5 # Part of NetDEF Topology Tests
7 # Copyright (c) 2020 by Volta Networks
9 # Permission to use, copy, modify, and/or distribute this software
10 # for any purpose with or without fee is hereby granted, provided
11 # that the above copyright notice and this permission notice appear
14 # THE SOFTWARE IS PROVIDED "AS IS" AND NETDEF DISCLAIMS ALL WARRANTIES
15 # WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
16 # MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL NETDEF BE LIABLE FOR
17 # ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY
18 # DAMAGES WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS,
19 # WHETHER IN AN ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS
20 # ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR PERFORMANCE
25 test_bgp_auth.py: Test BGP Md5 Authentication
29 | +------| R1 |------+ |
35 | R2 |------------| R3 |
40 setup is 3 routers with 3 links between each each link in a different vrf
41 Default, blue and red respectively
42 Tests check various fiddling with passwords and checking that the peer
43 establishment is as expected and passwords are not leaked across sockets
46 # pylint: disable=C0413
52 from time
import sleep
55 from lib
import common_config
, topotest
56 from lib
.common_config
import (
57 save_initial_config_on_routers
,
58 reset_with_new_configs
,
60 from bgp_auth_common
import (
61 check_all_peers_established
,
62 check_vrf_peer_remove_passwords
,
63 check_vrf_peer_change_passwords
,
64 check_all_peers_established
,
66 from lib
.topogen
import Topogen
, TopoRouter
, get_topogen
68 pytestmark
= [pytest
.mark
.bgpd
, pytest
.mark
.ospfd
]
70 CWD
= os
.path
.dirname(os
.path
.realpath(__file__
))
78 tgen
.add_link(tgen
.gears
["R1"], tgen
.gears
["R2"])
79 tgen
.add_link(tgen
.gears
["R1"], tgen
.gears
["R3"])
80 tgen
.add_link(tgen
.gears
["R2"], tgen
.gears
["R3"])
81 tgen
.add_link(tgen
.gears
["R1"], tgen
.gears
["R2"])
82 tgen
.add_link(tgen
.gears
["R1"], tgen
.gears
["R3"])
83 tgen
.add_link(tgen
.gears
["R2"], tgen
.gears
["R3"])
84 tgen
.add_link(tgen
.gears
["R1"], tgen
.gears
["R2"])
85 tgen
.add_link(tgen
.gears
["R1"], tgen
.gears
["R3"])
86 tgen
.add_link(tgen
.gears
["R2"], tgen
.gears
["R3"])
89 def setup_module(mod
):
90 "Sets up the pytest environment"
91 # This function initiates the topology build with Topogen...
92 tgen
= Topogen(build_topo
, mod
.__name
__)
93 # ... and here it calls Mininet initialization functions.
101 r1
.cmd_raises("ip link add blue type vrf table 1001")
102 r1
.cmd_raises("ip link set up dev blue")
103 r2
.cmd_raises("ip link add blue type vrf table 1001")
104 r2
.cmd_raises("ip link set up dev blue")
105 r3
.cmd_raises("ip link add blue type vrf table 1001")
106 r3
.cmd_raises("ip link set up dev blue")
108 r1
.cmd_raises("ip link add lo1 type dummy")
109 r1
.cmd_raises("ip link set lo1 master blue")
110 r1
.cmd_raises("ip link set up dev lo1")
111 r2
.cmd_raises("ip link add lo1 type dummy")
112 r2
.cmd_raises("ip link set up dev lo1")
113 r2
.cmd_raises("ip link set lo1 master blue")
114 r3
.cmd_raises("ip link add lo1 type dummy")
115 r3
.cmd_raises("ip link set up dev lo1")
116 r3
.cmd_raises("ip link set lo1 master blue")
118 r1
.cmd_raises("ip link set R1-eth2 master blue")
119 r1
.cmd_raises("ip link set R1-eth3 master blue")
120 r2
.cmd_raises("ip link set R2-eth2 master blue")
121 r2
.cmd_raises("ip link set R2-eth3 master blue")
122 r3
.cmd_raises("ip link set R3-eth2 master blue")
123 r3
.cmd_raises("ip link set R3-eth3 master blue")
125 r1
.cmd_raises("ip link set up dev R1-eth2")
126 r1
.cmd_raises("ip link set up dev R1-eth3")
127 r2
.cmd_raises("ip link set up dev R2-eth2")
128 r2
.cmd_raises("ip link set up dev R2-eth3")
129 r3
.cmd_raises("ip link set up dev R3-eth2")
130 r3
.cmd_raises("ip link set up dev R3-eth3")
133 r1
.cmd_raises("ip link add red type vrf table 1002")
134 r1
.cmd_raises("ip link set up dev red")
135 r2
.cmd_raises("ip link add red type vrf table 1002")
136 r2
.cmd_raises("ip link set up dev red")
