3 # usage: /bin/bash linux_test4.sh <ipsec_mode>
4 # for list of available modes please refer to run_test.sh.
5 # ipsec-secgw (IPv4 mode) functional test script.
7 # Note that for most of them you required appropriate crypto PMD/device
9 # Also user has to setup properly the following environment variables:
10 # SGW_PATH - path to the ipsec-secgw binary to test
11 # REMOTE_HOST - ip/hostname of the DUT
12 # REMOTE_IFACE - iface name for the test-port on DUT
13 # ETH_DEV - ethernet device to be used on SUT by DPDK ('-w <pci-id>')
14 # Also user can optonally setup:
15 # SGW_LCORE - lcore to run ipsec-secgw on (default value is 0)
16 # CRYPTO_DEV - crypto device to be used ('-w <pci-id>')
17 # if none specified appropriate vdevs will be created by the scrit
18 # MULTI_SEG_TEST - ipsec-secgw option to enable reassembly support and
19 # specify size of reassembly table (i.e. MULTI_SEG_TEST="--reassemble 128")
21 # The purpose of the script is to automate ipsec-secgw testing
22 # using another system running linux as a DUT.
23 # It expects that SUT and DUT are connected through at least 2 NICs.
24 # One NIC is expected to be managed by linux both machines,
25 # and will be used as a control path
26 # Make sure user from SUT can ssh to DUT without entering password.
27 # Second NIC (test-port) should be reserved for DPDK on SUT,
28 # and should be managed by linux on DUT.
29 # The script starts ipsec-secgw with 2 NIC devices: test-port and tap vdev.
30 # Then configures local tap iface and remote iface and ipsec policies
31 # in the following way:
32 # traffic going over test-port in both directions has to be
34 # raffic going over TAP in both directions doesn't have to be protected.
36 # DUT OS(NIC1)--(ipsec)-->(NIC1)ipsec-secgw(TAP)--(plain)-->(TAP)SUT OS
37 # SUT OS(TAP)--(plain)-->(TAP)psec-secgw(NIC1)--(ipsec)-->(NIC1)DUT OS
38 # Then tries to perorm some data transfer using the scheme decribed above.
44 . ${DIR}/common_defs.sh
45 . ${DIR}/${MODE}_defs.sh
47 #make linux to generate fragmented packets
48 if [[ -n "${MULTI_SEG_TEST}" && -n "${SGW_CMD_XPRM}" ]]; then
49 echo "multi-segment test is enabled"
50 SGW_CMD_XPRM="${SGW_CMD_XPRM} ${MULTI_SEG_TEST}"
54 PING_LEN=${DEF_PING_LEN}
55 MTU_LEN=${DEF_MTU_LEN}
68 set_local_mtu ${MTU_LEN}
69 ping_test1 ${REMOTE_IPV4} 0 ${PING_LEN}
71 if [[ $st -eq 0 ]]; then
72 set_local_mtu ${DEF_MTU_LEN}
73 scp_test1 ${REMOTE_IPV4}