Overview

Virtual Topologies

CSIT VPP Device tests are executed in Physical containerized topologies created on demand using set of scripts hosted and developed under CSIT repository. It runs on physical baremetal servers hosted by LF FD.io project. Based on the packet path thru SUT Containers, three distinct logical topology types are used for VPP DUT data plane testing:

  1. vfNIC-to-vfNIC switching topologies.

  2. vfNIC-to-vhost-user switching topologies.

  3. vfNIC-to-memif switching topologies.

vfNIC-to-vfNIC Switching

The simplest physical topology for software data plane application like VPP is vfNIC-to-vfNIC switching. Tested virtual topologies for 2-Node testbeds are shown in figures below.

vf-2n-nic2nic

SUT1 is Docker Container (running Ubuntu, depending on the test suite), TG is a Traffic Generator (running Ubuntu Container). SUTs run VPP SW application in Linux user-mode as a Device Under Test (DUT) within the container. TG runs Scapy SW application as a packet Traffic Generator. Network connectivity between SUTs and to TG is provided using virtual function of physical NICs.

Virtual topologies are created on-demand whenever a verification job is started (e.g. triggered by the gerrit patch submission) and destroyed upon completion of all functional tests. Each node is a container running on physical server. During the test execution, all nodes are reachable thru the Management (not shown above for clarity).

vfNIC-to-vhost-user Switching

vfNIC-to-vhost-user switching topology test cases require VPP DUT to communicate with Virtual Machine (VM) over Vhost-user virtual interfaces. VM is created on SUT1 for the duration of these particular test cases only. Virtual test topology with VM is shown in the figure below.

vf-2n-nic2vhost

vfNIC-to-memif Switching

vfNIC-to-memif switching topology test cases require VPP DUT to communicate with another Docker Container over memif interfaces. Container is created for the duration of these particular test cases only and it is running the same VPP version as running on DUT. Virtual test topology with Memif is shown in the figure below.

vf-2n-nic2memif

Functional Tests Coverage

CSIT-2302 includes following VPP functionality tested in VPP Device environment:

Functionality

Description

ACL (classify)

Ingress Access Control List security for L2 Bridge-Domain MAC switching, IPv4 routing, IPv6 routing.

ACL (acl_plugin)

Ingress and Egress Access Control List security in stateless and stateful mode for L2 Bridge-Domain MAC switching, IPv4 routing, IPv6 routing.

ADL

ADL address allow-list and block-list filtering for IPv4 and IPv6 routing.

GENEVE

GENEVE tunnels for IPv4 routing.

IPSec

IPSec tunnel and transport modes.

IPv4

IPv4 routing, ICMPv4.

IPv6

IPv4 routing, ICMPv6.

L2BD

L2 Bridge-Domain switching for untagged Ethernet.

L2XC

L2 Cross-Connect switching for untagged Ethernet.

MACIP (acl_plugin)

Ingress Access Control List security for L2 Bridge-Domain MAC switching based on mix of MAC and IP address matches.

Memif Interface

Baseline VPP memif interface tests.

NAT44

Network Address and Port Translation deterministic mode and endpoint-dependent mode tests for IPv4.

QoS Policer Metering

Ingress packet rate metering and marking for IPv4, IPv6.

SRv6

Segment routing over IPv6, base and proxy.

Tap Interface

Baseline Linux tap interface tests.

VLAN Tag

L2 VLAN subinterfaces.

Vhost-user Interface

Baseline VPP vhost-user interface tests.

VXLAN

VXLAN overlay tunneling for L2-over-IPv4 and -over-IPv6.

Tests Naming

CSIT-2302 follows a common structured naming convention for all performance and system functional tests.

The naming should be intuitive for majority of the tests. Complete description of CSIT test naming convention is provided on Test Naming.