]> git.proxmox.com Git - mirror_frr.git/blame - tests/topotests/bgp_auth/test_bgp_auth4.py
projects / mirror_frr.git / blame
? search:
summary | shortlog | log | commit | commitdiff | tree
blob | blame (incremental) | history | HEAD
doc: Add `show ipv6 rpf X:X::X:X` command to docs
[mirror_frr.git] / tests / topotests / bgp_auth / test_bgp_auth4.py
CommitLineData
318c1fa3
PR		 1#!/usr/bin/env python
2
3#
4# test_bgp_auth.py
5# Part of NetDEF Topology Tests
6#
7# Copyright (c) 2020 by Volta Networks
8#
9# Permission to use, copy, modify, and/or distribute this software
10# for any purpose with or without fee is hereby granted, provided
11# that the above copyright notice and this permission notice appear
12# in all copies.
13#
14# THE SOFTWARE IS PROVIDED "AS IS" AND NETDEF DISCLAIMS ALL WARRANTIES
15# WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
16# MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL NETDEF BE LIABLE FOR
17# ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY
18# DAMAGES WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS,
19# WHETHER IN AN ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS
20# ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR PERFORMANCE
21# OF THIS SOFTWARE.
22#
23
24"""
25test_bgp_auth.py: Test BGP Md5 Authentication
26
27 +------+
28 +--------| |--------+
29 | +------| R1 |------+ |
30 | | -----| |----+ | |
31 | | | +------+ | | |
32 | | | | | |
33 +------+ +------+
34 | |------------| |
35 | R2 |------------| R3 |
36 | |------------| |
37 +------+ +------+
38
39
40setup is 3 routers with 3 links between each each link in a different vrf
41Default, blue and red respectively
42Tests check various fiddling with passwords and checking that the peer
02547745 43establishment is as expected and passwords are not leaked across sockets
318c1fa3
PR		 44for bgp instances
45"""
02547745 46# pylint: disable=C0413
318c1fa3 47
318c1fa3 48import json
02547745 49import os
318c1fa3 50import platform
02547745 51import sys
318c1fa3
PR		 52from time import sleep
53
02547745
CH		 54import pytest
55from lib import common_config, topotest
b6689447 56from lib.common_config import (
02547745
CH		 57 save_initial_config_on_routers,
58 reset_with_new_configs,
b6689447 59)
da72986a
DS		 60from bgp_auth_common import (
61 check_vrf_peer_change_passwords,
62 check_all_peers_established,
63 check_vrf_peer_remove_passwords,
64)
02547745 65from lib.topogen import Topogen, TopoRouter, get_topogen
318c1fa3 66
3dedee4f
DS		 67pytestmark = [pytest.mark.bgpd, pytest.mark.ospfd]
68
02547745 69CWD = os.path.dirname(os.path.realpath(__file__))
318c1fa3 70
a53c08bc 71
e82b531d 72def build_topo(tgen):
e82b531d
CH		 73 tgen.add_router("R1")
74 tgen.add_router("R2")
75 tgen.add_router("R3")
76
b6689447 77 tgen.add_link(tgen.gears["R1"], tgen.gears["R2"])
b6689447 78 tgen.add_link(tgen.gears["R1"], tgen.gears["R3"])
b6689447 79 tgen.add_link(tgen.gears["R2"], tgen.gears["R3"])
b6689447 80 tgen.add_link(tgen.gears["R1"], tgen.gears["R2"])
b6689447 81 tgen.add_link(tgen.gears["R1"], tgen.gears["R3"])
b6689447 82 tgen.add_link(tgen.gears["R2"], tgen.gears["R3"])
b6689447 83 tgen.add_link(tgen.gears["R1"], tgen.gears["R2"])
b6689447 84 tgen.add_link(tgen.gears["R1"], tgen.gears["R3"])
b6689447 85 tgen.add_link(tgen.gears["R2"], tgen.gears["R3"])
318c1fa3
PR		 86
87
88def setup_module(mod):
89 "Sets up the pytest environment"
90 # This function initiates the topology build with Topogen...
e82b531d 91 tgen = Topogen(build_topo, mod.__name__)
318c1fa3
PR		 92 # ... and here it calls Mininet initialization functions.
