]>
Commit | Line | Data |
---|---|---|
318c1fa3 PR |
1 | #!/usr/bin/env python |
2 | ||
3 | # | |
4 | # test_bgp_auth.py | |
5 | # Part of NetDEF Topology Tests | |
6 | # | |
7 | # Copyright (c) 2020 by Volta Networks | |
8 | # | |
9 | # Permission to use, copy, modify, and/or distribute this software | |
10 | # for any purpose with or without fee is hereby granted, provided | |
11 | # that the above copyright notice and this permission notice appear | |
12 | # in all copies. | |
13 | # | |
14 | # THE SOFTWARE IS PROVIDED "AS IS" AND NETDEF DISCLAIMS ALL WARRANTIES | |
15 | # WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF | |
16 | # MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL NETDEF BE LIABLE FOR | |
17 | # ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY | |
18 | # DAMAGES WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, | |
19 | # WHETHER IN AN ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS | |
20 | # ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR PERFORMANCE | |
21 | # OF THIS SOFTWARE. | |
22 | # | |
23 | ||
24 | """ | |
25 | test_bgp_auth.py: Test BGP Md5 Authentication | |
26 | ||
27 | +------+ | |
28 | +--------| |--------+ | |
29 | | +------| R1 |------+ | | |
30 | | | -----| |----+ | | | |
31 | | | | +------+ | | | | |
32 | | | | | | | | |
33 | +------+ +------+ | |
34 | | |------------| | | |
35 | | R2 |------------| R3 | | |
36 | | |------------| | | |
37 | +------+ +------+ | |
38 | ||
39 | ||
40 | setup is 3 routers with 3 links between each each link in a different vrf | |
41 | Default, blue and red respectively | |
42 | Tests check various fiddling with passwords and checking that the peer | |
02547745 | 43 | establishment is as expected and passwords are not leaked across sockets |
318c1fa3 PR |
44 | for bgp instances |
45 | """ | |
02547745 | 46 | # pylint: disable=C0413 |
318c1fa3 | 47 | |
318c1fa3 | 48 | import json |
02547745 | 49 | import os |
318c1fa3 | 50 | import platform |
02547745 | 51 | import sys |
318c1fa3 PR |
52 | from time import sleep |
53 | ||
02547745 CH |
54 | import pytest |
55 | from lib import common_config, topotest | |
b6689447 | 56 | from lib.common_config import ( |
02547745 CH |
57 | save_initial_config_on_routers, |
58 | reset_with_new_configs, | |
b6689447 | 59 | ) |
02547745 | 60 | from lib.topogen import Topogen, TopoRouter, get_topogen |
318c1fa3 | 61 | |
3dedee4f DS |
62 | pytestmark = [pytest.mark.bgpd, pytest.mark.ospfd] |
63 | ||
02547745 | 64 | CWD = os.path.dirname(os.path.realpath(__file__)) |
318c1fa3 | 65 | |
a53c08bc | 66 | |
e82b531d | 67 | def build_topo(tgen): |
e82b531d CH |
68 | tgen.add_router("R1") |
69 | tgen.add_router("R2") | |
70 | tgen.add_router("R3") | |
71 | ||
b6689447 | 72 | tgen.add_link(tgen.gears["R1"], tgen.gears["R2"]) |
b6689447 | 73 | tgen.add_link(tgen.gears["R1"], tgen.gears["R3"]) |
b6689447 | 74 | tgen.add_link(tgen.gears["R2"], tgen.gears["R3"]) |
b6689447 | 75 | tgen.add_link(tgen.gears["R1"], tgen.gears["R2"]) |
b6689447 | 76 | tgen.add_link(tgen.gears["R1"], tgen.gears["R3"]) |
