]> git.proxmox.com Git - ovs.git/blame - tests/ovn.at
projects / ovs.git / blame
? search:
summary | shortlog | log | commit | commitdiff | tree
blob | blame (incremental) | history | HEAD
ovn-nb: remote connection management in nb db
[ovs.git] / tests / ovn.at
CommitLineData
49d7c759
BP		 1# OVN_CHECK_PACKETS([PCAP], [EXPECTED])
2#
3# This compares packets read from PCAP, in pcap format, to those read
4# from EXPECTED, which is a text file containing packets as hex
5# strings, one per line. If PCAP contains fewer packets than
6# EXPECTED, it waits up to 10 seconds for more packets to appear.
7#
8# The implementation is an m4 macro that is mostly implemented in
9# terms of a shell function. This reduces the size of the generated
10# testsuite file since the shell function is only emitted once even
11# when this macro is invoked many times.
12m4_divert_text([PREPARE_TESTS],
13 [ovn_check_packets__ () {
14 echo
15 echo "checking packets in $1 against $2:"
16 rcv_pcap=$1
17 rcv_text=`echo "$rcv_pcap.packets" | sed 's/\.pcap//'`
18 exp_text=$2
19 exp_n=`wc -l < "$exp_text"`
20 ovs_wait_cond () {
abb37b6b
FF		 21 $PYTHON "$top_srcdir/utilities/ovs-pcap.in" $rcv_pcap > $rcv_text
22 rcv_n=`wc -l < "$rcv_text"`
23 test $rcv_n -ge $exp_n
49d7c759
BP		 24 }
25 ovs_wait || echo "expected $exp_n packets, only received $rcv_n"
26
e4543cfe 27 sort $exp_text > expout
49d7c759
BP		 28 }
29])
30m4_define([OVN_CHECK_PACKETS],
31 [ovn_check_packets__ "$1" "$2"
32 AT_CHECK([sort $rcv_text], [0], [expout])])
33
f295c17b 34AT_BANNER([OVN components])
10b1662b
BP		 35
36AT_SETUP([ovn -- lexer])
37dnl For lines without =>, input and expected output are identical.
38dnl For lines with =>, input precedes => and expected output follows =>.
39AT_DATA([test-cases.txt], [dnl
40foo bar baz quuxquuxquux _abcd_ a.b.c.d a123_.456
41"abc\u0020def" => "abc def"
42" => error("Input ends inside quoted string.")dnl "
43
2c5cbb15
RB		 44$foo $bar $baz $quuxquuxquux $_abcd_ $a.b.c.d $a123_.456
45$1 => error("`$' must be followed by a valid identifier.") 1
46
10b1662b
BP		 47a/*b*/c => a c
48a//b c => a
49a/**/b => a b
50a/*/b => a error("`/*' without matching `*/'.")
51a/*/**/b => a b
52a/b => a error("`/' is only valid as part of `//' or `/*'.") b
53
540 1 12345 18446744073709551615
5518446744073709551616 => error("Decimal constants must be less than 2**64.")
569999999999999999999999 => error("Decimal constants must be less than 2**64.")
5701 => error("Decimal constants must not have leading zeros.")
58
590/0
600/1
611/0 => error("Value contains unmasked 1-bits.")
621/1
63128/384
641/3
651/ => error("Integer constant expected.")
66
671/0x123 => error("Value and mask have incompatible formats.")
68
690x1234
700x01234 => 0x1234
710x0 => 0
720x000 => 0
730xfedcba9876543210
740XFEDCBA9876543210 => 0xfedcba9876543210
750xfedcba9876543210fedcba9876543210
10b1662b
BP		 760x0000fedcba9876543210fedcba9876543210 => 0xfedcba9876543210fedcba9876543210
770x => error("Hex digits expected following 0x.")
780X => error("Hex digits expected following 0X.")
790x0/0x0 => 0/0
800x0/0x1 => 0/0x1
810x1/0x0 => error("Value contains unmasked 1-bits.")
820xffff/0x1ffff
830x. => error("Invalid syntax in hexadecimal constant.")
84
85192.168.128.1 1.2.3.4 255.255.255.255 0.0.0.0
86256.1.2.3 => error("Invalid numeric constant.")
87192.168.0.0/16
88192.168.0.0/255.255.0.0 => 192.168.0.0/16
89192.168.0.0/255.255.255.0 => 192.168.0.0/24
90192.168.0.0/255.255.0.255
91192.168.0.0/255.0.0.0 => error("Value contains unmasked 1-bits.")
92192.168.0.0/32
93192.168.0.0/255.255.255.255 => 192.168.0.0/32
52c0fc39 941.2.3.4:5 => 1.2.3.4 : 5
10b1662b
BP		 95
96::
97::1
98ff00::1234 => ff00::1234
992001:db8:85a3::8a2e:370:7334
1002001:db8:85a3:0:0:8a2e:370:7334 => 2001:db8:85a3::8a2e:370:7334
1012001:0db8:85a3:0000:0000:8a2e:0370:7334 => 2001:db8:85a3::8a2e:370:7334
102::ffff:192.0.2.128
103::ffff:c000:0280 => ::ffff:192.0.2.128
104::1/::1
105::1/ffff:ffff:ffff:ffff:ffff:ffff:ffff:ffff => ::1/128
106::1/128
107ff00::/8
108ff00::/ff00:: => ff00::/8
109
11001:23:45:67:ab:cd
11101:23:45:67:AB:CD => 01:23:45:67:ab:cd
112fe:dc:ba:98:76:54
113FE:DC:ba:98:76:54 => fe:dc:ba:98:76:54
11401:00:00:00:00:00/01:00:00:00:00:00
115ff:ff:ff:ff:ff:ff/ff:ff:ff:ff:ff:ff
116fe:ff:ff:ff:ff:ff/ff:ff:ff:ff:ff:ff
117ff:ff:ff:ff:ff:ff/fe:ff:ff:ff:ff:ff => error("Value contains unmasked 1-bits.")
118fe:x => error("Invalid numeric constant.")
11900:01:02:03:04:x => error("Invalid numeric constant.")
120
a20c96c6 121# Test that operators are tokenized as expected, even without white space.
52c0fc39 122(){}[[]]==!=<<=>>=!&&||..,;=<->--: => ( ) { } [[ ]] == != < <= > >= ! && || .. , ; = <-> -- :
10b1662b
BP		 123& => error("`&' is only valid as part of `&&'.")
124| => error("`|' is only valid as part of `||'.")
56091efe 125- => error("`-' is only valid as part of `--'.")
10b1662b
BP		 126
127^ => error("Invalid character `^' in input.")
128])
129AT_CAPTURE_FILE([input.txt])
130sed 's/ =>.*//' test-cases.txt > input.txt
131sed 's/.* => //' test-cases.txt > expout
132AT_CHECK([ovstest test-ovn lex < input.txt], [0], [expout])
133AT_CLEANUP
e0840f11 134
7700eea0
BP		 135dnl The OVN expression parser needs to know what fields overlap with one
136dnl another. This test therefore verifies that all the smaller registers
137dnl are defined as terms of subfields of the larger ones.
138dnl
139dnl When we add or remove registers this test needs to be updated, of course.
140AT_SETUP([ovn -- registers])
141AT_CHECK([ovstest test-ovn dump-symtab | grep reg | sort], [0],
142[[reg0 = xxreg0[96..127]
143reg1 = xxreg0[64..95]
144reg2 = xxreg0[32..63]
145reg3 = xxreg0[0..31]
146reg4 = xxreg1[96..127]
147reg5 = xxreg1[64..95]
148reg6 = xxreg1[32..63]
149reg7 = xxreg1[0..31]
150reg8 = xreg4[32..63]
151reg9 = xreg4[0..31]
152xreg0 = xxreg0[64..127]
153xreg1 = xxreg0[0..63]
154xreg2 = xxreg1[64..127]
155xreg3 = xxreg1[0..63]
156xreg4 = OXM_OF_PKT_REG4
157xxreg0 = NXM_NX_XXREG0
158xxreg1 = NXM_NX_XXREG1
159]])
160AT_CLEANUP
161
2277b860
BP		 162dnl Check that the OVN conntrack field definitions are correct.
163AT_SETUP([ovn -- conntrack fields])
164AT_CHECK([ovstest test-ovn dump-symtab | grep ^ct | sort], [0],
858c2f76
GS		 165[[ct.dnat = ct_state[7]
166ct.est = ct_state[1]
2277b860
BP		 167ct.inv = ct_state[4]
168ct.new = ct_state[0]
169ct.rel = ct_state[2]
170ct.rpl = ct_state[3]
858c2f76 171ct.snat = ct_state[6]
2277b860
BP		 172ct.trk = ct_state[5]
173ct_label = NXM_NX_CT_LABEL
b73db61d 174ct_label.blocked = ct_label[0]
2277b860
BP		 175ct_mark = NXM_NX_CT_MARK
176ct_state = NXM_NX_CT_STATE
177]])
178AT_CLEANUP
179
42d36b58
AZ		 180AT_SETUP([ovn -- compsition])
181AT_CHECK([ovstest test-ovn composition 2], [0], [ignore])
182AT_CLEANUP
183
e0840f11
BP		 184AT_SETUP([ovn -- expression parser])
185dnl For lines without =>, input and expected output are identical.
186dnl For lines with =>, input precedes => and expected output follows =>.
187AT_DATA([test-cases.txt], [[
188eth.type == 0x800
189eth.type==0x800 => eth.type == 0x800
190eth.type[0..15] == 0x800 => eth.type == 0x800
191
192vlan.present
193vlan.present == 1 => vlan.present
194!(vlan.present == 0) => vlan.present
195!(vlan.present != 1) => vlan.present
196!vlan.present
197vlan.present == 0 => !vlan.present
198vlan.present != 1 => !vlan.present
199!(vlan.present == 1) => !vlan.present
200!(vlan.present != 0) => !vlan.present
201
202eth.dst[0]
203eth.dst[0] == 1 => eth.dst[0]
204eth.dst[0] != 0 => eth.dst[0]
205!(eth.dst[0] == 0) => eth.dst[0]
206!(eth.dst[0] != 1) => eth.dst[0]
207
208!eth.dst[0]
209eth.dst[0] == 0 => !eth.dst[0]
210eth.dst[0] != 1 => !eth.dst[0]
211!(eth.dst[0] == 1) => !eth.dst[0]
212!(eth.dst[0] != 0) => !eth.dst[0]
213
214vlan.tci[12..15] == 0x3
215vlan.tci == 0x3000/0xf000 => vlan.tci[12..15] == 0x3
216vlan.tci[12..15] != 0x3
217vlan.tci != 0x3000/0xf000 => vlan.tci[12..15] != 0x3
218
219!vlan.pcp => vlan.pcp == 0
220!(vlan.pcp) => vlan.pcp == 0
221vlan.pcp == 0x4
222vlan.pcp != 0x4
223vlan.pcp > 0x4
224vlan.pcp >= 0x4
225vlan.pcp < 0x4
226vlan.pcp <= 0x4
227!(vlan.pcp != 0x4) => vlan.pcp == 0x4
228!(vlan.pcp == 0x4) => vlan.pcp != 0x4
229!(vlan.pcp <= 0x4) => vlan.pcp > 0x4
230!(vlan.pcp < 0x4) => vlan.pcp >= 0x4
231!(vlan.pcp >= 0x4) => vlan.pcp < 0x4
232!(vlan.pcp > 0x4) => vlan.pcp <= 0x4
2330x4 == vlan.pcp => vlan.pcp == 0x4
2340x4 != vlan.pcp => vlan.pcp != 0x4
2350x4 < vlan.pcp => vlan.pcp > 0x4
2360x4 <= vlan.pcp => vlan.pcp >= 0x4
2370x4 > vlan.pcp => vlan.pcp < 0x4
2380x4 >= vlan.pcp => vlan.pcp <= 0x4
239!(0x4 != vlan.pcp) => vlan.pcp == 0x4
240!(0x4 == vlan.pcp) => vlan.pcp != 0x4
241!(0x4 >= vlan.pcp) => vlan.pcp > 0x4
242!(0x4 > vlan.pcp) => vlan.pcp >= 0x4
243!(0x4 <= vlan.pcp) => vlan.pcp < 0x4
244!(0x4 < vlan.pcp) => vlan.pcp <= 0x4
245
2461 < vlan.pcp < 4 => vlan.pcp > 0x1 && vlan.pcp < 0x4
2471 <= vlan.pcp <= 4 => vlan.pcp >= 0x1 && vlan.pcp <= 0x4
2481 < vlan.pcp <= 4 => vlan.pcp > 0x1 && vlan.pcp <= 0x4
2491 <= vlan.pcp < 4 => vlan.pcp >= 0x1 && vlan.pcp < 0x4
2501 <= vlan.pcp <= 4 => vlan.pcp >= 0x1 && vlan.pcp <= 0x4
2514 > vlan.pcp > 1 => vlan.pcp < 0x4 && vlan.pcp > 0x1
2524 >= vlan.pcp > 1 => vlan.pcp <= 0x4 && vlan.pcp > 0x1
2534 > vlan.pcp >= 1 => vlan.pcp < 0x4 && vlan.pcp >= 0x1
2544 >= vlan.pcp >= 1 => vlan.pcp <= 0x4 && vlan.pcp >= 0x1
255!(1 < vlan.pcp < 4) => vlan.pcp <= 0x1 || vlan.pcp >= 0x4
256!(1 <= vlan.pcp <= 4) => vlan.pcp < 0x1 || vlan.pcp > 0x4
257!(1 < vlan.pcp <= 4) => vlan.pcp <= 0x1 || vlan.pcp > 0x4
258!(1 <= vlan.pcp < 4) => vlan.pcp < 0x1 || vlan.pcp >= 0x4
259!(1 <= vlan.pcp <= 4) => vlan.pcp < 0x1 || vlan.pcp > 0x4
260!(4 > vlan.pcp > 1) => vlan.pcp >= 0x4 || vlan.pcp <= 0x1
261!(4 >= vlan.pcp > 1) => vlan.pcp > 0x4 || vlan.pcp <= 0x1
262!(4 > vlan.pcp >= 1) => vlan.pcp >= 0x4 || vlan.pcp < 0x1
263!(4 >= vlan.pcp >= 1) => vlan.pcp > 0x4 || vlan.pcp < 0x1
264
265vlan.pcp == {1, 2, 3, 4} => vlan.pcp == 0x1 || vlan.pcp == 0x2 || vlan.pcp == 0x3 || vlan.pcp == 0x4
266vlan.pcp == 1 || ((vlan.pcp == 2 || vlan.pcp == 3) || vlan.pcp == 4) => vlan.pcp == 0x1 || vlan.pcp == 0x2 || vlan.pcp == 0x3 || vlan.pcp == 0x4
267
268vlan.pcp != {1, 2, 3, 4} => vlan.pcp != 0x1 && vlan.pcp != 0x2 && vlan.pcp != 0x3 && vlan.pcp != 0x4
269vlan.pcp == 1 && ((vlan.pcp == 2 && vlan.pcp == 3) && vlan.pcp == 4) => vlan.pcp == 0x1 && vlan.pcp == 0x2 && vlan.pcp == 0x3 && vlan.pcp == 0x4
270
271vlan.pcp == 1 && !((vlan.pcp == 2 && vlan.pcp == 3) && vlan.pcp == 4) => vlan.pcp == 0x1 && (vlan.pcp != 0x2 || vlan.pcp != 0x3 || vlan.pcp != 0x4)
272vlan.pcp == 1 && (!(vlan.pcp == 2 && vlan.pcp == 3) && vlan.pcp == 4) => vlan.pcp == 0x1 && (vlan.pcp != 0x2 || vlan.pcp != 0x3) && vlan.pcp == 0x4
273vlan.pcp == 1 && !(!(vlan.pcp == 2 && vlan.pcp == 3) && vlan.pcp == 4) => vlan.pcp == 0x1 && ((vlan.pcp == 0x2 && vlan.pcp == 0x3) || vlan.pcp != 0x4)
274
275ip4.src == {10.0.0.0/8, 192.168.0.0/16, 172.16.20.0/24, 8.8.8.8} => ip4.src[24..31] == 0xa || ip4.src[16..31] == 0xc0a8 || ip4.src[8..31] == 0xac1014 || ip4.src == 0x8080808
276ip6.src == ::1 => ip6.src == 0x1
277
278ip4.src == 1.2.3.4 => ip4.src == 0x1020304
279ip4.src == ::1.2.3.4/::ffff:ffff => ip4.src == 0x1020304
280ip6.src == ::1 => ip6.src == 0x1
281
2821
2830
284!1 => 0
285!0 => 1
286
287inport == "eth0"
288!(inport != "eth0") => inport == "eth0"
289
3b7cb7e1
BP		 290ip4.src == "eth0" => Integer field ip4.src is not compatible with string constant.
291inport == 1 => String field inport is not compatible with integer constant.
76da94b5 292ip4.src = 1.2.3.4 => Syntax error at `=' expecting relational operator.
e0840f11
BP		 293
294ip4.src > {1, 2, 3} => Only == and != operators may be used with value sets.
295eth.type > 0x800 => Only == and != operators may be used with nominal field eth.type.
296vlan.present > 0 => Only == and != operators may be used with Boolean field vlan.present.
297
298inport != "eth0" => Nominal field inport may only be tested for equality (taking enclosing `!' operators into account).
299!(inport == "eth0") => Nominal field inport may only be tested for equality (taking enclosing `!' operators into account).
300eth.type != 0x800 => Nominal field eth.type may only be tested for equality (taking enclosing `!' operators into account).
301!(eth.type == 0x800) => Nominal field eth.type may only be tested for equality (taking enclosing `!' operators into account).
76da94b5 302inport = "eth0" => Syntax error at `=' expecting relational operator.
e0840f11
BP		 303
304123 == 123 => Syntax error at `123' expecting field name.
305
2c5cbb15
RB		 306$name => Syntax error at `$name' expecting address set name.
307
e0840f11
BP		 308123 == xyzzy => Syntax error at `xyzzy' expecting field name.
309xyzzy == 1 => Syntax error at `xyzzy' expecting field name.
310
311inport[1] == 1 => Cannot select subfield of string field inport.
312
313eth.type[] == 1 => Syntax error at `@:>@' expecting small integer.
314eth.type[::1] == 1 => Syntax error at `::1' expecting small integer.
315eth.type[18446744073709551615] == 1 => Syntax error at `18446744073709551615' expecting small integer.
316
317eth.type[5!] => Syntax error at `!' expecting `@:>@'.
318
319eth.type[5..1] => Invalid bit range 5 to 1.
320
321eth.type[12..16] => Cannot select bits 12 to 16 of 16-bit field eth.type.
322
323eth.type[10] == 1 => Cannot select subfield of nominal field eth.type.
324
325eth.type => Explicit `!= 0' is required for inequality test of multibit field against 0.
326
327!(!(vlan.pcp)) => Explicit `!= 0' is required for inequality test of multibit field against 0.
328
329123 => Syntax error at end of input expecting relational operator.
330
331123 x => Syntax error at `x' expecting relational operator.
332
333{1, "eth0"} => Syntax error at `"eth0"' expecting integer.
334
335eth.type == xyzzy => Syntax error at `xyzzy' expecting constant.
336
337(1 x) => Syntax error at `x' expecting `)'.
338
339!0x800 != eth.type => Missing parentheses around operand of !.
340
341eth.type == 0x800 || eth.type == 0x86dd && ip.proto == 17 => && and || must be parenthesized when used together.
342
343eth.dst == {} => Syntax error at `}' expecting constant.
344
345eth.src > 00:00:00:00:11:11/00:00:00:00:ff:ff => Only == and != operators may be used with masked constants. Consider using subfields instead (e.g. eth.src[0..15] > 0x1111 in place of eth.src > 00:00:00:00:11:11/00:00:00:00:ff:ff).
346
3b7cb7e1 347ip4.src == ::1 => 128-bit constant is not compatible with 32-bit field ip4.src.
e0840f11
BP		 348
3491 == eth.type == 2 => Range expressions must have the form `x < field < y' or `x > field > y', with each `<' optionally replaced by `<=' or `>' by `>=').
8b34ccda 350
9aef3c1b 351eth.dst[40] x => Syntax error at `x' expecting end of input.
ea382567
RB		 352
353ip4.src == {1.2.3.4, $set1, $unknownset} => Syntax error at `$unknownset' expecting address set name.
354eth.src == {$set3, badmac, 00:00:00:00:00:01} => Syntax error at `badmac' expecting constant.
e0840f11
BP		 355]])
356sed 's/ =>.*//' test-cases.txt > input.txt
357sed 's/.* => //' test-cases.txt > expout
358AT_CHECK([ovstest test-ovn parse-expr < input.txt], [0], [expout])
359AT_CLEANUP
360
361AT_SETUP([ovn -- expression annotation])
362dnl Input precedes =>, expected output follows =>.
363AT_DATA([test-cases.txt], [[
364ip4.src == 1.2.3.4 => ip4.src == 0x1020304 && eth.type == 0x800
365ip4.src != 1.2.3.4 => ip4.src != 0x1020304 && eth.type == 0x800
366ip.proto == 123 => ip.proto == 0x7b && (eth.type == 0x800 || eth.type == 0x86dd)
367ip.proto == {123, 234} => (ip.proto == 0x7b && (eth.type == 0x800 || eth.type == 0x86dd)) || (ip.proto == 0xea && (eth.type == 0x800 || eth.type == 0x86dd))
368ip4.src == 1.2.3.4 && ip4.dst == 5.6.7.8 => ip4.src == 0x1020304 && eth.type == 0x800 && ip4.dst == 0x5060708 && eth.type == 0x800
369
370ip => eth.type == 0x800 || eth.type == 0x86dd
371ip == 1 => eth.type == 0x800 || eth.type == 0x86dd
372ip[0] == 1 => eth.type == 0x800 || eth.type == 0x86dd
373ip > 0 => Only == and != operators may be used with nominal field ip.
374!ip => Nominal predicate ip may only be tested positively, e.g. `ip' or `ip == 1' but not `!ip' or `ip == 0'.
375ip == 0 => Nominal predicate ip may only be tested positively, e.g. `ip' or `ip == 1' but not `!ip' or `ip == 0'.
376
377vlan.present => vlan.tci[12]
378!vlan.present => !vlan.tci[12]
379
380!vlan.pcp => vlan.tci[13..15] == 0 && vlan.tci[12]
381vlan.pcp == 1 && vlan.vid == 2 => vlan.tci[13..15] == 0x1 && vlan.tci[12] && vlan.tci[0..11] == 0x2 && vlan.tci[12]
7700eea0 382!reg0 && !reg1 && !reg2 && !reg3 => xxreg0[96..127] == 0 && xxreg0[64..95] == 0 && xxreg0[32..63] == 0 && xxreg0[0..31] == 0
e0840f11
BP		 383
384ip.first_frag => ip.frag[0] && (eth.type == 0x800 || eth.type == 0x86dd) && (!ip.frag[1] || (eth.type != 0x800 && eth.type != 0x86dd))
385!ip.first_frag => !ip.frag[0] || (eth.type != 0x800 && eth.type != 0x86dd) || (ip.frag[1] && (eth.type == 0x800 || eth.type == 0x86dd))
386ip.later_frag => ip.frag[1] && (eth.type == 0x800 || eth.type == 0x86dd)
387
388bad_prereq != 0 => Error parsing expression `xyzzy' encountered as prerequisite or predicate of initial expression: Syntax error at `xyzzy' expecting field name.
389self_recurse != 0 => Error parsing expression `self_recurse != 0' encountered as prerequisite or predicate of initial expression: Recursive expansion of symbol `self_recurse'.
390mutual_recurse_1 != 0 => Error parsing expression `mutual_recurse_2 != 0' encountered as prerequisite or predicate of initial expression: Error parsing expression `mutual_recurse_1 != 0' encountered as prerequisite or predicate of initial expression: Recursive expansion of symbol `mutual_recurse_1'.
391mutual_recurse_2 != 0 => Error parsing expression `mutual_recurse_1 != 0' encountered as prerequisite or predicate of initial expression: Error parsing expression `mutual_recurse_2 != 0' encountered as prerequisite or predicate of initial expression: Recursive expansion of symbol `mutual_recurse_2'.
392]])
393sed 's/ =>.*//' test-cases.txt > input.txt
394sed 's/.* => //' test-cases.txt > expout
395AT_CHECK([ovstest test-ovn annotate-expr < input.txt], [0], [expout])
396AT_CLEANUP
397
9d4aecca 398AT_SETUP([ovn -- 1-term expression conversion])
e0840f11 399AT_CHECK([ovstest test-ovn exhaustive --operation=convert 1], [0],
9d4aecca 400 [Tested converting all 1-terminal expressions with 2 numeric vars (each 3 bits) in terms of operators == != < <= > >= and 2 string vars.
e0840f11
BP		 401])
402AT_CLEANUP
403
9d4aecca 404AT_SETUP([ovn -- 2-term expression conversion])
e0840f11 405AT_CHECK([ovstest test-ovn exhaustive --operation=convert 2], [0],
8c3caa2c 406 [Tested converting 578 expressions of 2 terminals with 2 numeric vars (each 3 bits) in terms of operators == != < <= > >= and 2 string vars.
e0840f11
BP		 407])
408AT_CLEANUP
409
9d4aecca 410AT_SETUP([ovn -- 3-term expression conversion])
e0840f11 411AT_CHECK([ovstest test-ovn exhaustive --operation=convert --bits=2 3], [0],
8c3caa2c 412 [Tested converting 67410 expressions of 3 terminals with 2 numeric vars (each 2 bits) in terms of operators == != < <= > >= and 2 string vars.
e0840f11
BP		 413])
414AT_CLEANUP
415
9d4aecca
BP		 416AT_SETUP([ovn -- 3-term numeric expression simplification])
417AT_CHECK([ovstest test-ovn exhaustive --operation=simplify --nvars=2 --svars=0 3], [0],
8c3caa2c 418 [Tested simplifying 490770 expressions of 3 terminals with 2 numeric vars (each 3 bits) in terms of operators == != < <= > >=.
e0840f11
BP		 419])
420AT_CLEANUP
421
9d4aecca
BP		 422AT_SETUP([ovn -- 4-term string expression simplification])
423AT_CHECK([ovstest test-ovn exhaustive --operation=simplify --nvars=0 --svars=4 4], [0],
424 [Tested simplifying 21978 expressions of 4 terminals with 4 string vars.
e0840f11
BP		 425])
426AT_CLEANUP
427
9d4aecca
BP		 428AT_SETUP([ovn -- 3-term mixed expression simplification])
429AT_CHECK([ovstest test-ovn exhaustive --operation=simplify --nvars=1 --svars=1 3], [0],
8c3caa2c 430 [Tested simplifying 127890 expressions of 3 terminals with 1 numeric vars (each 3 bits) in terms of operators == != < <= > >= and 1 string vars.
e0840f11
BP		 431])
432AT_CLEANUP
433
97ba1d55
BP		 434AT_SETUP([ovn -- simplification special cases])
435simplify() {
436 echo "$1" | ovstest test-ovn simplify-expr
437}
438AT_CHECK([simplify 'eth.dst == 0/0'], [0], [1
439])
a3d79068
BP		 440AT_CHECK([simplify 'eth.dst != 0/0'], [0], [0
441])
33f15d17
BP		 442AT_CHECK([simplify 'tcp.dst >= 0'], [0],
443 [ip.proto == 0x6 && (eth.type == 0x800 || eth.type == 0x86dd)
444])
445AT_CHECK([simplify 'tcp.dst <= 65535'], [0],
446 [ip.proto == 0x6 && (eth.type == 0x800 || eth.type == 0x86dd)
447])
448AT_CHECK([simplify 'tcp.dst > 0'], [0],
449 [[(tcp.dst[0] || tcp.dst[1] || tcp.dst[2] || tcp.dst[3] || tcp.dst[4] || tcp.dst[5] || tcp.dst[6] || tcp.dst[7] || tcp.dst[8] || tcp.dst[9] || tcp.dst[10] || tcp.dst[11] || tcp.dst[12] || tcp.dst[13] || tcp.dst[14] || tcp.dst[15]) && ip.proto == 0x6 && (eth.type == 0x800 || eth.type == 0x86dd)
450]])
451AT_CHECK([simplify 'tcp.dst < 65535'], [0],
452 [[(!tcp.dst[0] || !tcp.dst[1] || !tcp.dst[2] || !tcp.dst[3] || !tcp.dst[4] || !tcp.dst[5] || !tcp.dst[6] || !tcp.dst[7] || !tcp.dst[8] || !tcp.dst[9] || !tcp.dst[10] || !tcp.dst[11] || !tcp.dst[12] || !tcp.dst[13] || !tcp.dst[14] || !tcp.dst[15]) && ip.proto == 0x6 && (eth.type == 0x800 || eth.type == 0x86dd)
453]])
97ba1d55
BP		 454AT_CLEANUP
455
9d4aecca
BP		 456AT_SETUP([ovn -- 4-term numeric expression normalization])
457AT_CHECK([ovstest test-ovn exhaustive --operation=normalize --nvars=3 --svars=0 --bits=1 4], [0],
8c3caa2c 458 [Tested normalizing 1874026 expressions of 4 terminals with 3 numeric vars (each 1 bits) in terms of operators == != < <= > >=.
e0840f11
BP		 459])
460AT_CLEANUP
461
9d4aecca
BP		 462AT_SETUP([ovn -- 4-term string expression normalization])
463AT_CHECK([ovstest test-ovn exhaustive --operation=normalize --nvars=0 --svars=3 --bits=1 4], [0],
464 [Tested normalizing 11242 expressions of 4 terminals with 3 string vars.
465])
466AT_CLEANUP
467
468AT_SETUP([ovn -- 4-term mixed expression normalization])
469AT_CHECK([ovstest test-ovn exhaustive --operation=normalize --nvars=1 --bits=1 --svars=2 4], [0],
8c3caa2c 470 [Tested normalizing 175978 expressions of 4 terminals with 1 numeric vars (each 1 bits) in terms of operators == != < <= > >= and 2 string vars.
9d4aecca
BP		 471])
472AT_CLEANUP
473
474AT_SETUP([ovn -- 5-term numeric expression normalization])
475AT_CHECK([ovstest test-ovn exhaustive --operation=normalize --nvars=3 --svars=0 --bits=1 --relops='==' 5], [0],
8c3caa2c 476 [Tested normalizing 1317600 expressions of 5 terminals with 3 numeric vars (each 1 bits) in terms of operators ==.
9d4aecca
BP		 477])
478AT_CLEANUP
479
480AT_SETUP([ovn -- 5-term string expression normalization])
481AT_CHECK([ovstest test-ovn exhaustive --operation=normalize --nvars=0 --svars=3 --bits=1 --relops='==' 5], [0],
482 [Tested normalizing 368550 expressions of 5 terminals with 3 string vars.
483])
484AT_CLEANUP
485
486AT_SETUP([ovn -- 5-term mixed expression normalization])
487AT_CHECK([ovstest test-ovn exhaustive --operation=normalize --nvars=1 --svars=1 --bits=1 --relops='==' 5], [0],
8c3caa2c 488 [Tested normalizing 216000 expressions of 5 terminals with 1 numeric vars (each 1 bits) in terms of operators == and 1 string vars.
9d4aecca
BP		 489])
490AT_CLEANUP
491
492AT_SETUP([ovn -- 4-term numeric expressions to flows])
8c3caa2c 493AT_KEYWORDS([expression])
9d4aecca 494AT_CHECK([ovstest test-ovn exhaustive --operation=flow --nvars=2 --svars=0 --bits=2 --relops='==' 4], [0],
8c3caa2c 495 [Tested converting to flows 175978 expressions of 4 terminals with 2 numeric vars (each 2 bits) in terms of operators ==.
9d4aecca
BP		 496])
497AT_CLEANUP
498
499AT_SETUP([ovn -- 4-term string expressions to flows])
8c3caa2c 500AT_KEYWORDS([expression])
9d4aecca
BP		 501AT_CHECK([ovstest test-ovn exhaustive --operation=flow --nvars=0 --svars=4 4], [0],
502 [Tested converting to flows 21978 expressions of 4 terminals with 4 string vars.
503])
504AT_CLEANUP
505
506AT_SETUP([ovn -- 4-term mixed expressions to flows])
8c3caa2c 507AT_KEYWORDS([expression])
9d4aecca 508AT_CHECK([ovstest test-ovn exhaustive --operation=flow --nvars=1 --bits=2 --svars=1 --relops='==' 4], [0],
8c3caa2c 509 [Tested converting to flows 48312 expressions of 4 terminals with 1 numeric vars (each 2 bits) in terms of operators == and 1 string vars.
9d4aecca
BP		 510])
511AT_CLEANUP
512
513AT_SETUP([ovn -- 3-term numeric expressions to flows])
8c3caa2c 514AT_KEYWORDS([expression])
9d4aecca 515AT_CHECK([ovstest test-ovn exhaustive --operation=flow --nvars=3 --svars=0 --bits=3 --relops='==' 3], [0],
8c3caa2c 516 [Tested converting to flows 41328 expressions of 3 terminals with 3 numeric vars (each 3 bits) in terms of operators ==.
e0840f11
BP		 517])
518AT_CLEANUP
f386a8a7
BP		 519
520AT_SETUP([ovn -- converting expressions to flows -- string fields])
8c3caa2c 521AT_KEYWORDS([expression])
f386a8a7
BP		 522expr_to_flow () {
523 echo "$1" | ovstest test-ovn expr-to-flows | sort
524}
cc5e28d8 525AT_CHECK([expr_to_flow 'inport == "eth0"'], [0], [reg14=0x5
f386a8a7 526])
cc5e28d8 527AT_CHECK([expr_to_flow 'inport == "eth1"'], [0], [reg14=0x6
f386a8a7
BP		 528])
529AT_CHECK([expr_to_flow 'inport == "eth2"'], [0], [(no flows)
530])
531AT_CHECK([expr_to_flow 'inport == "eth0" && ip'], [0], [dnl
cc5e28d8
JP		 532ip,reg14=0x5
533ipv6,reg14=0x5
f386a8a7
BP		 534])
535AT_CHECK([expr_to_flow 'inport == "eth1" && ip'], [0], [dnl
cc5e28d8
JP		 536ip,reg14=0x6
537ipv6,reg14=0x6
f386a8a7
BP		 538])
539AT_CHECK([expr_to_flow 'inport == "eth2" && ip'], [0], [(no flows)
540])
541AT_CHECK([expr_to_flow 'inport == {"eth0", "eth1", "eth2", "LOCAL"}'], [0],
cc5e28d8
JP		 542[reg14=0x5
543reg14=0x6
544reg14=0xfffe
f386a8a7
BP		 545])
546AT_CHECK([expr_to_flow 'inport == {"eth0", "eth1", "eth2"} && ip'], [0], [dnl
cc5e28d8
JP		 547ip,reg14=0x5
548ip,reg14=0x6
549ipv6,reg14=0x5
550ipv6,reg14=0x6
f386a8a7 551])
9d4aecca
BP		 552AT_CHECK([expr_to_flow 'inport == "eth0" && inport == "eth1"'], [0], [dnl
553(no flows)
554])
f386a8a7 555AT_CLEANUP
3b7cb7e1 556
2c5cbb15 557AT_SETUP([ovn -- converting expressions to flows -- address sets])
8c3caa2c 558AT_KEYWORDS([expression])
2c5cbb15
RB		 559expr_to_flow () {
560 echo "$1" | ovstest test-ovn expr-to-flows | sort
561}
562AT_CHECK([expr_to_flow 'ip4.src == {10.0.0.1, 10.0.0.2, 10.0.0.3}'], [0], [dnl
563ip,nw_src=10.0.0.1
564ip,nw_src=10.0.0.2
565ip,nw_src=10.0.0.3
566])
567AT_CHECK([expr_to_flow 'ip4.src == $set1'], [0], [dnl
568ip,nw_src=10.0.0.1
569ip,nw_src=10.0.0.2
570ip,nw_src=10.0.0.3
571])
572AT_CHECK([expr_to_flow 'ip4.src == {1.2.3.4, $set1}'], [0], [dnl
573ip,nw_src=1.2.3.4
574ip,nw_src=10.0.0.1
575ip,nw_src=10.0.0.2
576ip,nw_src=10.0.0.3
577])
578AT_CHECK([expr_to_flow 'ip4.src == {1.2.0.0/20, 5.5.5.0/24, $set1}'], [0], [dnl
579ip,nw_src=1.2.0.0/20
580ip,nw_src=10.0.0.1
581ip,nw_src=10.0.0.2
582ip,nw_src=10.0.0.3
583ip,nw_src=5.5.5.0/24
584])
585AT_CHECK([expr_to_flow 'ip6.src == {::1, ::2, ::3}'], [0], [dnl
586ipv6,ipv6_src=::1
587ipv6,ipv6_src=::2
588ipv6,ipv6_src=::3
589])
590AT_CHECK([expr_to_flow 'ip6.src == {::1, $set2, ::4}'], [0], [dnl
591ipv6,ipv6_src=::1
592ipv6,ipv6_src=::2
593ipv6,ipv6_src=::3
594ipv6,ipv6_src=::4
595])
596AT_CHECK([expr_to_flow 'eth.src == {00:00:00:00:00:01, 00:00:00:00:00:02, 00:00:00:00:00:03}'], [0], [dnl
597dl_src=00:00:00:00:00:01
598dl_src=00:00:00:00:00:02
599dl_src=00:00:00:00:00:03
600])
601AT_CHECK([expr_to_flow 'eth.src == {$set3}'], [0], [dnl
602dl_src=00:00:00:00:00:01
603dl_src=00:00:00:00:00:02
604dl_src=00:00:00:00:00:03
605])
ea382567
RB		 606AT_CHECK([expr_to_flow 'eth.src == {00:00:00:00:00:01, $set3, ba:be:be:ef:de:ad, $set3}'], [0], [dnl
607dl_src=00:00:00:00:00:01
608dl_src=00:00:00:00:00:02
609dl_src=00:00:00:00:00:03
610dl_src=ba:be:be:ef:de:ad
611])
2c5cbb15
RB		 612AT_CLEANUP
613
3b7cb7e1 614AT_SETUP([ovn -- action parsing])
d5a76da4
BP		 615dnl Unindented text is input (a set of OVN logical actions).
616dnl Indented text is expected output.
617AT_DATA([test-cases.txt],
618[[# drop
619drop;
620 encodes as drop
621drop; next;
622 Syntax error at `next' expecting end of input.
623next; drop;
624 Syntax error at `drop' expecting action.
5f822129
BP		 625
626# output
d5a76da4
BP		 627output;
628 encodes as resubmit(,64)
5f822129
BP		 629
630# next
d5a76da4
BP		 631next;
632 formats as next(11);
633 encodes as resubmit(,27)
634next(11);
635 encodes as resubmit(,27)
636next(0);
637 encodes as resubmit(,16)
638next(15);
639 encodes as resubmit(,31)
640
641next();
642 Syntax error at `)' expecting small integer.
643next(10;
644 Syntax error at `;' expecting `)'.
645next(16);
646 "next" argument must be in range 0 to 15.
5f822129
BP		 647
648# Loading a constant value.
d5a76da4
BP		 649tcp.dst=80;
650 formats as tcp.dst = 80;
651 encodes as set_field:80->tcp_dst
652 has prereqs ip.proto == 0x6 && (eth.type == 0x800 || eth.type == 0x86dd)
653eth.dst[40] = 1;
654 encodes as set_field:01:00:00:00:00:00/01:00:00:00:00:00->eth_dst
655vlan.pcp = 2;
656 encodes as set_field:0x4000/0xe000->vlan_tci
657 has prereqs vlan.tci[12]
658vlan.tci[13..15] = 2;
659 encodes as set_field:0x4000/0xe000->vlan_tci
660inport = "";
661 encodes as set_field:0->reg14
662ip.ttl=4;
663 formats as ip.ttl = 4;
664 encodes as set_field:4->nw_ttl
665 has prereqs eth.type == 0x800 || eth.type == 0x86dd
666outport="eth0"; next; outport="LOCAL"; next;
667 formats as outport = "eth0"; next(11); outport = "LOCAL"; next(11);
668 encodes as set_field:0x5->reg15,resubmit(,27),set_field:0xfffe->reg15,resubmit(,27)
669
670inport[1] = 1;
671 Cannot select subfield of string field inport.
672ip.proto[1] = 1;
673 Cannot select subfield of nominal field ip.proto.
674eth.dst[40] == 1;
675 Syntax error at `==' expecting `=' or `<->'.
676ip = 1;
677 Predicate symbol ip used where lvalue required.
678ip.proto = 6;
679 Field ip.proto is not modifiable.
680inport = {"a", "b"};
681 Syntax error at `{' expecting constant.
682inport = {};
683 Syntax error at `{' expecting constant.
684bad_prereq = 123;
685 Error parsing expression `xyzzy' encountered as prerequisite or predicate of initial expression: Syntax error at `xyzzy' expecting field name.
686self_recurse = 123;
687 Error parsing expression `self_recurse != 0' encountered as prerequisite or predicate of initial expression: Error parsing expression `self_recurse != 0' encountered as prerequisite or predicate of initial expression: Recursive expansion of symbol `self_recurse'.
