Gitiles
Code Review Sign In
gerrit.opencord.org / cord-tester / 5db80d09ad89f7016715ead559c0b673e9fcfa2c / . / src / test / vsg / vsgTest.py
blob: b5f71705384dbf18fa1ced3067551ef85777e5ff [file] [log] [blame]
Chetan Gaonker52418832017-01-26 23:03:13 +0000[diff] [blame]1#copyright 2016-present Ciena Corporation
2#
3# Licensed under the Apache License, Version 2.0 (the "License");
4# you may not use this file except in compliance with the License.
5# You may obtain a copy of the License at
6#
7# http://www.apache.org/licenses/LICENSE-2.0
8#
9# Unless required by applicable law or agreed to in writing, software
10# distributed under the License is distributed on an "AS IS" BASIS,
11# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
12# See the License for the specific language governing permissions and
13# limitations under the License.
14#
A R Karthickd0fdf3b2017-03-21 16:54:22 -0700[diff] [blame]15import time
16import os
A.R Karthick282f0d32017-03-28 16:43:59 -0700[diff] [blame]17import sys
18import json
Chetan Gaonker0bf76312017-05-09 16:48:10 +0000[diff] [blame]19import requests
Chetan Gaonker52418832017-01-26 23:03:13 +0000[diff] [blame]20from nose.tools import *
Anil Kumar Sankaa357c6a2017-04-12 17:52:24 +0000[diff] [blame]21from twisted.internet import defer
22from nose.twistedtools import reactor, deferred
A.R Karthick33cfdbe2017-03-17 18:03:48 -0700[diff] [blame]23from CordTestUtils import *
Chetan Gaonker52418832017-01-26 23:03:13 +0000[diff] [blame]24from OltConfig import OltConfig
Chetan Gaonker52418832017-01-26 23:03:13 +0000[diff] [blame]25from onosclidriver import OnosCliDriver
A.R Karthick9ccd0d02017-03-16 17:11:08 -0700[diff] [blame]26from SSHTestAgent import SSHTestAgent
Chetan Gaonker52418832017-01-26 23:03:13 +0000[diff] [blame]27from CordLogger import CordLogger
A R Karthickd0fdf3b2017-03-21 16:54:22 -0700[diff] [blame]28from VSGAccess import VSGAccess
A R Karthick933f5b52017-03-27 15:27:16 -0700[diff] [blame]29from CordTestUtils import log_test as log
A R Karthick19771192017-04-25 14:57:05 -0700[diff] [blame]30from CordTestConfig import setup_module, running_on_ciab
A.R Karthicka9b594d2017-03-29 16:25:22 -0700[diff] [blame]31from OnosCtrl import OnosCtrl
A R Karthickb608d402017-06-02 11:48:41 -0700[diff] [blame]32from CordContainer import Onos
Chetan Gaonker52418832017-01-26 23:03:13 +0000[diff] [blame]33log.setLevel('INFO')
34
35class vsg_exchange(CordLogger):
36 ONOS_INSTANCES = 3
37 V_INF1 = 'veth0'
38 device_id = 'of:' + get_mac()
Chetan Gaonker52418832017-01-26 23:03:13 +0000[diff] [blame]39 TEST_IP = '8.8.8.8'
40 HOST = "10.1.0.1"
41 USER = "vagrant"
42 PASS = "vagrant"
A R Karthick63751492017-03-22 09:28:01 -0700[diff] [blame]43 head_node = os.getenv('HEAD_NODE', 'prod')
A.R Karthick9ccd0d02017-03-16 17:11:08 -0700[diff] [blame]44 HEAD_NODE = head_node + '.cord.lab' if len(head_node.split('.')) == 1 else head_node
A R Karthick03f40aa2017-03-20 19:33:55 -0700[diff] [blame]45 test_path = os.path.dirname(os.path.realpath(__file__))
A.R Karthick5968e0d2017-05-16 14:50:46 -0700[diff] [blame]46 olt_conf_file = os.getenv('OLT_CONFIG_FILE', os.path.join(test_path, '..', 'setup/olt_config.json'))
A.R Karthick282f0d32017-03-28 16:43:59 -0700[diff] [blame]47 restApiXos = None
A R Karthick0a4ca3a2017-03-30 09:36:53 -0700[diff] [blame]48 subscriber_account_num = 200
49 subscriber_s_tag = 304
50 subscriber_c_tag = 304
51 subscribers_per_s_tag = 8
52 subscriber_map = {}
A R Karthickb0cec7c2017-04-21 10:42:54 -0700[diff] [blame]53 subscriber_info = []
54 volt_subscriber_info = []
A R Karthick9a16a112017-04-07 15:40:05 -0700[diff] [blame]55 restore_methods = []
Anil Kumar Sankaa357c6a2017-04-12 17:52:24 +0000[diff] [blame]56 TIMEOUT=120
A.R Karthickb145da82017-04-20 14:45:43 -0700[diff] [blame]57 FABRIC_PORT_HEAD_NODE = 1
58 FABRIC_PORT_COMPUTE_NODE = 2
59 APP_NAME = 'org.ciena.xconnect'
60 APP_FILE = os.path.join(test_path, '..', 'apps/xconnect-1.0-SNAPSHOT.oar')
A.R Karthick50f4d9a2017-04-20 16:44:19 -0700[diff] [blame]61 NUM_SUBSCRIBERS = 5
A R Karthick0a4ca3a2017-03-30 09:36:53 -0700[diff] [blame]62
63 @classmethod
64 def getSubscriberCredentials(cls, subId):
65 """Generate our own account num, s_tag and c_tags"""
66 if subId in cls.subscriber_map:
67 return cls.subscriber_map[subId]
68 account_num = cls.subscriber_account_num
69 cls.subscriber_account_num += 1
70 s_tag, c_tag = cls.subscriber_s_tag, cls.subscriber_c_tag
71 cls.subscriber_c_tag += 1
72 if cls.subscriber_c_tag % cls.subscribers_per_s_tag == 0:
73 cls.subscriber_s_tag += 1
74 cls.subscriber_map[subId] = account_num, s_tag, c_tag
75 return cls.subscriber_map[subId]
A.R Karthick282f0d32017-03-28 16:43:59 -0700[diff] [blame]76
77 @classmethod
A.R Karthicka9b594d2017-03-29 16:25:22 -0700[diff] [blame]78 def getXosCredentials(cls):
79 onos_cfg = OnosCtrl.get_config()
80 if onos_cfg is None:
81 return None
82 if 'apps' in onos_cfg and \
83 'org.opencord.vtn' in onos_cfg['apps'] and \
84 'cordvtn' in onos_cfg['apps']['org.opencord.vtn'] and \
85 'xos' in onos_cfg['apps']['org.opencord.vtn']['cordvtn']:
86 xos_cfg = onos_cfg['apps']['org.opencord.vtn']['cordvtn']['xos']
87 endpoint = xos_cfg['endpoint']
88 user = xos_cfg['user']
89 password = xos_cfg['password']
90 xos_endpoints = endpoint.split(':')
91 xos_host = xos_endpoints[1][len('//'):]
92 xos_port = xos_endpoints[2][:-1]
93 #log.info('xos_host: %s, port: %s, user: %s, password: %s' %(xos_host, xos_port, user, password))
94 return dict(host = xos_host, port = xos_port, user = user, password = password)
95
96 return None
97
98 @classmethod
A.R Karthick50f4d9a2017-04-20 16:44:19 -0700[diff] [blame]99 def getSubscriberConfig(cls, num_subscribers):
100 features = {
101 'cdn': True,
102 'uplink_speed': 1000000000,
103 'downlink_speed': 1000000000,
104 'uverse': True,
105 'status': 'enabled'
106 }
107 subscriber_map = []
108 for i in xrange(num_subscribers):
109 subId = 'sub{}'.format(i)
110 account_num, _, _ = cls.getSubscriberCredentials(subId)
111 identity = { 'account_num' : str(account_num),
112 'name' : 'My House {}'.format(i)
113 }
114 sub_info = { 'features' : features,
115 'identity' : identity
116 }
117 subscriber_map.append(sub_info)
118
119 return subscriber_map
120
121 @classmethod
122 def getVoltSubscriberConfig(cls, num_subscribers):
123 voltSubscriberMap = []
124 for i in xrange(num_subscribers):
125 subId = 'sub{}'.format(i)
126 account_num, s_tag, c_tag = cls.getSubscriberCredentials(subId)
127 voltSubscriberInfo = {}
128 voltSubscriberInfo['voltTenant'] = dict(s_tag = str(s_tag),
129 c_tag = str(c_tag),
130 subscriber = '')
131 voltSubscriberInfo['account_num'] = account_num
132 voltSubscriberMap.append(voltSubscriberInfo)
133
134 return voltSubscriberMap
135
136 @classmethod
A.R Karthick282f0d32017-03-28 16:43:59 -0700[diff] [blame]137 def setUpCordApi(cls):
138 our_path = os.path.dirname(os.path.realpath(__file__))
139 cord_api_path = os.path.join(our_path, '..', 'cord-api')
140 framework_path = os.path.join(cord_api_path, 'Framework')
141 utils_path = os.path.join(framework_path, 'utils')
142 data_path = os.path.join(cord_api_path, 'Tests', 'data')
143 subscriber_cfg = os.path.join(data_path, 'Subscriber.json')
144 volt_tenant_cfg = os.path.join(data_path, 'VoltTenant.json')
A R Karthick035d2e22017-04-25 13:53:00 -0700[diff] [blame]145 num_subscribers = max(cls.NUM_SUBSCRIBERS, 5)
146 cls.subscriber_info = cls.getSubscriberConfig(num_subscribers)
147 cls.volt_subscriber_info = cls.getVoltSubscriberConfig(num_subscribers)
A.R Karthick282f0d32017-03-28 16:43:59 -0700[diff] [blame]148
149 sys.path.append(utils_path)
150 sys.path.append(framework_path)
151 from restApi import restApi
152 restApiXos = restApi()
A.R Karthicka9b594d2017-03-29 16:25:22 -0700[diff] [blame]153 xos_credentials = cls.getXosCredentials()
154 if xos_credentials is None:
155 restApiXos.controllerIP = cls.HEAD_NODE
156 restApiXos.controllerPort = '9000'
157 else:
158 restApiXos.controllerIP = xos_credentials['host']
159 restApiXos.controllerPort = xos_credentials['port']
160 restApiXos.user = xos_credentials['user']
161 restApiXos.password = xos_credentials['password']
A.R Karthick282f0d32017-03-28 16:43:59 -0700[diff] [blame]162 cls.restApiXos = restApiXos
Chetan Gaonker52418832017-01-26 23:03:13 +0000[diff] [blame]163
A.R Karthick33cfdbe2017-03-17 18:03:48 -0700[diff] [blame]164 @classmethod
A R Karthick97e08852017-04-26 10:06:38 -0700[diff] [blame]165 def getVoltId(cls, result, subId):
166 if type(result) is not type([]):
167 return None
168 for tenant in result:
169 if str(tenant['subscriber']) == str(subId):
170 return str(tenant['id'])
171 return None
172
173 @classmethod
A R Karthickb0cec7c2017-04-21 10:42:54 -0700[diff] [blame]174 def closeVCPEAccess(cls, volt_subscriber_info):
A R Karthick5d30b3c2017-04-27 10:25:40 -0700[diff] [blame]175 OnosCtrl.uninstall_app(cls.APP_NAME, onos_ip = cls.HEAD_NODE)
A.R Karthickb145da82017-04-20 14:45:43 -0700[diff] [blame]176
177 @classmethod
A R Karthickb0cec7c2017-04-21 10:42:54 -0700[diff] [blame]178 def openVCPEAccess(cls, volt_subscriber_info):
A.R Karthickb145da82017-04-20 14:45:43 -0700[diff] [blame]179 """
A R Karthickb0cec7c2017-04-21 10:42:54 -0700[diff] [blame]180 This code is used to configure leaf switch for head node access to compute node over fabric.
181 Care is to be taken to avoid overwriting existing/default vcpe flows.
182 The access is opened for generated subscriber info which should not overlap.
183 We target the fabric onos instance on head node.
A.R Karthickb145da82017-04-20 14:45:43 -0700[diff] [blame]184 """
A R Karthickb608d402017-06-02 11:48:41 -0700[diff] [blame]185 version = Onos.getVersion(onos_ip = cls.HEAD_NODE)
186 app_version = '1.0-SNAPSHOT'
187 major = int(version.split('.')[0])
188 minor = int(version.split('.')[1])
189 if major > 1:
190 app_version = '2.0-SNAPSHOT'
191 elif major == 1 and minor > 10:
192 app_version = '2.0-SNAPSHOT'
193 cls.APP_FILE = os.path.join(cls.test_path, '..', 'apps/xconnect-{}.oar'.format(app_version))
A.R Karthickb145da82017-04-20 14:45:43 -0700[diff] [blame]194 OnosCtrl.install_app(cls.APP_FILE, onos_ip = cls.HEAD_NODE)
195 time.sleep(2)
A R Karthickb0cec7c2017-04-21 10:42:54 -0700[diff] [blame]196 s_tags = map(lambda tenant: int(tenant['voltTenant']['s_tag']), volt_subscriber_info)
197 #only get unique vlan tags
198 s_tags = list(set(s_tags))
A.R Karthickb145da82017-04-20 14:45:43 -0700[diff] [blame]199 devices = OnosCtrl.get_device_ids(controller = cls.HEAD_NODE)
A R Karthickb0cec7c2017-04-21 10:42:54 -0700[diff] [blame]200 if devices:
201 device_config = {}
202 for device in devices:
203 device_config[device] = []
204 for s_tag in s_tags:
205 xconnect_config = {'vlan': s_tag, 'ports' : [ cls.FABRIC_PORT_HEAD_NODE, cls.FABRIC_PORT_COMPUTE_NODE ] }
206 device_config[device].append(xconnect_config)
A.R Karthickb145da82017-04-20 14:45:43 -0700[diff] [blame]207
A R Karthickb0cec7c2017-04-21 10:42:54 -0700[diff] [blame]208 cfg = { 'apps' : { 'org.ciena.xconnect' : { 'xconnectTestConfig' : device_config } } }
209 OnosCtrl.config(cfg, controller = cls.HEAD_NODE)
A.R Karthickb145da82017-04-20 14:45:43 -0700[diff] [blame]210
211 @classmethod
A.R Karthick33cfdbe2017-03-17 18:03:48 -0700[diff] [blame]212 def setUpClass(cls):
213 cls.controllers = get_controllers()
214 cls.controller = cls.controllers[0]
215 cls.cli = None
A R Karthick19771192017-04-25 14:57:05 -0700[diff] [blame]216 cls.on_pod = running_on_pod()
217 cls.on_ciab = running_on_ciab()
A R Karthick03f40aa2017-03-20 19:33:55 -0700[diff] [blame]218 cls.olt = OltConfig(olt_conf_file = cls.olt_conf_file)
219 cls.vcpes = cls.olt.get_vcpes()
220 cls.vcpes_dhcp = cls.olt.get_vcpes_by_type('dhcp')
A R Karthick035d2e22017-04-25 13:53:00 -0700[diff] [blame]221 cls.vcpes_reserved = cls.olt.get_vcpes_by_type('reserved')
222 cls.dhcp_vcpes_reserved = [ 'vcpe{}.{}.{}'.format(i, cls.vcpes_reserved[i]['s_tag'], cls.vcpes_reserved[i]['c_tag'])
223 for i in xrange(len(cls.vcpes_reserved)) ]
224 cls.untagged_dhcp_vcpes_reserved = [ 'vcpe{}'.format(i) for i in xrange(len(cls.vcpes_reserved)) ]
225 cls.container_vcpes_reserved = [ 'vcpe-{}-{}'.format(vcpe['s_tag'], vcpe['c_tag']) for vcpe in cls.vcpes_reserved ]
226 vcpe_dhcp_reserved = None
227 vcpe_container_reserved = None
228 if cls.vcpes_reserved:
229 vcpe_dhcp_reserved = cls.dhcp_vcpes_reserved[0]
A R Karthick19771192017-04-25 14:57:05 -0700[diff] [blame]230 if cls.on_pod is False:
A R Karthick035d2e22017-04-25 13:53:00 -0700[diff] [blame]231 vcpe_dhcp_reserved = cls.untagged_dhcp_vcpes_reserved[0]
232 vcpe_container_reserved = cls.container_vcpes_reserved[0]
233
234 cls.vcpe_dhcp_reserved = vcpe_dhcp_reserved
235 cls.vcpe_container_reserved = vcpe_container_reserved
236 dhcp_vcpe_offset = len(cls.vcpes_reserved)
A R Karthick927129c2017-04-25 14:08:02 -0700[diff] [blame]237 cls.dhcp_vcpes = [ 'vcpe{}.{}.{}'.format(i+dhcp_vcpe_offset, cls.vcpes_dhcp[i]['s_tag'], cls.vcpes_dhcp[i]['c_tag'])
238 for i in xrange(len(cls.vcpes_dhcp)) ]
239 cls.untagged_dhcp_vcpes = [ 'vcpe{}'.format(i+dhcp_vcpe_offset) for i in xrange(len(cls.vcpes_dhcp)) ]
240 cls.container_vcpes = [ 'vcpe-{}-{}'.format(vcpe['s_tag'], vcpe['c_tag']) for vcpe in cls.vcpes_dhcp ]
A R Karthick03f40aa2017-03-20 19:33:55 -0700[diff] [blame]241 vcpe_dhcp = None
A R Karthick03f40aa2017-03-20 19:33:55 -0700[diff] [blame]242 vcpe_container = None
243 #cache the first dhcp vcpe in the class for quick testing
244 if cls.vcpes_dhcp:
A R Karthick035d2e22017-04-25 13:53:00 -0700[diff] [blame]245 vcpe_container = cls.container_vcpes[0]
246 vcpe_dhcp = cls.dhcp_vcpes[0]
A R Karthick19771192017-04-25 14:57:05 -0700[diff] [blame]247 if cls.on_pod is False:
A R Karthick035d2e22017-04-25 13:53:00 -0700[diff] [blame]248 vcpe_dhcp = cls.untagged_dhcp_vcpes[0]
249 cls.vcpe_container = vcpe_container_reserved or vcpe_container
250 cls.vcpe_dhcp = vcpe_dhcp_reserved or vcpe_dhcp
A R Karthickd0fdf3b2017-03-21 16:54:22 -0700[diff] [blame]251 VSGAccess.setUp()
A.R Karthick282f0d32017-03-28 16:43:59 -0700[diff] [blame]252 cls.setUpCordApi()
A R Karthick19771192017-04-25 14:57:05 -0700[diff] [blame]253 if cls.on_pod is True:
A R Karthickb0cec7c2017-04-21 10:42:54 -0700[diff] [blame]254 cls.openVCPEAccess(cls.volt_subscriber_info)
Chetan Gaonker52418832017-01-26 23:03:13 +0000[diff] [blame]255
A.R Karthick33cfdbe2017-03-17 18:03:48 -0700[diff] [blame]256 @classmethod
257 def tearDownClass(cls):
A R Karthickd0fdf3b2017-03-21 16:54:22 -0700[diff] [blame]258 VSGAccess.tearDown()
A R Karthick19771192017-04-25 14:57:05 -0700[diff] [blame]259 if cls.on_pod is True:
A R Karthickb0cec7c2017-04-21 10:42:54 -0700[diff] [blame]260 cls.closeVCPEAccess(cls.volt_subscriber_info)
Chetan Gaonker52418832017-01-26 23:03:13 +0000[diff] [blame]261
Chetan Gaonker52418832017-01-26 23:03:13 +0000[diff] [blame]262 def onos_shutdown(self, controller = None):
263 status = True
A R Karthickb608d402017-06-02 11:48:41 -0700[diff] [blame]264 cli = Onos.cliEnter(onos_ip = controller)
Chetan Gaonker52418832017-01-26 23:03:13 +0000[diff] [blame]265 try:
A R Karthickb608d402017-06-02 11:48:41 -0700[diff] [blame]266 cli.shutdown(timeout = 10)
Chetan Gaonker52418832017-01-26 23:03:13 +0000[diff] [blame]267 except:
268 log.info('Graceful shutdown of ONOS failed for controller: %s' %controller)
269 status = False
270
A R Karthickb608d402017-06-02 11:48:41 -0700[diff] [blame]271 Onos.cliExit(cli)
Chetan Gaonker52418832017-01-26 23:03:13 +0000[diff] [blame]272 return status
273
A.R Karthick9ccd0d02017-03-16 17:11:08 -0700[diff] [blame]274 def log_set(self, level = None, app = 'org.onosproject'):
275 CordLogger.logSet(level = level, app = app, controllers = self.controllers, forced = True)
Chetan Gaonker52418832017-01-26 23:03:13 +0000[diff] [blame]276
A R Karthick9a16a112017-04-07 15:40:05 -0700[diff] [blame]277 @classmethod
278 def get_dhcp(cls, vcpe, mgmt = 'eth0'):
279 """Get DHCP for vcpe interface saving management settings"""
280
281 def put_dhcp():
282 VSGAccess.restore_interface_config(mgmt, vcpe = vcpe)
283
284 vcpe_ip = VSGAccess.vcpe_get_dhcp(vcpe, mgmt = mgmt)
285 if vcpe_ip is not None:
286 cls.restore_methods.append(put_dhcp)
287 return vcpe_ip
288
289 @classmethod
290 def config_restore(cls):
291 """Restore the vsg test configuration on test case failures"""
292 for restore_method in cls.restore_methods:
293 restore_method()
294
Anil Kumar Sanka72755c92017-04-06 17:19:02 +0000[diff] [blame]295 def get_vsg_vcpe_pair(self):
296 vcpes = self.vcpes_dhcp
297 vcpe_containers = []
298 vsg_vcpe = {}
299 for vcp in vcpes:
300 vcpe_container = 'vcpe-{}-{}'.format(vcp['s_tag'], vcp['c_tag'])
301 vcpe_containers.append(vcpe_container)
302 vsg = VSGAccess.get_vcpe_vsg(vcpe_container)
303 vsg_vcpe[vcpe_container]=str(vsg.get_ip())
304 return vsg_vcpe
305
Anil Kumar Sanka5fa8d8b2017-04-18 22:01:48 +0000[diff] [blame]306 def get_vcpe_containers_and_interfaces(self):
307 vcpe_containers = {}
308 vcpe_interfaces = []
309 vcpes = self.vcpes_dhcp
310 count = 0
311 for vcpe in vcpes:
312 vcpe_intf = 'vcpe{}.{}.{}'.format(count,vcpe['s_tag'],vcpe['c_tag'])
313 vcpe_interfaces.append(vcpe_intf)
314 vcpe_container = 'vcpe-{}-{}'.format(vcpe['s_tag'], vcpe['c_tag'])
315 vcpe_containers[vcpe_intf] = vcpe_container
316 count += 1
317 log.info('vcpe interfaces are %s'%vcpe_interfaces)
318 log.info('vcpe containers are %s'%vcpe_containers)
319 return vcpe_interfaces,vcpe_containers
320
321 def get_vcpe_interface_dhcp_ip(self,vcpe=None):
322 if not vcpe:
Anil Kumar Sanka5db80d02017-06-02 21:10:19 +0000[diff] [blame^]323 vcpe = self.dhcp_vcpes_reserved[0]
Anil Kumar Sanka5fa8d8b2017-04-18 22:01:48 +0000[diff] [blame]324 st, _ = getstatusoutput('dhclient {}'.format(vcpe))
325 vcpe_ip = get_ip(vcpe)
326 return vcpe_ip
327
328 def release_vcpe_interface_dhcp_ip(self,vcpe=None):
329 if not vcpe:
Anil Kumar Sanka5db80d02017-06-02 21:10:19 +0000[diff] [blame^]330 vcpe = self.dhcp_vcpes_reserved[0]
Anil Kumar Sanka5fa8d8b2017-04-18 22:01:48 +0000[diff] [blame]331 st, _ = getstatusoutput('dhclient {} -r'.format(vcpe))
332 vcpe_ip = get_ip(vcpe)
333 assert_equal(vcpe_ip, None)
334
335 def add_static_route_via_vcpe_interface(self, routes, vcpe=None,dhcp_ip=True):
Anil Kumar Sankaa357c6a2017-04-12 17:52:24 +0000[diff] [blame]336 if not vcpe:
Anil Kumar Sanka5db80d02017-06-02 21:10:19 +0000[diff] [blame^]337 vcpe = self.dhcp_vcpes_reserved[0]
Anil Kumar Sanka5fa8d8b2017-04-18 22:01:48 +0000[diff] [blame]338 if dhcp_ip:
A R Karthick035d2e22017-04-25 13:53:00 -0700[diff] [blame]339 os.system('dhclient '+vcpe)
Anil Kumar Sanka5fa8d8b2017-04-18 22:01:48 +0000[diff] [blame]340 time.sleep(1)
Anil Kumar Sankaa357c6a2017-04-12 17:52:24 +0000[diff] [blame]341 for route in routes:
A R Karthick035d2e22017-04-25 13:53:00 -0700[diff] [blame]342 log.info('route is %s'%route)
343 cmd = 'ip route add ' + route + ' via 192.168.0.1 '+ 'dev ' + vcpe
A R Karthick035d2e22017-04-25 13:53:00 -0700[diff] [blame]344 os.system(cmd)
Anil Kumar Sankaa357c6a2017-04-12 17:52:24 +0000[diff] [blame]345 return True
346
Anil Kumar Sanka5fa8d8b2017-04-18 22:01:48 +0000[diff] [blame]347 def del_static_route_via_vcpe_interface(self,routes,vcpe=None,dhcp_release=True):
Anil Kumar Sankaa357c6a2017-04-12 17:52:24 +0000[diff] [blame]348 if not vcpe:
Anil Kumar Sanka5db80d02017-06-02 21:10:19 +0000[diff] [blame^]349 vcpe = self.dhcp_vcpes_reserved[0]
Anil Kumar Sankaa357c6a2017-04-12 17:52:24 +0000[diff] [blame]350 cmds = []
351 for route in routes:
A R Karthick035d2e22017-04-25 13:53:00 -0700[diff] [blame]352 cmd = 'ip route del ' + route + ' via 192.168.0.1 ' + 'dev ' + vcpe
353 os.system(cmd)
Anil Kumar Sanka5fa8d8b2017-04-18 22:01:48 +0000[diff] [blame]354 if dhcp_release:
A R Karthick035d2e22017-04-25 13:53:00 -0700[diff] [blame]355 os.system('dhclient '+vcpe+' -r')
Anil Kumar Sankaa357c6a2017-04-12 17:52:24 +0000[diff] [blame]356 return True
357
Anil Kumar Sankaf6a9f392017-05-06 00:18:31 +0000[diff] [blame]358 def vsg_for_external_connectivity(self, subscriber_index, reserved = False):
359 if reserved is True:
360 if self.on_pod is True:
361 vcpe = self.dhcp_vcpes_reserved[subscriber_index]
362 else:
363 vcpe = self.untagged_dhcp_vcpes_reserved[subscriber_index]
364 else:
365 if self.on_pod is True:
366 vcpe = self.dhcp_vcpes[subscriber_index]
367 else:
368 vcpe = self.untagged_dhcp_vcpes[subscriber_index]
369 mgmt = 'eth0'
370 host = '8.8.8.8'
371 self.success = False
372 assert_not_equal(vcpe, None)
373 vcpe_ip = VSGAccess.vcpe_get_dhcp(vcpe, mgmt = mgmt)
374 assert_not_equal(vcpe_ip, None)
375 log.info('Got DHCP IP %s for %s' %(vcpe_ip, vcpe))
376 log.info('Sending icmp echo requests to external network 8.8.8.8')
377 st, _ = getstatusoutput('ping -c 3 8.8.8.8')
378 VSGAccess.restore_interface_config(mgmt, vcpe = vcpe)
379 assert_equal(st, 0)
380
Anil Kumar Sanka5db80d02017-06-02 21:10:19 +0000[diff] [blame^]381 def get_vsg_health_check(self, vsg_name=None):
382 if self.on_pod is False:
383 return
384 if vsg_name is None:
385 vcpe = self.container_vcpes_reserved[0]
386 vsg = VSGAccess.get_vcpe_vsg(vcpe)
387 status = vsg.get_health()
388 return status
389 else:
390 vsgs = VSGAccess.get_vsgs()
391 for vsg in vsgs:
392 if vsg.name == vsg_name:
393 status = vsg.get_health()
394 return status
395 return None
396
A R Karthick63751492017-03-22 09:28:01 -0700[diff] [blame]397 def test_vsg_health(self):
Anil Kumar Sanka72755c92017-04-06 17:19:02 +0000[diff] [blame]398 """
Chetan Gaonker72f3c4e2017-05-10 18:16:49 +0000[diff] [blame]399 Test Method:
Anil Kumar Sanka72755c92017-04-06 17:19:02 +0000[diff] [blame]400 1. Login to compute node VM
401 2. Get all vSGs
402 3. Ping to all vSGs
403 4. Verifying Ping success
404 """
A R Karthick93ba8d02017-04-13 11:59:58 -0700[diff] [blame]405 status = True
A R Karthick19771192017-04-25 14:57:05 -0700[diff] [blame]406 if self.on_pod is True:
A R Karthick93ba8d02017-04-13 11:59:58 -0700[diff] [blame]407 status = VSGAccess.health_check()
A R Karthickd0fdf3b2017-03-21 16:54:22 -0700[diff] [blame]408 assert_equal(status, True)