b6689447 | 77 | tgen.add_link(tgen.gears["R2"], tgen.gears["R3"]) |
b6689447 | 78 | tgen.add_link(tgen.gears["R1"], tgen.gears["R2"]) |
b6689447 | 79 | tgen.add_link(tgen.gears["R1"], tgen.gears["R3"]) |
b6689447 | 80 | tgen.add_link(tgen.gears["R2"], tgen.gears["R3"]) |
318c1fa3 PR |
81 | |
82 | ||
83 | def setup_module(mod): | |
84 | "Sets up the pytest environment" | |
85 | # This function initiates the topology build with Topogen... | |
e82b531d | 86 | tgen = Topogen(build_topo, mod.__name__) |
318c1fa3 PR |
87 | # ... and here it calls Mininet initialization functions. |
88 | tgen.start_topology() | |
89 | ||
90 | r1 = tgen.gears["R1"] | |
91 | r2 = tgen.gears["R2"] | |
92 | r3 = tgen.gears["R3"] | |
93 | ||
94 | # blue vrf | |
b6689447 CH |
95 | r1.cmd_raises("ip link add blue type vrf table 1001") |
96 | r1.cmd_raises("ip link set up dev blue") | |
97 | r2.cmd_raises("ip link add blue type vrf table 1001") | |
98 | r2.cmd_raises("ip link set up dev blue") | |
99 | r3.cmd_raises("ip link add blue type vrf table 1001") | |
100 | r3.cmd_raises("ip link set up dev blue") | |
101 | ||
102 | r1.cmd_raises("ip link add lo1 type dummy") | |
103 | r1.cmd_raises("ip link set lo1 master blue") | |
104 | r1.cmd_raises("ip link set up dev lo1") | |
105 | r2.cmd_raises("ip link add lo1 type dummy") | |
106 | r2.cmd_raises("ip link set up dev lo1") | |
107 | r2.cmd_raises("ip link set lo1 master blue") | |
108 | r3.cmd_raises("ip link add lo1 type dummy") | |
109 | r3.cmd_raises("ip link set up dev lo1") | |
110 | r3.cmd_raises("ip link set lo1 master blue") | |
111 | ||
112 | r1.cmd_raises("ip link set R1-eth2 master blue") | |
113 | r1.cmd_raises("ip link set R1-eth3 master blue") | |
114 | r2.cmd_raises("ip link set R2-eth2 master blue") | |
115 | r2.cmd_raises("ip link set R2-eth3 master blue") | |
116 | r3.cmd_raises("ip link set R3-eth2 master blue") | |
117 | r3.cmd_raises("ip link set R3-eth3 master blue") | |
118 | ||
119 | r1.cmd_raises("ip link set up dev R1-eth2") | |
120 | r1.cmd_raises("ip link set up dev R1-eth3") | |
121 | r2.cmd_raises("ip link set up dev R2-eth2") | |
122 | r2.cmd_raises("ip link set up dev R2-eth3") | |
123 | r3.cmd_raises("ip link set up dev R3-eth2") | |
124 | r3.cmd_raises("ip link set up dev R3-eth3") | |
318c1fa3 PR |
125 | |
126 | # red vrf | |
b6689447 CH |
127 | r1.cmd_raises("ip link add red type vrf table 1002") |
128 | r1.cmd_raises("ip link set up dev red") | |
129 | r2.cmd_raises("ip link add red type vrf table 1002") | |
130 | r2.cmd_raises("ip link set up dev red") | |
131 | r3.cmd_raises("ip link add red type vrf table 1002") | |
132 | r3.cmd_raises("ip link set up dev red") | |
133 | ||
134 | r1.cmd_raises("ip link add lo2 type dummy") | |
135 | r1.cmd_raises("ip link set lo2 master red") | |
136 | r1.cmd_raises("ip link set up dev lo2") | |
137 | r2.cmd_raises("ip link add lo2 type dummy") | |
138 | r2.cmd_raises("ip link set up dev lo2") | |
139 | r2.cmd_raises("ip link set lo2 master red") | |
140 | r3.cmd_raises("ip link add lo2 type dummy") | |
141 | r3.cmd_raises("ip link set up dev lo2") | |
142 | r3.cmd_raises("ip link set lo2 master red") | |
