[ovs-dev] [PATCH v2 4/5] ipsec: Introduce IPsec system tests for Libreswan

Aaron Conole aconole at redhat.com
Wed Mar 31 13:35:16 UTC 2021


Mark Gray <mark.d.gray at redhat.com> writes:

> This patch adds system tests for OVS IPsec using Libreswan.
> If Libreswan is not present on the system, the tests will
> be skipped.
>
> These tests set up an underlay switch with bridge 'br0'
> to carry encrypted traffic between two emulated "nodes".
> Each "node" is a seperate network namespace ('left' and
> 'right') and runs an instance of the Libreswan "pluto"
> daemon, ovs-monitor-ipsec, ovs-vswitch and ovsdb-server.
>
> Each test sets up IPsec between the two emulated "nodes"
> using various configurations (currently tunnel
> type, IPv6/IPv6, authentication method, local_ip). After
> configuration, connectivity between the two nodes is
> tested and the underlay traffic is also inspected to
> ensure the traffic is encrypted.
>
> All IPsec system tests can be run by using the ipsec
> keyword:
>
> sudo make check-kernel TESTSUITEFLAGS='-k ipsec'
>
> Signed-off-by: Mark Gray <mark.d.gray at redhat.com>
> ---

Thanks!

Acked-by: Aaron Conole <aconole at redhat.com>



More information about the dev mailing list