[ovs-dev] [PATCH v2 4/5] ipsec: Introduce IPsec system tests for Libreswan
aconole at redhat.com
Wed Mar 31 13:35:16 UTC 2021
Mark Gray <mark.d.gray at redhat.com> writes:
> This patch adds system tests for OVS IPsec using Libreswan.
> If Libreswan is not present on the system, the tests will
> be skipped.
> These tests set up an underlay switch with bridge 'br0'
> to carry encrypted traffic between two emulated "nodes".
> Each "node" is a seperate network namespace ('left' and
> 'right') and runs an instance of the Libreswan "pluto"
> daemon, ovs-monitor-ipsec, ovs-vswitch and ovsdb-server.
> Each test sets up IPsec between the two emulated "nodes"
> using various configurations (currently tunnel
> type, IPv6/IPv6, authentication method, local_ip). After
> configuration, connectivity between the two nodes is
> tested and the underlay traffic is also inspected to
> ensure the traffic is encrypted.
> All IPsec system tests can be run by using the ipsec
> sudo make check-kernel TESTSUITEFLAGS='-k ipsec'
> Signed-off-by: Mark Gray <mark.d.gray at redhat.com>
Acked-by: Aaron Conole <aconole at redhat.com>
More information about the dev