143 | ||
144 | r1.cmd_raises("ip link set R1-eth4 master red") | |
145 | r1.cmd_raises("ip link set R1-eth5 master red") | |
146 | r2.cmd_raises("ip link set R2-eth4 master red") | |
147 | r2.cmd_raises("ip link set R2-eth5 master red") | |
148 | r3.cmd_raises("ip link set R3-eth4 master red") | |
149 | r3.cmd_raises("ip link set R3-eth5 master red") | |
150 | ||
151 | r1.cmd_raises("ip link set up dev R1-eth4") | |
152 | r1.cmd_raises("ip link set up dev R1-eth5") | |
153 | r2.cmd_raises("ip link set up dev R2-eth4") | |
154 | r2.cmd_raises("ip link set up dev R2-eth5") | |
155 | r3.cmd_raises("ip link set up dev R3-eth4") | |
156 | r3.cmd_raises("ip link set up dev R3-eth5") | |
318c1fa3 PR |
157 | |
158 | # This is a sample of configuration loading. | |
159 | router_list = tgen.routers() | |
160 | ||
161 | # For all registred routers, load the zebra configuration file | |
e5f0ed14 | 162 | for rname, router in router_list.items(): |
02547745 CH |
163 | router.load_config(TopoRouter.RD_ZEBRA, "zebra.conf") |
164 | router.load_config(TopoRouter.RD_OSPF) | |
165 | router.load_config(TopoRouter.RD_BGP) | |
318c1fa3 | 166 | |
02547745 | 167 | # After copying the configurations, this function loads configured daemons. |
318c1fa3 PR |
168 | tgen.start_router() |
169 | ||
02547745 CH |
170 | # Save the initial router config. reset_config_on_routers will return to this config. |
171 | save_initial_config_on_routers(tgen) | |
b6689447 | 172 | |
318c1fa3 PR |
173 | |
174 | def teardown_module(mod): | |
175 | "Teardown the pytest environment" | |
176 | tgen = get_topogen() | |
177 | ||
178 | # This function tears down the whole topology. | |
179 | tgen.stop_topology() | |
180 | ||
181 | ||
182 | def vrf_str(vrf): | |
183 | if vrf == "": | |
184 | vrf_str = "" | |
185 | else: | |
186 | vrf_str = "vrf {}".format(vrf) | |
187 | ||
188 | return vrf_str | |
189 | ||
190 | ||
191 | def peer_name(rtr, prefix, vrf): | |
192 | "generate VRF string for CLI" | |
193 | if vrf == "": | |
194 | vrf_str = "" | |
195 | else: | |
196 | vrf_str = "_" + vrf | |
197 | ||
198 | if prefix == "yes": | |
199 | if rtr == "R2": | |
200 | return "TWO_GROUP" + vrf_str | |
201 | else: | |
202 | return "THREE_GROUP" + vrf_str | |
203 | else: | |
204 | if rtr == "R2": | |
205 | return "2.2.2.2" | |
206 | else: | |
207 | return "3.3.3.3" | |
208 | ||
209 | ||
210 | def print_diag(vrf): | |
211 | "print failure disagnostics" | |
701a0192 | 212 | |
318c1fa3 PR |
213 | tgen = get_topogen() |
214 | router_list = tgen.routers() | |
e5f0ed14 | 215 | for rname, router in router_list.items(): |
318c1fa3 PR |
216 | print(rname + ":") |
217 | print(router.vtysh_cmd("show run")) | |
218 | print(router.vtysh_cmd("show ip route {}".format(vrf_str(vrf)))) | |
219 | print(router.vtysh_cmd("show bgp {} neighbor".format(vrf_str(vrf)))) | |
220 | ||
221 | ||
02547745 CH |
222 | @common_config.retry(retry_timeout=190) |
223 | def _check_neigh_state(router, peer, state, vrf=""): | |
224 | "check BGP neighbor state on a router" | |
b32454e1 | 225 | |
02547745 CH |
226 | neigh_output = router.vtysh_cmd( |
