[ovs-dev] [PATCH 3/4] system-tests: Run conntrack tests with userspace.
Daniele Di Proietto
diproiettod at vmware.com
Fri Jul 29 02:58:05 UTC 2016
The userspace connection tracker doesn't support ALGs, frag reassembly
or NAT yet, so skip those tests.
Also, connection tracking state input from a local port is not possible
in userspace.
Finally, the userspace datapath checks for the IPv4 header checksum, so
fix those in the hardcoded packets.
Signed-off-by: Daniele Di Proietto <diproiettod at vmware.com>
Acked-by: Joe Stringer <joe at ovn.org>
Acked-by: Flavio Leitner <fbl at sysclose.org>
---
tests/system-kmod-macros.at | 28 +++++++++++++++++++++++++
tests/system-ovn.at | 3 +++
tests/system-traffic.at | 32 +++++++++++++++++++++++++---
tests/system-userspace-macros.at | 45 +++++++++++++++++++++++++++++++++++++---
4 files changed, 102 insertions(+), 6 deletions(-)
diff --git a/tests/system-kmod-macros.at b/tests/system-kmod-macros.at
index 2134db7..e1b5707 100644
--- a/tests/system-kmod-macros.at
+++ b/tests/system-kmod-macros.at
@@ -67,3 +67,31 @@ m4_define([CHECK_CONNTRACK],
on_exit 'ovstest test-netlink-conntrack flush'
]
)
+
+# CHECK_CONNTRACK_ALG()
+#
+# Perform requirements checks for running conntrack ALG tests. The kernel
+# supports ALG, so no check is needed.
+#
+m4_define([CHECK_CONNTRACK_ALG])
+
+# CHECK_CONNTRACK_FRAG()
+#
+# Perform requirements checks for running conntrack fragmentations tests.
+# The kernel always supports fragmentation, so no check is needed.
+m4_define([CHECK_CONNTRACK_FRAG])
+
+# CHECK_CONNTRACK_LOCAL_STACK()
+#
+# Perform requirements checks for running conntrack tests with local stack.
+# The kernel always supports reading the connection state of an skb coming
+# from an internal port, without an explicit ct() action, so no check is
+# needed.
+m4_define([CHECK_CONNTRACK_LOCAL_STACK])
+
+# CHECK_CONNTRACK_NAT()
+#
+# Perform requirements checks for running conntrack NAT tests. The kernel
+# always supports NAT, so no check is needed.
+#
+m4_define([CHECK_CONNTRACK_NAT])
diff --git a/tests/system-ovn.at b/tests/system-ovn.at
index 2a94d68..b96b260 100755
--- a/tests/system-ovn.at
+++ b/tests/system-ovn.at
@@ -2,6 +2,7 @@ AT_SETUP([ovn -- 2 LRs connected via LS, gateway router, SNAT and DNAT])
AT_KEYWORDS([ovnnat])
CHECK_CONNTRACK()
+CHECK_CONNTRACK_NAT()
ovn_start
OVS_TRAFFIC_VSWITCHD_START()
ADD_BR([br-int])
@@ -172,6 +173,7 @@ AT_SETUP([ovn -- 2 LRs connected via LS, gateway router, easy SNAT])
AT_KEYWORDS([ovnnat])
CHECK_CONNTRACK()
+CHECK_CONNTRACK_NAT()
ovn_start
OVS_TRAFFIC_VSWITCHD_START()
ADD_BR([br-int])
@@ -277,6 +279,7 @@ AT_SETUP([ovn -- load-balancing])
AT_KEYWORDS([ovnlb])
CHECK_CONNTRACK()
+CHECK_CONNTRACK_NAT()
ovn_start
OVS_TRAFFIC_VSWITCHD_START()
ADD_BR([br-int])
diff --git a/tests/system-traffic.at b/tests/system-traffic.at
index 1cdc2d2..5732d9b 100644
--- a/tests/system-traffic.at
+++ b/tests/system-traffic.at
@@ -510,13 +510,13 @@ AT_CAPTURE_FILE([ofctl_monitor.log])
AT_CHECK([ovs-ofctl monitor br0 65534 invalid_ttl --detach --no-chdir --pidfile 2> ofctl_monitor.log])
dnl Send an unsolicited reply from port 2. This should be dropped.
