# 3 hypervisors, one logical switch, 3 logical ports per hypervisor
AT_SETUP([ovn -- 3 HVs, 1 LS, 3 lports/HV])
+AT_KEYWORDS([ovnarp])
AT_SKIP_IF([test $HAVE_PYTHON = no])
ovn_start
ovs-vsctl add-port br-int vif$i$j -- set Interface vif$i$j external-ids:iface-id=lp$i$j options:tx_pcap=hv$i/vif$i$j-tx.pcap options:rxq_pcap=hv$i/vif$i$j-rx.pcap ofport-request=$i$j
ovn-nbctl lport-add lsw0 lp$i$j
if test $j = 1; then
- ovn-nbctl lport-set-addresses lp$i$j f0:00:00:00:00:$i$j unknown
+ ovn-nbctl lport-set-addresses lp$i$j "f0:00:00:00:00:$i$j 192.168.0.$i$j" unknown
else
- ovn-nbctl lport-set-addresses lp$i$j f0:00:00:00:00:$i$j
+ ovn-nbctl lport-set-addresses lp$i$j "f0:00:00:00:00:$i$j 192.168.0.$i$j"
ovn-nbctl lport-set-port-security lp$i$j f0:00:00:00:00:$i$j
fi
done
sleep 1
ovn-sbctl dump-flows -- list multicast_group
+# Given the name of a logical port, prints the name of the hypervisor
+# on which it is located.
+vif_to_hv() {
+ echo hv${1%?}
+}
+
# test_packet INPORT DST SRC ETHTYPE OUTPORT...
#
# This shell function causes a packet to be received on INPORT. The packet's
done
test_packet() {
local inport=$1 packet=$2$3$4; shift; shift; shift; shift
- hv=hv`echo $inport | sed 's/^\(.\).*/\1/'`
+ hv=`vif_to_hv $inport`
vif=vif$inport
as $hv ovs-appctl netdev-dummy/receive $vif $packet
for outport; do
done
}
+# test_arp INPORT SHA SPA TPA [REPLY_HA]
+#
+# Causes a packet to be received on INPORT. The packet is an ARP
+# request with SHA, SPA, and TPA as specified. If REPLY_HA is provided, then
+# it should be the hardware address of the target to expect to receive in an
+# ARP reply; otherwise no reply is expected.
+#
+# INPORT is an lport number, e.g. 11 for vif11.
+# SHA and REPLY_HA are each 12 hex digits.
+# SPA and TPA are each 8 hex digits.
+test_arp() {
+ local inport=$1 sha=$2 spa=$3 tpa=$4 reply_ha=$5
+ local request=ffffffffffff${sha}08060001080006040001${sha}${spa}ffffffffffff${tpa}
+ hv=`vif_to_hv $inport`
+ as $hv ovs-appctl netdev-dummy/receive vif$inport $request
+
+ if test X$reply_ha == X; then
+ # Expect to receive the broadcast ARP on the other logical switch ports
+ # if no reply is expected.
+ local i j
+ for i in 1 2 3; do
+ for j in 1 2 3; do
+ if test $i$j != $inport; then
+ echo $request >> $i$j.expected
+ fi
+ done
+ done
+ else
+ # Expect to receive the reply, if any.
+ local reply=${sha}${reply_ha}08060001080006040002${reply_ha}${tpa}${sha}${spa}
+ echo $reply >> $inport.expected
+ fi
+}
+
+ip_to_hex() {
+ printf "%02x%02x%02x%02x" "$@"
+}
+
# Send packets between all pairs of source and destination ports:
#
# 1. Unicast packets are delivered to exactly one lport (except that packets
# 7. The lswitch drops unicast packets that violate an ACL.
#
# 8. The lswitch drops multicast and broadcast packets that violate an ACL.
+#
+# 9. ARP requests to known IPs are responded directly.
+#
+# 10. No response to ARP requests for unknown IPs.
for is in 1 2 3; do
for js in 1 2 3; do
s=$is$js
bcast="$bcast $unicast"
bacl2="$bacl2 $acl2"
bacl3="$bacl3 $acl3"
+
+ sip=`ip_to_hex 192 168 0 $i$j`
+ tip=`ip_to_hex 192 168 0 $id$jd`
+ tip_unknown=`ip_to_hex 11 11 11 11`
+ test_arp $s f000000000$s $sip $tip f000000000$d #9
+ test_arp $s f000000000$s $sip $tip_unknown #10
done
done
file=hv$i/vif$i$j-tx.pcap
echo $file
$PYTHON "$top_srcdir/utilities/ovs-pcap.in" $file | trim_zeros > $i$j.packets
- cp $i$j.expected expout
- AT_CHECK([cat $i$j.packets], [0], [expout])
+ sort $i$j.expected > expout
+ AT_CHECK([sort $i$j.packets], [0], [expout])
echo
done
done
file=hv$i/vif$i-tx.pcap
echo $file
$PYTHON "$top_srcdir/utilities/ovs-pcap.in" $file | trim_zeros > $i.packets
- cp $i.expected expout
- AT_CHECK([cat $i.packets], [0], [expout])
+ sort $i.expected > expout
+ AT_CHECK([sort $i.packets], [0], [expout])
echo
done
AT_CLEANUP
done
done
+ovn-nbctl set Logical_Port lrp33-attachment \
+ addresses='"00:00:00:00:ff:33 192.168.33.254"'
+
# Physical network:
#
# Three hypervisors hv[123].
test_ip() {
# This packet has bad checksums but logical L3 routing doesn't check.
local inport=$1 src_mac=$2 dst_mac=$3 src_ip=$4 dst_ip=$5
- local packet=$3$208004500001c0000000040110000$4$50035111100080000
+ local packet=${dst_mac}${src_mac}08004500001c0000000040110000${src_ip}${dst_ip}0035111100080000
shift; shift; shift; shift; shift
hv=hv`vif_to_hv $inport`
as $hv ovs-appctl netdev-dummy/receive vif$inport $packet
as $hv ovs-appctl netdev-dummy/receive vif$inport $request
#as $hv ovs-appctl ofproto/trace br-int in_port=$inport $request
- # Expect to receive the broadcast ARP on the other logical switch ports.
- # (OVN should probably suppress these.)
+ # Expect to receive the broadcast ARP on the other logical switch ports if
+ # IP address is not configured to the lswitch patch port.
local i=`vif_to_ls $inport`
local j k
for j in 1 2 3; do
for k in 1 2 3; do
- if test $i$j$k != $inport; then
+ # 192.168.33.254 is configured to the lswtich patch port for lrp33,
+ # so no ARP flooding expected for it.
+ if test $i$j$k != $inport && test $tpa != `ip_to_hex 192 168 33 254`; then
echo $request >> $i$j$k.expected
fi
done
file=hv`vif_to_hv $i$j$k`/vif$i$j$k-tx.pcap
echo $file
$PYTHON "$top_srcdir/utilities/ovs-pcap.in" $file | trim_zeros > $i$j$k.packets
- cp $i$j$k.expected expout
- AT_CHECK([cat $i$j$k.packets], [0], [expout])
+ sort $i$j$k.expected > expout
+ AT_CHECK([sort $i$j$k.packets], [0], [expout])
echo
done
done