137 r3
.cmd_raises("ip link add red type vrf table 1002")
138 r3
.cmd_raises("ip link set up dev red")
140 r1
.cmd_raises("ip link add lo2 type dummy")
141 r1
.cmd_raises("ip link set lo2 master red")
142 r1
.cmd_raises("ip link set up dev lo2")
143 r2
.cmd_raises("ip link add lo2 type dummy")
144 r2
.cmd_raises("ip link set up dev lo2")
145 r2
.cmd_raises("ip link set lo2 master red")
146 r3
.cmd_raises("ip link add lo2 type dummy")
147 r3
.cmd_raises("ip link set up dev lo2")
148 r3
.cmd_raises("ip link set lo2 master red")
150 r1
.cmd_raises("ip link set R1-eth4 master red")
151 r1
.cmd_raises("ip link set R1-eth5 master red")
152 r2
.cmd_raises("ip link set R2-eth4 master red")
153 r2
.cmd_raises("ip link set R2-eth5 master red")
154 r3
.cmd_raises("ip link set R3-eth4 master red")
155 r3
.cmd_raises("ip link set R3-eth5 master red")
157 r1
.cmd_raises("ip link set up dev R1-eth4")
158 r1
.cmd_raises("ip link set up dev R1-eth5")
159 r2
.cmd_raises("ip link set up dev R2-eth4")
160 r2
.cmd_raises("ip link set up dev R2-eth5")
161 r3
.cmd_raises("ip link set up dev R3-eth4")
162 r3
.cmd_raises("ip link set up dev R3-eth5")
164 r1
.cmd_raises("sysctl -w net.ipv4.tcp_l3mdev_accept=1")
165 r2
.cmd_raises("sysctl -w net.ipv4.tcp_l3mdev_accept=1")
166 r3
.cmd_raises("sysctl -w net.ipv4.tcp_l3mdev_accept=1")
168 # This is a sample of configuration loading.
169 router_list
= tgen
.routers()
171 # For all registered routers, load the zebra configuration file
172 for rname
, router
in router_list
.items():
173 router
.load_config(TopoRouter
.RD_ZEBRA
, "zebra.conf")
174 router
.load_config(TopoRouter
.RD_OSPF
)
175 router
.load_config(TopoRouter
.RD_BGP
)
177 # After copying the configurations, this function loads configured daemons.
180 # Save the initial router config. reset_config_on_routers will return to this config.
181 save_initial_config_on_routers(tgen
)
184 def teardown_module(mod
):
185 "Teardown the pytest environment"
188 # This function tears down the whole topology.
192 def test_vrf_prefix_peer_established(tgen
):
193 "default vrf 3 peers same password with VRF prefix config"
195 # only supported in kernel > 5.3
196 if topotest
.version_cmp(platform
.release(), "5.3") < 0:
199 reset_with_new_configs(tgen
, "bgpd_vrf_prefix.conf", "ospfd_vrf.conf")
200 check_all_peers_established("blue")
203 def test_vrf_prefix_peer_remove_passwords(tgen
):
204 "selectively remove passwords checking state with VRF prefix config"
206 # only supported in kernel > 5.3
207 if topotest
.version_cmp(platform
.release(), "5.3") < 0:
210 reset_with_new_configs(tgen
, "bgpd_vrf_prefix.conf", "ospfd_vrf.conf")
211 check_vrf_peer_remove_passwords(vrf
="blue", prefix
="yes")
214 def test_vrf_prefix_peer_change_passwords(tgen
):
215 "selectively change passwords checking state with VRF prefix config"
217 # only supported in kernel > 5.3
218 if topotest
.version_cmp(platform
.release(), "5.3") < 0:
221 reset_with_new_configs(tgen
, "bgpd_vrf_prefix.conf", "ospfd_vrf.conf")
222 check_vrf_peer_change_passwords(vrf
="blue", prefix
="yes")
225 def test_multiple_vrf_peer_established(tgen
):
226 "default vrf 3 peers same password with multiple VRFs"
228 reset_with_new_configs(tgen
, "bgpd_multi_vrf.conf", "ospfd_multi_vrf.conf")
229 check_all_peers_established("blue")
230 check_all_peers_established("red")
233 def test_multiple_vrf_peer_remove_passwords(tgen
):
234 "selectively remove passwords checking state with multiple VRFs"
236 reset_with_new_configs(tgen
, "bgpd_multi_vrf.conf", "ospfd_multi_vrf.conf")
237 check_vrf_peer_remove_passwords("blue")
238 check_all_peers_established("red")
239 check_vrf_peer_remove_passwords("red")
240 check_all_peers_established("blue")
243 def test_memory_leak(tgen
):
244 "Run the memory leak test and report results."
245 if not tgen
.is_memleak_enabled():
246 pytest
.skip("Memory leak test/report is disabled")
248 tgen
.report_memory_leaks()
251 if __name__
== "__main__":
252 args
= ["-s"] + sys
.argv
[1:]
253 sys
.exit(pytest
.main(args
))