Re: [ovs-dev] [PATCH v2 ovn 1/3] CoPP: add self-test for icmp{4, 6}_error controller action

Fri, 29 Oct 2021 01:48:01 -0700 

On 21/10/2021 23:18, Lorenzo Bianconi wrote:
> Introduce CoPP selftest for icmp{4,6}_error controller action
> Remove sleep in CoPP test and rely on tcpdump "-l" option.
> 
> Signed-off-by: Lorenzo Bianconi <[email protected]>
> ---
>  tests/ovn-northd.at | 23 +++++++++++++++++++++++
>  tests/system-ovn.at | 43 ++++++++++++++++++++++++++++---------------
>  2 files changed, 51 insertions(+), 15 deletions(-)
> 
> diff --git a/tests/ovn-northd.at b/tests/ovn-northd.at
> index 544820764..3ff0029f8 100644
> --- a/tests/ovn-northd.at
> +++ b/tests/ovn-northd.at
> @@ -3249,6 +3249,29 @@ AT_CHECK([ovn-nbctl lr-copp-list r0], [0], [dnl
>  
>  AT_CHECK([ovn-sbctl list logical_flow | grep arp -A 2 | grep -q meter1],[1])
>  
> +check ovn-nbctl --wait=hv meter-add meter2 drop 400 pktps 10
> +check ovn-nbctl --wait=hv lr-copp-add r0 icmp4-error meter2
> +AT_CHECK([ovn-nbctl lr-copp-list r0], [0], [dnl
> +icmp4-error: meter2
> +])
> +
> +AT_CHECK([ovn-sbctl list logical_flow | grep icmp4 -A 2 | grep -q meter2])
> +
> +check ovn-nbctl --wait=hv lr-copp-del r0 icmp4-error
> +AT_CHECK([ovn-nbctl lr-copp-list r0], [0], [dnl
> +])
> +
> +check ovn-nbctl --wait=hv lr-copp-add r0 icmp6-error meter2
> +AT_CHECK([ovn-nbctl lr-copp-list r0], [0], [dnl
> +icmp6-error: meter2
> +])
> +
> +AT_CHECK([ovn-sbctl list logical_flow | grep icmp6 -A 2 | grep -q meter2])
> +
> +check ovn-nbctl --wait=hv lr-copp-del r0 icmp6-error
> +AT_CHECK([ovn-nbctl lr-copp-list r0], [0], [dnl
> +])
> +
>  check ovn-nbctl --wait=hv ls-copp-del sw1 event-elb
>  AT_CHECK([ovn-nbctl ls-copp-list sw1], [0], [dnl
>  ])
> diff --git a/tests/system-ovn.at b/tests/system-ovn.at
> index 345384223..d003843c3 100644
> --- a/tests/system-ovn.at
> +++ b/tests/system-ovn.at
> @@ -6669,7 +6669,7 @@ check ovn-nbctl lsp-add public public1 \
>          -- lsp-set-type public1 localnet \
>          -- lsp-set-options public1 network_name=phynet
>  
> -NS_EXEC([sw01], [tcpdump -n -i sw01 icmp -Q in > reject.pcap &])
> +NS_EXEC([sw01], [tcpdump -l -n -i sw01 icmp -Q in > reject.pcap &])
>  check ovn-nbctl meter-add acl-meter drop 1 pktps 0
>  check ovn-nbctl --wait=hv ls-copp-add sw0 reject acl-meter
>  check ovn-nbctl acl-add sw0 from-lport 1002 'inport == "sw01" && ip && udp' 
> reject
> @@ -6679,37 +6679,33 @@ reject: acl-meter
>  ])
>  
>  ip netns exec sw01 scapy -H <<-EOF
> -p = IP(src="192.168.1.2", dst="192.168.1.1")/ UDP(dport = 12345) / 
> Raw(b"X"*64)
> +p = IP(src="192.168.1.2", dst="192.168.1.1") / UDP(dport = 12345) / 
> Raw(b"X"*64)
>  send (p, iface='sw01', loop = 0, verbose = 0, count = 20)