688vlan.present = 0;
689 Predicate symbol vlan.present used where lvalue required.
5f822129
BP		 690
691# Moving one field into another.
d5a76da4
BP		 692reg0=reg1;
693 formats as reg0 = reg1;
694 encodes as move:NXM_NX_XXREG0[64..95]->NXM_NX_XXREG0[96..127]
695vlan.pcp = reg0[0..2];
696 encodes as move:NXM_NX_XXREG0[96..98]->NXM_OF_VLAN_TCI[13..15]
697 has prereqs vlan.tci[12]
698reg0[10] = vlan.pcp[1];
699 encodes as move:NXM_OF_VLAN_TCI[14]->NXM_NX_XXREG0[106]
700 has prereqs vlan.tci[12]
701outport = inport;
702 encodes as move:NXM_NX_REG14[]->NXM_NX_REG15[]
703
704reg0[0] = vlan.present;
705 Predicate symbol vlan.present used where lvalue required.
706reg0 = reg1[0..10];
707 Can't assign 11-bit value to 32-bit destination.
708inport = reg0;
709 Can't assign integer field (reg0) to string field (inport).
710inport = big_string;
711 String fields inport and big_string are incompatible for assignment.
712ip.proto = reg0[0..7];
713 Field ip.proto is not modifiable.
5f822129
BP		 714
715# Exchanging fields.
d5a76da4
BP		 716reg0 <-> reg1;
717 encodes as push:NXM_NX_XXREG0[64..95],push:NXM_NX_XXREG0[96..127],pop:NXM_NX_XXREG0[64..95],pop:NXM_NX_XXREG0[96..127]
718vlan.pcp <-> reg0[0..2];
719 encodes as push:NXM_NX_XXREG0[96..98],push:NXM_OF_VLAN_TCI[13..15],pop:NXM_NX_XXREG0[96..98],pop:NXM_OF_VLAN_TCI[13..15]
720 has prereqs vlan.tci[12]
721reg0[10] <-> vlan.pcp[1];
722 encodes as push:NXM_OF_VLAN_TCI[14],push:NXM_NX_XXREG0[106],pop:NXM_OF_VLAN_TCI[14],pop:NXM_NX_XXREG0[106]
723 has prereqs vlan.tci[12]
724outport <-> inport;
725 encodes as push:NXM_NX_REG14[],push:NXM_NX_REG15[],pop:NXM_NX_REG14[],pop:NXM_NX_REG15[]
726
727reg0[0] <-> vlan.present;
728 Predicate symbol vlan.present used where lvalue required.
729reg0 <-> reg1[0..10];
730 Can't exchange 32-bit field with 11-bit field.
731inport <-> reg0;
732 Can't exchange string field (inport) with integer field (reg0).
733inport <-> big_string;
734 String fields inport and big_string are incompatible for exchange.
735ip.proto <-> reg0[0..7];
736 Field ip.proto is not modifiable.
737reg0[0..7] <-> ip.proto;
738 Field ip.proto is not modifiable.
5f822129
BP		 739
740# TTL decrement.
d5a76da4
BP		 741ip.ttl--;
742 encodes as dec_ttl
743 has prereqs ip
744ip.ttl
745 Syntax error at end of input expecting `--'.
5f822129 746
467085fd 747# load balancing.
d5a76da4
BP		 748ct_lb;
749 encodes as ct(table=27,zone=NXM_NX_REG13[0..15],nat)
750 has prereqs ip
751ct_lb();
752 formats as ct_lb;
753 encodes as ct(table=27,zone=NXM_NX_REG13[0..15],nat)
754 has prereqs ip
755ct_lb(192.168.1.2:80, 192.168.1.3:80);
756 encodes as group:1
757 has prereqs ip
758ct_lb(192.168.1.2, 192.168.1.3, );
759 formats as ct_lb(192.168.1.2, 192.168.1.3);
760 encodes as group:2
761 has prereqs ip
762
763ct_lb(192.168.1.2:);
764 Syntax error at `)' expecting port number.
765ct_lb(192.168.1.2:123456);
766 Syntax error at `123456' expecting port number.
767ct_lb(foo);
768 Syntax error at `foo' expecting IPv4 address.
769
770# ct_next
771ct_next;
772 encodes as ct(table=27,zone=NXM_NX_REG13[0..15])
773 has prereqs ip
774
775# ct_commit
776ct_commit;
777 encodes as ct(commit,zone=NXM_NX_REG13[0..15])
778 has prereqs ip
779ct_commit();
780 formats as ct_commit;
781 encodes as ct(commit,zone=NXM_NX_REG13[0..15])
782 has prereqs ip
783ct_commit(ct_mark=1);
784 formats as ct_commit(ct_mark=0x1);
785 encodes as ct(commit,zone=NXM_NX_REG13[0..15],exec(set_field:0x1->ct_mark))
786 has prereqs ip
787ct_commit(ct_mark=1/1);
788 formats as ct_commit(ct_mark=0x1/0x1);
789 encodes as ct(commit,zone=NXM_NX_REG13[0..15],exec(set_field:0x1/0x1->ct_mark))
790 has prereqs ip
791ct_commit(ct_label=1);
792 formats as ct_commit(ct_label=0x1);
793 encodes as ct(commit,zone=NXM_NX_REG13[0..15],exec(set_field:0x1->ct_label))
794 has prereqs ip
795ct_commit(ct_label=1/1);
796 formats as ct_commit(ct_label=0x1/0x1);
797 encodes as ct(commit,zone=NXM_NX_REG13[0..15],exec(set_field:0x1/0x1->ct_label))
798 has prereqs ip
799ct_commit(ct_mark=1, ct_label=2);
800 formats as ct_commit(ct_mark=0x1, ct_label=0x2);
801 encodes as ct(commit,zone=NXM_NX_REG13[0..15],exec(set_field:0x1->ct_mark,set_field:0x2->ct_label))
802 has prereqs ip
803
804ct_commit(ct_label=0x01020304050607080910111213141516);
805 formats as ct_commit(ct_label=0x1020304050607080910111213141516);
806 encodes as ct(commit,zone=NXM_NX_REG13[0..15],exec(set_field:0x1020304050607080910111213141516->ct_label))
807 has prereqs ip
808ct_commit(ct_label=0x181716151413121110090807060504030201);
809 formats as ct_commit(ct_label=0x16151413121110090807060504030201);
810 encodes as ct(commit,zone=NXM_NX_REG13[0..15],exec(set_field:0x16151413121110090807060504030201->ct_label))
811 has prereqs ip
812ct_commit(ct_label=0x1000000000000000000000000000000/0x1000000000000000000000000000000);
813 encodes as ct(commit,zone=NXM_NX_REG13[0..15],exec(set_field:0x1000000000000000000000000000000/0x1000000000000000000000000000000->ct_label))
814 has prereqs ip
815ct_commit(ct_label=18446744073709551615);
816 formats as ct_commit(ct_label=0xffffffffffffffff);
817 encodes as ct(commit,zone=NXM_NX_REG13[0..15],exec(set_field:0xffffffffffffffff->ct_label))
818 has prereqs ip
819ct_commit(ct_label=18446744073709551616);
820 Decimal constants must be less than 2**64.
821
822# ct_dnat
823ct_dnat;
824 encodes as ct(table=27,zone=NXM_NX_REG11[0..15],nat)
825 has prereqs ip
826ct_dnat(192.168.1.2);
827 encodes as ct(commit,table=27,zone=NXM_NX_REG11[0..15],nat(dst=192.168.1.2))
828 has prereqs ip
829
830ct_dnat(192.168.1.2, 192.168.1.3);
831 Syntax error at `,' expecting `)'.
832ct_dnat(foo);
833 Syntax error at `foo' expecting IPv4 address.
834ct_dnat(foo, bar);
835 Syntax error at `foo' expecting IPv4 address.
836ct_dnat();
837 Syntax error at `)' expecting IPv4 address.
838
839# ct_snat
840ct_snat;
841 encodes as ct(zone=NXM_NX_REG12[0..15],nat)
842 has prereqs ip
843ct_snat(192.168.1.2);
844 encodes as ct(commit,table=27,zone=NXM_NX_REG12[0..15],nat(src=192.168.1.2))
845 has prereqs ip
846
847ct_snat(192.168.1.2, 192.168.1.3);
848 Syntax error at `,' expecting `)'.
849ct_snat(foo);
850 Syntax error at `foo' expecting IPv4 address.
851ct_snat(foo, bar);
852 Syntax error at `foo' expecting IPv4 address.
853ct_snat();
854 Syntax error at `)' expecting IPv4 address.
de297547 855
6335d074 856# arp
d5a76da4
BP		 857arp { eth.dst = ff:ff:ff:ff:ff:ff; output; };
858 encodes as controller(userdata=00.00.00.00.00.00.00.00.00.19.00.10.80.00.06.06.ff.ff.ff.ff.ff.ff.00.00.ff.ff.00.10.00.00.23.20.00.0e.ff.f8.40.00.00.00)
859 has prereqs ip4
6335d074 860
0bac7164 861# get_arp
d5a76da4
BP		 862get_arp(outport, ip4.dst);
863 encodes as push:NXM_NX_REG0[],push:NXM_OF_IP_DST[],pop:NXM_NX_REG0[],set_field:00:00:00:00:00:00->eth_dst,resubmit(,65),pop:NXM_NX_REG0[]
864 has prereqs eth.type == 0x800
865get_arp(inport, reg0);
866 encodes as push:NXM_NX_REG15[],push:NXM_NX_REG0[],push:NXM_NX_XXREG0[96..127],push:NXM_NX_REG14[],pop:NXM_NX_REG15[],pop:NXM_NX_REG0[],set_field:00:00:00:00:00:00->eth_dst,resubmit(,65),pop:NXM_NX_REG0[],pop:NXM_NX_REG15[]
867
868get_arp;
869 Syntax error at `;' expecting `('.
870get_arp();
871 Syntax error at `)' expecting field name.
872get_arp(inport);
873 Syntax error at `)' expecting `,'.
874get_arp(inport ip4.dst);
875 Syntax error at `ip4.dst' expecting `,'.
876get_arp(inport, ip4.dst;
877 Syntax error at `;' expecting `)'.
878get_arp(inport, eth.dst);
879 Cannot use 48-bit field eth.dst[0..47] where 32-bit field is required.
880get_arp(inport, outport);
881 Cannot use string field outport where numeric field is required.
882get_arp(reg0, ip4.dst);
883 Cannot use numeric field reg0 where string field is required.
0bac7164
BP		 884
885# put_arp
d5a76da4
BP		 886put_arp(inport, arp.spa, arp.sha);
887 encodes as push:NXM_NX_REG0[],push:NXM_OF_ETH_SRC[],push:NXM_NX_ARP_SHA[],push:NXM_OF_ARP_SPA[],pop:NXM_NX_REG0[],pop:NXM_OF_ETH_SRC[],controller(userdata=00.00.00.01.00.00.00.00),pop:NXM_OF_ETH_SRC[],pop:NXM_NX_REG0[]
888 has prereqs eth.type == 0x806 && eth.type == 0x806
0bac7164 889
42814145 890# put_dhcp_opts
d5a76da4
BP		 891reg1[0] = put_dhcp_opts(offerip = 1.2.3.4, router = 10.0.0.1);
892 encodes as controller(userdata=00.00.00.02.00.00.00.00.00.01.de.10.00.00.00.40.01.02.03.04.03.04.0a.00.00.01,pause)
893reg2[5] = put_dhcp_opts(offerip=10.0.0.4,router=10.0.0.1,netmask=255.255.254.0,mtu=1400,domain="ovn.org");
894 formats as reg2[5] = put_dhcp_opts(offerip = 10.0.0.4, router = 10.0.0.1, netmask = 255.255.254.0, mtu = 1400, domain = "ovn.org");
895 encodes as controller(userdata=00.00.00.02.00.00.00.00.00.01.de.10.00.00.00.25.0a.00.00.04.03.04.0a.00.00.01.01.04.ff.ff.fe.00.1a.02.05.78.0f.07.6f.76.6e.2e.6f.72.67,pause)
896reg0[15] = put_dhcp_opts(offerip=10.0.0.4,router=10.0.0.1,netmask=255.255.255.0,mtu=1400,ip_forward_enable=1,default_ttl=121,dns_server={8.8.8.8,7.7.7.7},classless_static_route={30.0.0.0/24,10.0.0.4,40.0.0.0/16,10.0.0.6,0.0.0.0/0,10.0.0.1},ethernet_encap=1,router_discovery=0);
897 formats as reg0[15] = put_dhcp_opts(offerip = 10.0.0.4, router = 10.0.0.1, netmask = 255.255.255.0, mtu = 1400, ip_forward_enable = 1, default_ttl = 121, dns_server = {8.8.8.8, 7.7.7.7}, classless_static_route = {30.0.0.0/24, 10.0.0.4, 40.0.0.0/16, 10.0.0.6, 0.0.0.0/0, 10.0.0.1}, ethernet_encap = 1, router_discovery = 0);
898 encodes as controller(userdata=00.00.00.02.00.00.00.00.00.01.de.10.00.00.00.6f.0a.00.00.04.03.04.0a.00.00.01.01.04.ff.ff.ff.00.1a.02.05.78.13.01.01.17.01.79.06.08.08.08.08.08.07.07.07.07.79.14.18.1e.00.00.0a.00.00.04.10.28.00.0a.00.00.06.00.0a.00.00.01.24.01.01.1f.01.00,pause)
899
900reg1[0..1] = put_dhcp_opts(offerip = 1.2.3.4, router = 10.0.0.1);
901 Cannot use 2-bit field reg1[0..1] where 1-bit field is required.
902reg1[0] = put_dhcp_opts();
903 put_dhcp_opts requires offerip to be specified.
904reg1[0] = put_dhcp_opts(x = 1.2.3.4, router = 10.0.0.1);
905 Syntax error at `x' expecting DHCPv4 option name.
906reg1[0] = put_dhcp_opts(router = 10.0.0.1);
907 put_dhcp_opts requires offerip to be specified.
908reg1[0] = put_dhcp_opts(offerip=1.2.3.4, "hi");
909 Syntax error at `"hi"'.
910reg1[0] = put_dhcp_opts(offerip=1.2.3.4, xyzzy);
911 Syntax error at `xyzzy' expecting DHCPv4 option name.
912reg1[0] = put_dhcp_opts(offerip="xyzzy");
913 DHCPv4 option offerip requires numeric value.
914reg1[0] = put_dhcp_opts(offerip=1.2.3.4, domain=1.2.3.4);
915 DHCPv4 option domain requires string value.
42814145 916
f8a8db39 917# nd_na
d5a76da4
BP		 918nd_na { eth.src = 12:34:56:78:9a:bc; nd.tll = 12:34:56:78:9a:bc; outport = inport; inport = ""; /* Allow sending out inport. */ output; };
919 formats as nd_na { eth.src = 12:34:56:78:9a:bc; nd.tll = 12:34:56:78:9a:bc; outport = inport; inport = ""; output; };
920 encodes as controller(userdata=00.00.00.03.00.00.00.00.00.19.00.10.80.00.08.06.12.34.56.78.9a.bc.00.00.00.19.00.10.80.00.42.06.12.34.56.78.9a.bc.00.00.ff.ff.00.18.00.00.23.20.00.06.00.20.00.00.00.00.00.01.1c.04.00.01.1e.04.00.19.00.10.00.01.1c.04.00.00.00.00.00.00.00.00.ff.ff.00.10.00.00.23.20.00.0e.ff.f8.40.00.00.00)
921 has prereqs nd_ns
e75451fe 922
c34a87b6 923# get_nd
d5a76da4
BP		 924get_nd(outport, ip6.dst);
925 encodes as push:NXM_NX_XXREG0[],push:NXM_NX_IPV6_DST[],pop:NXM_NX_XXREG0[],set_field:00:00:00:00:00:00->eth_dst,resubmit(,65),pop:NXM_NX_XXREG0[]
926 has prereqs eth.type == 0x86dd
927get_nd(inport, xxreg0);
928 encodes as push:NXM_NX_REG15[],push:NXM_NX_REG14[],pop:NXM_NX_REG15[],set_field:00:00:00:00:00:00->eth_dst,resubmit(,65),pop:NXM_NX_REG15[]
929get_nd;
930 Syntax error at `;' expecting `('.
931get_nd();
932 Syntax error at `)' expecting field name.
933get_nd(inport);
934 Syntax error at `)' expecting `,'.
935get_nd(inport ip6.dst);
936 Syntax error at `ip6.dst' expecting `,'.
937get_nd(inport, ip6.dst;
938 Syntax error at `;' expecting `)'.
939get_nd(inport, eth.dst);
940 Cannot use 48-bit field eth.dst[0..47] where 128-bit field is required.
941get_nd(inport, outport);
942 Cannot use string field outport where numeric field is required.
943get_nd(xxreg0, ip6.dst);
944 Cannot use numeric field xxreg0 where string field is required.
c34a87b6
JP		 945
946# put_nd
d5a76da4
BP		 947put_nd(inport, nd.target, nd.sll);
948 encodes as push:NXM_NX_XXREG0[],push:NXM_OF_ETH_SRC[],push:NXM_NX_ND_SLL[],push:NXM_NX_ND_TARGET[],pop:NXM_NX_XXREG0[],pop:NXM_OF_ETH_SRC[],controller(userdata=00.00.00.04.00.00.00.00),pop:NXM_OF_ETH_SRC[],pop:NXM_NX_XXREG0[]
949 has prereqs ((icmp6.type == 0x87 && eth.type == 0x86dd && ip.proto == 0x3a && (eth.type == 0x800 || eth.type == 0x86dd)) || (icmp6.type == 0x88 && eth.type == 0x86dd && ip.proto == 0x3a && (eth.type == 0x800 || eth.type == 0x86dd))) && icmp6.code == 0 && eth.type == 0x86dd && ip.proto == 0x3a && (eth.type == 0x800 || eth.type == 0x86dd) && ip.ttl == 0xff && (eth.type == 0x800 || eth.type == 0x86dd) && icmp6.type == 0x87 && eth.type == 0x86dd && ip.proto == 0x3a && (eth.type == 0x800 || eth.type == 0x86dd) && icmp6.code == 0 && eth.type == 0x86dd && ip.proto == 0x3a && (eth.type == 0x800 || eth.type == 0x86dd) && ip.ttl == 0xff && (eth.type == 0x800 || eth.type == 0x86dd)
c34a87b6 950
01cfdb2f 951# put_dhcpv6_opts
d5a76da4 952reg1[0] = put_dhcpv6_opts(ia_addr = ae70::4, server_id = 00:00:00:00:10:02);
a55dacac 953 encodes as controller(userdata=00.00.00.05.00.00.00.00.00.01.de.10.00.00.00.40.00.05.00.10.ae.70.00.00.00.00.00.00.00.00.00.00.00.00.00.04.00.02.00.06.00.00.00.00.10.02,pause)
d5a76da4
BP		 954reg1[0] = put_dhcpv6_opts();
955 encodes as controller(userdata=00.00.00.05.00.00.00.00.00.01.de.10.00.00.00.40,pause)
956reg1[0] = put_dhcpv6_opts(dns_server={ae70::1,ae70::2});
957 formats as reg1[0] = put_dhcpv6_opts(dns_server = {ae70::1, ae70::2});
a55dacac 958 encodes as controller(userdata=00.00.00.05.00.00.00.00.00.01.de.10.00.00.00.40.00.17.00.20.ae.70.00.00.00.00.00.00.00.00.00.00.00.00.00.01.ae.70.00.00.00.00.00.00.00.00.00.00.00.00.00.02,pause)
40df4566
ZKL		 959reg1[0] = put_dhcpv6_opts(server_id=12:34:56:78:9a:bc, dns_server={ae70::1,ae89::2});
960 formats as reg1[0] = put_dhcpv6_opts(server_id = 12:34:56:78:9a:bc, dns_server = {ae70::1, ae89::2});
a55dacac 961 encodes as controller(userdata=00.00.00.05.00.00.00.00.00.01.de.10.00.00.00.40.00.02.00.06.12.34.56.78.9a.bc.00.17.00.20.ae.70.00.00.00.00.00.00.00.00.00.00.00.00.00.01.ae.89.00.00.00.00.00.00.00.00.00.00.00.00.00.02,pause)
d5a76da4 962reg1[0] = put_dhcpv6_opts(domain_search = "ovn.org");
a55dacac 963 encodes as controller(userdata=00.00.00.05.00.00.00.00.00.01.de.10.00.00.00.40.00.18.00.07.6f.76.6e.2e.6f.72.67,pause)
d5a76da4
BP		 964reg1[0] = put_dhcpv6_opts(x = 1.2.3.4);
965 Syntax error at `x' expecting DHCPv6 option name.
966reg1[0] = put_dhcpv6_opts(ia_addr=ae70::4, "hi");
967 Syntax error at `"hi"'.
968reg1[0] = put_dhcpv6_opts(ia_addr=ae70::4, xyzzy);
969 Syntax error at `xyzzy' expecting DHCPv6 option name.
970reg1[0] = put_dhcpv6_opts(ia_addr="ae70::4");
971 DHCPv6 option ia_addr requires numeric value.
972reg1[0] = put_dhcpv6_opts(ia_addr=ae70::4, domain_search=ae70::1);
973 DHCPv6 option domain_search requires string value.
01cfdb2f 974
a6095f81
BS		 975# set_queue
976set_queue(0);
977 encodes as set_queue:0
978set_queue(61440);
979 encodes as set_queue:61440
980set_queue(65535);
981 Queue ID 65535 for set_queue is not in valid range 0 to 61440.
982
5f822129 983# Contradictionary prerequisites (allowed but not useful):
d5a76da4
BP		 984ip4.src = ip6.src[0..31];
985 encodes as move:NXM_NX_IPV6_SRC[0..31]->NXM_OF_IP_SRC[]
986 has prereqs eth.type == 0x800 && eth.type == 0x86dd
987ip4.src <-> ip6.src[0..31];
988 encodes as push:NXM_NX_IPV6_SRC[0..31],push:NXM_OF_IP_SRC[],pop:NXM_NX_IPV6_SRC[0..31],pop:NXM_OF_IP_SRC[]
989 has prereqs eth.type == 0x800 && eth.type == 0x86dd
990
991# Miscellaneous negative tests.
992;
993 Syntax error at `;'.
994xyzzy;
995 Syntax error at `xyzzy' expecting action.
996next; 123;
997 Syntax error at `123'.
998next; xyzzy;
999 Syntax error at `xyzzy' expecting action.
1000next
9aef3c1b 1001 Syntax error at end of input expecting `;'.
3b7cb7e1 1002]])
d5a76da4
BP		 1003sed '/^[[ ]]/d' test-cases.txt > input.txt
1004cp test-cases.txt expout
3b7cb7e1
BP		 1005AT_CHECK([ovstest test-ovn parse-actions < input.txt], [0], [expout])
1006AT_CLEANUP
f295c17b
BP		 1007
1008AT_BANNER([OVN end-to-end tests])
1009
9975d7be
BP		 1010# 3 hypervisors, one logical switch, 3 logical ports per hypervisor
1011AT_SETUP([ovn -- 3 HVs, 1 LS, 3 lports/HV])
57d143eb 1012AT_KEYWORDS([ovnarp])
f295c17b
BP		 1013AT_SKIP_IF([test $HAVE_PYTHON = no])
1014ovn_start
1015
1016# Create hypervisors hv[123].
9975d7be 1017# Add vif1[123] to hv1, vif2[123] to hv2, vif3[123] to hv3.
f295c17b
BP		 1018# Add all of the vifs to a single logical switch lsw0.
1019# Turn on port security on all the vifs except vif[123]1.
1020# Make vif13, vif2[23], vif3[123] destinations for unknown MACs.
1021# Add some ACLs for Ethertypes 1234, 1235, 1236.
ea46a4e9 1022ovn-nbctl ls-add lsw0
f295c17b
BP		 1023net_add n1
1024for i in 1 2 3; do
1025 sim_add hv$i
1026 as hv$i
1027 ovs-vsctl add-br br-phys
1028 ovn_attach n1 br-phys 192.168.0.$i
1029
1030 for j in 1 2 3; do
1031 ovs-vsctl add-port br-int vif$i$j -- set Interface vif$i$j external-ids:iface-id=lp$i$j options:tx_pcap=hv$i/vif$i$j-tx.pcap options:rxq_pcap=hv$i/vif$i$j-rx.pcap ofport-request=$i$j
31ed1192 1032 ovn-nbctl lsp-add lsw0 lp$i$j
4d5c43d5 1033 if test $j = 1; then
31ed1192 1034 ovn-nbctl lsp-set-addresses lp$i$j "f0:00:00:00:00:$i$j 192.168.0.$i$j" unknown
f295c17b 1035 else
7dc88496
NS		 1036 if test $j = 3; then
1037 ip_addrs="192.168.0.$i$j fe80::ea2a:eaff:fe28:$i$j/64 192.169.0.$i$j"
1038 else
1039 ip_addrs="192.168.0.$i$j"
1040 fi
31ed1192
JP		 1041 ovn-nbctl lsp-set-addresses lp$i$j "f0:00:00:00:00:$i$j $ip_addrs"
1042 ovn-nbctl lsp-set-port-security lp$i$j f0:00:00:00:00:$i$j
f295c17b
BP		 1043 fi
1044 done
1045done
1046ovn-nbctl acl-add lsw0 from-lport 1000 'eth.type == 0x1234' drop
1047ovn-nbctl acl-add lsw0 from-lport 1000 'eth.type == 0x1235 && inport == "lp11"' drop
1048ovn-nbctl acl-add lsw0 to-lport 1000 'eth.type == 0x1236 && outport == "lp33"' drop
ea382567
RB		 1049ovn-nbctl create Address_Set name=set1 addresses=\"f0:00:00:00:00:11\",\"f0:00:00:00:00:21\",\"f0:00:00:00:00:31\"
1050ovn-nbctl acl-add lsw0 to-lport 1000 'eth.type == 0x1237 && eth.src == $set1 && outport == "lp33"' drop
f295c17b
BP		 1051
1052# Pre-populate the hypervisors' ARP tables so that we don't lose any
1053# packets for ARP resolution (native tunneling doesn't queue packets
1054# for ARP resolution).
1055ovn_populate_arp
1056
1057# Allow some time for ovn-northd and ovn-controller to catch up.
1058# XXX This should be more systematic.
1059sleep 1
611099dc 1060
fc6f9978
HZ		 1061# Make sure there is no attempt to adding duplicated flows by ovn-controller
1062AT_FAIL_IF([test -n "`grep duplicate hv1/ovn-controller.log`"])
1063AT_FAIL_IF([test -n "`grep duplicate hv2/ovn-controller.log`"])
1064AT_FAIL_IF([test -n "`grep duplicate hv3/ovn-controller.log`"])
1065
57d143eb
HZ		 1066# Given the name of a logical port, prints the name of the hypervisor
1067# on which it is located.
1068vif_to_hv() {
1069 echo hv${1%?}
1070}
1071
f295c17b
BP		 1072# test_packet INPORT DST SRC ETHTYPE OUTPORT...
1073#
1074# This shell function causes a packet to be received on INPORT. The packet's
1075# content has Ethernet destination DST and source SRC (each exactly 12 hex
1076# digits) and Ethernet type ETHTYPE (4 hex digits). The OUTPORTs (zero or
1077# more) list the VIFs on which the packet should be received. INPORT and the
31ed1192 1078# OUTPORTs are specified as logical switch port numbers, e.g. 11 for vif11.
f295c17b
BP		 1079for i in 1 2 3; do
1080 for j in 1 2 3; do
1081 : > $i$j.expected
1082 done
1083done
1084test_packet() {
1085 local inport=$1 packet=$2$3$4; shift; shift; shift; shift
57d143eb 1086 hv=`vif_to_hv $inport`
f295c17b
BP		 1087 vif=vif$inport
1088 as $hv ovs-appctl netdev-dummy/receive $vif $packet
1089 for outport; do
e4543cfe 1090 echo $packet >> $outport.expected
f295c17b
BP		 1091 done
1092}
1093
57d143eb
HZ		 1094# test_arp INPORT SHA SPA TPA [REPLY_HA]
1095#
1096# Causes a packet to be received on INPORT. The packet is an ARP
1097# request with SHA, SPA, and TPA as specified. If REPLY_HA is provided, then
1098# it should be the hardware address of the target to expect to receive in an
1099# ARP reply; otherwise no reply is expected.
1100#
31ed1192 1101# INPORT is an logical switch port number, e.g. 11 for vif11.
57d143eb
HZ		 1102# SHA and REPLY_HA are each 12 hex digits.
1103# SPA and TPA are each 8 hex digits.
1104test_arp() {
1105 local inport=$1 sha=$2 spa=$3 tpa=$4 reply_ha=$5
1106 local request=ffffffffffff${sha}08060001080006040001${sha}${spa}ffffffffffff${tpa}
1107 hv=`vif_to_hv $inport`
1108 as $hv ovs-appctl netdev-dummy/receive vif$inport $request
1109
92f9822b 1110 if test X$reply_ha = X; then
57d143eb
HZ		 1111 # Expect to receive the broadcast ARP on the other logical switch ports
1112 # if no reply is expected.
1113 local i j
1114 for i in 1 2 3; do
1115 for j in 1 2 3; do
1116 if test $i$j != $inport; then
1117 echo $request >> $i$j.expected
1118 fi
1119 done
1120 done
1121 else
1122 # Expect to receive the reply, if any.
1123 local reply=${sha}${reply_ha}08060001080006040002${reply_ha}${tpa}${sha}${spa}
1124 echo $reply >> $inport.expected
1125 fi
1126}
1127
1128ip_to_hex() {
1129 printf "%02x%02x%02x%02x" "$@"
1130}
1131
f295c17b
BP		 1132# Send packets between all pairs of source and destination ports:
1133#
31ed1192
JP		 1134# 1. Unicast packets are delivered to exactly one logical switch port
1135# (except that packets destined to their input ports are dropped).
f295c17b 1136#
31ed1192
JP		 1137# 2. Broadcast and multicast are delivered to all logical switch ports
1138# except the input port.
f295c17b 1139#
ea46a4e9 1140# 3. When port security is turned on, the switch drops packets from the wrong
f295c17b
BP		 1141# MAC address.
1142#
ea46a4e9 1143# 4. The switch drops all packets with a VLAN tag.
f295c17b 1144#
ea46a4e9 1145# 5. The switch drops all packets with a multicast source address. (This only
f295c17b
BP		 1146# affects behavior when port security is turned off, since otherwise port
1147# security would drop the packet anyway.)
1148#
ea46a4e9 1149# 6. The switch delivers packets with an unknown destination to logical
31ed1192
JP		 1150# switch ports with "unknown" among their MAC addresses (and port
1151# security disabled).
f295c17b 1152#
ea46a4e9 1153# 7. The switch drops unicast packets that violate an ACL.
f295c17b 1154#
ea46a4e9 1155# 8. The switch drops multicast and broadcast packets that violate an ACL.
57d143eb 1156#
9fcb6a18
BP		 1157# 9. OVN generates responses to ARP requests for known IPs, except for
1158# requests from a port for the port's own IP.
57d143eb
HZ		 1159#
1160# 10. No response to ARP requests for unknown IPs.
4acd1e87 1161
f295c17b
BP		 1162for is in 1 2 3; do
1163 for js in 1 2 3; do
1164 s=$is$js
1165 bcast=
4d5c43d5
JP		 1166 unknown=
1167 bacl2=
1168 bacl3=
f295c17b
BP		 1169 for id in 1 2 3; do
1170 for jd in 1 2 3; do
1171 d=$id$jd
1172
1173 if test $d != $s; then unicast=$d; else unicast=; fi
1174 test_packet $s f000000000$d f000000000$s $s$d $unicast #1
1175
1176 if test $d != $s && test $js = 1; then
4d5c43d5
JP		 1177 impersonate=$d
1178 else
1179 impersonate=
1180 fi
f295c17b
BP		 1181 test_packet $s f000000000$d f00000000055 55$d $impersonate #3
1182
4d5c43d5
JP		 1183 if test $d != $s && test $s != 11; then acl2=$d; else acl2=; fi
1184 if test $d != $s && test $d != 33; then acl3=$d; else acl3=; fi
e137131a 1185 if test $d = $s || (test $js = 1 && test $d = 33); then
ea382567
RB		 1186 # Source of 11, 21, or 31 and dest of 33 should be dropped
1187 # due to the 4th ACL that uses address_set(set1).
1188 acl4=
1189 else
1190 acl4=$d
1191 fi
f295c17b
BP		 1192 test_packet $s f000000000$d f000000000$s 1234 #7, acl1
1193 test_packet $s f000000000$d f000000000$s 1235 $acl2 #7, acl2
1194 test_packet $s f000000000$d f000000000$s 1236 $acl3 #7, acl3
ea382567 1195 test_packet $s f000000000$d f000000000$s 1237 $acl4 #7, acl4
f295c17b
BP		 1196
1197 test_packet $s f000000000$d f00000000055 810000091234 #4
1198 test_packet $s f000000000$d 0100000000$s $s$d #5
1199
4d5c43d5
JP		 1200 if test $d != $s && test $jd = 1; then
1201 unknown="$unknown $d"
1202 fi
f295c17b
BP		 1203 bcast="$bcast $unicast"
1204 bacl2="$bacl2 $acl2"
1205 bacl3="$bacl3 $acl3"
57d143eb
HZ		 1206
1207 sip=`ip_to_hex 192 168 0 $i$j`
1208 tip=`ip_to_hex 192 168 0 $id$jd`
1209 tip_unknown=`ip_to_hex 11 11 11 11`
9fcb6a18
BP		 1210 if test $d != $s; then
1211 reply_ha=f000000000$d
1212 else
1213 reply_ha=
1214 fi
1215 test_arp $s f000000000$s $sip $tip $reply_ha #9
57d143eb 1216 test_arp $s f000000000$s $sip $tip_unknown #10
7dc88496
NS		 1217
1218 if test $jd = 3; then
31ed1192 1219 # lsp[123]3 has an additional ip 192.169.0.[123]3.
7dc88496 1220 tip=`ip_to_hex 192 169 0 $id$jd`
9fcb6a18 1221 test_arp $s f000000000$s $sip $tip $reply_ha #9
7dc88496 1222 fi
f295c17b
BP		 1223 done
1224 done
1225
4d5c43d5 1226 # Broadcast and multicast.
f295c17b
BP		 1227 test_packet $s ffffffffffff f000000000$s ${s}ff $bcast #2
1228 test_packet $s 010000000000 f000000000$s ${s}ff $bcast #2
4d5c43d5 1229 if test $js = 1; then
f295c17b
BP		 1230 bcast_impersonate=$bcast
1231 else
4d5c43d5
JP		 1232 bcast_impersonate=
1233 fi
f295c17b
BP		 1234 test_packet $s 010000000000 f00000000044 44ff $bcast_impersonate #3
1235
1236 test_packet $s f0000000ffff f000000000$s ${s}66 $unknown #6
1237
1238 test_packet $s ffffffffffff f000000000$s 1234 #8, acl1
1239 test_packet $s ffffffffffff f000000000$s 1235 $bacl2 #8, acl2
1240 test_packet $s ffffffffffff f000000000$s 1236 $bacl3 #8, acl3
1241 test_packet $s 010000000000 f000000000$s 1234 #8, acl1
1242 test_packet $s 010000000000 f000000000$s 1235 $bacl2 #8, acl2
1243 test_packet $s 010000000000 f000000000$s 1236 $bacl3 #8, acl3
1244 done
1245done
1246
7dc88496
NS		 1247# set address for lp13 with invalid characters.
1248# lp13 should be configured with only 192.168.0.13.
31ed1192 1249ovn-nbctl lsp-set-addresses lp13 "f0:00:00:00:00:13 192.168.0.13 invalid 192.169.0.13"
3b8cd0ea
BP		 1250
1251# Allow some time for ovn-northd and ovn-controller to catch up.
1252# XXX This should be more systematic.
1253sleep 1
1254
7dc88496
NS		 1255sip=`ip_to_hex 192 168 0 11`
1256tip=`ip_to_hex 192 168 0 13`
1257test_arp 11 f00000000011 $sip $tip f00000000013
1258
1259tip=`ip_to_hex 192 169 0 13`
1260#arp request for 192.169.0.13 should be flooded
1261test_arp 11 f00000000011 $sip $tip
1262
91125642 1263# dump information and flows with counters
bb0c41d3
RM		 1264ovn-sbctl dump-flows -- list multicast_group
1265
1266echo "------ hv1 dump ------"
1267as hv1 ovs-vsctl show
1268as hv1 ovs-ofctl -O OpenFlow13 dump-flows br-int
1269
1270echo "------ hv2 dump ------"
1271as hv2 ovs-vsctl show
1272as hv2 ovs-ofctl -O OpenFlow13 dump-flows br-int
1273
1274echo "------ hv3 dump ------"
1275as hv3 ovs-vsctl show
1276as hv3 ovs-ofctl -O OpenFlow13 dump-flows br-int
49d7c759 1277
f295c17b
BP		 1278# Now check the packets actually received against the ones expected.
1279for i in 1 2 3; do
1280 for j in 1 2 3; do
49d7c759 1281 OVN_CHECK_PACKETS([hv$i/vif$i$j-tx.pcap], [$i$j.expected])
f295c17b
BP		 1282 done
1283done
fcde56f5 1284
7a8f15e0 1285OVN_CLEANUP([hv1],[hv2],[hv3])
d9c8c57c 1286
f295c17b 1287AT_CLEANUP
eb6b08eb 1288
4acd1e87
BP		 1289AT_SETUP([ovn -- trace 1 LS, 3 LSPs])
1290AT_SKIP_IF([test $HAVE_PYTHON = no])
1291ovn_start
1292
1293# Create a logical switch and some logical ports.
1294# Turn on port security on all lports except ls1.
1295# Make ls1 a destination for unknown MACs.
1296# Add some ACLs for Ethertypes 1234, 1235, 1236.
1297ovn-nbctl ls-add lsw0
1298ovn-sbctl chassis-add hv0 geneve 127.0.0.1
1299for i in 1 2 3; do
1300 ovn-nbctl lsp-add lsw0 lp$i
7979c444
BP		 1301done
1302ovn-nbctl --wait=sb sync
1303for i in 1 2 3; do
4acd1e87
BP		 1304 ovn-sbctl lsp-bind lp$i hv0
1305 if test $i = 1; then
abb37b6b 1306 ovn-nbctl lsp-set-addresses lp$i "f0:00:00:00:00:0$i 192.168.0.$i" unknown
4acd1e87 1307 else
abb37b6b
FF		 1308 if test $i = 3; then
1309 ip_addrs="192.168.0.$i fe80::ea2a:eaff:fe28:$i/64 192.169.0.$i"
1310 else
1311 ip_addrs="192.168.0.$i"
1312 fi
1313 ovn-nbctl lsp-set-addresses lp$i "f0:00:00:00:00:$i $ip_addrs"
1314 ovn-nbctl lsp-set-port-security lp$i f0:00:00:00:00:$i
4acd1e87
BP		 1315 fi
1316done
1317ovn-nbctl acl-add lsw0 from-lport 1000 'eth.type == 0x1234' drop
1318ovn-nbctl acl-add lsw0 from-lport 1000 'eth.type == 0x1235 && inport == "lp1"' drop
1319ovn-nbctl acl-add lsw0 to-lport 1000 'eth.type == 0x1236 && outport == "lp3"' drop
1320ovn-nbctl create Address_Set name=set1 addresses=\"f0:00:00:00:00:01\",\"f0:00:00:00:00:02\"
1321ovn-nbctl acl-add lsw0 to-lport 1000 'eth.type == 0x1237 && eth.src == $set1 && outport == "lp3"' drop
1322
1323ovn-nbctl --wait=sb sync
1324on_exit 'kill `cat ovn-trace.pid`'
1325ovn-trace --detach --pidfile --no-chdir
1326
1327# test_packet INPORT DST SRC [-vlan] [-eth TYPE] OUTPORT...
1328#
1329# This shell function causes a packet to be received on INPORT. The packet's
1330# content has Ethernet destination DST and source SRC (each exactly 12 hex
1331# digits) and Ethernet type ETHTYPE (4 hex digits). The OUTPORTs (zero or
1332# more) list the VIFs on which the packet should be received. INPORT and the
1333# OUTPORTs are specified as logical switch port numbers, e.g. 11 for vif11.