Chetan Gaonker52418832017-01-26 23:03:13 +0000[diff] [blame]409
Anil Kumar Sanka5db80d02017-06-02 21:10:19 +0000[diff] [blame^]410 def test_vsg_health_check(self,vsg_name=None,verify_status=True):
Anil Kumar Sanka72755c92017-04-06 17:19:02 +0000[diff] [blame]411 """
Chetan Gaonker72f3c4e2017-05-10 18:16:49 +0000[diff] [blame]412 Test Method:
Anil Kumar Sanka72755c92017-04-06 17:19:02 +0000[diff] [blame]413 1. If vsg name not specified, Get vsg corresponding to vcpe
414 1. Login to compute mode VM
415 3. Ping to the vSG
416 4. Verifying Ping success
417 """
Anil Kumar Sanka5db80d02017-06-02 21:10:19 +0000[diff] [blame^]418 st = self.get_vsg_health_check(vsg_name=vsg_name)
419 assert_equal(st,verify_status)
Anil Kumar Sanka72755c92017-04-06 17:19:02 +0000[diff] [blame]420
Anil Kumar Sanka5db80d02017-06-02 21:10:19 +0000[diff] [blame^]421 @deferred(30)
A R Karthick63751492017-03-22 09:28:01 -0700[diff] [blame]422 def test_vsg_for_vcpe(self):
Anil Kumar Sanka72755c92017-04-06 17:19:02 +0000[diff] [blame]423 """
Chetan Gaonker72f3c4e2017-05-10 18:16:49 +0000[diff] [blame]424 Test Method:
Anil Kumar Sanka72755c92017-04-06 17:19:02 +0000[diff] [blame]425 1. Get list of all compute nodes created using Openstack
426 2. Login to compute mode VM
427 3. Get all vSGs
428 4. Verifying atleast one compute node and one vSG created
429 """
A R Karthick035d2e22017-04-25 13:53:00 -0700[diff] [blame]430 df = defer.Deferred()
431 def vsg_for_vcpe_df(df):
A R Karthick19771192017-04-25 14:57:05 -0700[diff] [blame]432 if self.on_pod is True:
A R Karthick93ba8d02017-04-13 11:59:58 -0700[diff] [blame]433 vsgs = VSGAccess.get_vsgs()
434 compute_nodes = VSGAccess.get_compute_nodes()
435 time.sleep(14)
436 assert_not_equal(len(vsgs), 0)
437 assert_not_equal(len(compute_nodes), 0)
A R Karthick035d2e22017-04-25 13:53:00 -0700[diff] [blame]438 df.callback(0)
439 reactor.callLater(0,vsg_for_vcpe_df,df)
440 return df
Chetan Gaonker52418832017-01-26 23:03:13 +0000[diff] [blame]441
A R Karthick63751492017-03-22 09:28:01 -0700[diff] [blame]442 def test_vsg_for_login(self):
Anil Kumar Sanka72755c92017-04-06 17:19:02 +0000[diff] [blame]443 """
Chetan Gaonker72f3c4e2017-05-10 18:16:49 +0000[diff] [blame]444 Test Method:
Anil Kumar Sanka72755c92017-04-06 17:19:02 +0000[diff] [blame]445 1. Login to compute node VM
446 2. Get all vSGs
447 3. Verifying login to vSG is success
448 """
A R Karthick19771192017-04-25 14:57:05 -0700[diff] [blame]449 if self.on_pod is False:
A R Karthick93ba8d02017-04-13 11:59:58 -0700[diff] [blame]450 return
A R Karthickd0fdf3b2017-03-21 16:54:22 -0700[diff] [blame]451 vsgs = VSGAccess.get_vsgs()
452 vsg_access_status = map(lambda vsg: vsg.check_access(), vsgs)
A.R Karthick33cfdbe2017-03-17 18:03:48 -0700[diff] [blame]453 status = filter(lambda st: st == False, vsg_access_status)
454 assert_equal(len(status), 0)
455
A R Karthick63751492017-03-22 09:28:01 -0700[diff] [blame]456 def test_vsg_for_default_route_through_testclient(self):
Anil Kumar Sanka72755c92017-04-06 17:19:02 +0000[diff] [blame]457 """
Chetan Gaonker72f3c4e2017-05-10 18:16:49 +0000[diff] [blame]458 Test Method:
Anil Kumar Sanka72755c92017-04-06 17:19:02 +0000[diff] [blame]459 1. Login to head node
460 2. Verifying for default route in lxc test client
461 """
A R Karthick19771192017-04-25 14:57:05 -0700[diff] [blame]462 if self.on_pod is False:
A R Karthick93ba8d02017-04-13 11:59:58 -0700[diff] [blame]463 return
A R Karthick63751492017-03-22 09:28:01 -0700[diff] [blame]464 ssh_agent = SSHTestAgent(host = self.HEAD_NODE, user = self.USER, password = self.PASS)
465 cmd = "sudo lxc exec testclient -- route | grep default"
466 status, output = ssh_agent.run_cmd(cmd)
467 assert_equal(status, True)
468
Anil Kumar Sanka5db80d02017-06-02 21:10:19 +0000[diff] [blame^]469 @deferred(30)
A R Karthick63751492017-03-22 09:28:01 -0700[diff] [blame]470 def test_vsg_for_external_connectivity_through_testclient(self):
Anil Kumar Sanka72755c92017-04-06 17:19:02 +0000[diff] [blame]471 """
Chetan Gaonker72f3c4e2017-05-10 18:16:49 +0000[diff] [blame]472 Test Method:
Anil Kumar Sanka72755c92017-04-06 17:19:02 +0000[diff] [blame]473 1. Login to head node
474 2. On head node, executing ping to 8.8.8.8 from lxc test client
475 3. Verifying for the ping success
476 """
A R Karthick19771192017-04-25 14:57:05 -0700[diff] [blame]477 if self.on_pod is False:
A R Karthick93ba8d02017-04-13 11:59:58 -0700[diff] [blame]478 return
Anil Kumar Sanka5db80d02017-06-02 21:10:19 +0000[diff] [blame^]479 df = defer.Deferred()
480 def test_external_connectivity(df):
481 ssh_agent = SSHTestAgent(host = self.HEAD_NODE, user = self.USER, password = self.PASS)
482 cmd = "sudo lxc exec testclient -- ping -c 3 8.8.8.8"
483 status, output = ssh_agent.run_cmd(cmd)
484 assert_equal( status, True)
485 df.callback(0)
486 reactor.callLater(0,test_external_connectivity,df)
487 return df
A R Karthick63751492017-03-22 09:28:01 -0700[diff] [blame]488
Anil Kumar Sanka5db80d02017-06-02 21:10:19 +0000[diff] [blame^]489 @deferred(30)
A R Karthick035d2e22017-04-25 13:53:00 -0700[diff] [blame]490 def test_vsg_for_external_connectivity(self):
491 """
Chetan Gaonker72f3c4e2017-05-10 18:16:49 +0000[diff] [blame]492 Test Method:
A R Karthick035d2e22017-04-25 13:53:00 -0700[diff] [blame]493 1. Get dhcp IP to vcpe interface in cord-tester
494 2. Verifying vcpe interface gets dhcp IP
495 3. Ping to 8.8.8.8 and Verifying ping should success
496 4. Restoring management interface configuration in cord-tester
497 """
A R Karthick19771192017-04-25 14:57:05 -0700[diff] [blame]498 reserved = True
499 if self.on_pod:
500 reserved = self.on_ciab
Anil Kumar Sanka5db80d02017-06-02 21:10:19 +0000[diff] [blame^]501 df = defer.Deferred()
502 def test_external_connectivity(df):
503 self.vsg_for_external_connectivity(0, reserved = reserved)
504 df.callback(0)
505 reactor.callLater(0,test_external_connectivity,df)
506 return df
A R Karthick035d2e22017-04-25 13:53:00 -0700[diff] [blame]507
Anil Kumar Sanka5db80d02017-06-02 21:10:19 +0000[diff] [blame^]508 @deferred(30)
A R Karthick63751492017-03-22 09:28:01 -0700[diff] [blame]509 def test_vsg_for_external_connectivity_to_google(self):
Anil Kumar Sanka72755c92017-04-06 17:19:02 +0000[diff] [blame]510 """
Chetan Gaonker72f3c4e2017-05-10 18:16:49 +0000[diff] [blame]511 Test Method:
Anil Kumar Sanka72755c92017-04-06 17:19:02 +0000[diff] [blame]512 1. Get dhcp IP to vcpe interface in cord-tester
513 2. Verifying vcpe interface gets dhcp IP
514 3. Ping to www.google.com and Verifying ping should success
515 4. Restoring management interface configuration in cord-tester
516 """
Anil Kumar Sanka5db80d02017-06-02 21:10:19 +0000[diff] [blame^]517 df = defer.Deferred()
518 def test_external_connectivity(df):
519 host = 'www.google.com'
520 vcpe = self.dhcp_vcpes_reserved[0]
521 mgmt = 'eth0'
522 assert_not_equal(vcpe, None)
523 try:
524 vcpe_ip = VSGAccess.vcpe_get_dhcp(vcpe, mgmt = mgmt)
525 assert_not_equal(vcpe_ip, None)
526 log.info('Got DHCP IP %s for %s' %(vcpe_ip, vcpe))
527 log.info('Sending icmp ping requests to %s' %host)
528 st, _ = getstatusoutput('ping -c 1 {}'.format(host))
529 assert_equal(st, 0)
530 except Exception as error:
531 log.info('Got Unexpected error %s'%error)
532 raise
533 finally:
534 VSGAccess.restore_interface_config(mgmt, vcpe = vcpe)
535 df.callback(0)
536 reactor.callLater(0,test_external_connectivity,df)
537 return df
Anil Kumar Sanka87115b02017-03-14 17:46:47 +0000[diff] [blame]538
A R Karthickb2618052017-05-10 09:23:22 -0700[diff] [blame]539 def retrieve_content_from_host_to_validate_path_mtu(self, host):
Anil Kumar Sanka5db80d02017-06-02 21:10:19 +0000[diff] [blame^]540 vcpe = self.dhcp_vcpes_reserved[0]
A R Karthickb2618052017-05-10 09:23:22 -0700[diff] [blame]541 mgmt = 'eth0'
542 assert_not_equal(vcpe, None)
543 vcpe_ip = VSGAccess.vcpe_get_dhcp(vcpe, mgmt = mgmt)
544 assert_not_equal(vcpe_ip, None)
545 log.info('Got DHCP IP %s for %s' %(vcpe_ip, vcpe))
546 log.info('Initiating get requests to %s' %host)
547 r = requests.get('http://{}'.format(host))
548 VSGAccess.restore_interface_config(mgmt, vcpe = vcpe)
549 return r.status_code
550
Chetan Gaonker0bf76312017-05-09 16:48:10 +0000[diff] [blame]551 #Test cases to check path mtu across cord framework wih some selected websites to check response.
Anil Kumar Sanka5db80d02017-06-02 21:10:19 +0000[diff] [blame^]552 @deferred(30)
Chetan Gaonker0bf76312017-05-09 16:48:10 +0000[diff] [blame]553 def test_vsg_to_retrieve_content_from_google_to_validate_path_mtu(self):
554 """
Chetan Gaonker72f3c4e2017-05-10 18:16:49 +0000[diff] [blame]555 Test Method:
Chetan Gaonker0bf76312017-05-09 16:48:10 +0000[diff] [blame]556 1. Get dhcp IP to vcpe interface in cord-tester
557 2. Verifying vcpe interface gets dhcp IP
558 3. Retrieve contents from www.google.com and Verify response status is 200 ok.
559 4. This validates path mtu for end to end traffic with request to retrieve web contents in cord framework.
560 (Based on website response, size differs, needs check on MTU)
561 4. Restoring management interface configuration in cord-tester
562 """
Anil Kumar Sanka5db80d02017-06-02 21:10:19 +0000[diff] [blame^]563 df = defer.Deferred()
564 def test_external_connectivity(df):
565 status_code = self.retrieve_content_from_host_to_validate_path_mtu('www.google.com')
566 assert_equal(status_code, 200)
567 df.callback(0)
568 reactor.callLater(0,test_external_connectivity,df)
569 return df
Chetan Gaonker0bf76312017-05-09 16:48:10 +0000[diff] [blame]570
Anil Kumar Sanka5db80d02017-06-02 21:10:19 +0000[diff] [blame^]571 @deferred(30)
Chetan Gaonker0bf76312017-05-09 16:48:10 +0000[diff] [blame]572 def test_vsg_to_retrieve_content_from_rediff_to_validate_path_mtu(self):
573 """
Chetan Gaonker72f3c4e2017-05-10 18:16:49 +0000[diff] [blame]574 Test Method:
Chetan Gaonker0bf76312017-05-09 16:48:10 +0000[diff] [blame]575 1. Get dhcp IP to vcpe interface in cord-tester
576 2. Verifying vcpe interface gets dhcp IP
577 3. Retrieve contents from www.rediff.com and Verify response status is 200 ok.
578 4. This validates path mtu for end to end traffic with request to retrieve web contents in cord framework.
579 (Based on website response, size differs, needs check on MTU)
580 4. Restoring management interface configuration in cord-tester
581 """
Anil Kumar Sanka5db80d02017-06-02 21:10:19 +0000[diff] [blame^]582 df = defer.Deferred()
583 def test_external_connectivity(df):
584 status_code = self.retrieve_content_from_host_to_validate_path_mtu('www.rediff.com')
585 assert_equal(status_code, 200)
586 df.callback(0)
587 reactor.callLater(0,test_external_connectivity,df)
588 return df
Chetan Gaonker0bf76312017-05-09 16:48:10 +0000[diff] [blame]589
Anil Kumar Sanka5db80d02017-06-02 21:10:19 +0000[diff] [blame^]590 @deferred(30)
Chetan Gaonker0bf76312017-05-09 16:48:10 +0000[diff] [blame]591 def test_vsg_to_retrieve_content_from_yahoo_to_validate_path_mtu(self):
592 """
Chetan Gaonker72f3c4e2017-05-10 18:16:49 +0000[diff] [blame]593 Test Method:
Chetan Gaonker0bf76312017-05-09 16:48:10 +0000[diff] [blame]594 1. Get dhcp IP to vcpe interface in cord-tester
595 2. Verifying vcpe interface gets dhcp IP
596 3. Retrieve contents from www.yahoo.com and Verify response status is 200 ok.
597 4. This validates path mtu for end to end traffic with request to retrieve web contents in cord framework.
598 (Based on website response, size differs, needs check on MTU)
599 4. Restoring management interface configuration in cord-tester
600 """
Anil Kumar Sanka5db80d02017-06-02 21:10:19 +0000[diff] [blame^]601 df = defer.Deferred()
602 def test_external_connectivity(df):
603 status_code = self.retrieve_content_from_host_to_validate_path_mtu('www.yahoo.com')
604 assert_equal(status_code, 200)
605 df.callback(0)
606 reactor.callLater(0,test_external_connectivity,df)
607 return df
Chetan Gaonker0bf76312017-05-09 16:48:10 +0000[diff] [blame]608
Anil Kumar Sanka5db80d02017-06-02 21:10:19 +0000[diff] [blame^]609 @deferred(30)
Chetan Gaonker0bf76312017-05-09 16:48:10 +0000[diff] [blame]610 def test_vsg_to_retrieve_content_from_facebook_to_validate_path_mtu(self):
611 """
Chetan Gaonker72f3c4e2017-05-10 18:16:49 +0000[diff] [blame]612 Test Method:
Chetan Gaonker0bf76312017-05-09 16:48:10 +0000[diff] [blame]613 1. Get dhcp IP to vcpe interface in cord-tester
614 2. Verifying vcpe interface gets dhcp IP
615 3. Retrieve contents from www.facebook.com and Verify response status is 200 ok.
616 4. This validates path mtu for end to end traffic with request to retrieve web contents in cord framework.
617 (Based on website response, size differs, needs check on MTU)
618 4. Restoring management interface configuration in cord-tester
619 """
Anil Kumar Sanka5db80d02017-06-02 21:10:19 +0000[diff] [blame^]620 df = defer.Deferred()
621 def test_external_connectivity(df):
622 status_code = self.retrieve_content_from_host_to_validate_path_mtu('www.facebook.com')
623 assert_equal(status_code, 200)
624 df.callback(0)
625 reactor.callLater(0,test_external_connectivity,df)
626 return df
Chetan Gaonker0bf76312017-05-09 16:48:10 +0000[diff] [blame]627
Anil Kumar Sanka5db80d02017-06-02 21:10:19 +0000[diff] [blame^]628
629 @deferred(30)
A R Karthick63751492017-03-22 09:28:01 -0700[diff] [blame]630 def test_vsg_for_external_connectivity_to_invalid_host(self):
Anil Kumar Sanka72755c92017-04-06 17:19:02 +0000[diff] [blame]631 """
Chetan Gaonker72f3c4e2017-05-10 18:16:49 +0000[diff] [blame]632 Test Method:
Anil Kumar Sanka72755c92017-04-06 17:19:02 +0000[diff] [blame]633 1. Get dhcp IP to vcpe interface in cord-tester
634 2. Verifying vcpe interface gets dhcp IP
635 3. Ping to www.goglee.com and Verifying ping should not success
636 4. Restoring management interface configuration in cord-tester
637 """
Anil Kumar Sanka5db80d02017-06-02 21:10:19 +0000[diff] [blame^]638 df = defer.Deferred()
639 def test_external_connectivity(df):
640 host = 'www.goglee.com'
641 vcpe = self.dhcp_vcpes_reserved[0]
642 mgmt = 'eth0'
643 assert_not_equal(vcpe, None)
644 try:
645 vcpe_ip = VSGAccess.vcpe_get_dhcp(vcpe, mgmt = mgmt)
646 assert_not_equal(vcpe_ip, None)
647 log.info('Got DHCP IP %s for %s' %(vcpe_ip, vcpe))
648 log.info('Sending icmp ping requests to non existent host %s' %host)
649 st, _ = getstatusoutput('ping -c 1 {}'.format(host))
650 assert_not_equal(st, 0)
651 except Exception as error:
652 log.info('Got Unexpected error %s'%error)
653 raise
654 finally:
655 VSGAccess.restore_interface_config(mgmt, vcpe = vcpe)
656 df.callback(0)
657 reactor.callLater(0,test_external_connectivity,df)
658 return df
Anil Kumar Sanka87115b02017-03-14 17:46:47 +0000[diff] [blame]659
Anil Kumar Sanka5db80d02017-06-02 21:10:19 +0000[diff] [blame^]660 @deferred(30)
A R Karthick63751492017-03-22 09:28:01 -0700[diff] [blame]661 def test_vsg_for_external_connectivity_with_ttl_1(self):
Anil Kumar Sanka72755c92017-04-06 17:19:02 +0000[diff] [blame]662 """
Chetan Gaonker72f3c4e2017-05-10 18:16:49 +0000[diff] [blame]663 Test Method:
Anil Kumar Sanka72755c92017-04-06 17:19:02 +0000[diff] [blame]664 1. Get dhcp IP to vcpe interface in cord-tester
665 2. Verifying vcpe interface gets dhcp IP
666 3. Ping to 8.8.8.8 with ttl set to 1
667 4. Verifying ping should not success
668 5. Restoring management interface configuration in cord-tester
669 """
Anil Kumar Sanka5db80d02017-06-02 21:10:19 +0000[diff] [blame^]670 df = defer.Deferred()
671 def test_external_connectivity(df):
672 host = '8.8.8.8'
673 vcpe = self.dhcp_vcpes_reserved[0]
674 mgmt = 'eth0'
675 assert_not_equal(vcpe, None)
676 try:
677 vcpe_ip = VSGAccess.vcpe_get_dhcp(vcpe, mgmt = mgmt)
678 assert_not_equal(vcpe_ip, None)
679 log.info('Got DHCP IP %s for %s' %(vcpe_ip, vcpe))
680 log.info('Sending icmp ping requests to host %s with ttl 1' %host)
681 st, _ = getstatusoutput('ping -c 1 -t 1 {}'.format(host))
682 assert_not_equal(st, 0)
683 except Exception as error:
684 log.info('Got Unexpected error %s'%error)
685 raise
686 finally:
687 VSGAccess.restore_interface_config(mgmt, vcpe = vcpe)
688 df.callback(0)
689 reactor.callLater(0,test_external_connectivity,df)
690 return df
Anil Kumar Sanka87115b02017-03-14 17:46:47 +0000[diff] [blame]691
Anil Kumar Sanka5db80d02017-06-02 21:10:19 +0000[diff] [blame^]692 @deferred(60)
A R Karthick63751492017-03-22 09:28:01 -0700[diff] [blame]693 def test_vsg_for_external_connectivity_with_wan_interface_toggle_in_vcpe(self):
Anil Kumar Sanka72755c92017-04-06 17:19:02 +0000[diff] [blame]694 """
Chetan Gaonker72f3c4e2017-05-10 18:16:49 +0000[diff] [blame]695 Test Method:
Anil Kumar Sanka72755c92017-04-06 17:19:02 +0000[diff] [blame]696 1. Get dhcp IP to vcpe interface in cord-tester
697 2. Verifying vcpe interface gets dhcp IP
A.R Karthick8f7f1b62017-04-06 18:25:07 -0700[diff] [blame]698 3. Ping to 8.8.8.8 and Verifying ping succeeds
Anil Kumar Sanka72755c92017-04-06 17:19:02 +0000[diff] [blame]699 4. Now down the WAN interface of vcpe
A.R Karthick8f7f1b62017-04-06 18:25:07 -0700[diff] [blame]700 5. Ping to 8.8.8.8 and Verifying ping fails
Anil Kumar Sanka72755c92017-04-06 17:19:02 +0000[diff] [blame]701 6. Now Up the WAN interface of vcpe
A.R Karthick8f7f1b62017-04-06 18:25:07 -0700[diff] [blame]702 7. Ping to 8.8.8.8 and Verifying ping succeeds
703 8. Restoring management interface configuration in cord-tester
Anil Kumar Sanka72755c92017-04-06 17:19:02 +0000[diff] [blame]704 """
Anil Kumar Sanka5db80d02017-06-02 21:10:19 +0000[diff] [blame^]705 df = defer.Deferred()
706 def test_external_connectivity(df):
707 if self.on_pod is False:
708 return
709 host = '8.8.8.8'
710 mgmt = 'eth0'
711 vcpe = self.dhcp_vcpes_reserved[0]
712 vcpe_name = self.container_vcpes_reserved[0]
713 assert_not_equal(vcpe_name, None)
714 assert_not_equal(vcpe, None)
715 #first get dhcp on the vcpe interface
716 try:
717 vcpe_ip = VSGAccess.vcpe_get_dhcp(vcpe, mgmt = mgmt)
718 assert_not_equal(vcpe_ip, None)
719 log.info('Got DHCP IP %s for %s' %(vcpe_ip, vcpe))
720 log.info('Sending ICMP pings to host %s' %(host))
721 st, _ = getstatusoutput('ping -c 1 {}'.format(host))
722 if st != 0:
723 VSGAccess.restore_interface_config(mgmt, vcpe = vcpe)
724 assert_equal(st, 0)
725 #bring down the wan interface and check again
726 st = VSGAccess.vcpe_wan_down(vcpe_name)
727 if st is False:
728 VSGAccess.restore_interface_config(mgmt, vcpe = vcpe)
729 assert_equal(st, True)
730 st, _ = getstatusoutput('ping -c 1 {}'.format(host))
731 if st == 0:
732 VSGAccess.restore_interface_config(mgmt, vcpe = vcpe)
733 assert_not_equal(st, 0)
734 st = VSGAccess.vcpe_wan_up(vcpe_name)
735 if st is False:
736 VSGAccess.restore_interface_config(mgmt, vcpe = vcpe)
737 assert_equal(st, True)
738 st, _ = getstatusoutput('ping -c 1 {}'.format(host))
739 assert_equal(st, 0)
740 except Exception as error:
741 log.info('Got Unexpected error %s'%error)
742 raise
743 finally:
744 VSGAccess.restore_interface_config(mgmt, vcpe = vcpe)
745 df.callback(0)
746 reactor.callLater(0,test_external_connectivity,df)
747 return df
Anil Kumar Sanka87115b02017-03-14 17:46:47 +0000[diff] [blame]748
Anil Kumar Sanka5db80d02017-06-02 21:10:19 +0000[diff] [blame^]749 @deferred(60)
A R Karthick63751492017-03-22 09:28:01 -0700[diff] [blame]750 def test_vsg_for_external_connectivity_with_lan_interface_toggle_in_vcpe(self):
Anil Kumar Sanka72755c92017-04-06 17:19:02 +0000[diff] [blame]751 """
Chetan Gaonker72f3c4e2017-05-10 18:16:49 +0000[diff] [blame]752 Test Method:
Anil Kumar Sanka72755c92017-04-06 17:19:02 +0000[diff] [blame]753 1. Get dhcp IP to vcpe interface in cord-tester
754 2. Verifying vcpe interface gets dhcp IP
755 3. Ping to 8.8.8.8 and Verifying ping should success
756 4. Now down the LAN interface of vcpe
757 5. Ping to 8.8.8.8 and Verifying ping should not success
758 6. Now Up the LAN interface of vcpe
759 7. Ping to 8.8.8.8 and Verifying ping should success
760 8. Restoring management interface configuration in cord-tester
761 """
A R Karthick19771192017-04-25 14:57:05 -0700[diff] [blame]762 if self.on_pod is False:
A R Karthick93ba8d02017-04-13 11:59:58 -0700[diff] [blame]763 return
Anil Kumar Sanka5db80d02017-06-02 21:10:19 +0000[diff] [blame^]764 df = defer.Deferred()
765 def test_external_connectivity(df):
766 host = '8.8.8.8'
767 mgmt = 'eth0'
768 vcpe = self.dhcp_vcpes_reserved[0]
769 vcpe_name = self.container_vcpes_reserved[0]
770 assert_not_equal(vcpe, None)
771 assert_not_equal(vcpe_name, None)
772 #first get dhcp on the vcpe interface
773 try:
774 vcpe_ip = VSGAccess.vcpe_get_dhcp(vcpe, mgmt = mgmt)
775 assert_not_equal(vcpe_ip, None)
776 log.info('Got DHCP IP %s for %s' %(vcpe_ip, vcpe))
777 log.info('Sending ICMP pings to host %s' %(host))
778 st, _ = getstatusoutput('ping -c 1 {}'.format(host))
779 if st != 0:
780 VSGAccess.restore_interface_config(mgmt, vcpe = vcpe)
781 assert_equal(st, 0)
782 #bring down the lan interface and check again
783 st = VSGAccess.vcpe_lan_down(vcpe_name)
784 if st is False:
785 VSGAccess.restore_interface_config(mgmt, vcpe = vcpe)
786 assert_equal(st, True)
787 st, _ = getstatusoutput('ping -c 1 {}'.format(host))
788 if st == 0:
789 VSGAccess.restore_interface_config(mgmt, vcpe = vcpe)
790 assert_not_equal(st, 0)
791 st = VSGAccess.vcpe_lan_up(vcpe_name)
792 if st is False:
793 VSGAccess.restore_interface_config(mgmt, vcpe = vcpe)
794 assert_equal(st, True)
795 st, _ = getstatusoutput('ping -c 1 {}'.format(host))
796 assert_equal(st, 0)
797 except Exception as error:
798 log.info('Got Unexpected error %s'%error)
799 raise
800 finally:
801 VSGAccess.restore_interface_config(mgmt, vcpe = vcpe)
802 df.callback(0)
803 reactor.callLater(0,test_external_connectivity,df)
804 return df
Chetan Gaonker52418832017-01-26 23:03:13 +0000[diff] [blame]805
Anil Kumar Sanka5db80d02017-06-02 21:10:19 +0000[diff] [blame^]806 @deferred(120)
Anil Kumar Sankaf6a9f392017-05-06 00:18:31 +0000[diff] [blame]807 def test_vsg_multiple_subscribers_for_same_vcpe_instace(self):
808 """
Chetan Gaonker72f3c4e2017-05-10 18:16:49 +0000[diff] [blame]809 Test Method:
Anil Kumar Sankaf6a9f392017-05-06 00:18:31 +0000[diff] [blame]810 1. Create a vcpe instance
