-controller to catch up.
6261# XXX This should be more systematic.
6262sleep 2
6263
6264echo "---------NB dump-----"
6265ovn-nbctl show
6266echo "---------------------"
6267ovn-nbctl list logical_router
6268echo "---------------------"
6269ovn-nbctl list logical_router_port
6270echo "---------------------"
6271
6272echo "---------SB dump-----"
6273ovn-sbctl list datapath_binding
6274echo "---------------------"
6275ovn-sbctl list port_binding
6276echo "---------------------"
6277ovn-sbctl dump-flows
6278echo "---------------------"
6279ovn-sbctl list chassis
6280ovn-sbctl list encap
6281echo "---------------------"
6282
6283echo "------ hv1 dump ----------"
6284as hv1 ovs-ofctl show br-int
6285as hv1 ovs-ofctl dump-flows br-int
6286echo "------ hv2 dump ----------"
6287as hv2 ovs-ofctl show br-int
6288as hv2 ovs-ofctl dump-flows br-int
6289echo "------ hv3 dump ----------"
6290as hv3 ovs-ofctl show br-int
6291as hv3 ovs-ofctl dump-flows br-int
6292echo "--------------------------"
6293
6294# Check that redirect mapping is programmed only on hv2
6295AT_CHECK([as hv1 ovs-ofctl dump-flows br-int table=33 | grep =0x3,metadata=0x1 | wc -l], [0], [0
6296])
6297AT_CHECK([as hv2 ovs-ofctl dump-flows br-int table=33 | grep =0x3,metadata=0x1 | grep load:0x2- | wc -l], [0], [1
6298])
6299# Check that hv1 sends chassisredirect port traffic to hv2
6300AT_CHECK([as hv1 ovs-ofctl dump-flows br-int table=32 | grep =0x3,metadata=0x1 | grep output | wc -l], [0], [1
6301])
6302AT_CHECK([as hv2 ovs-ofctl dump-flows br-int table=32 | grep =0x3,metadata=0x1 | wc -l], [0], [0
6303])
6304# Check that arp reply on distributed gateway port is only programmed on hv2
6305AT_CHECK([as hv1 ovs-ofctl dump-flows br-int | grep arp | grep =0x2,metadata=0x1 | wc -l], [0], [0
6306])
6307AT_CHECK([as hv2 ovs-ofctl dump-flows br-int | grep arp | grep =0x2,metadata=0x1 | wc -l], [0], [1
6308])
6309
6310
6311ip_to_hex() {
6312 printf "%02x%02x%02x%02x" "$@"
6313}
6314
6315
6316: > hv2-vif1.expected
6317: > hv3-vif1.expected
6318
6319# test_arp INPORT SHA SPA TPA [REPLY_HA]
6320#
6321# Causes a packet to be received on INPORT. The packet is an ARP
6322# request with SHA, SPA, and TPA as specified. If REPLY_HA is provided, then
6323# it should be the hardware address of the target to expect to receive in an
6324# ARP reply; otherwise no reply is expected.
6325#
6326# INPORT is an logical switch port number, e.g. 11 for vif11.
6327# SHA and REPLY_HA are each 12 hex digits.
6328# SPA and TPA are each 8 hex digits.
6329test_arp() {
6330 local hv=$1 inport=$2 sha=$3 spa=$4 tpa=$5 reply_ha=$6
6331 local request=ffffffffffff${sha}08060001080006040001${sha}${spa}ffffffffffff${tpa}
6332 as hv$hv ovs-appctl netdev-dummy/receive hv${hv}-vif$inport $request
6333
6334 if test X$reply_ha != X; then
6335 # Expect to receive the reply, if any.
6336 local reply=${sha}${reply_ha}08060001080006040002${reply_ha}${tpa}${sha}${spa}
6337 echo $reply >> hv${hv}-vif$inport.expected
6338 fi
6339}
6340
6341rtr_ip=$(ip_to_hex 172 16 1 1)
6342foo_ip=$(ip_to_hex 192 168 1 2)
6343outside_ip=$(ip_to_hex 172 16 1 3)
6344
6345echo $rtr_ip
6346echo $foo_ip
6347echo $outside_ip
6348
6349# ARP for router IP address from outside1, no response expected
6350test_arp 3 1 f00000010204 $outside_ip $rtr_ip
6351
6352# Now check the packets actually received against the ones expected.
6353OVN_CHECK_PACKETS([hv3/vif1-tx.pcap], [hv3-vif1.expected])
6354
6355# Send ip packet between foo1 and outside1
6356src_mac="f00000010203"
6357dst_mac="000001010203"
6358src_ip=`ip_to_hex 192 168 1 2`
6359dst_ip=`ip_to_hex 172 16 1 3`
6360packet=${dst_mac}${src_mac}08004500001c0000000040110000${src_ip}${dst_ip}0035111100080000
6361
6362# Now check the packets actually received against the ones expected.
6363OVN_CHECK_PACKETS([hv3/vif1-tx.pcap], [hv3-vif1.expected])
6364
6365# Now add bridge-mappings on hv2, which should make everything work
6366as hv2 ovs-vsctl set open . external-ids:ovn-bridge-mappings=phys:br-phys
6367
6368# Allow some time for ovn-northd and ovn-controller to catch up.
6369# XXX This should be more systematic.
6370sleep 2
6371
6372# ARP for router IP address from outside1
6373test_arp 3 1 f00000010204 $outside_ip $rtr_ip 000002010203
6374
6375# Now check the packets actually received against the ones expected.
