Virtual Topologies

CSIT VPP Device tests are executed in Physical containerized topologies created on demand using set of scripts hosted and developed under CSIT repository. It runs on physical baremetal servers hosted by LF FD.io project. Based on the packet path thru SUT Containers, three distinct logical topology types are used for VPP DUT data plane testing:

  1. vfNIC-to-vfNIC switching topologies.

  2. vfNIC-to-vhost-user switching topologies.

  3. vfNIC-to-memif switching topologies.

vfNIC-to-vfNIC Switching

The simplest physical topology for software data plane application like VPP is vfNIC-to-vfNIC switching. Tested virtual topologies for 2-Node testbeds are shown in figures below.


SUT1 is Docker Container (running Ubuntu, depending on the test suite), TG is a Traffic Generator (running Ubuntu Container). SUTs run VPP SW application in Linux user-mode as a Device Under Test (DUT) within the container. TG runs Scapy SW application as a packet Traffic Generator. Network connectivity between SUTs and to TG is provided using virtual function of physical NICs.

Virtual topologies are created on-demand whenever a verification job is started (e.g. triggered by the gerrit patch submission) and destroyed upon completion of all functional tests. Each node is a container running on physical server. During the test execution, all nodes are reachable thru the Management (not shown above for clarity).

vfNIC-to-vhost-user Switching

vfNIC-to-vhost-user switching topology test cases require VPP DUT to communicate with Virtual Machine (VM) over Vhost-user virtual interfaces. VM is created on SUT1 for the duration of these particular test cases only. Virtual test topology with VM is shown in the figure below.


vfNIC-to-memif Switching

vfNIC-to-memif switching topology test cases require VPP DUT to communicate with another Docker Container over memif interfaces. Container is created for the duration of these particular test cases only and it is running the same VPP version as running on DUT. Virtual test topology with Memif is shown in the figure below.


Functional Tests Coverage

CSIT-2009 includes following VPP functionality tested in VPP Device environment:




Ingress Access Control List security for L2 Bridge-Domain MAC switching, IPv4 routing, IPv6 routing.


COP address white-list and black-list filtering for IPv4 and IPv6 routing.


IPSec tunnel and transport modes.


IPv4 routing, ICMPv4.


IPv4 routing, ICMPv6.


L2 Bridge-Domain switching for untagged Ethernet.


L2 Cross-Connect switching for untagged Ethernet.

Memif Interface

Baseline VPP memif interface tests.

QoS Policer Metering

Ingress packet rate metering and marking for IPv4, IPv6.


Segment routing over IPv6, base and proxy.

Tap Interface

Baseline Linux tap interface tests.


L2 VLAN subinterfaces.

Vhost-user Interface

Baseline VPP vhost-user interface tests.


VXLAN overlay tunneling for L2-over-IPv4 and -over-IPv6.

Tests Naming

CSIT-2009 follows a common structured naming convention for all performance and system functional tests, introduced in CSIT-17.01.

The naming should be intuitive for majority of the tests. Complete description of CSIT test naming convention is provided on Test Naming.