811 2. Create multiple vcpe interfaces in cord-tester with same s-tag and c-tag to access vcpe instance
812 3. Verify all the interfaces gets dhcp IP in same subnet
813 """
Anil Kumar Sanka5db80d02017-06-02 21:10:19 +0000[diff] [blame^]814 df = defer.Deferred()
815 def test_external_connectivity(df):
816 vcpe_intfs,containers = self.get_vcpe_containers_and_interfaces()
817 for vcpe in vcpe_intfs:
818 vcpe_ip = self.get_vcpe_interface_dhcp_ip(vcpe=vcpe)
819 assert_not_equal(vcpe_ip,None)
820 for vcpe in vcpe_intfs:
821 self.release_vcpe_interface_dhcp_ip(vcpe=vcpe)
822 df.callback(0)
823 reactor.callLater(0,test_external_connectivity,df)
824 return df
Anil Kumar Sankaf6a9f392017-05-06 00:18:31 +0000[diff] [blame]825
Anil Kumar Sanka5db80d02017-06-02 21:10:19 +0000[diff] [blame^]826 @deferred(120)
Anil Kumar Sankaf6a9f392017-05-06 00:18:31 +0000[diff] [blame]827 def test_vsg_for_multiple_subscribers_with_same_vcpe_instance_and_validate_external_connectivity(self):
828 """
Chetan Gaonker72f3c4e2017-05-10 18:16:49 +0000[diff] [blame]829 Test Method:
Anil Kumar Sankaf6a9f392017-05-06 00:18:31 +0000[diff] [blame]830 1. Create a vcpe instance
831 2. Create multiple vcpe interfaces in cord-tester with same s-tag and c-tag to access vcpe instance
832 3. Verify all the interfaces gets dhcp IP in same subnet
833 4. From cord-tester ping to external with vcpe interface option
834 """
Anil Kumar Sanka5db80d02017-06-02 21:10:19 +0000[diff] [blame^]835 df = defer.Deferred()
836 def test_external_connectivity(df):
837 host = '8.8.8.8'
838 vcpe_intfs, containers = self.get_vcpe_containers_and_interfaces()
839 try:
840 for vcpe in vcpe_intfs:
841 vcpe_ip = self.get_vcpe_interface_dhcp_ip(vcpe=vcpe)
842 assert_not_equal(vcpe_ip,None)
843 self.add_static_route_via_vcpe_interface([host],vcpe=vcpe,dhcp_ip=False)
844 st, _ = getstatusoutput('ping -I {} -c 3 {}'.format(vcpe,host))
845 assert_equal(st, 0)
846 self.del_static_route_via_vcpe_interface([host],vcpe=vcpe,dhcp_release=False)
847 except Exception as error:
848 log.info('Got Unexpected error %s'%error)
849 raise
850 finally:
851 for vcpe in vcpe_intfs:
852 self.release_vcpe_interface_dhcp_ip(vcpe=vcpe)
853 df.callback(0)
854 reactor.callLater(0,test_external_connectivity,df)
855 return df
Anil Kumar Sankaf6a9f392017-05-06 00:18:31 +0000[diff] [blame]856
Anil Kumar Sanka5db80d02017-06-02 21:10:19 +0000[diff] [blame^]857 @deferred(30)
Anil Kumar Sankaf6a9f392017-05-06 00:18:31 +0000[diff] [blame]858 def test_vsg_vcpe_interface_and_validate_dhcp_ip_after_interface_toggle(self):
859 """
Chetan Gaonker72f3c4e2017-05-10 18:16:49 +0000[diff] [blame]860 Test Method:
Anil Kumar Sankaf6a9f392017-05-06 00:18:31 +0000[diff] [blame]861 1. Create a vcpe instance
862 2. Create a vcpe interface in cord-tester
863 3. Verify the interface gets dhcp IP
864 4. Toggle the interface
865 5. Verify the interface gets dhcp IP
866 """
Anil Kumar Sanka5db80d02017-06-02 21:10:19 +0000[diff] [blame^]867 df = defer.Deferred()
868 def test_external_connectivity(df):
869 vcpe_intf = self.dhcp_vcpes_reserved[0]
870 host = '8.8.8.8'
871 try:
872 self.add_static_route_via_vcpe_interface([host],vcpe=vcpe_intf)
873 st, _ = getstatusoutput('ping -c 1 {}'.format(host))
874 assert_equal(st, 0)
875 os.system('ifconfig {} down'.format(vcpe_intf))
876 time.sleep(1)
877 os.system('ifconfig {} up'.format(vcpe_intf))
878 time.sleep(1)
879 st, _ = getstatusoutput('ping -c 1 {}'.format(host))
880 assert_equal(st, 0)
881 except Exception as error:
882 log.info('Got Unexpected error %s'%error)
883 raise
884 finally:
885 self.del_static_route_via_vcpe_interface([host], vcpe=vcpe_intf)
886 df.callback(0)
887 reactor.callLater(0,test_external_connectivity,df)
888 return df
Anil Kumar Sankaf6a9f392017-05-06 00:18:31 +0000[diff] [blame]889
Anil Kumar Sankaa357c6a2017-04-12 17:52:24 +0000[diff] [blame]890 @deferred(TIMEOUT)
Anil Kumar Sanka52a39f82017-05-10 17:39:31 +0000[diff] [blame]891 def test_vsg_for_external_connectivity_after_restarting_vcpe_instance(self,vcpe_name=None,vcpe_intf=None):
892 """
Chetan Gaonker72f3c4e2017-05-10 18:16:49 +0000[diff] [blame]893 Test Method:
Anil Kumar Sanka52a39f82017-05-10 17:39:31 +0000[diff] [blame]894 1. Get vSG corresponding to vcpe
895 2. Get dhcp ip to vcpe interface
896 3. Add static route to destination route in test container
897 4. From test container ping to destination route and verify ping success
898 5. Login to compute node and execute command to pause vcpe container
899 6. From test container ping to destination route and verify ping success
900 """
901 if not vcpe_name:
Anil Kumar Sanka5db80d02017-06-02 21:10:19 +0000[diff] [blame^]902 vcpe_name = self.container_vcpes_reserved[0]
Anil Kumar Sanka52a39f82017-05-10 17:39:31 +0000[diff] [blame]903 if not vcpe_intf:
Anil Kumar Sanka5db80d02017-06-02 21:10:19 +0000[diff] [blame^]904 vcpe_intf = self.dhcp_vcpes_reserved[0]
Anil Kumar Sanka52a39f82017-05-10 17:39:31 +0000[diff] [blame]905 df = defer.Deferred()
Anil Kumar Sanka5db80d02017-06-02 21:10:19 +0000[diff] [blame^]906 def test_external_connectivity(df):
Anil Kumar Sanka52a39f82017-05-10 17:39:31 +0000[diff] [blame]907 if self.on_pod is False:
908 df.callback(0)
909 return
910 host = '8.8.8.8'
911 vsg = VSGAccess.get_vcpe_vsg(vcpe_name)
912 try:
913 self.add_static_route_via_vcpe_interface([host],vcpe=vcpe_intf)
914 st, _ = getstatusoutput('ping -c 1 {}'.format(host))
915 assert_equal(st, False)
916 st, _ = vsg.run_cmd('sudo docker restart {}'.format(vcpe_name))
Anil Kumar Sanka5db80d02017-06-02 21:10:19 +0000[diff] [blame^]917 clock = 0
918 status = False
919 while(clock <= 20):
920 time.sleep(5)
921 st, _ = getstatusoutput('ping -c 1 {}'.format(host))
922 if st == False:
923 status = True
924 break
925 clock += 5
926 assert_equal(status, True)
927 except Exception as error:
928 log.info('Got Unexpected error %s'%error)
929 vsg.run_cmd('sudo docker restart {}'.format(vcpe_name))
930 raise
Anil Kumar Sanka52a39f82017-05-10 17:39:31 +0000[diff] [blame]931 finally:
932 self.del_static_route_via_vcpe_interface([host],vcpe=vcpe_intf)
933 df.callback(0)
Anil Kumar Sanka5db80d02017-06-02 21:10:19 +0000[diff] [blame^]934 reactor.callLater(0, test_external_connectivity, df)
Anil Kumar Sanka52a39f82017-05-10 17:39:31 +0000[diff] [blame]935 return df
936
Anil Kumar Sanka5db80d02017-06-02 21:10:19 +0000[diff] [blame^]937 #nottest. Setup getting distrubed if vSG VM restart
Anil Kumar Sanka52a39f82017-05-10 17:39:31 +0000[diff] [blame]938 @deferred(TIMEOUT)
939 def test_vsg_for_external_connectivity_after_restarting_vsg_vm(self,vcpe_name=None,vcpe_intf=None):
940 """
Chetan Gaonker72f3c4e2017-05-10 18:16:49 +0000[diff] [blame]941 Test Method:
Anil Kumar Sanka52a39f82017-05-10 17:39:31 +0000[diff] [blame]942 1. Get vSG corresponding to vcpe
943 2. Get dhcp ip to vcpe interface
944 3. Add static route to destination route in test container
945 4. From test container ping to destination route and verify ping success
946 5. Login to compute node and execute command to pause vcpe container
947 6. From test container ping to destination route and verify ping success
948 """
Anil Kumar Sanka52a39f82017-05-10 17:39:31 +0000[diff] [blame]949 if not vcpe_intf:
Anil Kumar Sanka5db80d02017-06-02 21:10:19 +0000[diff] [blame^]950 vcpe_intf = self.dhcp_vcpes_reserved[0]
Anil Kumar Sanka52a39f82017-05-10 17:39:31 +0000[diff] [blame]951 df = defer.Deferred()
Anil Kumar Sanka5db80d02017-06-02 21:10:19 +0000[diff] [blame^]952 def test_external_connectivity(df):
Anil Kumar Sanka52a39f82017-05-10 17:39:31 +0000[diff] [blame]953 if self.on_pod is False:
954 df.callback(0)
955 return
956 host = '8.8.8.8'
957 vsg = VSGAccess.get_vcpe_vsg(vcpe_name)
958 try:
959 self.add_static_route_via_vcpe_interface([host],vcpe=vcpe_intf)
960 st, _ = getstatusoutput('ping -c 1 {}'.format(host))
961 assert_equal(st, False)
Anil Kumar Sanka5db80d02017-06-02 21:10:19 +0000[diff] [blame^]962 vsg.reboot()
963 clock = 0
964 status = False
965 while(clock <= 30):
966 time.sleep(5)
967 st, _ = getstatusoutput('ping -c 1 {}'.format(host))
968 if st == False:
969 status = True
970 break
971 clock += 5
972 assert_equal(status, True)
973 except Exception as error:
974 log.info('Got Unexpected error %s'%error)
975 vsg.reboot()
976 raise
Anil Kumar Sanka52a39f82017-05-10 17:39:31 +0000[diff] [blame]977 finally:
978 self.del_static_route_via_vcpe_interface([host],vcpe=vcpe_intf)
979 df.callback(0)
Anil Kumar Sanka5db80d02017-06-02 21:10:19 +0000[diff] [blame^]980 reactor.callLater(0, test_external_connectivity, df)
Anil Kumar Sanka52a39f82017-05-10 17:39:31 +0000[diff] [blame]981 return df
982
Anil Kumar Sanka5db80d02017-06-02 21:10:19 +0000[diff] [blame^]983 @deferred(60)
Anil Kumar Sankaa357c6a2017-04-12 17:52:24 +0000[diff] [blame]984 def test_vsg_for_external_connectivity_with_vcpe_container_paused(self,vcpe_name=None,vcpe_intf=None):
985 """
Chetan Gaonker72f3c4e2017-05-10 18:16:49 +0000[diff] [blame]986 Test Method:
Anil Kumar Sankaa357c6a2017-04-12 17:52:24 +0000[diff] [blame]987 1. Get vSG corresponding to vcpe
988 2. Get dhcp ip to vcpe interface
989 3. Add static route to destination route in test container
990 4. From test container ping to destination route and verify ping success
991 5. Login to compute node and execute command to pause vcpe container
992 6. From test container ping to destination route and verify ping success
993 """
994 if not vcpe_name:
Anil Kumar Sanka5db80d02017-06-02 21:10:19 +0000[diff] [blame^]995 vcpe_name = self.container_vcpes_reserved[0]
Anil Kumar Sankaa357c6a2017-04-12 17:52:24 +0000[diff] [blame]996 if not vcpe_intf:
Anil Kumar Sanka5db80d02017-06-02 21:10:19 +0000[diff] [blame^]997 vcpe_intf = self.dhcp_vcpes_reserved[0]
Anil Kumar Sankaa357c6a2017-04-12 17:52:24 +0000[diff] [blame]998 df = defer.Deferred()
Anil Kumar Sanka5db80d02017-06-02 21:10:19 +0000[diff] [blame^]999 def test_external_connectivity(df):
A R Karthick19771192017-04-25 14:57:05 -0700[diff] [blame]1000 if self.on_pod is False:
A R Karthick93ba8d02017-04-13 11:59:58 -0700[diff] [blame]1001 df.callback(0)
1002 return
Anil Kumar Sankaa357c6a2017-04-12 17:52:24 +0000[diff] [blame]1003 host = '8.8.8.8'
1004 vsg = VSGAccess.get_vcpe_vsg(vcpe_name)
1005 try:
1006 self.add_static_route_via_vcpe_interface([host],vcpe=vcpe_intf)
1007 st, _ = getstatusoutput('ping -c 1 {}'.format(host))
1008 assert_equal(st, False)
1009 st, _ = vsg.run_cmd('sudo docker pause {}'.format(vcpe_name))
1010 st, _ = getstatusoutput('ping -c 1 {}'.format(host))
1011 assert_equal(st, False)
Anil Kumar Sanka5db80d02017-06-02 21:10:19 +0000[diff] [blame^]1012 vsg.run_cmd('sudo docker unpause {}'.format(vcpe_name))
1013 except Exception as error:
1014 log.info('Got Unexpected error %s'%error)
1015 vsg.run_cmd('sudo docker restart {}'.format(vcpe_name))
1016 raise
Anil Kumar Sankaa357c6a2017-04-12 17:52:24 +0000[diff] [blame]1017 finally:
Anil Kumar Sankaa357c6a2017-04-12 17:52:24 +0000[diff] [blame]1018 self.del_static_route_via_vcpe_interface([host],vcpe=vcpe_intf)
1019 df.callback(0)
Anil Kumar Sanka5db80d02017-06-02 21:10:19 +0000[diff] [blame^]1020 reactor.callLater(0, test_external_connectivity, df)
Anil Kumar Sankaa357c6a2017-04-12 17:52:24 +0000[diff] [blame]1021 return df
1022
1023 @deferred(TIMEOUT)
1024 def test_vsg_firewall_with_deny_destination_ip(self, vcpe_name=None, vcpe_intf=None):
Anil Kumar Sanka72755c92017-04-06 17:19:02 +0000[diff] [blame]1025 """
Chetan Gaonker72f3c4e2017-05-10 18:16:49 +0000[diff] [blame]1026 Test Method:
Anil Kumar Sanka72755c92017-04-06 17:19:02 +0000[diff] [blame]1027 1. Get vSG corresponding to vcpe
1028 2. Login to compute node
1029 3. Execute iptable command on vcpe from compute node to deny a destination IP
1030 4. From cord-tester ping to the denied IP address
1031 5. Verifying that ping should not be successful
1032 """
Anil Kumar Sankaa357c6a2017-04-12 17:52:24 +0000[diff] [blame]1033 if not vcpe_name:
1034 vcpe_name = self.vcpe_container
1035 if not vcpe_intf:
1036 vcpe_intf = self.vcpe_dhcp
1037 df = defer.Deferred()
1038 def vcpe_firewall(df):
A R Karthick19771192017-04-25 14:57:05 -0700[diff] [blame]1039 if self.on_pod is False:
A R Karthick93ba8d02017-04-13 11:59:58 -0700[diff] [blame]1040 df.callback(0)
1041 return
Anil Kumar Sankaa357c6a2017-04-12 17:52:24 +0000[diff] [blame]1042 host = '8.8.8.8'
1043 vsg = VSGAccess.get_vcpe_vsg(vcpe_name)
1044 try:
1045 self.add_static_route_via_vcpe_interface([host],vcpe=vcpe_intf)
1046 st, _ = getstatusoutput('ping -c 1 {}'.format(host))
1047 assert_equal(st, False)
1048 st, _ = vsg.run_cmd('sudo docker exec {} iptables -I FORWARD -d {} -j DROP'.format(vcpe_name,host))
1049 st, _ = getstatusoutput('ping -c 1 {}'.format(host))
1050 assert_equal(st, True)
1051 finally:
1052 vsg.run_cmd('sudo docker exec {} iptables -D FORWARD -d {} -j DROP'.format(vcpe_name,host))
1053 self.del_static_route_via_vcpe_interface([host],vcpe=vcpe_intf)
1054 vsg.run_cmd('sudo docker restart {}'.format(vcpe_name))
1055 df.callback(0)
1056 reactor.callLater(0, vcpe_firewall, df)
1057 return df
Anil Kumar Sankad47023a2017-03-29 21:11:09 +0000[diff] [blame]1058
Anil Kumar Sankaa357c6a2017-04-12 17:52:24 +0000[diff] [blame]1059 @deferred(TIMEOUT)
1060 def test_vsg_firewall_with_rule_add_and_delete_dest_ip(self,vcpe_name=None,vcpe_intf=None):
Anil Kumar Sanka72755c92017-04-06 17:19:02 +0000[diff] [blame]1061 """
Chetan Gaonker72f3c4e2017-05-10 18:16:49 +0000[diff] [blame]1062 Test Method:
Anil Kumar Sanka72755c92017-04-06 17:19:02 +0000[diff] [blame]1063 1. Get vSG corresponding to vcpe
1064 2. Login to compute node
1065 3. Execute iptable command on vcpe from compute node to deny a destination IP
1066 4. From cord-tester ping to the denied IP address
1067 5. Verifying that ping should not be successful
1068 6. Delete the iptable rule in vcpe
1069 7. From cord-tester ping to the denied IP address
1070 8. Verifying the ping should success
1071 """
Anil Kumar Sankaa357c6a2017-04-12 17:52:24 +0000[diff] [blame]1072 if not vcpe_name:
1073 vcpe_name = self.vcpe_container
1074 if not vcpe_intf:
1075 vcpe_intf = self.vcpe_dhcp
1076 df = defer.Deferred()
1077 def vcpe_firewall(df):
A R Karthick19771192017-04-25 14:57:05 -0700[diff] [blame]1078 if self.on_pod is False:
A R Karthick93ba8d02017-04-13 11:59:58 -0700[diff] [blame]1079 df.callback(0)
1080 return
Anil Kumar Sankaa357c6a2017-04-12 17:52:24 +0000[diff] [blame]1081 host = '8.8.8.8'
1082 vsg = VSGAccess.get_vcpe_vsg(vcpe_name)
1083 try:
1084 self.add_static_route_via_vcpe_interface([host],vcpe=vcpe_intf)
1085 st, _ = getstatusoutput('ping -c 1 {}'.format(host))
1086 assert_equal(st, False)
1087 st, _ = vsg.run_cmd('sudo docker exec {} iptables -I FORWARD -d {} -j DROP'.format(vcpe_name,host))
1088 st, _ = getstatusoutput('ping -c 1 {}'.format(host))
1089 assert_equal(st, True)
1090 st,_ = vsg.run_cmd('sudo docker exec {} iptables -D FORWARD -d {} -j DROP'.format(vcpe_name,host))
1091 st, _ = getstatusoutput('ping -c 1 {}'.format(host))
1092 assert_equal(st, False)
1093 finally:
1094 vsg.run_cmd('sudo docker exec {} iptables -D FORWARD -d {} -j DROP'.format(vcpe_name,host))
1095 self.del_static_route_via_vcpe_interface([host],vcpe=vcpe_intf)
1096 vsg.run_cmd('sudo docker restart {}'.format(vcpe_name))
1097 df.callback(0)
1098 reactor.callLater(0, vcpe_firewall, df)
1099 return df
Anil Kumar Sankad47023a2017-03-29 21:11:09 +0000[diff] [blame]1100
Anil Kumar Sankaa357c6a2017-04-12 17:52:24 +0000[diff] [blame]1101 @deferred(TIMEOUT)
1102 def test_vsg_firewall_verifying_reachability_for_non_blocked_dest_ip(self,vcpe_name=None,vcpe_intf=None):
Anil Kumar Sanka72755c92017-04-06 17:19:02 +0000[diff] [blame]1103 """
Chetan Gaonker72f3c4e2017-05-10 18:16:49 +0000[diff] [blame]1104 Test Method:
Anil Kumar Sanka72755c92017-04-06 17:19:02 +0000[diff] [blame]1105 1. Get vSG corresponding to vcpe
1106 2. Login to compute node
1107 3. Execute iptable command on vcpe from compute node to deny a destination IP
1108 4. From cord-tester ping to the denied IP address
1109 5. Verifying that ping should not be successful
1110 6. From cord-tester ping to the denied IP address other than the denied one
1111 7. Verifying the ping should success
1112 """
Anil Kumar Sankaa357c6a2017-04-12 17:52:24 +0000[diff] [blame]1113 if not vcpe_name:
1114 vcpe_name = self.vcpe_container
1115 if not vcpe_intf:
1116 vcpe_intf = self.vcpe_dhcp
1117 df = defer.Deferred()
1118 def vcpe_firewall(df):
A R Karthick19771192017-04-25 14:57:05 -0700[diff] [blame]1119 if self.on_pod is False:
A R Karthick93ba8d02017-04-13 11:59:58 -0700[diff] [blame]1120 df.callback(0)
1121 return
Anil Kumar Sankaa357c6a2017-04-12 17:52:24 +0000[diff] [blame]1122 host1 = '8.8.8.8'
1123 host2 = '204.79.197.203'
1124 vsg = VSGAccess.get_vcpe_vsg(vcpe_name)
1125 try:
1126 self.add_static_route_via_vcpe_interface([host1,host2],vcpe=vcpe_intf)
1127 st, _ = getstatusoutput('ping -c 1 {}'.format(host1))
1128 assert_equal(st, False)
1129 st, _ = vsg.run_cmd('sudo docker exec {} iptables -I FORWARD -d {} -j DROP'.format(vcpe_name,host1))
1130 st, _ = getstatusoutput('ping -c 1 {}'.format(host1))
1131 assert_equal(st, True)
1132 st, _ = getstatusoutput('ping -c 1 {}'.format(host2))
1133 assert_equal(st,False)
1134 finally:
1135 vsg.run_cmd('sudo docker exec {} iptables -D FORWARD -d {} -j DROP'.format(vcpe_name,host1))
1136 self.del_static_route_via_vcpe_interface([host1,host2],vcpe=vcpe_intf)
1137 vsg.run_cmd('sudo docker restart {}'.format(vcpe_name))
1138 df.callback(0)
1139 reactor.callLater(0, vcpe_firewall, df)
1140 return df
Anil Kumar Sankad47023a2017-03-29 21:11:09 +0000[diff] [blame]1141
Anil Kumar Sankaa357c6a2017-04-12 17:52:24 +0000[diff] [blame]1142 @deferred(TIMEOUT)
1143 def test_vsg_firewall_appending_rules_with_deny_dest_ip(self,vcpe_name=None,vcpe_intf=None):
Anil Kumar Sanka72755c92017-04-06 17:19:02 +0000[diff] [blame]1144 """
Chetan Gaonker72f3c4e2017-05-10 18:16:49 +0000[diff] [blame]1145 Test Method:
Anil Kumar Sanka72755c92017-04-06 17:19:02 +0000[diff] [blame]1146 1. Get vSG corresponding to vcpe
1147 2. Login to compute node
1148 3. Execute iptable command on vcpe from compute node to deny a destination IP1
1149 4. From cord-tester ping to the denied IP address IP1
1150 5. Verifying that ping should not be successful
1151 6. Execute iptable command on vcpe from compute node to deny a destination IP2
1152 6. From cord-tester ping to the denied IP address IP2
1153 7. Verifying that ping should not be successful
1154 """
Anil Kumar Sankaa357c6a2017-04-12 17:52:24 +0000[diff] [blame]1155 if not vcpe_name:
1156 vcpe_name = self.vcpe_container
1157 if not vcpe_intf:
1158 vcpe_intf = self.vcpe_dhcp
1159 df = defer.Deferred()
1160 def vcpe_firewall(df):
A R Karthick19771192017-04-25 14:57:05 -0700[diff] [blame]1161 if self.on_pod is False:
A R Karthick93ba8d02017-04-13 11:59:58 -0700[diff] [blame]1162 df.callback(0)
1163 return
Anil Kumar Sankaa357c6a2017-04-12 17:52:24 +0000[diff] [blame]1164 host1 = '8.8.8.8'
1165 host2 = '204.79.197.203'
1166 vsg = VSGAccess.get_vcpe_vsg(vcpe_name)
1167 try:
1168 self.add_static_route_via_vcpe_interface([host1,host2],vcpe=vcpe_intf)
1169 st, _ = getstatusoutput('ping -c 1 {}'.format(host1))
1170 assert_equal(st, False)
1171 st,_ = vsg.run_cmd('sudo docker exec {} iptables -F FORWARD'.format(vcpe_name))
1172 time.sleep(2)
1173 st,_ = vsg.run_cmd('sudo docker exec {} iptables -I FORWARD -d {} -j DROP'.format(vcpe_name,host1))
1174 st, _ = getstatusoutput('ping -c 1 {}'.format(host1))
1175 assert_equal(st, True)
1176 st, out = getstatusoutput('ping -c 1 {}'.format(host2))
1177 log.info('host2 ping output is %s'%out)
1178 assert_equal(st, False)
1179 st, _ = vsg.run_cmd('sudo docker exec {} iptables -A FORWARD -d {} -j DROP'.format(vcpe_name,host2))
1180 st, _ = getstatusoutput('ping -c 1 {}'.format(host2))
1181 assert_equal(st,True)
1182 finally:
1183 vsg.run_cmd('sudo docker exec {} iptables -D FORWARD -d {} -j DROP'.format(vcpe_name,host1))
1184 vsg.run_cmd('sudo docker exec {} iptables -D FORWARD -d {} -j DROP'.format(vcpe_name,host2))
1185 self.del_static_route_via_vcpe_interface([host1,host2],vcpe=vcpe_intf)
1186 vsg.run_cmd('sudo docker restart {}'.format(vcpe_name))
1187 df.callback(0)
1188 reactor.callLater(0, vcpe_firewall, df)
1189 return df
Anil Kumar Sankad47023a2017-03-29 21:11:09 +0000[diff] [blame]1190
Anil Kumar Sankaa357c6a2017-04-12 17:52:24 +0000[diff] [blame]1191 @deferred(TIMEOUT)
1192 def test_vsg_firewall_removing_one_rule_denying_dest_ip(self,vcpe_name=None,vcpe_intf=None):
Anil Kumar Sanka72755c92017-04-06 17:19:02 +0000[diff] [blame]1193 """
Chetan Gaonker72f3c4e2017-05-10 18:16:49 +0000[diff] [blame]1194 Test Method:
Anil Kumar Sanka72755c92017-04-06 17:19:02 +0000[diff] [blame]1195 1. Get vSG corresponding to vcpe
1196 2. Login to compute node
1197 3. Execute iptable command on vcpe from compute node to deny a destination IP1
1198 4. Execute iptable command on vcpe from compute node to deny a destination IP2
1199 5. From cord-tester ping to the denied IP address IP1
1200 6. Verifying that ping should not be successful
1201 7. From cord-tester ping to the denied IP address IP2
1202 8. Verifying that ping should not be successful
1203 9. Execute iptable command on vcpe from compute node to remove deny a destination IP2 rule
1204 10. From cord-tester ping to the denied IP address IP2
1205 11. Verifying the ping should success
1206 """
Anil Kumar Sankaa357c6a2017-04-12 17:52:24 +0000[diff] [blame]1207 if not vcpe_name:
1208 vcpe_name = self.vcpe_container
1209 if not vcpe_intf:
1210 vcpe_intf = self.vcpe_dhcp
1211 df = defer.Deferred()
1212 def vcpe_firewall(df):
A R Karthick19771192017-04-25 14:57:05 -0700[diff] [blame]1213 if self.on_pod is False:
A R Karthick93ba8d02017-04-13 11:59:58 -0700[diff] [blame]1214 df.callback(0)
1215 return
Anil Kumar Sankaa357c6a2017-04-12 17:52:24 +0000[diff] [blame]1216 host1 = '8.8.8.8'
1217 host2 = '204.79.197.203'
1218 vsg = VSGAccess.get_vcpe_vsg(vcpe_name)
1219 try:
1220 self.add_static_route_via_vcpe_interface([host1,host2],vcpe=self.vcpe_dhcp)
1221 st, _ = getstatusoutput('ping -c 1 {}'.format(host1))
1222 assert_equal(st, False)
1223 st,output = vsg.run_cmd('sudo docker exec {} iptables -I FORWARD -d {} -j DROP'.format(vcpe_name,host1))
1224 st,output = vsg.run_cmd('sudo docker exec {} iptables -I FORWARD -d {} -j DROP'.format(vcpe_name,host2))
1225 st, _ = getstatusoutput('ping -c 1 {}'.format(host1))
1226 assert_equal(st, True)
1227 st, _ = getstatusoutput('ping -c 1 {}'.format(host2))
1228 assert_equal(st,True)
1229 st,output = vsg.run_cmd('sudo docker exec {} iptables -D FORWARD -d {} -j DROP'.format(vcpe_name,host2))
1230 st, _ = getstatusoutput('ping -c 1 {}'.format(host2))
1231 assert_equal(st,False)
1232 finally:
1233 vsg.run_cmd('sudo docker exec {} iptables -D FORWARD -d {} -j DROP'.format(vcpe_name,host1))
1234 vsg.run_cmd('sudo docker exec {} iptables -D FORWARD -d {} -j DROP'.format(vcpe_name,host2))
1235 self.del_static_route_via_vcpe_interface([host1,host2],vcpe=vcpe_intf)
1236 log.info('restarting vcpe container')
1237 vsg.run_cmd('sudo docker restart {}'.format(vcpe_name))
1238 df.callback(0)
1239 reactor.callLater(0, vcpe_firewall, df)
1240 return df
Anil Kumar Sankad47023a2017-03-29 21:11:09 +0000[diff] [blame]1241
Anil Kumar Sankaa357c6a2017-04-12 17:52:24 +0000[diff] [blame]1242 @deferred(TIMEOUT)
1243 def test_vsg_firewall_changing_rule_id_deny_dest_ip(self,vcpe_name=None,vcpe_intf=None):
Anil Kumar Sanka72755c92017-04-06 17:19:02 +0000[diff] [blame]1244 """
Chetan Gaonker72f3c4e2017-05-10 18:16:49 +0000[diff] [blame]1245 Test Method:
Anil Kumar Sanka72755c92017-04-06 17:19:02 +0000[diff] [blame]1246 1. Get vSG corresponding to vcpe
1247 2. Login to compute node
1248 3. Execute iptable command on vcpe from compute node to deny a destination IP
1249 5. From cord-tester ping to the denied IP address IP1
1250 6. Verifying that ping should not be successful
1251 9. Execute iptable command on vcpe from compute node to change the rule ID to 2 to deny the same destination IP
1252 10. From cord-tester ping to the denied IP address IP
1253 11. Verifying that ping should not be successful
1254 """
Anil Kumar Sankaa357c6a2017-04-12 17:52:24 +0000[diff] [blame]1255 if not vcpe_name:
1256 vcpe_name = self.vcpe_container
1257 if not vcpe_intf:
1258 vcpe_intf = self.vcpe_dhcp
1259 df = defer.Deferred()
1260 def vcpe_firewall(df):
A R Karthick19771192017-04-25 14:57:05 -0700[diff] [blame]1261 if self.on_pod is False:
A R Karthick93ba8d02017-04-13 11:59:58 -0700[diff] [blame]1262 df.callback(0)
1263 return
Anil Kumar Sankaa357c6a2017-04-12 17:52:24 +0000[diff] [blame]1264 host = '8.8.8.8'
1265 vsg = VSGAccess.get_vcpe_vsg(vcpe_name)
1266 try:
1267 self.add_static_route_via_vcpe_interface([host],vcpe=self.vcpe_dhcp)
1268 st, _ = getstatusoutput('ping -c 1 {}'.format(host))
1269 assert_equal(st, False)
1270 st,output = vsg.run_cmd('sudo docker exec {} iptables -I FORWARD -d {} -j DROP'.format(vcpe_name,host))
1271 st, _ = getstatusoutput('ping -c 1 {}'.format(host))
1272 assert_equal(st, True)
1273 st,output = vsg.run_cmd('sudo docker exec {} iptables -I FORWARD 2 -d {} -j DROP '.format(vcpe_name,host))
1274 st, _ = getstatusoutput('ping -c 1 {}'.format(host))
1275 assert_equal(st,True)
1276 finally:
1277 vsg.run_cmd('sudo docker exec {} iptables -D FORWARD -d {} -j DROP'.format(vcpe_name,host))
1278 self.del_static_route_via_vcpe_interface([host],vcpe=vcpe_intf)
1279 vsg.run_cmd('sudo docker restart {}'.format(vcpe_name))
1280 df.callback(0)
1281 reactor.callLater(0, vcpe_firewall, df)
1282 return df
Anil Kumar Sankad47023a2017-03-29 21:11:09 +0000[diff] [blame]1283
Anil Kumar Sankaa357c6a2017-04-12 17:52:24 +0000[diff] [blame]1284 @deferred(TIMEOUT)
1285 def test_vsg_firewall_changing_deny_rule_to_accept_dest_ip(self,vcpe_name=None,vcpe_intf=None):
Anil Kumar Sanka72755c92017-04-06 17:19:02 +0000[diff] [blame]1286 """
Chetan Gaonker72f3c4e2017-05-10 18:16:49 +0000[diff] [blame]1287 Test Method:
Anil Kumar Sanka72755c92017-04-06 17:19:02 +0000[diff] [blame]1288 1. Get vSG corresponding to vcpe
1289 2. Login to compute node
1290 3. Execute iptable command on vcpe from compute node to deny a destination IP
1291 5. From cord-tester ping to the denied IP address IP1
1292 6. Verifying that ping should not be successful
1293 9. Execute iptable command on vcpe from compute node to accept the same destination IP
1294 10. From cord-tester ping to the accepted IP
1295 11. Verifying the ping should success
1296 """
Anil Kumar Sankaa357c6a2017-04-12 17:52:24 +0000[diff] [blame]1297 if not vcpe_name:
1298 vcpe_name = self.vcpe_container
1299 if not vcpe_intf:
1300 vcpe_intf = self.vcpe_dhcp
1301 df = defer.Deferred()
1302 def vcpe_firewall(df):
A R Karthick19771192017-04-25 14:57:05 -0700[diff] [blame]1303 if self.on_pod is False:
A R Karthick93ba8d02017-04-13 11:59:58 -0700[diff] [blame]1304 df.callback(0)
1305 return
Anil Kumar Sankaa357c6a2017-04-12 17:52:24 +0000[diff] [blame]1306 host = '8.8.8.8'
1307 vsg = VSGAccess.get_vcpe_vsg(vcpe_name)
1308 try:
Anil Kumar Sanka5db80d02017-06-02 21:10:19 +0000[diff] [blame^]1309 self.add_static_route_via_vcpe_interface([host],vcpe=vcpe_intf)
Anil Kumar Sankaa357c6a2017-04-12 17:52:24 +0000[diff] [blame]1310 st, _ = getstatusoutput('ping -c 1 {}'.format(host))
1311 assert_equal(st, False)
1312 st,output = vsg.run_cmd('sudo docker exec {} iptables -I FORWARD -d {} -j DROP'.format(vcpe_name,host))
1313 st, _ = getstatusoutput('ping -c 1 {}'.format(host))
1314 assert_equal(st, True)
1315 st, _ = vsg.run_cmd('sudo docker exec {} iptables -R FORWARD 1 -d {} -j ACCEPT'.format(vcpe_name,host))
1316 st, _ = getstatusoutput('ping -c 1 {}'.format(host))
1317 assert_equal(st,False)
Anil Kumar Sanka5db80d02017-06-02 21:10:19 +0000[diff] [blame^]1318 except Exception as error:
1319 log.info('Got Unexpected error %s'%error)
1320 raise
Anil Kumar Sankaa357c6a2017-04-12 17:52:24 +0000[diff] [blame]1321 finally:
1322 vsg.run_cmd('sudo docker exec {} iptables -D FORWARD -d {} -j DROP'.format(vcpe_name,host))
1323 vsg.run_cmd('sudo docker exec {} iptables -D FORWARD -d {} -j ACCEPT'.format(vcpe_name,host))
1324 self.del_static_route_via_vcpe_interface([host],vcpe=vcpe_intf)
1325 vsg.run_cmd('sudo docker restart {}'.format(vcpe_name))
1326 df.callback(0)
1327 reactor.callLater(0, vcpe_firewall, df)
1328 return df
Anil Kumar Sankad47023a2017-03-29 21:11:09 +0000[diff] [blame]1329
Anil Kumar Sankaa357c6a2017-04-12 17:52:24 +0000[diff] [blame]1330 @deferred(TIMEOUT) #Fail
1331 def test_vsg_firewall_denying_destination_network(self,vcpe_name=None,vcpe_intf=None):
Anil Kumar Sanka72755c92017-04-06 17:19:02 +0000[diff] [blame]1332 """
Chetan Gaonker72f3c4e2017-05-10 18:16:49 +0000[diff] [blame]1333 Test Method:
Anil Kumar Sanka72755c92017-04-06 17:19:02 +0000[diff] [blame]1334 1. Get vSG corresponding to vcpe
1335 2. Login to compute node
1336 3. Execute iptable command on vcpe from compute node to deny a destination IP subnet
1337 4. From cord-tester ping to the denied IP address IP1 in the denied subnet
1338 5. Verifying that ping should not be successful
1339 6. From cord-tester ping to the denied IP address IP2 in the denied subnet
1340 7. Verifying that ping should not be successful
1341 """
Anil Kumar Sankaa357c6a2017-04-12 17:52:24 +0000[diff] [blame]1342 if not vcpe_name:
1343 vcpe_name = self.vcpe_container
1344 if not vcpe_intf:
1345 vcpe_intf = self.vcpe_dhcp
1346 df = defer.Deferred()
1347 def vcpe_firewall(df):
A R Karthick19771192017-04-25 14:57:05 -0700[diff] [blame]1348 if self.on_pod is False:
A R Karthick93ba8d02017-04-13 11:59:58 -0700[diff] [blame]1349 df.callback(0)
1350 return
Anil Kumar Sankaa357c6a2017-04-12 17:52:24 +0000[diff] [blame]1351 network = '204.79.197.192/28'
1352 host1 = '204.79.197.203'
1353 host2 = '204.79.197.210'
1354 vsg = VSGAccess.get_vcpe_vsg(vcpe_name)
1355 try:
1356 self.add_static_route_via_vcpe_interface([host1,host2],vcpe=self.vcpe_dhcp)
1357 st, _ = getstatusoutput('ping -c 1 {}'.format(host1))
1358 assert_equal(st, False)
1359 st,output = vsg.run_cmd('sudo docker exec {} iptables -I FORWARD -d {} -j DROP'.format(vcpe_name,network))
1360 st, _ = getstatusoutput('ping -c 1 {}'.format(host1))
1361 assert_equal(st, True)
1362 st, _ = getstatusoutput('ping -c 1 {}'.format(host2))
1363 assert_equal(st,False)
1364 finally:
1365 vsg.run_cmd('sudo docker exec {} iptables -D FORWARD -d {} -j DROP'.format(vcpe_name,network))
1366 self.del_static_route_via_vcpe_interface([host1,host2],vcpe=vcpe_intf)
1367 vsg.run_cmd('sudo docker restart {}'.format(vcpe_name))
1368 df.callback(0)
1369 reactor.callLater(0, vcpe_firewall, df)
1370 return df
Anil Kumar Sankad47023a2017-03-29 21:11:09 +0000[diff] [blame]1371
Anil Kumar Sankaa357c6a2017-04-12 17:52:24 +0000[diff] [blame]1372 @deferred(TIMEOUT)
1373 def test_vsg_firewall_denying_destination_network_subnet_modification(self,vcpe_name=None,vcpe_intf=None):
Anil Kumar Sanka72755c92017-04-06 17:19:02 +0000[diff] [blame]1374 """
Chetan Gaonker72f3c4e2017-05-10 18:16:49 +0000[diff] [blame]1375 Test Method:
Anil Kumar Sanka72755c92017-04-06 17:19:02 +0000[diff] [blame]1376 1. Get vSG corresponding to vcpe
1377 2. Login to compute node
1378 3. Execute iptable command on vcpe from compute node to deny a destination IP subnet
1379 4. From cord-tester ping to the denied IP address IP1 in the denied subnet
1380 5. Verifying that ping should not be successful
1381 6. From cord-tester ping to the denied IP address IP2 in the denied subnet
1382 7. Verifying that ping should not be successful
1383 """
Anil Kumar Sankaa357c6a2017-04-12 17:52:24 +0000[diff] [blame]1384 if not vcpe_name:
1385 vcpe_name = self.vcpe_container
1386 if not vcpe_intf:
1387 vcpe_intf = self.vcpe_dhcp
1388 df = defer.Deferred()
1389 def vcpe_firewall(df):
A R Karthick19771192017-04-25 14:57:05 -0700[diff] [blame]1390 if self.on_pod is False:
A R Karthick93ba8d02017-04-13 11:59:58 -0700[diff] [blame]1391 df.callback(0)
1392 return
Anil Kumar Sankaa357c6a2017-04-12 17:52:24 +0000[diff] [blame]1393 network1 = '204.79.197.192/28'
1394 network2 = '204.79.197.192/27'
1395 host1 = '204.79.197.203'
1396 host2 = '204.79.197.210'
1397 host3 = '204.79.197.224'
1398 vsg = VSGAccess.get_vcpe_vsg(vcpe_name)
1399 try:
1400 self.add_static_route_via_vcpe_interface([host1,host2,host3],vcpe=self.vcpe_dhcp)
1401 st, _ = getstatusoutput('ping -c 1 {}'.format(host1))
1402 assert_equal(st, False)
1403 st,output = vsg.run_cmd('sudo docker exec {} iptables -I FORWARD -d {} -j DROP'.format(vcpe_name,network1))
1404 st, _ = getstatusoutput('ping -c 1 {}'.format(host1))
1405 assert_equal(st, True)
1406 st, _ = getstatusoutput('ping -c 1 {}'.format(host2))
1407 assert_equal(st,False)
1408 st,output = vsg.run_cmd('sudo docker exec {} iptables -I FORWARD 2 -d {} -j DROP'.format(vcpe_name,network2))
1409 st, _ = getstatusoutput('ping -c 1 {}'.format(host1))
1410 assert_equal(st, True)
1411 st, _ = getstatusoutput('ping -c 1 {}'.format(host2))
1412 assert_equal(st, True)
1413 st, _ = getstatusoutput('ping -c 1 {}'.format(host3))
1414 assert_equal(st, False)
1415 finally:
1416 vsg.run_cmd('sudo docker exec {} iptables -D FORWARD -d {} -j DROP'.format(vcpe_name,network1))
1417 vsg.run_cmd('sudo docker exec {} iptables -D FORWARD -d {} -j DROP'.format(vcpe_name,network2))
1418 self.del_static_route_via_vcpe_interface([host1,host2,host3],vcpe=vcpe_intf)
1419 vsg.run_cmd('sudo docker restart {}'.format(vcpe_name))
1420 df.callback(0)
1421 reactor.callLater(0, vcpe_firewall, df)
1422 return df
Anil Kumar Sankad47023a2017-03-29 21:11:09 +0000[diff] [blame]1423
Anil Kumar Sankaa357c6a2017-04-12 17:52:24 +0000[diff] [blame]1424 @deferred(TIMEOUT)
1425 def test_vsg_firewall_with_deny_source_ip(self,vcpe_name=None,vcpe_intf=None):
Anil Kumar Sanka72755c92017-04-06 17:19:02 +0000[diff] [blame]1426 """
Chetan Gaonker72f3c4e2017-05-10 18:16:49 +0000[diff] [blame]1427 Test Method:
Anil Kumar Sanka72755c92017-04-06 17:19:02 +0000[diff] [blame]1428 1. Get vSG corresponding to vcpe
1429 2. Login to compute node
1430 3. Execute iptable command on vcpe from compute node to deny a source IP
1431 4. From cord-tester ping to 8.8.8.8 from the denied IP
1432 5. Verifying that ping should not be successful
1433 """
Anil Kumar Sankaa357c6a2017-04-12 17:52:24 +0000[diff] [blame]1434 if not vcpe_name:
1435 vcpe_name = self.vcpe_container
1436 if not vcpe_intf:
1437 vcpe_intf = self.vcpe_dhcp
1438 df = defer.Deferred()
1439 def vcpe_firewall(df):
A R Karthick19771192017-04-25 14:57:05 -0700[diff] [blame]1440 if self.on_pod is False:
A R Karthick93ba8d02017-04-13 11:59:58 -0700[diff] [blame]1441 df.callback(0)
1442 return
Anil Kumar Sankaa357c6a2017-04-12 17:52:24 +0000[diff] [blame]1443 host = '8.8.8.8'
Anil Kumar Sankaa357c6a2017-04-12 17:52:24 +0000[diff] [blame]1444 vsg = VSGAccess.get_vcpe_vsg(vcpe_name)
1445 try:
1446 self.add_static_route_via_vcpe_interface([host],vcpe=self.vcpe_dhcp)
1447 source_ip = get_ip(self.vcpe_dhcp)
1448 st, _ = getstatusoutput('ping -c 1 {}'.format(host))
1449 assert_equal(st, False)
1450 st, _ = vsg.run_cmd('sudo docker exec {} iptables -I FORWARD -s {} -j DROP'.format(vcpe_name,source_ip))
1451 st, _ = getstatusoutput('ping -c 1 {}'.format(host))
1452 assert_equal(st, True)
1453 finally:
1454 vsg.run_cmd('sudo docker exec {} iptables -D FORWARD -s {} -j DROP'.format(vcpe_name,source_ip))
1455 self.del_static_route_via_vcpe_interface([host],vcpe=vcpe_intf)
1456 vsg.run_cmd('sudo docker restart {}'.format(vcpe_name))
1457 df.callback(0)
1458 reactor.callLater(0, vcpe_firewall, df)
1459 return df
Anil Kumar Sankad47023a2017-03-29 21:11:09 +0000[diff] [blame]1460
Anil Kumar Sankaa357c6a2017-04-12 17:52:24 +0000[diff] [blame]1461 @deferred(TIMEOUT)
1462 def test_vsg_firewall_rule_with_add_and_delete_deny_source_ip(self,vcpe_name=None,vcpe_intf=None):
Anil Kumar Sanka72755c92017-04-06 17:19:02 +0000[diff] [blame]1463 """
Chetan Gaonker72f3c4e2017-05-10 18:16:49 +0000[diff] [blame]1464 Test Method:
Anil Kumar Sanka72755c92017-04-06 17:19:02 +0000[diff] [blame]1465 1. Get vSG corresponding to vcpe
1466 2. Login to compute node
1467 3. Execute iptable command on vcpe from compute node to deny a source IP
1468 4. From cord-tester ping to 8.8.8.8 from the denied IP
1469 5. Verifying that ping should not be successful
1470 6. Delete the iptable rule in vcpe
1471 7. From cord-tester ping to 8.8.8.8 from the denied IP
1472 8. Verifying the ping should success
1473 """
Anil Kumar Sankaa357c6a2017-04-12 17:52:24 +0000[diff] [blame]1474 if not vcpe_name:
1475 vcpe_name = self.vcpe_container
1476 if not vcpe_intf:
1477 vcpe_intf = self.vcpe_dhcp
1478 df = defer.Deferred()
1479 def vcpe_firewall(df):
A R Karthick19771192017-04-25 14:57:05 -0700[diff] [blame]1480 if self.on_pod is False:
A R Karthick93ba8d02017-04-13 11:59:58 -0700[diff] [blame]1481 df.callback(0)
1482 return
Anil Kumar Sankaa357c6a2017-04-12 17:52:24 +0000[diff] [blame]1483 host = '8.8.8.8'
1484 source_ip = get_ip(self.vcpe_dhcp)
1485 vsg = VSGAccess.get_vcpe_vsg(vcpe_name)
1486 try:
1487 self.add_static_route_via_vcpe_interface([host],vcpe=self.vcpe_dhcp)
1488 source_ip = get_ip(self.vcpe_dhcp)
1489 st, _ = getstatusoutput('ping -c 1 {}'.format(host))
1490 assert_equal(st, False)
1491 st, _ = vsg.run_cmd('sudo docker exec {} iptables -I FORWARD -s {} -j DROP'.format(vcpe_name,source_ip))
1492 st, _ = getstatusoutput('ping -c 1 {}'.format(host))
1493 assert_equal(st, True)
1494 st, _ = vsg.run_cmd('sudo docker exec {} iptables -D FORWARD -s {} -j DROP'.format(vcpe_name,source_ip))
1495 st, _ = getstatusoutput('ping -c 1 {}'.format(host))
1496 assert_equal(st, False)
1497 finally:
1498 vsg.run_cmd('sudo docker exec {} iptables -D FORWARD -s {} -j DROP'.format(vcpe_name,source_ip))
1499 self.del_static_route_via_vcpe_interface([host],vcpe=vcpe_intf)
1500 vsg.run_cmd('sudo docker restart {}'.format(vcpe_name))
1501 df.callback(0)
1502 reactor.callLater(0, vcpe_firewall, df)
1503 return df
Anil Kumar Sankad47023a2017-03-29 21:11:09 +0000[diff] [blame]1504
Anil Kumar Sankaa357c6a2017-04-12 17:52:24 +0000[diff] [blame]1505 @deferred(TIMEOUT)
1506 def test_vsg_firewall_rule_with_deny_icmp_protocol_echo_requests_type(self,vcpe_name=None,vcpe_intf=None):
Anil Kumar Sanka72755c92017-04-06 17:19:02 +0000[diff] [blame]1507 """
Chetan Gaonker72f3c4e2017-05-10 18:16:49 +0000[diff] [blame]1508 Test Method:
Anil Kumar Sanka72755c92017-04-06 17:19:02 +0000[diff] [blame]1509 1. Get vSG corresponding to vcpe
1510 2. Login to compute node
1511 3. Execute iptable command on vcpe from compute node to deny icmp echo-requests type protocol packets
1512 4. From cord-tester ping to 8.8.8.8
1513 5. Verifying that ping should not be successful
1514 6. Delete the iptable rule
1515 7. From cord-tester ping to 8.8.8.8
1516 8. Verifying the ping should success
1517 """
Anil Kumar Sankaa357c6a2017-04-12 17:52:24 +0000[diff] [blame]1518 if not vcpe_name:
1519 vcpe_name = self.vcpe_container
1520 if not vcpe_intf:
1521 vcpe_intf = self.vcpe_dhcp
1522 df = defer.Deferred()
1523 def vcpe_firewall(df):
A R Karthick19771192017-04-25 14:57:05 -0700[diff] [blame]1524 if self.on_pod is False:
A R Karthick93ba8d02017-04-13 11:59:58 -0700[diff] [blame]1525 df.callback(0)
1526 return
Anil Kumar Sankaa357c6a2017-04-12 17:52:24 +0000[diff] [blame]1527 host = '8.8.8.8'
1528 vsg = VSGAccess.get_vcpe_vsg(vcpe_name)
1529 try:
1530 self.add_static_route_via_vcpe_interface([host],vcpe=self.vcpe_dhcp)
1531 st, _ = getstatusoutput('ping -c 1 {}'.format(host))
1532 assert_equal(st, False)
1533 st, _ = vsg.run_cmd('sudo docker exec {} iptables -I FORWARD -p icmp --icmp-type echo-request -j DROP'.format(vcpe_name))
1534 st, _ = getstatusoutput('ping -c 1 {}'.format(host))
1535 assert_equal(st, True)
1536 st, _ = vsg.run_cmd('sudo docker exec {} iptables -D FORWARD -p icmp --icmp-type echo-request -j DROP'.format(vcpe_name))
1537 st, _ = getstatusoutput('ping -c 1 {}'.format(host))
1538 assert_equal(st, False)
1539 finally:
1540 vsg.run_cmd('sudo docker exec {} iptables -D FORWARD -p icmp --icmp-type echo-request -j DROP'.format(vcpe_name))
1541 self.del_static_route_via_vcpe_interface([host],vcpe=vcpe_intf)
1542 vsg.run_cmd('sudo docker restart {}'.format(vcpe_name))
1543 df.callback(0)
1544 reactor.callLater(0, vcpe_firewall, df)
1545 return df
Anil Kumar Sankad47023a2017-03-29 21:11:09 +0000[diff] [blame]1546
Anil Kumar Sankaa357c6a2017-04-12 17:52:24 +0000[diff] [blame]1547 @deferred(TIMEOUT)
1548 def test_vsg_firewall_rule_with_deny_icmp_protocol_echo_reply_type(self,vcpe_name=None,vcpe_intf=None):
Anil Kumar Sanka72755c92017-04-06 17:19:02 +0000[diff] [blame]1549 """
Chetan Gaonker72f3c4e2017-05-10 18:16:49 +0000[diff] [blame]1550 Test Method:
Anil Kumar Sanka72755c92017-04-06 17:19:02 +0000[diff] [blame]1551 1. Get vSG corresponding to vcpe
1552 2. Login to compute node
1553 3. Execute iptable command on vcpe from compute node to deny icmp echo-reply type protocol packets
1554 4. From cord-tester ping to 8.8.8.8
1555 5. Verifying that ping should not be successful
1556 6. Delete the iptable rule
1557 7. From cord-tester ping to 8.8.8.8
1558 8. Verifying the ping should success
1559 """
Anil Kumar Sankaa357c6a2017-04-12 17:52:24 +0000[diff] [blame]1560 if not vcpe_name:
1561 vcpe_name = self.vcpe_container
1562 if not vcpe_intf:
1563 vcpe_intf = self.vcpe_dhcp
1564 df = defer.Deferred()
1565 def vcpe_firewall(df):
A R Karthick19771192017-04-25 14:57:05 -0700[diff] [blame]1566 if self.on_pod is False:
A R Karthick93ba8d02017-04-13 11:59:58 -0700[diff] [blame]1567 df.callback(0)
1568 return
Anil Kumar Sankaa357c6a2017-04-12 17:52:24 +0000[diff] [blame]1569 host = '8.8.8.8'
1570 vsg = VSGAccess.get_vcpe_vsg(vcpe_name)
1571 try:
1572 self.add_static_route_via_vcpe_interface([host],vcpe=self.vcpe_dhcp)
1573 st, _ = getstatusoutput('ping -c 1 {}'.format('8.8.8.8'))
1574 assert_equal(st, False)
1575 st,output = vsg.run_cmd('sudo docker exec {} iptables -I FORWARD -p icmp --icmp-type echo-reply -j DROP'.format(vcpe_name))
1576 st, _ = getstatusoutput('ping -c 1 {}'.format(host))
1577 assert_equal(st, True)
1578 st,output = vsg.run_cmd('sudo docker exec {} iptables -D FORWARD -p icmp --icmp-type echo-reply -j DROP'.format(vcpe_name))
1579 st, _ = getstatusoutput('ping -c 1 {}'.format(host))
1580 assert_equal(st,False)
1581 finally:
1582 vsg.run_cmd('sudo docker exec {} iptables -D FORWARD -p icmp --icmp-type echo-reply -j DROP'.format(vcpe_name))
1583 self.del_static_route_via_vcpe_interface([host],vcpe=vcpe_intf)
1584 vsg.run_cmd('sudo docker restart {}'.format(vcpe_name))
1585 df.callback(0)
1586 reactor.callLater(0, vcpe_firewall, df)
1587 return df
Anil Kumar Sankad47023a2017-03-29 21:11:09 +0000[diff] [blame]1588
Anil Kumar Sankaa357c6a2017-04-12 17:52:24 +0000[diff] [blame]1589 @deferred(TIMEOUT)
Anil Kumar Sanka5fa8d8b2017-04-18 22:01:48 +0000[diff] [blame]1590 def test_vsg_firewall_changing_deny_rule_to_accept_rule_with_icmp_protocol_echo_requests_type(self, vcpe_name=None, vcpe_intf=None):
Anil Kumar Sanka72755c92017-04-06 17:19:02 +0000[diff] [blame]1591 """
Chetan Gaonker72f3c4e2017-05-10 18:16:49 +0000[diff] [blame]1592 Test Method:
Anil Kumar Sanka72755c92017-04-06 17:19:02 +0000[diff] [blame]1593 1. Get vSG corresponding to vcpe
1594 2. Login to compute node
1595 3. Execute iptable command on vcpe from compute node to deny icmp echo-requests type protocol packets
1596 4. From cord-tester ping to 8.8.8.8
1597 5. Verifying that ping should not be successful
1598 6. Insert another rule to accept the icmp-echo requests protocol packets
1599 7. From cord-tester ping to 8.8.8.8
1600 8. Verifying the ping should success
1601 """
Anil Kumar Sankaa357c6a2017-04-12 17:52:24 +0000[diff] [blame]1602 if not vcpe_name:
1603 vcpe_name = self.vcpe_container
1604 if not vcpe_intf:
1605 vcpe_intf = self.vcpe_dhcp
1606 df = defer.Deferred()
1607 def vcpe_firewall(df):
A R Karthick19771192017-04-25 14:57:05 -0700[diff] [blame]1608 if self.on_pod is False:
