CSIT VPP functional tests are executed in VM-based virtual topologies created on demand using VIRL simulation platform contributed by Cisco. VIRL runs on physical baremetal servers hosted by LF FD.io project. Based on the packet path thru SUT VMs, two distinct logical topology types are used for VPP DUT data plane testing:
- vNIC-to-vNIC switching topologies.
- Nested-VM service switching topologies.
The simplest virtual topology for software data plane application like VPP is vNIC-to-vNIC switching. Tested virtual topologies for 2-Node and 3-Node testbeds are shown in figures below.
SUT1 and SUT2 are two VMs (running Ubuntu or Centos, depending on the test suite), TG is a Traffic Generator (running Ubuntu VM). SUTs run VPP SW application in Linux user-mode as a Device Under Test (DUT) within the VM. TG runs Scapy SW application as a packet Traffic Generator. Network connectivity between SUTs and to TG is provided using virtual NICs and VMs’ virtio drivers.
Virtual testbeds are created on-demand whenever a verification job is started (e.g. triggered by the gerrit patch submission) and destroyed upon completion of all functional tests. Each node is a Virtual Machine and each connection that is drawn on the diagram is available for use in any test case. During the test execution, all nodes are reachable thru the Management network connected to every node via dedicated virtual NICs and virtual links (not shown above for clarity).
Nested-VM Service Switching¶
Nested-VM (Virtual Machine) service switching topology test cases require VPP DUT to communicate with nested-VM(s) over vhost-user virtual interfaces. Nested-VM(s) is(are) created on SUT1 and/or SUT2 for the duration of these particular test cases only. Virtual test topology with nested-VM(s) is shown in the figure below.
Functional Tests Coverage¶
CSIT-1904 includes following VPP functionality tested in virtual VM environment:
|ACL||Ingress Access Control List security for L2 Bridge-Domain MAC switching, IPv4 routing, IPv6 routing.|
|COP||COP address white-list and black-list filtering for IPv4 and IPv6 routing.|
|DHCP||Dynamic Host Control Protocol Client and Proxy for IPv4 and IPv6 routing.|
|GRE||Generic Routing Encapsulation Overlay Tunnels for IPv4.|
|IPSec||IPSec tunnel and transport modes.|
|IPv4||IPv4 routing, RPF, ARP, Proxy ARP, ICMPv4.|
|IPv6||IPv6 routing, NS/ND, RA, ICMPv6.|
|L2BD||L2 Bridge-Domain switching for untagged Ethernet, dot1q and dot1ad tagged.|
|L2XC||L2 Cross-Connect switching for untagged Ethernet, dot1q and dot1ad tagged.|
|LISP||Locator/ID Separation Protocol overlay tunnels and locator/id mapping control.|
|QoS Policer Metering||Ingress packet rate metering and marking for IPv4, IPv6.|
|Softwire Tunnels||IPv4-in-IPv6 softwire tunnels.|
|Tap Interface||Baseline Linux tap interface tests.|
|IPFIX and SPAN||Telemetry IPFIX netflow statistics and SPAN port mirroring.|
|uRPF Source Security||Unicast Reverse Path Forwarding security for IPv4 and IPv6 routing.|
|VLAN Tag Translation||L2 VLAN tag translation 2to2, 2to1, 1to2, 1to1.|
|VRF Routing||Multi-context VRF IPVPN routing for IPv4 and IPv6.|
|VXLAN||VXLAN overlay tunneling for L2-over-IPv4 and -over-IPv6.|