227 | "show bgp {} neighbors {} json".format(vrf_str(vrf), peer) | |
228 | ) | |
b32454e1 | 229 | |
02547745 CH |
230 | peer_state = "Unknown" |
231 | neigh_output_json = json.loads(neigh_output) | |
232 | if peer in neigh_output_json: | |
233 | peer_state = neigh_output_json[peer]["bgpState"] | |
234 | if peer_state == state: | |
235 | return True | |
236 | return "{} peer with {} expected state {} got {} ".format( | |
237 | router.name, peer, state, peer_state | |
238 | ) | |
318c1fa3 PR |
239 | |
240 | ||
241 | def check_neigh_state(router, peer, state, vrf=""): | |
242 | "check BGP neighbor state on a router" | |
701a0192 | 243 | |
02547745 CH |
244 | assertmsg = _check_neigh_state(router, peer, state, vrf) |
245 | assert assertmsg is True, assertmsg | |
318c1fa3 PR |
246 | |
247 | ||
248 | def check_all_peers_established(vrf=""): | |
249 | "standard check for extablished peers per vrf" | |
250 | ||
251 | tgen = get_topogen() | |
252 | r1 = tgen.gears["R1"] | |
253 | r2 = tgen.gears["R2"] | |
254 | r3 = tgen.gears["R3"] | |
255 | # do r1 last as he might be the dynamic one | |
256 | check_neigh_state(r2, "1.1.1.1", "Established", vrf) | |
257 | check_neigh_state(r2, "3.3.3.3", "Established", vrf) | |
258 | check_neigh_state(r3, "1.1.1.1", "Established", vrf) | |
259 | check_neigh_state(r3, "2.2.2.2", "Established", vrf) | |
260 | check_neigh_state(r1, "2.2.2.2", "Established", vrf) | |
261 | check_neigh_state(r1, "3.3.3.3", "Established", vrf) | |
262 | ||
263 | ||
264 | def check_vrf_peer_remove_passwords(vrf="", prefix="no"): | |
265 | "selectively remove passwords checking state" | |
266 | ||
267 | tgen = get_topogen() | |
268 | r1 = tgen.gears["R1"] | |
269 | r2 = tgen.gears["R2"] | |
270 | r3 = tgen.gears["R3"] | |
271 | ||
b32454e1 IR |
272 | check_all_peers_established(vrf) |
273 | ||
318c1fa3 PR |
274 | r1.vtysh_cmd( |
275 | "conf t\nrouter bgp 65001 {}\nno neighbor {} password".format( | |
276 | vrf_str(vrf), peer_name("R2", prefix, vrf) | |
277 | ) | |
278 | ) | |
279 | ||
280 | check_neigh_state(r2, "1.1.1.1", "Connect", vrf) | |
281 | check_neigh_state(r2, "3.3.3.3", "Established", vrf) | |
282 | check_neigh_state(r3, "1.1.1.1", "Established", vrf) | |
283 | check_neigh_state(r3, "2.2.2.2", "Established", vrf) | |
284 | # don't check dynamic downed peers - they are removed | |
285 | if prefix == "no": | |
286 | check_neigh_state(r1, "2.2.2.2", "Connect", vrf) | |
287 | check_neigh_state(r1, "3.3.3.3", "Established", vrf) | |
288 | ||
289 | r2.vtysh_cmd( | |
290 | "conf t\nrouter bgp 65002 {}\nno neighbor 1.1.1.1 password".format(vrf_str(vrf)) | |
291 | ) | |
292 | check_all_peers_established(vrf) | |
293 | ||
294 | r1.vtysh_cmd( | |
295 | "conf t\nrouter bgp 65001 {}\nno neighbor {} password".format( | |
296 | vrf_str(vrf), peer_name("R3", prefix, vrf) | |
297 | ) | |
298 | ) | |
299 | check_neigh_state(r2, "1.1.1.1", "Established", vrf) | |
300 | check_neigh_state(r2, "3.3.3.3", "Established", vrf) | |
301 | check_neigh_state(r3, "1.1.1.1", "Connect", vrf) | |
302 | check_neigh_state(r3, "2.2.2.2", "Established", vrf) | |