1334test_packet() {
1335 local inport=$1 eth_dst=$2 eth_src=$3; shift; shift; shift
1336 uflow="inport==\"lp$inport\" && eth.dst==$eth_dst && eth.src==$eth_src"
1337 while :; do
abb37b6b
FF		 1338 case $1 in # (
1339 -vlan) uflow="$uflow && vlan.vid == 1234"; shift ;; # (
1340 -eth) uflow="$uflow && eth.type == 0x$2"; shift; shift ;; # (
1341 *) break ;;
1342 esac
4acd1e87
BP		 1343 done
1344 for outport; do
abb37b6b 1345 echo "output(\"lp$outport\");"
4acd1e87
BP		 1346 done > expout
1347
1348 AT_CAPTURE_FILE([trace])
1349 AT_CHECK([ovs-appctl -t ovn-trace trace --all lsw0 "$uflow" | tee trace | sed '1,/Minimal trace/d'], [0], [expout])
1350}
1351
1352# test_arp INPORT SHA SPA TPA [REPLY_HA]
1353#
1354# Causes a packet to be received on INPORT. The packet is an ARP
1355# request with SHA, SPA, and TPA as specified. If REPLY_HA is provided, then
1356# it should be the hardware address of the target to expect to receive in an
1357# ARP reply; otherwise no reply is expected.
1358#
1359# INPORT is an logical switch port number, e.g. 11 for vif11.
1360# SHA and REPLY_HA are each 12 hex digits.
1361# SPA and TPA are each 8 hex digits.
1362test_arp() {
1363 local inport=$1 sha=$2 spa=$3 tpa=$4 reply_ha=$5
1364
1365 local request="inport == \"lp$inport\"
1366 && eth.dst == ff:ff:ff:ff:ff:ff && eth.src == $sha
1367 && arp.op == 1 && arp.sha == $sha && arp.spa == $spa
abb37b6b 1368 && arp.tha == ff:ff:ff:ff:ff:ff && arp.tpa == $tpa"
4acd1e87
BP		 1369
1370 if test -z "$reply_ha"; then
1371 reply=
abb37b6b
FF		 1372 local i
1373 for i in 1 2 3; do
1374 if test $i != $inport; then
1375 reply="${reply}output(\"lp$i\");
4acd1e87 1376"
abb37b6b
FF		 1377 fi
1378 done
4acd1e87
BP		 1379 else
1380 reply="\
1381eth.dst = $sha;
1382eth.src = $reply_ha;
1383arp.op = 2;
1384arp.tha = $sha;
1385arp.sha = $reply_ha;
1386arp.tpa = $spa;
1387arp.spa = $tpa;
1388output(\"lp$inport\");
1389"
1390 fi
1391
1392 AT_CAPTURE_FILE([trace])
1393 AT_CHECK_UNQUOTED([ovs-appctl -t ovn-trace trace --all lsw0 "$request" | tee trace | sed '1,/Minimal trace/d'], [0], [$reply])
1394}
1395
1396# Send packets between all pairs of source and destination ports:
1397#
1398# 1. Unicast packets are delivered to exactly one logical switch port
1399# (except that packets destined to their input ports are dropped).
1400#
1401# 2. Broadcast and multicast are delivered to all logical switch ports
1402# except the input port.
1403#
1404# 3. When port security is turned on, the switch drops packets from the wrong
1405# MAC address.
1406#
1407# 4. The switch drops all packets with a VLAN tag.
1408#
1409# 5. The switch drops all packets with a multicast source address. (This only
1410# affects behavior when port security is turned off, since otherwise port
1411# security would drop the packet anyway.)
1412#
1413# 6. The switch delivers packets with an unknown destination to logical
1414# switch ports with "unknown" among their MAC addresses (and port
1415# security disabled).
1416#
1417# 7. The switch drops unicast packets that violate an ACL.
1418#
1419# 8. The switch drops multicast and broadcast packets that violate an ACL.
1420#
9fcb6a18
BP		 1421# 9. OVN generates responses to ARP requests for known IPs, except for
1422# requests from a port for the port's own IP.
4acd1e87
BP		 1423#
1424# 10. No response to ARP requests for unknown IPs.
1425
1426for s in 1 2 3; do
1427 bcast=
1428 unknown=
1429 bacl2=
1430 bacl3=
1431 for d in 1 2 3; do
abb37b6b
FF		 1432 echo
1433 echo "lp$s -> lp$d"
1434 if test $d != $s; then unicast=$d; else unicast=; fi
1435 test_packet $s f0:00:00:00:00:0$d f0:00:00:00:00:0$s $unicast #1
1436
1437 if test $d != $s && test $s = 1; then
1438 impersonate=$d
1439 else
1440 impersonate=
1441 fi
1442 test_packet $s f0:00:00:00:00:0$d f0:00:00:00:00:55 $impersonate #3
1443
1444 if test $d != $s && test $s != 1; then acl2=$d; else acl2=; fi
1445 if test $d != $s && test $d != 3; then acl3=$d; else acl3=; fi
1446 if test $d = $s || ( (test $s = 1 || test $s = 2) && test $d = 3); then
1447 # Source of 1 or 2 and dest of 3 should be dropped
1448 # due to the 4th ACL that uses address_set(set1).
1449 acl4=
1450 else
1451 acl4=$d
1452 fi
1453
1454 #7, acl1 to acl4:
1455 test_packet $s f0:00:00:00:00:0$d f0:00:00:00:00:0$s -eth 1234
1456 test_packet $s f0:00:00:00:00:0$d f0:00:00:00:00:0$s -eth 1235 $acl2
1457 test_packet $s f0:00:00:00:00:0$d f0:00:00:00:00:0$s -eth 1236 $acl3
1458 test_packet $s f0:00:00:00:00:0$d f0:00:00:00:00:0$s -eth 1237 $acl4
1459
1460 test_packet $s f0:00:00:00:00:0$d f0:00:00:00:00:55 -vlan #4
1461 test_packet $s f0:00:00:00:00:0$d 01:00:00:00:00:0$s #5
1462
1463 if test $d != $s && test $d = 1; then
1464 unknown="$unknown $d"
1465 fi
1466 bcast="$bcast $unicast"
1467 bacl2="$bacl2 $acl2"
1468 bacl3="$bacl3 $acl3"
1469
1470 sip=192.168.0.$s
1471 tip=192.168.0.$d
1472 tip_unknown=11.11.11.11
9fcb6a18
BP		 1473 if test $d != $s; then reply_ha=f0:00:00:00:00:0$d; else reply_ha=; fi
1474 test_arp $s f0:00:00:00:00:0$s $sip $tip $reply_ha #9
abb37b6b
FF		 1475 test_arp $s f0:00:00:00:00:0$s $sip $tip_unknown #10
1476
1477 if test $d = 3; then
1478 # lp3 has an additional ip 192.169.0.[123]3.
1479 tip=192.169.0.$d
9fcb6a18 1480 test_arp $s f0:00:00:00:00:0$s $sip $tip $reply_ha #9
abb37b6b 1481 fi
4acd1e87
BP		 1482 done
1483
1484 # Broadcast and multicast.
1485 test_packet $s ff:ff:ff:ff:ff:ff f0:00:00:00:00:0$s $bcast #2
1486 test_packet $s 01:00:00:00:00:00 f0:00:00:00:00:0$s $bcast #2
1487 if test $s = 1; then
abb37b6b 1488 bcast_impersonate=$bcast
4acd1e87 1489 else
abb37b6b 1490 bcast_impersonate=
4acd1e87
BP		 1491 fi
1492 test_packet $s 01:00:00:00:00:00 f0:00:00:00:00:44 $bcast_impersonate #3
1493
1494 test_packet $s f0:00:00:00:ff:ff f0:00:00:00:00:0$s $unknown #6
1495
1496 #8, acl1 to acl3:
1497 test_packet $s ff:ff:ff:ff:ff:ff f0:00:00:00:00:0$s -eth 1234
1498 test_packet $s ff:ff:ff:ff:ff:ff f0:00:00:00:00:0$s -eth 1235 $bacl2
1499 test_packet $s ff:ff:ff:ff:ff:ff f0:00:00:00:00:0$s -eth 1236 $bacl3
1500
1501 #8, acl1 to acl3:
1502 test_packet $s 01:00:00:00:00:00 f0:00:00:00:00:0$s -eth 1234
1503 test_packet $s 01:00:00:00:00:00 f0:00:00:00:00:0$s -eth 1235 $bacl2
1504 test_packet $s 01:00:00:00:00:00 f0:00:00:00:00:0$s -eth 1236 $bacl3
1505done
1506
1507AT_CLEANUP
1508
7277bc83
RB		 1509# 2 hypervisors, 4 logical ports per HV
1510# 2 locally attached networks (one flat, one vlan tagged over same device)
1511# 2 ports per HV on each network
e90aeb57 1512AT_SETUP([ovn -- 2 HVs, 4 lports/HV, localnet ports])
d79fc5f4
RB		 1513AT_SKIP_IF([test $HAVE_PYTHON = no])
1514ovn_start
1515
ea46a4e9
JP		 1516# In this test cases we create 3 switches, all connected to same
1517# physical network (through br-phys on each HV). Each switch has
0ee7f7f1
HZ		 1518# VIF ports across 2 HVs. Each HV has 5 VIF ports. The first digit
1519# of VIF port name indicates the hypervisor it is bound to, e.g.
1520# lp23 means VIF 3 on hv2.
1521#
ea46a4e9 1522# Each switch's VLAN tag and their logical switch ports are:
0ee7f7f1
HZ		 1523# - ls1:
1524# - untagged
ea46a4e9 1525# - ports: lp11, lp12, lp21, lp22
0ee7f7f1
HZ		 1526#
1527# - ls2:
1528# - tagged with VLAN 101
ea46a4e9 1529# - ports: lp13, lp14, lp23, lp24
0ee7f7f1
HZ		 1530# - ls3:
1531# - untagged
ea46a4e9 1532# - ports: lp15, lp25
0ee7f7f1 1533#
ea46a4e9 1534# Note: a localnet port is created for each switch to connect to
0ee7f7f1
HZ		 1535# physical network.
1536
1537for i in 1 2 3; do
ea46a4e9
JP		 1538 ls_name=ls$i
1539 ovn-nbctl ls-add $ls_name
0ee7f7f1
HZ		 1540 ln_port_name=ln$i
1541 if test $i -eq 2; then
ea46a4e9 1542 ovn-nbctl lsp-add $ls_name $ln_port_name "" 101
0ee7f7f1 1543 else
ea46a4e9 1544 ovn-nbctl lsp-add $ls_name $ln_port_name
0ee7f7f1 1545 fi
31ed1192
JP		 1546 ovn-nbctl lsp-set-addresses $ln_port_name unknown
1547 ovn-nbctl lsp-set-type $ln_port_name localnet
1548 ovn-nbctl lsp-set-options $ln_port_name network_name=phys
0ee7f7f1 1549done
d79fc5f4 1550
69b72264
BP		 1551# lsp_to_ls LSP
1552#
1553# Prints the name of the logical switch that contains LSP.
1554lsp_to_ls () {
1555 case $1 in dnl (
1556 lp?[[12]]) echo ls1 ;; dnl (
1557 lp?[[34]]) echo ls2 ;; dnl (
1558 lp?5) echo ls3 ;; dnl (
1559 *) AT_FAIL_IF([:]) ;;
1560 esac
1561}
1562
d79fc5f4
RB		 1563net_add n1
1564for i in 1 2; do
1565 sim_add hv$i
1566 as hv$i
1567 ovs-vsctl add-br br-phys
1568 ovs-vsctl set open . external-ids:ovn-bridge-mappings=phys:br-phys
1569 ovn_attach n1 br-phys 192.168.0.$i
1570
0ee7f7f1 1571 for j in 1 2 3 4 5; do
d79fc5f4
RB		 1572 ovs-vsctl add-port br-int vif$i$j -- \
1573 set Interface vif$i$j external-ids:iface-id=lp$i$j \
1574 options:tx_pcap=hv$i/vif$i$j-tx.pcap \
1575 options:rxq_pcap=hv$i/vif$i$j-rx.pcap \
1576 ofport-request=$i$j
1577
31ed1192 1578 lsp_name=lp$i$j
69b72264 1579 ls_name=$(lsp_to_ls $lsp_name)
d79fc5f4 1580
ea46a4e9 1581 ovn-nbctl lsp-add $ls_name $lsp_name
31ed1192
JP		 1582 ovn-nbctl lsp-set-addresses $lsp_name f0:00:00:00:00:$i$j
1583 ovn-nbctl lsp-set-port-security $lsp_name f0:00:00:00:00:$i$j
d79fc5f4 1584
31ed1192 1585 OVS_WAIT_UNTIL([test x`ovn-nbctl lsp-get-up $lsp_name` = xup])
d79fc5f4
RB		 1586 done
1587done
69b72264
BP		 1588ovn-nbctl --wait=sb sync
1589ovn-sbctl dump-flows
d79fc5f4
RB		 1590
1591ovn_populate_arp
1592
1593# XXX This is now the 3rd copy of these functions in this file ...
1594
1595# Given the name of a logical port, prints the name of the hypervisor
1596# on which it is located.
1597vif_to_hv() {
1598 echo hv${1%?}
1599}
1600#
69b72264 1601# test_packet INPORT DST SRC ETHTYPE EOUT LOUT
d79fc5f4
RB		 1602#
1603# This shell function causes a packet to be received on INPORT. The packet's
1604# content has Ethernet destination DST and source SRC (each exactly 12 hex
69b72264
BP		 1605# digits) and Ethernet type ETHTYPE (4 hex digits). INPORT is specified as
1606# logical switch port numbers, e.g. 11 for vif11.
1607#
1608# EOUT is the end-to-end output port, that is, where the packet will end up
1609# after possibly bouncing through one or more localnet ports. LOUT is the
1610# logical output port, which might be a localnet port, as seen by ovn-trace
1611# (which doesn't know what localnet ports are connected to and therefore can't
1612# figure out the end-to-end answer).
d79fc5f4 1613for i in 1 2; do
0ee7f7f1 1614 for j in 1 2 3 4 5; do
d79fc5f4
RB		 1615 : > $i$j.expected
1616 done
1617done
1618test_packet() {
69b72264
BP		 1619 local inport=$1 dst=$2 src=$3 eth=$4 eout=$5 lout=$6
1620 echo "$@"
1621
1622 # First try tracing the packet.
1623 uflow="inport==\"lp$inport\" && eth.dst==$dst && eth.src==$src && eth.type==0x$eth"
1624 if test $lout != drop; then
1625 echo "output(\"$lout\");"
1626 fi > expout
1627 AT_CAPTURE_FILE([trace])
1628 AT_CHECK([ovn-trace --all $(lsp_to_ls lp$inport) "$uflow" | tee trace | sed '1,/Minimal trace/d'], [0], [expout])
1629
1630 # Then actually send a packet, for an end-to-end test.
1631 local packet=$(echo $dst$src | sed 's/://g')${eth}
d79fc5f4
RB		 1632 hv=`vif_to_hv $inport`
1633 vif=vif$inport
1634 as $hv ovs-appctl netdev-dummy/receive $vif $packet
69b72264
BP		 1635 if test $eout != drop; then
1636 echo $packet >> ${eout#lp}.expected
1637 fi
d79fc5f4
RB		 1638}
1639
7277bc83
RB		 1640# lp11 and lp21 are on the same network (phys, untagged)
1641# and on different hypervisors
69b72264
BP		 1642test_packet 11 f0:00:00:00:00:21 f0:00:00:00:00:11 1121 lp21 lp21
1643test_packet 21 f0:00:00:00:00:11 f0:00:00:00:00:21 2111 lp11 lp11
d79fc5f4 1644
7277bc83
RB		 1645# lp11 and lp12 are on the same network (phys, untagged)
1646# and on the same hypervisor
69b72264
BP		 1647test_packet 11 f0:00:00:00:00:12 f0:00:00:00:00:11 1112 lp12 lp12
1648test_packet 12 f0:00:00:00:00:11 f0:00:00:00:00:12 1211 lp11 lp11
7277bc83
RB		 1649
1650# lp13 and lp23 are on the same network (phys, VLAN 101)
1651# and on different hypervisors
69b72264
BP		 1652test_packet 13 f0:00:00:00:00:23 f0:00:00:00:00:13 1323 lp23 lp23
1653test_packet 23 f0:00:00:00:00:13 f0:00:00:00:00:23 2313 lp13 lp13
7277bc83
RB		 1654
1655# lp13 and lp14 are on the same network (phys, VLAN 101)
1656# and on the same hypervisor
69b72264
BP		 1657test_packet 13 f0:00:00:00:00:14 f0:00:00:00:00:13 1314 lp14 lp14
1658test_packet 14 f0:00:00:00:00:13 f0:00:00:00:00:14 1413 lp13 lp13
d79fc5f4 1659
0ee7f7f1 1660# lp11 and lp15 are on the same network (phys, untagged),
ea46a4e9 1661# same hypervisor, and on different switches
69b72264
BP		 1662test_packet 11 f0:00:00:00:00:15 f0:00:00:00:00:11 1115 lp15 ln1
1663test_packet 15 f0:00:00:00:00:11 f0:00:00:00:00:15 1511 lp11 ln3
0ee7f7f1
HZ		 1664
1665# lp11 and lp25 are on the same network (phys, untagged),
ea46a4e9 1666# different hypervisors, and on different switches
69b72264
BP		 1667test_packet 11 f0:00:00:00:00:25 f0:00:00:00:00:11 1125 lp25 ln1
1668test_packet 25 f0:00:00:00:00:11 f0:00:00:00:00:25 2511 lp11 ln3
0ee7f7f1 1669
d79fc5f4 1670# Ports that should not be able to communicate
69b72264
BP		 1671test_packet 11 f0:00:00:00:00:13 f0:00:00:00:00:11 1113 drop ln1
1672test_packet 11 f0:00:00:00:00:23 f0:00:00:00:00:11 1123 drop ln1
1673test_packet 21 f0:00:00:00:00:13 f0:00:00:00:00:21 2113 drop ln1
1674test_packet 21 f0:00:00:00:00:23 f0:00:00:00:00:21 2123 drop ln1
1675test_packet 13 f0:00:00:00:00:11 f0:00:00:00:00:13 1311 drop ln2
1676test_packet 13 f0:00:00:00:00:21 f0:00:00:00:00:13 1321 drop ln2
1677test_packet 23 f0:00:00:00:00:11 f0:00:00:00:00:23 2311 drop ln2
1678test_packet 23 f0:00:00:00:00:21 f0:00:00:00:00:23 2321 drop ln2
d79fc5f4 1679
d79fc5f4
RB		 1680# Dump a bunch of info helpful for debugging if there's a failure.
1681
1682echo "------ OVN dump ------"
1683ovn-nbctl show
1684ovn-sbctl show
1685
1686echo "------ hv1 dump ------"
1687as hv1 ovs-vsctl show
1688as hv1 ovs-ofctl -O OpenFlow13 dump-flows br-int
1689
1690echo "------ hv2 dump ------"
1691as hv2 ovs-vsctl show
1692as hv2 ovs-ofctl -O OpenFlow13 dump-flows br-int
1693
1694# Now check the packets actually received against the ones expected.
1695for i in 1 2; do
0ee7f7f1 1696 for j in 1 2 3 4 5; do
49d7c759 1697 OVN_CHECK_PACKETS([hv$i/vif$i$j-tx.pcap], [$i$j.expected])
d79fc5f4
RB		 1698 done
1699done
1700
7a8f15e0 1701OVN_CLEANUP([hv1],[hv2])
d9c8c57c 1702
d79fc5f4
RB		 1703AT_CLEANUP
1704
91125642
FF		 1705AT_SETUP([ovn -- vtep: 3 HVs, 1 VIFs/HV, 1 GW, 1 LS])
1706AT_KEYWORDS([vtep])
eb6b08eb
JP		 1707AT_SKIP_IF([test $HAVE_PYTHON = no])
1708ovn_start
1709
1710# Configure the Northbound database
ea46a4e9 1711ovn-nbctl ls-add lsw0
eb6b08eb 1712
31ed1192
JP		 1713ovn-nbctl lsp-add lsw0 lp1
1714ovn-nbctl lsp-set-addresses lp1 f0:00:00:00:00:01
eb6b08eb 1715
31ed1192
JP		 1716ovn-nbctl lsp-add lsw0 lp2
1717ovn-nbctl lsp-set-addresses lp2 f0:00:00:00:00:02
eb6b08eb 1718
31ed1192
JP		 1719ovn-nbctl lsp-add lsw0 lp-vtep
1720ovn-nbctl lsp-set-type lp-vtep vtep
1721ovn-nbctl lsp-set-options lp-vtep vtep-physical-switch=br-vtep vtep-logical-switch=lsw0
1722ovn-nbctl lsp-set-addresses lp-vtep unknown
eb6b08eb 1723
77adbb62
DB		 1724# lpr, lr and lrp1 are used for the ARP request handling test only.
1725ovn-nbctl lsp-add lsw0 lpr
1726ovn-nbctl lr-add lr
1727ovn-nbctl lrp-add lr lrp1 f0:00:00:00:00:f1 192.168.1.1/24
1728ovn-nbctl set Logical_Switch_Port lpr type=router \
1729 options:router-port=lrp1 \
1730 addresses='"f0:00:00:00:00:f1 192.168.1.1"'
1731
1732
eb6b08eb
JP		 1733net_add n1 # Network to connect hv1, hv2, and vtep
1734net_add n2 # Network to connect vtep and hv3
1735
1736# Create hypervisor hv1 connected to n1
1737sim_add hv1
1738as hv1
1739ovs-vsctl add-br br-phys
1740ovn_attach n1 br-phys 192.168.0.1
1741ovs-vsctl add-port br-int vif1 -- set Interface vif1 external-ids:iface-id=lp1 options:tx_pcap=hv1/vif1-tx.pcap options:rxq_pcap=hv1/vif1-rx.pcap ofport-request=1
1742
1743# Create hypervisor hv2 connected to n1
1744sim_add hv2
1745as hv2
1746ovs-vsctl add-br br-phys
1747ovn_attach n1 br-phys 192.168.0.2
1748ovs-vsctl add-port br-int vif2 -- set Interface vif2 external-ids:iface-id=lp2 options:tx_pcap=hv2/vif2-tx.pcap options:rxq_pcap=hv2/vif2-rx.pcap ofport-request=1
1749
1750
1751# Start the vtep emulator with a leg in both networks
1752sim_add vtep
1753as vtep
1754
1755ovsdb-tool create "$ovs_base"/vtep/vtep.db "$abs_top_srcdir"/vtep/vtep.ovsschema || return 1
1756ovs-appctl -t ovsdb-server ovsdb-server/add-db "$ovs_base"/vtep/vtep.db
1757
1758ovs-vsctl add-br br-phys
1759net_attach n1 br-phys
1760
1761mac=`ovs-vsctl get Interface br-phys mac_in_use | sed s/\"//g`
1762arp_table="$arp_table $sandbox,br-phys,192.168.0.3,$mac"
1763ovs-appctl netdev-dummy/ip4addr br-phys 192.168.0.3/24 >/dev/null || return 1
1764ovs-appctl ovs/route/add 192.168.0.3/24 br-phys >/dev/null || return 1
1765
1766ovs-vsctl add-br br-vtep
1767net_attach n2 br-vtep
1768
1769vtep-ctl add-ps br-vtep
1770vtep-ctl set Physical_Switch br-vtep tunnel_ips=192.168.0.3
1771vtep-ctl add-ls lsw0
1772
1773start_daemon ovs-vtep br-vtep
1774start_daemon ovn-controller-vtep --vtep-db=unix:"$ovs_base"/vtep/db.sock --ovnsb-db=unix:"$ovs_base"/ovn-sb/ovn-sb.sock
1775
1776sleep 1
1777
1778vtep-ctl bind-ls br-vtep br-vtep_n2 0 lsw0
1779
475f0a2c
DB		 1780OVS_WAIT_UNTIL([test -n "`as vtep vtep-ctl get-replication-mode lsw0 |
1781 grep -- source`"])
1782# It takes more time for the update to be processed by ovs-vtep.
eb6b08eb
JP		 1783sleep 1
1784
1785# Add hv3 on the other side of the vtep
1786sim_add hv3
1787as hv3
1788ovs-vsctl add-br br-phys
1789net_attach n2 br-phys
1790
1791ovs-vsctl add-port br-phys vif3 -- set Interface vif3 options:tx_pcap=hv3/vif3-tx.pcap options:rxq_pcap=hv3/vif3-rx.pcap ofport-request=1
1792
1793# Pre-populate the hypervisors' ARP tables so that we don't lose any
1794# packets for ARP resolution (native tunneling doesn't queue packets
1795# for ARP resolution).
1796ovn_populate_arp
1797
1798# Allow some time for ovn-northd and ovn-controller to catch up.
1799# XXX This should be more systematic.
1800sleep 1
6977df72 1801
eb6b08eb
JP		 1802# test_packet INPORT DST SRC ETHTYPE OUTPORT...
1803#
1804# This shell function causes a packet to be received on INPORT. The packet's
1805# content has Ethernet destination DST and source SRC (each exactly 12 hex
1806# digits) and Ethernet type ETHTYPE (4 hex digits). The OUTPORTs (zero or
1807# more) list the VIFs on which the packet should be received. INPORT and the
31ed1192 1808# OUTPORTs are specified as logical switch port numbers, e.g. 1 for vif1.
eb6b08eb
JP		 1809for i in 1 2 3; do
1810 : > $i.expected
1811done
1812test_packet() {
1813 local inport=$1 packet=$2$3$4; shift; shift; shift; shift
1814 #hv=hv`echo $inport | sed 's/^\(.\).*/\1/'`
1815 hv=hv$inport
1816 vif=vif$inport
1817 as $hv ovs-appctl netdev-dummy/receive $vif $packet
1818 for outport; do
e4543cfe 1819 echo $packet >> $outport.expected
eb6b08eb
JP		 1820 done
1821}
1822
1823# Send packets between all pairs of source and destination ports:
1824#
31ed1192
JP		 1825# 1. Unicast packets are delivered to exactly one logical switch port
1826# (except that packets destined to their input ports are dropped).
eb6b08eb 1827#
31ed1192
JP		 1828# 2. Broadcast and multicast are delivered to all logical switch ports
1829# except the input port.
eb6b08eb 1830#
ea46a4e9 1831# 3. The switch delivers packets with an unknown destination to logical
31ed1192
JP		 1832# switch ports with "unknown" among their MAC addresses (and port
1833# security disabled).
eb6b08eb
JP		 1834for s in 1 2 3; do
1835 bcast=
1836 unknown=
1837 for d in 1 2 3; do
1838 if test $d != $s; then unicast=$d; else unicast=; fi
1839 test_packet $s f0000000000$d f0000000000$s 00$s$d $unicast #1
1840
1841 # The vtep (vif3) is the only one configured for "unknown"
1842 if test $d != $s && test $d = 3; then
1843 unknown="$unknown $d"
1844 fi
1845 bcast="$bcast $unicast"
1846 done
1847
1848 # Broadcast and multicast.
46ed1382
DB		 1849 test_packet $s ffffffffffff f0000000000$s 0${s}ff $bcast #2
1850 test_packet $s 010000000000 f0000000000$s 0${s}ff $bcast #2
eb6b08eb
JP		 1851
1852 test_packet $s f0000000ffff f0000000000$s 0${s}66 $unknown #3
1853done
1854
77adbb62
DB		 1855# ARP request should not be responded to by logical switch router
1856# type arp responder on HV1 and HV2 and should reach directly to
1857# vif1 and vif2
1858ip_to_hex() {
1859 printf "%02x%02x%02x%02x" "$@"
1860}
1861sha=f00000000003
1862spa=`ip_to_hex 192 168 1 2`
1863tpa=`ip_to_hex 192 168 1 1`
1864request=ffffffffffff${sha}08060001080006040001${sha}${spa}ffffffffffff${tpa}
1865as hv3 ovs-appctl netdev-dummy/receive vif3 $request
1866echo $request >> 1.expected
1867echo $request >> 2.expected
1868
bb0c41d3
RM		 1869# dump information with counters
1870echo "------ OVN dump ------"
1871ovn-nbctl show
1872ovn-sbctl show
1873
77adbb62
DB		 1874echo "---------SB dump-----"
1875ovn-sbctl list datapath_binding
1876echo "---------------------"
1877ovn-sbctl list port_binding
1878echo "---------------------"
1879ovn-sbctl dump-flows
1880
bb0c41d3
RM		 1881echo "------ hv1 dump ------"
1882as hv1 ovs-vsctl show
6195e2e7 1883as hv1 ovs-ofctl -O OpenFlow13 show br-int
bb0c41d3
RM		 1884as hv1 ovs-ofctl -O OpenFlow13 dump-flows br-int
1885
1886echo "------ hv2 dump ------"
1887as hv2 ovs-vsctl show
6195e2e7 1888as hv2 ovs-ofctl -O OpenFlow13 show br-int
bb0c41d3
RM		 1889as hv2 ovs-ofctl -O OpenFlow13 dump-flows br-int
1890
1891echo "------ hv3 dump ------"
1892as hv3 ovs-vsctl show
6754e92d
FF		 1893# note: hv3 has no logical port bind, thus it should not have br-int
1894AT_CHECK([as hv3 ovs-ofctl -O OpenFlow13 show br-int], [1], [],
1895[ovs-ofctl: br-int is not a bridge or a socket
1896])
bb0c41d3 1897
eb6b08eb
JP		 1898# Now check the packets actually received against the ones expected.
1899for i in 1 2 3; do
49d7c759 1900 OVN_CHECK_PACKETS([hv$i/vif$i-tx.pcap], [$i.expected])
eb6b08eb 1901done
fcde56f5
LR		 1902
1903# Gracefully terminate daemons
7a8f15e0
LR		 1904OVN_CLEANUP([hv1],[hv2],[vtep])
1905OVN_CLEANUP_VSWITCH([hv3])
d9c8c57c 1906
eb6b08eb 1907AT_CLEANUP
9975d7be 1908
184bc3ca
RB		 1909# Similar test to "hardware GW"
1910AT_SETUP([ovn -- 3 HVs, 1 VIFs/HV, 1 software GW, 1 LS])
1911AT_SKIP_IF([test $HAVE_PYTHON = no])
1912ovn_start
1913
1914# Configure the Northbound database
1915ovn-nbctl ls-add lsw0
1916
1917ovn-nbctl lsp-add lsw0 lp1
1918ovn-nbctl lsp-set-addresses lp1 f0:00:00:00:00:01
1919
1920ovn-nbctl lsp-add lsw0 lp2
1921ovn-nbctl lsp-set-addresses lp2 f0:00:00:00:00:02
1922
1923ovn-nbctl lsp-add lsw0 lp-gw
1924ovn-nbctl lsp-set-type lp-gw l2gateway
62b87eab 1925ovn-nbctl lsp-set-options lp-gw network_name=physnet1 l2gateway-chassis=hv_gw
184bc3ca
RB		 1926ovn-nbctl lsp-set-addresses lp-gw unknown
1927
1928net_add n1 # Network to connect hv1, hv2, and gw
1929net_add n2 # Network to connect gw and hv3
1930
1931# Create hypervisor hv1 connected to n1
1932sim_add hv1
1933as hv1
1934ovs-vsctl add-br br-phys
1935ovn_attach n1 br-phys 192.168.0.1
1936ovs-vsctl add-port br-int vif1 -- set Interface vif1 external-ids:iface-id=lp1 options:tx_pcap=hv1/vif1-tx.pcap options:rxq_pcap=hv1/vif1-rx.pcap ofport-request=1
1937
1938# Create hypervisor hv2 connected to n1
1939sim_add hv2
1940as hv2
1941ovs-vsctl add-br br-phys
1942ovn_attach n1 br-phys 192.168.0.2
1943ovs-vsctl add-port br-int vif2 -- set Interface vif2 external-ids:iface-id=lp2 options:tx_pcap=hv2/vif2-tx.pcap options:rxq_pcap=hv2/vif2-rx.pcap ofport-request=1
1944
1945# Create hypervisor hv_gw connected to n1 and n2
1946# connect br-phys bridge to n1; connect hv-gw bridge to n2
1947sim_add hv_gw
1948as hv_gw
1949ovs-vsctl add-br br-phys
1950ovn_attach n1 br-phys 192.168.0.3
1951ovs-vsctl add-br br-phys2
1952net_attach n2 br-phys2
1953ovs-vsctl set open . external_ids:ovn-bridge-mappings="physnet1:br-phys2"
1954
184bc3ca
RB		 1955# Add hv3 on the other side of the GW
1956sim_add hv3
1957as hv3
1958ovs-vsctl add-br br-phys
1959net_attach n2 br-phys
1960ovs-vsctl add-port br-phys vif3 -- set Interface vif3 options:tx_pcap=hv3/vif3-tx.pcap options:rxq_pcap=hv3/vif3-rx.pcap ofport-request=1
1961
1962
1963# Pre-populate the hypervisors' ARP tables so that we don't lose any
1964# packets for ARP resolution (native tunneling doesn't queue packets
1965# for ARP resolution).
1966ovn_populate_arp
1967
1968# Allow some time for ovn-northd and ovn-controller to catch up.
1969# XXX This should be more systematic.
1970sleep 1
1971
1972# test_packet INPORT DST SRC ETHTYPE OUTPORT...
1973#
1974# This shell function causes a packet to be received on INPORT. The packet's
1975# content has Ethernet destination DST and source SRC (each exactly 12 hex
1976# digits) and Ethernet type ETHTYPE (4 hex digits). The OUTPORTs (zero or
1977# more) list the VIFs on which the packet should be received. INPORT and the
1978# OUTPORTs are specified as lport numbers, e.g. 1 for vif1.
184bc3ca
RB		 1979for i in 1 2 3; do
1980 : > $i.expected
1981done
1982test_packet() {
1983 local inport=$1 packet=$2$3$4; shift; shift; shift; shift
1984 #hv=hv`echo $inport | sed 's/^\(.\).*/\1/'`
1985 hv=hv$inport
1986 vif=vif$inport
1987 as $hv ovs-appctl netdev-dummy/receive $vif $packet
1988 for outport; do
e4543cfe 1989 echo $packet >> $outport.expected
184bc3ca
RB		 1990 done
1991}
1992
1993# Send packets between all pairs of source and destination ports:
1994#
1995# 1. Unicast packets are delivered to exactly one lport (except that packets
1996# destined to their input ports are dropped).
1997#
1998# 2. Broadcast and multicast are delivered to all lports except the input port.
1999#
2000# 3. The lswitch delivers packets with an unknown destination to lports with
2001# "unknown" among their MAC addresses (and port security disabled).
2002for s in 1 2 3 ; do
2003 bcast=
2004 unknown=
2005 for d in 1 2 3 ; do
2006 if test $d != $s; then unicast=$d; else unicast=; fi
2007 test_packet $s f0000000000$d f0000000000$s 00$s$d $unicast #1
2008
2009 # The vtep (vif3) is the only one configured for "unknown"
2010 if test $d != $s && test $d = 3; then
2011 unknown="$unknown $d"
2012 fi
2013 bcast="$bcast $unicast"
2014 done
2015
2016 test_packet $s ffffffffffff f0000000000$s 0${s}ff $bcast #2
2017 test_packet $s 010000000000 f0000000000$s 0${s}ff $bcast #3
2018 test_packet $s f0000000ffff f0000000000$s 0${s}66 $unknown #4
2019done
2020
184bc3ca
RB		 2021echo "------ ovn-nbctl show ------"
2022ovn-nbctl show
2023echo "------ ovn-sbctl show ------"
2024ovn-sbctl show
2025
2026echo "------ hv1 ------"
2027as hv1 ovs-vsctl show
2028echo "------ hv1 br-int ------"
2029as hv1 ovs-ofctl -O OpenFlow13 dump-flows br-int
2030echo "------ hv1 br-phys ------"
2031as hv1 ovs-ofctl -O OpenFlow13 dump-flows br-phys
2032
2033echo "------ hv2 ------"
2034as hv2 ovs-vsctl show
2035echo "------ hv2 br-int ------"
2036as hv2 ovs-ofctl -O OpenFlow13 dump-flows br-int
2037echo "------ hv2 br-phys ------"
2038as hv2 ovs-ofctl -O OpenFlow13 dump-flows br-phys
2039
2040echo "------ hv_gw ------"
2041as hv_gw ovs-vsctl show
2042echo "------ hv_gw br-phys ------"
2043as hv_gw ovs-ofctl -O OpenFlow13 dump-flows br-phys
2044echo "------ hv_gw br-phys2 ------"
2045as hv_gw ovs-ofctl -O OpenFlow13 dump-flows br-phys2
2046
2047echo "------ hv3 ------"
2048as hv3 ovs-vsctl show
2049echo "------ hv3 br-phys ------"
2050as hv3 ovs-ofctl -O OpenFlow13 dump-flows br-phys
2051
2052# Now check the packets actually received against the ones expected.
2053for i in 1 2 3; do
49d7c759 2054 OVN_CHECK_PACKETS([hv$i/vif$i-tx.pcap], [$i.expected])
184bc3ca
RB		 2055done
2056AT_CLEANUP
2057
9975d7be
BP		 2058# 3 hypervisors, 3 logical switches with 3 logical ports each, 1 logical router
2059AT_SETUP([ovn -- 3 HVs, 3 LS, 3 lports/LS, 1 LR])
2060AT_SKIP_IF([test $HAVE_PYTHON = no])
2061ovn_start
2062
2063# Logical network:
2064#
2065# Three logical switches ls1, ls2, ls3.
86e98048
BP		 2066# One logical router lr0 connected to ls[123],
2067# with nine subnets, three per logical switch:
2068#
2069# lrp11 on ls1 for subnet 192.168.11.0/24
2070# lrp12 on ls1 for subnet 192.168.12.0/24
2071# lrp13 on ls1 for subnet 192.168.13.0/24
2072# ...
2073# lrp33 on ls3 for subnet 192.168.33.0/24
2074#
2075# 27 VIFs, 9 per LS, 3 per subnet: lp[123][123][123], where the first two
2076# digits are the subnet and the last digit distinguishes the VIF.
9975d7be 2077for i in 1 2 3; do
ea46a4e9 2078 ovn-nbctl ls-add ls$i
9975d7be 2079 for j in 1 2 3; do
86e98048 2080 for k in 1 2 3; do
31ed1192
JP		 2081 # Add "unknown" to MAC addresses for lp?11, so packets for
2082 # MAC-IP bindings discovered via ARP later have somewhere to go.
2083 if test $j$k = 11; then unknown=unknown; else unknown=; fi
2084
2085 ovn-nbctl \
2086 -- lsp-add ls$i lp$i$j$k \
2087 -- lsp-set-addresses lp$i$j$k "f0:00:00:00:0$i:$j$k \
2088 192.168.$i$j.$k" $unknown
86e98048
BP		 2089 done
2090 done
2091done
2092
fa2a27b2 2093ovn-nbctl lr-add lr0
86e98048
BP		 2094for i in 1 2 3; do
2095 for j in 1 2 3; do
bf44c2cd 2096 ovn-nbctl lrp-add lr0 lrp$i$j 00:00:00:00:ff:$i$j 192.168.$i$j.254/24
269ecccc 2097 ovn-nbctl \
31ed1192 2098 -- lsp-add ls$i lrp$i$j-attachment \
269ecccc 2099 -- set Logical_Switch_Port lrp$i$j-attachment type=router \
00007447 2100 options:router-port=lrp$i$j \
86e98048 2101 addresses='"00:00:00:00:ff:'$i$j'"'
9975d7be
BP		 2102 done
2103done
2104
80f408f4 2105ovn-nbctl set Logical_Switch_Port lrp33-attachment \
57d143eb
HZ		 2106 addresses='"00:00:00:00:ff:33 192.168.33.254"'
2107
9975d7be
BP		 2108# Physical network:
2109#
2110# Three hypervisors hv[123].
86e98048
BP		 2111# lp?1[123] spread across hv[123]: lp?11 on hv1, lp?12 on hv2, lp?13 on hv3.
2112# lp?2[123] spread across hv[23]: lp?21 and lp?22 on hv2, lp?23 on hv3.
2113# lp?3[123] all on hv3.
2114
9975d7be
BP		 2115
2116# Given the name of a logical port, prints the name of the hypervisor
2117# on which it is located.
2118vif_to_hv() {
2119 case $1 in dnl (
86e98048
BP		 2120 ?11) echo 1 ;; dnl (
2121 ?12 | ?21 | ?22) echo 2 ;; dnl (
2122 ?13 | ?23 | ?3?) echo 3 ;;
9975d7be
BP		 2123 esac
2124}
2125
86e98048
BP		 2126# Given the name of a logical port, prints the name of its logical router
2127# port, e.g. "vif_to_lrp 123" yields 12.
2128vif_to_lrp() {
2129 echo ${1%?}
2130}
2131
2132# Given the name of a logical port, prints the name of its logical
2133# switch, e.g. "vif_to_ls 123" yields 1.
e3393e3f 2134vif_to_ls() {
86e98048 2135 echo ${1%??}
e3393e3f
BP		 2136}
2137
9975d7be
BP		 2138net_add n1
2139for i in 1 2 3; do
2140 sim_add hv$i
2141 as hv$i
2142 ovs-vsctl add-br br-phys
2143 ovn_attach n1 br-phys 192.168.0.$i
2144done
2145for i in 1 2 3; do
2146 for j in 1 2 3; do
86e98048 2147 for k in 1 2 3; do
269ecccc
JP		 2148 hv=`vif_to_hv $i$j$k`
2149 as hv$hv ovs-vsctl \
2150 -- add-port br-int vif$i$j$k \
2151 -- set Interface vif$i$j$k \
2152 external-ids:iface-id=lp$i$j$k \
2153 options:tx_pcap=hv$hv/vif$i$j$k-tx.pcap \
2154 options:rxq_pcap=hv$hv/vif$i$j$k-rx.pcap \
2155 ofport-request=$i$j$k
86e98048 2156 done
9975d7be
BP		 2157 done
2158done
2159
2160# Pre-populate the hypervisors' ARP tables so that we don't lose any
2161# packets for ARP resolution (native tunneling doesn't queue packets
2162# for ARP resolution).