A R Karthick93ba8d02017-04-13 11:59:58 -0700[diff] [blame]1609 df.callback(0)
1610 return
Anil Kumar Sankaa357c6a2017-04-12 17:52:24 +0000[diff] [blame]1611 host = '8.8.8.8'
1612 vsg = VSGAccess.get_vcpe_vsg(vcpe_name)
1613 try:
1614 self.add_static_route_via_vcpe_interface([host],vcpe=self.vcpe_dhcp)
1615 st, _ = getstatusoutput('ping -c 1 {}'.format(host))
1616 assert_equal(st, False)
1617 st, _ = vsg.run_cmd('sudo docker exec {} iptables -I FORWARD -p icmp --icmp-type echo-request -j DROP'.format(vcpe_name))
1618 st, _ = getstatusoutput('ping -c 1 {}'.format(host))
1619 assert_equal(st, True)
1620 st, _ = vsg.run_cmd('sudo docker exec {} iptables -R FORWARD 1 -p icmp --icmp-type echo-request -j ACCEPT'.format(vcpe_name))
1621 st, _ = getstatusoutput('ping -c 1 {}'.format(host))
1622 assert_equal(st,False)
1623 finally:
1624 vsg.run_cmd('sudo docker exec {} iptables -D FORWARD -p icmp --icmp-type echo-request -j DROP'.format(vcpe_name))
1625 vsg.run_cmd('sudo docker exec {} iptables -D FORWARD -p icmp --icmp-type echo-request -j ACCEPT'.format(vcpe_name))
1626 self.del_static_route_via_vcpe_interface([host],vcpe=vcpe_intf)
1627 vsg.run_cmd('sudo docker restart {}'.format(vcpe_name))
1628 df.callback(0)
1629 reactor.callLater(0, vcpe_firewall, df)
1630 return df
Anil Kumar Sankad47023a2017-03-29 21:11:09 +0000[diff] [blame]1631
Anil Kumar Sankaa357c6a2017-04-12 17:52:24 +0000[diff] [blame]1632 @deferred(TIMEOUT)
1633 def test_vsg_firewall_changing_deny_rule_to_accept_rule_with_icmp_protocol_echo_reply_type(self,vcpe_name=None,vcpe_intf=None):
1634 """
Chetan Gaonker72f3c4e2017-05-10 18:16:49 +0000[diff] [blame]1635 Test Method:
Anil Kumar Sankaa357c6a2017-04-12 17:52:24 +0000[diff] [blame]1636 1. Get vSG corresponding to vcpe
1637 2. Login to compute node
1638 3. Execute iptable command on vcpe from compute node to deny icmp echo-reply type protocol packets
1639 4. From cord-tester ping to 8.8.8.8
1640 5. Verifying the ping should not success
1641 6. Insert another rule to accept the icmp-echo requests protocol packets
1642 7. From cord-tester ping to 8.8.8.8
1643 8. Verifying the ping should success
1644 """
1645 if not vcpe_name:
1646 vcpe_name = self.vcpe_container
1647 if not vcpe_intf:
1648 vcpe_intf = self.vcpe_dhcp
1649 df = defer.Deferred()
1650 def vcpe_firewall(df):
A R Karthick19771192017-04-25 14:57:05 -0700[diff] [blame]1651 if self.on_pod is False:
A R Karthick93ba8d02017-04-13 11:59:58 -0700[diff] [blame]1652 df.callback(0)
1653 return
Anil Kumar Sankaa357c6a2017-04-12 17:52:24 +0000[diff] [blame]1654 host = '8.8.8.8'
1655 vsg = VSGAccess.get_vcpe_vsg(vcpe_name)
1656 try:
1657 self.add_static_route_via_vcpe_interface([host],vcpe=self.vcpe_dhcp)
1658 st, _ = getstatusoutput('ping -c 1 {}'.format(host))
1659 assert_equal(st, False)
1660 st,output = vsg.run_cmd('sudo docker exec {} iptables -I FORWARD -p icmp --icmp-type echo-reply -j DROP'.format(vcpe_name))
1661 st,_ = getstatusoutput('ping -c 1 {}'.format(host))
1662 assert_equal(st, True)
1663 st,output = vsg.run_cmd('sudo docker exec {} iptables -R FORWARD 1 -p icmp --icmp-type echo-reply -j ACCEPT'.format(vcpe_name))
1664 st, _ = getstatusoutput('ping -c 1 {}'.format(host))
1665 assert_equal(st,False)
1666 finally:
1667 vsg.run_cmd('sudo docker exec {} iptables -D FORWARD -p icmp --icmp-type echo-reply -j DROP'.format(vcpe_name))
1668 vsg.run_cmd('sudo docker exec {} iptables -D FORWARD -p icmp --icmp-type echo-reply -j ACCEPT'.format(vcpe_name))
1669 self.del_static_route_via_vcpe_interface([host],vcpe=vcpe_intf)
1670 vsg.run_cmd('sudo docker restart {}'.format(vcpe_name))
1671 df.callback(0)
1672 reactor.callLater(0, vcpe_firewall, df)
1673 return df
Anil Kumar Sankad47023a2017-03-29 21:11:09 +0000[diff] [blame]1674
Anil Kumar Sankaa357c6a2017-04-12 17:52:24 +0000[diff] [blame]1675 @deferred(TIMEOUT)
1676 def test_vsg_firewall_for_deny_icmp_protocol(self,vcpe_name=None,vcpe_intf=None):
Anil Kumar Sanka72755c92017-04-06 17:19:02 +0000[diff] [blame]1677 """
Chetan Gaonker72f3c4e2017-05-10 18:16:49 +0000[diff] [blame]1678 Test Method:
Anil Kumar Sanka72755c92017-04-06 17:19:02 +0000[diff] [blame]1679 1. Get vSG corresponding to vcpe
1680 2. Login to compute node
1681 3. Execute iptable command on vcpe from compute node to deny icmp protocol packets
1682 4. From cord-tester ping to 8.8.8.8
1683 5. Verifying that ping should not be successful
1684 6. Delete the iptable rule
1685 7. From cord-tester ping to 8.8.8.8
1686 8. Verifying the ping should success
1687 """
Anil Kumar Sankaa357c6a2017-04-12 17:52:24 +0000[diff] [blame]1688 if not vcpe_name:
1689 vcpe_name = self.vcpe_container
1690 if not vcpe_intf:
1691 vcpe_intf = self.vcpe_dhcp
1692 df = defer.Deferred()
1693 def vcpe_firewall(df):
A R Karthick19771192017-04-25 14:57:05 -0700[diff] [blame]1694 if self.on_pod is False:
A R Karthick93ba8d02017-04-13 11:59:58 -0700[diff] [blame]1695 df.callback(0)
1696 return
Anil Kumar Sankaa357c6a2017-04-12 17:52:24 +0000[diff] [blame]1697 host = '8.8.8.8'
1698 vsg = VSGAccess.get_vcpe_vsg(vcpe_name)
1699 try:
1700 self.add_static_route_via_vcpe_interface([host],vcpe=self.vcpe_dhcp)
1701 st, _ = getstatusoutput('ping -c 1 {}'.format(host))
1702 assert_equal(st, False)
1703 st,output = vsg.run_cmd('sudo docker exec {} iptables -I FORWARD -p icmp -j DROP'.format(vcpe_name))
1704 st,_ = getstatusoutput('ping -c 1 {}'.format(host))
1705 assert_equal(st, True)
1706 st, _ = vsg.run_cmd('sudo docker exec {} iptables -D FORWARD -p icmp -j DROP'.format(vcpe_name))
1707 st, _ = getstatusoutput('ping -c 1 {}'.format(host))
1708 assert_equal(st,False)
1709 finally:
1710 vsg.run_cmd('sudo docker exec {} iptables -D FORWARD -p icmp -j DROP'.format(vcpe_name))
1711 self.del_static_route_via_vcpe_interface([host],vcpe=vcpe_intf)
1712 vsg.run_cmd('sudo docker restart {}'.format(vcpe_name))
1713 df.callback(0)
1714 reactor.callLater(0, vcpe_firewall, df)
1715 return df
Anil Kumar Sankad47023a2017-03-29 21:11:09 +0000[diff] [blame]1716
Anil Kumar Sankaa357c6a2017-04-12 17:52:24 +0000[diff] [blame]1717 @deferred(TIMEOUT)
1718 def test_vsg_firewall_rule_deny_icmp_protocol_and_destination_ip(self,vcpe_name=None,vcpe_intf=None):
Anil Kumar Sanka72755c92017-04-06 17:19:02 +0000[diff] [blame]1719 """
Chetan Gaonker72f3c4e2017-05-10 18:16:49 +0000[diff] [blame]1720 Test Method:
Anil Kumar Sanka72755c92017-04-06 17:19:02 +0000[diff] [blame]1721 1. Get vSG corresponding to vcpe
1722 2. Login to compute node
1723 3. Execute iptable command on vcpe from compute node to deny a destination IP
1724 4. From cord-tester ping to 8.8.8.8
1725 5. Verifying that ping should not be successful
1726 6. Execute iptable command on vcpe from compute node to deny icmp protocol packets
1727 7. From cord-tester ping to 8.8.8.8
1728 8. Verifying the ping should success
1729 9. Delete the rule added in step 3
1730 10. From cord-tester ping to 8.8.8.8
1731 11. Verifying that ping should not be successful
1732 12. Delete the rule added in step 6
1733 13. From cord-tester ping to 8.8.8.8
1734 14. Verifying the ping should success
1735 """
Anil Kumar Sankaa357c6a2017-04-12 17:52:24 +0000[diff] [blame]1736 if not vcpe_name:
1737 vcpe_name = self.vcpe_container
1738 if not vcpe_intf:
1739 vcpe_intf = self.vcpe_dhcp
1740 df = defer.Deferred()
1741 def vcpe_firewall(df):
A R Karthick19771192017-04-25 14:57:05 -0700[diff] [blame]1742 if self.on_pod is False:
A R Karthick93ba8d02017-04-13 11:59:58 -0700[diff] [blame]1743 df.callback(0)
1744 return
Anil Kumar Sankaa357c6a2017-04-12 17:52:24 +0000[diff] [blame]1745 host = '8.8.8.8'
1746 vsg = VSGAccess.get_vcpe_vsg(vcpe_name)
1747 try:
1748 self.add_static_route_via_vcpe_interface([host],vcpe=self.vcpe_dhcp)
1749 st, _ = getstatusoutput('ping -c 1 {}'.format(host))
1750 assert_equal(st, False)
1751 st,output = vsg.run_cmd('sudo docker exec {} iptables -I FORWARD -d {} -j DROP'.format(vcpe_name,host))
1752 st,_ = getstatusoutput('ping -c 1 {}'.format(host))
1753 assert_equal(st, True)
1754 st,output = vsg.run_cmd('sudo docker exec {} iptables -I FORWARD -p icmp -j DROP'.format(vcpe_name))
1755 st,_ = getstatusoutput('ping -c 1 {}'.format(host))
1756 assert_equal(st, True)
1757 st,output = vsg.run_cmd('sudo docker exec {} iptables -D FORWARD -d {} -j DROP'.format(vcpe_name,host))
1758 st,_ = getstatusoutput('ping -c 1 {}'.format(host))
1759 assert_equal(st, True)
1760 st,output = vsg.run_cmd('sudo docker exec {} iptables -D FORWARD -p icmp -j DROP'.format(vcpe_name))
1761 st, _ = getstatusoutput('ping -c 1 {}'.format(host))
1762 assert_equal(st,False)
1763 finally:
1764 vsg.run_cmd('sudo docker exec {} iptables -D FORWARD -d {} -j DROP'.format(vcpe_name,host))
1765 vsg.run_cmd('sudo docker exec {} iptables -D FORWARD -p icmp -j DROP'.format(vcpe_name))
1766 self.del_static_route_via_vcpe_interface([host],vcpe=vcpe_intf)
1767 vsg.run_cmd('sudo docker restart {}'.format(vcpe_name))
1768 df.callback(0)
1769 reactor.callLater(0, vcpe_firewall, df)
1770 return df
Anil Kumar Sankad47023a2017-03-29 21:11:09 +0000[diff] [blame]1771
Anil Kumar Sanka5db80d02017-06-02 21:10:19 +0000[diff] [blame^]1772 @deferred(100)
Anil Kumar Sankaa357c6a2017-04-12 17:52:24 +0000[diff] [blame]1773 def test_vsg_firewall_flushing_all_configured_rules(self,vcpe_name=None,vcpe_intf=None):
Anil Kumar Sanka72755c92017-04-06 17:19:02 +0000[diff] [blame]1774 """
Chetan Gaonker72f3c4e2017-05-10 18:16:49 +0000[diff] [blame]1775 Test Method:
Anil Kumar Sanka72755c92017-04-06 17:19:02 +0000[diff] [blame]1776 1. Get vSG corresponding to vcpe
1777 2. Login to compute node
1778 3. Execute iptable command on vcpe from compute node to deny a destination IP
1779 4. From cord-tester ping to 8.8.8.8
1780 5. Verifying that ping should not be successful
1781 6. Execute iptable command on vcpe from compute node to deny icmp protocol packets
1782 7. From cord-tester ping to 8.8.8.8
1783 8. Verifying the ping should success
1784 9. Flush all the iptable rules configuraed in vcpe
1785 10. Delete the rule added in step 6
1786 11. From cord-tester ping to 8.8.8.8
1787 12. Verifying the ping should success
1788 """
Anil Kumar Sankaa357c6a2017-04-12 17:52:24 +0000[diff] [blame]1789 if not vcpe_name:
Anil Kumar Sanka5db80d02017-06-02 21:10:19 +0000[diff] [blame^]1790 vcpe_name = self.container_vcpes_reserved[0]
Anil Kumar Sankaa357c6a2017-04-12 17:52:24 +0000[diff] [blame]1791 if not vcpe_intf:
Anil Kumar Sanka5db80d02017-06-02 21:10:19 +0000[diff] [blame^]1792 vcpe_intf = self.dhcp_vcpes_reserved[0]
Anil Kumar Sankaa357c6a2017-04-12 17:52:24 +0000[diff] [blame]1793 df = defer.Deferred()
1794 def vcpe_firewall(df):
A R Karthick19771192017-04-25 14:57:05 -0700[diff] [blame]1795 if self.on_pod is False:
A R Karthick93ba8d02017-04-13 11:59:58 -0700[diff] [blame]1796 df.callback(0)
1797 return
Anil Kumar Sankaa357c6a2017-04-12 17:52:24 +0000[diff] [blame]1798 host = '8.8.8.8'
1799 vsg = VSGAccess.get_vcpe_vsg(vcpe_name)
1800 try:
Anil Kumar Sanka5db80d02017-06-02 21:10:19 +0000[diff] [blame^]1801 self.add_static_route_via_vcpe_interface([host],vcpe=vcpe_intf)
Anil Kumar Sankaa357c6a2017-04-12 17:52:24 +0000[diff] [blame]1802 st, _ = getstatusoutput('ping -c 1 {}'.format(host))
1803 assert_equal(st, False)
1804 st,output = vsg.run_cmd('sudo docker exec {} iptables -I FORWARD -d {} -j DROP'.format(vcpe_name,host))
1805 st,_ = getstatusoutput('ping -c 1 {}'.format(host))
1806 assert_equal(st, True)
1807 st,output = vsg.run_cmd('sudo docker exec {} iptables -I FORWARD -p icmp -j DROP'.format(vcpe_name))
1808 st,_ = getstatusoutput('ping -c 1 {}'.format(host))
1809 assert_equal(st, True)
Anil Kumar Sanka5db80d02017-06-02 21:10:19 +0000[diff] [blame^]1810 st, _ = vsg.run_cmd('sudo docker exec {} iptables -F FORWARD'.format(vcpe_name))
Anil Kumar Sankaa357c6a2017-04-12 17:52:24 +0000[diff] [blame]1811 st,_ = getstatusoutput('ping -c 1 {}'.format(host))
Anil Kumar Sanka5db80d02017-06-02 21:10:19 +0000[diff] [blame^]1812 assert_equal(st, True)
1813 vsg.run_cmd('sudo docker restart {}'.format(vcpe_name))
1814 status = False
1815 clock = 0
1816 while(clock <= 30):
1817 time.sleep(5)
1818 st,_ = getstatusoutput('ping -c 1 {}'.format(host))
1819 if st == False:
1820 status = True
1821 break
1822 clock += 5
1823 assert_equal(status, True)
1824 except Exception as error:
1825 log.info('Got Unexpected error %s'%error)
Anil Kumar Sankaa357c6a2017-04-12 17:52:24 +0000[diff] [blame]1826 vsg.run_cmd('sudo docker exec {} iptables -D FORWARD -d {} -j DROP'.format(vcpe_name,host))
Anil Kumar Sanka5db80d02017-06-02 21:10:19 +0000[diff] [blame^]1827 vsg.run_cmd('sudo docker exec {} iptables -D FORWARD -p icmp -j DROP'.format(vcpe_name))
1828 raise
1829 finally:
Anil Kumar Sankaa357c6a2017-04-12 17:52:24 +0000[diff] [blame]1830 self.del_static_route_via_vcpe_interface([host],vcpe=vcpe_intf)
Anil Kumar Sanka5db80d02017-06-02 21:10:19 +0000[diff] [blame^]1831 #vsg.run_cmd('sudo docker restart {}'.format(vcpe_name))
Anil Kumar Sankaa357c6a2017-04-12 17:52:24 +0000[diff] [blame]1832 df.callback(0)
1833 reactor.callLater(0, vcpe_firewall, df)
1834 return df
Anil Kumar Sankad47023a2017-03-29 21:11:09 +0000[diff] [blame]1835
Anil Kumar Sanka5db80d02017-06-02 21:10:19 +0000[diff] [blame^]1836 @deferred(40)
Anil Kumar Sankaa357c6a2017-04-12 17:52:24 +0000[diff] [blame]1837 def test_vsg_firewall_deny_all_ipv4_traffic(self,vcpe_name=None,vcpe_intf=None):
Anil Kumar Sanka72755c92017-04-06 17:19:02 +0000[diff] [blame]1838 """
Chetan Gaonker72f3c4e2017-05-10 18:16:49 +0000[diff] [blame]1839 Test Method:
Anil Kumar Sanka72755c92017-04-06 17:19:02 +0000[diff] [blame]1840 1. Get vSG corresponding to vcpe
1841 2. Login to compute node
1842 3. Execute iptable command on vcpe from compute node to deny all ipv4 Traffic
1843 4. From cord-tester ping to 8.8.8.8
1844 5. Verifying that ping should not be successful
1845 6. Delete the iptable rule added
1846 7. From cord-tester ping to 8.8.8.8
1847 8. Verifying the ping should success
1848 """
Anil Kumar Sankaa357c6a2017-04-12 17:52:24 +0000[diff] [blame]1849 if not vcpe_name:
Anil Kumar Sanka5db80d02017-06-02 21:10:19 +0000[diff] [blame^]1850 vcpe_name = self.container_vcpes_reserved[0]
Anil Kumar Sankaa357c6a2017-04-12 17:52:24 +0000[diff] [blame]1851 if not vcpe_intf:
Anil Kumar Sanka5db80d02017-06-02 21:10:19 +0000[diff] [blame^]1852 vcpe_intf = self.dhcp_vcpes_reserved[0]
Anil Kumar Sankaa357c6a2017-04-12 17:52:24 +0000[diff] [blame]1853 df = defer.Deferred()
1854 def vcpe_firewall(df):
A R Karthick19771192017-04-25 14:57:05 -0700[diff] [blame]1855 if self.on_pod is False:
A R Karthick93ba8d02017-04-13 11:59:58 -0700[diff] [blame]1856 df.callback(0)
1857 return
Anil Kumar Sankaa357c6a2017-04-12 17:52:24 +0000[diff] [blame]1858 host = '8.8.8.8'
1859 vsg = VSGAccess.get_vcpe_vsg(vcpe_name)
1860 try:
Anil Kumar Sanka5db80d02017-06-02 21:10:19 +0000[diff] [blame^]1861 self.add_static_route_via_vcpe_interface([host],vcpe=vcpe_intf)
Anil Kumar Sankaa357c6a2017-04-12 17:52:24 +0000[diff] [blame]1862 st, _ = getstatusoutput('ping -c 1 {}'.format(host))
1863 assert_equal(st, False)
1864 st,output = vsg.run_cmd('sudo docker exec {} iptables -I FORWARD -4 -j DROP'.format(vcpe_name))
1865 st,_ = getstatusoutput('ping -c 1 {}'.format(host))
1866 assert_equal(st, True)
1867 st,output = vsg.run_cmd('sudo docker exec {} iptables -D FORWARD -4 -j DROP'.format(vcpe_name))
1868 st,_ = getstatusoutput('ping -c 1 {}'.format(host))
1869 assert_equal(st, False)
Anil Kumar Sanka5db80d02017-06-02 21:10:19 +0000[diff] [blame^]1870 except Exception as error:
1871 log.info('Got Unexpected error %s'%error)
1872 vsg.run_cmd('sudo docker exec {} iptables -D FORWARD -4 -j DROP'.format(vcpe_name))
1873 raise
Anil Kumar Sankaa357c6a2017-04-12 17:52:24 +0000[diff] [blame]1874 finally:
Anil Kumar Sankaa357c6a2017-04-12 17:52:24 +0000[diff] [blame]1875 self.del_static_route_via_vcpe_interface([host],vcpe=vcpe_intf)
Anil Kumar Sanka5db80d02017-06-02 21:10:19 +0000[diff] [blame^]1876 #vsg.run_cmd('sudo docker restart {}'.format(vcpe_name))
Anil Kumar Sankaa357c6a2017-04-12 17:52:24 +0000[diff] [blame]1877 df.callback(0)
1878 reactor.callLater(0, vcpe_firewall, df)
1879 return df
Anil Kumar Sanka966c1932017-03-31 00:48:31 +0000[diff] [blame]1880
Anil Kumar Sanka5db80d02017-06-02 21:10:19 +0000[diff] [blame^]1881 @deferred(40)
Anil Kumar Sankaa357c6a2017-04-12 17:52:24 +0000[diff] [blame]1882 def test_vsg_firewall_replacing_deny_rule_to_accept_rule_ipv4_traffic(self,vcpe_name=None,vcpe_intf=None):
Anil Kumar Sanka72755c92017-04-06 17:19:02 +0000[diff] [blame]1883 """
Chetan Gaonker72f3c4e2017-05-10 18:16:49 +0000[diff] [blame]1884 Test Method:
Anil Kumar Sanka72755c92017-04-06 17:19:02 +0000[diff] [blame]1885 1. Get vSG corresponding to vcpe
1886 2. Login to compute node
1887 3. Execute iptable command on vcpe from compute node to deny all ipv4 Traffic
1888 4. From cord-tester ping to 8.8.8.8
1889 5. Verifying that ping should not be successful
1890 6. Replace the deny rule added in step 3 with accept rule
1891 7. From cord-tester ping to 8.8.8.8
1892 8. Verifying the ping should success
1893 """
Anil Kumar Sankaa357c6a2017-04-12 17:52:24 +0000[diff] [blame]1894 if not vcpe_name:
Anil Kumar Sanka5db80d02017-06-02 21:10:19 +0000[diff] [blame^]1895 vcpe_name = self.container_vcpes_reserved[0]
Anil Kumar Sankaa357c6a2017-04-12 17:52:24 +0000[diff] [blame]1896 if not vcpe_intf:
Anil Kumar Sanka5db80d02017-06-02 21:10:19 +0000[diff] [blame^]1897 vcpe_intf = self.dhcp_vcpes_reserved[0]
Anil Kumar Sankaa357c6a2017-04-12 17:52:24 +0000[diff] [blame]1898 df = defer.Deferred()
1899 def vcpe_firewall(df):
A R Karthick19771192017-04-25 14:57:05 -0700[diff] [blame]1900 if self.on_pod is False:
A R Karthick93ba8d02017-04-13 11:59:58 -0700[diff] [blame]1901 df.callback(0)
1902 return
Anil Kumar Sankaa357c6a2017-04-12 17:52:24 +0000[diff] [blame]1903 host = '8.8.8.8'
1904 vsg = VSGAccess.get_vcpe_vsg(vcpe_name)
1905 try:
Anil Kumar Sanka5db80d02017-06-02 21:10:19 +0000[diff] [blame^]1906 self.add_static_route_via_vcpe_interface([host],vcpe=vcpe_intf)
Anil Kumar Sankaa357c6a2017-04-12 17:52:24 +0000[diff] [blame]1907 st, _ = getstatusoutput('ping -c 1 {}'.format(host))
1908 assert_equal(st, False)
1909 st,output = vsg.run_cmd('sudo docker exec {} iptables -I FORWARD -4 -j DROP'.format(vcpe_name))
1910 st,_ = getstatusoutput('ping -c 1 {}'.format(host))
1911 assert_equal(st, True)
1912 st,output = vsg.run_cmd('sudo docker exec {} iptables -R FORWARD 1 -4 -j ACCEPT'.format(vcpe_name))
1913 st,_ = getstatusoutput('ping -c 1 {}'.format(host))
1914 assert_equal(st, False)
Anil Kumar Sanka5db80d02017-06-02 21:10:19 +0000[diff] [blame^]1915 except Exception as error:
1916 log.info('Got Unexpected error %s'%error)
1917 raise
Anil Kumar Sankaa357c6a2017-04-12 17:52:24 +0000[diff] [blame]1918 finally:
1919 vsg.run_cmd('sudo docker exec {} iptables -D FORWARD -4 -j DROP'.format(vcpe_name))
1920 self.del_static_route_via_vcpe_interface([host],vcpe=vcpe_intf)
Anil Kumar Sanka5db80d02017-06-02 21:10:19 +0000[diff] [blame^]1921 #vsg.run_cmd('sudo docker restart {}'.format(vcpe_name))
Anil Kumar Sankaa357c6a2017-04-12 17:52:24 +0000[diff] [blame]1922 df.callback(0)
1923 reactor.callLater(0, vcpe_firewall, df)
1924 return df
Anil Kumar Sanka966c1932017-03-31 00:48:31 +0000[diff] [blame]1925
Anil Kumar Sanka5db80d02017-06-02 21:10:19 +0000[diff] [blame^]1926 @deferred(40)
Anil Kumar Sankaa357c6a2017-04-12 17:52:24 +0000[diff] [blame]1927 def test_vsg_firewall_deny_all_traffic_coming_on_lan_interface_in_vcpe(self,vcpe_name=None,vcpe_intf=None):
1928 """
Chetan Gaonker72f3c4e2017-05-10 18:16:49 +0000[diff] [blame]1929 Test Method:
Anil Kumar Sankaa357c6a2017-04-12 17:52:24 +0000[diff] [blame]1930 1. Get vSG corresponding to vcpe
1931 2. Login to compute node
1932 3. Execute iptable command on vcpe from compute node to deny all the traffic coming on lan interface inside vcpe container
1933 4. From cord-tester ping to 8.8.8.8
1934 5. Verifying the ping should not success
1935 6. Delete the iptable rule added
1936 7. From cord-tester ping to 8.8.8.8
1937 8. Verifying the ping should success
1938 """
1939 if not vcpe_name:
Anil Kumar Sanka5db80d02017-06-02 21:10:19 +0000[diff] [blame^]1940 vcpe_name = self.container_vcpes_reserved[0]
Anil Kumar Sankaa357c6a2017-04-12 17:52:24 +0000[diff] [blame]1941 if not vcpe_intf:
Anil Kumar Sanka5db80d02017-06-02 21:10:19 +0000[diff] [blame^]1942 vcpe_intf = self.dhcp_vcpes_reserved[0]
Anil Kumar Sankaa357c6a2017-04-12 17:52:24 +0000[diff] [blame]1943 df = defer.Deferred()
1944 def vcpe_firewall(df):
A R Karthick19771192017-04-25 14:57:05 -0700[diff] [blame]1945 if self.on_pod is False:
A R Karthick93ba8d02017-04-13 11:59:58 -0700[diff] [blame]1946 df.callback(0)
1947 return
Anil Kumar Sankaa357c6a2017-04-12 17:52:24 +0000[diff] [blame]1948 host = '8.8.8.8'
1949 vsg = VSGAccess.get_vcpe_vsg(vcpe_name)
1950 try:
Anil Kumar Sanka5db80d02017-06-02 21:10:19 +0000[diff] [blame^]1951 self.add_static_route_via_vcpe_interface([host],vcpe=vcpe_intf)
Anil Kumar Sankaa357c6a2017-04-12 17:52:24 +0000[diff] [blame]1952 st, _ = getstatusoutput('ping -c 1 {}'.format(host))
1953 assert_equal(st, False)
1954 st,output = vsg.run_cmd('sudo docker exec {} iptables -I FORWARD -i eth1 -j DROP'.format(vcpe_name))
1955 st,_ = getstatusoutput('ping -c 1 {}'.format(host))
1956 assert_equal(st, True)
1957 st,output = vsg.run_cmd('sudo docker exec {} iptables -D FORWARD -i eth1 -j DROP'.format(vcpe_name))
1958 st,_ = getstatusoutput('ping -c 1 {}'.format(host))
1959 assert_equal(st, False)
Anil Kumar Sanka5db80d02017-06-02 21:10:19 +0000[diff] [blame^]1960 except Exception as error:
1961 log.info('Got Unexpected error %s'%error)
1962 vsg.run_cmd('sudo docker exec {} iptables -D FORWARD -i eth1 -j DROP'.format(vcpe_name))
1963 raise
Anil Kumar Sankaa357c6a2017-04-12 17:52:24 +0000[diff] [blame]1964 finally:
Anil Kumar Sankaa357c6a2017-04-12 17:52:24 +0000[diff] [blame]1965 self.del_static_route_via_vcpe_interface([host],vcpe=vcpe_intf)
Anil Kumar Sanka5db80d02017-06-02 21:10:19 +0000[diff] [blame^]1966 #vsg.run_cmd('sudo docker restart {}'.format(vcpe_name))