303 | check_neigh_state(r1, "2.2.2.2", "Established", vrf) | |
304 | # don't check dynamic downed peers - they are removed | |
305 | if prefix == "no": | |
306 | check_neigh_state(r1, "3.3.3.3", "Connect", vrf) | |
307 | ||
308 | r3.vtysh_cmd( | |
309 | "conf t\nrouter bgp 65003 {}\nno neighbor 1.1.1.1 password".format(vrf_str(vrf)) | |
310 | ) | |
311 | check_all_peers_established(vrf) | |
312 | ||
313 | r2.vtysh_cmd( | |
314 | "conf t\nrouter bgp 65002 {}\nno neighbor 3.3.3.3 password".format(vrf_str(vrf)) | |
315 | ) | |
316 | check_neigh_state(r2, "1.1.1.1", "Established", vrf) | |
317 | check_neigh_state(r2, "3.3.3.3", "Connect", vrf) | |
318 | check_neigh_state(r3, "1.1.1.1", "Established", vrf) | |
319 | check_neigh_state(r3, "2.2.2.2", "Connect", vrf) | |
320 | check_neigh_state(r1, "2.2.2.2", "Established", vrf) | |
321 | check_neigh_state(r1, "3.3.3.3", "Established", vrf) | |
322 | ||
323 | r3.vtysh_cmd( | |
324 | "conf t\nrouter bgp 65003 {}\nno neighbor 2.2.2.2 password".format(vrf_str(vrf)) | |
325 | ) | |
326 | check_all_peers_established(vrf) | |
327 | ||
328 | ||
329 | def check_vrf_peer_change_passwords(vrf="", prefix="no"): | |
330 | "selectively change passwords checking state" | |
331 | ||
332 | tgen = get_topogen() | |
333 | r1 = tgen.gears["R1"] | |
334 | r2 = tgen.gears["R2"] | |
335 | r3 = tgen.gears["R3"] | |
336 | check_all_peers_established(vrf) | |
337 | ||
338 | r1.vtysh_cmd( | |
339 | "conf t\nrouter bgp 65001 {}\nneighbor {} password change1".format( | |
340 | vrf_str(vrf), peer_name("R2", prefix, vrf) | |
341 | ) | |
342 | ) | |
343 | check_neigh_state(r2, "1.1.1.1", "Connect", vrf) | |
344 | check_neigh_state(r2, "3.3.3.3", "Established", vrf) | |
345 | check_neigh_state(r3, "1.1.1.1", "Established", vrf) | |
346 | check_neigh_state(r3, "2.2.2.2", "Established", vrf) | |
347 | # don't check dynamic downed peers - they are removed | |
348 | if prefix == "no": | |
349 | check_neigh_state(r1, "2.2.2.2", "Connect", vrf) | |
350 | check_neigh_state(r1, "3.3.3.3", "Established", vrf) | |
351 | ||
352 | r2.vtysh_cmd( | |
353 | "conf t\nrouter bgp 65002 {}\nneighbor 1.1.1.1 password change1".format( | |
354 | vrf_str(vrf) | |
355 | ) | |
356 | ) | |
357 | check_all_peers_established(vrf) | |
358 | ||
359 | r1.vtysh_cmd( | |
360 | "conf t\nrouter bgp 65001 {}\nneighbor {} password change2".format( | |
361 | vrf_str(vrf), peer_name("R3", prefix, vrf) | |
362 | ) | |
363 | ) | |
364 | check_neigh_state(r2, "1.1.1.1", "Established", vrf) | |
365 | check_neigh_state(r2, "3.3.3.3", "Established", vrf) | |
366 | check_neigh_state(r3, "1.1.1.1", "Connect", vrf) | |
367 | check_neigh_state(r3, "2.2.2.2", "Established", vrf) | |
368 | check_neigh_state(r1, "2.2.2.2", "Established", vrf) | |
369 | # don't check dynamic downed peers - they are removed | |
370 | if prefix == "no": | |
371 | check_neigh_state(r1, "3.3.3.3", "Connect", vrf) | |
372 | ||
373 | r3.vtysh_cmd( | |
374 | "conf t\nrouter bgp 65003 {}\nneighbor 1.1.1.1 password change2".format( | |
375 | vrf_str(vrf) | |
376 | ) | |
377 | ) | |
378 | check_all_peers_established(vrf) | |