2163ovn_populate_arp
2164
2165# Allow some time for ovn-northd and ovn-controller to catch up.
2166# XXX This should be more systematic.
2167sleep 1
2168
e3393e3f 2169# test_ip INPORT SRC_MAC DST_MAC SRC_IP DST_IP OUTPORT...
9975d7be
BP		 2170#
2171# This shell function causes a packet to be received on INPORT. The packet's
2172# content has Ethernet destination DST and source SRC (each exactly 12 hex
2173# digits) and Ethernet type ETHTYPE (4 hex digits). The OUTPORTs (zero or
2174# more) list the VIFs on which the packet should be received. INPORT and the
31ed1192 2175# OUTPORTs are specified as logical switch port numbers, e.g. 123 for vif123.
9975d7be
BP		 2176for i in 1 2 3; do
2177 for j in 1 2 3; do
86e98048
BP		 2178 for k in 1 2 3; do
2179 : > $i$j$k.expected
269ecccc 2180 done
9975d7be
BP		 2181 done
2182done
e3393e3f 2183test_ip() {
9975d7be
BP		 2184 # This packet has bad checksums but logical L3 routing doesn't check.
2185 local inport=$1 src_mac=$2 dst_mac=$3 src_ip=$4 dst_ip=$5
ba43992e 2186 local packet=${dst_mac}${src_mac}08004500001c0000000040110000${src_ip}${dst_ip}0035111100080000
9975d7be
BP		 2187 shift; shift; shift; shift; shift
2188 hv=hv`vif_to_hv $inport`
2189 as $hv ovs-appctl netdev-dummy/receive vif$inport $packet
2190 #as $hv ovs-appctl ofproto/trace br-int in_port=$inport $packet
86e98048
BP		 2191 in_ls=`vif_to_ls $inport`
2192 in_lrp=`vif_to_lrp $inport`
9975d7be 2193 for outport; do
269ecccc 2194 out_ls=`vif_to_ls $outport`
86e98048 2195 if test $in_ls = $out_ls; then
9975d7be
BP		 2196 # Ports on the same logical switch receive exactly the same packet.
2197 echo $packet
2198 else
2199 # Routing decrements TTL and updates source and dest MAC
2200 # (and checksum).
269ecccc 2201 out_lrp=`vif_to_lrp $outport`
86e98048 2202 echo f00000000${outport}00000000ff${out_lrp}08004500001c00000000"3f1101"00${src_ip}${dst_ip}0035111100080000
e4543cfe 2203 fi >> $outport.expected
9975d7be
BP		 2204 done
2205}
2206
e3393e3f 2207as hv1 ovs-vsctl --columns=name,ofport list interface
0bac7164
BP		 2208as hv1 ovn-sbctl list port_binding
2209as hv1 ovn-sbctl list datapath_binding
9975d7be
BP		 2210as hv1 ovn-sbctl dump-flows
2211as hv1 ovs-ofctl dump-flows br-int
2212
e3393e3f 2213# Send IP packets between all pairs of source and destination ports:
9975d7be 2214#
31ed1192
JP		 2215# 1. Unicast IP packets are delivered to exactly one logical switch port
2216# (except that packets destined to their input ports are dropped).
9975d7be 2217#
31ed1192
JP		 2218# 2. Broadcast IP packets are delivered to all logical switch ports
2219# except the input port.
86e98048
BP		 2220ip_to_hex() {
2221 printf "%02x%02x%02x%02x" "$@"
2222}
9975d7be 2223for is in 1 2 3; do
269ecccc
JP		 2224 for js in 1 2 3; do
2225 for ks in 1 2 3; do
2226 bcast=
2227 s=$is$js$ks
2228 smac=f00000000$s
2229 sip=`ip_to_hex 192 168 $is$js $ks`
2230 for id in 1 2 3; do
2231 for jd in 1 2 3; do
2232 for kd in 1 2 3; do
2233 d=$id$jd$kd
2234 dip=`ip_to_hex 192 168 $id$jd $kd`
2235 if test $is = $id; then dmac=f00000000$d; else dmac=00000000ff$is$js; fi
2236 if test $d != $s; then unicast=$d; else unicast=; fi
2237
2238 test_ip $s $smac $dmac $sip $dip $unicast #1
2239
2240 if test $id = $is && test $d != $s; then bcast="$bcast $d"; fi
2241 done
2242 done
9975d7be 2243 done
269ecccc
JP		 2244 test_ip $s $smac ffffffffffff $sip ffffffff $bcast #2
2245 done
2246 done
e3393e3f
BP		 2247done
2248
0bac7164
BP		 2249# 3. Send an IP packet from every logical port to every other subnet,
2250# to an IP address that does not have a static IP-MAC binding.
2251# This should generate a broadcast ARP request for the destination
2252# IP address in the destination subnet.
2253for is in 1 2 3; do
269ecccc
JP		 2254 for js in 1 2 3; do
2255 for ks in 1 2 3; do
2256 s=$is$js$ks
2257 smac=f00000000$s
2258 sip=`ip_to_hex 192 168 $is$js $ks`
2259 for id in 1 2 3; do
2260 for jd in 1 2 3; do
2261 if test $is$js = $id$jd; then
2262 continue
2263 fi
2264
2265 # Send the packet.
2266 dmac=00000000ff$is$js
2267 # Calculate a 4th octet for the destination that is
2268 # unique per $s, avoids the .1 .2 .3 and .254 IP addresses
2269 # that have static MAC bindings, and fits in the range
2270 # 0-255.
2271 o4=`expr $is '*' 9 + $js '*' 3 + $ks + 10`
2272 dip=`ip_to_hex 192 168 $id$jd $o4`
2273 test_ip $s $smac $dmac $sip $dip
2274
2275 # Every LP on the destination subnet's lswitch should
2276 # receive the ARP request.
2277 lrmac=00000000ff$id$jd
2278 lrip=`ip_to_hex 192 168 $id$jd 254`
2279 arp=ffffffffffff${lrmac}08060001080006040001${lrmac}${lrip}000000000000${dip}
2280 for jd2 in 1 2 3; do
2281 for kd in 1 2 3; do
e4543cfe 2282 echo $arp >> $id$jd2$kd.expected
0bac7164 2283 done
269ecccc 2284 done
0bac7164 2285 done
269ecccc 2286 done
0bac7164 2287 done
269ecccc 2288 done
0bac7164
BP		 2289done
2290
e3393e3f
BP		 2291# test_arp INPORT SHA SPA TPA [REPLY_HA]
2292#
2293# Causes a packet to be received on INPORT. The packet is an ARP
2294# request with SHA, SPA, and TPA as specified. If REPLY_HA is provided, then
2295# it should be the hardware address of the target to expect to receive in an
2296# ARP reply; otherwise no reply is expected.
2297#
31ed1192 2298# INPORT is an logical switch port number, e.g. 11 for vif11.
e3393e3f
BP		 2299# SHA and REPLY_HA are each 12 hex digits.
2300# SPA and TPA are each 8 hex digits.
2301test_arp() {
2302 local inport=$1 sha=$2 spa=$3 tpa=$4 reply_ha=$5
2303 local request=ffffffffffff${sha}08060001080006040001${sha}${spa}ffffffffffff${tpa}
2304 hv=hv`vif_to_hv $inport`
2305 as $hv ovs-appctl netdev-dummy/receive vif$inport $request
2306 #as $hv ovs-appctl ofproto/trace br-int in_port=$inport $request
2307
57d143eb 2308 # Expect to receive the broadcast ARP on the other logical switch ports if
ea46a4e9 2309 # IP address is not configured to the switch patch port.
e3393e3f 2310 local i=`vif_to_ls $inport`
86e98048 2311 local j k
e3393e3f 2312 for j in 1 2 3; do
86e98048 2313 for k in 1 2 3; do
ea46a4e9 2314 # 192.168.33.254 is configured to the switch patch port for lrp33,
57d143eb
HZ		 2315 # so no ARP flooding expected for it.
2316 if test $i$j$k != $inport && test $tpa != `ip_to_hex 192 168 33 254`; then
86e98048
BP		 2317 echo $request >> $i$j$k.expected
2318 fi
2319 done
e3393e3f
BP		 2320 done
2321
2322 # Expect to receive the reply, if any.
2323 if test X$reply_ha != X; then
86e98048
BP		 2324 lrp=`vif_to_lrp $inport`
2325 local reply=${sha}00000000ff${lrp}08060001080006040002${reply_ha}${tpa}${sha}${spa}
e3393e3f
BP		 2326 echo $reply >> $inport.expected
2327 fi
2328}
2329
2330# Test router replies to ARP requests from all source ports:
2331#
0bac7164 2332# 4. Router replies to query for its MAC address from port's own IP address.
e3393e3f 2333#
0bac7164 2334# 5. Router replies to query for its MAC address from any random IP address
e3393e3f
BP		 2335# in its subnet.
2336#
0bac7164 2337# 6. Router replies to query for its MAC address from another subnet.
e3393e3f 2338#
0bac7164 2339# 7. No reply to query for IP address other than router IP.
e3393e3f 2340for i in 1 2 3; do
269ecccc
JP		 2341 for j in 1 2 3; do
2342 for k in 1 2 3; do
2343 smac=f00000000$i$j$k # Source MAC
2344 sip=`ip_to_hex 192 168 $i$j $k` # Source IP
2345 rip=`ip_to_hex 192 168 $i$j 254` # Router IP
2346 rmac=00000000ff$i$j # Router MAC
2347 otherip=`ip_to_hex 192 168 $i$j 55` # Some other IP in subnet
2348 test_arp $i$j$k $smac $sip $rip $rmac #4
2349 test_arp $i$j$k $smac $otherip $rip $rmac #5
2350 test_arp $i$j$k $smac 0a123456 $rip $rmac #6
2351 test_arp $i$j$k $smac $sip $otherip #7
0bac7164 2352 done
269ecccc 2353 done
0bac7164
BP		 2354done
2355
2356# Allow some time for packet forwarding.
2357# XXX This can be improved.
2358sleep 1
2359
2360# 8. Generate an ARP reply for each of the IP addresses ARPed for
2361# earlier as #3.
2362#
2363# Here, the $s is the VIF that originated the ARP request and $d is
2364# the VIF that sends the ARP reply, which is somewhat backward but
2365# it means that $s and $d are the same as #3.
2366: > mac_bindings.expected
2367for is in 1 2 3; do
269ecccc
JP		 2368 for js in 1 2 3; do
2369 for ks in 1 2 3; do
2370 s=$is$js$ks
2371 for id in 1 2 3; do
2372 for jd in 1 2 3; do
2373 if test $is$js = $id$jd; then
2374 continue
2375 fi
2376
2377 kd=1
2378 d=$id$jd$kd
2379
2380 o4=`expr $is '*' 9 + $js '*' 3 + $ks + 10`
2381 host_ip=`ip_to_hex 192 168 $id$jd $o4`
2382 host_mac=8000000000$o4
2383
2384 lrmac=00000000ff$id$jd
2385 lrip=`ip_to_hex 192 168 $id$jd 254`
2386
2387 arp=${lrmac}${host_mac}08060001080006040002${host_mac}${host_ip}${lrmac}${lrip}
2388
2389 echo
2390 echo
2391 echo
2392 hv=hv`vif_to_hv $d`
2393 as $hv ovs-appctl netdev-dummy/receive vif$d $arp
2394 #as $hv ovs-appctl ofproto/trace br-int in_port=$d $arp
2395 #as $hv ovs-ofctl dump-flows br-int table=19
2396
2397 host_ip_pretty=192.168.$id$jd.$o4
2398 host_mac_pretty=80:00:00:00:00:$o4
2399 echo lrp$id$jd,$host_ip_pretty,$host_mac_pretty >> mac_bindings.expected
86e98048 2400 done
269ecccc 2401 done
9975d7be 2402 done
269ecccc 2403 done
9975d7be 2404done
0bac7164 2405
9975d7be
BP		 2406# Allow some time for packet forwarding.
2407# XXX This can be improved.
2408sleep 1
2409
0bac7164
BP		 2410# 9. Send an IP packet from every logical port to every other subnet. These
2411# are the same packets already sent as #3, but now the destinations' IP-MAC
2412# bindings have been discovered via ARP, so instead of provoking an ARP
2413# request, these packets now get routed to their destinations (which don't
2414# have static MAC bindings, so they go to the port we've designated as
2415# accepting "unknown" MACs.)
2416for is in 1 2 3; do
269ecccc
JP		 2417 for js in 1 2 3; do
2418 for ks in 1 2 3; do
2419 s=$is$js$ks
2420 smac=f00000000$s
2421 sip=`ip_to_hex 192 168 $is$js $ks`
2422 for id in 1 2 3; do
2423 for jd in 1 2 3; do
2424 if test $is$js = $id$jd; then
2425 continue
2426 fi
2427
2428 # Send the packet.
2429 dmac=00000000ff$is$js
2430 # Calculate a 4th octet for the destination that is
2431 # unique per $s, avoids the .1 .2 .3 and .254 IP addresses
2432 # that have static MAC bindings, and fits in the range
2433 # 0-255.
2434 o4=`expr $is '*' 9 + $js '*' 3 + $ks + 10`
2435 dip=`ip_to_hex 192 168 $id$jd $o4`
2436 test_ip $s $smac $dmac $sip $dip
2437
2438 # Expect the packet egress.
2439 host_mac=8000000000$o4
2440 outport=${id}11
2441 out_lrp=$id$jd
e4543cfe 2442 echo ${host_mac}00000000ff${out_lrp}08004500001c00000000"3f1101"00${sip}${dip}0035111100080000 >> $outport.expected
0bac7164 2443 done
269ecccc 2444 done
0bac7164 2445 done
269ecccc 2446 done
0bac7164
BP		 2447done
2448
0bac7164
BP		 2449ovn-sbctl -f csv -d bare --no-heading \
2450 -- --columns=logical_port,ip,mac list mac_binding > mac_bindings
2451
9975d7be
BP		 2452# Now check the packets actually received against the ones expected.
2453for i in 1 2 3; do
2454 for j in 1 2 3; do
86e98048 2455 for k in 1 2 3; do
abb37b6b
FF		 2456 OVN_CHECK_PACKETS([hv`vif_to_hv $i$j$k`/vif$i$j$k-tx.pcap],
2457 [$i$j$k.expected])
86e98048 2458 done
9975d7be
BP		 2459 done
2460done
fcde56f5 2461
0bac7164
BP		 2462# Check the MAC bindings against those expected.
2463AT_CHECK_UNQUOTED([sort < mac_bindings], [0], [`sort < mac_bindings.expected`
2464])
2465
fcde56f5 2466# Gracefully terminate daemons
7a8f15e0 2467OVN_CLEANUP([hv1], [hv2], [hv3])
eff49a56 2468
9975d7be 2469AT_CLEANUP
685f4dfe
NS		 2470
2471# 3 hypervisors, one logical switch, 3 logical ports per hypervisor
2472AT_SETUP([ovn -- portsecurity : 3 HVs, 1 LS, 3 lports/HV])
685f4dfe
NS		 2473AT_SKIP_IF([test $HAVE_PYTHON = no])
2474ovn_start
2475
2476# Create hypervisors hv[123].
2477# Add vif1[123] to hv1, vif2[123] to hv2, vif3[123] to hv3.
2478# Add all of the vifs to a single logical switch lsw0.
2479# Turn off port security on vifs vif[123]1
2480# Turn on l2 port security on vifs vif[123]2
2481# Turn of l2 and l3 port security on vifs vif[123]3
2482# Make vif13, vif2[23], vif3[123] destinations for unknown MACs.
ea46a4e9 2483ovn-nbctl ls-add lsw0
685f4dfe
NS		 2484net_add n1
2485for i in 1 2 3; do
2486 sim_add hv$i
2487 as hv$i
2488 ovs-vsctl add-br br-phys
2489 ovn_attach n1 br-phys 192.168.0.$i
2490
2491 for j in 1 2 3; do
2492 ovs-vsctl add-port br-int vif$i$j -- set Interface vif$i$j external-ids:iface-id=lp$i$j options:tx_pcap=hv$i/vif$i$j-tx.pcap options:rxq_pcap=hv$i/vif$i$j-rx.pcap ofport-request=$i$j
31ed1192 2493 ovn-nbctl lsp-add lsw0 lp$i$j
685f4dfe 2494 if test $j = 1; then
31ed1192 2495 ovn-nbctl lsp-set-addresses lp$i$j "f0:00:00:00:00:$i$j 192.168.0.$i$j" unknown
685f4dfe 2496 elif test $j = 2; then
31ed1192
JP		 2497 ovn-nbctl lsp-set-addresses lp$i$j "f0:00:00:00:00:$i$j 192.168.0.$i$j"
2498 ovn-nbctl lsp-set-port-security lp$i$j f0:00:00:00:00:$i$j
685f4dfe
NS		 2499 else
2500 extra_addr="f0:00:00:00:0$i:$i$j fe80::ea2a:eaff:fe28:$i$j"
31ed1192
JP		 2501 ovn-nbctl lsp-set-addresses lp$i$j "f0:00:00:00:00:$i$j 192.168.0.$i$j" "$extra_addr"
2502 ovn-nbctl lsp-set-port-security lp$i$j "f0:00:00:00:00:$i$j 192.168.0.$i$j" "$extra_addr"
685f4dfe
NS		 2503 fi
2504 done
2505done
2506
685f4dfe
NS		 2507# Pre-populate the hypervisors' ARP tables so that we don't lose any
2508# packets for ARP resolution (native tunneling doesn't queue packets
2509# for ARP resolution).
2510ovn_populate_arp
2511
2512# Allow some time for ovn-northd and ovn-controller to catch up.
2513# XXX This should be more systematic.
2514sleep 1
685f4dfe
NS		 2515
2516# Given the name of a logical port, prints the name of the hypervisor
2517# on which it is located.
2518vif_to_hv() {
2519 echo hv${1%?}
2520}
2521
685f4dfe
NS		 2522for i in 1 2 3; do
2523 for j in 1 2 3; do
2524 : > $i$j.expected
2525 done
2526done
2527
2528# test_ip INPORT SRC_MAC DST_MAC SRC_IP DST_IP OUTPORT...
2529#
2530# This shell function causes an ip packet to be received on INPORT.
2531# The packet's content has Ethernet destination DST and source SRC
2532# (each exactly 12 hex digits) and Ethernet type ETHTYPE (4 hex digits).
2533# The OUTPORTs (zero or more) list the VIFs on which the packet should
31ed1192
JP		 2534# be received. INPORT and the OUTPORTs are specified as logical switch
2535# port numbers, e.g. 11 for vif11.
685f4dfe
NS		 2536test_ip() {
2537 # This packet has bad checksums but logical L3 routing doesn't check.
2538 local inport=$1 src_mac=$2 dst_mac=$3 src_ip=$4 dst_ip=$5
efe179e0 2539 local packet=${dst_mac}${src_mac}08004500001c0000000040110000${src_ip}${dst_ip}0035111100080000
685f4dfe
NS		 2540 shift; shift; shift; shift; shift
2541 hv=`vif_to_hv $inport`
2542 as $hv ovs-appctl netdev-dummy/receive vif$inport $packet
2543 #as $hv ovs-appctl ofproto/trace br-int in_port=$inport $packet
2544 for outport; do
e4543cfe 2545 echo $packet >> $outport.expected
685f4dfe
NS		 2546 done
2547}
2548
2549# test_arp INPORT SHA SPA TPA DROP [REPLY_HA]
2550#
2551# Causes a packet to be received on INPORT. The packet is an ARP
2552# request with SHA, SPA, and TPA as specified. If REPLY_HA is provided, then
2553# it should be the hardware address of the target to expect to receive in an
2554# ARP reply; otherwise no reply is expected.
2555#
31ed1192 2556# INPORT is an logical switch port number, e.g. 11 for vif11.
685f4dfe
NS		 2557# SHA and REPLY_HA are each 12 hex digits.
2558# SPA and TPA are each 8 hex digits.
2559test_arp() {
2560 local inport=$1 smac=$2 sha=$3 spa=$4 tpa=$5 drop=$6 reply_ha=$7
2561 local request=ffffffffffff${smac}08060001080006040001${sha}${spa}ffffffffffff${tpa}
2562 hv=`vif_to_hv $inport`
2563 as $hv ovs-appctl netdev-dummy/receive vif$inport $request
2564 #as $hv ovs-appctl ofproto/trace br-int in_port=$inport $request
2565 if test $drop != 1; then
e137131a 2566 if test X$reply_ha = X; then
685f4dfe
NS		 2567 # Expect to receive the broadcast ARP on the other logical switch ports
2568 # if no reply is expected.
2569 local i j
2570 for i in 1 2 3; do
2571 for j in 1 2 3; do
2572 if test $i$j != $inport; then
2573 echo $request >> $i$j.expected
2574 fi
2575 done
2576 done
2577 else
2578 # Expect to receive the reply, if any.
2579 local reply=${smac}${reply_ha}08060001080006040002${reply_ha}${tpa}${sha}${spa}
2580 echo $reply >> $inport.expected
2581 fi
2582 fi
2583}
2584
2585# test_ipv6 INPORT SRC_MAC DST_MAC SRC_IP DST_IP OUTPORT...
2586# This function is similar to test_ip() except that it sends
2587# ipv6 packet
2588test_ipv6() {
2589 local inport=$1 src_mac=$2 dst_mac=$3 src_ip=$4 dst_ip=$5
2590 local packet=${dst_mac}${src_mac}86dd6000000000083aff${src_ip}${dst_ip}0000000000000000
2591 shift; shift; shift; shift; shift
2592 hv=`vif_to_hv $inport`
2593 as $hv ovs-appctl netdev-dummy/receive vif$inport $packet
2594 #as $hv ovs-appctl ofproto/trace br-int in_port=$inport $packet
2595 for outport; do
e4543cfe 2596 echo $packet >> $outport.expected
685f4dfe
NS		 2597 done
2598}
2599
9e687b23
DL		 2600# test_icmpv6 INPORT SRC_MAC DST_MAC SRC_IP DST_IP ICMP_TYPE OUTPORT...
2601# This function is similar to test_ipv6() except it specifies the ICMPv6 type
2602# of the test packet
2603test_icmpv6() {
2604 local inport=$1 src_mac=$2 dst_mac=$3 src_ip=$4 dst_ip=$5 icmp_type=$6
2605 local packet=${dst_mac}${src_mac}86dd6000000000083aff${src_ip}${dst_ip}${icmp_type}00000000000000
2606 shift; shift; shift; shift; shift; shift
2607 hv=`vif_to_hv $inport`
2608 as $hv ovs-appctl netdev-dummy/receive vif$inport $packet
2609 #as $hv ovs-appctl ofproto/trace br-int in_port=$inport $packet
2610 for outport; do
e4543cfe 2611 echo $packet >> $outport.expected
9e687b23
DL		 2612 done
2613}
2614
685f4dfe
NS		 2615ip_to_hex() {
2616 printf "%02x%02x%02x%02x" "$@"
2617}
2618
2619# no port security
2620sip=`ip_to_hex 192 168 0 12`
2621tip=`ip_to_hex 192 168 0 13`
2622# the arp packet should be allowed even if lp[123]1 is
2623# not configured with mac f00000000023 and ip 192.168.0.12
2624for i in 1 2 3; do
2625 test_arp ${i}1 f00000000023 f00000000023 $sip $tip 0 f00000000013
2626 for j in 1 2 3; do
2627 if test $i != $j; then
2628 test_ip ${i}1 f000000000${i}1 f000000000${j}1 $sip $tip ${j}1
2629 fi
2630 done
2631done
2632
2633# l2 port security
2634sip=`ip_to_hex 192 168 0 12`
2635tip=`ip_to_hex 192 168 0 13`
2636
2637# arp packet should be allowed since lp22 is configured with
2638# mac f00000000022
2639test_arp 22 f00000000022 f00000000022 $sip $tip 0 f00000000013
2640
2641# arp packet should not be allowed since lp32 is not configured with
2642# mac f00000000021
2643test_arp 32 f00000000021 f00000000021 $sip $tip 1
2644
2645# arp packet with sha set to f00000000021 should not be allowed
2646# for lp12
2647test_arp 12 f00000000012 f00000000021 $sip $tip 1
2648
2649# ip packets should be allowed and received since lp[123]2 do not
2650# have l3 port security
2651sip=`ip_to_hex 192 168 0 55`
2652tip=`ip_to_hex 192 168 0 66`
2653for i in 1 2 3; do
2654 for j in 1 2 3; do
2655 if test $i != $j; then
2656 test_ip ${i}2 f000000000${i}2 f000000000${j}2 $sip $tip ${j}2
2657 fi
2658 done
2659done
2660
2661# ipv6 packets should be received by lp[123]2
2662# lp[123]1 can send ipv6 traffic as there is no port security
2663sip=fe800000000000000000000000000000
2664tip=ff020000000000000000000000000000
2665
2666for i in 1 2 3; do
2667 test_ipv6 ${i}1 f000000000${i}1 f000000000${i}2 $sip $tip ${i}2
2668done
2669
2670
2671# l2 and l3 port security
2672sip=`ip_to_hex 192 168 0 13`
2673tip=`ip_to_hex 192 168 0 22`
2674# arp packet should be allowed since lp13 is configured with
2675# f00000000013 and 192.168.0.13
2676test_arp 13 f00000000013 f00000000013 $sip $tip 0 f00000000022
2677
2678# the arp packet should be dropped because lp23 is not configured
2679# with mac f00000000022
2680sip=`ip_to_hex 192 168 0 13`
2681tip=`ip_to_hex 192 168 0 22`
2682test_arp 23 f00000000022 f00000000022 $sip $tip 1
2683
2684# the arp packet should be dropped because lp33 is not configured
2685# with ip 192.168.0.55
2686spa=`ip_to_hex 192 168 0 55`
2687tpa=`ip_to_hex 192 168 0 22`
2688test_arp 33 f00000000031 f00000000031 $spa $tpa 1
2689
2690# ip packets should not be received by lp[123]3 since
2691# l3 port security is enabled
2692sip=`ip_to_hex 192 168 0 55`
2693tip=`ip_to_hex 192 168 0 66`
2694for i in 1 2 3; do
2695 for j in 1 2 3; do
2696 test_ip ${i}2 f000000000${i}2 f000000000${j}3 $sip $tip
2697 done
2698done
2699
2700# ipv6 packets should be dropped for lp[123]3 since
2701# it is configured with only ipv4 address
2702sip=fe800000000000000000000000000000
2703tip=ff020000000000000000000000000000
2704
2705for i in 1 2 3; do
2706 test_ipv6 ${i}3 f000000000${i}3 f00000000022 $sip $tip
2707done
2708
2709# ipv6 packets should not be received by lp[123]3 with mac f000000000$[123]3
2710# lp[123]1 can send ipv6 traffic as there is no port security
2711for i in 1 2 3; do
2712 test_ipv6 ${i}1 f000000000${i}1 f000000000${i}3 $sip $tip
2713done
2714
2715# lp13 has extra port security with mac f0000000113 and ipv6 addr
2716# fe80::ea2a:eaff:fe28:0012
2717
2718# ipv4 packet should be dropped for lp13 with mac f0000000113
2719sip=`ip_to_hex 192 168 0 13`
2720tip=`ip_to_hex 192 168 0 23`
2721test_ip 13 f00000000113 f00000000023 $sip $tip
2722
6d53e8a9
BP		 2723# ipv6 packet should be received by lp[123]3 with mac f00000000${i}${i}3
2724# and ip6.dst as fe80::ea2a:eaff:fe28:0${i}${i}3.
685f4dfe
NS		 2725# lp11 can send ipv6 traffic as there is no port security
2726sip=ee800000000000000000000000000000
2727for i in 1 2 3; do
6d53e8a9
BP		 2728 tip=fe80000000000000ea2aeafffe2800${i}3
2729 test_ipv6 11 f00000000011 f00000000${i}${i}3 $sip $tip ${i}3
685f4dfe
NS		 2730done
2731
2732
2733# ipv6 packet should not be received by lp33 with mac f0000000333
2734# and ip6.dst as fe80::ea2a:eaff:fe28:0023 as it is
2735# configured with fe80::ea2a:eaff:fe28:0033
2736# lp11 can send ipv6 traffic as there is no port security
2737
2738sip=ee800000000000000000000000000000
2739tip=fe80000000000000ea2aeafffe280023
2740test_ipv6 11 f00000000011 f00000000333 $sip $tip
2741
6d53e8a9
BP		 2742# ipv6 packet should be allowed for lp[123]3 with mac f0000000${i}${i}3
2743# and ip6.src fe80::ea2a:eaff:fe28:0${i}${i}3 and ip6.src ::.
685f4dfe
NS		 2744# and should be dropped for any other ip6.src
2745# lp21 can receive ipv6 traffic as there is no port security
2746
2747tip=ee800000000000000000000000000000
2748for i in 1 2 3; do
2749 sip=fe80000000000000ea2aeafffe2800${i}3
2750 test_ipv6 ${i}3 f00000000${i}${i}3 f00000000021 $sip $tip 21
2751
9e687b23 2752 # Test ICMPv6 MLD reports (v1 and v2) and NS for DAD
685f4dfe 2753 sip=00000000000000000000000000000000
9e687b23
DL		 2754 test_icmpv6 ${i}3 f00000000${i}${i}3 f00000000021 $sip ff020000000000000000000000160000 83 21
2755 test_icmpv6 ${i}3 f00000000${i}${i}3 f00000000021 $sip ff020000000000000000000000160000 8f 21
2756 test_icmpv6 ${i}3 f00000000${i}${i}3 f00000000021 $sip ff0200000000000000ea2aeafffe2800 87 21
2757 # Traffic to non-multicast traffic should be dropped
2758 test_icmpv6 ${i}3 f00000000${i}${i}3 f00000000021 $sip $tip 83
2759 # Traffic of other ICMPv6 types should be dropped
2760 test_icmpv6 ${i}3 f00000000${i}${i}3 f00000000021 $sip ff020000000000000000000000160000 80
685f4dfe
NS		 2761
2762 # should be dropped
2763 sip=ae80000000000000ea2aeafffe2800aa
2764 test_ipv6 ${i}3 f00000000${i}${i}3 f00000000021 $sip $tip
2765done
2766
31ed1192
JP		 2767# configure lsp13 to send and received IPv4 packets with an address range
2768ovn-nbctl lsp-set-port-security lp13 "f0:00:00:00:00:13 192.168.0.13 20.0.0.4/24 10.0.0.0/24"
7d9d86ad 2769
8ff5a966
NS		 2770sleep 2
2771
7d9d86ad
NS		 2772sip=`ip_to_hex 10 0 0 13`
2773tip=`ip_to_hex 192 168 0 22`
31ed1192 2774# arp packet with inner ip 10.0.0.13 should be allowed for lsp13
7d9d86ad
NS		 2775test_arp 13 f00000000013 f00000000013 $sip $tip 0 f00000000022
2776
2777sip=`ip_to_hex 10 0 0 14`
2778tip=`ip_to_hex 192 168 0 23`
31ed1192 2779# IPv4 packet from lsp13 with src ip 10.0.0.14 destined to lsp23
7d9d86ad
NS		 2780# with dst ip 192.168.0.23 should be allowed
2781test_ip 13 f00000000013 f00000000023 $sip $tip 23
2782
2783sip=`ip_to_hex 192 168 0 33`
2784tip=`ip_to_hex 10 0 0 15`
31ed1192
JP		 2785# IPv4 packet from lsp33 with src ip 192.168.0.33 destined to lsp13
2786# with dst ip 10.0.0.15 should be received by lsp13
7d9d86ad
NS		 2787test_ip 33 f00000000033 f00000000013 $sip $tip 13
2788
2789sip=`ip_to_hex 192 168 0 33`
2790tip=`ip_to_hex 20 0 0 4`
31ed1192
JP		 2791# IPv4 packet from lsp33 with src ip 192.168.0.33 destined to lsp13
2792# with dst ip 20.0.0.4 should be received by lsp13
7d9d86ad
NS		 2793test_ip 33 f00000000033 f00000000013 $sip $tip 13
2794
2795sip=`ip_to_hex 192 168 0 33`
2796tip=`ip_to_hex 20 0 0 5`
31ed1192
JP		 2797# IPv4 packet from lsp33 with src ip 192.168.0.33 destined to lsp13
2798# with dst ip 20.0.0.5 should not be received by lsp13
7d9d86ad
NS		 2799test_ip 33 f00000000033 f00000000013 $sip $tip
2800
2801sip=`ip_to_hex 192 168 0 33`
2802tip=`ip_to_hex 20 0 0 255`
31ed1192
JP		 2803# IPv4 packet from lsp33 with src ip 192.168.0.33 destined to lsp13
2804# with dst ip 20.0.0.255 should be received by lsp13
7d9d86ad
NS		 2805test_ip 33 f00000000033 f00000000013 $sip $tip 13
2806
2807sip=`ip_to_hex 192 168 0 33`
2808tip=`ip_to_hex 192 168 0 255`
31ed1192
JP		 2809# IPv4 packet from lsp33 with src ip 192.168.0.33 destined to lsp13
2810# with dst ip 192.168.0.255 should not be received by lsp13
7d9d86ad
NS		 2811test_ip 33 f00000000033 f00000000013 $sip $tip
2812
2813sip=`ip_to_hex 192 168 0 33`
2814tip=`ip_to_hex 224 0 0 4`
31ed1192
JP		 2815# IPv4 packet from lsp33 with src ip 192.168.0.33 destined to lsp13
2816# with dst ip 224.0.0.4 should be received by lsp13
7d9d86ad 2817test_ip 33 f00000000033 f00000000013 $sip $tip 13
685f4dfe 2818
bb0c41d3
RM		 2819#dump information including flow counters
2820ovn-nbctl show
2821ovn-sbctl dump-flows -- list multicast_group
2822
2823echo "------ hv1 dump ------"
2824as hv1 ovs-vsctl show
6195e2e7 2825as hv1 ovs-ofctl -O OpenFlow13 show br-int
bb0c41d3
RM		 2826as hv1 ovs-ofctl -O OpenFlow13 dump-flows br-int
2827
2828echo "------ hv2 dump ------"
2829as hv2 ovs-vsctl show
6195e2e7 2830as hv2 ovs-ofctl -O OpenFlow13 show br-int
bb0c41d3
RM		 2831as hv2 ovs-ofctl -O OpenFlow13 dump-flows br-int
2832
2833echo "------ hv3 dump ------"
2834as hv3 ovs-vsctl show
6195e2e7 2835as hv3 ovs-ofctl -O OpenFlow13 show br-int
bb0c41d3
RM		 2836as hv3 ovs-ofctl -O OpenFlow13 dump-flows br-int
2837
685f4dfe
NS		 2838# Now check the packets actually received against the ones expected.
2839for i in 1 2 3; do
2840 for j in 1 2 3; do
49d7c759 2841 OVN_CHECK_PACKETS([hv$i/vif$i$j-tx.pcap], [$i$j.expected])
685f4dfe
NS		 2842 done
2843done
2844
7a8f15e0 2845OVN_CLEANUP([hv1],[hv2],[hv3])
d9c8c57c 2846
685f4dfe 2847AT_CLEANUP
509afdc3
GS		 2848
2849AT_SETUP([ovn -- 2 HVs, 2 LS, 1 lport/LS, 2 peer LRs])
509afdc3
GS		 2850AT_SKIP_IF([test $HAVE_PYTHON = no])
2851ovn_start
2852
2853# Logical network:
2854# Two LRs - R1 and R2 that are connected to each other as peers in 20.0.0.0/24
2855# network. R1 has a switchs ls1 (191.168.1.0/24) connected to it.
2856# R2 has ls2 (172.16.1.0/24) connected to it.
2857
fa2a27b2
JP		 2858ovn-nbctl lr-add R1
2859ovn-nbctl lr-add R2
509afdc3 2860
ea46a4e9
JP		 2861ovn-nbctl ls-add ls1
2862ovn-nbctl ls-add ls2
509afdc3
GS		 2863
2864# Connect ls1 to R1
bf44c2cd 2865ovn-nbctl lrp-add R1 ls1 00:00:00:01:02:03 192.168.1.1/24
509afdc3 2866
31ed1192 2867ovn-nbctl lsp-add ls1 rp-ls1 -- set Logical_Switch_Port rp-ls1 type=router \
31114af7 2868 options:router-port=ls1 addresses=\"00:00:00:01:02:03\"
509afdc3
GS		 2869
2870# Connect ls2 to R2
bf44c2cd 2871ovn-nbctl lrp-add R2 ls2 00:00:00:01:02:04 172.16.1.1/24
509afdc3 2872
31ed1192 2873ovn-nbctl lsp-add ls2 rp-ls2 -- set Logical_Switch_Port rp-ls2 type=router \
31114af7 2874 options:router-port=ls2 addresses=\"00:00:00:01:02:04\"
509afdc3
GS		 2875
2876# Connect R1 to R2
4685e523
JP		 2877ovn-nbctl lrp-add R1 R1_R2 00:00:00:02:03:04 20.0.0.1/24 peer=R2_R1
2878ovn-nbctl lrp-add R2 R2_R1 00:00:00:02:03:05 20.0.0.2/24 peer=R1_R2
509afdc3 2879
6d9ecfa9
JP		 2880ovn-nbctl lr-route-add R1 "0.0.0.0/0" 20.0.0.2
2881ovn-nbctl lr-route-add R2 "0.0.0.0/0" 20.0.0.1
509afdc3
GS		 2882
2883# Create logical port ls1-lp1 in ls1
31ed1192
JP		 2884ovn-nbctl lsp-add ls1 ls1-lp1 \
2885-- lsp-set-addresses ls1-lp1 "f0:00:00:01:02:03 192.168.1.2"
509afdc3
GS		 2886
2887# Create logical port ls2-lp1 in ls2
31ed1192
JP		 2888ovn-nbctl lsp-add ls2 ls2-lp1 \
2889-- lsp-set-addresses ls2-lp1 "f0:00:00:01:02:04 172.16.1.2"
509afdc3
GS		 2890
2891# Create two hypervisor and create OVS ports corresponding to logical ports.
2892net_add n1
2893
2894sim_add hv1
2895as hv1
2896ovs-vsctl add-br br-phys
2897ovn_attach n1 br-phys 192.168.0.1
2898ovs-vsctl -- add-port br-int hv1-vif1 -- \
2899 set interface hv1-vif1 external-ids:iface-id=ls1-lp1 \
2900 options:tx_pcap=hv1/vif1-tx.pcap \
2901 options:rxq_pcap=hv1/vif1-rx.pcap \
2902 ofport-request=1
2903
2904sim_add hv2
2905as hv2
2906ovs-vsctl add-br br-phys
2907ovn_attach n1 br-phys 192.168.0.2
2908ovs-vsctl -- add-port br-int hv2-vif1 -- \
2909 set interface hv2-vif1 external-ids:iface-id=ls2-lp1 \
2910 options:tx_pcap=hv2/vif1-tx.pcap \
2911 options:rxq_pcap=hv2/vif1-rx.pcap \
2912 ofport-request=1
2913
2914
2915# Pre-populate the hypervisors' ARP tables so that we don't lose any
2916# packets for ARP resolution (native tunneling doesn't queue packets
2917# for ARP resolution).
2918ovn_populate_arp
2919
2920# Allow some time for ovn-northd and ovn-controller to catch up.
2921# XXX This should be more systematic.
2922sleep 1
2923
2924# Send ip packets between the two ports.
2925ip_to_hex() {
2926 printf "%02x%02x%02x%02x" "$@"
2927}
509afdc3
GS		 2928
2929# Packet to send.