>  EOF
>  
> -sleep 2
> -kill $(pidof tcpdump)
> -
>  # 1pps + 1 burst size
>  OVS_WAIT_UNTIL([
>      n_reject=$(grep unreachable reject.pcap | wc -l)
>      test "${n_reject}" = "2"
>  ])
> +kill $(pidof tcpdump)
>  
>  rm -f reject.pcap
> -NS_EXEC([sw01], [tcpdump -n -i sw01 icmp -Q in > reject.pcap &])
> +NS_EXEC([sw01], [tcpdump -l -n -i sw01 icmp -Q in > reject.pcap &])
>  check ovn-nbctl --wait=hv ls-copp-del sw0 reject
>  
>  ip netns exec sw01 scapy -H <<-EOF
> -p = IP(src="192.168.1.2", dst="192.168.1.1")/ UDP(dport = 12345) / 
> Raw(b"X"*64)
> +p = IP(src="192.168.1.2", dst="192.168.1.1") / UDP(dport = 12345) / 
> Raw(b"X"*64)
>  send (p, iface='sw01', loop = 0, verbose = 0, count = 20)
>  EOF
>  
> -sleep 2
> -kill $(pidof tcpdump)
> -
>  OVS_WAIT_UNTIL([
>      n_reject=$(grep unreachable reject.pcap | wc -l)
>      test "${n_reject}" = "20"
>  ])
> +kill $(pidof tcpdump)
>  
> -NS_EXEC([server], [tcpdump -n -i s1 arp[[24:4]]=0xac100164 > arp.pcap &])
> +NS_EXEC([server], [tcpdump -l -n -i s1 arp[[24:4]]=0xac100164 > arp.pcap &])
>  check ovn-nbctl meter-add arp-meter drop 1 pktps 0
>  check ovn-nbctl --wait=hv lr-copp-add R1 arp-resolve arp-meter
>  AT_CHECK([ovn-nbctl lr-copp-list R1], [0], [dnl
> @@ -6717,18 +6713,35 @@ arp-resolve: arp-meter
>  ])
>  
>  ip netns exec sw01 scapy -H <<-EOF
> -p = IP(src="192.168.1.2", dst="172.16.1.100")/ TCP(dport = 80, flags="S") / 
> Raw(b"X"*64)
> +p = IP(src="192.168.1.2", dst="172.16.1.100") / TCP(dport = 80, flags="S") / 
> Raw(b"X"*64)
>  send (p, iface='sw01', loop = 0, verbose = 0, count = 100)
>  EOF
>  
> -sleep 2
> -kill $(pidof tcpdump)
> -
>  # 1pps + 1 burst size
>  OVS_WAIT_UNTIL([
>      n_arp=$(grep ARP arp.pcap | wc -l)
>      test "${n_arp}" = "2"
>  ])
> +kill $(pidof tcpdump)
> +
> +check ovn-nbctl meter-add icmp-meter drop 1 pktps 0
> +check ovn-nbctl --wait=hv lr-copp-add R1 icmp4-error icmp-meter
> +AT_CHECK([ovn-nbctl lr-copp-list R1 |grep icmp4-error], [0], [dnl
> +icmp4-error: icmp-meter
> +])
> +
> +NS_EXEC([sw01], [tcpdump -l -n -i sw01 icmp > icmp.pcap &])
> +ip netns exec sw01 scapy -H <<-EOF
> +p = IP(src="192.168.1.2", dst="172.16.1.100", ttl=1) / TCP(dport = 8080, 
> flags="S") / Raw(b"X"*64)
> +send (p, iface='sw01', loop = 0, verbose = 0, count = 100)
> +EOF
> +
> +# 1pps + 1 burst size
> +OVS_WAIT_UNTIL([
> +    n_icmp=$(grep ICMP icmp.pcap | wc -l)
> +    test "${n_icmp}" = "2"
> +])
> +kill $(pidof tcpdump)
>  
>  kill $(pidof ovn-controller)
>  
> 
Acked-by: Mark D. Gray <[email protected]>

_______________________________________________
dev mailing list
[email protected]
https://mail.openvswitch.org/mailman/listinfo/ovs-dev

Reply via email to