93 tgen.start_topology()
94
95 r1 = tgen.gears["R1"]
96 r2 = tgen.gears["R2"]
97 r3 = tgen.gears["R3"]
98
99 # blue vrf
b6689447
CH		 100 r1.cmd_raises("ip link add blue type vrf table 1001")
101 r1.cmd_raises("ip link set up dev blue")
102 r2.cmd_raises("ip link add blue type vrf table 1001")
103 r2.cmd_raises("ip link set up dev blue")
104 r3.cmd_raises("ip link add blue type vrf table 1001")
105 r3.cmd_raises("ip link set up dev blue")
106
107 r1.cmd_raises("ip link add lo1 type dummy")
108 r1.cmd_raises("ip link set lo1 master blue")
109 r1.cmd_raises("ip link set up dev lo1")
110 r2.cmd_raises("ip link add lo1 type dummy")
111 r2.cmd_raises("ip link set up dev lo1")
112 r2.cmd_raises("ip link set lo1 master blue")
113 r3.cmd_raises("ip link add lo1 type dummy")
114 r3.cmd_raises("ip link set up dev lo1")
115 r3.cmd_raises("ip link set lo1 master blue")
116
117 r1.cmd_raises("ip link set R1-eth2 master blue")
118 r1.cmd_raises("ip link set R1-eth3 master blue")
119 r2.cmd_raises("ip link set R2-eth2 master blue")
120 r2.cmd_raises("ip link set R2-eth3 master blue")
121 r3.cmd_raises("ip link set R3-eth2 master blue")
122 r3.cmd_raises("ip link set R3-eth3 master blue")
123
124 r1.cmd_raises("ip link set up dev R1-eth2")
125 r1.cmd_raises("ip link set up dev R1-eth3")
126 r2.cmd_raises("ip link set up dev R2-eth2")
127 r2.cmd_raises("ip link set up dev R2-eth3")
128 r3.cmd_raises("ip link set up dev R3-eth2")
129 r3.cmd_raises("ip link set up dev R3-eth3")
318c1fa3
PR		 130
131 # red vrf
b6689447
CH		 132 r1.cmd_raises("ip link add red type vrf table 1002")
133 r1.cmd_raises("ip link set up dev red")
134 r2.cmd_raises("ip link add red type vrf table 1002")
135 r2.cmd_raises("ip link set up dev red")
136 r3.cmd_raises("ip link add red type vrf table 1002")
137 r3.cmd_raises("ip link set up dev red")
138
139 r1.cmd_raises("ip link add lo2 type dummy")
140 r1.cmd_raises("ip link set lo2 master red")
141 r1.cmd_raises("ip link set up dev lo2")
142 r2.cmd_raises("ip link add lo2 type dummy")
143 r2.cmd_raises("ip link set up dev lo2")
144 r2.cmd_raises("ip link set lo2 master red")
145 r3.cmd_raises("ip link add lo2 type dummy")
146 r3.cmd_raises("ip link set up dev lo2")
147 r3.cmd_raises("ip link set lo2 master red")
148
149 r1.cmd_raises("ip link set R1-eth4 master red")
150 r1.cmd_raises("ip link set R1-eth5 master red")
151 r2.cmd_raises("ip link set R2-eth4 master red")
152 r2.cmd_raises("ip link set R2-eth5 master red")
153 r3.cmd_raises("ip link set R3-eth4 master red")
154 r3.cmd_raises("ip link set R3-eth5 master red")
155
156 r1.cmd_raises("ip link set up dev R1-eth4")
157 r1.cmd_raises("ip link set up dev R1-eth5")
158 r2.cmd_raises("ip link set up dev R2-eth4")
159 r2.cmd_raises("ip link set up dev R2-eth5")
160 r3.cmd_raises("ip link set up dev R3-eth4")
161 r3.cmd_raises("ip link set up dev R3-eth5")
318c1fa3 162
f3095914
DS		 163 r1.cmd_raises("sysctl -w net.ipv4.tcp_l3mdev_accept=1")
164 r2.cmd_raises("sysctl -w net.ipv4.tcp_l3mdev_accept=1")
165 r3.cmd_raises("sysctl -w net.ipv4.tcp_l3mdev_accept=1")
166
318c1fa3
PR		 167 # This is a sample of configuration loading.