2930src_mac="f00000010203"
2931dst_mac="000000010203"
2932src_ip=`ip_to_hex 192 168 1 2`
2933dst_ip=`ip_to_hex 172 16 1 2`
2934packet=${dst_mac}${src_mac}08004500001c0000000040110000${src_ip}${dst_ip}0035111100080000
2935as hv1 ovs-appctl netdev-dummy/receive hv1-vif1 $packet
2936
2937
2938echo "---------NB dump-----"
2939ovn-nbctl show
2940echo "---------------------"
2941ovn-nbctl list logical_router
2942echo "---------------------"
2943ovn-nbctl list logical_router_port
2944echo "---------------------"
2945
2946echo "---------SB dump-----"
2947ovn-sbctl list datapath_binding
2948echo "---------------------"
2949ovn-sbctl list port_binding
2950echo "---------------------"
2951
2952echo "------ hv1 dump ----------"
8dab1022 2953as hv1 ovs-ofctl show br-int
509afdc3
GS		 2954as hv1 ovs-ofctl dump-flows br-int
2955echo "------ hv2 dump ----------"
8dab1022 2956as hv2 ovs-ofctl show br-int
509afdc3
GS		 2957as hv2 ovs-ofctl dump-flows br-int
2958
2959# Packet to Expect
2960src_mac="000000010204"
2961dst_mac="f00000010204"
49d7c759 2962echo "${dst_mac}${src_mac}08004500001c000000003e110200${src_ip}${dst_ip}0035111100080000" > expected
509afdc3 2963
49d7c759 2964OVN_CHECK_PACKETS([hv2/vif1-tx.pcap], [expected])
509afdc3 2965
7a8f15e0 2966OVN_CLEANUP([hv1],[hv2])
509afdc3
GS		 2967
2968AT_CLEANUP
5412db30
J		 2969
2970
4685e523
JP		 2971AT_SETUP([ovn -- 1 HV, 1 LS, 2 lport/LS, 1 LR])
2972AT_KEYWORDS([router-admin-state])
2973AT_SKIP_IF([test $HAVE_PYTHON = no])
2974ovn_start
2975
2976# Logical network:
2977# One LR - R1 has switch ls1 with two subnets attached to it (191.168.1.0/24
2978# and 172.16.1.0/24) connected to it.
2979
2980ovn-nbctl lr-add R1
2981
2982ovn-nbctl ls-add ls1
2983
2984# Connect ls1 to R1
bf44c2cd 2985ovn-nbctl lrp-add R1 ls1 00:00:00:01:02:03 192.168.1.1/24 172.16.1.1/24
4685e523
JP		 2986ovn-nbctl lsp-add ls1 rp-ls1 -- set Logical_Switch_Port rp-ls1 type=router \
2987 options:router-port=ls1 addresses=\"00:00:00:01:02:03\"
2988
2989# Create logical port ls1-lp1 in ls1
2990ovn-nbctl lsp-add ls1 ls1-lp1 \
2991 -- lsp-set-addresses ls1-lp1 "f0:00:00:01:02:03 192.168.1.2"
2992
2993# Create logical port ls1-lp2 in ls1
2994ovn-nbctl lsp-add ls1 ls1-lp2 \
2995 -- lsp-set-addresses ls1-lp2 "f0:00:00:01:02:04 172.16.1.2"
2996
2997# Create one hypervisor and create OVS ports corresponding to logical ports.
2998net_add n1
2999
3000sim_add hv1
3001as hv1
3002ovs-vsctl add-br br-phys
3003ovn_attach n1 br-phys 192.168.0.1
3004ovs-vsctl -- add-port br-int vif1 -- \
3005 set interface vif1 external-ids:iface-id=ls1-lp1 \
3006 options:tx_pcap=hv1/vif1-tx.pcap \
3007 options:rxq_pcap=hv1/vif1-rx.pcap \
3008 ofport-request=1
3009
3010ovs-vsctl -- add-port br-int vif2 -- \
3011 set interface vif2 external-ids:iface-id=ls1-lp2 \
3012 options:tx_pcap=hv1/vif2-tx.pcap \
3013 options:rxq_pcap=hv1/vif2-rx.pcap \
3014 ofport-request=1
3015
3016
3017# Allow some time for ovn-northd and ovn-controller to catch up.
3018# XXX This should be more systematic.
3019sleep 1
3020
3021# Send ip packets between the two ports.
3022ip_to_hex() {
3023 printf "%02x%02x%02x%02x" "$@"
3024}
4685e523
JP		 3025
3026# Packet to send.
3027src_mac="f00000010203"
3028dst_mac="000000010203"
3029src_ip=`ip_to_hex 192 168 1 2`
3030dst_ip=`ip_to_hex 172 16 1 2`
3031packet=${dst_mac}${src_mac}08004500001c0000000040110000${src_ip}${dst_ip}0035111100080000
3032as hv1 ovs-appctl netdev-dummy/receive vif1 $packet
3033
3034
3035echo "---------NB dump-----"
3036ovn-nbctl show
3037echo "---------------------"
3038ovn-nbctl list logical_router
3039echo "---------------------"
3040ovn-nbctl list logical_router_port
3041echo "---------------------"
3042
3043echo "---------SB dump-----"
3044ovn-sbctl list datapath_binding
3045echo "---------------------"
3046ovn-sbctl list logical_flow
3047echo "---------------------"
3048
3049echo "------ hv1 dump ----------"
3050as hv1 ovs-ofctl dump-flows br-int
3051
3052
3053#Disable router R1
3054ovn-nbctl set Logical_Router R1 enabled=false
3055
3b8cd0ea
BP		 3056# Allow some time for ovn-northd and ovn-controller to catch up.
3057# XXX This should be more systematic.
3058sleep 1
3059
4685e523
JP		 3060echo "---------SB dump-----"
3061ovn-sbctl list datapath_binding
3062echo "---------------------"
3063ovn-sbctl list logical_flow
3064echo "---------------------"
3065
3066echo "------ hv1 dump ----------"
3067as hv1 ovs-ofctl dump-flows br-int
3068
3069as hv1 ovs-appctl netdev-dummy/receive vif1 $packet
3070
3071# Packet to Expect
3072expect_src_mac="000000010203"
3073expect_dst_mac="f00000010204"
49d7c759 3074echo "${expect_dst_mac}${expect_src_mac}08004500001c000000003f110100${src_ip}${dst_ip}0035111100080000" > expected
4685e523 3075
49d7c759 3076OVN_CHECK_PACKETS([hv1/vif2-tx.pcap], [expected])
4685e523
JP		 3077
3078
3079as hv1
3080OVS_APP_EXIT_AND_WAIT([ovn-controller])
3081OVS_APP_EXIT_AND_WAIT([ovs-vswitchd])
3082OVS_APP_EXIT_AND_WAIT([ovsdb-server])
3083
3084as ovn-sb
3085OVS_APP_EXIT_AND_WAIT([ovsdb-server])
3086
3087as ovn-nb
3088OVS_APP_EXIT_AND_WAIT([ovsdb-server])
3089
3090as northd
3091OVS_APP_EXIT_AND_WAIT([ovn-northd])
3092
3093as main
3094OVS_APP_EXIT_AND_WAIT([ovs-vswitchd])
3095OVS_APP_EXIT_AND_WAIT([ovsdb-server])
3096
3097AT_CLEANUP
3098
3099
3100AT_SETUP([ovn -- 1 HV, 2 LSs, 1 lport/LS, 1 LR])
5412db30
J		 3101AT_KEYWORDS([router-admin-state])
3102AT_SKIP_IF([test $HAVE_PYTHON = no])
3103ovn_start
3104
3105# Logical network:
3106# One LR - R1 has switch ls1 (191.168.1.0/24) connected to it,
3107# and has switch ls2 (172.16.1.0/24) connected to it.
3108
fa2a27b2 3109ovn-nbctl lr-add R1
5412db30 3110
ea46a4e9
JP		 3111ovn-nbctl ls-add ls1
3112ovn-nbctl ls-add ls2
5412db30
J		 3113
3114# Connect ls1 to R1
bf44c2cd 3115ovn-nbctl lrp-add R1 ls1 00:00:00:01:02:03 192.168.1.1/24
31ed1192 3116ovn-nbctl lsp-add ls1 rp-ls1 -- set Logical_Switch_Port rp-ls1 type=router \
31114af7 3117 options:router-port=ls1 addresses=\"00:00:00:01:02:03\"
5412db30
J		 3118
3119# Connect ls2 to R1
bf44c2cd 3120ovn-nbctl lrp-add R1 ls2 00:00:00:01:02:04 172.16.1.1/24
31ed1192 3121ovn-nbctl lsp-add ls2 rp-ls2 -- set Logical_Switch_Port rp-ls2 type=router \
31114af7 3122 options:router-port=ls2 addresses=\"00:00:00:01:02:04\"
5412db30
J		 3123
3124# Create logical port ls1-lp1 in ls1
31ed1192
JP		 3125ovn-nbctl lsp-add ls1 ls1-lp1 \
3126-- lsp-set-addresses ls1-lp1 "f0:00:00:01:02:03 192.168.1.2"
5412db30
J		 3127
3128# Create logical port ls2-lp1 in ls2
31ed1192
JP		 3129ovn-nbctl lsp-add ls2 ls2-lp1 \
3130-- lsp-set-addresses ls2-lp1 "f0:00:00:01:02:04 172.16.1.2"
5412db30
J		 3131
3132# Create one hypervisor and create OVS ports corresponding to logical ports.
3133net_add n1
3134
3135sim_add hv1
3136as hv1
3137ovs-vsctl add-br br-phys
3138ovn_attach n1 br-phys 192.168.0.1
3139ovs-vsctl -- add-port br-int vif1 -- \
3140 set interface vif1 external-ids:iface-id=ls1-lp1 \
3141 options:tx_pcap=hv1/vif1-tx.pcap \
3142 options:rxq_pcap=hv1/vif1-rx.pcap \
3143 ofport-request=1
3144
3145ovs-vsctl -- add-port br-int vif2 -- \
3146 set interface vif2 external-ids:iface-id=ls2-lp1 \
3147 options:tx_pcap=hv1/vif2-tx.pcap \
3148 options:rxq_pcap=hv1/vif2-rx.pcap \
3149 ofport-request=1
3150
3151
3152# Allow some time for ovn-northd and ovn-controller to catch up.
3153# XXX This should be more systematic.
3154sleep 1
3155
3156# Send ip packets between the two ports.
3157ip_to_hex() {
3158 printf "%02x%02x%02x%02x" "$@"
3159}
5412db30
J		 3160
3161# Packet to send.
3162src_mac="f00000010203"
3163dst_mac="000000010203"
3164src_ip=`ip_to_hex 192 168 1 2`
3165dst_ip=`ip_to_hex 172 16 1 2`
3166packet=${dst_mac}${src_mac}08004500001c0000000040110000${src_ip}${dst_ip}0035111100080000
3167as hv1 ovs-appctl netdev-dummy/receive vif1 $packet
3168
3169
3170echo "---------NB dump-----"
3171ovn-nbctl show
3172echo "---------------------"
3173ovn-nbctl list logical_router
3174echo "---------------------"
3175ovn-nbctl list logical_router_port
3176echo "---------------------"
3177
3178echo "---------SB dump-----"
3179ovn-sbctl list datapath_binding
3180echo "---------------------"
3181ovn-sbctl list logical_flow
3182echo "---------------------"
3183
3184echo "------ hv1 dump ----------"
3185as hv1 ovs-ofctl dump-flows br-int
3186
5412db30
J		 3187#Disable router R1
3188ovn-nbctl set Logical_Router R1 enabled=false
3189
3190echo "---------SB dump-----"
3191ovn-sbctl list datapath_binding
3192echo "---------------------"
3193ovn-sbctl list logical_flow
3194echo "---------------------"
3195
3196echo "------ hv1 dump ----------"
3197as hv1 ovs-ofctl dump-flows br-int
3198
a1361a6e
LR		 3199# Allow some time for the disabling of logical router R1 to propagate.
3200# XXX This should be more systematic.
3201sleep 1
3202
5412db30
J		 3203as hv1 ovs-appctl netdev-dummy/receive vif1 $packet
3204
3205# Packet to Expect
3206expect_src_mac="000000010204"
3207expect_dst_mac="f00000010204"
49d7c759 3208echo "${expect_dst_mac}${expect_src_mac}08004500001c000000003f110100${src_ip}${dst_ip}0035111100080000" > expected
5412db30 3209
49d7c759 3210OVN_CHECK_PACKETS([hv1/vif2-tx.pcap], [expected])
5412db30 3211
7a8f15e0 3212OVN_CLEANUP([hv1])
5412db30
J		 3213
3214AT_CLEANUP
3215
28dc3fe9 3216AT_SETUP([ovn -- 2 HVs, 3 LS, 1 lport/LS, 2 peer LRs, static routes])
28dc3fe9
SR		 3217AT_SKIP_IF([test $HAVE_PYTHON = no])
3218ovn_start
3219
3220# Logical network:
3221# Two LRs - R1 and R2 that are connected to each other as peers in 20.0.0.0/24
3222# network. R1 has switchess foo (192.168.1.0/24)
3223# connected to it.
3224# R2 has alice (172.16.1.0/24) and bob (172.16.2.0/24) connected to it.
3225
fa2a27b2
JP		 3226ovn-nbctl lr-add R1
3227ovn-nbctl lr-add R2
28dc3fe9 3228
ea46a4e9
JP		 3229ovn-nbctl ls-add foo
3230ovn-nbctl ls-add alice
3231ovn-nbctl ls-add bob
28dc3fe9
SR		 3232
3233# Connect foo to R1
bf44c2cd 3234ovn-nbctl lrp-add R1 foo 00:00:00:01:02:03 192.168.1.1/24
31ed1192 3235ovn-nbctl lsp-add foo rp-foo -- set Logical_Switch_Port rp-foo type=router \
31114af7 3236 options:router-port=foo addresses=\"00:00:00:01:02:03\"
28dc3fe9
SR		 3237
3238# Connect alice to R2
bf44c2cd 3239ovn-nbctl lrp-add R2 alice 00:00:00:01:02:04 172.16.1.1/24
31ed1192 3240ovn-nbctl lsp-add alice rp-alice -- set Logical_Switch_Port rp-alice \
80f408f4 3241 type=router options:router-port=alice addresses=\"00:00:00:01:02:04\"
28dc3fe9
SR		 3242
3243# Connect bob to R2
bf44c2cd 3244ovn-nbctl lrp-add R2 bob 00:00:00:01:02:05 172.16.2.1/24
31ed1192 3245ovn-nbctl lsp-add bob rp-bob -- set Logical_Switch_Port rp-bob type=router \
31114af7 3246 options:router-port=bob addresses=\"00:00:00:01:02:05\"
28dc3fe9
SR		 3247
3248# Connect R1 to R2
4685e523
JP		 3249ovn-nbctl lrp-add R1 R1_R2 00:00:00:02:03:04 20.0.0.1/24 peer=R2_R1
3250ovn-nbctl lrp-add R2 R2_R1 00:00:00:02:03:05 20.0.0.2/24 peer=R1_R2
28dc3fe9
SR		 3251
3252#install static routes
e48ccf3c
JP		 3253ovn-nbctl lr-route-add R1 172.16.1.0/24 20.0.0.2
3254ovn-nbctl lr-route-add R2 172.16.2.0/24 20.0.0.2 R1_R2
3255ovn-nbctl lr-route-add R2 192.168.1.0/24 20.0.0.1
28dc3fe9
SR		 3256
3257# Create logical port foo1 in foo
31ed1192
JP		 3258ovn-nbctl lsp-add foo foo1 \
3259-- lsp-set-addresses foo1 "f0:00:00:01:02:03 192.168.1.2"
28dc3fe9
SR		 3260
3261# Create logical port alice1 in alice
31ed1192
JP		 3262ovn-nbctl lsp-add alice alice1 \
3263-- lsp-set-addresses alice1 "f0:00:00:01:02:04 172.16.1.2"
28dc3fe9
SR		 3264
3265# Create logical port bob1 in bob
31ed1192
JP		 3266ovn-nbctl lsp-add bob bob1 \
3267-- lsp-set-addresses bob1 "f0:00:00:01:02:05 172.16.2.2"
28dc3fe9
SR		 3268
3269# Create two hypervisor and create OVS ports corresponding to logical ports.
3270net_add n1
3271
3272sim_add hv1
3273as hv1
3274ovs-vsctl add-br br-phys
3275ovn_attach n1 br-phys 192.168.0.1
3276ovs-vsctl -- add-port br-int hv1-vif1 -- \
3277 set interface hv1-vif1 external-ids:iface-id=foo1 \
3278 options:tx_pcap=hv1/vif1-tx.pcap \
3279 options:rxq_pcap=hv1/vif1-rx.pcap \
3280 ofport-request=1
3281
3282ovs-vsctl -- add-port br-int hv1-vif2 -- \
3283 set interface hv1-vif2 external-ids:iface-id=alice1 \
3284 options:tx_pcap=hv1/vif2-tx.pcap \
3285 options:rxq_pcap=hv1/vif2-rx.pcap \
3286 ofport-request=2
3287
3288sim_add hv2
3289as hv2
3290ovs-vsctl add-br br-phys
3291ovn_attach n1 br-phys 192.168.0.2
3292ovs-vsctl -- add-port br-int hv2-vif1 -- \
3293 set interface hv2-vif1 external-ids:iface-id=bob1 \
3294 options:tx_pcap=hv2/vif1-tx.pcap \
3295 options:rxq_pcap=hv2/vif1-rx.pcap \
3296 ofport-request=1
3297
3298
3299# Pre-populate the hypervisors' ARP tables so that we don't lose any
3300# packets for ARP resolution (native tunneling doesn't queue packets
3301# for ARP resolution).
3302ovn_populate_arp
3303
3304# Allow some time for ovn-northd and ovn-controller to catch up.
3305# XXX This should be more systematic.
3306sleep 1
3307
3308ip_to_hex() {
3309 printf "%02x%02x%02x%02x" "$@"
3310}
28dc3fe9
SR		 3311
3312# Send ip packets between foo1 and alice1
3313src_mac="f00000010203"
3314dst_mac="000000010203"
3315src_ip=`ip_to_hex 192 168 1 2`
3316dst_ip=`ip_to_hex 172 16 1 2`
3317packet=${dst_mac}${src_mac}08004500001c0000000040110000${src_ip}${dst_ip}0035111100080000
3318as hv1 ovs-appctl netdev-dummy/receive hv1-vif1 $packet
3319
3320# Send ip packets between foo1 and bob1
3321src_mac="f00000010203"
3322dst_mac="000000010203"
3323src_ip=`ip_to_hex 192 168 1 2`
3324dst_ip=`ip_to_hex 172 16 2 2`
3325packet=${dst_mac}${src_mac}08004500001c0000000040110000${src_ip}${dst_ip}0035111100080000
3326as hv1 ovs-appctl netdev-dummy/receive hv1-vif1 $packet
3327
3328echo "---------NB dump-----"
3329ovn-nbctl show
3330echo "---------------------"
3331ovn-nbctl list logical_router
3332echo "---------------------"
3333ovn-nbctl list logical_router_port
3334echo "---------------------"
3335
3336echo "---------SB dump-----"
3337ovn-sbctl list datapath_binding
3338echo "---------------------"
3339ovn-sbctl list port_binding
3340echo "---------------------"
3341
3342echo "------ hv1 dump ----------"
3343as hv1 ovs-ofctl dump-flows br-int
3344echo "------ hv2 dump ----------"
3345as hv2 ovs-ofctl dump-flows br-int
3346
3347# Packet to Expect at bob1
3348src_mac="000000010205"
3349dst_mac="f00000010205"
3350src_ip=`ip_to_hex 192 168 1 2`
3351dst_ip=`ip_to_hex 172 16 2 2`
49d7c759 3352echo "${dst_mac}${src_mac}08004500001c000000003e110200${src_ip}${dst_ip}0035111100080000" > expected
28dc3fe9 3353
49d7c759 3354OVN_CHECK_PACKETS([hv2/vif1-tx.pcap], [expected])
28dc3fe9
SR		 3355
3356# Packet to Expect at alice1
3357src_mac="000000010204"
3358dst_mac="f00000010204"
3359src_ip=`ip_to_hex 192 168 1 2`
3360dst_ip=`ip_to_hex 172 16 1 2`
49d7c759 3361echo "${dst_mac}${src_mac}08004500001c000000003e110200${src_ip}${dst_ip}0035111100080000" > expected
28dc3fe9 3362
49d7c759 3363OVN_CHECK_PACKETS([hv1/vif2-tx.pcap], [expected])
28dc3fe9 3364
7a8f15e0 3365OVN_CLEANUP([hv1],[hv2])
28dc3fe9
SR		 3366
3367AT_CLEANUP
5412db30 3368
0ee8aaf6 3369AT_SETUP([ovn -- send gratuitous arp on localnet])
d08dbed7 3370AT_SKIP_IF([test $HAVE_PYTHON = no])
0ee8aaf6 3371ovn_start
ea46a4e9 3372ovn-nbctl ls-add lsw0
0ee8aaf6
RR		 3373net_add n1
3374sim_add hv
3375as hv
3376ovs-vsctl \
3377 -- add-br br-phys \
3378 -- add-br br-eth0
3379
3380ovn_attach n1 br-phys 192.168.0.1
3381
3382AT_CHECK([ovs-vsctl set Open_vSwitch . external-ids:ovn-bridge-mappings=physnet1:br-eth0])
3383AT_CHECK([ovs-vsctl add-port br-eth0 snoopvif -- set Interface snoopvif options:tx_pcap=hv/snoopvif-tx.pcap options:rxq_pcap=hv/snoopvif-rx.pcap])
3384
3385# Create a vif.
31ed1192
JP		 3386AT_CHECK([ovn-nbctl lsp-add lsw0 localvif1])
3387AT_CHECK([ovn-nbctl lsp-set-addresses localvif1 "f0:00:00:00:00:01 192.168.1.2"])
3388AT_CHECK([ovn-nbctl lsp-set-port-security localvif1 "f0:00:00:00:00:01"])
0ee8aaf6
RR		 3389
3390# Create a localnet port.
31ed1192
JP		 3391AT_CHECK([ovn-nbctl lsp-add lsw0 ln_port])
3392AT_CHECK([ovn-nbctl lsp-set-addresses ln_port unknown])
3393AT_CHECK([ovn-nbctl lsp-set-type ln_port localnet])
3394AT_CHECK([ovn-nbctl lsp-set-options ln_port network_name=physnet1])
0ee8aaf6
RR		 3395
3396AT_CHECK([ovs-vsctl add-port br-int localvif1 -- set Interface localvif1 external_ids:iface-id=localvif1])
3397
3398# Wait for packet to be received.
49d7c759
BP		 3399echo "fffffffffffff0000000000108060001080006040001f00000000001c0a80102000000000000c0a80102" > expected
3400OVN_CHECK_PACKETS([hv/snoopvif-tx.pcap], [expected])
0ee8aaf6
RR		 3401
3402# Delete the localnet ports.
3403AT_CHECK([ovs-vsctl del-port localvif1])
31ed1192 3404AT_CHECK([ovn-nbctl lsp-del ln_port])
0ee8aaf6 3405
7a8f15e0 3406OVN_CLEANUP([hv])
0ee8aaf6
RR		 3407
3408AT_CLEANUP
75cf9d2b
GS		 3409
3410AT_SETUP([ovn -- 2 HVs, 3 LRs connected via LS, static routes])
75cf9d2b
GS		 3411AT_SKIP_IF([test $HAVE_PYTHON = no])
3412ovn_start
3413
3414# Logical network:
3415# Three LRs - R1, R2 and R3 that are connected to each other via LS "join"
3416# in 20.0.0.0/24 network. R1 has switchess foo (192.168.1.0/24)
3417# connected to it. R2 has alice (172.16.1.0/24) and R3 has bob (10.32.1.0/24)
3418# connected to it.
3419
fa2a27b2
JP		 3420ovn-nbctl lr-add R1
3421ovn-nbctl lr-add R2
3422ovn-nbctl lr-add R3
75cf9d2b 3423
ea46a4e9
JP		 3424ovn-nbctl ls-add foo
3425ovn-nbctl ls-add alice
3426ovn-nbctl ls-add bob
3427ovn-nbctl ls-add join
75cf9d2b
GS		 3428
3429# Connect foo to R1
31114af7 3430ovn-nbctl lrp-add R1 foo 00:00:01:01:02:03 192.168.1.1/24
31ed1192 3431ovn-nbctl lsp-add foo rp-foo -- set Logical_Switch_Port rp-foo type=router \
31114af7 3432 options:router-port=foo addresses=\"00:00:01:01:02:03\"
75cf9d2b
GS		 3433
3434# Connect alice to R2
31114af7 3435ovn-nbctl lrp-add R2 alice 00:00:02:01:02:03 172.16.1.1/24
31ed1192 3436ovn-nbctl lsp-add alice rp-alice -- set Logical_Switch_Port rp-alice \
80f408f4 3437 type=router options:router-port=alice addresses=\"00:00:02:01:02:03\"
75cf9d2b
GS		 3438
3439# Connect bob to R3
31114af7 3440ovn-nbctl lrp-add R3 bob 00:00:03:01:02:03 10.32.1.1/24
31ed1192 3441ovn-nbctl lsp-add bob rp-bob -- set Logical_Switch_Port rp-bob \
80f408f4 3442 type=router options:router-port=bob addresses=\"00:00:03:01:02:03\"
75cf9d2b
GS		 3443
3444# Connect R1 to join
31114af7 3445ovn-nbctl lrp-add R1 R1_join 00:00:04:01:02:03 20.0.0.1/24
31ed1192 3446ovn-nbctl lsp-add join r1-join -- set Logical_Switch_Port r1-join \
80f408f4 3447 type=router options:router-port=R1_join addresses='"00:00:04:01:02:03"'
75cf9d2b
GS		 3448
3449# Connect R2 to join
31114af7 3450ovn-nbctl lrp-add R2 R2_join 00:00:04:01:02:04 20.0.0.2/24
31ed1192 3451ovn-nbctl lsp-add join r2-join -- set Logical_Switch_Port r2-join \
80f408f4 3452 type=router options:router-port=R2_join addresses='"00:00:04:01:02:04"'
75cf9d2b
GS		 3453
3454# Connect R3 to join
31114af7 3455ovn-nbctl lrp-add R3 R3_join 00:00:04:01:02:05 20.0.0.3/24
31ed1192 3456ovn-nbctl lsp-add join r3-join -- set Logical_Switch_Port r3-join \
80f408f4 3457 type=router options:router-port=R3_join addresses='"00:00:04:01:02:05"'
75cf9d2b
GS		 3458
3459#install static routes
e48ccf3c
JP		 3460ovn-nbctl lr-route-add R1 172.16.1.0/24 20.0.0.2
3461ovn-nbctl lr-route-add R1 10.32.1.0/24 20.0.0.3
75cf9d2b 3462
e48ccf3c
JP		 3463ovn-nbctl lr-route-add R2 192.168.1.0/24 20.0.0.1
3464ovn-nbctl lr-route-add R2 10.32.1.0/24 20.0.0.3
75cf9d2b 3465
e48ccf3c
JP		 3466ovn-nbctl lr-route-add R3 192.168.1.0/24 20.0.0.1
3467ovn-nbctl lr-route-add R3 172.16.1.0/24 20.0.0.2
75cf9d2b
GS		 3468
3469# Create logical port foo1 in foo
31ed1192
JP		 3470ovn-nbctl lsp-add foo foo1 \
3471-- lsp-set-addresses foo1 "f0:00:00:01:02:03 192.168.1.2"
75cf9d2b
GS		 3472
3473# Create logical port alice1 in alice
31ed1192
JP		 3474ovn-nbctl lsp-add alice alice1 \
3475-- lsp-set-addresses alice1 "f0:00:00:01:02:04 172.16.1.2"
75cf9d2b
GS		 3476
3477# Create logical port bob1 in bob
31ed1192
JP		 3478ovn-nbctl lsp-add bob bob1 \
3479-- lsp-set-addresses bob1 "f0:00:00:01:02:05 10.32.1.2"
75cf9d2b
GS		 3480
3481# Create two hypervisor and create OVS ports corresponding to logical ports.
3482net_add n1
3483
3484sim_add hv1
3485as hv1
3486ovs-vsctl add-br br-phys
3487ovn_attach n1 br-phys 192.168.0.1
3488ovs-vsctl -- add-port br-int hv1-vif1 -- \
3489 set interface hv1-vif1 external-ids:iface-id=foo1 \
3490 options:tx_pcap=hv1/vif1-tx.pcap \
3491 options:rxq_pcap=hv1/vif1-rx.pcap \
3492 ofport-request=1
3493
3494ovs-vsctl -- add-port br-int hv1-vif2 -- \
3495 set interface hv1-vif2 external-ids:iface-id=alice1 \
3496 options:tx_pcap=hv1/vif2-tx.pcap \
3497 options:rxq_pcap=hv1/vif2-rx.pcap \
3498 ofport-request=2
3499
3500sim_add hv2
3501as hv2
3502ovs-vsctl add-br br-phys
3503ovn_attach n1 br-phys 192.168.0.2
3504ovs-vsctl -- add-port br-int hv2-vif1 -- \
3505 set interface hv2-vif1 external-ids:iface-id=bob1 \
3506 options:tx_pcap=hv2/vif1-tx.pcap \
3507 options:rxq_pcap=hv2/vif1-rx.pcap \
3508 ofport-request=1
3509
3510
3511# Pre-populate the hypervisors' ARP tables so that we don't lose any
3512# packets for ARP resolution (native tunneling doesn't queue packets
3513# for ARP resolution).
3514ovn_populate_arp
3515
3516# Allow some time for ovn-northd and ovn-controller to catch up.
3517# XXX This should be more systematic.
3518sleep 1
3519
3520ip_to_hex() {
3521 printf "%02x%02x%02x%02x" "$@"
3522}
75cf9d2b
GS		 3523
3524# Send ip packets between foo1 and alice1
3525src_mac="f00000010203"
3526dst_mac="000001010203"
3527src_ip=`ip_to_hex 192 168 1 2`
3528dst_ip=`ip_to_hex 172 16 1 2`
3529packet=${dst_mac}${src_mac}08004500001c0000000040110000${src_ip}${dst_ip}0035111100080000
3530as hv1 ovs-appctl netdev-dummy/receive hv1-vif1 $packet
3531as hv1 ovs-appctl ofproto/trace br-int in_port=1 $packet
3532
3533# Send ip packets between foo1 and bob1
3534src_mac="f00000010203"
3535dst_mac="000001010203"
3536src_ip=`ip_to_hex 192 168 1 2`
3537dst_ip=`ip_to_hex 10 32 1 2`
3538packet=${dst_mac}${src_mac}08004500001c0000000040110000${src_ip}${dst_ip}0035111100080000
3539as hv1 ovs-appctl netdev-dummy/receive hv1-vif1 $packet
3540
3541echo "---------NB dump-----"
3542ovn-nbctl show
3543echo "---------------------"
3544ovn-nbctl list logical_router
3545echo "---------------------"
3546ovn-nbctl list logical_router_port
3547echo "---------------------"
3548
3549echo "---------SB dump-----"
3550ovn-sbctl list datapath_binding
3551echo "---------------------"
3552ovn-sbctl list port_binding
3553echo "---------------------"
3554ovn-sbctl dump-flows
3555echo "---------------------"
3556
3557echo "------ hv1 dump ----------"
3558as hv1 ovs-ofctl show br-int
3559as hv1 ovs-ofctl dump-flows br-int
3560echo "------ hv2 dump ----------"
3561as hv2 ovs-ofctl show br-int
3562as hv2 ovs-ofctl dump-flows br-int
3563echo "----------------------------"
3564
3565# Packet to Expect at bob1
3566src_mac="000003010203"
3567dst_mac="f00000010205"
3568src_ip=`ip_to_hex 192 168 1 2`
3569dst_ip=`ip_to_hex 10 32 1 2`
49d7c759 3570echo "${dst_mac}${src_mac}08004500001c000000003e110200${src_ip}${dst_ip}0035111100080000" > expected
75cf9d2b 3571
49d7c759 3572OVN_CHECK_PACKETS([hv2/vif1-tx.pcap], [expected])
75cf9d2b
GS		 3573
3574# Packet to Expect at alice1
3575src_mac="000002010203"
3576dst_mac="f00000010204"
3577src_ip=`ip_to_hex 192 168 1 2`
3578dst_ip=`ip_to_hex 172 16 1 2`
49d7c759 3579echo "${dst_mac}${src_mac}08004500001c000000003e110200${src_ip}${dst_ip}0035111100080000" > expected
75cf9d2b 3580
49d7c759 3581OVN_CHECK_PACKETS([hv1/vif2-tx.pcap], [expected])
75cf9d2b 3582
7a8f15e0 3583OVN_CLEANUP([hv1],[hv2])
75cf9d2b
GS		 3584
3585AT_CLEANUP
c1645003 3586
281977f7 3587AT_SETUP([ovn -- dhcpv4 : 1 HV, 2 LS, 2 LSPs/LS])
281977f7
NS		 3588AT_SKIP_IF([test $HAVE_PYTHON = no])
3589ovn_start
3590
3591ovn-nbctl ls-add ls1
3592
3593ovn-nbctl lsp-add ls1 ls1-lp1 \
3594-- lsp-set-addresses ls1-lp1 "f0:00:00:00:00:01 10.0.0.4"
3595
3596ovn-nbctl lsp-set-port-security ls1-lp1 "f0:00:00:00:00:01 10.0.0.4"
3597
3598ovn-nbctl lsp-add ls1 ls1-lp2 \
3599-- lsp-set-addresses ls1-lp2 "f0:00:00:00:00:02 10.0.0.6 20.0.0.4"
3600
3601ovn-nbctl lsp-set-port-security ls1-lp2 "f0:00:00:00:00:02 10.0.0.6 20.0.0.4"
3602
3603ovn-nbctl ls-add ls2
3604ovn-nbctl lsp-add ls2 ls2-lp1 \
3605-- lsp-set-addresses ls2-lp1 "f0:00:00:00:00:03 30.0.0.6 40.0.0.4"
3606ovn-nbctl lsp-set-port-security ls2-lp1 "f0:00:00:00:00:03 30.0.0.6 40.0.0.4"
3607ovn-nbctl lsp-add ls2 ls2-lp2 \
3608-- lsp-set-addresses ls2-lp2 "f0:00:00:00:00:04 30.0.0.7"
3609ovn-nbctl lsp-set-port-security ls2-lp2 "f0:00:00:00:00:04 30.0.0.7"
3610
3611ovn-nbctl -- --id=@d1 create DHCP_Options cidr=10.0.0.0/24 \
3612options="\"server_id\"=\"10.0.0.1\" \"server_mac\"=\"ff:10:00:00:00:01\" \
3613\"lease_time\"=\"3600\" \"router\"=\"10.0.0.1\"" \
3614-- add Logical_Switch_Port ls1-lp1 dhcpv4_options @d1 \
3615-- add Logical_Switch_Port ls1-lp2 dhcpv4_options @d1
3616
3617ovn-nbctl -- --id=@d2 create DHCP_Options cidr=30.0.0.0/24 \
3618options="\"server_id\"=\"30.0.0.1\" \"server_mac\"=\"ff:10:00:00:00:02\" \
3619\"lease_time\"=\"3600\"" -- add Logical_Switch_Port ls2-lp2 dhcpv4_options @d2
3620
3621net_add n1
3622sim_add hv1
3623
3624as hv1
3625ovs-vsctl add-br br-phys
3626ovn_attach n1 br-phys 192.168.0.1
3627ovs-vsctl -- add-port br-int hv1-vif1 -- \
3628 set interface hv1-vif1 external-ids:iface-id=ls1-lp1 \
3629 options:tx_pcap=hv1/vif1-tx.pcap \
3630 options:rxq_pcap=hv1/vif1-rx.pcap \
3631 ofport-request=1
3632
3633ovs-vsctl -- add-port br-int hv1-vif2 -- \
3634 set interface hv1-vif2 external-ids:iface-id=ls1-lp2 \
3635 options:tx_pcap=hv1/vif2-tx.pcap \
3636 options:rxq_pcap=hv1/vif2-rx.pcap \
3637 ofport-request=2
3638
3639ovs-vsctl -- add-port br-int hv1-vif3 -- \
3640 set interface hv1-vif3 external-ids:iface-id=ls2-lp1 \
3641 options:tx_pcap=hv1/vif3-tx.pcap \
3642 options:rxq_pcap=hv1/vif3-rx.pcap \
3643 ofport-request=3
3644
3645ovs-vsctl -- add-port br-int hv1-vif4 -- \
3646 set interface hv1-vif4 external-ids:iface-id=ls2-lp2 \
3647 options:tx_pcap=hv1/vif4-tx.pcap \
3648 options:rxq_pcap=hv1/vif4-rx.pcap \
3649 ofport-request=4
3650
3651ovn_populate_arp
3652
3653sleep 2
3654
3655as hv1 ovs-vsctl show
3656
281977f7
NS		 3657# This shell function sends a DHCP request packet
3658# test_dhcp INPORT SRC_MAC DHCP_TYPE OFFER_IP ...
3659test_dhcp() {
3660 local inport=$1 src_mac=$2 dhcp_type=$3 offer_ip=$4
3661 local request=ffffffffffff${src_mac}080045100110000000008011000000000000ffffffff
3662 # udp header and dhcp header
ab187e7e
BP		 3663 request=${request}0044004300fc0000
3664 request=${request}010106006359aa760000000000000000000000000000000000000000${src_mac}
281977f7 3665 # client hardware padding
ab187e7e 3666 request=${request}00000000000000000000
281977f7 3667 # server hostname
ab187e7e
BP		 3668 request=${request}0000000000000000000000000000000000000000000000000000000000000000
3669 request=${request}0000000000000000000000000000000000000000000000000000000000000000
281977f7 3670 # boot file name
ab187e7e
BP		 3671 request=${request}0000000000000000000000000000000000000000000000000000000000000000
3672 request=${request}0000000000000000000000000000000000000000000000000000000000000000
3673 request=${request}0000000000000000000000000000000000000000000000000000000000000000
3674 request=${request}0000000000000000000000000000000000000000000000000000000000000000
281977f7 3675 # dhcp magic cookie
ab187e7e 3676 request=${request}63825363
281977f7 3677 # dhcp message type
ab187e7e 3678 request=${request}3501${dhcp_type}ff
281977f7
NS		 3679
3680 if test $offer_ip != 0; then
3681 local srv_mac=$5 srv_ip=$6 expected_dhcp_opts=$7
3682 # total IP length will be the IP length of the request packet
3683 # (which is 272 in our case) + 8 (padding bytes) + (expected_dhcp_opts / 2)
3684 ip_len=`expr 280 + ${#expected_dhcp_opts} / 2`
3685 udp_len=`expr $ip_len - 20`
04d60f6e
YT		 3686 ip_len=$(printf "%x" $ip_len)
3687 udp_len=$(printf "%x" $udp_len)
281977f7
NS		 3688 # $ip_len var will be in 3 digits i.e 134. So adding a '0' before $ip_len
3689 local reply=${src_mac}${srv_mac}080045100${ip_len}000000008011XXXX${srv_ip}${offer_ip}
3690 # udp header and dhcp header.
3691 # $udp_len var will be in 3 digits. So adding a '0' before $udp_len
ab187e7e 3692 reply=${reply}004300440${udp_len}0000020106006359aa760000000000000000
281977f7 3693 # your ip address
ab187e7e 3694 reply=${reply}${offer_ip}
281977f7 3695 # next server ip address, relay agent ip address, client mac address
ab187e7e 3696 reply=${reply}0000000000000000${src_mac}
281977f7 3697 # client hardware padding
ab187e7e 3698 reply=${reply}00000000000000000000
281977f7 3699 # server hostname
ab187e7e
BP		 3700 reply=${reply}0000000000000000000000000000000000000000000000000000000000000000
3701 reply=${reply}0000000000000000000000000000000000000000000000000000000000000000
281977f7 3702 # boot file name
ab187e7e
BP		 3703 reply=${reply}0000000000000000000000000000000000000000000000000000000000000000
3704 reply=${reply}0000000000000000000000000000000000000000000000000000000000000000
3705 reply=${reply}0000000000000000000000000000000000000000000000000000000000000000
3706 reply=${reply}0000000000000000000000000000000000000000000000000000000000000000
281977f7 3707 # dhcp magic cookie
ab187e7e 3708 reply=${reply}63825363
281977f7
NS		 3709 # dhcp message type
3710 local dhcp_reply_type=02
3711 if test $dhcp_type = 03; then
3712 dhcp_reply_type=05
3713 fi
ab187e7e 3714 reply=${reply}3501${dhcp_reply_type}${expected_dhcp_opts}00000000ff00000000
281977f7
NS		 3715 echo $reply >> $inport.expected
3716 else
3717 shift; shift; shift; shift;
3718 for outport; do
e4543cfe 3719 echo $request >> $outport.expected
281977f7
NS		 3720 done
3721 fi
3722 as hv1 ovs-appctl netdev-dummy/receive hv1-vif$inport $request
3723}
3724
3725reset_pcap_file() {
3726 local iface=$1
3727 local pcap_file=$2
3728 ovs-vsctl -- set Interface $iface options:tx_pcap=dummy-tx.pcap \
3729options:rxq_pcap=dummy-rx.pcap
3730 rm -f ${pcap_file}*.pcap
3731 ovs-vsctl -- set Interface $iface options:tx_pcap=${pcap_file}-tx.pcap \
3732options:rxq_pcap=${pcap_file}-rx.pcap
3733}
3734
3735ip_to_hex() {
3736 printf "%02x%02x%02x%02x" "$@"
3737}
3738
3739AT_CAPTURE_FILE([ofctl_monitor0.log])
3740as hv1 ovs-ofctl monitor br-int resume --detach --no-chdir \
3741--pidfile=ovs-ofctl0.pid 2> ofctl_monitor0.log
3742
3743echo "---------NB dump-----"
3744ovn-nbctl show
3745echo "---------------------"
3746echo "---------SB dump-----"
3747ovn-sbctl list datapath_binding
3748echo "---------------------"
3749ovn-sbctl list logical_flow
3750echo "---------------------"
3751
3752echo "---------------------"
3753ovn-sbctl dump-flows
3754echo "---------------------"
3755
3756echo "------ hv1 dump ----------"
3757as hv1 ovs-ofctl dump-flows br-int
3758
3759# Send DHCPDISCOVER.