379 | ||
380 | r2.vtysh_cmd( | |
381 | "conf t\nrouter bgp 65002 {}\nneighbor 3.3.3.3 password change3".format( | |
382 | vrf_str(vrf) | |
383 | ) | |
384 | ) | |
385 | check_neigh_state(r2, "1.1.1.1", "Established", vrf) | |
386 | check_neigh_state(r2, "3.3.3.3", "Connect", vrf) | |
387 | check_neigh_state(r3, "1.1.1.1", "Established", vrf) | |
388 | check_neigh_state(r3, "2.2.2.2", "Connect", vrf) | |
389 | check_neigh_state(r1, "2.2.2.2", "Established", vrf) | |
390 | check_neigh_state(r1, "3.3.3.3", "Established", vrf) | |
391 | ||
392 | r3.vtysh_cmd( | |
393 | "conf t\nrouter bgp 65003 {}\nneighbor 2.2.2.2 password change3".format( | |
394 | vrf_str(vrf) | |
395 | ) | |
396 | ) | |
397 | check_all_peers_established(vrf) | |
398 | ||
399 | ||
b6689447 | 400 | def test_default_peer_established(tgen): |
318c1fa3 PR |
401 | "default vrf 3 peers same password" |
402 | ||
02547745 | 403 | reset_with_new_configs(tgen, "bgpd.conf", "ospfd.conf") |
318c1fa3 | 404 | check_all_peers_established() |
318c1fa3 PR |
405 | |
406 | ||
b6689447 | 407 | def test_default_peer_remove_passwords(tgen): |
318c1fa3 PR |
408 | "selectively remove passwords checking state" |
409 | ||
02547745 | 410 | reset_with_new_configs(tgen, "bgpd.conf", "ospfd.conf") |
318c1fa3 | 411 | check_vrf_peer_remove_passwords() |
318c1fa3 PR |
412 | |
413 | ||
b6689447 | 414 | def test_default_peer_change_passwords(tgen): |
318c1fa3 PR |
415 | "selectively change passwords checking state" |
416 | ||
02547745 | 417 | reset_with_new_configs(tgen, "bgpd.conf", "ospfd.conf") |
318c1fa3 | 418 | check_vrf_peer_change_passwords() |
318c1fa3 PR |
419 | |
420 | ||
b6689447 | 421 | def test_default_prefix_peer_established(tgen): |
318c1fa3 PR |
422 | "default vrf 3 peers same password with prefix config" |
423 | ||
424 | # only supported in kernel > 5.3 | |
425 | if topotest.version_cmp(platform.release(), "5.3") < 0: | |
426 | return | |
427 | ||
02547745 | 428 | reset_with_new_configs(tgen, "bgpd_prefix.conf", "ospfd.conf") |
318c1fa3 | 429 | check_all_peers_established() |
318c1fa3 PR |
430 | |
431 | ||
b6689447 | 432 | def test_prefix_peer_remove_passwords(tgen): |
318c1fa3 PR |
433 | "selectively remove passwords checking state with prefix config" |
434 | ||
435 | # only supported in kernel > 5.3 | |
436 | if topotest.version_cmp(platform.release(), "5.3") < 0: | |
437 | return | |
b32454e1 | 438 | |
02547745 | 439 | reset_with_new_configs(tgen, "bgpd_prefix.conf", "ospfd.conf") |
318c1fa3 | 440 | check_vrf_peer_remove_passwords(prefix="yes") |
318c1fa3 PR |
441 | |
442 | ||
b6689447 | 443 | def test_prefix_peer_change_passwords(tgen): |
318c1fa3 PR |
444 | "selecively change passwords checkig state with prefix config" |
445 | ||
446 | # only supported in kernel > 5.3 | |
447 | if topotest.version_cmp(platform.release(), "5.3") < 0: | |
448 | return | |
b32454e1 | 449 | |
02547745 | 450 | reset_with_new_configs(tgen, "bgpd_prefix.conf", "ospfd.conf") |
318c1fa3 | 451 | check_vrf_peer_change_passwords(prefix="yes") |
318c1fa3 PR |
452 | |
453 | ||
b6689447 | 454 | def test_vrf_peer_established(tgen): |