168 router_list = tgen.routers()
169
b515c81a 170 # For all registered routers, load the zebra configuration file
e5f0ed14 171 for rname, router in router_list.items():
02547745
CH		 172 router.load_config(TopoRouter.RD_ZEBRA, "zebra.conf")
173 router.load_config(TopoRouter.RD_OSPF)
174 router.load_config(TopoRouter.RD_BGP)
318c1fa3 175
02547745 176 # After copying the configurations, this function loads configured daemons.
318c1fa3
PR		 177 tgen.start_router()
178
02547745
CH		 179 # Save the initial router config. reset_config_on_routers will return to this config.
180 save_initial_config_on_routers(tgen)
b6689447 181
318c1fa3
PR		 182
183def teardown_module(mod):
184 "Teardown the pytest environment"
185 tgen = get_topogen()
186
187 # This function tears down the whole topology.
188 tgen.stop_topology()
189
190
b6689447 191def test_multiple_vrf_peer_change_passwords(tgen):
318c1fa3
PR		 192 "selectively change passwords checking state with multiple VRFs"
193
02547745 194 reset_with_new_configs(tgen, "bgpd_multi_vrf.conf", "ospfd_multi_vrf.conf")
318c1fa3
PR		 195 check_vrf_peer_change_passwords("blue")
196 check_all_peers_established("red")
197 check_vrf_peer_change_passwords("red")
198 check_all_peers_established("blue")
318c1fa3
PR		 199
200
b6689447 201def test_multiple_vrf_prefix_peer_established(tgen):
318c1fa3
PR		 202 "default vrf 3 peers same password with multilpe VRFs and prefix config"
203
204 # only supported in kernel > 5.3
205 if topotest.version_cmp(platform.release(), "5.3") < 0:
206 return
207
02547745 208 reset_with_new_configs(tgen, "bgpd_multi_vrf_prefix.conf", "ospfd_multi_vrf.conf")
318c1fa3
PR		 209 check_all_peers_established("blue")
210 check_all_peers_established("red")
318c1fa3
PR		 211
212
b6689447 213def test_multiple_vrf_prefix_peer_remove_passwords(tgen):
318c1fa3
PR		 214 "selectively remove passwords checking state with multiple vrfs and prefix config"
215
216 # only supported in kernel > 5.3
217 if topotest.version_cmp(platform.release(), "5.3") < 0:
218 return
219
02547745 220 reset_with_new_configs(tgen, "bgpd_multi_vrf_prefix.conf", "ospfd_multi_vrf.conf")
318c1fa3
PR		 221 check_vrf_peer_remove_passwords(vrf="blue", prefix="yes")
222 check_all_peers_established("red")
223 check_vrf_peer_remove_passwords(vrf="red", prefix="yes")
224 check_all_peers_established("blue")
318c1fa3
PR		 225
226
b6689447 227def test_multiple_vrf_prefix_peer_change_passwords(tgen):
318c1fa3
PR		 228 "selectively change passwords checking state with multiple vrfs and prefix config"
229
230 # only supported in kernel > 5.3
231 if topotest.version_cmp(platform.release(), "5.3") < 0:
318c1fa3
PR		 232 return
233
02547745 234 reset_with_new_configs(tgen, "bgpd_multi_vrf_prefix.conf", "ospfd_multi_vrf.conf")
318c1fa3
PR		 235 check_vrf_peer_change_passwords(vrf="blue", prefix="yes")
236 check_all_peers_established("red")
237 check_vrf_peer_change_passwords(vrf="red", prefix="yes")
238 check_all_peers_established("blue")
318c1fa3
PR		 239
240
b6689447 241def test_memory_leak(tgen):
318c1fa3 242 "Run the memory leak test and report results."
318c1fa3
PR		 243 if not tgen.is_memleak_enabled():
244 pytest.skip("Memory leak test/report is disabled")
245
246 tgen.report_memory_leaks()
247
248
249if __name__ == "__main__":
250 args = ["-s"] + sys.argv[1:]
251 sys.exit(pytest.main(args))
FRRouting mirror