3760offer_ip=`ip_to_hex 10 0 0 4`
3761server_ip=`ip_to_hex 10 0 0 1`
7c76bf4e 3762expected_dhcp_opts=330400000e100104ffffff0003040a00000136040a000001
281977f7
NS		 3763test_dhcp 1 f00000000001 01 $offer_ip ff1000000001 $server_ip $expected_dhcp_opts
3764
3765# NXT_RESUMEs should be 1.
3766OVS_WAIT_UNTIL([test 1 = `cat ofctl_monitor*.log | grep -c NXT_RESUME`])
3767
3768$PYTHON "$top_srcdir/utilities/ovs-pcap.in" hv1/vif1-tx.pcap > 1.packets
3769cat 1.expected | cut -c -48 > expout
3770AT_CHECK([cat 1.packets | cut -c -48], [0], [expout])
3771# Skipping the IPv4 checksum.
3772cat 1.expected | cut -c 53- > expout
3773AT_CHECK([cat 1.packets | cut -c 53-], [0], [expout])
3774
3775# ovs-ofctl also resumes the packets and this causes other ports to receive
3776# the DHCP request packet. So reset the pcap files so that its easier to test.
3777reset_pcap_file hv1-vif1 hv1/vif1
3778reset_pcap_file hv1-vif2 hv1/vif2
3779rm -f 1.expected
3780rm -f 2.expected
3781
3782# Send DHCPREQUEST.
3783offer_ip=`ip_to_hex 10 0 0 6`
3784server_ip=`ip_to_hex 10 0 0 1`
7c76bf4e 3785expected_dhcp_opts=330400000e100104ffffff0003040a00000136040a000001
281977f7
NS		 3786test_dhcp 2 f00000000002 03 $offer_ip ff1000000001 $server_ip $expected_dhcp_opts
3787
3788# NXT_RESUMEs should be 2.
3789OVS_WAIT_UNTIL([test 2 = `cat ofctl_monitor*.log | grep -c NXT_RESUME`])
3790
3791$PYTHON "$top_srcdir/utilities/ovs-pcap.in" hv1/vif2-tx.pcap > 2.packets
3792cat 2.expected | cut -c -48 > expout
3793AT_CHECK([cat 2.packets | cut -c -48], [0], [expout])
3794# Skipping the IPv4 checksum.
3795cat 2.expected | cut -c 53- > expout
3796AT_CHECK([cat 2.packets | cut -c 53-], [0], [expout])
3797
3798reset_pcap_file hv1-vif1 hv1/vif1
3799reset_pcap_file hv1-vif2 hv1/vif2
3800rm -f 1.expected
3801rm -f 2.expected
3802
3803# Send Invalid DHCPv4 packet on ls1-lp2. It should be received by ovn-controller
3804# but should be resumed without the reply.
3805# ls1-lp1 (vif1-tx.pcap) should receive the DHCPv4 request packet twice,
3806# one from ovn-controller and the other from "ovs-ofctl resume."
3807offer_ip=0
3808test_dhcp 2 f00000000002 08 $offer_ip 1 1
3809
3810# NXT_RESUMEs should be 3.
3811OVS_WAIT_UNTIL([test 3 = `cat ofctl_monitor*.log | grep -c NXT_RESUME`])
3812
3813# vif1-tx.pcap should have received the DHCPv4 (invalid) request packet
49d7c759 3814OVN_CHECK_PACKETS([hv1/vif1-tx.pcap], [1.expected])
281977f7
NS		 3815
3816reset_pcap_file hv1-vif1 hv1/vif1
3817reset_pcap_file hv1-vif2 hv1/vif2
3818rm -f 1.expected
3819rm -f 2.expected
3820
3821# Send DHCPv4 packet on ls2-lp1. It doesn't have any DHCPv4 options defined.
3822# ls2-lp2 (vif4-tx.pcap) should receive the DHCPv4 request packet once.
3823
3824test_dhcp 3 f00000000003 01 0 4
3825
3826# Send DHCPv4 packet on ls2-lp2. "router" DHCPv4 option is not defined for
3827# this lport.
3828test_dhcp 4 f00000000004 01 0 3
3829
3830# NXT_RESUMEs should be 3.
3831OVS_WAIT_UNTIL([test 3 = `cat ofctl_monitor*.log | grep -c NXT_RESUME`])
3832
49d7c759
BP		 3833OVN_CHECK_PACKETS([hv1/vif3-tx.pcap], [3.expected])
3834OVN_CHECK_PACKETS([hv1/vif4-tx.pcap], [4.expected])
281977f7
NS		 3835
3836as hv1
33ac3c83
NS		 3837OVS_APP_EXIT_AND_WAIT([ovn-controller])
3838OVS_APP_EXIT_AND_WAIT([ovs-vswitchd])
3839OVS_APP_EXIT_AND_WAIT([ovsdb-server])
3840
3841as ovn-sb
3842OVS_APP_EXIT_AND_WAIT([ovsdb-server])
3843
3844as ovn-nb
3845OVS_APP_EXIT_AND_WAIT([ovsdb-server])
3846
3847as northd
3848OVS_APP_EXIT_AND_WAIT([ovn-northd])
3849
3850as main
3851OVS_APP_EXIT_AND_WAIT([ovs-vswitchd])
3852OVS_APP_EXIT_AND_WAIT([ovsdb-server])
3853
3854AT_CLEANUP
3855
40df4566 3856AT_SETUP([ovn -- dhcpv6 : 1 HV, 2 LS, 5 LSPs])
33ac3c83
NS		 3857AT_SKIP_IF([test $HAVE_PYTHON = no])
3858ovn_start
3859
3860ovn-nbctl ls-add ls1
3861ovn-nbctl lsp-add ls1 ls1-lp1 \
3862-- lsp-set-addresses ls1-lp1 "f0:00:00:00:00:01 10.0.0.4 ae70::4"
3863
3864ovn-nbctl lsp-set-port-security ls1-lp1 "f0:00:00:00:00:01 10.0.0.4 ae70::4"
3865
3866ovn-nbctl lsp-add ls1 ls1-lp2 \
3867-- lsp-set-addresses ls1-lp2 "f0:00:00:00:00:02 ae70::5"
3868
3869ovn-nbctl lsp-set-port-security ls1-lp2 "f0:00:00:00:00:02 ae70::5"
3870
40df4566
ZKL		 3871ovn-nbctl lsp-add ls1 ls1-lp3 \
3872-- lsp-set-addresses ls1-lp3 "f0:00:00:00:00:22 ae70::22"
3873
3874ovn-nbctl lsp-set-port-security ls1-lp3 "f0:00:00:00:00:22 ae70::22"
3875
33ac3c83
NS		 3876ovn-nbctl -- --id=@d1 create DHCP_Options cidr="ae70\:\:/64" \
3877options="\"server_id\"=\"00:00:00:10:00:01\"" \
3878-- add Logical_Switch_Port ls1-lp1 dhcpv6_options @d1 \
3879-- add Logical_Switch_Port ls1-lp2 dhcpv6_options @d1
3880
40df4566
ZKL		 3881ovn-nbctl -- --id=@d2 create DHCP_Options cidr="ae70\:\:/64" \
3882options="\"dhcpv6_stateless\"=\"true\" \"server_id\"=\"00:00:00:10:00:01\"" \
3883-- add Logical_Switch_Port ls1-lp3 dhcpv6_options @d2
3884
33ac3c83
NS		 3885ovn-nbctl ls-add ls2
3886ovn-nbctl lsp-add ls2 ls2-lp1 \
3887-- lsp-set-addresses ls2-lp1 "f0:00:00:00:00:03 be70::3"
3888ovn-nbctl lsp-set-port-security ls2-lp1 "f0:00:00:00:00:03 be70::3"
3889ovn-nbctl lsp-add ls2 ls2-lp2 \
3890-- lsp-set-addresses ls2-lp2 "f0:00:00:00:00:04 be70::4"
3891ovn-nbctl lsp-set-port-security ls2-lp2 "f0:00:00:00:00:04 be70::4"
3892
3893net_add n1
3894sim_add hv1
3895
3896as hv1
3897ovs-vsctl add-br br-phys
3898ovn_attach n1 br-phys 192.168.0.1
3899ovs-vsctl -- add-port br-int hv1-vif1 -- \
3900 set interface hv1-vif1 external-ids:iface-id=ls1-lp1 \
3901 options:tx_pcap=hv1/vif1-tx.pcap \
3902 options:rxq_pcap=hv1/vif1-rx.pcap \
3903 ofport-request=1
3904
3905ovs-vsctl -- add-port br-int hv1-vif2 -- \
3906 set interface hv1-vif2 external-ids:iface-id=ls1-lp2 \
3907 options:tx_pcap=hv1/vif2-tx.pcap \
3908 options:rxq_pcap=hv1/vif2-rx.pcap \
3909 ofport-request=2
3910
3911ovs-vsctl -- add-port br-int hv1-vif3 -- \
3912 set interface hv1-vif3 external-ids:iface-id=ls2-lp1 \
3913 options:tx_pcap=hv1/vif3-tx.pcap \
3914 options:rxq_pcap=hv1/vif3-rx.pcap \
3915 ofport-request=3
3916
3917ovs-vsctl -- add-port br-int hv1-vif4 -- \
3918 set interface hv1-vif4 external-ids:iface-id=ls2-lp2 \
3919 options:tx_pcap=hv1/vif4-tx.pcap \
3920 options:rxq_pcap=hv1/vif4-rx.pcap \
3921 ofport-request=4
3922
40df4566
ZKL		 3923ovs-vsctl -- add-port br-int hv1-vif5 -- \
3924 set interface hv1-vif5 external-ids:iface-id=ls1-lp3 \
3925 options:tx_pcap=hv1/vif5-tx.pcap \
3926 options:rxq_pcap=hv1/vif5-rx.pcap \
3927 ofport-request=5
3928
33ac3c83
NS		 3929ovn_populate_arp
3930
3931sleep 2
3932
3933trim_zeros() {
3934 sed 's/\(00\)\{1,\}$//'
3935}
3936
3937# This shell function sends a DHCPv6 request packet
40df4566
ZKL		 3938# test_dhcpv6 INPORT SRC_MAC SRC_LLA DHCPv6_MSG_TYPE OFFER_IP OUTPORT...
3939# The OUTPORTs (zero or more) list the VIFs on which the original DHCPv6
33ac3c83
NS		 3940# packet should be received twice (one from ovn-controller and the other
3941# from the "ovs-ofctl monitor br-int resume"
3942test_dhcpv6() {
3943 local inport=$1 src_mac=$2 src_lla=$3 msg_code=$4 offer_ip=$5
3944 local request=ffffffffffff${src_mac}86dd00000000002a1101${src_lla}
3945 # dst ip ff02::1:2
ab187e7e 3946 request=${request}ff020000000000000000000000010002
33ac3c83 3947 # udp header and dhcpv6 header
ab187e7e 3948 request=${request}02220223002affff${msg_code}010203
33ac3c83 3949 # Client identifier
ab187e7e 3950 request=${request}0001000a00030001${src_mac}
33ac3c83 3951 # IA-NA (Identity Association for Non Temporary Address)
ab187e7e 3952 request=${request}0003000c0102030400000e1000001518
33ac3c83
NS		 3953 shift; shift; shift; shift; shift;
3954 if test $offer_ip != 0; then
3955 local server_mac=000000100001
3956 local server_lla=fe80000000000000020000fffe100001
3957 local reply_code=07
3958 if test $msg_code = 01; then
3959 reply_code=02
3960 fi
40df4566
ZKL		 3961 local msg_len=54
3962 if test $offer_ip = 1; then
3963 msg_len=28
3964 fi
3965 local reply=${src_mac}${server_mac}86dd0000000000${msg_len}1101${server_lla}${src_lla}
33ac3c83 3966 # udp header and dhcpv6 header
ab187e7e 3967 reply=${reply}0223022200${msg_len}ffff${reply_code}010203
33ac3c83 3968 # Client identifier
ab187e7e 3969 reply=${reply}0001000a00030001${src_mac}
33ac3c83 3970 # IA-NA
40df4566 3971 if test $offer_ip != 1; then
ab187e7e 3972 reply=${reply}0003002801020304ffffffffffffffff00050018${offer_ip}ffffffffffffffff
40df4566 3973 fi
33ac3c83 3974 # Server identifier
ab187e7e 3975 reply=${reply}0002000a00030001${server_mac}
33ac3c83
NS		 3976 echo $reply | trim_zeros >> $inport.expected
3977 else
3978 for outport; do
3979 echo $request | trim_zeros >> $outport.expected
3980 done
3981 fi
3982
3983 as hv1 ovs-appctl netdev-dummy/receive hv1-vif$inport $request
3984}
3985
3986reset_pcap_file() {
3987 local iface=$1
3988 local pcap_file=$2
3989 ovs-vsctl -- set Interface $iface options:tx_pcap=dummy-tx.pcap \
3990options:rxq_pcap=dummy-rx.pcap
3991 rm -f ${pcap_file}*.pcap
3992 ovs-vsctl -- set Interface $iface options:tx_pcap=${pcap_file}-tx.pcap \
3993options:rxq_pcap=${pcap_file}-rx.pcap
3994}
3995
3996AT_CAPTURE_FILE([ofctl_monitor0.log])
3997as hv1 ovs-ofctl monitor br-int resume --detach --no-chdir \
3998--pidfile=ovs-ofctl0.pid 2> ofctl_monitor0.log
3999
4000echo "---------NB dump-----"
4001ovn-nbctl show
4002echo "---------------------"
4003echo "---------SB dump-----"
4004ovn-sbctl list datapath_binding
4005echo "---------------------"
4006ovn-sbctl list logical_flow
4007echo "---------------------"
4008
4009echo "---------------------"
4010ovn-sbctl dump-flows
4011echo "---------------------"
4012
4013echo "------ hv1 dump ----------"
4014as hv1 ovs-ofctl dump-flows br-int
4015
4016src_mac=f00000000001
4017src_lla=fe80000000000000f20000fffe000001
4018offer_ip=ae700000000000000000000000000004
4019test_dhcpv6 1 $src_mac $src_lla 01 $offer_ip
4020
4021# NXT_RESUMEs should be 1.
4022OVS_WAIT_UNTIL([test 1 = `cat ofctl_monitor*.log | grep -c NXT_RESUME`])
4023
4024$PYTHON "$top_srcdir/utilities/ovs-pcap.in" hv1/vif1-tx.pcap | trim_zeros > 1.packets
4025# cat 1.expected | trim_zeros > expout
4026cat 1.expected | cut -c -120 > expout
4027AT_CHECK([cat 1.packets | cut -c -120], [0], [expout])
4028# Skipping the UDP checksum
4029cat 1.expected | cut -c 125- > expout
4030AT_CHECK([cat 1.packets | cut -c 125-], [0], [expout])
4031
4032rm 1.expected
4033
4034# Send invalid packet on ls1-lp2. ovn-controller should resume the packet
4035# without any modifications and the packet should be received by ls1-lp1.
4036# ls1-lp1 will receive the packet twice, one from the ovn-controller after the
4037# resume and the other from ovs-ofctl monitor resume.
4038
4039reset_pcap_file hv1-vif1 hv1/vif1
4040reset_pcap_file hv1-vif2 hv1/vif2
4041
4042src_mac=f00000000002
4043src_lla=fe80000000000000f20000fffe000002
4044offer_ip=ae700000000000000000000000000005
4045# Set invalid msg_type
4046
4047test_dhcpv6 2 $src_mac $src_lla 10 0 1 1
4048
4049# NXT_RESUMEs should be 2.
4050OVS_WAIT_UNTIL([test 2 = `cat ofctl_monitor*.log | grep -c NXT_RESUME`])
4051
4052# vif2-tx.pcap should not have received the DHCPv6 reply packet
4053rm 2.packets
4054$PYTHON "$top_srcdir/utilities/ovs-pcap.in" hv1/vif2-tx.pcap | trim_zeros > 2.packets
4055AT_CHECK([cat 2.packets], [0], [])
4056
4057# vif1-tx.pcap should have received the DHCPv6 (invalid) request packet
4058$PYTHON "$top_srcdir/utilities/ovs-pcap.in" hv1/vif1-tx.pcap | trim_zeros > 1.packets
4059cat 1.expected > expout
4060AT_CHECK([cat 1.packets], [0], [expout])
4061
4062# Send DHCPv6 packet on ls2-lp1. native DHCPv6 is disabled on this port.
4063# There should be no DHCPv6 reply from ovn-controller and the request packet
4064# should be received by ls2-lp2.
4065
4066src_mac=f00000000003
4067src_lla=fe80000000000000f20000fffe000003
4068test_dhcpv6 3 $src_mac $src_lla 01 0 4
4069
4070# NXT_RESUMEs should be 2 only.
4071OVS_WAIT_UNTIL([test 2 = `cat ofctl_monitor*.log | grep -c NXT_RESUME`])
4072
4073# vif3-tx.pcap should not have received the DHCPv6 reply packet
4074$PYTHON "$top_srcdir/utilities/ovs-pcap.in" hv1/vif3-tx.pcap | trim_zeros > 3.packets
4075AT_CHECK([cat 3.packets], [0], [])
4076
4077# vif4-tx.pcap should have received the DHCPv6 request packet
4078$PYTHON "$top_srcdir/utilities/ovs-pcap.in" hv1/vif4-tx.pcap | trim_zeros > 4.packets
4079cat 4.expected > expout
4080AT_CHECK([cat 4.packets], [0], [expout])
4081
40df4566
ZKL		 4082# Send DHCPv6 packet on ls1-lp3. native DHCPv6 works as stateless mode for this port.
4083# The DHCPv6 reply should doesn't contian offer_ip.
4084src_mac=f00000000022
4085src_lla=fe80000000000000f20000fffe000022
4086reset_pcap_file hv1-vif5 hv1/vif5
4087test_dhcpv6 5 $src_mac $src_lla 01 1 5
4088
4089# NXT_RESUMEs should be 3.
4090OVS_WAIT_UNTIL([test 3 = `cat ofctl_monitor*.log | grep -c NXT_RESUME`])
4091
4092$PYTHON "$top_srcdir/utilities/ovs-pcap.in" hv1/vif5-tx.pcap | trim_zeros > 5.packets
4093# Skipping the UDP checksum
4094cat 5.expected | cut -c 1-120,125- > expout
4095AT_CHECK([cat 5.packets | cut -c 1-120,125- ], [0], [expout])
4096
33ac3c83 4097as hv1
281977f7
NS		 4098OVS_APP_EXIT_AND_WAIT([ovn-controller])
4099OVS_APP_EXIT_AND_WAIT([ovs-vswitchd])
4100OVS_APP_EXIT_AND_WAIT([ovsdb-server])
4101
4102as ovn-sb
4103OVS_APP_EXIT_AND_WAIT([ovsdb-server])
4104
4105as ovn-nb
4106OVS_APP_EXIT_AND_WAIT([ovsdb-server])
4107
4108as northd
4109OVS_APP_EXIT_AND_WAIT([ovn-northd])
4110
4111as main
4112OVS_APP_EXIT_AND_WAIT([ovs-vswitchd])
4113OVS_APP_EXIT_AND_WAIT([ovsdb-server])
4114
4115AT_CLEANUP
4116
c1645003 4117AT_SETUP([ovn -- 2 HVs, 2 LRs connected via LS, gateway router])
c1645003
GS		 4118AT_SKIP_IF([test $HAVE_PYTHON = no])
4119ovn_start
4120
4121# Logical network:
4122# Two LRs - R1 and R2 that are connected to each other via LS "join"
4123# in 20.0.0.0/24 network. R1 has switchess foo (192.168.1.0/24)
4124# connected to it. R2 has alice (172.16.1.0/24) connected to it.
4125# R2 is a gateway router.
4126
4127
4128
4129# Create two hypervisor and create OVS ports corresponding to logical ports.
4130net_add n1
4131
4132sim_add hv1
4133as hv1
4134ovs-vsctl add-br br-phys
4135ovn_attach n1 br-phys 192.168.0.1
4136ovs-vsctl -- add-port br-int hv1-vif1 -- \
4137 set interface hv1-vif1 external-ids:iface-id=foo1 \
4138 options:tx_pcap=hv1/vif1-tx.pcap \
4139 options:rxq_pcap=hv1/vif1-rx.pcap \
4140 ofport-request=1
4141
4142
4143sim_add hv2
4144as hv2
4145ovs-vsctl add-br br-phys
4146ovn_attach n1 br-phys 192.168.0.2
4147ovs-vsctl -- add-port br-int hv2-vif1 -- \
4148 set interface hv2-vif1 external-ids:iface-id=alice1 \
4149 options:tx_pcap=hv2/vif1-tx.pcap \
4150 options:rxq_pcap=hv2/vif1-rx.pcap \
4151 ofport-request=1
4152
4153# Pre-populate the hypervisors' ARP tables so that we don't lose any
4154# packets for ARP resolution (native tunneling doesn't queue packets
4155# for ARP resolution).
4156ovn_populate_arp
4157
4158ovn-nbctl create Logical_Router name=R1
4159ovn-nbctl create Logical_Router name=R2 options:chassis="hv2"
4160
ea46a4e9
JP		 4161ovn-nbctl ls-add foo
4162ovn-nbctl ls-add alice
4163ovn-nbctl ls-add join
c1645003
GS		 4164
4165# Connect foo to R1
31114af7 4166ovn-nbctl lrp-add R1 foo 00:00:01:01:02:03 192.168.1.1/24
31ed1192 4167ovn-nbctl lsp-add foo rp-foo -- set Logical_Switch_Port rp-foo \
80f408f4 4168 type=router options:router-port=foo addresses=\"00:00:01:01:02:03\"
c1645003
GS		 4169
4170# Connect alice to R2
31114af7 4171ovn-nbctl lrp-add R2 alice 00:00:02:01:02:03 172.16.1.1/24
31ed1192 4172ovn-nbctl lsp-add alice rp-alice -- set Logical_Switch_Port rp-alice \
80f408f4 4173 type=router options:router-port=alice addresses=\"00:00:02:01:02:03\"
c1645003
GS		 4174
4175# Connect R1 to join
31114af7 4176ovn-nbctl lrp-add R1 R1_join 00:00:04:01:02:03 20.0.0.1/24
31ed1192 4177ovn-nbctl lsp-add join r1-join -- set Logical_Switch_Port r1-join \
80f408f4 4178 type=router options:router-port=R1_join addresses='"00:00:04:01:02:03"'
c1645003
GS		 4179
4180# Connect R2 to join
31114af7 4181ovn-nbctl lrp-add R2 R2_join 00:00:04:01:02:04 20.0.0.2/24
31ed1192 4182ovn-nbctl lsp-add join r2-join -- set Logical_Switch_Port r2-join \
80f408f4 4183 type=router options:router-port=R2_join addresses='"00:00:04:01:02:04"'
c1645003
GS		 4184
4185
4186#install static routes
4187ovn-nbctl -- --id=@lrt create Logical_Router_Static_Route \
4188ip_prefix=172.16.1.0/24 nexthop=20.0.0.2 -- add Logical_Router \
4189R1 static_routes @lrt
4190
4191ovn-nbctl -- --id=@lrt create Logical_Router_Static_Route \
4192ip_prefix=192.168.1.0/24 nexthop=20.0.0.1 -- add Logical_Router \
4193R2 static_routes @lrt
4194
4195# Create logical port foo1 in foo
31ed1192
JP		 4196ovn-nbctl lsp-add foo foo1 \
4197-- lsp-set-addresses foo1 "f0:00:00:01:02:03 192.168.1.2"
c1645003
GS		 4198
4199# Create logical port alice1 in alice
31ed1192
JP		 4200ovn-nbctl lsp-add alice alice1 \
4201-- lsp-set-addresses alice1 "f0:00:00:01:02:04 172.16.1.2"
c1645003
GS		 4202
4203
4204# Allow some time for ovn-northd and ovn-controller to catch up.
4205# XXX This should be more systematic.
4206sleep 2
4207
4208ip_to_hex() {
4209 printf "%02x%02x%02x%02x" "$@"
4210}
c1645003
GS		 4211
4212# Send ip packets between foo1 and alice1
4213src_mac="f00000010203"
4214dst_mac="000001010203"
4215src_ip=`ip_to_hex 192 168 1 2`
4216dst_ip=`ip_to_hex 172 16 1 2`
4217packet=${dst_mac}${src_mac}08004500001c0000000040110000${src_ip}${dst_ip}0035111100080000
4218
4219echo "---------NB dump-----"
4220ovn-nbctl show
4221echo "---------------------"
4222ovn-nbctl list logical_router
4223echo "---------------------"
4224ovn-nbctl list logical_router_port
4225echo "---------------------"
4226
4227echo "---------SB dump-----"
4228ovn-sbctl list datapath_binding
4229echo "---------------------"
4230ovn-sbctl list port_binding
4231echo "---------------------"
4232ovn-sbctl dump-flows
4233echo "---------------------"
4234ovn-sbctl list chassis
4235ovn-sbctl list encap
4236echo "---------------------"
4237
c1645003
GS		 4238# Packet to Expect at alice1
4239src_mac="000002010203"
4240dst_mac="f00000010204"
4241src_ip=`ip_to_hex 192 168 1 2`
4242dst_ip=`ip_to_hex 172 16 1 2`
4243expected=${dst_mac}${src_mac}08004500001c000000003e110200${src_ip}${dst_ip}0035111100080000
4244
4245
4246as hv1 ovs-appctl netdev-dummy/receive hv1-vif1 $packet
4247as hv1 ovs-appctl ofproto/trace br-int in_port=1 $packet
4248
ab39371d
RM		 4249echo "------ hv1 dump after packet 1 ----------"
4250as hv1 ovs-ofctl show br-int
4251as hv1 ovs-ofctl dump-flows br-int
4252echo "------ hv2 dump after packet 1 ----------"
4253as hv2 ovs-ofctl show br-int
4254as hv2 ovs-ofctl dump-flows br-int
4255echo "----------------------------"
4256
49d7c759
BP		 4257echo $expected > expected
4258OVN_CHECK_PACKETS([hv2/vif1-tx.pcap], [expected])
c1645003 4259
34114cf8
GS		 4260# Delete the router and re-create it. Things should work as before.
4261ovn-nbctl lr-del R2
4262ovn-nbctl create Logical_Router name=R2 options:chassis="hv2"
4263# Connect alice to R2
4264ovn-nbctl lrp-add R2 alice 00:00:02:01:02:03 172.16.1.1/24
4265# Connect R2 to join
4266ovn-nbctl lrp-add R2 R2_join 00:00:04:01:02:04 20.0.0.2/24
4267
4268ovn-nbctl -- --id=@lrt create Logical_Router_Static_Route \
4269ip_prefix=192.168.1.0/24 nexthop=20.0.0.1 -- add Logical_Router \
4270R2 static_routes @lrt
4271
4272# Wait for ovn-controller to catch up.
4273sleep 1
4274
4275# Send the packet again.
4276as hv1 ovs-appctl netdev-dummy/receive hv1-vif1 $packet
ab39371d
RM		 4277
4278echo "------ hv1 dump after packet 2 ----------"
4279as hv1 ovs-ofctl show br-int
4280as hv1 ovs-ofctl dump-flows br-int
4281echo "------ hv2 dump after packet 2 ----------"
4282as hv2 ovs-ofctl show br-int
4283as hv2 ovs-ofctl dump-flows br-int
4284echo "----------------------------"
4285
49d7c759
BP		 4286echo $expected >> expected
4287OVN_CHECK_PACKETS([hv2/vif1-tx.pcap], [expected])
34114cf8 4288
7a8f15e0 4289OVN_CLEANUP([hv1],[hv2])
c1645003
GS		 4290
4291AT_CLEANUP
bb3c4568
FF		 4292
4293AT_SETUP([ovn -- icmp_reply: 1 HVs, 2 LSs, 1 lport/LS, 1 LR])
4294AT_KEYWORDS([router-icmp-reply])
4295AT_SKIP_IF([test $HAVE_PYTHON = no])
4296ovn_start
4297
4298# Logical network:
4299# One LR - R1 has switch ls1 (191.168.1.0/24) connected to it,
4300# and has switch ls2 (172.16.1.0/24) connected to it.
4301
fa2a27b2 4302ovn-nbctl lr-add R1
bb3c4568 4303
ea46a4e9
JP		 4304ovn-nbctl ls-add ls1
4305ovn-nbctl ls-add ls2
bb3c4568
FF		 4306
4307# Connect ls1 to R1
31114af7 4308ovn-nbctl lrp-add R1 ls1 00:00:00:01:02:f1 192.168.1.1/24
31ed1192 4309ovn-nbctl lsp-add ls1 rp-ls1 -- set Logical_Switch_Port rp-ls1 \
80f408f4 4310 type=router options:router-port=ls1 addresses=\"00:00:00:01:02:f1\"
bb3c4568
FF		 4311
4312# Connect ls2 to R1
31114af7 4313ovn-nbctl lrp-add R1 ls2 00:00:00:01:02:f2 172.16.1.1/24
31ed1192 4314ovn-nbctl lsp-add ls2 rp-ls2 -- set Logical_Switch_Port rp-ls2 \
80f408f4 4315 type=router options:router-port=ls2 addresses=\"00:00:00:01:02:f2\"
bb3c4568
FF		 4316
4317# Create logical port ls1-lp1 in ls1
31ed1192
JP		 4318ovn-nbctl lsp-add ls1 ls1-lp1 \
4319-- lsp-set-addresses ls1-lp1 "00:00:00:01:02:03 192.168.1.2"
bb3c4568
FF		 4320
4321# Create logical port ls2-lp1 in ls2
31ed1192
JP		 4322ovn-nbctl lsp-add ls2 ls2-lp1 \
4323-- lsp-set-addresses ls2-lp1 "00:00:00:01:02:04 172.16.1.2"
bb3c4568
FF		 4324
4325# Create one hypervisor and create OVS ports corresponding to logical ports.
4326net_add n1
4327
4328sim_add hv1
4329as hv1
4330ovs-vsctl add-br br-phys
4331ovn_attach n1 br-phys 192.168.0.1
4332ovs-vsctl -- add-port br-int vif1 -- \
4333 set interface vif1 external-ids:iface-id=ls1-lp1 \
4334 options:tx_pcap=hv1/vif1-tx.pcap \
4335 options:rxq_pcap=hv1/vif1-rx.pcap \
4336 ofport-request=1
4337
4338ovs-vsctl -- add-port br-int vif2 -- \
4339 set interface vif2 external-ids:iface-id=ls2-lp1 \
4340 options:tx_pcap=hv1/vif2-tx.pcap \
4341 options:rxq_pcap=hv1/vif2-rx.pcap \
4342 ofport-request=1
4343
4344
4345# Allow some time for ovn-northd and ovn-controller to catch up.
4346# XXX This should be more systematic.
4347sleep 1
4348
4349
4350ip_to_hex() {
4351 printf "%02x%02x%02x%02x" "$@"
4352}
bb3c4568
FF		 4353for i in 1 2; do
4354 : > vif$i.expected
4355done
4356# test_ipv4_icmp_request INPORT ETH_SRC ETH_DST IPV4_SRC IPV4_DST IP_CHKSUM ICMP_CHKSUM [EXP_IP_CHKSUM EXP_ICMP_CHKSUM]
4357#
4358# Causes a packet to be received on INPORT. The packet is an ICMPv4
4359# request with ETH_SRC, ETH_DST, IPV4_SRC, IPV4_DST, IP_CHSUM and
4360# ICMP_CHKSUM as specified. If EXP_IP_CHKSUM and EXP_ICMP_CHKSUM are
4361# provided, then it should be the ip and icmp checksums of the packet
4362# responded; otherwise, no reply is expected.
4363# In the absence of an ip checksum calculation helpers, this relies
4364# on the caller to provide the checksums for the ip and icmp headers.
4365# XXX This should be more systematic.
4366#
4367# INPORT is an lport number, e.g. 11 for vif11.
4368# ETH_SRC and ETH_DST are each 12 hex digits.
4369# IPV4_SRC and IPV4_DST are each 8 hex digits.
4370# IP_CHSUM and ICMP_CHKSUM are each 4 hex digits.
4371# EXP_IP_CHSUM and EXP_ICMP_CHKSUM are each 4 hex digits.
4372test_ipv4_icmp_request() {
4373 local inport=$1 eth_src=$2 eth_dst=$3 ipv4_src=$4 ipv4_dst=$5 ip_chksum=$6 icmp_chksum=$7
4374 local exp_ip_chksum=$8 exp_icmp_chksum=$9
4375 shift; shift; shift; shift; shift; shift; shift
4376 shift; shift
4377
4378 # Use ttl to exercise section 4.2.2.9 of RFC1812
4379 local ip_ttl=01
4380 local icmp_id=5fbf
4381 local icmp_seq=0001
4382 local icmp_data=$(seq 1 56 | xargs printf "%02x")
4383 local icmp_type_code_request=0800
4384 local icmp_payload=${icmp_type_code_request}${icmp_chksum}${icmp_id}${icmp_seq}${icmp_data}
4385 local packet=${eth_dst}${eth_src}08004500005400004000${ip_ttl}01${ip_chksum}${ipv4_src}${ipv4_dst}${icmp_payload}
4386
4387 as hv1 ovs-appctl netdev-dummy/receive vif$inport $packet
4388 if test X$exp_icmp_chksum != X; then
4389 # Expect to receive the reply, if any. In same port where packet was sent.
4390 # Note: src and dst fields are expected to be reversed.
4391 local icmp_type_code_response=0000
4392 local reply_icmp_ttl=fe
4393 local reply_icmp_payload=${icmp_type_code_response}${exp_icmp_chksum}${icmp_id}${icmp_seq}${icmp_data}
4394 local reply=${eth_src}${eth_dst}08004500005400004000${reply_icmp_ttl}01${exp_ip_chksum}${ipv4_dst}${ipv4_src}${reply_icmp_payload}
4395 echo $reply >> vif$inport.expected
4396 fi
4397}
4398
4399# Send ping packet to router's ip addresses, from each of the 2 logical ports.
4400rtr_l1_ip=$(ip_to_hex 192 168 1 1)
4401rtr_l2_ip=$(ip_to_hex 172 16 1 1)
4402l1_ip=$(ip_to_hex 192 168 1 2)
4403l2_ip=$(ip_to_hex 172 16 1 2)
4404
4405# Ping router ip address that is on same subnet as the logical port
4406test_ipv4_icmp_request 1 000000010203 0000000102f1 $l1_ip $rtr_l1_ip 0000 8510 02ff 8d10
4407test_ipv4_icmp_request 2 000000010204 0000000102f2 $l2_ip $rtr_l2_ip 0000 8510 02ff 8d10
4408
4409# Ping router ip address that is on the other side of the logical ports
4410test_ipv4_icmp_request 1 000000010203 0000000102f1 $l1_ip $rtr_l2_ip 0000 8510 02ff 8d10
4411test_ipv4_icmp_request 2 000000010204 0000000102f2 $l2_ip $rtr_l1_ip 0000 8510 02ff 8d10
4412
4413echo "---------NB dump-----"
4414ovn-nbctl show
4415echo "---------------------"
4416ovn-nbctl list logical_router
4417echo "---------------------"
4418ovn-nbctl list logical_router_port
4419echo "---------------------"
4420
4421echo "---------SB dump-----"
4422ovn-sbctl list datapath_binding
4423echo "---------------------"
4424ovn-sbctl list logical_flow
4425echo "---------------------"
4426
4427echo "------ hv1 dump ----------"
4428as hv1 ovs-ofctl dump-flows br-int
4429
4430# Now check the packets actually received against the ones expected.
4431for inport in 1 2; do
49d7c759 4432 OVN_CHECK_PACKETS([hv1/vif${inport}-tx.pcap], [vif$inport.expected])
bb3c4568
FF		 4433done
4434
7a8f15e0 4435OVN_CLEANUP([hv1])
bb3c4568
FF		 4436
4437AT_CLEANUP
94f79fcb
RB		 4438
4439# 1 hypervisor, 1 port
4440# make sure that the port state is properly set to up and back down
4441# when created and deleted.
4442AT_SETUP([ovn -- port state up and down])
94f79fcb
RB		 4443ovn_start
4444
4445ovn-nbctl ls-add ls1
4446ovn-nbctl lsp-add ls1 lp1
4447ovn-nbctl lsp-set-addresses lp1 unknown
4448
4449net_add n1
4450sim_add hv1
4451as hv1 ovs-vsctl add-br br-phys
4452as hv1 ovn_attach n1 br-phys 192.168.0.1
4453
4454as hv1 ovs-vsctl add-port br-int vif1 -- set Interface vif1 external-ids:iface-id=lp1
4455OVS_WAIT_UNTIL([test x`ovn-nbctl lsp-get-up lp1` = xup])
4456
4457as hv1 ovs-vsctl del-port br-int vif1
4458OVS_WAIT_UNTIL([test x`ovn-nbctl lsp-get-up lp1` = xdown])
4459
7a8f15e0 4460OVN_CLEANUP([hv1])
94f79fcb 4461
94f79fcb 4462AT_CLEANUP
e75451fe 4463
ccc6e1db
FF		 4464# 1 hypervisor, 1 port
4465# make sure that the OF rules created to support a datapath are added/cleared
4466# when logical switch is created and removed.
4467AT_SETUP([ovn -- datapath rules added/removed])
1794d5f2 4468AT_KEYWORDS([cleanup])
ccc6e1db
FF		 4469ovn_start
4470
4471net_add n1
4472sim_add hv1
4473as hv1 ovs-vsctl add-br br-phys
4474as hv1 ovn_attach n1 br-phys 192.168.0.1
4475
4476# This shell function checks if OF rules in br-int have clauses
4477# related to OVN datapaths. The caller determines if it should find
4478# a match in the output, or not.
4479#
4480# EXPECT_DATAPATH param determines whether flows that refer to
4481# datapath to should be present or not. 0 means
4482# they should not be.
4483# STAGE_INFO param is a simple string to help identify the stage
4484# in the test when this function was invoked.
4485test_datapath_in_of_rules() {
4486 local expect_datapath=$1 stage_info=$2
4487 echo "------ ovn-nbctl show ${stage_info} ------"
4488 ovn-nbctl show
4489 echo "------ ovn-sbctl show ${stage_info} ------"
4490 ovn-sbctl show
4491 echo "------ OF rules ${stage_info} ------"
4492 AT_CHECK([ovs-ofctl dump-flows br-int], [0], [stdout])
4493 # if there is a datapath mentioned in the output, check for the
4494 # magic keyword that represents one, based on the exit status of
4495 # a quiet grep
4496 if test $expect_datapath != 0; then
4618b102 4497 AT_CHECK([grep -q -i 'metadata=' stdout], [0], [ignore-nolog])
ccc6e1db 4498 else
4618b102 4499 AT_CHECK([grep -q -i 'metadata=' stdout], [1], [ignore-nolog])
ccc6e1db
FF		 4500 fi
4501}
4502
4503test_datapath_in_of_rules 0 "before ls+port create"
4504
4505ovn-nbctl ls-add ls1
4506ovn-nbctl lsp-add ls1 lp1
4507ovn-nbctl lsp-set-addresses lp1 unknown
4508
4509as hv1 ovs-vsctl add-port br-int vif1 -- set Interface vif1 external-ids:iface-id=lp1
4510OVS_WAIT_UNTIL([test x`ovn-nbctl lsp-get-up lp1` = xup])
4511
4512test_datapath_in_of_rules 1 "after port is bound"
4513
4514as hv1 ovs-vsctl del-port br-int vif1
4515OVS_WAIT_UNTIL([test x`ovn-nbctl lsp-get-up lp1` = xdown])
4516
4517ovn-nbctl lsp-set-addresses lp1
4518ovn-nbctl lsp-del lp1
4519ovn-nbctl ls-del ls1
4520
4521# wait for earlier changes to take effect
4522AT_CHECK([ovn-nbctl --timeout=3 --wait=sb sync], [0], [ignore])
4523
4524# ensure OF rules are no longer present. There used to be a bug here.
4525test_datapath_in_of_rules 0 "after lport+ls removal"
4526
4527OVN_CLEANUP([hv1])
4528
4529AT_CLEANUP
4530
f8a8db39 4531AT_SETUP([ovn -- nd_na ])
e75451fe
ZKL		 4532AT_SKIP_IF([test $HAVE_PYTHON = no])
4533ovn_start
4534
4535#TODO: since patch port for IPv6 logical router port is not ready not,
4536# so we are not going to test vifs on different lswitches cases. Try
4537# to update for that once relevant stuff implemented.
4538
4539# In this test cases we create 1 lswitch, it has 2 VIF ports attached
4540# with. NS packet we test, from one VIF for another VIF, will be replied
4541# by local ovn-controller, but not by target VIF.
