Introduce CoPP selftest for icmp{4,6}_error controller action
Remove sleep in CoPP test and rely on tcpdump "-l" option.Signed-off-by: Lorenzo Bianconi <[email protected]> --- tests/ovn-northd.at | 23 +++++++++++++++++++++++ tests/system-ovn.at | 43 ++++++++++++++++++++++++++++--------------- 2 files changed, 51 insertions(+), 15 deletions(-) diff --git a/tests/ovn-northd.at b/tests/ovn-northd.at index 544820764..3ff0029f8 100644 --- a/tests/ovn-northd.at +++ b/tests/ovn-northd.at @@ -3249,6 +3249,29 @@ AT_CHECK([ovn-nbctl lr-copp-list r0], [0], [dnl AT_CHECK([ovn-sbctl list logical_flow | grep arp -A 2 | grep -q meter1],[1]) +check ovn-nbctl --wait=hv meter-add meter2 drop 400 pktps 10 +check ovn-nbctl --wait=hv lr-copp-add r0 icmp4-error meter2 +AT_CHECK([ovn-nbctl lr-copp-list r0], [0], [dnl +icmp4-error: meter2 +]) + +AT_CHECK([ovn-sbctl list logical_flow | grep icmp4 -A 2 | grep -q meter2]) + +check ovn-nbctl --wait=hv lr-copp-del r0 icmp4-error +AT_CHECK([ovn-nbctl lr-copp-list r0], [0], [dnl +]) + +check ovn-nbctl --wait=hv lr-copp-add r0 icmp6-error meter2 +AT_CHECK([ovn-nbctl lr-copp-list r0], [0], [dnl +icmp6-error: meter2 +]) + +AT_CHECK([ovn-sbctl list logical_flow | grep icmp6 -A 2 | grep -q meter2]) + +check ovn-nbctl --wait=hv lr-copp-del r0 icmp6-error +AT_CHECK([ovn-nbctl lr-copp-list r0], [0], [dnl +]) + check ovn-nbctl --wait=hv ls-copp-del sw1 event-elb AT_CHECK([ovn-nbctl ls-copp-list sw1], [0], [dnl ]) diff --git a/tests/system-ovn.at b/tests/system-ovn.at index 345384223..d003843c3 100644 --- a/tests/system-ovn.at +++ b/tests/system-ovn.at @@ -6669,7 +6669,7 @@ check ovn-nbctl lsp-add public public1 \ -- lsp-set-type public1 localnet \ -- lsp-set-options public1 network_name=phynet -NS_EXEC([sw01], [tcpdump -n -i sw01 icmp -Q in > reject.pcap &]) +NS_EXEC([sw01], [tcpdump -l -n -i sw01 icmp -Q in > reject.pcap &]) check ovn-nbctl meter-add acl-meter drop 1 pktps 0 check ovn-nbctl --wait=hv ls-copp-add sw0 reject acl-meter check ovn-nbctl acl-add sw0 from-lport 1002 'inport == "sw01" && ip && udp' reject @@ -6679,37 +6679,33 @@ reject: acl-meter ]) ip netns exec sw01 scapy -H <<-EOF -p = IP(src="192.168.1.2", dst="192.168.1.1")/ UDP(dport = 12345) / Raw(b"X"*64) +p = IP(src="192.168.1.2", dst="192.168.1.1") / UDP(dport = 12345) / Raw(b"X"*64) send (p, iface='sw01', loop = 0, verbose = 0, count = 20) EOF -sleep 2 -kill $(pidof tcpdump) - # 1pps + 1 burst size OVS_WAIT_UNTIL([ n_reject=$(grep unreachable reject.pcap | wc -l) test "${n_reject}" = "2" ]) +kill $(pidof tcpdump) rm -f reject.pcap -NS_EXEC([sw01], [tcpdump -n -i sw01 icmp -Q in > reject.pcap &]) +NS_EXEC([sw01], [tcpdump -l -n -i sw01 icmp -Q in > reject.pcap &]) check ovn-nbctl --wait=hv ls-copp-del sw0 reject ip netns exec sw01 scapy -H <<-EOF -p = IP(src="192.168.1.2", dst="192.168.1.1")/ UDP(dport = 12345) / Raw(b"X"*64) +p = IP(src="192.168.1.2", dst="192.168.1.1") / UDP(dport = 12345) / Raw(b"X"*64) send (p, iface='sw01', loop = 0, verbose = 0, count = 20) EOF -sleep 2 -kill $(pidof tcpdump) - OVS_WAIT_UNTIL([ n_reject=$(grep unreachable reject.pcap | wc -l) test "${n_reject}" = "20" ]) +kill $(pidof tcpdump) -NS_EXEC([server], [tcpdump -n -i s1 arp[[24:4]]=0xac100164 > arp.pcap &]) +NS_EXEC([server], [tcpdump -l -n -i s1 arp[[24:4]]=0xac100164 > arp.pcap &]) check ovn-nbctl meter-add arp-meter drop 1 pktps 0 check ovn-nbctl --wait=hv lr-copp-add R1 arp-resolve arp-meter AT_CHECK([ovn-nbctl lr-copp-list R1], [0], [dnl @@ -6717,18 +6713,35 @@ arp-resolve: arp-meter ]) ip netns exec sw01 scapy -H <<-EOF -p = IP(src="192.168.1.2", dst="172.16.1.100")/ TCP(dport = 80, flags="S") / Raw(b"X"*64) +p = IP(src="192.168.1.2", dst="172.16.1.100") / TCP(dport = 80, flags="S") / Raw(b"X"*64) send (p, iface='sw01', loop = 0, verbose = 0, count = 100) EOF -sleep 2 -kill $(pidof tcpdump) - # 1pps + 1 burst size OVS_WAIT_UNTIL([ n_arp=$(grep ARP arp.pcap | wc -l) test "${n_arp}" = "2" ]) +kill $(pidof tcpdump) + +check ovn-nbctl meter-add icmp-meter drop 1 pktps 0 +check ovn-nbctl --wait=hv lr-copp-add R1 icmp4-error icmp-meter +AT_CHECK([ovn-nbctl lr-copp-list R1 |grep icmp4-error], [0], [dnl +icmp4-error: icmp-meter +]) + +NS_EXEC([sw01], [tcpdump -l -n -i sw01 icmp > icmp.pcap &]) +ip netns exec sw01 scapy -H <<-EOF +p = IP(src="192.168.1.2", dst="172.16.1.100", ttl=1) / TCP(dport = 8080, flags="S") / Raw(b"X"*64) +send (p, iface='sw01', loop = 0, verbose = 0, count = 100) +EOF + +# 1pps + 1 burst size +OVS_WAIT_UNTIL([ + n_icmp=$(grep ICMP icmp.pcap | wc -l) + test "${n_icmp}" = "2" +]) +kill $(pidof tcpdump) kill $(pidof ovn-controller) -- 2.31.1 _______________________________________________ dev mailing list [email protected] https://mail.openvswitch.org/mailman/listinfo/ovs-dev