-AT_CHECK([ovs-ofctl -O OpenFlow13 packet-out br0 2 ct\(table=0\) '50540000000a50540000000908004500001c00000000001100000a0101020a0101010002000100080000'])
+AT_CHECK([ovs-ofctl -O OpenFlow13 packet-out br0 2 ct\(table=0\) '50540000000a50540000000908004500001c000000000011a4cd0a0101020a0101010002000100080000'])
dnl OK, now start a new connection from port 1.
-AT_CHECK([ovs-ofctl -O OpenFlow13 packet-out br0 1 ct\(commit\),controller '50540000000a50540000000908004500001c00000000001100000a0101010a0101020001000200080000'])
+AT_CHECK([ovs-ofctl -O OpenFlow13 packet-out br0 1 ct\(commit\),controller '50540000000a50540000000908004500001c000000000011a4cd0a0101010a0101020001000200080000'])
dnl Now try a reply from port 2.
-AT_CHECK([ovs-ofctl -O OpenFlow13 packet-out br0 2 ct\(table=0\) '50540000000a50540000000908004500001c00000000001100000a0101020a0101010002000100080000'])
+AT_CHECK([ovs-ofctl -O OpenFlow13 packet-out br0 2 ct\(table=0\) '50540000000a50540000000908004500001c000000000011a4cd0a0101020a0101010002000100080000'])
dnl Check this output. We only see the latter two packets, not the first.
AT_CHECK([cat ofctl_monitor.log], [0], [dnl
@@ -906,6 +906,7 @@ AT_CLEANUP
AT_SETUP([conntrack - multiple zones, local])
CHECK_CONNTRACK()
+CHECK_CONNTRACK_LOCAL_STACK()
OVS_TRAFFIC_VSWITCHD_START()
ADD_NAMESPACES(at_ns0)
@@ -953,6 +954,7 @@ AT_CLEANUP
AT_SETUP([conntrack - multiple namespaces, internal ports])
CHECK_CONNTRACK()
+CHECK_CONNTRACK_LOCAL_STACK()
OVS_TRAFFIC_VSWITCHD_START(
[set-fail-mode br0 secure -- ])
@@ -993,6 +995,7 @@ AT_CLEANUP
AT_SETUP([conntrack - multi-stage pipeline, local])
CHECK_CONNTRACK()
+CHECK_CONNTRACK_LOCAL_STACK()
OVS_TRAFFIC_VSWITCHD_START()
ADD_NAMESPACES(at_ns0)
@@ -1382,6 +1385,7 @@ AT_CLEANUP
AT_SETUP([conntrack - FTP])
AT_SKIP_IF([test $HAVE_PYFTPDLIB = no])
CHECK_CONNTRACK()
+CHECK_CONNTRACK_ALG()
OVS_TRAFFIC_VSWITCHD_START()
ADD_NAMESPACES(at_ns0, at_ns1)
@@ -1468,6 +1472,7 @@ AT_CLEANUP
AT_SETUP([conntrack - IPv6 FTP])
AT_SKIP_IF([test $HAVE_PYFTPDLIB = no])
CHECK_CONNTRACK()
+CHECK_CONNTRACK_ALG()
OVS_TRAFFIC_VSWITCHD_START()
ADD_NAMESPACES(at_ns0, at_ns1)
@@ -1524,6 +1529,7 @@ AT_CLEANUP
AT_SETUP([conntrack - FTP with multiple expectations])
AT_SKIP_IF([test $HAVE_PYFTPDLIB = no])
CHECK_CONNTRACK()
+CHECK_CONNTRACK_ALG()
OVS_TRAFFIC_VSWITCHD_START()
ADD_NAMESPACES(at_ns0, at_ns1)
@@ -1588,6 +1594,7 @@ AT_CLEANUP
AT_SETUP([conntrack - IPv4 fragmentation ])
CHECK_CONNTRACK()
+CHECK_CONNTRACK_FRAG()
OVS_TRAFFIC_VSWITCHD_START()
ADD_NAMESPACES(at_ns0, at_ns1)
@@ -1621,6 +1628,7 @@ AT_CLEANUP
AT_SETUP([conntrack - IPv4 fragmentation expiry])