4542
4543# Create hypervisors and logical switch lsw0.
4544ovn-nbctl ls-add lsw0
4545net_add n1
4546sim_add hv1
4547as hv1
4548ovs-vsctl add-br br-phys
4549ovn_attach n1 br-phys 192.168.0.2
4550
4551# Add vif1 to hv1 and lsw0, turn on l2 port security on vif1.
4552ovs-vsctl add-port br-int vif1 -- set Interface vif1 external-ids:iface-id=lp1 options:tx_pcap=hv1/vif1-tx.pcap options:rxq_pcap=hv1/vif1-rx.pcap ofport-request=1
4553ovn-nbctl lsp-add lsw0 lp1
4554ovn-nbctl lsp-set-addresses lp1 "fa:16:3e:94:05:98 192.168.0.3 fd81:ce49:a948:0:f816:3eff:fe94:598"
4555ovn-nbctl lsp-set-port-security lp1 "fa:16:3e:94:05:98 192.168.0.3 fd81:ce49:a948:0:f816:3eff:fe94:598"
4556
4557# Add vif2 to hv1 and lsw0, turn on l2 port security on vif2.
4558ovs-vsctl add-port br-int vif2 -- set Interface vif2 external-ids:iface-id=lp2 options:tx_pcap=hv1/vif2-tx.pcap options:rxq_pcap=hv1/vif2-rx.pcap ofport-request=2
4559ovn-nbctl lsp-add lsw0 lp2
4560ovn-nbctl lsp-set-addresses lp2 "fa:16:3e:a1:f9:ae 192.168.0.4 fd81:ce49:a948:0:f816:3eff:fea1:f9ae"
4561ovn-nbctl lsp-set-port-security lp2 "fa:16:3e:a1:f9:ae 192.168.0.4 fd81:ce49:a948:0:f816:3eff:fea1:f9ae"
4562
4563# Add ACL rule for ICMPv6 on lsw0
4564ovn-nbctl acl-add lsw0 from-lport 1002 'ip6 && icmp6' allow-related
4565ovn-nbctl acl-add lsw0 to-lport 1002 'outport == "lp1" && ip6 && icmp6' allow-related
4566ovn-nbctl acl-add lsw0 to-lport 1002 'outport == "lp2" && ip6 && icmp6' allow-related
4567
4568# Allow some time for ovn-northd and ovn-controller to catch up.
4569# XXX This should be more systematic.
4570sleep 1
4571
4572# Given the name of a logical port, prints the name of the hypervisor
4573# on which it is located.
4574vif_to_hv() {
4575 echo hv1${1%?}
4576}
e75451fe
ZKL		 4577for i in 1 2; do
4578 : > $i.expected
4579done
4580
4581# Complete Neighbor Solicitation packet and Neighbor Advertisement packet
4582# vif1 -> NS -> vif2. vif1 <- NA <- ovn-controller.
4583# vif2 will not receive NS packet, since ovn-controller will reply for it.
4584ns_packet=3333ffa1f9aefa163e94059886dd6000000000203afffd81ce49a9480000f8163efffe940598fd81ce49a9480000f8163efffea1f9ae8700e01160000000fd81ce49a9480000f8163efffea1f9ae0101fa163e940598
4585na_packet=fa163e940598fa163ea1f9ae86dd6000000000203afffd81ce49a9480000f8163efffea1f9aefd81ce49a9480000f8163efffe9405988800e9ed60000000fd81ce49a9480000f8163efffea1f9ae0201fa163ea1f9ae
4586
4587as hv1 ovs-appctl netdev-dummy/receive vif1 $ns_packet
e4543cfe 4588echo $na_packet >> 1.expected
e75451fe 4589
e75451fe
ZKL		 4590echo "------ hv1 dump ------"
4591as hv1 ovs-vsctl show
4592as hv1 ovs-ofctl -O OpenFlow13 show br-int
4593as hv1 ovs-ofctl -O OpenFlow13 dump-flows br-int
4594
4595for i in 1 2; do
49d7c759 4596 OVN_CHECK_PACKETS([hv1/vif$i-tx.pcap], [$i.expected])
e75451fe
ZKL		 4597done
4598
7a8f15e0 4599OVN_CLEANUP([hv1])
e75451fe
ZKL		 4600
4601AT_CLEANUP
7417d147
RM		 4602
4603AT_SETUP([ovn -- address sets modification/removal smoke test])
7417d147
RM		 4604ovn_start
4605
4606net_add n1
4607
4608sim_add hv1
4609as hv1
4610ovs-vsctl add-br br-phys
4611ovn_attach n1 br-phys 192.168.0.1
4612
4613row=`ovn-nbctl create Address_Set name=set1 addresses=\"1.1.1.1\"`
4614ovn-nbctl set Address_Set $row name=set1 addresses=\"1.1.1.1,1.1.1.2\"
4615ovn-nbctl destroy Address_Set $row
4616
4617sleep 1
4618
4619# A bug previously existed in the address set support code
4620# that caused ovn-controller to crash after an address set
4621# was updated and then removed. This test case ensures
4622# that ovn-controller is at least still running after
4623# creating, updating, and deleting an address set.
4624AT_CHECK([ovs-appctl -t ovn-controller version], [0], [ignore])
4625
4626OVN_CLEANUP([hv1])
4627
4628AT_CLEANUP
8639f9be
ND		 4629
4630AT_SETUP([ovn -- ipam])
8639f9be
ND		 4631AT_SKIP_IF([test $HAVE_PYTHON = no])
4632ovn_start
4633
4634# Add a port to a switch that does not have a subnet set, then set the
4635# subnet which should result in an address being allocated for the port.
4636ovn-nbctl ls-add sw0
4637ovn-nbctl lsp-add sw0 p0 -- lsp-set-addresses p0 dynamic
fd3b31e9 4638ovn-nbctl --wait=sb add Logical-Switch sw0 other_config subnet=192.168.1.0/24
8639f9be
ND		 4639AT_CHECK([ovn-nbctl get Logical-Switch-Port p0 dynamic_addresses], [0],
4640 ["0a:00:00:00:00:01 192.168.1.2"
4641])
4642
4643# Add 9 more ports to sw0, addresses should all be unique.
4644for n in `seq 1 9`; do
11547f85 4645 ovn-nbctl --wait=sb lsp-add sw0 "p$n" -- lsp-set-addresses "p$n" dynamic
8639f9be
ND		 4646done
4647AT_CHECK([ovn-nbctl get Logical-Switch-Port p1 dynamic_addresses], [0],
4648 ["0a:00:00:00:00:02 192.168.1.3"
4649])
4650AT_CHECK([ovn-nbctl get Logical-Switch-Port p2 dynamic_addresses], [0],
4651 ["0a:00:00:00:00:03 192.168.1.4"
4652])
4653AT_CHECK([ovn-nbctl get Logical-Switch-Port p3 dynamic_addresses], [0],
4654 ["0a:00:00:00:00:04 192.168.1.5"
4655])
4656AT_CHECK([ovn-nbctl get Logical-Switch-Port p4 dynamic_addresses], [0],
4657 ["0a:00:00:00:00:05 192.168.1.6"
4658])
4659AT_CHECK([ovn-nbctl get Logical-Switch-Port p5 dynamic_addresses], [0],
4660 ["0a:00:00:00:00:06 192.168.1.7"
4661])
4662AT_CHECK([ovn-nbctl get Logical-Switch-Port p6 dynamic_addresses], [0],
4663 ["0a:00:00:00:00:07 192.168.1.8"
4664])
4665AT_CHECK([ovn-nbctl get Logical-Switch-Port p7 dynamic_addresses], [0],
4666 ["0a:00:00:00:00:08 192.168.1.9"
4667])
4668AT_CHECK([ovn-nbctl get Logical-Switch-Port p8 dynamic_addresses], [0],
4669 ["0a:00:00:00:00:09 192.168.1.10"
4670])
4671AT_CHECK([ovn-nbctl get Logical-Switch-Port p9 dynamic_addresses], [0],
4672 ["0a:00:00:00:00:0a 192.168.1.11"
4673])
4674
4675# Trying similar tests with a second switch. MAC addresses should be unique
4676# across both switches but IP's only need to be unique within the same switch.
4677ovn-nbctl ls-add sw1
4678ovn-nbctl lsp-add sw1 p10 -- lsp-set-addresses p10 dynamic
11547f85 4679ovn-nbctl --wait=sb add Logical-Switch sw1 other_config subnet=192.168.1.0/24
8639f9be
ND		 4680AT_CHECK([ovn-nbctl get Logical-Switch-Port p10 dynamic_addresses], [0],
4681 ["0a:00:00:00:00:0b 192.168.1.2"
4682])
4683
4684for n in `seq 11 19`; do
11547f85 4685 ovn-nbctl --wait=sb lsp-add sw1 "p$n" -- lsp-set-addresses "p$n" dynamic
8639f9be
ND		 4686done
4687AT_CHECK([ovn-nbctl get Logical-Switch-Port p11 dynamic_addresses], [0],
4688 ["0a:00:00:00:00:0c 192.168.1.3"
4689])
4690AT_CHECK([ovn-nbctl get Logical-Switch-Port p12 dynamic_addresses], [0],
4691 ["0a:00:00:00:00:0d 192.168.1.4"
4692])
4693AT_CHECK([ovn-nbctl get Logical-Switch-Port p13 dynamic_addresses], [0],
4694 ["0a:00:00:00:00:0e 192.168.1.5"
4695])
4696AT_CHECK([ovn-nbctl get Logical-Switch-Port p14 dynamic_addresses], [0],
4697 ["0a:00:00:00:00:0f 192.168.1.6"
4698])
4699AT_CHECK([ovn-nbctl get Logical-Switch-Port p15 dynamic_addresses], [0],
4700 ["0a:00:00:00:00:10 192.168.1.7"
4701])
4702AT_CHECK([ovn-nbctl get Logical-Switch-Port p16 dynamic_addresses], [0],
4703 ["0a:00:00:00:00:11 192.168.1.8"
4704])
4705AT_CHECK([ovn-nbctl get Logical-Switch-Port p17 dynamic_addresses], [0],
4706 ["0a:00:00:00:00:12 192.168.1.9"
4707])
4708AT_CHECK([ovn-nbctl get Logical-Switch-Port p18 dynamic_addresses], [0],
4709 ["0a:00:00:00:00:13 192.168.1.10"
4710])
4711AT_CHECK([ovn-nbctl get Logical-Switch-Port p19 dynamic_addresses], [0],
4712 ["0a:00:00:00:00:14 192.168.1.11"
4713])
4714
4715# Change a port's address to test for multiple ip's for a single address entry
4716# and addresses set by the user.
4717ovn-nbctl lsp-set-addresses p0 "0a:00:00:00:00:15 192.168.1.12 192.168.1.14"
11547f85 4718ovn-nbctl --wait=sb lsp-add sw0 p20 -- lsp-set-addresses p20 dynamic
8639f9be
ND		 4719AT_CHECK([ovn-nbctl get Logical-Switch-Port p20 dynamic_addresses], [0],
4720 ["0a:00:00:00:00:16 192.168.1.13"
4721])
4722
4723# Test for logical router port address management.
4724ovn-nbctl create Logical_Router name=R1
4725ovn-nbctl -- --id=@lrp create Logical_Router_port name=sw0 \
4726network="192.168.1.1/24" mac=\"0a:00:00:00:00:17\" \
4727-- add Logical_Router R1 ports @lrp -- lsp-add sw0 rp-sw0 \
4728-- set Logical_Switch_Port rp-sw0 type=router options:router-port=sw0
11547f85 4729ovn-nbctl --wait=sb lsp-add sw0 p21 -- lsp-set-addresses p21 dynamic
8639f9be
ND		 4730AT_CHECK([ovn-nbctl get Logical-Switch-Port p21 dynamic_addresses], [0],
4731 ["0a:00:00:00:00:18 192.168.1.15"
4732])
4733
4734# Test for address reuse after logical port is deleted.
4735ovn-nbctl lsp-del p0
11547f85 4736ovn-nbctl --wait=sb lsp-add sw0 p23 -- lsp-set-addresses p23 dynamic
8639f9be
ND		 4737AT_CHECK([ovn-nbctl get Logical-Switch-Port p23 dynamic_addresses], [0],
4738 ["0a:00:00:00:00:19 192.168.1.2"
4739])
4740
4741# Test for multiple addresses to one logical port.
4742ovn-nbctl lsp-add sw0 p25 -- lsp-set-addresses p25 \
4743"0a:00:00:00:00:1a 192.168.1.12" "0a:00:00:00:00:1b 192.168.1.14"
11547f85 4744ovn-nbctl --wait=sb lsp-add sw0 p26 -- lsp-set-addresses p26 dynamic
8639f9be
ND		 4745AT_CHECK([ovn-nbctl get Logical-Switch-Port p26 dynamic_addresses], [0],
4746 ["0a:00:00:00:00:1c 192.168.1.16"
4747])
4748
4749# Test for exhausting subnet address space.
4750ovn-nbctl ls-add sw2 -- add Logical-Switch sw2 other_config subnet=172.16.1.0/30
11547f85 4751ovn-nbctl --wait=sb lsp-add sw2 p27 -- lsp-set-addresses p27 dynamic
8639f9be
ND		 4752AT_CHECK([ovn-nbctl get Logical-Switch-Port p27 dynamic_addresses], [0],
4753 ["0a:00:00:00:00:1d 172.16.1.2"
4754])
4755
11547f85 4756ovn-nbctl --wait=sb lsp-add sw2 p28 -- lsp-set-addresses p28 dynamic
8639f9be
ND		 4757AT_CHECK([ovn-nbctl get Logical-Switch-Port p28 dynamic_addresses], [0],
4758 [[[]]
4759])
4760
4761# Test that address management does not add duplicate MAC for lsp/lrp peers.
4762ovn-nbctl create Logical_Router name=R2
4763ovn-nbctl ls-add sw3
4764ovn-nbctl lsp-add sw3 p29 -- lsp-set-addresses p29 \
4765"0a:00:00:00:00:1e"
4766ovn-nbctl -- --id=@lrp create Logical_Router_port name=sw3 \
4767network="192.168.2.1/24" mac=\"0a:00:00:00:00:1f\" \
4768-- add Logical_Router R2 ports @lrp -- lsp-add sw3 rp-sw3 \
4769-- set Logical_Switch_Port rp-sw3 type=router options:router-port=sw3
11547f85 4770ovn-nbctl --wait=sb lsp-add sw0 p30 -- lsp-set-addresses p30 dynamic
8639f9be
ND		 4771AT_CHECK([ovn-nbctl get Logical-Switch-Port p30 dynamic_addresses], [0],
4772 ["0a:00:00:00:00:20 192.168.1.17"
4773])
4774
6374d518
LR		 4775# Test static MAC address with dynamically allocated IP
4776ovn-nbctl --wait=sb lsp-add sw0 p31 -- lsp-set-addresses p31 \
4777"fe:dc:ba:98:76:54 dynamic"
4778AT_CHECK([ovn-nbctl get Logical-Switch-Port p31 dynamic_addresses], [0],
4779 ["fe:dc:ba:98:76:54 192.168.1.18"
4780])
4781
8639f9be
ND		 4782as ovn-sb
4783OVS_APP_EXIT_AND_WAIT([ovsdb-server])
4784
4785as ovn-nb
4786OVS_APP_EXIT_AND_WAIT([ovsdb-server])
4787
4788as northd
4789OVS_APP_EXIT_AND_WAIT([ovn-northd])
4790
4791AT_CLEANUP
4792
4793AT_SETUP([ovn -- ipam connectivity])
8639f9be
ND		 4794AT_SKIP_IF([test $HAVE_PYTHON = no])
4795ovn_start
4796
4797ovn-nbctl lr-add R1
4798
4799# Test for a ping using dynamically allocated addresses.
4800ovn-nbctl ls-add foo -- add Logical_Switch foo other_config subnet=192.168.1.0/24
4801ovn-nbctl ls-add alice -- add Logical_Switch alice other_config subnet=192.168.2.0/24
4802
4803# Connect foo to R1
4804ovn-nbctl lrp-add R1 foo 00:00:00:01:02:03 192.168.1.1/24
4805ovn-nbctl lsp-add foo rp-foo -- set Logical_Switch_Port rp-foo type=router \
4806 options:router-port=foo addresses=\"00:00:00:01:02:03\"
4807
4808# Connect alice to R1
4809ovn-nbctl lrp-add R1 alice 00:00:00:01:02:04 192.168.2.1/24
4810ovn-nbctl lsp-add alice rp-alice -- set Logical_Switch_Port rp-alice type=router \
4811 options:router-port=alice addresses=\"00:00:00:01:02:04\"
4812
4813# Create logical port foo1 in foo
fd3b31e9 4814ovn-nbctl --wait=sb lsp-add foo foo1 \
8639f9be 4815-- lsp-set-addresses foo1 "dynamic"
8bc2c143 4816AT_CHECK([ovn-nbctl --timeout=10 wait-until Logical-Switch-Port foo1 dynamic_addresses='"0a:00:00:00:00:01 192.168.1.2"'], [0])
8639f9be
ND		 4817
4818# Create logical port alice1 in alice
fd3b31e9 4819ovn-nbctl --wait=sb lsp-add alice alice1 \
8639f9be 4820-- lsp-set-addresses alice1 "dynamic"
8bc2c143 4821AT_CHECK([ovn-nbctl --timeout=10 wait-until Logical-Switch-Port alice1 dynamic_addresses='"0a:00:00:00:00:02 192.168.2.2"'])
8639f9be
ND		 4822
4823# Create logical port foo2 in foo
fd3b31e9 4824ovn-nbctl --wait=sb lsp-add foo foo2 \
8639f9be 4825-- lsp-set-addresses foo2 "dynamic"
8bc2c143 4826AT_CHECK([ovn-nbctl --timeout=10 wait-until Logical-Switch-Port foo2 dynamic_addresses='"0a:00:00:00:00:03 192.168.1.3"'])
8639f9be
ND		 4827
4828# Create a hypervisor and create OVS ports corresponding to logical ports.
4829net_add n1
4830
4831sim_add hv1
4832as hv1
4833ovs-vsctl add-br br-phys
4834ovn_attach n1 br-phys 192.168.0.1
4835ovs-vsctl -- add-port br-int hv1-vif1 -- \
4836 set interface hv1-vif1 external-ids:iface-id=foo1 \
4837 options:tx_pcap=hv1/vif1-tx.pcap \
4838 options:rxq_pcap=hv1/vif1-rx.pcap \
4839 ofport-request=1
4840
4841ovs-vsctl -- add-port br-int hv1-vif2 -- \
4842 set interface hv1-vif2 external-ids:iface-id=foo2 \
4843 options:tx_pcap=hv1/vif2-tx.pcap \
4844 options:rxq_pcap=hv1/vif2-rx.pcap \
4845 ofport-request=2
4846
4847ovs-vsctl -- add-port br-int hv1-vif3 -- \
4848 set interface hv1-vif3 external-ids:iface-id=alice1 \
4849 options:tx_pcap=hv1/vif3-tx.pcap \
4850 options:rxq_pcap=hv1/vif3-rx.pcap \
4851 ofport-request=3
4852
4853# Allow some time for ovn-northd and ovn-controller to catch up.
4854# XXX This should be more systematic.
4855sleep 1
4856
4857ip_to_hex() {
4858 printf "%02x%02x%02x%02x" "$@"
4859}
8639f9be
ND		 4860
4861# Send ip packets between foo1 and foo2
4862src_mac="0a0000000001"
4863dst_mac="0a0000000003"
4864src_ip=`ip_to_hex 192 168 1 2`
4865dst_ip=`ip_to_hex 192 168 1 3`
4866packet=${dst_mac}${src_mac}08004500001c0000000040110000${src_ip}${dst_ip}0035111100080000
4867as hv1 ovs-appctl netdev-dummy/receive hv1-vif1 $packet
4868
4869# Send ip packets between foo1 and alice1
4870src_mac="0a0000000001"
4871dst_mac="000000010203"
4872src_ip=`ip_to_hex 192 168 1 2`
4873dst_ip=`ip_to_hex 192 168 2 2`
4874packet=${dst_mac}${src_mac}08004500001c0000000040110000${src_ip}${dst_ip}0035111100080000
4875as hv1 ovs-appctl netdev-dummy/receive hv1-vif1 $packet
4876
4877echo "---------NB dump-----"
4878ovn-nbctl show
4879echo "---------------------"
4880ovn-nbctl list logical_router
4881echo "---------------------"
4882ovn-nbctl list logical_router_port
4883echo "---------------------"
4884
4885echo "---------SB dump-----"
4886ovn-sbctl list datapath_binding
4887echo "---------------------"
4888ovn-sbctl list port_binding
4889echo "---------------------"
4890
4891echo "------ hv1 dump ----------"
4892as hv1 ovs-ofctl dump-flows br-int
4893
4894# Packet to Expect at foo2
4895src_mac="0a0000000001"
4896dst_mac="0a0000000003"
4897src_ip=`ip_to_hex 192 168 1 2`
4898dst_ip=`ip_to_hex 192 168 1 3`
4899expected=${dst_mac}${src_mac}08004500001c0000000040110000${src_ip}${dst_ip}0035111100080000
4900
e4543cfe
DDP		 4901$PYTHON "$top_srcdir/utilities/ovs-pcap.in" hv1/vif2-tx.pcap > received1.packets
4902echo $expected > expout
8639f9be
ND		 4903AT_CHECK([cat received1.packets], [0], [expout])
4904
4905# Packet to Expect at alice1
4906src_mac="000000010204"
4907dst_mac="0a0000000002"
4908src_ip=`ip_to_hex 192 168 1 2`
4909dst_ip=`ip_to_hex 192 168 2 2`
4910expected=${dst_mac}${src_mac}08004500001c000000003f110100${src_ip}${dst_ip}0035111100080000
4911
e4543cfe
DDP		 4912$PYTHON "$top_srcdir/utilities/ovs-pcap.in" hv1/vif3-tx.pcap > received2.packets
4913echo $expected > expout
8639f9be
ND		 4914AT_CHECK([cat received2.packets], [0], [expout])
4915
4916OVN_CLEANUP([hv1])
4917
4918AT_CLEANUP
f5792c3f
NS		 4919
4920AT_SETUP([ovn -- ovs-vswitchd restart])
1794d5f2 4921AT_KEYWORDS([vswitchd])
f5792c3f
NS		 4922AT_SKIP_IF([test $HAVE_PYTHON = no])
4923ovn_start
4924
4925ovn-nbctl ls-add ls1
4926
4927ovn-nbctl lsp-add ls1 ls1-lp1 \
4928-- lsp-set-addresses ls1-lp1 "f0:00:00:00:00:01 10.0.0.4"
4929
4930ovn-nbctl lsp-set-port-security ls1-lp1 "f0:00:00:00:00:01 10.0.0.4"
4931
4932net_add n1
4933sim_add hv1
4934
4935as hv1
4936ovs-vsctl add-br br-phys
4937ovn_attach n1 br-phys 192.168.0.1
4938ovs-vsctl -- add-port br-int hv1-vif1 -- \
4939 set interface hv1-vif1 external-ids:iface-id=ls1-lp1 \
4940 options:tx_pcap=hv1/vif1-tx.pcap \
4941 options:rxq_pcap=hv1/vif1-rx.pcap \
4942 ofport-request=1
4943
4944ovn_populate_arp
4945sleep 2
4946
4947as hv1 ovs-vsctl show
4948
4949echo "---------------------"
4950ovn-sbctl dump-flows
4951echo "---------------------"
4952
4953echo "------ hv1 dump ----------"
4954as hv1 ovs-ofctl dump-flows br-int
4955total_flows=`as hv1 ovs-ofctl dump-flows br-int | wc -l`
4956
4957echo "Total flows before vswitchd restart = " $total_flows
4958
4959# Code taken from ovs-save utility
4960save_flows () {
4961 echo "ovs-ofctl add-flows br-int - << EOF" > restore_flows.sh
4962 as hv1 ovs-ofctl dump-flows "br-int" | sed -e '/NXST_FLOW/d' \
4963 -e 's/\(idle\|hard\)_age=[^,]*,//g' >> restore_flows.sh
4964 echo "EOF" >> restore_flows.sh
4965}
4966
4967restart_vswitchd () {
4968 restore_flows=$1
4969
4970 if test $restore_flows = true; then
4971 save_flows
4972 fi
4973
4974 as hv1
4975 OVS_APP_EXIT_AND_WAIT([ovs-vswitchd])
4976
4977 if test $restore_flows = true; then
4978 as hv1
4979 ovs-vsctl --no-wait set open_vswitch . other_config:flow-restore-wait="true"
4980 fi
4981
4982 as hv1
4983 start_daemon ovs-vswitchd --enable-dummy=system -vvconn -vofproto_dpif -vunixctl
4984 ovs-ofctl dump-flows br-int
4985
4986 if test $restore_flows = true; then
4987 sh ./restore_flows.sh
4988 echo "Flows after restore"
4989 as hv1
4990 ovs-ofctl dump-flows br-int
4991 ovs-vsctl --no-wait --if-exists remove open_vswitch . other_config \
4992 flow-restore-wait="true"
4993 fi
4994}
4995
4996# Save the flows, restart vswitchd and restore the flows
4997restart_vswitchd true
4998OVS_WAIT_UNTIL([
4999 total_flows_after_restart=`as hv1 ovs-ofctl dump-flows br-int | wc -l`
5000 echo "Total flows after vswitchd restart = " $total_flows_after_restart
5001 test "${total_flows}" = "${total_flows_after_restart}"
5002])
5003
5004# Restart vswitchd without restoring
5005restart_vswitchd false
5006OVS_WAIT_UNTIL([
5007 total_flows_after_restart=`as hv1 ovs-ofctl dump-flows br-int | wc -l`
5008 echo "Total flows after vswitchd restart = " $total_flows_after_restart
5009 test "${total_flows}" = "${total_flows_after_restart}"
5010])
5011
5012OVN_CLEANUP([hv1])
5013AT_CLEANUP
47021598
CSV		 5014
5015AT_SETUP([ovn -- send arp for nexthop])
47021598
CSV		 5016AT_SKIP_IF([test $HAVE_PYTHON = no])
5017ovn_start
5018
5019# Topology: Two LSs - ls1 and ls2 are connected via router r0
5020
5021# Create logical switches
5022ovn-nbctl ls-add ls1
5023ovn-nbctl ls-add ls2
5024
5025# Create router
5026ovn-nbctl create Logical_Router name=lr0
5027
5028# Add router ls1p1 port to gateway router
5029ovn-nbctl lrp-add lr0 lrp-ls1lp1 f0:00:00:00:00:01 192.168.0.1/24
5030ovn-nbctl lsp-add ls1 ls1lp1 -- set Logical_Switch_Port ls1lp1 \
5031 type=router options:router-port=lrp-ls1lp1 \
5032 addresses='"f0:00:00:00:00:01 192.168.0.1"'
5033
5034# Add router ls2p2 port to gateway router
5035ovn-nbctl lrp-add lr0 lrp-ls2lp1 f0:00:00:00:00:02 192.168.1.1/24
5036ovn-nbctl lsp-add ls2 ls2lp1 -- set Logical_Switch_Port ls2lp1 \
5037 type=router options:router-port=lrp-ls2lp1 \
5038 addresses='"f0:00:00:00:00:02 192.168.1.1"'
5039
5040# Set default gateway (nexthop) to 192.168.1.254
5041ovn-nbctl lr-route-add lr0 "0.0.0.0/0" 192.168.1.254 lrp-ls2lp1
5042
5043# Create logical port ls1lp2 in ls1
5044ovn-nbctl lsp-add ls1 ls1lp2 \
5045-- lsp-set-addresses ls1lp2 "f0:00:00:00:00:03 192.168.0.2"
5046
5047# Create logical port ls2lp2 in ls2
5048ovn-nbctl lsp-add ls2 ls2lp2 \
5049-- lsp-set-addresses ls2lp2 "f0:00:00:00:00:04 192.168.1.10"
5050
5051net_add n1
5052sim_add hv1
5053as hv1
5054ovs-vsctl add-br br-phys
5055ovn_attach n1 br-phys 192.168.0.1
5056ovs-vsctl -- add-port br-int hv1-ls1lp2 -- \
5057 set interface hv1-ls1lp2 external-ids:iface-id=ls1lp2 \
5058 options:tx_pcap=hv1/ls1lp2-tx.pcap \
5059 options:rxq_pcap=hv1/ls1lp2-rx.pcap \
5060 ofport-request=1
5061ovs-vsctl -- add-port br-int hv1-ls2lp2 -- \
5062 set interface hv1-ls2lp2 external-ids:iface-id=ls2lp2 \
5063 options:tx_pcap=hv1/ls2lp2-tx.pcap \
5064 options:rxq_pcap=hv1/ls2lp2-rx.pcap \
5065 ofport-request=2
5066
5067# Allow some time for ovn-northd and ovn-controller to catch up.
5068# XXX This should be more systematic.
5069sleep 1
5070
5071echo "---------NB dump-----"
5072ovn-nbctl show
5073echo "---------------------"
5074ovn-nbctl list logical_router
5075echo "---------------------"
5076ovn-nbctl list logical_router_port
5077echo "---------------------"
5078
5079echo "---------SB dump-----"
5080ovn-sbctl list datapath_binding
5081echo "---------------------"
5082ovn-sbctl list port_binding
5083echo "---------------------"
5084ovn-sbctl dump-flows
5085echo "---------------------"
5086ovn-sbctl list chassis
5087ovn-sbctl list encap
5088echo "---------------------"
5089
5090echo "------Flows dump-----"
5091as hv1
5092ovs-ofctl dump-flows
5093echo "---------------------"
5094
5095ip_to_hex() {
5096 printf "%02x%02x%02x%02x" "$@"
5097}
5098
5099src_mac="f00000000003"
5100dst_mac="f00000000001"
5101src_ip=`ip_to_hex 192 168 0 2`
5102dst_ip=`ip_to_hex 8 8 8 8`
5103packet=${dst_mac}${src_mac}08004500001c0000000040110000${src_ip}${dst_ip}0035111100080000
5104
5105# Send IP packet destined to 8.8.8.8 from lsp1lp2
5106as hv1 ovs-appctl netdev-dummy/receive hv1-ls1lp2 $packet
5107
5108trim_zeros() {
5109 sed 's/\(00\)\{1,\}$//'
5110}
5111
5112# ARP packet should be received with Target IP Address set to 192.168.1.254 and
5113# not 8.8.8.8
5114
5115$PYTHON "$top_srcdir/utilities/ovs-pcap.in" hv1/ls2lp2-tx.pcap | trim_zeros > packets
5116expected="fffffffffffff0000000000208060001080006040001f00000000002c0a80101000000000000c0a801fe"
5117echo $expected > expout
5118AT_CHECK([cat packets], [0], [expout])
5119cat packets
5120
5121OVN_CLEANUP([hv1])
5122
5123AT_CLEANUP
8439c2eb
CSV		 5124
5125AT_SETUP([ovn -- send gratuitous arp for nat ips in localnet])
8439c2eb
CSV		 5126AT_SKIP_IF([test $HAVE_PYTHON = no])
5127ovn_start
5128# Create logical switch
5129ovn-nbctl ls-add ls0
5130# Create gateway router
5131ovn-nbctl create Logical_Router name=lr0 options:chassis=hv1
5132# Add router port to gateway router
5133ovn-nbctl lrp-add lr0 lrp0 f0:00:00:00:00:01 192.168.0.1/24
5134ovn-nbctl lsp-add ls0 lrp0-rp -- set Logical_Switch_Port lrp0-rp \
5135 type=router options:router-port=lrp0-rp addresses='"f0:00:00:00:00:01"'
5136# Add nat-address option
5137ovn-nbctl lsp-set-options lrp0-rp router-port=lrp0 nat-addresses="f0:00:00:00:00:01 192.168.0.2"
5138
5139net_add n1
5140sim_add hv1
5141as hv1
5142ovs-vsctl \
5143 -- add-br br-phys \
5144 -- add-br br-eth0
5145
5146ovn_attach n1 br-phys 192.168.0.1
5147
5148AT_CHECK([ovs-vsctl set Open_vSwitch . external-ids:ovn-bridge-mappings=physnet1:br-eth0])
5149AT_CHECK([ovs-vsctl add-port br-eth0 snoopvif -- set Interface snoopvif options:tx_pcap=hv1/snoopvif-tx.pcap options:rxq_pcap=hv1/snoopvif-rx.pcap])
5150
5151# Create a localnet port.
5152AT_CHECK([ovn-nbctl lsp-add ls0 ln_port])
5153AT_CHECK([ovn-nbctl lsp-set-addresses ln_port unknown])
5154AT_CHECK([ovn-nbctl lsp-set-type ln_port localnet])
5155AT_CHECK([ovn-nbctl lsp-set-options ln_port network_name=physnet1])
5156
5157
5158# Wait for packet to be received.
5159OVS_WAIT_UNTIL([test `wc -c < "hv1/snoopvif-tx.pcap"` -ge 50])
5160trim_zeros() {
5161 sed 's/\(00\)\{1,\}$//'
5162}
5163$PYTHON "$top_srcdir/utilities/ovs-pcap.in" hv1/snoopvif-tx.pcap | trim_zeros > packets
5164expected="fffffffffffff0000000000108060001080006040001f00000000001c0a80002000000000000c0a80002"
5165echo $expected > expout
5166AT_CHECK([sort packets], [0], [expout])
5167cat packets
5168
5169OVN_CLEANUP([hv1])
5170
5171AT_CLEANUP
6e31816f
CSV		 5172
5173AT_SETUP([ovn -- delete mac bindings])
6e31816f
CSV		 5174ovn_start
5175net_add n1
5176sim_add hv1
5177as hv1
5178ovs-vsctl -- add-br br-phys
5179ovn_attach n1 br-phys 192.168.0.1
5180# Create logical switch ls0
5181ovn-nbctl ls-add ls0
5182# Create ports lp0, lp1 in ls0
5183ovn-nbctl lsp-add ls0 lp0
5184ovn-nbctl lsp-add ls0 lp1
5185ovn-nbctl lsp-set-addresses lp0 "f0:00:00:00:00:01 192.168.0.1"
5186ovn-nbctl lsp-set-addresses lp1 "f0:00:00:00:00:02 192.168.0.2"
5187dp_uuid=`ovn-sbctl find datapath | grep uuid | cut -f2 -d ":" | cut -f2 -d " "`
5188ovn-sbctl create MAC_Binding ip=10.0.0.1 datapath=$dp_uuid logical_port=lp0 mac="mac1"
5189ovn-sbctl create MAC_Binding ip=10.0.0.1 datapath=$dp_uuid logical_port=lp1 mac="mac2"
5190ovn-sbctl find MAC_Binding
093aa761 5191# Delete port lp0 and check that its MAC_Binding is deleted.
6e31816f
CSV		 5192ovn-nbctl lsp-del lp0
5193ovn-sbctl find MAC_Binding
093aa761
BP		 5194OVS_WAIT_UNTIL([test `ovn-sbctl find MAC_Binding logical_port=lp0 | wc -l` = 0])
5195# Delete logical switch ls0 and check that its MAC_Binding is deleted.
6e31816f
CSV		 5196ovn-nbctl ls-del ls0
5197ovn-sbctl find MAC_Binding
093aa761 5198OVS_WAIT_UNTIL([test `ovn-sbctl find MAC_Binding | wc -l` = 0])
6e31816f
CSV		 5199
5200OVN_CLEANUP([hv1])
5201
5202AT_CLEANUP
926c34fd
RM		 5203
5204AT_SETUP([ovn -- conntrack zone allocation])
926c34fd
RM		 5205AT_SKIP_IF([test $HAVE_PYTHON = no])
5206ovn_start
5207
5208# Logical network:
5209# 2 logical switches "foo" (192.168.1.0/24) and "bar" (172.16.1.0/24)
5210# connected to a router R1.
5211# foo has foo1 to act as a client.
5212# bar has bar1, bar2, bar3 to act as servers.
5213
5214net_add n1
5215
5216sim_add hv1
5217as hv1
5218ovs-vsctl add-br br-phys
5219ovn_attach n1 br-phys 192.168.0.1
5220for i in foo1 bar1 bar2 bar3; do
5221 ovs-vsctl -- add-port br-int $i -- \
5222 set interface $i external-ids:iface-id=$i \
5223 options:tx_pcap=hv1/$i-tx.pcap \
5224 options:rxq_pcap=hv1/$i-rx.pcap
5225done
5226
5227ovn-nbctl create Logical_Router name=R1
5228ovn-nbctl ls-add foo
5229ovn-nbctl ls-add bar
5230
5231# Connect foo to R1
5232ovn-nbctl lrp-add R1 foo 00:00:01:01:02:03 192.168.1.1/24
5233ovn-nbctl lsp-add foo rp-foo -- set Logical_Switch_Port rp-foo \
5234 type=router options:router-port=foo addresses=\"00:00:01:01:02:03\"
5235
5236# Connect bar to R1
5237ovn-nbctl lrp-add R1 bar 00:00:01:01:02:04 172.16.1.1/24
5238ovn-nbctl lsp-add bar rp-bar -- set Logical_Switch_Port rp-bar \
5239 type=router options:router-port=bar addresses=\"00:00:01:01:02:04\"
5240
5241# Create logical port foo1 in foo
5242ovn-nbctl lsp-add foo foo1 \
5243-- lsp-set-addresses foo1 "f0:00:00:01:02:03 192.168.1.2"
5244
5245# Create logical port bar1, bar2 and bar3 in bar
5246for i in `seq 1 3`; do
5247 ip=`expr $i + 1`
5248 ovn-nbctl lsp-add bar bar$i \
5249 -- lsp-set-addresses bar$i "f0:00:0a:01:02:$i 172.16.1.$ip"
5250done
5251
5252OVS_WAIT_UNTIL([test `ovs-ofctl dump-flows br-int table=0 | grep REG13 | wc -l` -eq 4])
5253
5254OVN_CLEANUP([hv1])
5255
5256AT_CLEANUP
b511690b
GS		 5257
5258AT_SETUP([ovn -- tag allocation])
b511690b
GS		 5259ovn_start
5260
5261AT_CHECK([ovn-nbctl ls-add ls0])
5262AT_CHECK([ovn-nbctl lsp-add ls0 parent1])
5263AT_CHECK([ovn-nbctl lsp-add ls0 parent2])
5264AT_CHECK([ovn-nbctl ls-add ls1])
5265
5266dnl When a tag is provided, no allocation is done
5267AT_CHECK([ovn-nbctl --wait=sb lsp-add ls1 c0 parent1 3])
5268AT_CHECK([ovn-nbctl lsp-get-tag c0], [0], [3
5269])
5270dnl The same 'tag' gets created in southbound database.
5271AT_CHECK([ovn-sbctl --data=bare --no-heading --columns=tag find port_binding \
5272logical_port="c0"], [0], [3
5273])
5274
5275dnl Allocate tags and see it getting created in both NB and SB
5276AT_CHECK([ovn-nbctl --wait=sb lsp-add ls1 c1 parent1 0])
5277AT_CHECK([ovn-nbctl lsp-get-tag c1], [0], [1
5278])
5279AT_CHECK([ovn-sbctl --data=bare --no-heading --columns=tag find port_binding \
5280logical_port="c1"], [0], [1
5281])
5282
5283AT_CHECK([ovn-nbctl --wait=sb lsp-add ls1 c2 parent1 0])
5284AT_CHECK([ovn-nbctl lsp-get-tag c2], [0], [2
5285])
5286AT_CHECK([ovn-sbctl --data=bare --no-heading --columns=tag find port_binding \
5287logical_port="c2"], [0], [2
5288])
5289AT_CHECK([ovn-nbctl --wait=sb lsp-add ls1 c3 parent1 0])
5290AT_CHECK([ovn-nbctl lsp-get-tag c3], [0], [4
5291])
5292AT_CHECK([ovn-sbctl --data=bare --no-heading --columns=tag find port_binding \
5293logical_port="c3"], [0], [4
5294])
5295
5296dnl A different parent.
5297AT_CHECK([ovn-nbctl --wait=sb lsp-add ls1 c4 parent2 0])
5298AT_CHECK([ovn-nbctl lsp-get-tag c4], [0], [1
5299])
5300AT_CHECK([ovn-sbctl --data=bare --no-heading --columns=tag find port_binding \
5301logical_port="c4"], [0], [1
5302])
5303
5304AT_CHECK([ovn-nbctl --wait=sb lsp-add ls1 c5 parent2 0])
5305AT_CHECK([ovn-nbctl lsp-get-tag c5], [0], [2
5306])
5307AT_CHECK([ovn-sbctl --data=bare --no-heading --columns=tag find port_binding \
5308logical_port="c5"], [0], [2
5309])
5310
5311dnl Delete a logical port and create a new one.
5312AT_CHECK([ovn-nbctl --wait=sb lsp-del c1])
5313AT_CHECK([ovn-nbctl --wait=sb lsp-add ls1 c6 parent1 0])
5314AT_CHECK([ovn-nbctl lsp-get-tag c6], [0], [1
5315])
5316AT_CHECK([ovn-sbctl --data=bare --no-heading --columns=tag find port_binding \
5317logical_port="c6"], [0], [1
5318])
5319
5320dnl Restart northd to see that the same allocation remains.
