From d06fe6ea67a89b2ffd942fee087d48171c7f06f9 Mon Sep 17 00:00:00 2001 From: Konstantin Ananyev Date: Wed, 26 Jun 2019 00:16:48 +0100 Subject: [PATCH] examples/ipsec-secgw: add multi-segment test cases Enhance test scripts to support fragmentation/reassemble functionality. Signed-off-by: Konstantin Ananyev --- examples/ipsec-secgw/test/common_defs.sh | 18 +++++++++++++++--- examples/ipsec-secgw/test/data_rxtx.sh | 18 ++++++++++-------- examples/ipsec-secgw/test/linux_test4.sh | 17 ++++++++++++++++- examples/ipsec-secgw/test/linux_test6.sh | 17 ++++++++++++++++- examples/ipsec-secgw/test/run_test.sh | 5 ++++- 5 files changed, 61 insertions(+), 14 deletions(-) diff --git a/examples/ipsec-secgw/test/common_defs.sh b/examples/ipsec-secgw/test/common_defs.sh index 63ad5415dd..09689af78b 100644 --- a/examples/ipsec-secgw/test/common_defs.sh +++ b/examples/ipsec-secgw/test/common_defs.sh @@ -35,10 +35,24 @@ LOCAL_IPV6=fd12:3456:789a:0031:0000:0000:0000:0092 DPDK_PATH=${RTE_SDK:-${PWD}} DPDK_BUILD=${RTE_TARGET:-x86_64-native-linux-gcc} +# by default ipsec-secgw can't deal with multi-segment packets +# make sure our local/remote host wouldn't generate fragmented packets +# if reassmebly option is not enabled +DEF_MTU_LEN=1400 +DEF_PING_LEN=1200 + +#setup mtu on local iface +set_local_mtu() +{ + mtu=$1 + ifconfig ${LOCAL_IFACE} mtu ${mtu} + sysctl -w net.ipv6.conf.${LOCAL_IFACE}.mtu=${mtu} +} + # configure local host/ifaces config_local_iface() { - ifconfig ${LOCAL_IFACE} ${LOCAL_IPV4}/24 mtu 1400 up + ifconfig ${LOCAL_IFACE} ${LOCAL_IPV4}/24 up ifconfig ${LOCAL_IFACE} ip neigh flush dev ${LOCAL_IFACE} @@ -53,8 +67,6 @@ config6_local_iface() sysctl -w net.ipv6.conf.${LOCAL_IFACE}.disable_ipv6=0 ip addr add ${LOCAL_IPV6}/64 dev ${LOCAL_IFACE} - sysctl -w net.ipv6.conf.${LOCAL_IFACE}.mtu=1300 - ip -6 neigh add ${REMOTE_IPV6} dev ${LOCAL_IFACE} lladdr ${REMOTE_MAC} ip neigh show dev ${LOCAL_IFACE} } diff --git a/examples/ipsec-secgw/test/data_rxtx.sh b/examples/ipsec-secgw/test/data_rxtx.sh index f23a6d5942..9ba978a93c 100644 --- a/examples/ipsec-secgw/test/data_rxtx.sh +++ b/examples/ipsec-secgw/test/data_rxtx.sh @@ -5,14 +5,15 @@ TCP_PORT=22222 ping_test1() { dst=$1 + i=${2:-0} + end=${3:-1200} - i=0 st=0 - while [[ $i -ne 1200 && $st -eq 0 ]]; + while [[ $i -ne $end && $st -eq 0 ]]; do - let i++ - ping -c 1 -s ${i} ${dst} + ping -c 1 -s ${i} -M dont ${dst} st=$? + let i++ done if [[ $st -ne 0 ]]; then @@ -24,14 +25,15 @@ ping_test1() ping6_test1() { dst=$1 + i=${2:-0} + end=${3:-1200} - i=0 st=0 - while [[ $i -ne 1200 && $st -eq 0 ]]; + while [[ $i -ne $end && $st -eq 0 ]]; do - let i++ - ping6 -c 1 -s ${i} ${dst} + ping6 -c 1 -s ${i} -M dont ${dst} st=$? + let i++ done if [[ $st -ne 0 ]]; then diff --git a/examples/ipsec-secgw/test/linux_test4.sh b/examples/ipsec-secgw/test/linux_test4.sh index d636f56048..85efc5d906 100644 --- a/examples/ipsec-secgw/test/linux_test4.sh +++ b/examples/ipsec-secgw/test/linux_test4.sh @@ -15,6 +15,8 @@ # SGW_LCORE - lcore to run ipsec-secgw on (default value is 0) # CRYPTO_DEV - crypto device to be used ('-w ') # if none specified appropriate vdevs will be created by the scrit +# MULTI_SEG_TEST - ipsec-secgw option to enable reassembly support and +# specify size of reassembly table (i.e. MULTI_SEG_TEST="--reassemble 128") # # The purpose of the script is to automate ipsec-secgw testing # using another system running linux as a DUT. @@ -42,6 +44,17 @@ MODE=$1 . ${DIR}/common_defs.sh . ${DIR}/${MODE}_defs.sh +#make linux to generate fragmented packets +if [[ -n "${MULTI_SEG_TEST}" && -n "${SGW_CMD_XPRM}" ]]; then + echo "multi-segment test is enabled" + SGW_CMD_XPRM="${SGW_CMD_XPRM} ${MULTI_SEG_TEST}" + PING_LEN=5000 + MTU_LEN=1500 +else + PING_LEN=${DEF_PING_LEN} + MTU_LEN=${DEF_MTU_LEN} +fi + config_secgw secgw_start @@ -52,9 +65,11 @@ config_remote_xfrm . ${DIR}/data_rxtx.sh -ping_test1 ${REMOTE_IPV4} +set_local_mtu ${MTU_LEN} +ping_test1 ${REMOTE_IPV4} 0 ${PING_LEN} st=$? if [[ $st -eq 0 ]]; then + set_local_mtu ${DEF_MTU_LEN} scp_test1 ${REMOTE_IPV4} st=$? fi diff --git a/examples/ipsec-secgw/test/linux_test6.sh b/examples/ipsec-secgw/test/linux_test6.sh index e30f607d8c..c749dcef8e 100644 --- a/examples/ipsec-secgw/test/linux_test6.sh +++ b/examples/ipsec-secgw/test/linux_test6.sh @@ -15,6 +15,8 @@ # SGW_LCORE - lcore to run ipsec-secgw on (default value is 0) # CRYPTO_DEV - crypto device to be used ('-w ') # if none specified appropriate vdevs will be created by the scrit +# MULTI_SEG_TEST - ipsec-secgw option to enable reassembly support and +# specify size of reassembly table (i.e. MULTI_SEG_TEST="--reassemble 128") # # The purpose of the script is to automate ipsec-secgw testing # using another system running linux as a DUT. @@ -43,6 +45,17 @@ MODE=$1 . ${DIR}/common_defs.sh . ${DIR}/${MODE}_defs.sh +#make linux to generate fragmented packets +if [[ -n "${MULTI_SEG_TEST}" && -n "${SGW_CMD_XPRM}" ]]; then + echo "multi-segment test is enabled" + SGW_CMD_XPRM="${SGW_CMD_XPRM} ${MULTI_SEG_TEST}" + PING_LEN=5000 + MTU_LEN=1500 +else + PING_LEN=${DEF_PING_LEN} + MTU_LEN=${DEF_MTU_LEN} +fi + config_secgw secgw_start @@ -53,9 +66,11 @@ config6_remote_xfrm . ${DIR}/data_rxtx.sh -ping6_test1 ${REMOTE_IPV6} +set_local_mtu ${MTU_LEN} +ping6_test1 ${REMOTE_IPV6} 0 ${PING_LEN} st=$? if [[ $st -eq 0 ]]; then + set_local_mtu ${DEF_MTU_LEN} scp_test1 ${REMOTE_IPV6} st=$? fi diff --git a/examples/ipsec-secgw/test/run_test.sh b/examples/ipsec-secgw/test/run_test.sh index 4969effdb3..b8c9fcda5d 100755 --- a/examples/ipsec-secgw/test/run_test.sh +++ b/examples/ipsec-secgw/test/run_test.sh @@ -11,7 +11,10 @@ # SGW_LCORE - lcore to run ipsec-secgw on (default value is 0) # CRYPTO_DEV - crypto device to be used ('-w ') # if none specified appropriate vdevs will be created by the scrit -# refer to linux_test1.sh for more information +# MULTI_SEG_TEST - ipsec-secgw option to enable reassembly support and +# specify size of reassembly table (i.e. MULTI_SEG_TEST="--reassemble 128") +# refer to linux_test[4,6].sh for more information + # All supported modes to test. # naming convention: -- 2.20.1