Anil Kumar Sankaa357c6a2017-04-12 17:52:24 +0000[diff] [blame]1967 df.callback(0)
1968 reactor.callLater(0, vcpe_firewall, df)
1969 return df
1970
Anil Kumar Sanka5db80d02017-06-02 21:10:19 +0000[diff] [blame^]1971 @deferred(40)
Anil Kumar Sankaa357c6a2017-04-12 17:52:24 +0000[diff] [blame]1972 def test_vsg_firewall_deny_all_traffic_going_out_of_wan_interface_in_vcpe(self,vcpe_name=None,vcpe_intf=None):
1973 """
Chetan Gaonker72f3c4e2017-05-10 18:16:49 +0000[diff] [blame]1974 Test Method:
Anil Kumar Sankaa357c6a2017-04-12 17:52:24 +0000[diff] [blame]1975 1. Get vSG corresponding to vcpe
1976 2. Login to compute node
1977 3. Execute iptable command on vcpe from compute node to deny all the traffic going out of wan interface inside vcpe container
1978 4. From cord-tester ping to 8.8.8.8
1979 5. Verifying the ping should not success
1980 6. Delete the iptable rule added
1981 7. From cord-tester ping to 8.8.8.8
1982 8. Verifying the ping should success
1983 """
1984 if not vcpe_name:
Anil Kumar Sanka5db80d02017-06-02 21:10:19 +0000[diff] [blame^]1985 vcpe_name = self.container_vcpes_reserved[0]
Anil Kumar Sankaa357c6a2017-04-12 17:52:24 +0000[diff] [blame]1986 if not vcpe_intf:
Anil Kumar Sanka5db80d02017-06-02 21:10:19 +0000[diff] [blame^]1987 vcpe_intf = self.dhcp_vcpes_reserved[0]
Anil Kumar Sankaa357c6a2017-04-12 17:52:24 +0000[diff] [blame]1988 df = defer.Deferred()
1989 def vcpe_firewall(df):
A R Karthick19771192017-04-25 14:57:05 -0700[diff] [blame]1990 if self.on_pod is False:
A R Karthick93ba8d02017-04-13 11:59:58 -0700[diff] [blame]1991 df.callback(0)
1992 return
Anil Kumar Sankaa357c6a2017-04-12 17:52:24 +0000[diff] [blame]1993 host = '8.8.8.8'
1994 vsg = VSGAccess.get_vcpe_vsg(vcpe_name)
1995 try:
Anil Kumar Sanka5db80d02017-06-02 21:10:19 +0000[diff] [blame^]1996 self.add_static_route_via_vcpe_interface([host],vcpe=vcpe_intf)
Anil Kumar Sankaa357c6a2017-04-12 17:52:24 +0000[diff] [blame]1997 st, _ = getstatusoutput('ping -c 1 {}'.format(host))
1998 assert_equal(st, False)
1999 st,output = vsg.run_cmd('sudo docker exec {} iptables -I FORWARD -o eth0 -j DROP'.format(vcpe_name))
2000 st,_ = getstatusoutput('ping -c 1 {}'.format(host))
2001 assert_equal(st, True)
2002 st,output = vsg.run_cmd('sudo docker exec {} iptables -D FORWARD -o eth0 -j DROP'.format(vcpe_name))
2003 st,_ = getstatusoutput('ping -c 1 {}'.format(host))
2004 assert_equal(st, False)
Anil Kumar Sanka5db80d02017-06-02 21:10:19 +0000[diff] [blame^]2005 except Exception as error:
2006 log.info('Got Unexpected error %s'%error)
2007 vsg.run_cmd('sudo docker exec {} iptables -D FORWARD -o eth0 -j DROP'.format(vcpe_name))
2008 raise
Anil Kumar Sankaa357c6a2017-04-12 17:52:24 +0000[diff] [blame]2009 finally:
Anil Kumar Sankaa357c6a2017-04-12 17:52:24 +0000[diff] [blame]2010 self.del_static_route_via_vcpe_interface([host],vcpe=vcpe_intf)
Anil Kumar Sanka5db80d02017-06-02 21:10:19 +0000[diff] [blame^]2011 #vsg.run_cmd('sudo docker restart {}'.format(vcpe_name))
Anil Kumar Sankaa357c6a2017-04-12 17:52:24 +0000[diff] [blame]2012 df.callback(0)
2013 reactor.callLater(0, vcpe_firewall, df)
2014 return df
2015
Anil Kumar Sanka5db80d02017-06-02 21:10:19 +0000[diff] [blame^]2016 @deferred(40)
Anil Kumar Sankaa357c6a2017-04-12 17:52:24 +0000[diff] [blame]2017 def test_vsg_firewall_deny_all_traffic_from_lan_to_wan_in_vcpe(self,vcpe_name=None,vcpe_intf=None):
Anil Kumar Sanka72755c92017-04-06 17:19:02 +0000[diff] [blame]2018 """
Chetan Gaonker72f3c4e2017-05-10 18:16:49 +0000[diff] [blame]2019 Test Method:
Anil Kumar Sanka72755c92017-04-06 17:19:02 +0000[diff] [blame]2020 1. Get vSG corresponding to vcpe
2021 2. Login to compute node
2022 3. Execute iptable command on vcpe from compute node to deny all the traffic from lan to wan interface in vcpe
2023 4. From cord-tester ping to 8.8.8.8
2024 5. Verifying that ping should not be successful
2025 6. Delete the iptable rule added
2026 7. From cord-tester ping to 8.8.8.8
2027 8. Verifying the ping should success
2028 """
Anil Kumar Sankaa357c6a2017-04-12 17:52:24 +0000[diff] [blame]2029 if not vcpe_name:
Anil Kumar Sanka5db80d02017-06-02 21:10:19 +0000[diff] [blame^]2030 vcpe_name = self.container_vcpes_reserved[0]
Anil Kumar Sankaa357c6a2017-04-12 17:52:24 +0000[diff] [blame]2031 if not vcpe_intf:
Anil Kumar Sanka5db80d02017-06-02 21:10:19 +0000[diff] [blame^]2032 vcpe_intf = self.dhcp_vcpes_reserved[0]
Anil Kumar Sankaa357c6a2017-04-12 17:52:24 +0000[diff] [blame]2033 df = defer.Deferred()
2034 def vcpe_firewall(df):
A R Karthick19771192017-04-25 14:57:05 -0700[diff] [blame]2035 if self.on_pod is False:
A R Karthick93ba8d02017-04-13 11:59:58 -0700[diff] [blame]2036 df.callback(0)
2037 return
Anil Kumar Sankaa357c6a2017-04-12 17:52:24 +0000[diff] [blame]2038 host = '8.8.8.8'
2039 vsg = VSGAccess.get_vcpe_vsg(vcpe_name)
2040 try:
Anil Kumar Sanka5db80d02017-06-02 21:10:19 +0000[diff] [blame^]2041 self.add_static_route_via_vcpe_interface([host],vcpe=vcpe_intf)
Anil Kumar Sankaa357c6a2017-04-12 17:52:24 +0000[diff] [blame]2042 st, _ = getstatusoutput('ping -c 1 {}'.format(host))
2043 assert_equal(st, False)
2044 st,output = vsg.run_cmd('sudo docker exec {} iptables -I FORWARD -i eth1 -o eth0 -j DROP'.format(vcpe_name))
2045 st,_ = getstatusoutput('ping -c 1 {}'.format(host))
2046 assert_equal(st, True)
2047 st,output = vsg.run_cmd('sudo docker exec {} iptables -D FORWARD -i eth1 -o eth0 -j DROP'.format(vcpe_name))
2048 st,_ = getstatusoutput('ping -c 1 {}'.format(host))
2049 assert_equal(st, False)
Anil Kumar Sanka5db80d02017-06-02 21:10:19 +0000[diff] [blame^]2050 except Exception as error:
2051 log.info('Got Unexpected error %s'%error)
2052 vsg.run_cmd('sudo docker exec {} iptables -D FORWARD -i eth1 -o eth0 -j DROP'.format(vcpe_name))
2053 raise
Anil Kumar Sankaa357c6a2017-04-12 17:52:24 +0000[diff] [blame]2054 finally:
Anil Kumar Sankaa357c6a2017-04-12 17:52:24 +0000[diff] [blame]2055 self.del_static_route_via_vcpe_interface([host],vcpe=vcpe_intf)
Anil Kumar Sanka5db80d02017-06-02 21:10:19 +0000[diff] [blame^]2056 #vsg.run_cmd('sudo docker restart {}'.format(vcpe_name))
Anil Kumar Sankaa357c6a2017-04-12 17:52:24 +0000[diff] [blame]2057 df.callback(0)
2058 reactor.callLater(0, vcpe_firewall, df)
2059 return df
Anil Kumar Sanka966c1932017-03-31 00:48:31 +0000[diff] [blame]2060
Anil Kumar Sanka5db80d02017-06-02 21:10:19 +0000[diff] [blame^]2061 @deferred(60)
Anil Kumar Sankaa357c6a2017-04-12 17:52:24 +0000[diff] [blame]2062 def test_vsg_firewall_deny_all_dns_traffic(self,vcpe_name=None,vcpe_intf=None):
2063 """
Chetan Gaonker72f3c4e2017-05-10 18:16:49 +0000[diff] [blame]2064 Test Method:
Anil Kumar Sankaa357c6a2017-04-12 17:52:24 +0000[diff] [blame]2065 1. Get vSG corresponding to vcpe
2066 2. Login to compute node
2067 3. Execute iptable command on vcpe from compute node to deny all dns Traffic
2068 4. From cord-tester ping to www.google.com
2069 5. Verifying the ping should not success
2070 6. Delete the iptable rule added
2071 7. From cord-tester ping to www.google.com
2072 8. Verifying the ping should success
2073 """
Anil Kumar Sanka5db80d02017-06-02 21:10:19 +0000[diff] [blame^]2074 mgmt = 'eth0'
Anil Kumar Sankaa357c6a2017-04-12 17:52:24 +0000[diff] [blame]2075 if not vcpe_name:
Anil Kumar Sanka5db80d02017-06-02 21:10:19 +0000[diff] [blame^]2076 vcpe_name = self.container_vcpes_reserved[0]
Anil Kumar Sankaa357c6a2017-04-12 17:52:24 +0000[diff] [blame]2077 if not vcpe_intf:
Anil Kumar Sanka5db80d02017-06-02 21:10:19 +0000[diff] [blame^]2078 vcpe_intf = self.dhcp_vcpes_reserved[0]
Anil Kumar Sankaa357c6a2017-04-12 17:52:24 +0000[diff] [blame]2079 df = defer.Deferred()
2080 def vcpe_firewall(df):
A R Karthick19771192017-04-25 14:57:05 -0700[diff] [blame]2081 if self.on_pod is False:
A R Karthick93ba8d02017-04-13 11:59:58 -0700[diff] [blame]2082 df.callback(0)
2083 return
Anil Kumar Sanka5db80d02017-06-02 21:10:19 +0000[diff] [blame^]2084 host = 'google-public-dns-a.google.com'
Anil Kumar Sankaa357c6a2017-04-12 17:52:24 +0000[diff] [blame]2085 vsg = VSGAccess.get_vcpe_vsg(vcpe_name)
2086 try:
Anil Kumar Sanka5db80d02017-06-02 21:10:19 +0000[diff] [blame^]2087 st, _ = vsg.run_cmd('sudo docker exec {} iptables -I FORWARD -p udp --dport 53 -j DROP'.format(vcpe_name))
2088 vcpe_ip = VSGAccess.vcpe_get_dhcp(vcpe_intf, mgmt = mgmt)
Anil Kumar Sankaa357c6a2017-04-12 17:52:24 +0000[diff] [blame]2089 st, _ = getstatusoutput('ping -c 1 {}'.format(host))
Anil Kumar Sanka5db80d02017-06-02 21:10:19 +0000[diff] [blame^]2090 assert_not_equal(st, False)
2091 VSGAccess.restore_interface_config(mgmt, vcpe=vcpe_intf)
2092 st,output = vsg.run_cmd('sudo docker exec {} iptables -D FORWARD -p udp --dport 53 -j DROP'.format(vcpe_name))
2093 vcpe_ip = VSGAccess.vcpe_get_dhcp(vcpe_intf, mgmt = mgmt)
Anil Kumar Sankaa357c6a2017-04-12 17:52:24 +0000[diff] [blame]2094 st,_ = getstatusoutput('ping -c 1 {}'.format(host))
2095 assert_equal(st, False)
Anil Kumar Sanka5db80d02017-06-02 21:10:19 +0000[diff] [blame^]2096 VSGAccess.restore_interface_config(mgmt, vcpe=vcpe_intf)
2097 except Exception as error:
2098 log.info('Got Unexpected error %s'%error)
2099 vsg.run_cmd('sudo docker exec {} iptables -D FORWARD -p udp --dport 53 -j DROP'.format(vcpe_name))
2100 VSGAccess.restore_interface_config(mgmt,vcpe=vcpe_intf)
2101 raise
Anil Kumar Sankaa357c6a2017-04-12 17:52:24 +0000[diff] [blame]2102 df.callback(0)
2103 reactor.callLater(0, vcpe_firewall, df)
2104 return df
2105
Anil Kumar Sanka5db80d02017-06-02 21:10:19 +0000[diff] [blame^]2106 @deferred(60)
Anil Kumar Sankaa357c6a2017-04-12 17:52:24 +0000[diff] [blame]2107 def test_vsg_firewall_deny_all_ipv4_traffic_vcpe_container_restart(self,vcpe_name=None,vcpe_intf=None):
Anil Kumar Sanka72755c92017-04-06 17:19:02 +0000[diff] [blame]2108 """
Chetan Gaonker72f3c4e2017-05-10 18:16:49 +0000[diff] [blame]2109 Test Method:
Anil Kumar Sanka72755c92017-04-06 17:19:02 +0000[diff] [blame]2110 1. Get vSG corresponding to vcpe
2111 2. Login to compute node
2112 3. Execute iptable command on vcpe from compute node to deny all dns Traffic
2113 4. From cord-tester ping to www.google.com
2114 5. Verifying that ping should not be successful
2115 6. Delete the iptable rule added
2116 7. From cord-tester ping to www.google.com
2117 8. Verifying the ping should success
2118 """
Anil Kumar Sankaa357c6a2017-04-12 17:52:24 +0000[diff] [blame]2119 if not vcpe_name:
Anil Kumar Sanka5db80d02017-06-02 21:10:19 +0000[diff] [blame^]2120 vcpe_name = self.container_vcpes_reserved[0]
Anil Kumar Sankaa357c6a2017-04-12 17:52:24 +0000[diff] [blame]2121 if not vcpe_intf:
Anil Kumar Sanka5db80d02017-06-02 21:10:19 +0000[diff] [blame^]2122 vcpe_intf = self.dhcp_vcpes_reserved[0]
Anil Kumar Sankaa357c6a2017-04-12 17:52:24 +0000[diff] [blame]2123 df = defer.Deferred()
2124 def vcpe_firewall(df):
A R Karthick19771192017-04-25 14:57:05 -0700[diff] [blame]2125 if self.on_pod is False:
A R Karthick93ba8d02017-04-13 11:59:58 -0700[diff] [blame]2126 df.callback(0)
2127 return
Anil Kumar Sankaa357c6a2017-04-12 17:52:24 +0000[diff] [blame]2128 host = '8.8.8.8'
2129 vsg = VSGAccess.get_vcpe_vsg(vcpe_name)
2130 try:
Anil Kumar Sanka5db80d02017-06-02 21:10:19 +0000[diff] [blame^]2131 self.add_static_route_via_vcpe_interface([host],vcpe=vcpe_intf)
Anil Kumar Sankaa357c6a2017-04-12 17:52:24 +0000[diff] [blame]2132 st, _ = getstatusoutput('ping -c 1 {}'.format(host))
2133 assert_equal(st, False)
2134 st,output = vsg.run_cmd('sudo docker exec {} iptables -I FORWARD -4 -j DROP'.format(vcpe_name))
2135 st,_ = getstatusoutput('ping -c 1 {}'.format(host))
2136 assert_equal(st, True)
2137 st,output = vsg.run_cmd('sudo docker restart {}'.format(vcpe_name))
Anil Kumar Sanka5db80d02017-06-02 21:10:19 +0000[diff] [blame^]2138 clock = 0
2139 status = False
2140 while(clock <= 20 ):
2141 time.sleep(5)
2142 st, _ = getstatusoutput('ping -c 1 {}'.format(host))
2143 if st == False:
2144 status = True
2145 break
2146 clock += 5
2147 assert_equal(status, True)
2148 except Exception as error:
2149 log.info('Got Unexpected error %s'%error)
2150 vsg.run_cmd('sudo docker exec {} iptables -D FORWARD -4 -j DROP'.format(vcpe_name))
2151 raise
Anil Kumar Sankaa357c6a2017-04-12 17:52:24 +0000[diff] [blame]2152 finally:
Anil Kumar Sankaa357c6a2017-04-12 17:52:24 +0000[diff] [blame]2153 self.del_static_route_via_vcpe_interface([host],vcpe=vcpe_intf)
Anil Kumar Sanka5db80d02017-06-02 21:10:19 +0000[diff] [blame^]2154 #vsg.run_cmd('sudo docker restart {}'.format(vcpe_name))
Anil Kumar Sankaa357c6a2017-04-12 17:52:24 +0000[diff] [blame]2155 df.callback(0)
2156 reactor.callLater(0, vcpe_firewall, df)
2157 return df
Anil Kumar Sanka966c1932017-03-31 00:48:31 +0000[diff] [blame]2158
Anil Kumar Sanka5db80d02017-06-02 21:10:19 +0000[diff] [blame^]2159 @deferred(40)
2160 def test_vsg_nat_dnat_modifying_destination_ip(self,vcpe_name=None,vcpe_intf=None):
Anil Kumar Sanka5fa8d8b2017-04-18 22:01:48 +0000[diff] [blame]2161 """
Chetan Gaonker72f3c4e2017-05-10 18:16:49 +0000[diff] [blame]2162 Test Method:
Anil Kumar Sanka5fa8d8b2017-04-18 22:01:48 +0000[diff] [blame]2163 1. Get vSG corresponding to vcpe
2164 2. Login to compute node
2165 3. Execute iptable command on vcpe from compute node to deny all dns Traffic
2166 4. From cord-tester ping to www.google.com
2167 5. Verifying the ping should not success
2168 6. Delete the iptable rule added
2169 7. From cord-tester ping to www.google.com
2170 8. Verifying the ping should success
2171 """
2172 if not vcpe_name:
Anil Kumar Sanka5db80d02017-06-02 21:10:19 +0000[diff] [blame^]2173 vcpe_name = self.container_vcpes_reserved[0]
Anil Kumar Sanka5fa8d8b2017-04-18 22:01:48 +0000[diff] [blame]2174 if not vcpe_intf:
Anil Kumar Sanka5db80d02017-06-02 21:10:19 +0000[diff] [blame^]2175 vcpe_intf = self.dhcp_vcpes_reserved[0]
Anil Kumar Sanka5fa8d8b2017-04-18 22:01:48 +0000[diff] [blame]2176 df = defer.Deferred()
2177 def vcpe_firewall(df):
2178 host = '8.8.8.8'
2179 dst_ip = '123.123.123.123'
2180 vsg = VSGAccess.get_vcpe_vsg(vcpe_name)
2181 try:
Anil Kumar Sanka5db80d02017-06-02 21:10:19 +0000[diff] [blame^]2182 self.add_static_route_via_vcpe_interface([host],vcpe=vcpe_intf)
Anil Kumar Sanka5fa8d8b2017-04-18 22:01:48 +0000[diff] [blame]2183 st, _ = getstatusoutput('ping -c 1 {}'.format(host))
2184 assert_equal(st, False)
2185 st,output = vsg.run_cmd('sudo docker exec {} iptables -t nat -A PREROUTING -s 192.168.0.0/16 -i eth1 -j DNAT --to-destination {}'.format(vcpe_name,dst_ip))
2186 st,_ = getstatusoutput('ping -c 1 {}'.format(host))
2187 assert_equal(st, True)
Anil Kumar Sanka5db80d02017-06-02 21:10:19 +0000[diff] [blame^]2188 except Exception as error:
2189 log.info('Got Unexpected error %s'%error)
2190 raise
Anil Kumar Sanka5fa8d8b2017-04-18 22:01:48 +0000[diff] [blame]2191 finally:
Anil Kumar Sanka5db80d02017-06-02 21:10:19 +0000[diff] [blame^]2192
Anil Kumar Sanka5fa8d8b2017-04-18 22:01:48 +0000[diff] [blame]2193 vsg.run_cmd('sudo docker exec {} iptables -t nat -D PREROUTING -s 192.168.0.0/16 -i eth1 -j DNAT --to-destination {}'.format(vcpe_name,dst_ip))
2194 self.del_static_route_via_vcpe_interface([host],vcpe=vcpe_intf)
Anil Kumar Sanka5db80d02017-06-02 21:10:19 +0000[diff] [blame^]2195 #vsg.run_cmd('sudo docker restart {}'.format(vcpe_name))
Anil Kumar Sanka5fa8d8b2017-04-18 22:01:48 +0000[diff] [blame]2196 df.callback(0)
2197 reactor.callLater(0,vcpe_firewall,df)
2198 return df
2199
Anil Kumar Sanka5db80d02017-06-02 21:10:19 +0000[diff] [blame^]2200 @deferred(40)
2201 def test_vsg_nat_dnat_modifying_destination_ip_and_delete(self,vcpe_name=None,vcpe_intf=None):
Anil Kumar Sanka5fa8d8b2017-04-18 22:01:48 +0000[diff] [blame]2202 """
Chetan Gaonker72f3c4e2017-05-10 18:16:49 +0000[diff] [blame]2203 Test Method:
Anil Kumar Sanka5fa8d8b2017-04-18 22:01:48 +0000[diff] [blame]2204 1. Get vSG corresponding to vcpe
2205 2. Login to compute node
2206 3. Execute iptable command on vcpe from compute node to deny all dns Traffic
2207 4. From cord-tester ping to www.google.com
2208 5. Verifying the ping should not success
2209 6. Delete the iptable rule added
2210 7. From cord-tester ping to www.google.com
2211 8. Verifying the ping should success
2212 """
2213 if not vcpe_name:
Anil Kumar Sanka5db80d02017-06-02 21:10:19 +0000[diff] [blame^]2214 vcpe_name = self.container_vcpes_reserved[0]
Anil Kumar Sanka5fa8d8b2017-04-18 22:01:48 +0000[diff] [blame]2215 if not vcpe_intf:
Anil Kumar Sanka5db80d02017-06-02 21:10:19 +0000[diff] [blame^]2216 vcpe_intf = self.dhcp_vcpes_reserved[0]
Anil Kumar Sanka5fa8d8b2017-04-18 22:01:48 +0000[diff] [blame]2217 df = defer.Deferred()
2218 def vcpe_firewall(df):
2219 host = '8.8.8.8'
2220 dst_ip = '123.123.123.123'
2221 vsg = VSGAccess.get_vcpe_vsg(vcpe_name)
2222 try:
Anil Kumar Sanka5db80d02017-06-02 21:10:19 +0000[diff] [blame^]2223 self.add_static_route_via_vcpe_interface([host],vcpe=vcpe_intf)
Anil Kumar Sanka5fa8d8b2017-04-18 22:01:48 +0000[diff] [blame]2224 st, _ = getstatusoutput('ping -c 1 {}'.format(host))
2225 assert_equal(st, False)
Anil Kumar Sanka5db80d02017-06-02 21:10:19 +0000[diff] [blame^]2226 st, _ = vsg.run_cmd('sudo docker exec {} iptables -t nat -A PREROUTING -s 192.168.0.0/16 -i eth1 -j DNAT --to-destination {}'.format(vcpe_name,dst_ip))
Anil Kumar Sanka5fa8d8b2017-04-18 22:01:48 +0000[diff] [blame]2227 st,_ = getstatusoutput('ping -c 1 {}'.format(host))
2228 assert_equal(st, True)
Anil Kumar Sanka5db80d02017-06-02 21:10:19 +0000[diff] [blame^]2229 st, _ = vsg.run_cmd('sudo docker exec {} iptables -t nat -D PREROUTING -s 192.168.0.0/16 -i eth1 -j DNAT --to-destination {}'.format(vcpe_name,dst_ip))
Anil Kumar Sanka5fa8d8b2017-04-18 22:01:48 +0000[diff] [blame]2230 st, _ = getstatusoutput('ping -c 1 {}'.format(host))
2231 assert_equal(st, False)
Anil Kumar Sanka5db80d02017-06-02 21:10:19 +0000[diff] [blame^]2232 except Exception as error:
2233 log.info('Got Unexpected error %s'%error)
2234 vsg.run_cmd('sudo docker exec {} iptables -t nat -D PREROUTING -s 192.168.0.0/16 -i eth1 -j DNAT --to-destination {}'.format(vcpe_name,dst_ip))
2235 raise
Anil Kumar Sanka5fa8d8b2017-04-18 22:01:48 +0000[diff] [blame]2236 finally:
Anil Kumar Sanka5fa8d8b2017-04-18 22:01:48 +0000[diff] [blame]2237 self.del_static_route_via_vcpe_interface([host],vcpe=vcpe_intf)
Anil Kumar Sanka5db80d02017-06-02 21:10:19 +0000[diff] [blame^]2238 #vsg.run_cmd('sudo docker restart {}'.format(vcpe_name))
Anil Kumar Sanka5fa8d8b2017-04-18 22:01:48 +0000[diff] [blame]2239 df.callback(0)
2240 reactor.callLater(0,vcpe_firewall,df)
2241 return df
2242
Anil Kumar Sanka5db80d02017-06-02 21:10:19 +0000[diff] [blame^]2243 @deferred(50)
2244 def test_vsg_nat_dnat_change_modifying_destination_ip_address(self,vcpe_name=None,vcpe_intf=None):
Anil Kumar Sanka5fa8d8b2017-04-18 22:01:48 +0000[diff] [blame]2245 """
Chetan Gaonker72f3c4e2017-05-10 18:16:49 +0000[diff] [blame]2246 Test Method:
Anil Kumar Sanka5fa8d8b2017-04-18 22:01:48 +0000[diff] [blame]2247 1. Get vSG corresponding to vcpe
2248 2. Login to compute node
2249 3. Execute iptable command on vcpe from compute node to deny all dns Traffic
2250 4. From cord-tester ping to www.google.com
2251 5. Verifying the ping should not success
2252 6. Delete the iptable rule added
2253 7. From cord-tester ping to www.google.com
2254 8. Verifying the ping should success
2255 """
2256 if not vcpe_name:
Anil Kumar Sanka5db80d02017-06-02 21:10:19 +0000[diff] [blame^]2257 vcpe_name = self.container_vcpes_reserved[0]
Anil Kumar Sanka5fa8d8b2017-04-18 22:01:48 +0000[diff] [blame]2258 if not vcpe_intf:
Anil Kumar Sanka5db80d02017-06-02 21:10:19 +0000[diff] [blame^]2259 vcpe_intf = self.dhcp_vcpes_reserved[0]
Anil Kumar Sanka5fa8d8b2017-04-18 22:01:48 +0000[diff] [blame]2260 df = defer.Deferred()
2261 def vcpe_firewall(df):
2262 host = '8.8.8.8'
2263 dst_ip = '123.123.123.123'
2264 vsg = VSGAccess.get_vcpe_vsg(vcpe_name)
2265 try:
Anil Kumar Sanka5db80d02017-06-02 21:10:19 +0000[diff] [blame^]2266 self.add_static_route_via_vcpe_interface([host],vcpe=vcpe_intf)
Anil Kumar Sanka5fa8d8b2017-04-18 22:01:48 +0000[diff] [blame]2267 st, _ = getstatusoutput('ping -c 1 {}'.format(host))
2268 assert_equal(st, False)
2269 st,output = vsg.run_cmd('sudo docker exec {} iptables -t nat -A PREROUTING -s 192.168.0.0/16 -i eth1 -j DNAT --to-destination {}'.format(vcpe_name,dst_ip))
2270 st,_ = getstatusoutput('ping -c 1 {}'.format(host))
2271 assert_equal(st, True)
2272 st,output = vsg.run_cmd('sudo docker exec {} iptables -t nat -R PREROUTING 1 -s 192.168.0.0/16 -i eth1 -j DNAT --to-destination {}'.format(vcpe_name,host))
2273 st, _ = getstatusoutput('ping -c 1 {}'.format(host))
2274 assert_equal(st, False)
Anil Kumar Sanka5db80d02017-06-02 21:10:19 +0000[diff] [blame^]2275 except Exception as error:
2276 log.info('Got Unexpected error %s'%error)
2277 raise
Anil Kumar Sanka5fa8d8b2017-04-18 22:01:48 +0000[diff] [blame]2278 finally:
2279 vsg.run_cmd('sudo docker exec {} iptables -t nat -D PREROUTING -s 192.168.0.0/16 -i eth1 -j DNAT --to-destination {}'.format(vcpe_name,dst_ip))
2280 vsg.run_cmd('sudo docker exec {} iptables -t nat -D PREROUTING -s 192.168.0.0/16 -i eth1 -j DNAT --to-destination {}'.format(vcpe_name,host))
2281 self.del_static_route_via_vcpe_interface([host],vcpe=vcpe_intf)
Anil Kumar Sanka5db80d02017-06-02 21:10:19 +0000[diff] [blame^]2282 #vsg.run_cmd('sudo docker restart {}'.format(vcpe_name))
Anil Kumar Sanka5fa8d8b2017-04-18 22:01:48 +0000[diff] [blame]2283 df.callback(0)
2284 reactor.callLater(0,vcpe_firewall,df)
2285 return df
2286
A.R Karthicka3fa2f92017-05-18 18:51:36 -0700[diff] [blame]2287 def vsg_xos_subscriber_create(self, index, subscriber_info = None, volt_subscriber_info = None):
A R Karthick19771192017-04-25 14:57:05 -0700[diff] [blame]2288 if self.on_pod is False:
A.R Karthicka3fa2f92017-05-18 18:51:36 -0700[diff] [blame]2289 return ''
2290 if subscriber_info is None:
2291 subscriber_info = self.subscriber_info[index]
2292 if volt_subscriber_info is None:
2293 volt_subscriber_info = self.volt_subscriber_info[index]