5321as northd
5322OVS_APP_EXIT_AND_WAIT([ovn-northd])
5323start_daemon ovn-northd \
5324 --ovnnb-db=unix:"$ovs_base"/ovn-nb/ovn-nb.sock \
5325 --ovnsb-db=unix:"$ovs_base"/ovn-sb/ovn-sb.sock
5326
5327dnl Create a switch to make sure that ovn-northd has run through the main loop.
5328AT_CHECK([ovn-nbctl --wait=sb ls-add ls-dummy])
5329AT_CHECK([ovn-nbctl lsp-get-tag c0], [0], [3
5330])
5331AT_CHECK([ovn-nbctl lsp-get-tag c6], [0], [1
5332])
5333AT_CHECK([ovn-nbctl lsp-get-tag c2], [0], [2
5334])
5335AT_CHECK([ovn-nbctl lsp-get-tag c3], [0], [4
5336])
5337AT_CHECK([ovn-nbctl lsp-get-tag c4], [0], [1
5338])
5339AT_CHECK([ovn-nbctl lsp-get-tag c5], [0], [2
5340])
5341
5342dnl Create a switch port with a tag that has already been allocated.
5343dnl It should go through fine with a duplicate tag.
5344AT_CHECK([ovn-nbctl --wait=sb lsp-add ls1 c7 parent2 2])
5345AT_CHECK([ovn-nbctl lsp-get-tag c7], [0], [2
5346])
5347AT_CHECK([ovn-sbctl --data=bare --no-heading --columns=tag find port_binding \
5348logical_port="c7"], [0], [2
5349])
5350AT_CHECK([ovn-nbctl lsp-get-tag c5], [0], [2
5351])
5352
5353AT_CHECK([ovn-nbctl ls-add ls2])
5354dnl When there is no parent_name provided (for say, 'localnet'), 'tag_request'
5355dnl gets copied to 'tag'
5356AT_CHECK([ovn-nbctl --wait=sb lsp-add ls2 local0 "" 25])
5357AT_CHECK([ovn-nbctl lsp-get-tag local0], [0], [25
5358])
5359dnl The same 'tag' gets created in southbound database.
5360AT_CHECK([ovn-sbctl --data=bare --no-heading --columns=tag find port_binding \
5361logical_port="local0"], [0], [25
5362])
5363dnl If 'tag_request' is 0 for localnet, nothing gets written to 'tag'
5364AT_CHECK([ovn-nbctl --wait=sb lsp-add ls2 local1 "" 0])
5365AT_CHECK([ovn-nbctl lsp-get-tag local1])
5366dnl change the tag_request.
5367AT_CHECK([ovn-nbctl --wait=sb set logical_switch_port local1 tag_request=50])
5368AT_CHECK([ovn-nbctl lsp-get-tag local1], [0], [50
5369])
5370
5371AT_CLEANUP
57afd0c0
RR		 5372
5373AT_SETUP([ovn -- lsp deletion and broadcast-flow deletion on localnet])
57afd0c0
RR		 5374ovn_start
5375ovn-nbctl ls-add lsw0
5376net_add n1
5377for i in 1 2; do
5378 sim_add hv$i
5379 as hv$i
5380 ovs-vsctl add-br br-phys
5381 ovn_attach n1 br-phys 192.168.0.$i
5382 ovs-vsctl add-br br-eth0
5383 AT_CHECK([ovs-vsctl set Open_vSwitch . external-ids:ovn-bridge-mappings=physnet1:br-eth0])
5384done
5385
5386# Create a localnet port.
5387AT_CHECK([ovn-nbctl lsp-add lsw0 ln_port])
5388AT_CHECK([ovn-nbctl lsp-set-addresses ln_port unknown])
5389AT_CHECK([ovn-nbctl lsp-set-type ln_port localnet])
5390AT_CHECK([ovn-nbctl lsp-set-options ln_port network_name=physnet1])
5391
5392
5393# Create 3 vifs.
5394AT_CHECK([ovn-nbctl lsp-add lsw0 localvif1])
5395AT_CHECK([ovn-nbctl lsp-set-addresses localvif1 "f0:00:00:00:00:01 192.168.1.1"])
5396AT_CHECK([ovn-nbctl lsp-set-port-security localvif1 "f0:00:00:00:00:01"])
5397AT_CHECK([ovn-nbctl lsp-add lsw0 localvif2])
5398AT_CHECK([ovn-nbctl lsp-set-addresses localvif2 "f0:00:00:00:00:01 192.168.1.2"])
5399AT_CHECK([ovn-nbctl lsp-set-port-security localvif2 "f0:00:00:00:00:02"])
5400AT_CHECK([ovn-nbctl lsp-add lsw0 localvif3])
5401AT_CHECK([ovn-nbctl lsp-set-addresses localvif3 "f0:00:00:00:00:03 192.168.1.3"])
5402AT_CHECK([ovn-nbctl lsp-set-port-security localvif3 "f0:00:00:00:00:03"])
5403
5404# Bind the localvif1 to hv1.
5405as hv1
5406AT_CHECK([ovs-vsctl add-port br-int localvif1 -- set Interface localvif1 external_ids:iface-id=localvif1])
5407
5408# On hv1, check that there are no flows outputting bcast to tunnel
5409OVS_WAIT_UNTIL([test `ovs-ofctl dump-flows br-int table=32 | ofctl_strip | grep output | wc -l` -eq 0])
5410
1ea9b847 5411# On hv2, check that no flow outputs bcast to tunnel to hv1.
57afd0c0 5412as hv2
1ea9b847 5413OVS_WAIT_UNTIL([test `ovs-ofctl dump-flows br-int table=32 | ofctl_strip | grep output | wc -l` -eq 0])
57afd0c0
RR		 5414
5415# Now bind vif2 on hv2.
5416AT_CHECK([ovs-vsctl add-port br-int localvif2 -- set Interface localvif2 external_ids:iface-id=localvif2])
5417
5418# At this point, the broadcast flow on vif2 should be deleted.
5419# because, there is now a localnet vif bound (table=32 programming logic)
5420OVS_WAIT_UNTIL([test `ovs-ofctl dump-flows br-int table=32 | ofctl_strip | grep output | wc -l` -eq 0])
5421
5422# Verify that the local net patch port exists on hv2.
5423OVS_WAIT_UNTIL([test `ovs-vsctl show | grep "Port patch-br-int-to-ln_port" | wc -l` -eq 1])
5424
5425# Now bind vif3 on hv2.
5426AT_CHECK([ovs-vsctl add-port br-int localvif3 -- set Interface localvif3 external_ids:iface-id=localvif3])
5427
5428# Verify that the local net patch port still exists on hv2
5429OVS_WAIT_UNTIL([test `ovs-vsctl show | grep "Port patch-br-int-to-ln_port" | wc -l` -eq 1])
5430
5431# Delete localvif2
5432AT_CHECK([ovn-nbctl lsp-del localvif2])
5433
5434# Verify that the local net patch port still exists on hv2,
5435# because, localvif3 is still bound.
5436OVS_WAIT_UNTIL([test `ovs-vsctl show | grep "Port patch-br-int-to-ln_port" | wc -l` -eq 1])
5437
57afd0c0 5438OVN_CLEANUP([hv1],[hv2])
1a03fc7d
BS		 5439
5440AT_CLEANUP
5441
5442AT_SETUP([ovn -- DSCP marking check])
5443AT_KEYWORDS([ovn])
5444ovn_start
5445
5446ovn-nbctl ls-add lsw0
5447ovn-nbctl --wait=sb lsp-add lsw0 lp1
5448ovn-nbctl --wait=sb lsp-add lsw0 lp2
5449ovn-nbctl lsp-set-addresses lp1 f0:00:00:00:00:01
5450ovn-nbctl lsp-set-addresses lp2 f0:00:00:00:00:02
5451ovn-nbctl lsp-set-port-security lp1 f0:00:00:00:00:01
5452ovn-nbctl lsp-set-port-security lp2 f0:00:00:00:00:02
5453ovn-nbctl --wait=sb sync
5454net_add n1
5455sim_add hv
5456as hv
5457ovs-vsctl add-br br-phys
5458ovn_attach n1 br-phys 192.168.0.1
5459ovs-vsctl add-port br-int vif1 -- set Interface vif1 external-ids:iface-id=lp1 options:tx_pcap=vif1-tx.pcap options:rxq_pcap=vif1-rx.pcap ofport-request=1
5460ovs-vsctl add-port br-int vif2 -- set Interface vif2 external-ids:iface-id=lp2 options:tx_pcap=vif2-tx.pcap options:rxq_pcap=vif2-rx.pcap ofport-request=2
5461
5462AT_CAPTURE_FILE([trace])
5463ovn_trace () {
5464 ovn-trace --all "$@" | tee trace | sed '1,/Minimal trace/d'
5465}
5466
5467# Extracts nw_tos from the final flow from ofproto/trace output and prints
5468# it on stdout. Prints "none" if no nw_tos was included.
5469get_final_nw_tos() {
5470 if flow=$(grep '^Final flow:' stdout); then :; else
5471 # The output didn't have a final flow.
5472 return 99
5473 fi
5474
5475 tos=$(echo "$flow" | sed -n 's/.*nw_tos=\([[0-9]]\{1,\}\).*/\1/p')
5476 case $tos in
5477 '') echo none ;;
5478 *) echo $tos ;;
5479 esac
5480}
5481
5482# check_tos TOS
5483#
5484# Checks that a packet from 1.1.1.1 to 1.1.1.2 gets its DSCP set to TOS.
5485check_tos() {
5486 # First check with ovn-trace for logical flows.
5487 echo "checking for tos $1"
5488 (if test $1 != 0; then echo "ip.dscp = $1;"; fi;
5489 echo 'output("lp2");') > expout
5490 AT_CHECK_UNQUOTED([ovn_trace lsw0 'inport == "lp1" && eth.src == f0:00:00:00:00:01 && eth.dst == f0:00:00:00:00:02 && ip4.src == 1.1.1.1 && ip4.dst == 1.1.1.2'], [0], [expout])
5491
5492 # Then re-check with ofproto/trace for a physical packet.
5493 AT_CHECK([ovs-appctl ofproto/trace br-int 'in_port=1,dl_src=f0:00:00:00:00:01,dl_dst=f0:00:00:00:00:02,dl_type=0x800,nw_src=1.1.1.1,nw_dst=1.1.1.2'], [0], [stdout-nolog])
5494 AT_CHECK_UNQUOTED([get_final_nw_tos], [0], [`expr $1 \* 4`
5495])
5496}
5497
5498# check at L2
5499AT_CHECK([ovn_trace lsw0 'inport == "lp1" && eth.src == f0:00:00:00:00:01 && eth.dst == f0:00:00:00:00:02'], [0], [output("lp2");
5500])
5501AT_CHECK([ovs-appctl ofproto/trace br-int 'in_port=1,dl_src=f0:00:00:00:00:01,dl_dst=f0:00:00:00:00:02'], [0], [stdout-nolog])
5502AT_CHECK([get_final_nw_tos], [0], [none
5503])
5504
5505# check at L3 without dscp marking
5506check_tos 0
5507
5508# Mark DSCP with a valid value
5509qos_id=$(ovn-nbctl --wait=hv -- --id=@lp1-qos create QoS priority=100 action=dscp=48 match="inport\=\=\"lp1\"" direction="from-lport" -- set Logical_Switch lsw0 qos_rules=@lp1-qos)
5510check_tos 48
5511
5512# Update the DSCP marking
5513ovn-nbctl --wait=hv set QoS $qos_id action=dscp=63
5514check_tos 63
5515
5516ovn-nbctl --wait=hv set QoS $qos_id match="outport\=\=\"lp2\"" direction="to-lport"
5517check_tos 63
5518
5519# Disable DSCP marking
5520ovn-nbctl --wait=hv clear Logical_Switch lsw0 qos_rules
5521check_tos 0
5522
5523OVN_CLEANUP([hv])
57afd0c0 5524AT_CLEANUP
7fff4eb7
LR		 5525
5526AT_SETUP([ovn -- read-only sb db:ptcp access])
5527AT_SKIP_IF([test $HAVE_PYTHON = no])
5528
5529: > .$1.db.~lock~
5530ovsdb-tool create ovn-sb.db "$abs_top_srcdir"/ovn/ovn-sb.ovsschema
5531
5532# Add read-only remote to sb ovsdb-server
5533AT_CHECK(
5534 [ovsdb-tool transact ovn-sb.db \
5535 ['["OVN_Southbound",
5536 {"op": "insert",
5537 "table": "SB_Global",
5538 "row": {
5539 "connections": ["set", [["named-uuid", "xyz"]]]}},
5540 {"op": "insert",
5541 "table": "Connection",
5542 "uuid-name": "xyz",
5543 "row": {"target": "ptcp:0:127.0.0.1",
5544 "read_only": true}}]']], [0], [ignore], [ignore])
5545
5546start_daemon ovsdb-server --remote=punix:ovn-sb.sock --remote=db:OVN_Southbound,SB_Global,connections ovn-sb.db
5547
5548PARSE_LISTENING_PORT([ovsdb-server.log], [TCP_PORT])
5549
5550# read-only accesses should succeed
5551AT_CHECK([ovn-sbctl --db=tcp:127.0.0.1:$TCP_PORT list SB_Global], [0], [stdout], [ignore])
5552AT_CHECK([ovn-sbctl --db=tcp:127.0.0.1:$TCP_PORT list Connection], [0], [stdout], [ignore])
5553
5554# write access should fail
5555AT_CHECK([ovn-sbctl --db=tcp:127.0.0.1:$TCP_PORT chassis-add ch vxlan 1.2.4.8], [1], [ignore],
5556[ovn-sbctl: transaction error: {"details":"insert operation not allowed when database server is in read only mode","error":"not allowed"}
5557])
5558
5559OVS_APP_EXIT_AND_WAIT([ovsdb-server])
5560AT_CLEANUP
5561
5562AT_SETUP([ovn -- read-only sb db:pssl access])
5563AT_SKIP_IF([test $HAVE_PYTHON = no])
5564AT_SKIP_IF([test "$HAVE_OPENSSL" = no])
5565PKIDIR="$(cd $abs_top_builddir/tests && pwd)"
5566AT_SKIP_IF([expr "$PKIDIR" : ".*[ '\"
5567\\]"])
5568
5569: > .$1.db.~lock~
5570ovsdb-tool create ovn-sb.db "$abs_top_srcdir"/ovn/ovn-sb.ovsschema
5571
5572# Add read-only remote to sb ovsdb-server
5573AT_CHECK(
5574 [ovsdb-tool transact ovn-sb.db \
5575 ['["OVN_Southbound",
5576 {"op": "insert",
5577 "table": "SB_Global",
5578 "row": {
5579 "connections": ["set", [["named-uuid", "xyz"]]]}},
5580 {"op": "insert",
5581 "table": "Connection",
5582 "uuid-name": "xyz",
5583 "row": {"target": "pssl:0:127.0.0.1",
5584 "read_only": true}}]']], [0], [ignore], [ignore])
5585
5586start_daemon ovsdb-server --remote=punix:ovn-sb.sock \
5587 --remote=db:OVN_Southbound,SB_Global,connections \
5588 --private-key="$PKIDIR/testpki-privkey2.pem" \
5589 --certificate="$PKIDIR/testpki-cert2.pem" \
5590 --ca-cert="$PKIDIR/testpki-cacert.pem" \
5591 ovn-sb.db
5592
5593PARSE_LISTENING_PORT([ovsdb-server.log], [TCP_PORT])
5594
5595# read-only accesses should succeed
5596AT_CHECK([ovn-sbctl --db=ssl:127.0.0.1:$TCP_PORT \
5597 --private-key=$PKIDIR/testpki-privkey.pem \
5598 --certificate=$PKIDIR/testpki-cert.pem \
5599 --ca-cert=$PKIDIR/testpki-cacert.pem \
5600 list SB_Global], [0], [stdout], [ignore])
5601AT_CHECK([ovn-sbctl --db=ssl:127.0.0.1:$TCP_PORT \
5602 --private-key=$PKIDIR/testpki-privkey.pem \
5603 --certificate=$PKIDIR/testpki-cert.pem \
5604 --ca-cert=$PKIDIR/testpki-cacert.pem \
5605 list Connection], [0], [stdout], [ignore])
5606
5607# write access should fail
5608AT_CHECK([ovn-sbctl --db=ssl:127.0.0.1:$TCP_PORT \
5609 --private-key=$PKIDIR/testpki-privkey.pem \
5610 --certificate=$PKIDIR/testpki-cert.pem \
5611 --ca-cert=$PKIDIR/testpki-cacert.pem \
5612 chassis-add ch vxlan 1.2.4.8], [1], [ignore],
5613[ovn-sbctl: transaction error: {"details":"insert operation not allowed when database server is in read only mode","error":"not allowed"}
5614])
5615
5616OVS_APP_EXIT_AND_WAIT([ovsdb-server])
5617AT_CLEANUP
5618
821302cf
LR		 5619AT_SETUP([ovn -- nb connection/ssl commands])
5620AT_SKIP_IF([test $HAVE_PYTHON = no])
5621AT_SKIP_IF([test "$HAVE_OPENSSL" = no])
5622PKIDIR="$(cd $abs_top_builddir/tests && pwd)"
5623AT_SKIP_IF([expr "$PKIDIR" : ".*[ '\"
5624\\]"])
5625
5626: > .$1.db.~lock~
5627ovsdb-tool create ovn-nb.db "$abs_top_srcdir"/ovn/ovn-nb.ovsschema
5628
5629# Start nb db server using db connection/ssl entries (unpopulated initially)
5630start_daemon ovsdb-server --remote=punix:ovnnb_db.sock \
5631 --remote=db:OVN_Northbound,NB_Global,connections \
5632 --private-key=db:OVN_Northbound,SSL,private_key \
5633 --certificate=db:OVN_Northbound,SSL,certificate \
5634 --ca-cert=db:OVN_Northbound,SSL,ca_cert \
5635 ovn-nb.db
5636
5637# Populate SSL configuration entries in nb db
5638AT_CHECK(
5639 [ovn-nbctl set-ssl $PKIDIR/testpki-privkey.pem \
5640 $PKIDIR/testpki-cert.pem \
5641 $PKIDIR/testpki-cacert.pem], [0], [stdout], [ignore])
5642
5643# Populate a passive SSL connection in nb db
5644AT_CHECK([ovn-nbctl set-connection pssl:0:127.0.0.1], [0], [stdout], [ignore])
5645
5646PARSE_LISTENING_PORT([ovsdb-server.log], [TCP_PORT])
5647
5648# Verify SSL connetivity to nb db server
5649AT_CHECK([ovn-nbctl --db=ssl:127.0.0.1:$TCP_PORT \
5650 --private-key=$PKIDIR/testpki-privkey.pem \
5651 --certificate=$PKIDIR/testpki-cert.pem \
5652 --ca-cert=$PKIDIR/testpki-cacert.pem \
5653 list NB_Global],
5654 [0], [stdout], [ignore])
5655AT_CHECK([ovn-nbctl --db=ssl:127.0.0.1:$TCP_PORT \
5656 --private-key=$PKIDIR/testpki-privkey.pem \
5657 --certificate=$PKIDIR/testpki-cert.pem \
5658 --ca-cert=$PKIDIR/testpki-cacert.pem \
5659 list Connection],
5660 [0], [stdout], [ignore])
5661AT_CHECK([ovn-nbctl --db=ssl:127.0.0.1:$TCP_PORT \
5662 --private-key=$PKIDIR/testpki-privkey.pem \
5663 --certificate=$PKIDIR/testpki-cert.pem \
5664 --ca-cert=$PKIDIR/testpki-cacert.pem \
5665 get-connection],
5666 [0], [stdout], [ignore])
5667
5668OVS_APP_EXIT_AND_WAIT([ovsdb-server])
5669AT_CLEANUP
5670
75fd74f8
GS		 5671AT_SETUP([ovn -- nested containers])
5672ovn_start
5673
5674# Physical network:
5675# 2 HVs. HV1 has 2 VMs - "VM1" and "bar3". HV2 has 1 VM - "VM2"
5676
5677# Logical network:
5678# 3 Logical switches - "mgmt" (172.16.1.0/24), "foo" (192.168.1.0/24)
5679# and "bar" (192.168.2.0/24). They are all connected to router R1.
5680
5681ovn-nbctl lr-add R1
5682ovn-nbctl ls-add mgmt
5683ovn-nbctl ls-add foo
5684ovn-nbctl ls-add bar
5685
5686# Connect mgmt to R1
5687ovn-nbctl lrp-add R1 mgmt 00:00:00:01:02:02 172.16.1.1/24
5688ovn-nbctl lsp-add mgmt rp-mgmt -- set Logical_Switch_Port rp-mgmt type=router \
5689 options:router-port=mgmt addresses=\"00:00:00:01:02:02\"
5690
5691# Connect foo to R1
5692ovn-nbctl lrp-add R1 foo 00:00:00:01:02:03 192.168.1.1/24
5693ovn-nbctl lsp-add foo rp-foo -- set Logical_Switch_Port rp-foo type=router \
5694 options:router-port=foo addresses=\"00:00:00:01:02:03\"
5695
5696# Connect bar to R1
5697ovn-nbctl lrp-add R1 bar 00:00:00:01:02:04 192.168.2.1/24
5698ovn-nbctl lsp-add bar rp-bar -- set Logical_Switch_Port rp-bar type=router \
5699 options:router-port=bar addresses=\"00:00:00:01:02:04\"
5700
5701# "mgmt" has VM1 and VM2 connected
5702ovn-nbctl lsp-add mgmt vm1 \
5703-- lsp-set-addresses vm1 "f0:00:00:01:02:03 172.16.1.2"
5704
5705ovn-nbctl lsp-add mgmt vm2 \
5706-- lsp-set-addresses vm2 "f0:00:00:01:02:04 172.16.1.3"
5707
5708# "foo1" and "foo2" are containers belonging to switch "foo"
5709# "foo1" has "VM1" as parent_port and "foo2" has "VM2" as parent_port.
5710ovn-nbctl lsp-add foo foo1 vm1 1 \
5711-- lsp-set-addresses foo1 "f0:00:00:01:02:05 192.168.1.2"
5712
5713ovn-nbctl lsp-add foo foo2 vm2 2 \
5714-- lsp-set-addresses foo2 "f0:00:00:01:02:06 192.168.1.3"
5715
5716# "bar1" and "bar2" are containers belonging to switch "bar"
5717# "bar1" has "VM1" as parent_port and "bar2" has "VM2" as parent_port.
5718ovn-nbctl lsp-add bar bar1 vm1 2 \
5719-- lsp-set-addresses bar1 "f0:00:00:01:02:07 192.168.2.2"
5720
5721ovn-nbctl lsp-add bar bar2 vm2 1 \
5722-- lsp-set-addresses bar2 "f0:00:00:01:02:08 192.168.2.3"
5723
5724# bar3 is a standalone VM belonging to switch "bar"
5725ovn-nbctl lsp-add bar bar3 \
5726-- lsp-set-addresses bar3 "f0:00:00:01:02:09 192.168.2.4"
5727
5728# Create two hypervisor and create OVS ports corresponding to logical ports.
5729net_add n1
5730
5731sim_add hv1
5732as hv1
5733ovs-vsctl add-br br-phys
5734ovn_attach n1 br-phys 192.168.0.1
5735ovs-vsctl -- add-port br-int vm1 -- \
5736 set interface vm1 external-ids:iface-id=vm1 \
5737 options:tx_pcap=hv1/vm1-tx.pcap \
5738 options:rxq_pcap=hv1/vm1-rx.pcap \
5739 ofport-request=1
5740
5741ovs-vsctl -- add-port br-int bar3 -- \
5742 set interface bar3 external-ids:iface-id=bar3 \
5743 options:tx_pcap=hv1/bar3-tx.pcap \
5744 options:rxq_pcap=hv1/bar3-rx.pcap \
5745 ofport-request=2
5746
5747sim_add hv2
5748as hv2
5749ovs-vsctl add-br br-phys
5750ovn_attach n1 br-phys 192.168.0.2
5751ovs-vsctl -- add-port br-int vm2 -- \
5752 set interface vm2 external-ids:iface-id=vm2 \
5753 options:tx_pcap=hv2/vm2-tx.pcap \
5754 options:rxq_pcap=hv2/vm2-rx.pcap \
5755 ofport-request=1
5756
5757# Pre-populate the hypervisors' ARP tables so that we don't lose any
5758# packets for ARP resolution (native tunneling doesn't queue packets
5759# for ARP resolution).
5760ovn_populate_arp
5761
5762# Allow some time for ovn-northd and ovn-controller to catch up.
5763# XXX This should be more systematic.
5764sleep 1
5765
5766ip_to_hex() {
5767 printf "%02x%02x%02x%02x" "$@"
5768}
5769
5770# Send ip packets between foo1 and foo2 (same switch, different HVs and
5771# different VLAN tags).
5772src_mac="f00000010205"
5773dst_mac="f00000010206"
5774src_ip=`ip_to_hex 192 168 1 2`
5775dst_ip=`ip_to_hex 192 168 1 3`
5776packet=${dst_mac}${src_mac}8100000108004500001c0000000040110000${src_ip}${dst_ip}0035111100080000
5777as hv1 ovs-appctl netdev-dummy/receive vm1 $packet
5778
5779# expected packet at foo2
5780packet=${dst_mac}${src_mac}8100000208004500001c0000000040110000${src_ip}${dst_ip}0035111100080000
5781echo $packet > expected
5782OVN_CHECK_PACKETS([hv2/vm2-tx.pcap], [expected])
5783
5784# Send ip packets between foo1 and bar2 (different switch, different HV)
5785src_mac="f00000010205"
5786dst_mac="000000010203"
5787src_ip=`ip_to_hex 192 168 1 2`
5788dst_ip=`ip_to_hex 192 168 2 3`
5789packet=${dst_mac}${src_mac}8100000108004500001c0000000040110000${src_ip}${dst_ip}0035111100080000
5790as hv1 ovs-appctl netdev-dummy/receive vm1 $packet
5791
5792# expected packet at bar2
5793src_mac="000000010204"
5794dst_mac="f00000010208"
5795packet=${dst_mac}${src_mac}8100000108004500001c000000003f110100${src_ip}${dst_ip}0035111100080000
5796echo $packet >> expected
5797OVN_CHECK_PACKETS([hv2/vm2-tx.pcap], [expected])
5798
5799# Send ip packets between foo1 and bar1
5800# (different switch, loopback to same vm but different tag)
5801src_mac="f00000010205"
5802dst_mac="000000010203"
5803src_ip=`ip_to_hex 192 168 1 2`
5804dst_ip=`ip_to_hex 192 168 2 2`
5805packet=${dst_mac}${src_mac}8100000108004500001c0000000040110000${src_ip}${dst_ip}0035111100080000
5806as hv1 ovs-appctl netdev-dummy/receive vm1 $packet
5807
5808# expected packet at bar1
5809src_mac="000000010204"
5810dst_mac="f00000010207"
5811packet=${dst_mac}${src_mac}8100000208004500001c000000003f110100${src_ip}${dst_ip}0035111100080000
5812echo $packet > expected1
5813OVN_CHECK_PACKETS([hv1/vm1-tx.pcap], [expected1])
5814
5815# Send ip packets between bar1 and bar3
5816# (same switch. But one is container and another is a standalone VM)
5817src_mac="f00000010207"
5818dst_mac="f00000010209"
5819src_ip=`ip_to_hex 192 168 2 2`
5820dst_ip=`ip_to_hex 192 168 2 3`
5821packet=${dst_mac}${src_mac}8100000208004500001c0000000040110000${src_ip}${dst_ip}0035111100080000
5822as hv1 ovs-appctl netdev-dummy/receive vm1 $packet
5823
5824# expected packet at bar3
5825packet=${dst_mac}${src_mac}08004500001c0000000040110000${src_ip}${dst_ip}0035111100080000
5826echo $packet > expected
5827OVN_CHECK_PACKETS([hv1/bar3-tx.pcap], [expected])
5828
5829# Send ip packets between foo1 and vm1.
5830(different switch, container to the VM hosting it.)
5831src_mac="f00000010205"
5832dst_mac="000000010203"
5833src_ip=`ip_to_hex 192 168 1 2`
5834dst_ip=`ip_to_hex 172 16 1 2`
5835packet=${dst_mac}${src_mac}8100000108004500001c0000000040110000${src_ip}${dst_ip}0035111100080000
5836as hv1 ovs-appctl netdev-dummy/receive vm1 $packet
5837
5838# expected packet at vm1
5839src_mac="000000010202"
5840dst_mac="f00000010203"
5841packet=${dst_mac}${src_mac}08004500001c000000003f110100${src_ip}${dst_ip}0035111100080000
5842echo $packet >> expected1
5843OVN_CHECK_PACKETS([hv1/vm1-tx.pcap], [expected1])
5844
5845# Send packets from vm1 to bar1.
5846(different switch, A hosting VM to a container inside it)
5847src_mac="f00000010203"
5848dst_mac="000000010202"
5849src_ip=`ip_to_hex 172 16 1 2`
5850dst_ip=`ip_to_hex 192 168 2 2`
5851packet=${dst_mac}${src_mac}08004500001c0000000040110000${src_ip}${dst_ip}0035111100080000
5852as hv1 ovs-appctl netdev-dummy/receive vm1 $packet
5853
5854# expected packet at vm1
5855src_mac="000000010204"
5856dst_mac="f00000010207"
5857packet=${dst_mac}${src_mac}8100000208004500001c000000003f110100${src_ip}${dst_ip}0035111100080000
5858echo $packet >> expected1
5859OVN_CHECK_PACKETS([hv1/vm1-tx.pcap], [expected1])
5860
5861OVN_CLEANUP([hv1],[hv2])
5862
5863AT_CLEANUP
440a9f4b
GS		 5864
5865AT_SETUP([ovn -- 3 HVs, 3 LRs connected via LS, source IP based routes])
5866AT_SKIP_IF([test $HAVE_PYTHON = no])
5867ovn_start
5868
5869# Logical network:
5870# Three LRs - R1, R2 and R3 that are connected to each other via LS "join"
5871# in 20.0.0.0/24 network. R1 has switchess foo (192.168.1.0/24) and bar
5872# (192.168.2.0/24) connected to it.
5873#
5874# R2 and R3 are gateway routers.
5875# R2 has alice (172.16.1.0/24) and R3 has bob (172.16.1.0/24)
5876# connected to it. Note how both alice and bob have the same subnet behind it.
5877# We are trying to simulate external network via those 2 switches. In real
5878# world the switch ports of these switches will have addresses set as "unknown"
5879# to make them learning switches. Or those switches will be "localnet" ones.
5880
5881# Create three hypervisors and create OVS ports corresponding to logical ports.
5882net_add n1
5883
5884sim_add hv1
5885as hv1
5886ovs-vsctl add-br br-phys
5887ovn_attach n1 br-phys 192.168.0.1
5888ovs-vsctl -- add-port br-int hv1-vif1 -- \
5889 set interface hv1-vif1 external-ids:iface-id=foo1 \
5890 options:tx_pcap=hv1/vif1-tx.pcap \
5891 options:rxq_pcap=hv1/vif1-rx.pcap \
5892 ofport-request=1
5893
5894ovs-vsctl -- add-port br-int hv1-vif2 -- \
5895 set interface hv1-vif2 external-ids:iface-id=bar1 \
5896 options:tx_pcap=hv1/vif2-tx.pcap \
5897 options:rxq_pcap=hv1/vif2-rx.pcap \
5898 ofport-request=2
5899
5900sim_add hv2
5901as hv2
5902ovs-vsctl add-br br-phys
5903ovn_attach n1 br-phys 192.168.0.2
5904ovs-vsctl -- add-port br-int hv2-vif1 -- \
5905 set interface hv2-vif1 external-ids:iface-id=alice1 \
5906 options:tx_pcap=hv2/vif1-tx.pcap \
5907 options:rxq_pcap=hv2/vif1-rx.pcap \
5908 ofport-request=1
5909
5910sim_add hv3
5911as hv3
5912ovs-vsctl add-br br-phys
5913ovn_attach n1 br-phys 192.168.0.3
5914ovs-vsctl -- add-port br-int hv3-vif1 -- \
5915 set interface hv3-vif1 external-ids:iface-id=bob1 \
5916 options:tx_pcap=hv3/vif1-tx.pcap \
5917 options:rxq_pcap=hv3/vif1-rx.pcap \
5918 ofport-request=1
5919
5920
5921ovn-nbctl create Logical_Router name=R1
5922ovn-nbctl create Logical_Router name=R2 options:chassis="hv2"
5923ovn-nbctl create Logical_Router name=R3 options:chassis="hv3"
5924
5925ovn-nbctl ls-add foo
5926ovn-nbctl ls-add bar
5927ovn-nbctl ls-add alice
5928ovn-nbctl ls-add bob
5929ovn-nbctl ls-add join
5930
5931# Connect foo to R1
5932ovn-nbctl lrp-add R1 foo 00:00:01:01:02:03 192.168.1.1/24
5933ovn-nbctl lsp-add foo rp-foo -- set Logical_Switch_Port rp-foo type=router \
5934 options:router-port=foo addresses=\"00:00:01:01:02:03\"
5935
5936# Connect bar to R1
5937ovn-nbctl lrp-add R1 bar 00:00:01:01:02:04 192.168.2.1/24
5938ovn-nbctl lsp-add bar rp-bar -- set Logical_Switch_Port rp-bar type=router \
5939 options:router-port=bar addresses=\"00:00:01:01:02:04\"
5940
5941# Connect alice to R2
5942ovn-nbctl lrp-add R2 alice 00:00:02:01:02:03 172.16.1.1/24
5943ovn-nbctl lsp-add alice rp-alice -- set Logical_Switch_Port rp-alice \
5944 type=router options:router-port=alice addresses=\"00:00:02:01:02:03\"
5945
5946# Connect bob to R3
5947ovn-nbctl lrp-add R3 bob 00:00:03:01:02:03 172.16.1.2/24
5948ovn-nbctl lsp-add bob rp-bob -- set Logical_Switch_Port rp-bob \
5949 type=router options:router-port=bob addresses=\"00:00:03:01:02:03\"
5950
5951# Connect R1 to join
5952ovn-nbctl lrp-add R1 R1_join 00:00:04:01:02:03 20.0.0.1/24
5953ovn-nbctl lsp-add join r1-join -- set Logical_Switch_Port r1-join \
5954 type=router options:router-port=R1_join addresses='"00:00:04:01:02:03"'
5955
5956# Connect R2 to join
5957ovn-nbctl lrp-add R2 R2_join 00:00:04:01:02:04 20.0.0.2/24
5958ovn-nbctl lsp-add join r2-join -- set Logical_Switch_Port r2-join \
5959 type=router options:router-port=R2_join addresses='"00:00:04:01:02:04"'
5960
5961# Connect R3 to join
5962ovn-nbctl lrp-add R3 R3_join 00:00:04:01:02:05 20.0.0.3/24
5963ovn-nbctl lsp-add join r3-join -- set Logical_Switch_Port r3-join \
5964 type=router options:router-port=R3_join addresses='"00:00:04:01:02:05"'
5965
5966# Install static routes with source ip address as the policy for routing.
5967# We want traffic from 'foo' to go via R2 and traffic of 'bar' to go via R3.
5968ovn-nbctl --policy="src-ip" lr-route-add R1 192.168.1.0/24 20.0.0.2
5969ovn-nbctl --policy="src-ip" lr-route-add R1 192.168.2.0/24 20.0.0.3
5970
5971# Install static routes with destination ip address as the policy for routing.
5972ovn-nbctl lr-route-add R2 192.168.0.0/16 20.0.0.1
5973
5974ovn-nbctl lr-route-add R3 192.168.0.0/16 20.0.0.1
5975
5976# Create logical port foo1 in foo
5977ovn-nbctl lsp-add foo foo1 \
5978-- lsp-set-addresses foo1 "f0:00:00:01:02:03 192.168.1.2"
5979
5980# Create logical port bar1 in bar
5981ovn-nbctl lsp-add bar bar1 \
5982-- lsp-set-addresses bar1 "f0:00:00:01:02:04 192.168.2.2"
5983
5984# Create logical port alice1 in alice
5985ovn-nbctl lsp-add alice alice1 \
5986-- lsp-set-addresses alice1 "f0:00:00:01:02:05 172.16.1.3"
5987
5988# Create logical port bob1 in bob
5989ovn-nbctl lsp-add bob bob1 \
5990-- lsp-set-addresses bob1 "f0:00:00:01:02:06 172.16.1.4"
5991
5992# Pre-populate the hypervisors' ARP tables so that we don't lose any
5993# packets for ARP resolution (native tunneling doesn't queue packets
5994# for ARP resolution).
5995ovn_populate_arp
5996
5997# Allow some time for ovn-northd and ovn-controller to catch up.
5998# XXX This should be more systematic.
5999sleep 1
6000
6001ip_to_hex() {
6002 printf "%02x%02x%02x%02x" "$@"
6003}
6004trim_zeros() {
6005 sed 's/\(00\)\{1,\}$//'
6006}
6007
6008# Send ip packets between foo1 and bar1
6009# (East-west traffic should flow normally)
6010src_mac="f00000010203"
6011dst_mac="000001010203"
6012src_ip=`ip_to_hex 192 168 1 2`
6013dst_ip=`ip_to_hex 192 168 2 2`
6014packet=${dst_mac}${src_mac}08004500001c0000000040110000${src_ip}${dst_ip}0035111100080000
6015as hv1 ovs-appctl netdev-dummy/receive hv1-vif1 $packet
6016
6017# Send ip packets between foo1 and alice1
6018src_mac="f00000010203"
6019dst_mac="000001010203"
6020src_ip=`ip_to_hex 192 168 1 2`
6021dst_ip=`ip_to_hex 172 16 1 3`
6022packet=${dst_mac}${src_mac}08004500001c0000000040110000${src_ip}${dst_ip}0035111100080000
6023as hv1 ovs-appctl netdev-dummy/receive hv1-vif1 $packet
6024#as hv1 ovs-appctl ofproto/trace br-int in_port=1 $packet
6025
6026# Send ip packets between bar1 and bob1
6027src_mac="f00000010204"
6028dst_mac="000001010204"
6029src_ip=`ip_to_hex 192 168 2 2`
6030dst_ip=`ip_to_hex 172 16 1 4`
6031packet=${dst_mac}${src_mac}08004500001c0000000040110000${src_ip}${dst_ip}0035111100080000
6032as hv1 ovs-appctl netdev-dummy/receive hv1-vif2 $packet
6033#as hv1 ovs-appctl ofproto/trace br-int in_port=2 $packet
6034
6035# Packet to expect at bar1
6036src_mac="000001010204"
6037dst_mac="f00000010204"
6038src_ip=`ip_to_hex 192 168 1 2`
6039dst_ip=`ip_to_hex 192 168 2 2`
6040expected=${dst_mac}${src_mac}08004500001c000000003f110100${src_ip}${dst_ip}0035111100080000
6041echo $expected > expected
6042OVN_CHECK_PACKETS([hv1/vif2-tx.pcap], [expected])
6043
6044# Packet to Expect at alice1
6045src_mac="000002010203"
6046dst_mac="f00000010205"
6047src_ip=`ip_to_hex 192 168 1 2`
6048dst_ip=`ip_to_hex 172 16 1 3`
6049expected=${dst_mac}${src_mac}08004500001c000000003e110200${src_ip}${dst_ip}0035111100080000
6050echo $expected > expected
6051OVN_CHECK_PACKETS([hv2/vif1-tx.pcap], [expected])
6052
6053# Packet to Expect at bob1
6054src_mac="000003010203"
6055dst_mac="f00000010206"
6056src_ip=`ip_to_hex 192 168 2 2`
6057dst_ip=`ip_to_hex 172 16 1 4`
6058expected=${dst_mac}${src_mac}08004500001c000000003e110200${src_ip}${dst_ip}0035111100080000
6059echo $expected > expected
6060OVN_CHECK_PACKETS([hv3/vif1-tx.pcap], [expected])
6061
6062for sim in hv1 hv2 hv3; do
6063 as $sim
6064 OVS_APP_EXIT_AND_WAIT([ovn-controller])
6065 OVS_APP_EXIT_AND_WAIT([ovs-vswitchd])
6066 OVS_APP_EXIT_AND_WAIT([ovsdb-server])
6067done
6068
6069as ovn-sb
6070OVS_APP_EXIT_AND_WAIT([ovsdb-server])
6071
6072as ovn-nb
6073OVS_APP_EXIT_AND_WAIT([ovsdb-server])
6074
6075as northd
6076OVS_APP_EXIT_AND_WAIT([ovn-northd])
6077
6078as main
6079OVS_APP_EXIT_AND_WAIT([ovs-vswitchd])
6080OVS_APP_EXIT_AND_WAIT([ovsdb-server])
6081
6082AT_CLEANUP
openvswitch packages for PVE