318c1fa3 PR |
455 | "default vrf 3 peers same password with VRF config" |
456 | ||
457 | # clean routers and load vrf config | |
02547745 | 458 | reset_with_new_configs(tgen, "bgpd_vrf.conf", "ospfd_vrf.conf") |
318c1fa3 | 459 | check_all_peers_established("blue") |
318c1fa3 PR |
460 | |
461 | ||
b6689447 | 462 | def test_vrf_peer_remove_passwords(tgen): |
318c1fa3 PR |
463 | "selectively remove passwords checking state with VRF config" |
464 | ||
02547745 | 465 | reset_with_new_configs(tgen, "bgpd_vrf.conf", "ospfd_vrf.conf") |
318c1fa3 | 466 | check_vrf_peer_remove_passwords(vrf="blue") |
318c1fa3 PR |
467 | |
468 | ||
b6689447 | 469 | def test_vrf_peer_change_passwords(tgen): |
318c1fa3 PR |
470 | "selectively change passwords checking state with VRF config" |
471 | ||
02547745 | 472 | reset_with_new_configs(tgen, "bgpd_vrf.conf", "ospfd_vrf.conf") |
318c1fa3 | 473 | check_vrf_peer_change_passwords(vrf="blue") |
318c1fa3 PR |
474 | |
475 | ||
b6689447 | 476 | def test_vrf_prefix_peer_established(tgen): |
318c1fa3 PR |
477 | "default vrf 3 peers same password with VRF prefix config" |
478 | ||
479 | # only supported in kernel > 5.3 | |
480 | if topotest.version_cmp(platform.release(), "5.3") < 0: | |
318c1fa3 PR |
481 | return |
482 | ||
02547745 | 483 | reset_with_new_configs(tgen, "bgpd_vrf_prefix.conf", "ospfd_vrf.conf") |
318c1fa3 | 484 | check_all_peers_established("blue") |
318c1fa3 PR |
485 | |
486 | ||
b6689447 | 487 | def test_vrf_prefix_peer_remove_passwords(tgen): |
318c1fa3 PR |
488 | "selectively remove passwords checking state with VRF prefix config" |
489 | ||
490 | # only supported in kernel > 5.3 | |
491 | if topotest.version_cmp(platform.release(), "5.3") < 0: | |
492 | return | |
493 | ||
02547745 | 494 | reset_with_new_configs(tgen, "bgpd_vrf_prefix.conf", "ospfd_vrf.conf") |
318c1fa3 | 495 | check_vrf_peer_remove_passwords(vrf="blue", prefix="yes") |
318c1fa3 PR |
496 | |
497 | ||
b6689447 | 498 | def test_vrf_prefix_peer_change_passwords(tgen): |
318c1fa3 PR |
499 | "selectively change passwords checking state with VRF prefix config" |
500 | ||
318c1fa3 PR |
501 | # only supported in kernel > 5.3 |
502 | if topotest.version_cmp(platform.release(), "5.3") < 0: | |
318c1fa3 PR |
503 | return |
504 | ||
02547745 | 505 | reset_with_new_configs(tgen, "bgpd_vrf_prefix.conf", "ospfd_vrf.conf") |
318c1fa3 | 506 | check_vrf_peer_change_passwords(vrf="blue", prefix="yes") |
318c1fa3 PR |
507 | |
508 | ||
b6689447 | 509 | def test_multiple_vrf_peer_established(tgen): |
318c1fa3 PR |
510 | "default vrf 3 peers same password with multiple VRFs" |
511 | ||
02547745 | 512 | reset_with_new_configs(tgen, "bgpd_multi_vrf.conf", "ospfd_multi_vrf.conf") |
318c1fa3 PR |
513 | check_all_peers_established("blue") |
514 | check_all_peers_established("red") | |
318c1fa3 PR |
515 | |
516 | ||
b6689447 | 517 | def test_multiple_vrf_peer_remove_passwords(tgen): |
318c1fa3 PR |
518 | "selectively remove passwords checking state with multiple VRFs" |
519 | ||
02547745 | 520 | reset_with_new_configs(tgen, "bgpd_multi_vrf.conf", "ospfd_multi_vrf.conf") |