CHECK_CONNTRACK()
+CHECK_CONNTRACK_FRAG()
OVS_TRAFFIC_VSWITCHD_START()
ADD_NAMESPACES(at_ns0, at_ns1)
@@ -1651,6 +1659,7 @@ AT_CLEANUP
AT_SETUP([conntrack - IPv4 fragmentation + vlan])
CHECK_CONNTRACK()
+CHECK_CONNTRACK_FRAG()
OVS_TRAFFIC_VSWITCHD_START()
ADD_NAMESPACES(at_ns0, at_ns1)
@@ -1686,6 +1695,7 @@ AT_CLEANUP
AT_SETUP([conntrack - IPv6 fragmentation])
CHECK_CONNTRACK()
+CHECK_CONNTRACK_FRAG()
OVS_TRAFFIC_VSWITCHD_START()
ADD_NAMESPACES(at_ns0, at_ns1)
@@ -1725,6 +1735,7 @@ AT_CLEANUP
AT_SETUP([conntrack - IPv6 fragmentation expiry])
CHECK_CONNTRACK()
+CHECK_CONNTRACK_FRAG()
OVS_TRAFFIC_VSWITCHD_START()
ADD_NAMESPACES(at_ns0, at_ns1)
@@ -1765,6 +1776,7 @@ AT_CLEANUP
AT_SETUP([conntrack - IPv6 fragmentation + vlan])
CHECK_CONNTRACK()
+CHECK_CONNTRACK_FRAG()
OVS_TRAFFIC_VSWITCHD_START()
ADD_NAMESPACES(at_ns0, at_ns1)
@@ -1808,6 +1820,7 @@ AT_CLEANUP
AT_SETUP([conntrack - Fragmentation over vxlan])
OVS_CHECK_VXLAN()
CHECK_CONNTRACK()
+CHECK_CONNTRACK_FRAG()
OVS_TRAFFIC_VSWITCHD_START()
ADD_BR([br-underlay])
@@ -1859,6 +1872,7 @@ AT_CLEANUP
AT_SETUP([conntrack - IPv6 Fragmentation over vxlan])
OVS_CHECK_VXLAN()
CHECK_CONNTRACK()
+CHECK_CONNTRACK_FRAG()
OVS_TRAFFIC_VSWITCHD_START()
ADD_BR([br-underlay])
@@ -1957,6 +1971,7 @@ AT_CLEANUP
AT_SETUP([conntrack - simple SNAT])
CHECK_CONNTRACK()
+CHECK_CONNTRACK_NAT()
OVS_TRAFFIC_VSWITCHD_START()
ADD_NAMESPACES(at_ns0, at_ns1)
@@ -2003,6 +2018,7 @@ AT_CLEANUP
AT_SETUP([conntrack - SNAT with port range])
CHECK_CONNTRACK()
+CHECK_CONNTRACK_NAT()
OVS_TRAFFIC_VSWITCHD_START()
ADD_NAMESPACES(at_ns0, at_ns1)
@@ -2050,6 +2066,7 @@ AT_CLEANUP
AT_SETUP([conntrack - more complex SNAT])
CHECK_CONNTRACK()
+CHECK_CONNTRACK_NAT()
OVS_TRAFFIC_VSWITCHD_START()
ADD_NAMESPACES(at_ns0, at_ns1)
@@ -2101,6 +2118,7 @@ AT_CLEANUP
AT_SETUP([conntrack - simple DNAT])
CHECK_CONNTRACK()
+CHECK_CONNTRACK_NAT()
OVS_TRAFFIC_VSWITCHD_START()
ADD_NAMESPACES(at_ns0, at_ns1)
@@ -2155,6 +2173,7 @@ AT_CLEANUP
AT_SETUP([conntrack - more complex DNAT])
CHECK_CONNTRACK()
+CHECK_CONNTRACK_NAT()
OVS_TRAFFIC_VSWITCHD_START()
ADD_NAMESPACES(at_ns0, at_ns1)
@@ -2215,6 +2234,7 @@ AT_CLEANUP
AT_SETUP([conntrack - ICMP related with NAT])
CHECK_CONNTRACK()
+CHECK_CONNTRACK_NAT()
OVS_TRAFFIC_VSWITCHD_START()
ADD_NAMESPACES(at_ns0, at_ns1)
@@ -2276,6 +2296,7 @@ AT_CLEANUP
AT_SETUP([conntrack - FTP with NAT])
AT_SKIP_IF([test $HAVE_PYFTPDLIB = no])
CHECK_CONNTRACK()
+CHECK_CONNTRACK_NAT()
OVS_TRAFFIC_VSWITCHD_START()
@@ -2357,6 +2378,7 @@ AT_CLEANUP
AT_SETUP([conntrack - FTP with NAT 2])
AT_SKIP_IF([test $HAVE_PYFTPDLIB = no])