A R Karthickd0b06792017-04-25 15:11:23 -0700[diff] [blame]2294 s_tag = int(volt_subscriber_info['voltTenant']['s_tag'])
2295 c_tag = int(volt_subscriber_info['voltTenant']['c_tag'])
2296 vcpe = 'vcpe-{}-{}'.format(s_tag, c_tag)
2297 log.info('Creating tenant with s_tag: %d, c_tag: %d' %(s_tag, c_tag))
A R Karthick97e08852017-04-26 10:06:38 -0700[diff] [blame]2298 subId = ''
2299 try:
2300 result = self.restApiXos.ApiPost('TENANT_SUBSCRIBER', subscriber_info)
2301 assert_equal(result, True)
2302 result = self.restApiXos.ApiGet('TENANT_SUBSCRIBER')
2303 assert_not_equal(result, None)
2304 subId = self.restApiXos.getSubscriberId(result, volt_subscriber_info['account_num'])
2305 assert_not_equal(subId, '0')
A.R Karthicka3fa2f92017-05-18 18:51:36 -0700[diff] [blame]2306 log.info('Subscriber ID for account num %s = %s' %(str(volt_subscriber_info['account_num']), subId))
A R Karthick97e08852017-04-26 10:06:38 -0700[diff] [blame]2307 volt_tenant = volt_subscriber_info['voltTenant']
2308 #update the subscriber id in the tenant info before making the rest
2309 volt_tenant['subscriber'] = subId
2310 result = self.restApiXos.ApiPost('TENANT_VOLT', volt_tenant)
2311 assert_equal(result, True)
2312 #if the vsg instance was already instantiated, then reduce delay
2313 if c_tag % self.subscribers_per_s_tag == 0:
2314 delay = 350
2315 else:
2316 delay = 90
2317 log.info('Delaying %d seconds for the VCPE to be provisioned' %(delay))
2318 time.sleep(delay)
2319 log.info('Testing for external connectivity to VCPE %s' %(vcpe))
2320 self.vsg_for_external_connectivity(index)
2321 finally:
A R Karthick5d30b3c2017-04-27 10:25:40 -0700[diff] [blame]2322 return subId
A R Karthick97e08852017-04-26 10:06:38 -0700[diff] [blame]2323
A.R Karthicka3fa2f92017-05-18 18:51:36 -0700[diff] [blame]2324 def vsg_xos_subscriber_delete(self, index, subId = '', voltId = '', subscriber_info = None, volt_subscriber_info = None):
A R Karthick97e08852017-04-26 10:06:38 -0700[diff] [blame]2325 if self.on_pod is False:
2326 return
A.R Karthicka3fa2f92017-05-18 18:51:36 -0700[diff] [blame]2327 if subscriber_info is None:
2328 subscriber_info = self.subscriber_info[index]
2329 if volt_subscriber_info is None:
2330 volt_subscriber_info = self.volt_subscriber_info[index]
A R Karthick97e08852017-04-26 10:06:38 -0700[diff] [blame]2331 s_tag = int(volt_subscriber_info['voltTenant']['s_tag'])
2332 c_tag = int(volt_subscriber_info['voltTenant']['c_tag'])
2333 vcpe = 'vcpe-{}-{}'.format(s_tag, c_tag)
2334 log.info('Deleting tenant with s_tag: %d, c_tag: %d' %(s_tag, c_tag))
2335 if not subId:
2336 #get the subscriber id first
2337 result = self.restApiXos.ApiGet('TENANT_SUBSCRIBER')
2338 assert_not_equal(result, None)
2339 subId = self.restApiXos.getSubscriberId(result, volt_subscriber_info['account_num'])
2340 assert_not_equal(subId, '0')
A.R Karthicka3fa2f92017-05-18 18:51:36 -0700[diff] [blame]2341 if not voltId:
2342 #get the volt id for the subscriber
2343 result = self.restApiXos.ApiGet('TENANT_VOLT')
2344 assert_not_equal(result, None)
2345 voltId = self.getVoltId(result, subId)
2346 assert_not_equal(voltId, None)
2347 log.info('Deleting subscriber ID %s for account num %s' %(subId, str(volt_subscriber_info['account_num'])))
A R Karthicka385cea2017-04-26 10:12:43 -0700[diff] [blame]2348 status = self.restApiXos.ApiDelete('TENANT_SUBSCRIBER', subId)
2349 assert_equal(status, True)
A R Karthick97e08852017-04-26 10:06:38 -0700[diff] [blame]2350 #Delete the tenant
2351 log.info('Deleting VOLT Tenant ID %s for subscriber %s' %(voltId, subId))
A R Karthick76944872017-04-26 10:21:37 -0700[diff] [blame]2352 self.restApiXos.ApiDelete('TENANT_VOLT', voltId)
A R Karthick035d2e22017-04-25 13:53:00 -0700[diff] [blame]2353
A R Karthicke29c8d42017-04-27 11:38:52 -0700[diff] [blame]2354 def vsg_xos_subscriber_id(self, index):
Anil Kumar Sanka5db80d02017-06-02 21:10:19 +0000[diff] [blame^]2355 log.info('index and its type are %s, %s'%(index, type(index)))
A R Karthicke29c8d42017-04-27 11:38:52 -0700[diff] [blame]2356 volt_subscriber_info = self.volt_subscriber_info[index]
2357 result = self.restApiXos.ApiGet('TENANT_SUBSCRIBER')
2358 assert_not_equal(result, None)
2359 subId = self.restApiXos.getSubscriberId(result, volt_subscriber_info['account_num'])
2360 return subId
2361
A.R Karthicka3fa2f92017-05-18 18:51:36 -0700[diff] [blame]2362 def test_vsg_xos_subscriber_create_reserved(self):
A.R Karthicka2960912017-05-18 18:52:55 -0700[diff] [blame]2363 if self.on_pod is False:
2364 return
A.R Karthicka3fa2f92017-05-18 18:51:36 -0700[diff] [blame]2365 tags_reserved = [ (int(vcpe['s_tag']), int(vcpe['c_tag'])) for vcpe in self.vcpes_reserved ]
2366 volt_tenants = self.restApiXos.ApiGet('TENANT_VOLT')
2367 subscribers = self.restApiXos.ApiGet('TENANT_SUBSCRIBER')
2368 reserved_tenants = filter(lambda tenant: (int(tenant['s_tag']), int(tenant['c_tag'])) in tags_reserved, volt_tenants)
2369 reserved_config = []
2370 for tenant in reserved_tenants:
2371 for subscriber in subscribers:
2372 if int(subscriber['id']) == int(tenant['subscriber']):
2373 volt_subscriber_info = {}
2374 volt_subscriber_info['voltTenant'] = dict(s_tag = tenant['s_tag'],
2375 c_tag = tenant['c_tag'],
2376 subscriber = tenant['subscriber'])
2377 volt_subscriber_info['volt_id'] = tenant['id']
2378 volt_subscriber_info['account_num'] = subscriber['identity']['account_num']
2379 reserved_config.append( (subscriber, volt_subscriber_info) )
2380 break
2381 else:
2382 log.info('Subscriber not found for tenant %s, s_tag: %s, c_tag: %s' %(str(tenant['subscriber']),
2383 str(tenant['s_tag']),
2384 str(tenant['c_tag'])))
2385
2386 for subscriber_info, volt_subscriber_info in reserved_config:
2387 self.vsg_xos_subscriber_delete(0,
2388 subId = str(subscriber_info['id']),
2389 voltId = str(volt_subscriber_info['volt_id']),
2390 subscriber_info = subscriber_info,
2391 volt_subscriber_info = volt_subscriber_info)
2392 subId = self.vsg_xos_subscriber_create(0,
2393 subscriber_info = subscriber_info,
2394 volt_subscriber_info = volt_subscriber_info)
2395 log.info('Created reserved subscriber %s' %(subId))
2396
A R Karthicke29c8d42017-04-27 11:38:52 -0700[diff] [blame]2397 def test_vsg_xos_subscriber_create_all(self):
2398 for index in xrange(len(self.subscriber_info)):
2399 #check if the index exists
2400 subId = self.vsg_xos_subscriber_id(index)
2401 if subId and subId != '0':
2402 self.vsg_xos_subscriber_delete(index, subId = subId)
2403 subId = self.vsg_xos_subscriber_create(index)
2404 log.info('Created Subscriber %s' %(subId))
2405
2406 def test_vsg_xos_subscriber_delete_all(self):
2407 for index in xrange(len(self.subscriber_info)):
2408 subId = self.vsg_xos_subscriber_id(index)
2409 if subId and subId != '0':
2410 self.vsg_xos_subscriber_delete(index, subId = subId)
2411
2412 def test_vsg_xos_subscriber_create_and_delete(self):
A R Karthick5d30b3c2017-04-27 10:25:40 -0700[diff] [blame]2413 subId = self.vsg_xos_subscriber_create(0)
2414 if subId and subId != '0':
2415 self.vsg_xos_subscriber_delete(0, subId)
A R Karthick035d2e22017-04-25 13:53:00 -0700[diff] [blame]2416
Anil Kumar Sanka5db80d02017-06-02 21:10:19 +0000[diff] [blame^]2417
A R Karthicke29c8d42017-04-27 11:38:52 -0700[diff] [blame]2418 def test_vsg_xos_subscriber_2_create_and_delete(self):
A R Karthick5d30b3c2017-04-27 10:25:40 -0700[diff] [blame]2419 subId = self.vsg_xos_subscriber_create(1)
2420 if subId and subId != '0':
2421 self.vsg_xos_subscriber_delete(1, subId)
A R Karthick035d2e22017-04-25 13:53:00 -0700[diff] [blame]2422
A R Karthicke29c8d42017-04-27 11:38:52 -0700[diff] [blame]2423 def test_vsg_xos_subscriber_3_create_and_delete(self):
A R Karthick5d30b3c2017-04-27 10:25:40 -0700[diff] [blame]2424 subId = self.vsg_xos_subscriber_create(2)
2425 if subId and subId != '0':
2426 self.vsg_xos_subscriber_delete(2, subId)
A R Karthick035d2e22017-04-25 13:53:00 -0700[diff] [blame]2427
A R Karthicke29c8d42017-04-27 11:38:52 -0700[diff] [blame]2428 def test_vsg_xos_subscriber_4_create_and_delete(self):
A R Karthick5d30b3c2017-04-27 10:25:40 -0700[diff] [blame]2429 subId = self.vsg_xos_subscriber_create(3)
2430 if subId and subId != '0':
2431 self.vsg_xos_subscriber_delete(3, subId)
A R Karthick035d2e22017-04-25 13:53:00 -0700[diff] [blame]2432
A R Karthicke29c8d42017-04-27 11:38:52 -0700[diff] [blame]2433 def test_vsg_xos_subscriber_5_create_and_delete(self):
A R Karthick5d30b3c2017-04-27 10:25:40 -0700[diff] [blame]2434 subId = self.vsg_xos_subscriber_create(4)
2435 if subId and subId != '0':
2436 self.vsg_xos_subscriber_delete(4, subId)
A.R Karthick282f0d32017-03-28 16:43:59 -0700[diff] [blame]2437
Anil Kumar Sanka5db80d02017-06-02 21:10:19 +0000[diff] [blame^]2438 @deferred(400)
2439 def test_vsg_xos_subscriber_external_connectivity_through_vcpe_instance(self, index=0):
2440 df = defer.Deferred()
2441 status = False
2442 def test_xos_subscriber(df):
2443 subId = self.vsg_xos_subscriber_id(index)
2444 if subId == '0':
2445 log.info('Creating vcpe instance ')
2446 subId = self.vsg_xos_subscriber_create(index)
2447 assert_not_equal(subId,'0')
Anil Kumar Sanka52a39f82017-05-10 17:39:31 +0000[diff] [blame]2448 vcpe = self.dhcp_vcpes[index]
2449 host = '8.8.8.8'
Anil Kumar Sanka5db80d02017-06-02 21:10:19 +0000[diff] [blame^]2450 self.add_static_route_via_vcpe_interface([host],vcpe=vcpe)
2451 st,_ = getstatusoutput('ping -c 1 {}'.format(host))
2452 assert_equal(st, False)
2453 self.del_static_route_via_vcpe_interface([host],vcpe=vcpe)
2454 df.callback(0)
2455 reactor.callLater(0,test_xos_subscriber,df)
2456 return df
Anil Kumar Sanka52a39f82017-05-10 17:39:31 +0000[diff] [blame]2457
Anil Kumar Sanka5db80d02017-06-02 21:10:19 +0000[diff] [blame^]2458 #pass
2459 @deferred(50)
2460 def test_vsg_xos_subscriber_external_connectivity_without_creating_vcpe_instance(self, index=0):
2461 df = defer.Deferred()
2462 def test_xos_subscriber(df):
2463 subId = self.vsg_xos_subscriber_id(index)
2464 if subId != '0':
2465 log.info('deleting already existing vcpe instance ')
2466 self.vsg_xos_subscriber_delete(index, subId)
2467 vcpe = self.dhcp_vcpes[index]
2468 host = '8.8.8.8'
2469 self.add_static_route_via_vcpe_interface([host],vcpe=vcpe)
2470 st, out = getstatusoutput('route -n')
2471 log.info('route -n outpu-1-1-1--1-1-1-1-1-1-1 is %s'%out)
2472 st,_ = getstatusoutput('ping -c 1 {}'.format(host))
2473 self.del_static_route_via_vcpe_interface([host],vcpe=vcpe)
2474 assert_equal(st, True)
2475 df.callback(0)
2476 reactor.callLater(0,test_xos_subscriber,df)
2477 return df
Anil Kumar Sanka52a39f82017-05-10 17:39:31 +0000[diff] [blame]2478
Anil Kumar Sanka5db80d02017-06-02 21:10:19 +0000[diff] [blame^]2479 @deferred(400)
2480 def test_vsg_xos_subscriber_external_connectivity_after_remove_vcpe_instance_from_xos(self,index=0,host = '8.8.8.8'):
2481 df = defer.Deferred()
2482 def test_xos_subscriber(df):
2483 subId = self.vsg_xos_subscriber_id(index)
2484 if subId == '0':
2485 subId = self.vsg_xos_subscriber_create(index)
2486 assert_not_equal(subId,'0')
2487 vcpe = self.dhcp_vcpes[index]
2488 if subId and subId != '0':
2489 self.add_static_route_via_vcpe_interface([host],vcpe=vcpe)
2490 st,_ = getstatusoutput('ping -c 1 {}'.format(host))
2491 assert_equal(st, False)
2492 self.vsg_xos_subscriber_delete(index, subId)
2493 time.sleep(2)
2494 st,_ = getstatusoutput('ping -c 1 {}'.format(host))
2495 assert_equal(st, True)
2496 self.del_static_route_via_vcpe_interface([host],vcpe=vcpe)
2497 df.callback(0)
2498 reactor.callLater(0,test_xos_subscriber,df)
2499 return df
2500
2501 @deferred(400)
2502 def test_vsg_xos_subscriber_external_connectivity_after_restart_vcpe_instance(self,index=0,host = '8.8.8.8'):
2503 df = defer.Deferred()
2504 def test_xos_subscriber(df):
2505 subId = self.vsg_xos_subscriber_id(index)
2506 if subId == '0':
2507 subId = self.vsg_xos_subscriber_create(index)
2508 assert_not_equal(subId,'0')
2509 vcpe_intf = self.dhcp_vcpes[index]
2510 self.add_static_route_via_vcpe_interface([host],vcpe=vcpe_intf)
2511 st,_ = getstatusoutput('ping -c 1 {}'.format(host))
2512 assert_equal(st, False)
2513 vcpe_name = 'vcpe-{}-{}'.format(vcpe_intf.split('.')[1],vcpe_intf.split('.')[2])
2514 vsg = VSGAccess.get_vcpe_vsg(vcpe_name)
2515 st, _ = vsg.run_cmd('sudo docker restart {}'.format(vcpe_name))
2516 assert_equal(st, True)
2517 time.sleep(5)
2518 self.add_static_route_via_vcpe_interface([host],vcpe=vcpe_intf)
2519 st,_ = getstatusoutput('ping -c 1 {}'.format(host))
2520 assert_equal(st, False)
2521 df.callback(0)
2522 reactor.callLater(0,test_xos_subscriber,df)
2523 return df
2524
2525 @deferred(400)
2526 def test_vsg_xos_subscriber_external_connectivity_after_stop_and_start_vcpe_instance(self,index=0,host = '8.8.8.8'):
2527 df = defer.Deferred()
2528 def test_xos_subscriber(df):
2529 subId = self.vsg_xos_subscriber_id(index)
2530 if subId == '0':
2531 subId = self.vsg_xos_subscriber_create(index)
2532 assert_not_equal(subId,'0')
2533 vcpe_intf = self.dhcp_vcpes[index]
2534 self.add_static_route_via_vcpe_interface([host],vcpe=vcpe_intf)
2535 st,_ = getstatusoutput('ping -c 1 {}'.format(host))
2536 assert_equal(st, False)
2537 vcpe_name = 'vcpe-{}-{}'.format(vcpe_intf.split('.')[1],vcpe_intf.split('.')[2])
2538 vsg = VSGAccess.get_vcpe_vsg(vcpe_name)
2539 st, _ = vsg.run_cmd('sudo docker stop {}'.format(vcpe_name))
2540 assert_equal(st, True)
2541 time.sleep(3)
2542 st,_ = getstatusoutput('ping -c 1 {}'.format(host))
2543 assert_equal(st, True)
2544 st, _ = vsg.run_cmd('sudo docker start {}'.format(vcpe_name))
2545 assert_equal(st, True)
2546 time.sleep(5)
2547 st,_ = getstatusoutput('ping -c 1 {}'.format(host))
2548 assert_equal(st, False)
2549 df.callback(0)
2550 reactor.callLater(0,test_xos_subscriber,df)
2551 return df
2552
2553 #getting list out of range error while creating vcpe of index 6
2554 def test_vsg_create_xos_subscribers_in_different_vsg_vm(self,index1=4,index2=6):
2555 indexes = list(index1,index2)
2556 subids = []
2557 for index in indexes:
2558 subId = self.vsg_xos_subscriber_id(index)
2559 if not subId:
2560 subId = self.vsg_xos_subscriber_create(index)
2561 assert_not_equal(subId,'0')
2562 subids.append(subId)
2563 log.info('succesfully created two vcpe instances in two different vSG VMs')
2564 self.vsg_xos_subscriber_delete(index1, subid[0])
2565 self.vsg_xos_subscriber_delete(index2, subid[1])
2566
2567 #Unable to reach external network via vcpes created by XOS
2568 @deferred(TIMEOUT+400)
2569 def test_vsg_xos_multiple_subscribers_external_connectivity_if_one_vcpe_goes_down(self):
Anil Kumar Sanka5bb352a2017-05-16 22:24:01 +0000[diff] [blame]2570 """
2571 Test Method:
2572 1.Create two vcpe instances in two different vsg vms using XOS
2573 2.Verify external connectivity through vcpe instances from cord-tester
2574 3.Kill first vcpe instance
2575 4.Verify external network cant be reachable form first vcpe interface
2576 """
Anil Kumar Sanka5db80d02017-06-02 21:10:19 +0000[diff] [blame^]2577 df = defer.Deferred()
2578 def test_xos_subscriber(df):
2579 host1 = '8.8.8.8'
2580 host2 = '4.2.2.2'
2581 vcpe_intf1 = self.dhcp_vcpes[0]
2582 vcpe_intf2 = self.dhcp_vcpes[1]
2583 vcpe_name1 = 'vcpe-{}-{}'.format(vcpe_intf1.split('.')[1],vcpe_intf1.split('.')[2])
2584 vcpe_name2 = 'vcpe-{}-{}'.format(vcpe_intf2.split('.')[1],vcpe_intf2.split('.')[2])
2585 subId1 = self.vsg_xos_subscriber_id(0)
2586 log.info('already existing subid of index 0 is %s'%subId1)
2587 if subId1 == '0':
2588 log.info('creating vcpe instance of index 0')
2589 subId1 = self.vsg_xos_subscriber_create(0)
2590 assert_not_equal(subId1,'0')
2591 subId2 = self.vsg_xos_subscriber_id(1)
2592 log.info('already existing subid of index 1 is %s'%subId2)
2593 if subId2 == '0':
2594 log.info('creating vcpe instance of index 1')
2595 subId2 = self.vsg_xos_subscriber_create(1)
2596 assert_not_equal(subId2,'0')
2597 vsg1 = VSGAccess.get_vcpe_vsg(vcpe_name1)
2598 vsg2 = VSGAccess.get_vcpe_vsg(vcpe_name2)
2599 try:
2600 for intf in [vcpe_intf1,vcpe_intf2]:
2601 host = host1 if intf is vcpe_intf1 else host2
2602 self.add_static_route_via_vcpe_interface([host],vcpe=intf)
2603 st,_ = getstatusoutput('ping -c 1 {}'.format(host))
2604 assert_equal(st, False)
2605 if intf is vcpe_intf2:
2606 self.vsg_xos_subscriber_delete(1, subId2)
2607 st, _ = vsg2.run_cmd('sudo docker kill {}'.format(vcpe_name2))
2608 time.sleep(2)
2609 self.add_static_route_via_vcpe_interface([host],vcpe=intf)
2610 st,_ = getstatusoutput('ping -c 1 {}'.format(host1))
2611 assert_equal(st, False)
2612 st,_ = getstatusoutput('ping -c 1 {}'.format(host2))
2613 assert_equal(st, True)
2614 except Exception as error:
2615 log.info('Got Unexpected error %s'%error)
2616 raise
2617 finally:
2618 self.vsg_xos_subscriber_delete(0, subId1)
2619 self.vsg_xos_subscriber_delete(1, subId2)
2620 self.del_static_route_via_vcpe_interface([host1],vcpe=vcpe_intf1)
2621 self.del_static_route_via_vcpe_interface([host2],vcpe=vcpe_intf2)
2622 df.callback(0)
2623 reactor.callLater(0,test_xos_subscriber,df)
2624 return df
Anil Kumar Sanka5bb352a2017-05-16 22:24:01 +0000[diff] [blame]2625
Anil Kumar Sanka5db80d02017-06-02 21:10:19 +0000[diff] [blame^]2626 @deferred(TIMEOUT+400)
2627 def test_vsg_xos_subscriber_external_connectivity_after_vcpe_remove_and_add_again(self,index=0):
Anil Kumar Sanka5bb352a2017-05-16 22:24:01 +0000[diff] [blame]2628 """
2629 Test Method:
2630 1.Create two vcpe instances in two different vsg vms using XOS
2631 2.Verify external connectivity through vcpe instances from cord-tester
2632 3.Remove first vcpe instance
2633 4.Verify external network cant be reachable form first vcpe interface
2634 5.Add back the removed vcpe instance
2635 6.Verify external connectivity through vcpe instances from cord-tester
2636 """
Anil Kumar Sanka5db80d02017-06-02 21:10:19 +0000[diff] [blame^]2637 df = defer.Deferred()
2638 def test_xos_subscriber(df,index=index):
2639 host = '8.8.8.8'
2640 subId = self.vsg_xos_subscriber_id(index)
2641 log.info('already existing subid of index 0 is %s'%subId)
2642 if subId == '0':
2643 log.info('creating vcpe instance of index %s'%index)
2644 subId = self.vsg_xos_subscriber_create(index)
2645 assert_not_equal(subId,'0')
2646 vcpe_intf = self.dhcp_vcpes[0]
2647 vcpe_name = 'vcpe-{}-{}'.format(vcpe_intf.split('.')[1],vcpe_intf.split('.')[2])
2648 vsg = VSGAccess.get_vcpe_vsg(vcpe_name)
2649 try:
2650 self.add_static_route_via_vcpe_interface([host],vcpe=vcpe_intf)
2651 st,_ = getstatusoutput('ping -c 1 {}'.format(host))
2652 assert_equal(st, False)
2653 log.info('Deleting vcpe Instance of index %s'%index)
2654 self.vsg_xos_subscriber_delete(0, subId)
2655 st, _ = vsg.run_cmd('sudo docker kill {}'.format(vcpe_name))
2656 time.sleep(1)
2657 self.add_static_route_via_vcpe_interface([host],vcpe=vcpe_intf)
2658 st,_ = getstatusoutput('ping -c 1 {}'.format(host))
2659 assert_equal(st, True)
2660 subId = self.vsg_xos_subscriber_create(index)
2661 self.add_static_route_via_vcpe_interface([host],vcpe=vcpe_intf)
2662 st,_ = getstatusoutput('ping -c 1 {}'.format(host))
2663 assert_equal(st, False)
2664 except Exception as error:
2665 log.info('Got Unexpected error %s'%error)
2666 raise
2667 finally:
2668 self.del_static_route_via_vcpe_interface([host],vcpe=vcpe_intf)
2669 self.vsg_xos_subscriber_delete(0, subId)
2670 df.callback(0)
2671 reactor.callLater(0,test_xos_subscriber,df)
2672 return df
Anil Kumar Sanka5bb352a2017-05-16 22:24:01 +0000[diff] [blame]2673
Anil Kumar Sanka5db80d02017-06-02 21:10:19 +0000[diff] [blame^]2674 @deferred(TIMEOUT+400)
2675 def test_vsg_xos_multiple_subscribers_external_connectivity_if_one_vcpe_restarts(self):
Anil Kumar Sanka5bb352a2017-05-16 22:24:01 +0000[diff] [blame]2676 """
2677 Test Method:
2678 1.Create two vcpe instances in two different vsg vms using XOS
2679 2.Verify external connectivity through vcpe instances from cord-tester
2680 3.Restart first vcpe instance
2681 4.Verify external network cant be reachable form first vcpe interface
2682 """
Anil Kumar Sanka5db80d02017-06-02 21:10:19 +0000[diff] [blame^]2683 df = defer.Deferred()
2684 def test_xos_subscriber(df):
2685 host1 = '8.8.8.8'
2686 host2 = '4.2.2.2'
2687 subId1 = self.vsg_xos_subscriber_id(0)
2688 log.info('already existing subid of index 0 is %s'%subId1)
2689 if subId1 == '0':
2690 log.info('creating vcpe instance of index 0')
2691 subId1 = self.vsg_xos_subscriber_create(0)
2692 assert_not_equal(subId1,'0')
2693 subId2 = self.vsg_xos_subscriber_id(1)
2694 log.info('already existing subid of index 1 is %s'%subId2)
2695 if subId2 == '0':
2696 log.info('creating vcpe instance of index 1')
2697 subId2 = self.vsg_xos_subscriber_create(1)
2698 vcpe_intf1 = self.dhcp_vcpes[0]
2699 vcpe_intf2 = self.dhcp_vcpes[1]
2700 vcpe_name1 = 'vcpe-{}-{}'.format(vcpe_intf1.split('.')[1],vcpe_intf1.split('.')[2])
2701 vcpe_name2 = 'vcpe-{}-{}'.format(vcpe_intf2.split('.')[1],vcpe_intf2.split('.')[2])
2702 vsg1 = VSGAccess.get_vcpe_vsg(vcpe_name1)
2703 vsg2 = VSGAccess.get_vcpe_vsg(vcpe_name2)
2704 try:
2705 #checking external connectivity from vcpe interface 1 before vcpe 2 restart
2706 self.add_static_route_via_vcpe_interface([host1],vcpe=vcpe_intf1)
2707 st,_ = getstatusoutput('ping -c 1 {}'.format(host1))
2708 assert_equal(st, False)
2709 #checking external connectivity from vcpe interface 2 before vcpe 2 restart
2710 self.add_static_route_via_vcpe_interface([host2],vcpe=vcpe_intf2)
2711 st,_ = getstatusoutput('ping -c 1 {}'.format(host2))
2712 assert_equal(st, False)
2713 st, _ = vsg2.run_cmd('sudo docker restart {}'.format(vcpe_name2))
2714 time.sleep(10)
2715 #checking external connectivity from vcpe interface 1 after vcpe 2 restart
2716 st,_ = getstatusoutput('ping -c 1 {}'.format(host1))
2717 assert_equal(st, False)
2718 self.add_static_route_via_vcpe_interface([host2],vcpe=vcpe_intf2)
2719 time = 0
2720 status = False
2721 while(time <= 100):
2722 time.sleep(10)
2723 st,_ = getstatusoutput('ping -c 1 {}'.format(hos2))
2724 if st is False:
2725 status = True
2726 break
2727 time += 10
2728 assert_equal(status, True)
2729 except Exception as error:
2730 log.info('Got Unexpected error %s'%error)