318c1fa3 PR |
521 | check_vrf_peer_remove_passwords("blue") |
522 | check_all_peers_established("red") | |
523 | check_vrf_peer_remove_passwords("red") | |
524 | check_all_peers_established("blue") | |
318c1fa3 PR |
525 | |
526 | ||
b6689447 | 527 | def test_multiple_vrf_peer_change_passwords(tgen): |
318c1fa3 PR |
528 | "selectively change passwords checking state with multiple VRFs" |
529 | ||
02547745 | 530 | reset_with_new_configs(tgen, "bgpd_multi_vrf.conf", "ospfd_multi_vrf.conf") |
318c1fa3 PR |
531 | check_vrf_peer_change_passwords("blue") |
532 | check_all_peers_established("red") | |
533 | check_vrf_peer_change_passwords("red") | |
534 | check_all_peers_established("blue") | |
318c1fa3 PR |
535 | |
536 | ||
b6689447 | 537 | def test_multiple_vrf_prefix_peer_established(tgen): |
318c1fa3 PR |
538 | "default vrf 3 peers same password with multilpe VRFs and prefix config" |
539 | ||
540 | # only supported in kernel > 5.3 | |
541 | if topotest.version_cmp(platform.release(), "5.3") < 0: | |
542 | return | |
543 | ||
02547745 | 544 | reset_with_new_configs(tgen, "bgpd_multi_vrf_prefix.conf", "ospfd_multi_vrf.conf") |
318c1fa3 PR |
545 | check_all_peers_established("blue") |
546 | check_all_peers_established("red") | |
318c1fa3 PR |
547 | |
548 | ||
b6689447 | 549 | def test_multiple_vrf_prefix_peer_remove_passwords(tgen): |
318c1fa3 PR |
550 | "selectively remove passwords checking state with multiple vrfs and prefix config" |
551 | ||
552 | # only supported in kernel > 5.3 | |
553 | if topotest.version_cmp(platform.release(), "5.3") < 0: | |
554 | return | |
555 | ||
02547745 | 556 | reset_with_new_configs(tgen, "bgpd_multi_vrf_prefix.conf", "ospfd_multi_vrf.conf") |
318c1fa3 PR |
557 | check_vrf_peer_remove_passwords(vrf="blue", prefix="yes") |
558 | check_all_peers_established("red") | |
559 | check_vrf_peer_remove_passwords(vrf="red", prefix="yes") | |
560 | check_all_peers_established("blue") | |
318c1fa3 PR |
561 | |
562 | ||
b6689447 | 563 | def test_multiple_vrf_prefix_peer_change_passwords(tgen): |
318c1fa3 PR |
564 | "selectively change passwords checking state with multiple vrfs and prefix config" |
565 | ||
566 | # only supported in kernel > 5.3 | |
567 | if topotest.version_cmp(platform.release(), "5.3") < 0: | |
318c1fa3 PR |
568 | return |
569 | ||
02547745 | 570 | reset_with_new_configs(tgen, "bgpd_multi_vrf_prefix.conf", "ospfd_multi_vrf.conf") |
318c1fa3 PR |
571 | check_vrf_peer_change_passwords(vrf="blue", prefix="yes") |
572 | check_all_peers_established("red") | |
573 | check_vrf_peer_change_passwords(vrf="red", prefix="yes") | |
574 | check_all_peers_established("blue") | |
318c1fa3 PR |
575 | |
576 | ||
b6689447 | 577 | def test_memory_leak(tgen): |
318c1fa3 | 578 | "Run the memory leak test and report results." |
318c1fa3 PR |
579 | if not tgen.is_memleak_enabled(): |
580 | pytest.skip("Memory leak test/report is disabled") | |
581 | ||
582 | tgen.report_memory_leaks() | |
583 | ||
584 | ||
585 | if __name__ == "__main__": | |
586 | args = ["-s"] + sys.argv[1:] | |
587 | sys.exit(pytest.main(args)) |