CHECK_CONNTRACK()
+CHECK_CONNTRACK_NAT()
OVS_TRAFFIC_VSWITCHD_START()
ADD_NAMESPACES(at_ns0, at_ns1)
@@ -2424,6 +2446,7 @@ AT_CLEANUP
AT_SETUP([conntrack - IPv6 HTTP with NAT])
CHECK_CONNTRACK()
+CHECK_CONNTRACK_NAT()
OVS_TRAFFIC_VSWITCHD_START()
ADD_NAMESPACES(at_ns0, at_ns1)
@@ -2467,6 +2490,7 @@ AT_CLEANUP
AT_SETUP([conntrack - IPv6 FTP with NAT])
AT_SKIP_IF([test $HAVE_PYFTPDLIB = no])
CHECK_CONNTRACK()
+CHECK_CONNTRACK_NAT()
OVS_TRAFFIC_VSWITCHD_START()
ADD_NAMESPACES(at_ns0, at_ns1)
@@ -2524,6 +2548,7 @@ AT_CLEANUP
AT_SETUP([conntrack - DNAT load balancing])
CHECK_CONNTRACK()
+CHECK_CONNTRACK_NAT()
OVS_TRAFFIC_VSWITCHD_START()
ADD_NAMESPACES(at_ns1, at_ns2, at_ns3, at_ns4)
@@ -2610,6 +2635,7 @@ AT_CLEANUP
AT_SETUP([conntrack - DNAT load balancing with NC])
CHECK_CONNTRACK()
+CHECK_CONNTRACK_NAT()
OVS_TRAFFIC_VSWITCHD_START()
ADD_NAMESPACES(at_ns1, at_ns2, at_ns3, at_ns4, at_ns5)
diff --git a/tests/system-userspace-macros.at b/tests/system-userspace-macros.at
index c09a4aa..213425f 100644
--- a/tests/system-userspace-macros.at
+++ b/tests/system-userspace-macros.at
@@ -60,9 +60,48 @@ m4_define([CONFIGURE_VETH_OFFLOADS],
# CHECK_CONNTRACK()
#
-# Perform requirements checks for running conntrack tests, and flush the
-# kernel conntrack tables when the test is finished.
+# Perform requirements checks for running conntrack tests.
#
m4_define([CHECK_CONNTRACK],
- [AT_SKIP_IF(true)]
+ [AT_SKIP_IF([test $HAVE_PYTHON = no])]
)
+
+# CHECK_CONNTRACK_ALG()
+#
+# Perform requirements checks for running conntrack ALG tests. The userspace
+# doesn't support ALGs yet, so skip the tests
+#
+m4_define([CHECK_CONNTRACK_ALG],
+[
+ AT_SKIP_IF([:])
+])
+
+# CHECK_CONNTRACK_FRAG()
+#
+# Perform requirements checks for running conntrack fragmentations tests.
+# The userspace doesn't support fragmentation yet, so skip the tests.
+m4_define([CHECK_CONNTRACK_FRAG],
+[
+ AT_SKIP_IF([:])
+])
+
+# CHECK_CONNTRACK_LOCAL_STACK()
+#
+# Perform requirements checks for running conntrack tests with local stack.
+# While the kernel connection tracker automatically passes all the connection
+# tracking state from an internal port to the OpenvSwitch kernel module, there
+# is simply no way of doing that with the userspace, so skip the tests.
+m4_define([CHECK_CONNTRACK_LOCAL_STACK],
+[
+ AT_SKIP_IF([:])
+])
+
+# CHECK_CONNTRACK_NAT()
+#
+# Perform requirements checks for running conntrack NAT tests. The userspace
+# doesn't support NATs yet, so skip the tests
+#
+m4_define([CHECK_CONNTRACK_NAT],
+[
+ AT_SKIP_IF([:])
+])
--
2.8.1
More information about the dev
mailing list