VPP/STN Testing
From fd.io
< VPP
Contents
Setup
# In this simulation, we use 192.168.1.2/24 as the 'shared address' between a vpp interface, and one end of a veth pair connected to vpp
# We need to setup a testing environment that uses the stn path in an analogous manner to what we need it to do.
# To do this, we create a 'pretendroot' namespace, and connect vpp to it with an eth0 interface in the pretendroot namespace
sudo ip netns add pretendroot
sudo ip link add name vpp2eth0 type veth peer name eth0
# Don't forget to disable the tcp offload, or we will get bitten by the Linux kernels misbehavior around checksums over veth pairs
sudo ethtool --offload eth0 rx off tx off
sudo ip link set eth0 netns pretendroot
sudo ip netns exec pretendroot ip addr add 192.168.1.2/24 dev eth0
# Set the mac address of the eth0 interface. VPP will use 00:00:00:00:00:02 to address it, so we need to make sure the kernel accepts that mac for the eth0 interface
sudo ip netns exec pretendroot ip link set dev eth0 address 00:00:00:00:00:02
sudo ip netns exec pretendroot ip link set dev eth0 up
# Playing the part of our 'realnic' in this simulation, we create a 'realeth0' veth to connect to vpp.
# So that we can use it to originate traffic towards vpp, we give it IP 192.168.1.1/24
sudo ip link add name vpp2realeth0 type veth peer name realeth0
sudo ethtool --offload realeth0 rx off tx off
sudo ip addr add 192.168.1.1/24 dev realeth0
sudo ip link set dev realeth0 up
# Connect the vpp side of realeth0 (vpp2realeth0), addres it, and make sure its working
sudo vppctl create host-interface name vpp2realeth0
sudo vppctl set interface ip address host-vpp2realeth0 192.168.1.2/24
sudo vppctl set int state host-vpp2realeth0 up
ping 192.168.1.2
# Connect the vpp side of eth0 (vpp2eth0), set it up as an unnumbered slave of vpp2realeth0
sudo vppctl create host-interface name vpp2eth0
REALETH0_INT_IDX=$(sudo vppctl show int | grep host-vpp2realeth0 | awk '{print $2}')
echo ${REALETH0_INT_IDX}
ETH0_INT_IDX=$(sudo vppctl show int | grep host-vpp2eth0 | awk '{print $2}')
echo ${ETH0_INT_IDX}
echo sw_interface_set_unnumbered sw_if_index ${REALETH0_INT_IDX} unnum_if_index ${ETH0_INT_IDX} | sudo vpp_api_test | grep -v "#vat"
sudo vppctl set int state host-vpp2eth0 up
# Setup proxy arp for vpp2eth0
sudo vppctl set ip arp proxy 192.168.1.1-192.168.1.255
sudo vppctl set interface proxy-arp host-vpp2eth0 enable
# Setup the stn rule for 192.168.1.2 to host-vpp2eth0
sudo vppctl stn rule address 192.168.1.2 interface host-vpp2eth0
sudo vppctl show stn rule
Test 1: Ping from pretendroot (192.168.1.2) to realeth0 (192.168.1.1) via vpp
# Don't forget to setup vpp trace sudo vppctl trace add af-packet-input 100 sudo ip netns exec pretendroot ping 192.168.1.1
Test1 Results
Ping works in this situation.
Test 2
Set up an echo server in the pretendroot namespace, and telnet to it.
In one shell:
sudo ip netns exec pretendroot /bin/bash ncat -l 2000 -k -c 'xargs -n1 echo'
In a second shell:
telnet 192.168.1.2 2000
And try the echo server.
Test 2 Results
TCP works in this senario.
Test 1: Analysis
If you look at Packet 4, you will see the icp echo response is being addressed to mac address 00:00:00:00:00:02 (and bogus source 00:00:00:00:00:01) which causes the eth0 interface to reject the response. Tests for TCP and UDP showed the same issue.