2731 raise
2732 finally:
2733 self.del_static_route_via_vcpe_interface([host1],vcpe=vcpe_intf1)
2734 self.add_static_route_via_vcpe_interface([host2],vcpe=vcpe_intf2)
2735 self.vsg_xos_subscriber_delete(0, subId1)
2736 self.vsg_xos_subscriber_delete(1, subId2)
2737 df.callback(0)
2738 reactor.callLater(0,test_xos_subscriber,df)
2739 return df
Anil Kumar Sanka5bb352a2017-05-16 22:24:01 +0000[diff] [blame]2740
Anil Kumar Sanka5db80d02017-06-02 21:10:19 +0000[diff] [blame^]2741 @deferred(500)
2742 def test_vsg_xos_multiple_subscribers_external_connectivity_if_one_vcpe_pause(self):
Anil Kumar Sanka5bb352a2017-05-16 22:24:01 +0000[diff] [blame]2743 """
2744 Test Method:
2745 1.Create two vcpe instances in two different vsg vms using XOS
2746 2.Verify external connectivity through vcpe instances from cord-tester
2747 3.Pause running first vcpe instance
2748 4.Verify external network cant be reachable form first vcpe interface
2749 """
Anil Kumar Sanka5db80d02017-06-02 21:10:19 +0000[diff] [blame^]2750 df = defer.Deferred()
2751 def test_xos_subscriber(df):
2752 host1 = '8.8.8.8'
2753 host2 = '4.2.2.2'
2754 subId1 = self.vsg_xos_subscriber_id(0)
2755 log.info('already existing subid of index 0 is %s'%subId1)
2756 if subId1 == '0':
2757 log.info('creating vcpe instance of index 0')
2758 subId1 = self.vsg_xos_subscriber_create(0)
2759 assert_not_equal(subId1,'0')
2760 subId2 = self.vsg_xos_subscriber_id(1)
2761 log.info('already existing subid of index 1 is %s'%subId2)
2762 if subId2 == '0':
2763 log.info('creating vcpe instance of index 1')
2764 subId2 = self.vsg_xos_subscriber_create(1)
2765 vcpe_intf1 = self.dhcp_vcpes[0]
2766 vcpe_intf2 = self.dhcp_vcpes[1]
2767 vcpe_name1 = 'vcpe-{}-{}'.format(vcpe_intf1.split('.')[1],vcpe_intf1.split('.')[2])
2768 vcpe_name2 = 'vcpe-{}-{}'.format(vcpe_intf2.split('.')[1],vcpe_intf2.split('.')[2])
2769 vsg1 = VSGAccess.get_vcpe_vsg(vcpe_name1)
2770 vsg2 = VSGAccess.get_vcpe_vsg(vcpe_name2)
2771 try:
2772 #checking external connectivity from vcpe interface 1 before vcpe 2 pause
2773 self.add_static_route_via_vcpe_interface([host1],vcpe=vcpe_intf1)
2774 st,_ = getstatusoutput('ping -c 1 {}'.format(host1))
2775 assert_equal(st, False)
2776 #checking external connectivity from vcpe interface 2 before vcpe 2 pause
2777 self.add_static_route_via_vcpe_interface([host2],vcpe=vcpe_intf2)
2778 st,_ = getstatusoutput('ping -c 1 {}'.format(host2))
2779 assert_equal(st, False)
2780 st, _ = vsg2.run_cmd('sudo docker pause {}'.format(vcpe_name2))
2781 time.sleep(1)
2782 #checking external connectivity from vcpe interface 1 after vcpe 2 pause
2783 st,_ = getstatusoutput('ping -c 1 {}'.format(host1))
2784 assert_equal(st, False)
2785 #checking external connectivity from vcpe interface 2 after vcpe 2 pause
2786 st,_ = getstatusoutput('ping -c 1 {}'.format(host2))
2787 assert_equal(st, True)
2788 except Exception as error:
2789 log.info('Got Unexpected error %s'%error)
2790 raise
2791 finally:
2792 log.info('In Finally block 3333333333333333')
2793 st, _ = vsg2.run_cmd('sudo docker unpause {}'.format(vcpe_name2))
2794 self.del_static_route_via_vcpe_interface([host1],vcpe=vcpe_intf1)
2795 self.add_static_route_via_vcpe_interface([host2],vcpe=vcpe_intf2)
2796 self.vsg_xos_subscriber_delete(0, subId1)
2797 self.vsg_xos_subscriber_delete(1, subId2)
2798 df.callback(0)
2799 reactor.callLater(0,test_xos_subscriber,df)
2800 return df
Anil Kumar Sanka5bb352a2017-05-16 22:24:01 +0000[diff] [blame]2801
Anil Kumar Sanka5db80d02017-06-02 21:10:19 +0000[diff] [blame^]2802 @deferred(500)
2803 def test_vsg_xos_subscriber_external_connectivity_if_one_vcpe_stops(self):
Anil Kumar Sanka5bb352a2017-05-16 22:24:01 +0000[diff] [blame]2804 """
2805 Test Method:
2806 1.Create two vcpe instances in two different vsg vms using XOS
2807 2.Verify external connectivity through vcpe instances from cord-tester
2808 3.Stop running first vcpe instance
2809 4.Verify external network cant be reachable form first vcpe interface
2810 """
Anil Kumar Sanka5db80d02017-06-02 21:10:19 +0000[diff] [blame^]2811 df = defer.Deferred()
2812 def test_xos_subscriber(df):
2813 host1 = '8.8.8.8'
2814 host2 = '4.2.2.2'
2815 subId1 = self.vsg_xos_subscriber_id(0)
2816 log.info('already existing subid of index 0 is %s'%subId1)
2817 if subId1 == '0':
2818 log.info('creating vcpe instance of index 0')
2819 subId1 = self.vsg_xos_subscriber_create(0)
2820 assert_not_equal(subId1,'0')
2821 subId2 = self.vsg_xos_subscriber_id(1)
2822 log.info('already existing subid of index 1 is %s'%subId2)
2823 if subId2 == '0':
2824 log.info('creating vcpe instance of index 1')
2825 subId2 = self.vsg_xos_subscriber_create(1)
2826 vcpe_intf1 = self.dhcp_vcpes[0]
2827 vcpe_intf2 = self.dhcp_vcpes[1]
2828 vcpe_name1 = 'vcpe-{}-{}'.format(vcpe_intf1.split('.')[1],vcpe_intf1.split('.')[2])
2829 vcpe_name2 = 'vcpe-{}-{}'.format(vcpe_intf2.split('.')[1],vcpe_intf2.split('.')[2])
2830 vsg1 = VSGAccess.get_vcpe_vsg(vcpe_name1)
2831 vsg2 = VSGAccess.get_vcpe_vsg(vcpe_name2)
2832 try:
2833 #checking external connectivity from vcpe interface 1 before vcpe 2 stop
2834 self.add_static_route_via_vcpe_interface([host1],vcpe=vcpe_intf1)
2835 st,_ = getstatusoutput('ping -c 1 {}'.format(host1))
2836 assert_equal(st, False)
2837 #checking external connectivity from vcpe interface 2 before vcpe 2 stop
2838 self.add_static_route_via_vcpe_interface([host2],vcpe=vcpe_intf2)
2839 st,_ = getstatusoutput('ping -c 1 {}'.format(host2))
2840 assert_equal(st, False)
2841 st, _ = vsg2.run_cmd('sudo docker stop {}'.format(vcpe_name2))
2842 time.sleep(5)
2843 #checking external connectivity from vcpe interface 1 after vcpe 2 stop
2844 st,_ = getstatusoutput('ping -c 1 {}'.format(host1))
2845 assert_equal(st, False)
2846 #checking external connectivity from vcpe interface 1 after vcpe 2 stop
2847 self.add_static_route_via_vcpe_interface([host2],vcpe=vcpe_intf2)
2848 st,_ = getstatusoutput('ping -c 1 {}'.format(host2))
2849 assert_equal(st, True)
2850 except Exception as error:
2851 log.info('Got Unexpected error %s'%error)
2852 raise
2853 finally:
2854 st, _ = vsg2.run_cmd('sudo docker start {}'.format(vcpe_name2))
2855 time.sleep(10)
2856 self.del_static_route_via_vcpe_interface([host1],vcpe=vcpe_intf1)
2857 self.add_static_route_via_vcpe_interface([host2],vcpe=vcpe_intf2)
2858 self.vsg_xos_subscriber_delete(0, subId1)
2859 self.vsg_xos_subscriber_delete(1, subId2)
2860 df.callback(0)
2861 reactor.callLater(0,test_xos_subscriber,df)
2862 return df
Anil Kumar Sanka5bb352a2017-05-16 22:24:01 +0000[diff] [blame]2863
Anil Kumar Sanka5db80d02017-06-02 21:10:19 +0000[diff] [blame^]2864 @deferred(420)
2865 def test_vsg_xos_subscriber_external_connectivity_after_vsg_vm_stop(self,index=0):
Anil Kumar Sanka5bb352a2017-05-16 22:24:01 +0000[diff] [blame]2866 """
2867 Test Method:
2868 1.Create two vcpe instances in two different vsg vms using XOS
2869 2.Verify external connectivity through vcpe instances from cord-tester
2870 3.Bring down first vSG vm
2871 4.Verify external network cant be reachable form first vcpe interface
2872 """
Anil Kumar Sanka5db80d02017-06-02 21:10:19 +0000[diff] [blame^]2873 df = defer.Deferred()
2874 def test_xos_subscriber(df,index=index):
2875 host = '8.8.8.8'
2876 subId = self.vsg_xos_subscriber_id(index)
2877 if subId == '0':
2878 log.info('creating vcpe instance of index 0')
2879 subId = self.vsg_xos_subscriber_create(index)
2880 assert_not_equal(subId,'0')
2881 vcpe_intf = self.dhcp_vcpes[index] #'vcpe{}.{}.{}'.format(s_tag, c_tag)
2882 vcpe_name = self.container_vcpes[index]
2883 vsg = VSGAccess.get_vcpe_vsg(vcpe_name)
2884 try:
2885 self.add_static_route_via_vcpe_interface([host],vcpe=vcpe_intf)
2886 st, _ = getstatusoutput('ping -c 1 {}'.format(host))
2887 assert_equal(st, False)
2888 log.info('Stopping vsg instance')
2889 vsg.stop()
2890 time.sleep(5)
2891 self.add_static_route_via_vcpe_interface([host],vcpe=vcpe_intf)
2892 st, _ = getstatusoutput('ping -c 1 {}'.format(host))
2893 assert_equal(st, True)
2894 except Exception as error:
2895 log.info('Got Unexpected error %s'%error)
2896 raise
2897 finally:
2898 vsg.start()
2899 self.del_static_route_via_vcpe_interface([host],vcpe=vcpe_intf)
2900 self.vsg_xos_subscriber_delete(index, subId)
2901 df.callback(0)
2902 reactor.callLater(0,test_xos_subscriber,df)
2903 return df
Anil Kumar Sanka5bb352a2017-05-16 22:24:01 +0000[diff] [blame]2904
Anil Kumar Sanka5db80d02017-06-02 21:10:19 +0000[diff] [blame^]2905 @deferred(420)
2906 def test_vsg_xos_subscriber_external_connectivity_after_vsg_vm_restart(self,index=0):
2907 """
2908 Test Method:
2909 1.Create two vcpe instances in two different vsg vms using XOS
2910 2.Verify external connectivity through vcpe instances from cord-tester
2911 3.Bring down first vSG vm
2912 4.Verify external network cant be reachable form first vcpe interface
2913 """
2914 df = defer.Deferred()
2915 def test_xos_subscriber(df,index=index):
2916 host = '8.8.8.8'
2917 subId = self.vsg_xos_subscriber_id(index)
2918 if subId == '0':
2919 log.info('creating vcpe instance of index 0')
2920 subId = self.vsg_xos_subscriber_create(index)
2921 assert_not_equal(subId,'0')
2922 vcpe_intf = self.dhcp_vcpes[index] #'vcpe{}.{}.{}'.format(s_tag, c_tag)
2923 vcpe_name = self.container_vcpes[index]
2924 vsg = VSGAccess.get_vcpe_vsg(vcpe_name)
2925 try:
2926 self.add_static_route_via_vcpe_interface([host],vcpe=vcpe_intf)
2927 st, _ = getstatusoutput('ping -c 1 {}'.format(host))
2928 assert_equal(st, False)
2929 log.info('Restarting vsg instance')
2930 vsg.reboot()
2931 time.sleep(10)
2932 self.add_static_route_via_vcpe_interface([host],vcpe=vcpe_intf)
2933 time = 0
2934 status = False
2935 while(time <= 100):
2936 time.sleep(10)
2937 st, _ = getstatusoutput('ping -c 1 {}'.format(host))
2938 if st is False:
2939 status = True
2940 break
2941 time += 10
2942 assert_equal(status, True)
2943 except Exception as error:
2944 log.info('Got Unexpected error %s'%error)
2945 raise
2946 finally:
2947 self.del_static_route_via_vcpe_interface([host],vcpe=vcpe_intf)
2948 self.vsg_xos_subscriber_delete(index, subId)
2949 df.callback(0)
2950 reactor.callLater(0,test_xos_subscriber,df)
2951 return df
2952
2953 @deferred(780)
2954 def test_vsg_xos_multiple_subscribers_external_connectivity_if_two_vsgs_stop_and_start(self,index1=4,index2=6):
Anil Kumar Sanka5bb352a2017-05-16 22:24:01 +0000[diff] [blame]2955 """
2956 Test Method:
2957 1.Create two vcpe instances in two different vsg vms using XOS
2958 2.Verify external connectivity through vcpe instances from cord-tester
2959 3.Bring down first vSG vm
2960 4.Verify external network cant be reachable form first vcpe interface
2961 5.Bring down second vSG vm also
2962 6.Verify external network cant be reachable form first vcpe interface also
2963 """
Anil Kumar Sanka5db80d02017-06-02 21:10:19 +0000[diff] [blame^]2964 df = defer.Deferred(df,index1=index1,index2=index2)
2965 def test_xos_subscriber(df,index=index):
2966 subId1 = self.vsg_xos_subscriber_create(index1)
2967 subId2 = self.vsg_xos_subscriber_create(index2)
2968 if subId1 == '0':
2969 self.vsg_xos_subscriber_delete(index1, subId1)
2970 assert_not_equal(subId1, '0')
2971 if subId2 == '0':
2972 self.vsg_xos_subscriber_delete(index2, subId2)
2973 assert_not_equal(subId2, '0')
2974 for index in [index1,index2]:
2975 vcpe_intf = self.dhcp_vcpes[index] #'vcpe{}.{}.{}'.format(s_tag, c_tag)
2976 vcpe_name = self.container_vcpes[index]
2977 vsg = VSGAccess.get_vcpe_vsg(vcpe_name)
2978 try:
2979 self.add_static_route_via_vcpe_interface([host],vcpe=vcpe_intf)
2980 st, _ = getstatusoutput('ping -c 1 {}'.format(host))
2981 assert_equal(st, False)
2982 log.info('Stopping vsg instance of index %s'%index)
2983 vsg.stop()
2984 time.sleep(5)
2985 self.add_static_route_via_vcpe_interface([host],vcpe=vcpe_intf)
2986 st, _ = getstatusoutput('ping -c 1 {}'.format(host))
2987 assert_equal(st, True)
2988 except Exception as error:
2989 log.info('Got Unexpected error %s'%error)
2990 raise
2991 finally:
2992 vsg.start()
2993 self.del_static_route_via_vcpe_interface([host],vcpe=vcpe_intf)
2994 df.callback(0)
2995 reactor.callLater(0,test_xos_subscriber,df)
2996 return df
Anil Kumar Sanka52a39f82017-05-10 17:39:31 +0000[diff] [blame]2997
Anil Kumar Sanka5db80d02017-06-02 21:10:19 +0000[diff] [blame^]2998 @deferred(420)
2999 def test_vsg_xos_subscriber_external_connectivity_with_creating_firewall_rule(self,index=0):
3000 """
3001 Alog:
3002 1.Cretae a vcpe instance using XOS
3003 2.Get dhcp IP to vcpe interface in cord-tester
3004 3.Verify external network can be reachable from cord-tester
3005 4.Add an iptable rule to drop packets destined to external network in vcpe
3006 5.Verify now external network cant be reachable
3007 6.Delele the iptale in vcpe instance
3008 7.Verify external network can be reachable from cord-tester
3009 """
3010 df = defer.Deferred()
3011 def test_xos_subscriber(df,index=index):
3012 log.info('cls.dhcp_vcpes is %s'%self.dhcp_vcpes)
3013 host = '8.8.8.8'
3014 subId = self.vsg_xos_subscriber_create(index)
3015 if subId == '0':
3016 subId = self.vsg_xos_subscriber_create(index)
3017 assert_not_equal(subId, '0')
Anil Kumar Sankaf6a9f392017-05-06 00:18:31 +0000[diff] [blame]3018 vcpe_intf = self.dhcp_vcpes[index] #'vcpe{}.{}.{}'.format(s_tag, c_tag)
Anil Kumar Sanka5db80d02017-06-02 21:10:19 +0000[diff] [blame^]3019 vcpe_name = self.container_vcpes[index]
3020 vsg = VSGAccess.get_vcpe_vsg(vcpe_name)
Anil Kumar Sankaf6a9f392017-05-06 00:18:31 +0000[diff] [blame]3021 try:
3022 self.add_static_route_via_vcpe_interface([host],vcpe=vcpe_intf)
3023 st, _ = getstatusoutput('ping -c 1 {}'.format(host))
Anil Kumar Sanka5db80d02017-06-02 21:10:19 +0000[diff] [blame^]3024 #ssert_equal(st, False)
3025 st, _ = vsg.run_cmd('sudo docker exec {} iptables -I FORWARD -d {} -j DROP'.format(vcpe_name,host))
Anil Kumar Sankaf6a9f392017-05-06 00:18:31 +0000[diff] [blame]3026 st, _ = getstatusoutput('ping -c 1 {}'.format(host))
3027 assert_equal(st, True)
Anil Kumar Sanka5db80d02017-06-02 21:10:19 +0000[diff] [blame^]3028 st,_ = vsg.run_cmd('sudo docker exec {} iptables -D FORWARD -d {} -j DROP'.format(vcpe_name,host))
3029 self.vsg_xos_subscriber_delete(index, subId)
3030 except Exception as error:
3031 log.info('Got Unexpected error %s'%error)
3032 raise
3033 finally:
3034 vsg.run_cmd('sudo docker exec {} iptables -D FORWARD -d {} -j DROP'.format(vcpe_name,host))
Anil Kumar Sankaf6a9f392017-05-06 00:18:31 +0000[diff] [blame]3035 self.del_static_route_via_vcpe_interface([host],vcpe=vcpe_intf)
Anil Kumar Sanka5db80d02017-06-02 21:10:19 +0000[diff] [blame^]3036 self.vsg_xos_subscriber_delete(index, subId)
3037 df.callback(0)
3038 reactor.callLater(0,test_xos_subscriber,df)
3039 return df
A R Karthick63751492017-03-22 09:28:01 -0700[diff] [blame]3040
Anil Kumar Sanka1213d4c2017-02-23 22:50:48 +0000[diff] [blame]3041 def test_vsg_for_packet_received_with_invalid_ip_fields(self):
3042 """
Chetan Gaonker72f3c4e2017-05-10 18:16:49 +0000[diff] [blame]3043 Test Method:
Anil Kumar Sanka1213d4c2017-02-23 22:50:48 +0000[diff] [blame]3044 1.Create a vSG VM in compute node
3045 2.Create a vCPE container in vSG VM
3046 3.Ensure vSG VM and vCPE container created properly
3047 4.From subscriber, send a ping packet with invalid ip fields
3048 5.Verify that vSG drops the packet
3049 6.Verify ping fails
3050 """
A R Karthick63751492017-03-22 09:28:01 -0700[diff] [blame]3051
Anil Kumar Sanka1213d4c2017-02-23 22:50:48 +0000[diff] [blame]3052 def test_vsg_for_packet_received_with_invalid_mac_fields(self):
3053 """
Chetan Gaonker72f3c4e2017-05-10 18:16:49 +0000[diff] [blame]3054 Test Method:
Anil Kumar Sanka1213d4c2017-02-23 22:50:48 +0000[diff] [blame]3055 1.Create a vSG VM in compute node
3056 2.Create a vCPE container in vSG VM
3057 3.Ensure vSG VM and vCPE container created properly
3058 4.From subscriber, send a ping packet with invalid mac fields
3059 5.Verify that vSG drops the packet
3060 6.Verify ping fails
3061 """
A R Karthick63751492017-03-22 09:28:01 -0700[diff] [blame]3062
Anil Kumar Sanka1213d4c2017-02-23 22:50:48 +0000[diff] [blame]3063 def test_vsg_for_vlan_id_mismatch_in_stag(self):
3064 """
Chetan Gaonker72f3c4e2017-05-10 18:16:49 +0000[diff] [blame]3065 Test Method:
Anil Kumar Sanka1213d4c2017-02-23 22:50:48 +0000[diff] [blame]3066 1.Create a vSG VM in compute Node
3067 2.Create a vCPE container in vSG VM
3068 3.Ensure vSG VM and vCPE container created properly
3069 4.Send a ping request to external valid IP from subscriber, with incorrect vlan id in s-tag and valid c-tag
3070 5.Verify that ping fails as the packet drops at VM entry
3071 6.Repeat step 4 with correct s-tag
3072 7.Verify that ping success
3073 """
A R Karthick63751492017-03-22 09:28:01 -0700[diff] [blame]3074
Anil Kumar Sanka1213d4c2017-02-23 22:50:48 +0000[diff] [blame]3075 def test_vsg_for_vlan_id_mismatch_in_ctag(self):
3076 """
Chetan Gaonker72f3c4e2017-05-10 18:16:49 +0000[diff] [blame]3077 Test Method:
Anil Kumar Sanka1213d4c2017-02-23 22:50:48 +0000[diff] [blame]3078 1.Create a vSG VM in compute node
3079 2.Create a vCPE container in vSG VM
3080 3.Ensure vSG VM and vCPE container created properly
3081 4.Send a ping request to external valid IP from subscriber, with valid s-tag and incorrect vlan id in c-tag
3082 5.Verify that ping fails as the packet drops at vCPE container entry
3083 6.Repeat step 4 with valid s-tag and c-tag
3084 7.Verify that ping success
3085 """
A R Karthick63751492017-03-22 09:28:01 -0700[diff] [blame]3086
Anil Kumar Sanka1213d4c2017-02-23 22:50:48 +0000[diff] [blame]3087 def test_vsg_for_matching_and_mismatching_vlan_id_in_stag(self):
3088 """
Chetan Gaonker72f3c4e2017-05-10 18:16:49 +0000[diff] [blame]3089 Test Method:
Anil Kumar Sanka1213d4c2017-02-23 22:50:48 +0000[diff] [blame]3090 1.Create two vSG VMs in compute node
3091 2.Create a vCPE container in each vSG VM
3092 3.Ensure vSG VM and vCPE container created properly
3093 4.From subscriber one, send ping request with valid s and c tags
3094 5.From subscriber two, send ping request with vlan id mismatch in s-tag and valid c tags
3095 6.Verify that ping success for only subscriber one and fails for two.
3096 """
A R Karthick63751492017-03-22 09:28:01 -0700[diff] [blame]3097
Anil Kumar Sanka1213d4c2017-02-23 22:50:48 +0000[diff] [blame]3098 def test_vsg_for_matching_and_mismatching_vlan_id_in_ctag(self):
3099 """
Chetan Gaonker72f3c4e2017-05-10 18:16:49 +0000[diff] [blame]3100 Test Method:
Anil Kumar Sanka1213d4c2017-02-23 22:50:48 +0000[diff] [blame]3101 1.Create a vSG VM in compute node
3102 2.Create two vCPE containers in vSG VM
3103 3.Ensure vSG VM and vCPE container created properly
3104 4.From subscriber one, send ping request with valid s and c tags
3105 5.From subscriber two, send ping request with valid s-tag and vlan id mismatch in c-tag
3106 6.Verify that ping success for only subscriber one and fails for two
3107 """
A R Karthick63751492017-03-22 09:28:01 -0700[diff] [blame]3108
Anil Kumar Sanka1213d4c2017-02-23 22:50:48 +0000[diff] [blame]3109 def test_vsg_for_out_of_range_vlanid_in_ctag(self):
3110 """
Chetan Gaonker72f3c4e2017-05-10 18:16:49 +0000[diff] [blame]3111 Test Method:
Anil Kumar Sanka1213d4c2017-02-23 22:50:48 +0000[diff] [blame]3112 1.Create a vSG VM in compute node
3113 2.Create a vCPE container in vSG VM
3114 3.Ensure vSG VM and vCPE container created properly
3115 4.From subscriber, send ping request with valid stag and vlan id in c-tag is an out of range value ( like 0,4097 )
3116 4.Verify that ping fails as the ping packets drops at vCPE container entry
3117 """
A R Karthick63751492017-03-22 09:28:01 -0700[diff] [blame]3118
Anil Kumar Sanka1213d4c2017-02-23 22:50:48 +0000[diff] [blame]3119 def test_vsg_for_out_of_range_vlanid_in_stag(self):
3120 """
Chetan Gaonker72f3c4e2017-05-10 18:16:49 +0000[diff] [blame]3121 Test Method:
Anil Kumar Sanka1213d4c2017-02-23 22:50:48 +0000[diff] [blame]3122 1.Create a vSG VM in compute node
3123 2.Create a vCPE container in vSG VM
3124 3.Ensure vSG VM and vCPE container created properly
3125 2.From subscriber, send ping request with vlan id in s-tag is an out of range value ( like 0,4097 ), with valid c-tag
3126 4.Verify that ping fails as the ping packets drops at vSG VM entry
3127 """
A R Karthick63751492017-03-22 09:28:01 -0700[diff] [blame]3128
Anil Kumar Sankaf6a9f392017-05-06 00:18:31 +0000[diff] [blame]3129 def test_vsg_for_extracting_all_compute_stats_from_all_vcpe_containers(self):
Anil Kumar Sanka1213d4c2017-02-23 22:50:48 +0000[diff] [blame]3130 """
Chetan Gaonker72f3c4e2017-05-10 18:16:49 +0000[diff] [blame]3131 Test Method:
Anil Kumar Sanka1213d4c2017-02-23 22:50:48 +0000[diff] [blame]3132 1.Create a vSG VM in compute node
3133 2.Create 10 vCPE containers in VM
3134 3.Ensure vSG VM and vCPE containers created properly
3135 4.Login to all vCPE containers
3136 4.Get all compute stats from all vCPE containers
3137 5.Verify the stats # verification method need to add
3138 """
A R Karthick63751492017-03-22 09:28:01 -0700[diff] [blame]3139
Anil Kumar Sankaf6a9f392017-05-06 00:18:31 +0000[diff] [blame]3140 def test_vsg_for_extracting_dns_stats_from_all_vcpe_containers(self):
Anil Kumar Sanka1213d4c2017-02-23 22:50:48 +0000[diff] [blame]3141 """
Chetan Gaonker72f3c4e2017-05-10 18:16:49 +0000[diff] [blame]3142 Test Method:
Anil Kumar Sanka1213d4c2017-02-23 22:50:48 +0000[diff] [blame]3143 1.Create a vSG VM in compute node
3144 2.Create 10 vCPE containers in VM
3145 3.Ensure vSG VM and vCPE containers created properly
3146 4.From 10 subscribers, send ping to valid and invalid dns hosts
3147 5.Verify dns resolves and ping success for valid dns hosts
3148 6.Verify ping fails for invalid dns hosts
3149 7.Verify dns host name resolve flows in OvS
3150 8.Login to all 10 vCPE containers
3151 9.Extract all dns stats
3152 10.Verify dns stats for queries sent, queries received for dns host resolve success and failed scenarios
3153 """
A R Karthick63751492017-03-22 09:28:01 -0700[diff] [blame]3154
A R Karthick63751492017-03-22 09:28:01 -0700[diff] [blame]3155