6376OVN_CHECK_PACKETS([hv3/vif1-tx.pcap], [hv3-vif1.expected])
6377
6378# Send ip packet between foo1 and outside1
6379src_mac="f00000010203"
6380dst_mac="000001010203"
6381src_ip=`ip_to_hex 192 168 1 2`
6382dst_ip=`ip_to_hex 172 16 1 3`
6383packet=${dst_mac}${src_mac}08004500001c0000000040110000${src_ip}${dst_ip}0035111100080000
6384
6385# ARP request packet to expect at outside1
6386src_mac="000002010203"
6387src_ip=`ip_to_hex 172 16 1 1`
6388arp_request=ffffffffffff${src_mac}08060001080006040001${src_mac}${src_ip}000000000000${dst_ip}
6389
6390as hv1 ovs-appctl netdev-dummy/receive hv1-vif1 $packet
6391
6392echo $arp_request >> hv3-vif1.expected
6393OVN_CHECK_PACKETS([hv3/vif1-tx.pcap], [hv3-vif1.expected])
6394
6395# Send ARP reply from outside1 back to the router
6396reply_mac="f00000010204"
6397arp_reply=${src_mac}${reply_mac}08060001080006040002${reply_mac}${dst_ip}${src_mac}${src_ip}
6398
6399as hv3 ovs-appctl netdev-dummy/receive hv3-vif1 $arp_reply
6400
6401# Allow some time for ovn-northd and ovn-controller to catch up.
6402# XXX This should be more systematic.
6403sleep 1
6404
6405# Packet to Expect at outside1
6406src_mac="000002010203"
6407dst_mac="f00000010204"
6408src_ip=`ip_to_hex 192 168 1 2`
6409dst_ip=`ip_to_hex 172 16 1 3`
6410expected=${dst_mac}${src_mac}08004500001c000000003f110100${src_ip}${dst_ip}0035111100080000
6411
6412# Resend packet from foo1 to outside1
6413as hv1 ovs-appctl netdev-dummy/receive hv1-vif1 $packet
6414
6415echo "------ hv1 dump ----------"
6416as hv1 ovs-ofctl show br-int
6417as hv1 ovs-ofctl dump-flows br-int
6418echo "------ hv2 dump ----------"
6419as hv2 ovs-ofctl show br-int
6420as hv2 ovs-ofctl dump-flows br-int
6421echo "------ hv3 dump ----------"
6422as hv3 ovs-ofctl show br-int
6423as hv3 ovs-ofctl dump-flows br-int
6424echo "----------------------------"
6425
6426echo $expected >> hv3-vif1.expected
6427OVN_CHECK_PACKETS([hv3/vif1-tx.pcap], [hv3-vif1.expected])
6428
6429#Check ovn-trace over "chassisredirect" port
6430AT_CAPTURE_FILE([trace])
6431ovn_trace () {
6432 ovn-trace --all "$@" | tee trace | sed '1,/Minimal trace/d'
6433}
6434
6435echo 'ip.ttl--;' > expout
6436echo 'eth.src = 00:00:02:01:02:03;' >> expout
6437echo 'eth.dst = f0:00:00:01:02:04;' >> expout
6438echo 'output("ln-alice");' >> expout
6439AT_CHECK_UNQUOTED([ovn_trace foo 'inport == "foo1" && eth.src == f0:00:00:01:02:03 && eth.dst == 00:00:01:01:02:03 && ip4.src == 192.168.1.2 && ip4.dst == 172.16.1.3 && ip.ttl == 0xff'], [0], [expout])
6440
6441# Create logical port alice1 in alice on hv1
6442as hv1 ovs-vsctl -- add-port br-int hv1-vif2 -- \
6443 set interface hv1-vif2 external-ids:iface-id=alice1 \
6444 options:tx_pcap=hv1/vif2-tx.pcap \
6445 options:rxq_pcap=hv1/vif2-rx.pcap \
6446 ofport-request=1
6447
6448ovn-nbctl lsp-add alice alice1 \
6449-- lsp-set-addresses alice1 "f0:00:00:01:02:05 172.16.1.4"
6450
6451# Create logical port foo2 in foo on hv2
6452as hv2 ovs-vsctl -- add-port br-int hv2-vif1 -- \
6453 set interface hv2-vif1 external-ids:iface-id=foo2 \
6454 options:tx_pcap=hv2/vif1-tx.pcap \
6455 options:rxq_pcap=hv2/vif1-rx.pcap \
6456 ofport-request=1
6457
6458ovn-nbctl lsp-add foo foo2 \
6459-- lsp-set-addresses foo2 "f0:00:00:01:02:06 192.168.1.3"
6460
6461# Allow some time for ovn-northd and ovn-controller to catch up.
6462# XXX This should be more systematic.
6463sleep 1
6464
6465: > hv1-vif2.expected
6466
6467# Send ip packet between alice1 and foo2
6468src_mac="f00000010205"
6469dst_mac="000002010203"
6470src_ip=`ip_to_hex 172 16 1 4`
6471dst_ip=`ip_to_hex 192 168 1 3`
6472packet=${dst_mac}${src_mac}08004500001c0000000040110000${src_ip}${dst_ip}0035111100080000
6473
6474as hv1 ovs-appctl netdev-dummy/receive hv1-vif2 $packet
6475
6476# Packet to Expect at foo2
6477src_mac="000001010203"
6478dst_mac="f00000010206"
6479src_ip=`ip_to_hex 172 16 1 4`
6480dst_ip=`ip_to_hex 192 168 1 3`
6481expected=${dst_mac}${src_mac}08004500001c000000003f110100${src_ip}${dst_ip}0035111100080000
6482
6483echo $expected >> hv2-vif1.expected
6484OVN_CHECK_PACKETS([hv2/vif1-tx.pcap], [hv2-vif1.expected])
6485
6486OVN_CLEANUP([hv1],[hv2],[hv3])
6487
6488AT_CLEANUP
openvswitch mirror